Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• mai-sdk-core

  • Dependency libp2p 0.53 is significantly outdated

    Upgrade to 0.55.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    libp2p versions

  • Published crate doesn't match its repository

    Partially verified 9 files (includes 2 Cargo-generated).

    Looked for the crate in mai-sdk-core/. Fetched https://github.com/moderately-ai/mai-sdk.git 289c757f2ad13f33f4a5f10ae3eb7d25889bf85b.

    Checked on 2024-07-28

    This check is experimental.

    Forum thread

  • Dependency bincode 1.3 is slightly outdated

    Consider upgrading to 2.0.1 to get all the fixes and improvements.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    bincode versions

  • Dependency rand 0.8 is a bit outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    rand versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["science::ml"] to the Cargo.toml.

    Even if there are no categories that fit precisely, pick one that is least bad. You can also propose new categories in crates.io issue tracker.

    List of available categories

  • No readme property

    Specify path to a README file for the project, so that information about is included in the crates.io tarball.

• candle-einops

  • Dependency candle-core 0.6 is outdated

    Upgrade to 0.9.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    candle-core versions

• candle-einops-macros

  • Imprecise dependency requirement syn = 2

    Cargo does not always pick latest versions of dependencies! Specify the version as syn = "2.0.101". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    This crate does not bump semver-minor when adding new features, so to be safe you get all the features/APIs/fixes that your crate depends on, require a more specific patch version.

    syn versions

  • Published crate doesn't match its repository

    Partially verified 8 files (includes 2 Cargo-generated).

    Looked for the crate in candle-einops-macros/. Fetched https://github.com/tomsanbear/candle-einops.git 76591114bed91b951a9cd32fb13a4b3a1882f0b5.

    Checked on 2024-08-10

    Forum thread

  • README missing from crate tarball

    Cargo sometimes fails to package the README file. Ensure the path to the README in Cargo.toml is valid, and points to a file inside the crate's directory.

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.