Issues found
Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.
gtk4-layer-shell
Failed to verify create's content against its repository
Partially verified 12 files (includes 3 Cargo-generated).
- warning: The crates.io package has no information about its path inside its repository.
- warning: There is no matching git tag containing version '0.5.0'.
git tag v0.5.0 7b1225c2e180881c290f32aac7462e29f4da9f05; git push origin --tags
Files in the crates.io crate compared to the repository:
Cargo.locknot found.
Looked for the crate in
gtk4-layer-shell/. Fetchedhttps://github.com/pentamassiv/gtk4-layer-shell-gir.git7b1225c2e180881c290f32aac7462e29f4da9f05.Checked on 2025-04-27
This check is experimental.
enigo
Dependency ashpd 0.10 is significantly outdated
Upgrade to 0.11.0 to get all the fixes, and avoid causing duplicate dependencies in projects.
In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.
Dependency objc2 0.5 is outdated
Upgrade to 0.6.1 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency objc2-app-kit 0.2 is outdated
Consider upgrading to 0.3.1 to get all the fixes and improvements.
Dependency objc2-foundation 0.2 is outdated
Upgrade to 0.3.1 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency reis 0.4 is slightly outdated
Consider upgrading to 0.5.0 to get all the fixes and improvements.
Dependency windows 0.58 is outdated
Upgrade to 0.61.1 to get all the fixes, and avoid causing duplicate dependencies in projects.
Failed to verify create's content against its repository
Partially verified 32 files (includes 3 Cargo-generated).
- warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v0.3.0'.
- Create git tags after comitting any changes, and commit changes after bumping versions and running
cargo update.
- Create git tags after comitting any changes, and commit changes after bumping versions and running
Files in the crates.io crate compared to the repository:
Cargo.locknot found.
Fetched
https://github.com/enigo-rs/enigo.git7b2387f88fdb35f40e71099c1a6929af67ff8dc2.Checked on 2024-11-24
- warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v0.3.0'.
Imprecise dependency requirement tempfile = 3
Cargo does not always pick latest versions of dependencies! Specify the version as
tempfile = "3.19.0". IfCargo.lockends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using theminimal-versionsflag, used by users of old Rust versions.If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with
-Z minimal-versionsCargo option, because it's very easy to accidentally use a feature added in a later version.
gtk4-session-lock
Published crate doesn't match its repository
Partially verified 11 files (includes 3 Cargo-generated).
Files in the crates.io crate compared to the repository:
Cargo.locknot found.
Looked for the crate in
gtk4-session-lock/. Fetchedhttps://github.com/pentamassiv/gtk4-layer-shell-gir.git9ada3ca8e45677f885497582d1c35bacf92844f7.Checked on 2025-03-16
gtk4-layer-shell-sys
Published crate doesn't match its repository
Partially verified 13 files (includes 2 Cargo-generated).
Looked for the crate in
gtk4-layer-shell-sys/. Fetchedhttps://github.com/pentamassiv/gtk4-layer-shell-gir.git97e432b9f377b0e5912a6359e4ae2835c07545d5.Checked on 2025-04-09
*-sys crate without links property
If this crate uses C libraries with public symbols, consider adding
links = "gtk4-layer-shell"to crate'sCargo.tomlto avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.This is also needed to protect your crate from duplicate older versions of itself. C symbols are global, and duplicate symbols can cause all sorts of breakage.
gtk4-session-lock-sys
Published crate doesn't match its repository
Partially verified 13 files (includes 3 Cargo-generated).
Files in the crates.io crate compared to the repository:
Cargo.locknot found.
Looked for the crate in
gtk4-session-lock-sys/. Fetchedhttps://github.com/pentamassiv/gtk4-layer-shell-gir.gitecbe84c210c44eefe984b5ba3430e76635d50327.Checked on 2025-03-16
*-sys crate without links property
If this crate uses C libraries with public symbols, consider adding
links = "gtk4-session-lock"to crate'sCargo.tomlto avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.
zwp-input-method-service
Dependency input-event-codes 5.16.8 is outdated
Upgrade to 6.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.
Easy way to bump dependencies:
cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.Dependency wayland-client 0.29 is significantly outdated
Upgrade to 0.31.10 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency wayland-protocols 0.29 is outdated
Upgrade to 0.32.8 to get all the fixes, and avoid causing duplicate dependencies in projects.
gtk-layer-shell
Dependency glib 0.18 is outdated
Upgrade to 0.20.9 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency glib-sys 0.18 is outdated
Upgrade to 0.20.9 to get all the fixes, and avoid causing duplicate dependencies in projects.
Imprecise dependency requirement bitflags = 2
Cargo does not always pick latest versions of dependencies! Specify the version as
bitflags = "2.9.0". IfCargo.lockends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using theminimal-versionsflag, used by users of old Rust versions.
gtk-layer-shell-sys
*-sys crate without links property
If this crate uses C libraries with public symbols, consider adding
links = "gtk-layer-shell"to crate'sCargo.tomlto avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.Dependency glib-sys 0.18 is outdated
Upgrade to 0.20.9 to get all the fixes, and avoid causing duplicate dependencies in projects.
zwp-input-method
*-sys crate without links property
If this crate uses C libraries with public symbols, consider adding
links = "zwp-input-method"to crate'sCargo.tomlto avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.Dependency wayland-client 0.29.0 is significantly outdated
Upgrade to 0.31.10 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency wayland-protocols 0.29 is outdated
Upgrade to 0.32.8 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency wayland-scanner 0.29.0 is outdated
Upgrade to 0.31.6 to get all the fixes, and avoid causing duplicate dependencies in projects.
zwp-virtual-keyboard
*-sys crate without links property
If this crate uses C libraries with public symbols, consider adding
links = "zwp-virtual-keyboard"to crate'sCargo.tomlto avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.Dependency wayland-client 0.29 is significantly outdated
Upgrade to 0.31.10 to get all the fixes, and avoid causing duplicate dependencies in projects.
Dependency wayland-scanner 0.29 is outdated
Upgrade to 0.31.6 to get all the fixes, and avoid causing duplicate dependencies in projects.
If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance] to their
status = "deprecated"Cargo.toml.