Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• dns-message-parser

  • Imprecise dependency requirement bytes = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as bytes = "1.10.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with -Z minimal-versions Cargo option, because it's very easy to accidentally use a feature added in a later version.

    bytes versions

• dbus-async

  • Dependency async-recursion ~0.3.2 is significantly outdated

    Upgrade to 1.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    async-recursion versions

  • Dependency retain_mut ~0.1.5 has issues

    It may not be actively developed any more. Consider changing the dependency.

    retain_mut crate

  • Dependency tokio ~1.15.0 is significantly outdated

    Upgrade to 1.43.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio versions

  • Dependency bitflags ~1.3.2 is outdated

    Upgrade to 2.8.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bitflags versions

  • Dependency lru ~0.7.0 is significantly outdated

    Upgrade to 0.13.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    lru versions

  • Dependency thiserror ~1.0.30 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• doh-client

  • Dependency clap ~3.2.8 is significantly outdated

    Upgrade to 4.5.28 to get all the fixes, and avoid causing duplicate dependencies in projects.

    clap versions

  • Dependency lazy_static ~1.4.0 is significantly outdated

    Upgrade to 1.5.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    lazy_static versions

  • Dependency tokio ~1.19.2 is significantly outdated

    Upgrade to 1.43.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio versions

  • Dependency base64 ~0.13.0 is outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency dns-message-parser ~0.6.0 is outdated

    Upgrade to 0.8.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    dns-message-parser versions

  • Dependency env_logger ~0.9.0 is outdated

    Upgrade to 0.11.6 to get all the fixes, and avoid causing duplicate dependencies in projects.

    env_logger versions

  • Dependency h2 ~0.3.13 is a bit outdated

    Consider upgrading to 0.4.7 to get all the fixes and improvements.

    h2 versions

  • Dependency http ~0.2.8 is outdated

    Consider upgrading to 1.2.0 to get all the fixes and improvements.

    http versions

  • Dependency lru ~0.7.7 is significantly outdated

    Upgrade to 0.13.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    lru versions

  • Dependency rustls ~0.20.6 is outdated

    Upgrade to 0.23.22 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls versions

  • Dependency rustls-native-certs ~0.6.2 is outdated

    Upgrade to 0.8.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls-native-certs versions

  • Dependency rustls-pemfile ~1.0.0 is outdated

    Consider upgrading to 2.2.0 to get all the fixes and improvements.

    rustls-pemfile versions

  • Dependency thiserror ~1.0.31 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Dependency tokio-rustls ~0.23.4 is outdated

    Upgrade to 0.26.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio-rustls versions

  • Dependency windows-service ~0.4.0 is outdated

    Upgrade to 0.7.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    windows-service versions

• dbus-message-parser

  • Dependency lazy_static ~1.4.0 is significantly outdated

    Upgrade to 1.5.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    lazy_static versions

  • Dependency bitflags ~1.3.1 is outdated

    Upgrade to 2.8.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bitflags versions

  • Dependency thiserror ~1.0.26 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• doh-client, dbus-message-parser, dbus-async

  • Dependency bytes ~1.1.0 is significantly outdated

    Upgrade to 1.10.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bytes versions

• dns-stamp-parser

  • Dependency thiserror 1 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Imprecise dependency requirement bitflags = 2

    Cargo does not always pick latest versions of dependencies! Specify the version as bitflags = "2.8.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    bitflags versions

• async-http-proxy

  • Dependency base64 0.13.0 is outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency thiserror 1.0.30 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• dbus-message-parser, dbus-async, dbus-server-address-parser

  • Latest stable release is old

    It's been over 3 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Users pay attention to the latest release date. Even if the crate is perfectly fine as-is, users may not know that.

    Maintenance status field docs

• proc-macro-regex

  • Dependency regex-syntax ~0.6.26 is significantly outdated

    Upgrade to 0.8.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    regex-syntax versions

  • Dependency syn ~1.0.96 is significantly outdated

    Upgrade to 2.0.98 to get all the fixes, and avoid causing duplicate dependencies in projects.

    syn versions

  • Dependency thiserror ~1.0.31 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• dbus-server-address-parser

  • Dependency thiserror ~1.0.26 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• dbus-async-derive

  • Dependency syn 1.0.53 is significantly outdated

    Upgrade to 2.0.98 to get all the fixes, and avoid causing duplicate dependencies in projects.

    syn versions

  • Latest stable release is old

    It's been over 4 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.