This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate dbg-swc

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.571.0.57up to date
 clap^33.1.18up to date
 rayon^1.5.21.5.2up to date
 sha1^0.10.10.10.1up to date
 tempdir^0.3.70.3.7up to date
 tracing^0.1.340.1.34up to date
 tracing-subscriber^0.3.110.3.11up to date
 url^22.2.2up to date

Crate jsdoc

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 nom^7.1.07.1.1up to date
 serde^11.0.137up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 dashmap^5.1.05.3.3up to date

Crate binding_core_node

Dependencies

(13 total, 1 outdated)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 backtrace^0.30.3.65up to date
 napi^22.4.3up to date
 napi-derive^22.4.1up to date
 path-clean^0.10.1.0up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 tracing^0.1.320.1.34up to date
 tracing-chrome^0.5.00.6.0out of date
 tracing-futures^0.2.50.2.5up to date
 tracing-subscriber^0.3.90.3.11up to date
 wasmer^2.2.12.2.1up to date
 wasmer-wasi^2.2.12.2.1up to date

Build dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 napi-build^12.0.0out of date

Crate binding_core_wasm

Dependencies

(12 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.421.0.57up to date
 console_error_panic_hook^0.1.60.1.7up to date
 js-sys^0.3.560.3.57up to date
 once_cell^1.10.01.10.0up to date
 parking_lot_core^0.9.10.9.3up to date
 path-clean^0.10.1.0up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 tracing^0.1.320.1.34up to date
 wasm-bindgen^0.20.2.80up to date
 wasmer^2.2.12.2.1up to date
 wasmer-wasi^2.2.12.2.1up to date

Crate binding_css_node

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 napi^22.4.3up to date
 napi-derive^22.4.1up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 tracing^0.1.320.1.34up to date
 tracing-subscriber^0.3.90.3.11up to date

Build dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 napi-build^12.0.0out of date

Crate swc_cli

Dependencies

(16 total, 1 outdated)

CrateRequiredLatestStatus
 anyhow^1.0.531.0.57up to date
 atty^0.2.140.2.14up to date
 clap^3.1.03.1.18up to date
 glob^0.3.00.3.0up to date
 rayon^11.5.2up to date
 relative-path^1.6.11.7.0up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 tracing^0.1.320.1.34up to date
 tracing-chrome^0.5.00.6.0out of date
 tracing-futures^0.2.50.2.5up to date
 tracing-subscriber^0.3.90.3.11up to date
 walkdir^22.3.2up to date
 wasmer^2.2.12.2.1up to date
 wasmer-wasi^2.2.12.2.1up to date
 path-absolutize^3.0.113.0.13up to date

Crate swc_css

No external dependencies! 🙌

Crate swc_css_lints

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 auto_impl^0.5.00.5.0up to date
 parking_lot^0.12.00.12.0up to date
 rayon^1.5.11.5.2up to date
 serde^1.0.1331.0.137up to date
 thiserror^1.0.301.0.31up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.791.0.81up to date

Crate swc_css_prefixer

No external dependencies! 🙌

Crate swc_ecmascript

No external dependencies! 🙌

Crate swc_ecma_lints

Dependencies

(7 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.70.7.6up to date
 auto_impl^0.5.00.5.0up to date
 dashmap^5.1.05.3.3up to date
 parking_lot^0.12.00.12.0up to date
 rayon^1.5.11.5.2up to date
 regex ⚠️^11.5.5maybe insecure
 serde^1.0.1331.0.137up to date

Crate swc_ecma_quote

No external dependencies! 🙌

Crate swc_estree_compat

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.00.7.6up to date
 anyhow^11.0.57up to date
 copyless^0.1.50.1.5up to date
 rayon^1.5.01.5.2up to date
 serde^11.0.137up to date
 serde_json^1.0.621.0.81up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date
 pretty_assertions^1.11.2.1up to date
 walkdir^22.3.2up to date

Crate swc_html

No external dependencies! 🙌

Crate swc_plugin

No external dependencies! 🙌

Crate swc_plugin_macro

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_plugin_runner

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.421.0.57up to date
 once_cell^1.10.01.10.0up to date
 parking_lot^0.12.00.12.0up to date
 serde^1.0.1261.0.137up to date
 serde_json^1.0.641.0.81up to date
 tracing^0.1.320.1.34up to date
 wasmer^2.2.12.2.1up to date
 wasmer-wasi^2.2.12.2.1up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date
 wasmer^2.2.12.2.1up to date
 wasmer-wasi^2.2.12.2.1up to date

Crate swc_plugin_testing

No external dependencies! 🙌

Crate swc_plugin_proxy

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 rkyv^0.7.370.7.38up to date

Crate swc_timer

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tracing^0.1.320.1.34up to date

Crate swc_webpack_ast

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.481.0.57up to date
 rayon^1.5.11.5.2up to date
 serde^11.0.137up to date
 serde_json^1.0.721.0.81up to date
 tracing^0.1.320.1.34up to date

Crate swc_atoms

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 string_cache^0.8.40.8.4up to date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 string_cache_codegen^0.5.20.5.2up to date

Crate swc_common

Dependencies

(20 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 anyhow^1.0.451.0.57up to date
 arbitrary^11.1.0up to date
 atty^0.20.2.14up to date
 cfg-if^1.0.01.0.0up to date
 debug_unreachable^0.1.10.1.1up to date
 either^1.51.6.1up to date
 num-bigint^0.40.4.3up to date
 once_cell^1.10.01.10.0up to date
 parking_lot^0.12.00.12.0up to date
 rkyv^0.7.370.7.38up to date
 rustc-hash^1.1.01.1.0up to date
 serde^1.0.1191.0.137up to date
 siphasher^0.3.90.3.10up to date
 sourcemap^66.0.2up to date
 string_cache^0.8.40.8.4up to date
 termcolor^1.01.1.3up to date
 tracing^0.1.320.1.34up to date
 unicode-width^0.1.40.1.9up to date
 url^2.2.22.2.2up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date
 rayon^11.5.2up to date
 serde_json^11.0.81up to date

Crate swc_ecma_ast

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 arbitrary^11.1.0up to date
 is-macro^0.2.00.2.0up to date
 num-bigint^0.40.4.3up to date
 rkyv^0.7.370.7.38up to date
 serde^1.0.1331.0.137up to date
 unicode-id^0.30.3.2up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^11.0.81up to date

Crate swc_ecma_codegen

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 bitflags^11.3.2up to date
 memchr^2.4.12.5.0up to date
 num-bigint^0.40.4.3up to date
 once_cell^1.10.01.10.0up to date
 rustc-hash^1.1.01.1.0up to date
 sourcemap^66.0.2up to date
 tracing^0.1.320.1.34up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date

Crate swc_ecma_minifier

Dependencies

(15 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.60.7.6up to date
 arrayvec^0.7.20.7.2up to date
 backtrace^0.3.610.3.65up to date
 indexmap^1.7.01.8.1up to date
 once_cell^1.10.01.10.0up to date
 parking_lot^0.12.00.12.0up to date
 pretty_assertions^1.11.2.1up to date
 rayon^1.5.11.5.2up to date
 regex ⚠️^1.5.31.5.5maybe insecure
 retain_mut^0.1.20.1.7up to date
 rustc-hash^1.1.01.1.0up to date
 serde^1.0.1181.0.137up to date
 serde_json^1.0.611.0.81up to date
 tracing^0.1.320.1.34up to date
 unicode-id^0.3.00.3.2up to date

Dev dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 ansi_term^0.12.10.12.1up to date
 anyhow^11.0.57up to date
 criterion^0.3.50.3.5up to date
 pretty_assertions^1.11.2.1up to date
 walkdir^22.3.2up to date

Crate swc_ecma_parser

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.41.6.1up to date
 lexical^6.1.06.1.0up to date
 num-bigint^0.40.4.3up to date
 serde^11.0.137up to date
 smallvec^1.8.01.8.0up to date
 tracing^0.1.320.1.34up to date
 typed-arena^2.0.12.0.1up to date
 unicode-id^0.30.3.2up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date
 pretty_assertions^1.11.2.1up to date
 serde_json^11.0.81up to date
 walkdir^22.3.2up to date

Crate swc_ecma_transforms_base

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.10.01.10.0up to date
 phf^0.100.10.1up to date
 rayon^11.5.2up to date
 rustc-hash^1.1.01.1.0up to date
 serde^11.0.137up to date
 smallvec^1.8.01.8.0up to date
 tracing^0.1.320.1.34up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date

Crate swc_ecma_visit

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 num-bigint^0.40.4.3up to date
 tracing^0.1.320.1.34up to date

Crate swc_error_reporters

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 miette^4.2.14.7.0up to date
 once_cell^11.10.0up to date
 parking_lot^0.12.00.12.0up to date

Crate testing

Dependencies

(8 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ansi_term^0.12.10.12.1up to date
 difference^22.0.0up to date
 once_cell^1.10.01.10.0up to date
 pretty_assertions^1.11.2.1up to date
 regex ⚠️^11.5.5maybe insecure
 serde_json^1.0.711.0.81up to date
 tracing^0.1.320.1.34up to date
 tracing-subscriber^0.3.90.3.11up to date

Crate binding_commons

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 napi^22.4.3up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 tracing^0.1.320.1.34up to date
 tracing-subscriber^0.3.90.3.11up to date

Crate node_macro_deps

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date

Crate swc

Dependencies

(19 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 anyhow^11.0.57up to date
 base64^0.13.00.13.0up to date
 dashmap^5.1.05.3.3up to date
 either^11.6.1up to date
 indexmap^11.8.1up to date
 json_comments^0.2.00.2.1up to date
 lru^0.7.10.7.5up to date
 once_cell^1.10.01.10.0up to date
 parking_lot^0.12.00.12.0up to date
 pathdiff^0.2.00.2.1up to date
 regex ⚠️^11.5.5maybe insecure
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 sourcemap^66.0.2up to date
 tracing^0.1.320.1.34up to date
 rustc-hash^1.1.01.1.0up to date
 napi-derive^2.0.02.4.1up to date
 napi^2.0.02.4.3up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 ansi_term^0.120.12.1up to date
 criterion^0.30.3.5up to date
 rayon^1.5.11.5.2up to date
 walkdir^22.3.2up to date

Crate swc_bundler

Dependencies

(14 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.70.7.6up to date
 anyhow^11.0.57up to date
 crc^2.1.03.0.0out of date
 dashmap^5.1.05.3.3up to date
 indexmap^1.61.8.1up to date
 is-macro^0.2.00.2.0up to date
 once_cell^1.10.01.10.0up to date
 parking_lot^0.12.00.12.0up to date
 petgraph^0.60.6.0up to date
 radix_fmt^11.0.0up to date
 rayon^11.5.2up to date
 relative-path^1.21.7.0up to date
 retain_mut^0.1.20.1.7up to date
 tracing^0.1.320.1.34up to date

Dev dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 hex^0.40.4.3up to date
 ntest^0.7.20.7.5up to date
 path-clean=0.1.00.1.0up to date
 reqwest^0.11.40.11.10up to date
 sha-1^0.100.10.0up to date
 tempfile^3.1.03.3.0up to date
 url^2.1.12.2.2up to date

Crate swc_ecma_loader

Dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 anyhow^1.0.411.0.57up to date
 dashmap^5.1.05.3.3up to date
 lru^0.7.10.7.5up to date
 once_cell^1.9.01.10.0up to date
 parking_lot^0.12.00.12.0up to date
 path-clean=0.1.00.1.0up to date
 serde^11.0.137up to date
 serde_json^1.0.641.0.81up to date
 tracing^0.1.320.1.34up to date
 pathdiff^0.2.10.2.1up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 lazy_static^1.4.01.4.0up to date

Crate swc_node_bundler

Dependencies

(8 total, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 dashmap^5.1.05.3.3up to date
 is-macro^0.2.00.2.0up to date
 once_cell^1.10.01.10.0up to date
 regex ⚠️^11.5.5maybe insecure
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 tracing^0.1.320.1.34up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.11.2.1up to date

Crate swc_css_ast

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 is-macro^0.2.00.2.0up to date
 serde^1.0.1271.0.137up to date

Crate swc_css_codegen

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 auto_impl^0.5.00.5.0up to date
 bitflags^1.3.21.3.2up to date

Crate swc_css_minifier

No external dependencies! 🙌

Crate swc_css_parser

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 bitflags^1.2.11.3.2up to date
 lexical^6.1.06.1.0up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 serde^1.0.1271.0.137up to date
 serde_json^1.0.661.0.81up to date

Crate swc_trace_macro

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_css_utils

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.10.01.10.0up to date
 serde^1.0.1181.0.137up to date
 serde_json^1.0.611.0.81up to date

Crate swc_css_visit

No external dependencies! 🙌

Crate swc_cached

Dependencies

(6 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.60.7.6up to date
 anyhow^1.0.551.0.57up to date
 dashmap^5.1.05.3.3up to date
 once_cell^1.10.01.10.0up to date
 regex ⚠️^1.5.41.5.5maybe insecure
 serde^1.0.1361.0.137up to date

Crate swc_ecma_dep_graph

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.11.2.1up to date

Crate swc_ecma_preset_env

Dependencies

(9 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 anyhow^11.0.57up to date
 dashmap^5.1.05.3.3up to date
 indexmap^1.6.21.8.1up to date
 once_cell^1.10.01.10.0up to date
 semver^1.0.41.0.9up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 st-map^0.1.20.1.6up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date
 pretty_assertions^1.11.2.1up to date

Crate swc_ecma_transforms

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.11.2.1up to date
 sourcemap^66.0.2up to date
 tempfile^33.3.0up to date

Crate swc_ecma_utils

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 indexmap^11.8.1up to date
 once_cell^1.10.01.10.0up to date
 rayon^1.5.11.5.2up to date
 tracing^0.1.320.1.34up to date

Crate swc_config

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 indexmap^11.8.1up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date

Crate swc_ecma_quote_macros

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_estree_ast

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.137up to date
 serde_json^11.0.81up to date

Crate swc_node_comments

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.60.7.6up to date
 dashmap^5.1.05.3.3up to date

Crate swc_html_ast

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 is-macro^0.2.00.2.0up to date
 serde^1.0.1271.0.137up to date

Crate swc_html_codegen

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 auto_impl^0.5.00.5.0up to date
 bitflags^1.3.21.3.2up to date

Crate swc_html_minifier

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.611.0.81up to date

Crate swc_html_parser

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 bitflags^1.2.11.3.2up to date
 lexical^6.1.06.1.0up to date
 once_cell^1.10.01.10.0up to date
 serde^1.0.1181.0.137up to date
 serde_json^1.0.611.0.81up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 serde^1.0.1271.0.137up to date
 serde_json^1.0.661.0.81up to date

Crate swc_html_visit

No external dependencies! 🙌

Crate swc_node_base

No external dependencies! 🙌

Crate better_scoped_tls

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 scoped-tls^1.0.01.0.0up to date

Crate swc_ecma_transforms_testing

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 ansi_term^0.12.10.12.1up to date
 anyhow^11.0.57up to date
 hex^0.4.30.4.3up to date
 serde^11.0.137up to date
 serde_json^11.0.81up to date
 sha-1^0.100.10.0up to date
 tempfile^3.1.03.3.0up to date

Crate ast_node

Dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 darling^0.130.14.1out of date
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate from_variant

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.30.5.3up to date
 proc-macro2^11.0.38up to date
 syn^11.0.93up to date

Crate swc_eq_ignore_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.30.5.3up to date
 proc-macro2^1.0.241.0.38up to date
 quote^1.0.71.0.18up to date
 syn^11.0.93up to date

Crate swc_visit

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.5.31.6.1up to date

Crate string_enum

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.137up to date

Crate swc_ecma_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 syn^11.0.93up to date
 quote^11.0.18up to date

Crate swc_ecma_transforms_optimization

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 dashmap^5.1.05.3.3up to date
 indexmap^1.6.11.8.1up to date
 once_cell^1.10.01.10.0up to date
 rayon^1.5.11.5.2up to date
 rustc-hash^1.1.01.1.0up to date
 serde_json^1.0.611.0.81up to date
 tracing^0.1.320.1.34up to date

Crate enum_kind

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 syn^11.0.93up to date

Crate swc_ecma_transforms_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate testing_macros

Dependencies

(8 total, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^11.0.57up to date
 glob^0.30.3.0up to date
 pmutil^0.5.10.5.3up to date
 proc-macro2^1.0.241.0.38up to date
 quote^11.0.18up to date
 regex ⚠️^11.5.5maybe insecure
 relative-path^1.3.21.7.0up to date
 syn^11.0.93up to date

Crate swc_ecma_ext_transforms

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 phf^0.100.10.1up to date

Crate swc_ecma_transforms_compat

Dependencies

(10 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 arrayvec^0.7.20.7.2up to date
 indexmap^1.6.11.8.1up to date
 is-macro^0.2.00.2.0up to date
 num-bigint^0.40.4.3up to date
 ordered-float^2.0.13.0.0out of date
 rayon^1.5.11.5.2up to date
 serde^1.0.1181.0.137up to date
 smallvec^1.8.01.8.0up to date
 tracing^0.1.320.1.34up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.661.0.81up to date

Crate swc_fast_graph

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.60.7.6up to date
 indexmap^1.7.01.8.1up to date
 petgraph^0.60.6.0up to date

Crate swc_graph_analyzer

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.60.7.6up to date
 auto_impl^0.5.00.5.0up to date
 petgraph^0.6.00.6.0up to date
 tracing^0.1.320.1.34up to date

Crate swc_ecma_transforms_proposal

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.6.11.6.1up to date
 serde^1.0.1181.0.137up to date
 smallvec^1.8.01.8.0up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.661.0.81up to date

Crate swc_ecma_transforms_react

Dependencies

(8 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 base64^0.13.00.13.0up to date
 dashmap^5.1.05.3.3up to date
 indexmap^1.6.11.8.1up to date
 once_cell^1.10.01.10.0up to date
 regex ⚠️^1.4.21.5.5maybe insecure
 serde^1.0.1181.0.137up to date
 sha-1^0.10.00.10.0up to date

Crate swc_ecma_transforms_typescript

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^1.0.1181.0.137up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date

Crate swc_css_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate preset_env_base

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.7.40.7.6up to date
 anyhow^11.0.57up to date
 browserslist-rs=0.10.00.10.0up to date
 dashmap^5.1.05.3.3up to date
 once_cell^1.10.01.10.0up to date
 semver^1.0.41.0.9up to date
 serde^11.0.137up to date
 st-map^0.1.20.1.6up to date

Crate swc_ecma_transforms_module

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 Inflector^0.11.40.11.4up to date
 ahash^0.7.40.7.6up to date
 anyhow^1.0.411.0.57up to date
 indexmap^1.8.01.8.1up to date
 pathdiff^0.2.00.2.1up to date
 serde^1.0.1181.0.137up to date
 tracing^0.1.320.1.34up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 indexmap^11.8.1up to date
 serde_json^11.0.81up to date

Crate swc_config_macro

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.30.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_macros_common

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_html_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_visit_macros

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 Inflector^0.11.40.11.4up to date
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.38up to date
 quote^11.0.18up to date
 syn^11.0.93up to date

Crate swc_ecma_transforms_classes

No external dependencies! 🙌

Security Vulnerabilities

regex: Regexes with large repetitions on empty sub-expressions take a very long time to parse

RUSTSEC-2022-0013

The Rust Security Response WG was notified that the regex crate did not properly limit the complexity of the regular expressions (regex) it parses. An attacker could use this security issue to perform a denial of service, by sending a specially crafted regex to a service accepting untrusted regexes. No known vulnerability is present when parsing untrusted input with trusted regexes.

This issue has been assigned CVE-2022-24713. The severity of this vulnerability is "high" when the regex crate is used to parse untrusted regexes. Other uses of the regex crate are not affected by this vulnerability.

Overview

The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API.

Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes.

Affected versions

All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5.

Mitigations

We recommend everyone accepting user-controlled regexes to upgrade immediately to the latest version of the regex crate.

Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, we do not recommend denying known problematic regexes.

Acknowledgements

We want to thank Addison Crump for responsibly disclosing this to us according to the Rust security policy, and for helping review the fix.

We also want to thank Andrew Gallant for developing the fix, and Pietro Albini for coordinating the disclosure and writing this advisory.