Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• sevctl

  • Dependency bitfield 0.15.0 is significantly outdated

    Consider upgrading to 0.19.0 to get all the fixes and improvements.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    bitfield versions

  • Dependency env_logger 0.8.4 is significantly outdated

    Consider upgrading to 0.11.8 to get all the fixes and improvements.

    env_logger versions

  • Dependency base64 0.13.0 is outdated

    Consider upgrading to 0.22.1 to get all the fixes and improvements.

    base64 versions

  • Dependency bincode 1.3.3 is slightly outdated

    Consider upgrading to 2.0.1 to get all the fixes and improvements.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    bincode versions

  • Dependency clap <4.5 is outdated

    Consider upgrading to 4.5.37 to get all the fixes and improvements.

    clap versions

  • Dependency colorful 0.2.2 is a bit outdated

    Consider upgrading to 0.3.2 to get all the fixes and improvements.

    colorful versions

  • Dependency sev 5.0.0 is outdated

    Consider upgrading to 6.0.0 to get all the fixes and improvements.

    sev versions

  • Using outdated edition for no reason

    We estimate that this crate requires at least Rust 1.80, which is newer than the last 2018-edition compiler. You can upgrade without breaking any compatibility. Run cargo fix --edition and update edition="…" in Cargo.toml.

    Using the latest edition helps avoid old quirks of the compiler, and ensures Rust code has consistent syntax and behavior across all projects.

    The Edition Guide

• rcrt1

  • Dependency goblin 0.6 is significantly outdated

    Upgrade to 0.9.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    goblin versions

• uds_windows

  • Failed to verify create's content against its repository

    Partially verified 13 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v1.1.0'.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.

    Fetched https://github.com/haraldh/rust_uds_windows.git fb5e294a1c7430cfacc19e8fad6332a1abb33a95.

    Checked on 2024-08-10

    This check is experimental.

    Forum thread

  • Imprecise dependency requirement tempfile = 3

    Cargo does not always pick latest versions of dependencies! Specify the version as tempfile = "3.19.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with -Z minimal-versions Cargo option, because it's very easy to accidentally use a feature added in a later version.

    tempfile versions

• xsave

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["…"] to the Cargo.toml.

    Even if there are no categories that fit precisely, pick one that is least bad. You can also propose new categories in crates.io issue tracker.

    List of available categories

  • Dependency bitflags ^1.3.2 is outdated

    Upgrade to 2.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bitflags versions

  • Missing keywords

    Help users find your crates. Add keywords = ["semantic", "xsave", "field", "semantics"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• rcrt1, vdso, sallyport

  • Latest stable release is old

    It's been over 2 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Users pay attention to the latest release date. Even if the crate is perfectly fine as-is, users may not know that.

    Maintenance status field docs

• enarx

  • No repository property

    Specify git repository URL in Cargo.toml to help users find more information, contribute, and for lib.rs to read more info.

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["wasm"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["enarx", "keep", "confidential", "wasm"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• colored_json, intel-dcap-api

  • Imprecise dependency requirement serde = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as serde = "1.0.219". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    This crate does not bump semver-minor when adding new features, so to be safe you get all the features/APIs/fixes that your crate depends on, require a more specific patch version.

    serde versions

• varlink, crt0stack

  • Latest stable release is old

    It's been over 4 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• varlink_stdinterfaces, bash_plugin_rs, hello_bash_plugin

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["…"] to the Cargo.toml.

    List of available categories

• teepot-tee-quote-verification-rs

  • Imprecise dependency requirement serde = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as serde = "1.0.219". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    serde versions

  • docs.rs build failed

    docs.rs site failed to build the crate, so users will have trouble finding the documentation. Docs.rs supports multiple platforms and custom configurations, so you can make the build work even if normal crate usage has special requirements.

    Docs.rs doesn't need to run or even link any code, so system dependencies can simply be skipped. You can also set cfg() flags just for docs.rs and use them to hide problematic code.

    Detecting docs.rs

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["hardware-support"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["intel-sgx", "quote", "tee", "teepot", "verification"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• vdso

  • Dependency goblin 0.6.0 is significantly outdated

    Upgrade to 0.9.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    goblin versions

• varlink_parser

  • Dependency ansi_term 0.12.1 has issues

    It may not be actively developed any more. Consider changing the dependency.

    ansi_term crate

  • Dependency peg 0.6.3 is significantly outdated

    Upgrade to 0.8.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    peg versions

• teepot

  • Dependency pgp 0.11 is significantly outdated

    Upgrade to 0.15.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    pgp versions

  • Dependency rustls 0.22 is significantly outdated

    Upgrade to 0.23.27 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls versions

  • docs.rs build failed

    docs.rs site failed to build the crate, so users will have trouble finding the documentation. Docs.rs supports multiple platforms and custom configurations, so you can make the build work even if normal crate usage has special requirements.

    Detecting docs.rs

  • Dependency const-oid 0.9 is slightly outdated

    Consider upgrading to 0.10.1 to get all the fixes and improvements.

    const-oid versions

  • Dependency getrandom 0.2.12 is outdated

    Upgrade to 0.3.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    getrandom versions

  • Dependency rand 0.8 is a bit outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    rand versions

  • Dependency thiserror 1.0.58 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Dependency webpki-roots 0.26.1 is outdated

    Upgrade to 1.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    webpki-roots versions

  • Imprecise dependency requirement actix-http = 3

    Cargo does not always pick latest versions of dependencies! Specify the version as actix-http = "3.10.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    actix-http versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["cryptography"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["intel-sgx", "authentication", "signature", "vault", "manager"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• varlink

  • License MIT/Apache-2.0 is not in SPDX syntax

    Use OR instead of /.

    SPDX license list

• intel-dcap-api

  • No readme property

    Specify path to a README file for the project, so that information about is included in the crates.io tarball.

• xsave, testaso

  • Latest stable release is old

    It's been over 3 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• varlink-cli

  • Dependency bitflags 1.2.1 is outdated

    Consider upgrading to 2.9.0 to get all the fixes and improvements.

    bitflags versions

  • Dependency clap 2.33.0 is outdated

    Consider upgrading to 4.5.37 to get all the fixes and improvements.

    clap versions

  • Dependency colored_json 2.1.0 is outdated

    Consider upgrading to 5.0.0 to get all the fixes and improvements.

    colored_json versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["command-line-utilities", "os::unix-apis"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["varlink", "varlink-cli", "tool", "information", "subcommand"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• teepot, varlink_stdinterfaces, teepot-tee-quote-verification-rs, x86_64-linux-nolibc, bash_plugin_rs, hello_bash_plugin, varlink_derive

  • README missing from crate tarball

    Cargo sometimes fails to package the README file. Ensure the path to the README in Cargo.toml is valid, and points to a file inside the crate's directory.

• varlink_generator

  • Dependency syn 1.0.8 is significantly outdated

    Upgrade to 2.0.101 to get all the fixes, and avoid causing duplicate dependencies in projects.

    syn versions

• x86_64-linux-nolibc

  • README missing from the repository

    We've searched https://github\.com/haraldh/x86\_64\-linux\-nolibc\.git and could not find a README file there.

• sallyport

  • Dependency gdbstub 0.6 is outdated

    Upgrade to 0.7.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    gdbstub versions

  • Dependency goblin 0.5 is outdated

    Consider upgrading to 0.9.3 to get all the fixes and improvements.

    goblin versions

• varlink_stdinterfaces

  • Imprecise dependency requirement varlink_generator = 10

    Cargo does not always pick latest versions of dependencies! Specify the version as varlink_generator = "10.1.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    varlink_generator versions

  • Missing keywords

    Help users find your crates. Add keywords = ["interface", "varlink", "varlink-stdinterfaces", "info"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• varlink_generator, varlink-cli, varlink_parser, bash_plugin_rs

  • Latest stable release is old

    It's been over 3 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• varlink_generator, varlink_stdinterfaces, varlink-cli, varlink_parser, array-const-fn-init, varlink_derive

  • License MIT/Apache-2.0 is not in SPDX syntax

    Use OR instead of /.

    SPDX license list

• varlink_generator, varlink-cli, varlink_parser

  • Dependency chainerror 0.7.0 is slightly outdated

    Consider upgrading to 1.0.0 to get all the fixes and improvements.

    chainerror versions

• varlink_stdinterfaces, dynqueue, array-const-fn-init

  • Latest stable release is old

    It's been over 4 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• bash_plugin_rs

  • Dependency bindgen 0.59.1 is significantly outdated

    Upgrade to 0.71.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bindgen versions

  • Missing keywords

    Help users find your crates. Add keywords = ["plugin", "bash-plugin-rs", "bash"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• enarx-config

  • Dependency toml 0.5.9 is outdated

    Upgrade to 0.8.22 to get all the fixes, and avoid causing duplicate dependencies in projects.

    toml versions

• hello_bash_plugin

  • Latest stable release is old

    It's been over 6 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    If the crate is truly stable, why not make a 1.0.0 release?

    Maintenance status field docs

  • Dependency bash_plugin_rs 0.1.0 is slightly outdated

    Consider upgrading to 0.2.0 to get all the fixes and improvements.

    bash_plugin_rs versions

  • Missing keywords

    Help users find your crates. Add keywords = ["plugin", "bash-plugin-rs", "hello"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• varlink_derive

  • Dependency varlink_generator 8.0 is outdated

    Upgrade to 10.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    varlink_generator versions

  • Latest stable release is old

    It's been over 5 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

No issues found in: memo128 chainerror enarx_test_011

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.