Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• snmalloc-sys

  • *-sys crate without links property

    If this crate uses C libraries with public symbols, consider adding links = "snmalloc" to crate's Cargo.toml to avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.

    This is also needed to protect your crate from duplicate older versions of itself. C symbols are global, and duplicate symbols can cause all sorts of breakage.

  • No readme property

    Specify path to a README file for the project, so that information about is included in the crates.io tarball.

• pag-lexer, pag-parser, pag-compiler

  • Latest prerelease is old

    It's been over 19 months. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Nightly crates tend to have a short lifespan. We're delisting them if they're not updated frequently.

    Maintenance status field docs

• tabbycat

  • Dependency derive_builder 0.9 is significantly outdated

    Upgrade to 0.20.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    derive_builder versions

  • Imprecise dependency requirement anyhow = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as anyhow = "1.0.95". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    This crate does not bump semver-minor when adding new features, so to be safe you get all the features/APIs/fixes that your crate depends on, require a more specific patch version.

    anyhow versions

• tulip

  • Dependency structopt 0.3 has issues

    It has been losing active users, which may be a sign it's deprecated or obsolete. Consider replacing it with a different crate.

    structopt crate

  • Dependency reqwest 0.10 is significantly outdated

    Consider upgrading to 0.12.12 to get all the fixes and improvements.

    reqwest versions

  • Dependency rocksdb 0.13 is significantly outdated

    Consider upgrading to 0.23.0 to get all the fixes and improvements.

    rocksdb versions

  • Dependency simd-json 0.3 is significantly outdated

    Consider upgrading to 0.14.3 to get all the fixes and improvements.

    simd-json versions

  • Dependency uuid 0.8 is significantly outdated

    Consider upgrading to 1.12.0 to get all the fixes and improvements.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    uuid versions

  • Imprecise dependency requirement serde = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as serde = "1.0.217". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    serde versions

  • Dependency pretty_env_logger 0.4 is outdated

    Consider upgrading to 0.5.0 to get all the fixes and improvements.

    pretty_env_logger versions

  • Dependency prettytable-rs 0.8 is outdated

    Consider upgrading to 0.10.0 to get all the fixes and improvements.

    prettytable-rs versions

  • Dependency ring 0.16 is outdated

    Consider upgrading to 0.17.8 to get all the fixes and improvements.

    ring versions

  • Dependency rust-argon2 0.8 is outdated

    Consider upgrading to 2.1.0 to get all the fixes and improvements.

    rust-argon2 versions

  • Latest stable release is old

    It's been over 4 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    If the crate is truly stable, why not make a 1.0.0 release?

    Maintenance status field docs

• nutshell

  • Dependency structopt 0.3 has issues

    It has been losing active users, which may be a sign it's deprecated or obsolete. Consider replacing it with a different crate.

    structopt crate

  • Dependency reqwest 0.10 is significantly outdated

    Consider upgrading to 0.12.12 to get all the fixes and improvements.

    reqwest versions

  • Dependency pretty_env_logger 0.4 is outdated

    Consider upgrading to 0.5.0 to get all the fixes and improvements.

    pretty_env_logger versions

  • Imprecise dependency requirement regex = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as regex = "1.11.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with -Z minimal-versions Cargo option, because it's very easy to accidentally use a feature added in a later version.

    regex versions

  • Latest stable release is old

    It's been over 4 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• pag-parser

  • Dependency ariadne 0.2 is outdated

    Upgrade to 2.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    ariadne versions

  • Dependency thiserror 1 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Imprecise dependency requirement lazy_static = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as lazy_static = "1.5.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    lazy_static versions

• pag-lexer, pag-parser, pag-compiler

  • License MIT/Apache-2.0 is not in SPDX syntax

    Use OR instead of /.

    SPDX license list

• domtree

  • Dependency rand 0.8.5 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

• dynforest

  • Dependency rand 0.8 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

No issues found in: snmalloc-rs

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.