Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• uhg-custom-appollo-roouter

  • Dependency apollo-compiler =1.0.0-beta.24 is significantly outdated

    Upgrade to 1.28.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    apollo-compiler versions

  • Dependency aws-sdk-sso =1.39.0 is significantly outdated

    Upgrade to 1.66.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    aws-sdk-sso versions

  • Dependency aws-sdk-ssooidc =1.40.0 is significantly outdated

    Upgrade to 1.67.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    aws-sdk-ssooidc versions

  • Dependency aws-sdk-sts =1.39.0 is significantly outdated

    Upgrade to 1.67.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    aws-sdk-sts versions

  • Dependency fred 7.1.2 is significantly outdated

    Upgrade to 10.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    fred versions

  • Dependency multimap 0.9.1 is significantly outdated

    Upgrade to 0.10.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    multimap versions

  • Dependency opentelemetry 0.20.0 is significantly outdated

    Upgrade to 0.29.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry versions

  • Dependency opentelemetry-jaeger 0.19.0 has issues

    It may not be actively developed any more. Consider changing the dependency.

    opentelemetry-jaeger crate

  • Dependency opentelemetry-prometheus 0.13.0 has issues

    It may not be actively developed any more. Consider changing the dependency.

    opentelemetry-prometheus crate

  • Dependency prost-types 0.12.6 is significantly outdated

    Upgrade to 0.13.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    prost-types versions

  • Dependency serde_yaml 0.8.26 has issues

    It may not be actively developed any more. Consider changing the dependency.

    serde_yaml crate

  • Dependency tracing-serde 0.1.3 is significantly outdated

    Upgrade to 0.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tracing-serde versions

  • Locked dependency version aws-sdk-sso =1.39.0

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    aws-sdk-sso versions

  • Locked dependency version aws-sdk-ssooidc =1.40.0

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    aws-sdk-ssooidc versions

  • Locked dependency version aws-sdk-sts =1.39.0

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    aws-sdk-sts versions

  • Locked dependency version router-bridge =0.6.4+v2.9.3

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    router-bridge versions

  • Locked dependency version rowan =0.15.15

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    rowan versions

  • Dependency apollo-federation =1.58.1 is outdated

    Upgrade to 2.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    apollo-federation versions

  • Dependency async-channel 1.9.0 is outdated

    Upgrade to 2.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    async-channel versions

  • Dependency axum 0.6.20 is outdated

    Upgrade to 0.8.4 to get all the fixes, and avoid causing duplicate dependencies in projects.

    axum versions

  • Dependency bloomfilter 1.0.13 is a bit outdated

    Consider upgrading to 3.0.1 to get all the fixes and improvements.

    bloomfilter versions

  • Dependency brotli 3.5.0 is outdated

    Upgrade to 8.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    brotli versions

  • Dependency buildstructor 0.5.4 is outdated

    Consider upgrading to 0.6.0 to get all the fixes and improvements.

    buildstructor versions

  • Dependency bytesize 1.3.0 is slightly outdated

    Consider upgrading to 2.0.1 to get all the fixes and improvements.

    bytesize versions

  • Dependency dashmap 5.5.3 is outdated

    Consider upgrading to 6.1.0 to get all the fixes and improvements.

    dashmap versions

  • Dependency derive_more 0.99.17 is outdated

    Upgrade to 2.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    derive_more versions

  • Dependency hickory-resolver 0.24.1 is outdated

    Consider upgrading to 0.25.2 to get all the fixes and improvements.

    hickory-resolver versions

  • Dependency http 0.2.11 is outdated

    Upgrade to 1.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    http versions

  • Dependency http-body 0.4.6 is outdated

    Upgrade to 1.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    http-body versions

  • Dependency http-serde 1.1.3 is outdated

    Upgrade to 2.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    http-serde versions

  • Dependency hyper 0.14.31 is outdated

    Upgrade to 1.6.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    hyper versions

  • Dependency hyper-rustls 0.24.2 is outdated

    Upgrade to 0.27.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    hyper-rustls versions

  • Dependency hyperlocal 0.8.0 is a bit outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    hyperlocal versions

  • Dependency itertools 0.13.0 is outdated

    Upgrade to 0.14.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    itertools versions

  • Dependency jsonpath-rust 0.3.5 is outdated

    Upgrade to 1.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    jsonpath-rust versions

  • Dependency jsonschema 0.17.1 is outdated

    Upgrade to 0.30.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    jsonschema versions

  • Dependency lru 0.12.3 is a bit outdated

    Consider upgrading to 0.14.0 to get all the fixes and improvements.

    lru versions

  • Dependency multer 2.1.0 is outdated

    Upgrade to 3.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    multer versions

  • Dependency notify 6.1.1 is outdated

    Upgrade to 8.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    notify versions

  • Dependency opentelemetry-aws 0.8.0 is outdated

    Upgrade to 0.17.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry-aws versions

  • Dependency opentelemetry-http 0.9.0 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry-http versions

  • Dependency opentelemetry-otlp 0.13.0 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry-otlp versions

  • Dependency opentelemetry-semantic-conventions 0.12.0 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry-semantic-conventions versions

  • Dependency opentelemetry-zipkin 0.18.0 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry-zipkin versions

  • Dependency opentelemetry_sdk 0.20.0 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opentelemetry_sdk versions

  • Dependency prometheus 0.13 is a bit outdated

    Consider upgrading to 0.14.0 to get all the fixes and improvements.

    prometheus versions

  • Dependency prost 0.12.6 is outdated

    Upgrade to 0.13.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    prost versions

  • Dependency rand 0.8.5 is a bit outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    rand versions

  • Dependency reqwest 0.11.0 is outdated

    Upgrade to 0.12.15 to get all the fixes, and avoid causing duplicate dependencies in projects.

    reqwest versions

  • Dependency rowan =0.15.15 is outdated

    Upgrade to 0.16.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rowan versions

  • Dependency rustls 0.21.12 is outdated

    Upgrade to 0.23.27 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls versions

  • Dependency rustls-native-certs 0.6.3 is outdated

    Upgrade to 0.8.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls-native-certs versions

  • Dependency rustls-pemfile 1.0.4 is outdated

    Upgrade to 2.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls-pemfile versions

  • Dependency strum_macros 0.26.0 is outdated

    Upgrade to 0.27.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    strum_macros versions

  • Dependency thiserror 1.0.61 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Dependency tokio-rustls 0.24.1 is outdated

    Upgrade to 0.26.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio-rustls versions

  • Dependency tokio-tungstenite 0.20.1 is outdated

    Upgrade to 0.26.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio-tungstenite versions

  • Dependency tonic 0.9.2 is outdated

    Upgrade to 0.13.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tonic versions

  • Dependency tonic-build 0.9.2 is outdated

    Upgrade to 0.13.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tonic-build versions

  • Dependency tower 0.4.13 is outdated

    Upgrade to 0.5.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tower versions

  • Dependency tower-http 0.4.0 is outdated

    Upgrade to 0.6.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tower-http versions

  • Dependency wiremock 0.5.22 is outdated

    Upgrade to 0.6.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wiremock versions

  • Failed to verify create's content against its repository

    Verified 1631 out of 1632 files (includes 2 Cargo-generated).

    • error: Cargo.lock was suspiciously large.
      • If you don't need this file, use include or exclude in Cargo.toml, otherwise file a bug at https://gitlab.com/lib.rs/main
    • warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v1.58.1'.

    Looked for the crate in apollo-router/. Fetched https://github.com/apollographql/router.git b0f37424c927fae385454a29cc1686f028027e9d.

    Checked on 2025-04-27

    This check is experimental.

    Forum thread

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["web-programming::http-server"] to the Cargo.toml.

    Even if there are no categories that fit precisely, pick one that is least bad. You can also propose new categories in crates.io issue tracker.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["graphql", "uhg", "service-builder", "federation", "apollo"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

  • Optional dependency 'dhat' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'dhat' may have been unintentional.

    Crate features

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.