Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• allms

  • Dependency jsonschema =0.15.2 is significantly outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    jsonschema versions

  • Dependency tiktoken-rs 0.4.4 is significantly outdated

    Upgrade to 0.6.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tiktoken-rs versions

  • Dependency yup-oauth2 8.3.2 is significantly outdated

    Upgrade to 12.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    yup-oauth2 versions

  • Locked dependency version jsonschema =0.15.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    jsonschema versions

  • Dependency base64 0.13.0 is outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency env_logger 0.9.0 is outdated

    Upgrade to 0.11.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    env_logger versions

  • Dependency reqwest 0.11.11 is outdated

    Upgrade to 0.12.15 to get all the fixes, and avoid causing duplicate dependencies in projects.

    reqwest versions

• pidgeon

  • Dependency rand 0.8.5 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

  • Optional dependency 'web-time' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'web-time', 'serde', 'iggy', 'tokio', 'serde_json' may have been unintentional.

    Crate features

• videocall-nokhwa

  • Dependency opencv 0.93 is significantly outdated

    Upgrade to 0.94.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opencv versions

  • docs.rs build failed

    docs.rs site failed to build the crate, so users will have trouble finding the documentation. Docs.rs supports multiple platforms and custom configurations, so you can make the build work even if normal crate usage has special requirements.

    Docs.rs doesn't need to run or even link any code, so system dependencies can simply be skipped. You can also set cfg() flags just for docs.rs and use them to hide problematic code.

    Detecting docs.rs

  • Dependency wgpu 23 is outdated

    Upgrade to 24.0.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wgpu versions

  • Optional dependency 'wasm-rs-async-executor' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'wasm-rs-async-executor', 'serde', 'wgpu', 'videocall-nokhwa-bindings-windows', 'videocall-nokhwa-bindings-macos', 'videocall-nokhwa-bindings-linux', 'js-sys', 'opencv', 'parking_lot', 'wasm-bindgen-futures', 'wasm-bindgen', 'web-sys' may have been unintentional.

    Crate features

• videocall-nokhwa-bindings-macos

  • Failed to verify create's content against its repository

    Verified 7 out of 8 files (includes 3 Cargo-generated).

    • warning: Crate tarball has been published from the commit 781c1bc70cf6bf355a9a1fd08dca5ef47ace3afa, which is not in the repository.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.
    • warning: Found a Cargo.toml for this package in its repo (via tags), but the version was different.
      • Make sure to commit and tag after bumping the version number.
    • warning: Had to perform fuzzy search of the head branch due to lack of commit information in the package.

    Files in the crates.io crate compared to the repository:

    • Cargo.lock not found.
    • Cargo.toml.orig does not match the repository.

    Looked for the crate in videocall-cli/nokhwa/nokhwa-bindings-macos/. Fetched https://github.com/security-union/videocall-rs.git bd2809cb87bcb3f73d9063e95b79dc1a465e3966.

    Checked on 2025-03-02

    This check is experimental.

    Forum thread

  • Dependency cocoa-foundation 0.1 is slightly outdated

    Consider upgrading to 0.2.0 to get all the fixes and improvements.

    cocoa-foundation versions

  • Dependency core-foundation 0.9 is a bit outdated

    Consider upgrading to 0.10.0 to get all the fixes and improvements.

    core-foundation versions

• yew-webtransport

  • Dependency gloo 0.2.1 is significantly outdated

    Upgrade to 0.11.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    gloo versions

  • Dependency gloo-console 0.2.1 is a bit outdated

    Consider upgrading to 0.3.0 to get all the fixes and improvements.

    gloo-console versions

  • Dependency thiserror 1.0 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["web-programming"] to the Cargo.toml.

    Even if there are no categories that fit precisely, pick one that is least bad. You can also propose new categories in crates.io issue tracker.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["wasm-bindgen", "framework", "rust-wasm"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• videocall-client

  • docs.rs build failed

    docs.rs site failed to build the crate, so users will have trouble finding the documentation. Docs.rs supports multiple platforms and custom configurations, so you can make the build work even if normal crate usage has special requirements.

    Detecting docs.rs

  • Dependency gloo 0.8.0 is outdated

    Upgrade to 0.11.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    gloo versions

  • Dependency gloo-utils 0.1 is outdated

    Upgrade to 0.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    gloo-utils versions

  • Dependency rand 0.8.5 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

• videocall-types

  • Dependency protobuf =3.7.1 is significantly outdated

    Upgrade to 3.7.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    protobuf versions

  • Locked dependency version protobuf =3.7.1

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    protobuf versions

• openai-safe

  • Dependency tiktoken-rs 0.4.4 is significantly outdated

    Upgrade to 0.6.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tiktoken-rs versions

  • Dependency base64 0.13.0 is outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency env_logger 0.9.0 is outdated

    Upgrade to 0.11.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    env_logger versions

  • Dependency reqwest 0.11.11 is outdated

    Upgrade to 0.12.15 to get all the fixes, and avoid causing duplicate dependencies in projects.

    reqwest versions

  • Incorrect category

    Crate's categories property in Cargo.toml contains 'ai', which isn't a category we recognize

    lib.rs has simplified and merged some of crates.io categories. Please file a bug if we got it wrong.

    List of available categories

  • Incorrect category

    Crate's categories property in Cargo.toml contains 'openai', which isn't a category we recognize

    List of available categories

  • Incorrect category

    Crate's categories property in Cargo.toml contains 'api', which isn't a category we recognize

    List of available categories

  • Incorrect category

    Crate's categories property in Cargo.toml contains 'machine-learning', which isn't a category we recognize

    List of available categories

• yew-websocket

  • Dependency gloo-net 0.2 is significantly outdated

    Upgrade to 0.6.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    gloo-net versions

  • Dependency gloo 0.8 is outdated

    Upgrade to 0.11.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    gloo versions

  • Dependency gloo-console 0.2 is a bit outdated

    Consider upgrading to 0.3.0 to get all the fixes and improvements.

    gloo-console versions

  • Dependency thiserror 1 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["web-programming::websocket"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["websocket", "yew", "websockets"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• videocall-cli

  • Dependency quinn 0.10.2 is outdated

    Upgrade to 0.11.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    quinn versions

  • Dependency rustls 0.21.7 is outdated

    Upgrade to 0.23.25 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls versions

  • Dependency thiserror 1.0.51 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Dependency webpki-roots 0.25.2 is outdated

    Upgrade to 0.26.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    webpki-roots versions

• sec-http3

  • Dependency fastrand 1.9.0 is significantly outdated

    Upgrade to 2.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    fastrand versions

  • Dependency http 0.2.9 is outdated

    Upgrade to 1.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    http versions

  • Dependency quinn 0.10 is outdated

    Upgrade to 0.11.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    quinn versions

  • Dependency quinn-proto 0.10 is outdated

    Upgrade to 0.11.10 to get all the fixes, and avoid causing duplicate dependencies in projects.

    quinn-proto versions

  • Incorrect category

    Crate's categories property in Cargo.toml contains 'webtransport', which isn't a category we recognize

    List of available categories

  • Using outdated edition for no reason

    We estimate that this crate requires at least Rust 1.63, which is newer than the last 2018-edition compiler. You can upgrade without breaking any compatibility. Run cargo fix --edition and update edition="…" in Cargo.toml.

    Using the latest edition helps avoid old quirks of the compiler, and ensures Rust code has consistent syntax and behavior across all projects.

    The Edition Guide

• videocall-client, yew-webtransport, yew-websocket

  • Imprecise dependency requirement anyhow = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as anyhow = "1.0.97". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    This crate does not bump semver-minor when adding new features, so to be safe you get all the features/APIs/fixes that your crate depends on, require a more specific patch version.

    anyhow versions

• videocall-nokhwa-bindings-windows

  • Dependency windows 0.43 is significantly outdated

    Upgrade to 0.61.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    windows versions

• leptos_webtransport

  • Dependency leptos 0.6.6 is outdated

    Upgrade to 0.7.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    leptos versions

  • Dependency thiserror 1.0.50 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["web-programming::websocket"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["web-transport", "leptos", "leptos-webtransport"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• videocall-daemon

  • Dependency quinn 0.10.2 is outdated

    Upgrade to 0.11.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    quinn versions

  • Dependency rustls 0.21.7 is outdated

    Upgrade to 0.23.25 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls versions

  • Dependency thiserror 1.0.51 is a bit outdated

    Consider upgrading to 2.0.12 to get all the fixes and improvements.

    thiserror versions

  • Dependency videocall-types 0.1.0 is outdated

    Upgrade to 1.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    videocall-types versions

  • Dependency webpki-roots 0.25.2 is outdated

    Upgrade to 0.26.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    webpki-roots versions

• yew-recaptcha-v3

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["web-programming"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["recaptcha", "yew", "abuse", "response"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• videocall-nokhwa-bindings-macos, videocall-nokhwa-bindings-linux, videocall-nokhwa-bindings-windows, videocall-nokhwa-core

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["multimedia::video"] to the Cargo.toml.

    List of available categories

• videocall-nokhwa-core

  • Dependency opencv 0.93 is significantly outdated

    Upgrade to 0.94.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    opencv versions

  • Dependency wgpu 23 is outdated

    Upgrade to 24.0.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wgpu versions

  • Imprecise dependency requirement bytemuck = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as bytemuck = "1.22.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with -Z minimal-versions Cargo option, because it's very easy to accidentally use a feature added in a later version.

    bytemuck versions

  • Optional dependency 'mozjpeg' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'mozjpeg', 'serde', 'opencv', 'bytemuck', 'wgpu' may have been unintentional.

    Crate features

• h3-webtransport, sec-http3

  • Imprecise dependency requirement bytes = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as bytes = "1.10.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    bytes versions

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.