Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• nats

  • Dependency fastrand 1.5.0 is significantly outdated

    Upgrade to 2.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    fastrand versions

  • Dependency rustls 0.22 is significantly outdated

    Upgrade to 0.23.23 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    rustls versions

  • Dependency base64 0.13.0 is outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency base64-url 1.4.10 is outdated

    Upgrade to 3.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64-url versions

  • Dependency nuid 0.3.1 is outdated

    Upgrade to 0.5.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    nuid versions

  • Dependency rustls-native-certs 0.7 is outdated

    Upgrade to 0.8.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls-native-certs versions

  • Dependency rustls-webpki 0.102 is outdated

    Consider upgrading to 0.103.0 to get all the fixes and improvements.

    rustls-webpki versions

  • Imprecise dependency requirement portable-atomic = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as portable-atomic = "1.11.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with -Z minimal-versions Cargo option, because it's very easy to accidentally use a feature added in a later version.

    portable-atomic versions

• wasi-crypto

  • Dependency boring 3.1.0 is significantly outdated

    Upgrade to 4.14.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    boring versions

  • Dependency pqcrypto-kyber 0.7.6 is significantly outdated

    Upgrade to 0.8.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    pqcrypto-kyber versions

  • Dependency wiggle 12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wiggle versions

  • Dependency rand_core 0.6.4 is a bit outdated

    Consider upgrading to 0.9.2 to get all the fixes and improvements.

    rand_core versions

  • Dependency thiserror 1.0.48 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Failed to verify create's content against its repository

    Verified 57 out of 58 files (includes 1 Cargo-generated).

    • warning: The crates.io package has no commit hash associated with it.
      • Publish a new version, without using --allow-dirty flag. Make sure all changes are committed before publishing. Use include/exclude in Cargo.toml to omit unnecessary files.
    • warning: There is no matching git tag containing version '0.1.14'.
    • warning: Had to perform fuzzy search of the head branch due to lack of commit information in the package.

    Files in the crates.io crate compared to the repository:

    • Cargo.toml.orig does not match the repository.

    Looked for the crate in rust/. Fetched https://github.com/wasm-crypto/wasi-crypto-host-functions.git 5032aff86e742a4301fcee11d82fcbf8f4b776f4.

    Checked on 2024-07-28

    This check is experimental.

    Forum thread

  • Latest stable release is old

    It's been over 16 months. How did the experiment go? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    If the crate is truly stable, why not make a 1.0.0 release?

    Maintenance status field docs

  • Optional dependency 'pqcrypto-traits' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'pqcrypto-traits', 'pqcrypto-kyber', 'wiggle' may have been unintentional.

    Crate features

• wasi-crypto, ed25519-compact, doh-proxy, chrono-wasi, chomp1, xoodyak

  • The Cargo package has no git commit information

    Before publishing a package, make sure all packaged files are committed to the repository, and there are no "dirty" files. Push this commit to crate's public repository.

    To protect against supply chain attacks similar to CVE-2024-3094, lib.rs will soon start flagging non-reproducible packages without public source code as suspicious. Currently only git repositories are supported (but may be hosted anywhere, not just GitHub). If you'd like a different SCM supported, please file a feature request.

    More info

• hmac-sha256, hmac-sha512, hmac-sha1-compact

  • Dependency digest 0.9.0 is significantly outdated

    Upgrade to 0.10.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    digest versions

• ed25519-compact

  • Failed to verify create's content against its repository

    Verified 15 out of 16 files (includes 1 Cargo-generated).

    • warning: The crates.io package has no commit hash associated with it.
      • Publish a new version, without using --allow-dirty flag. Make sure all changes are committed before publishing. Use include/exclude in Cargo.toml to omit unnecessary files.

    Files in the crates.io crate compared to the repository:

    • ex25519.rs not found.

    Fetched https://github.com/jedisct1/rust-ed25519-compact.git tagged 2.1.1 (32cdaa69ab9222a302373f24f59a015ba36e42cd).

    Checked on 2024-08-04

    Forum thread

• ed25519-compact, bloomfilter, minisign, superboring, pake-cpace

  • Dependency getrandom 0.2 is outdated

    Consider upgrading to 0.3.1 to get all the fixes and improvements.

    getrandom versions

• siphasher, zmq, chrono-wasi, chomp1, arc-cache, chrono-wasi07

  • License MIT/Apache-2.0 is not in SPDX syntax

    Use OR instead of /.

    SPDX license list

• coarsetime

  • Dependency wasi 0.13.3 is significantly outdated

    Upgrade to 0.14.1+wasi-0.2.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasi versions

• coarsetime, doh-proxy, blind-rsa-signatures, precision

  • Using outdated edition for no reason

    We estimate that this crate requires at least Rust 1.60, which is newer than the last 2018-edition compiler. You can upgrade without breaking any compatibility. Run cargo fix --edition and update edition="…" in Cargo.toml.

    Using the latest edition helps avoid old quirks of the compiler, and ensures Rust code has consistent syntax and behavior across all projects.

    The Edition Guide

• bloomfilter, uuidv7

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["data-structures"] to the Cargo.toml.

    Even if there are no categories that fit precisely, pick one that is least bad. You can also propose new categories in crates.io issue tracker.

    List of available categories

• jwt-simple

  • Optional dependency 'ciborium' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'ciborium', 'boring', 'superboring' may have been unintentional.

    Crate features

• jwt-simple, superboring, encrypted-dns, sthash, blind-rsa-signatures, sieve-cache, count-min-sketch, slabigator, dnsclient, libdoh

  • Dependency rand 0.8.5 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

• doh-proxy

  • Failed to verify create's content against its repository

    Verified 16 out of 18 files (includes 2 Cargo-generated).

    • warning: The crates.io package has no commit hash associated with it.
      • Publish a new version, without using --allow-dirty flag. Make sure all changes are committed before publishing. Use include/exclude in Cargo.toml to omit unnecessary files.
    • warning: The crates.io package has no information about its path inside its repository.

    Files in the crates.io crate compared to the repository:

    • test.sh not found.
    • Cargo.lock not found.
    • release.yml does not match the repository.

    Fetched https://github.com/dnscrypt/doh-server.git tagged 0.9.11 (1a0a0566c4e9e93b73ecdc8d400949d8f7a94635).

    Checked on 2024-07-24

    Forum thread

• doh-proxy, rsign2, wasi-update

  • Imprecise dependency requirement clap = 4

    Cargo does not always pick latest versions of dependencies! Specify the version as clap = "4.5.31". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    clap versions

• rsign2

  • Dependency dirs 5.0.1 is outdated

    Consider upgrading to 6.0.0 to get all the fixes and improvements.

    dirs versions

• wit-component-update

  • Failed to verify create's content against its repository

    Verified 1 out of 21 files (includes 1 Cargo-generated).

    • warning: The crates.io package has no information about its path inside its repository.
    • warning: Could not find Cargo.toml for this package in its repo (via tags).
      • Make sure the repository URL in Cargo.toml is correct
    • warning: Could not discover crate's location in its repository (via tags).
    • warning: Had to perform fuzzy search of the head branch due to lack of commit information in the package.
    • error: Manifest properties don't match: Number of [[bin]] inconsistent; published=0; orig=1; ed=Set(E2021).
    • error: Repository had submodule with an invalid or unsupported path: 'tests/wabt'
      • File a bug https://gitlab.com/lib.rs/main if you think it should work

    Files in the crates.io crate compared to the repository:

    • README.md does not match the repository.
    • Cargo.toml.orig does not match the repository.
    • libdl.so exists, but elsewhere in the repo.
    • src/
      • gc.rs not found.
      • validation.rs exists, but elsewhere in the repo.
      • metadata.rs not found.
      • printing.rs exists, but elsewhere in the repo.
      • semver_check.rs exists, but elsewhere in the repo.
      • linking.rs not found.
      • dummy.rs exists, but elsewhere in the repo.
      • targets.rs exists, but elsewhere in the repo.
      • encoding.rs not found.
      • lib.rs does not match the repository.
    • src/encoding/
      • types.rs exists, but elsewhere in the repo.
      • world.rs exists, but elsewhere in the repo.
    • src/encoding/wit/
      • mod.rs exists, but elsewhere in the repo.
      • v2.rs exists, but elsewhere in the repo.
      • v1.rs exists, but elsewhere in the repo.
    • metadata.rs not found.

    Fetched https://github.com/bytecodealliance/wasm-tools.git 28e96f680752c999f296e5f9d7d31a6be66112f5.

    Checked on 2024-07-24

    Forum thread

  • Dependency wasm-encoder 0.205.0 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasm-encoder versions

  • Dependency wasm-metadata 0.205.0 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasm-metadata versions

  • Dependency wasmparser 0.205.0 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmparser versions

  • Dependency wast 205.0.0 is significantly outdated

    Upgrade to 226.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wast versions

  • Dependency wit-parser 0.205.0 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wit-parser versions

  • Missing keywords

    Help users find your crates. Add keywords = ["wasm-component", "wasm-module", "wasm-binary", "component-model", "wasm-interface"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• iptoasn-webservice

  • Dependency hyper-native-tls 0.3 has issues

    It has been losing active users, which may be a sign it's deprecated or obsolete. Consider replacing it with a different crate.

    hyper-native-tls crate

  • Dependency iron 0.6 has issues

    It has been losing active users, which may be a sign it's deprecated or obsolete. Consider replacing it with a different crate.

    iron crate

  • Dependency hyper 0.10 is significantly outdated

    Consider upgrading to 1.6.0 to get all the fixes and improvements.

    hyper versions

  • Dependency time 0.1 is significantly outdated

    Consider upgrading to 0.3.37 to get all the fixes and improvements.

    time versions

  • Dependency unicase 1 is significantly outdated

    Consider upgrading to 2.8.0 to get all the fixes and improvements.

    unicase versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["network-programming"] to the Cargo.toml.

    List of available categories

• chomp1

  • Dependency compiletest_rs 0.10.1 has issues

    It has been losing active users, which may be a sign it's deprecated or obsolete. Consider replacing it with a different crate.

    compiletest_rs crate

  • Dependency clippy >0.0.1 has issues

    It may not be actively developed any more. Consider changing the dependency.

    clippy crate

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["parsing"] to the Cargo.toml.

    List of available categories

• blind-rsa-signatures

  • Dependency rsa 0.8.2 is significantly outdated

    Upgrade to 0.9.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rsa versions

  • Imprecise dependency requirement serde = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as serde = "1.0.218". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    This crate does not bump semver-minor when adding new features, so to be safe you get all the features/APIs/fixes that your crate depends on, require a more specific patch version.

    serde versions

  • Dependency derive-new 0.5.9 is outdated

    Upgrade to 0.7.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    derive-new versions

  • Dependency derive_more 0.99.17 is outdated

    Consider upgrading to 2.0.1 to get all the fixes and improvements.

    derive_more versions

• chrono-wasi

  • Dependency redox_syscall 0.1 is significantly outdated

    Upgrade to 0.5.9 to get all the fixes, and avoid causing duplicate dependencies in projects.

    redox_syscall versions

  • Dependency rustc-serialize 0.3.20 has issues

    It may not be actively developed any more. Consider changing the dependency.

    rustc-serialize crate

  • Locked dependency version wasi =0.11.0

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasi versions

  • Dependency wasi =0.11.0 is a bit outdated

    Consider upgrading to 0.14.1+wasi-0.2.3 to get all the fixes and improvements.

    wasi versions

• uri_encode

  • Failed to verify create's content against its repository

    Could not check any files

    • warning: The crates.io package has no information about its path inside its repository.
    • error: Repository doesn't exist: Can't checkout the repository. It's either gone or private: remote authentication required but no callback set; class=Http (34); code=Auth (-16).
      • Make sure the repository URL in Cargo.toml is correct and works with git clone. The repository must be public.

    Checked on 2024-12-15

    Forum thread

  • Could not fetch repository

    We've had trouble cloning git repo from https://github\.com/jedisct1/rust\-uri\-encode\.git

    At the moment we only support git, and attempt fetching when we index a new release. Cloning is necessary for lib.rs to gather data that is missing on crates.io, e.g. to correctly resolve relative URLs in README files, which depend on repository layout and non-standard URL schemes of repository hosts.

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["web-programming"] to the Cargo.toml.

    List of available categories

• curve25519-compact

  • Failed to verify create's content against its repository

    Could not check any files

    • warning: The crates.io package has no information about its path inside its repository.
    • error: Repository doesn't exist: Can't checkout the repository. It's either gone or private: remote authentication required but no callback set; class=Http (34); code=Auth (-16).
      • Make sure the repository URL in Cargo.toml is correct and works with git clone. The repository must be public.

    Checked on 2024-12-15

    Forum thread

  • Could not fetch repository

    We've had trouble cloning git repo from https://github\.com/jedisct1/rust\-curve25519\-compact\.git

  • Imprecise dependency requirement ed25519-compact = 2

    Cargo does not always pick latest versions of dependencies! Specify the version as ed25519-compact = "2.1.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    ed25519-compact versions

• witx-codegen

  • Dependency structopt 0.3.26 has issues

    It has been losing active users, which may be a sign it's deprecated or obsolete. Consider replacing it with a different crate.

    structopt crate

  • Dependency convert_case 0.6.0 is a bit outdated

    Consider upgrading to 0.7.1 to get all the fixes and improvements.

    convert_case versions

  • Dependency strum 0.24.1 is outdated

    Upgrade to 0.27.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    strum versions

  • Dependency strum_macros 0.24.3 is outdated

    Upgrade to 0.27.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    strum_macros versions

• witnext

  • Failed to verify create's content against its repository

    Verified 2 out of 37 files (includes 2 Cargo-generated).

    • warning: The crates.io package has no information about its path inside its repository.
    • warning: Could not find Cargo.toml for this package in its repo (via tags).
      • Make sure the repository URL in Cargo.toml is correct
    • warning: Could not discover crate's location in its repository (via tags).

    Files in the crates.io crate compared to the repository:

    • .gitignore not found.
    • Cargo.toml not found.
    • LICENSE exists, but elsewhere in the repo.
    • README.md does not match the repository.
    • src/
      • io.rs exists, but elsewhere in the repo.
      • layout.rs not found.
      • parser.rs not found.
      • abi.rs not found.
      • lib.rs not found.
      • ast.rs not found.
      • toplevel.rs not found.
      • validate.rs not found.
    • src/docs/
      • ast.rs not found.
      • md.rs exists, but elsewhere in the repo.
      • mod.rs not found.
    • witxt.rs not found.
    • tests/witxt/
      • union.witxt not found.
      • snapshot_0.witx not found.
      • wasi.witxt not found.
      • resources.witxt not found.
      • shorthand.witxt not found.
      • snapshot_preview1.witx not found.
      • anonymous.witxt not found.
      • abi-next.witxt not found.
      • abi.witxt not found.
      • simple.witxt not found.
      • multimodule.witxt not found.
    • tests/witxt/multimodule/
      • type_b.witx not found.
      • use_of_structured.witx not found.
      • redefine_a.witx not found.
      • structured.witx not found.
      • type_a.witx not found.
      • type_c.witx not found.
    • tests/witxt/resources/
      • other.witx not found.
      • multi.witx not found.

    Fetched https://github.com/webassembly/wasi.git 70214b878af4ce45889b4ad9d26a7ac98db8931b.

    Checked on 2024-07-24

    Forum thread

  • Latest prerelease is old

    It's been over 3 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Users pay attention to the latest release date. Even if the crate is perfectly fine as-is, users may not know that.

    Maintenance status field docs

  • Dependency wast 36.0.0 is significantly outdated

    Upgrade to 226.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wast versions

  • Dependency thiserror 1.0 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• count-min-sketch, binstring, clockpro-cache, uri_encode

  • No repository property

    Specify git repository URL in Cargo.toml to help users find more information, contribute, and for lib.rs to read more info.

• count-min-sketch

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-count\-min\-sketch\.git and could not find a README file there.

• daemonize-simple

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-daemonize\-simple\.git and could not find a README file there.

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["os::unix-apis"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["unix", "daemon", "daemonize"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• binstring, uuidv6

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["…"] to the Cargo.toml.

    List of available categories

• chrono-wasi07

  • Dependency redox_syscall 0.1 is significantly outdated

    Upgrade to 0.5.9 to get all the fixes, and avoid causing duplicate dependencies in projects.

    redox_syscall versions

  • Dependency rustc-serialize 0.3.20 has issues

    It may not be actively developed any more. Consider changing the dependency.

    rustc-serialize crate

  • Dependency wasi 0.7 is significantly outdated

    Upgrade to 0.14.1+wasi-0.2.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasi versions

  • Latest stable release is old

    It's been over 5 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• wasmsign

  • Dependency ed25519-dalek 0.9 is significantly outdated

    Upgrade to 2.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    ed25519-dalek versions

  • Dependency parity-wasm 0.35 is significantly outdated

    Upgrade to 0.45.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    parity-wasm versions

  • Dependency rand 0.6 is significantly outdated

    Upgrade to 0.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rand versions

  • Dependency sha2 0.8 is significantly outdated

    Upgrade to 0.10.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    sha2 versions

  • Dependency clap 2 is outdated

    Upgrade to 4.5.31 to get all the fixes, and avoid causing duplicate dependencies in projects.

    clap versions

  • Imprecise dependency requirement byteorder = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as byteorder = "1.5.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    byteorder versions

  • Missing keywords

    Help users find your crates. Add keywords = ["verify", "binaries", "wasm", "key", "eddsa"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• dnssector

  • Imprecise dependency requirement anyhow = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as anyhow = "1.0.96". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    anyhow versions

  • Dependency rand 0.8 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["network-programming", "parser-implementations"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["dns", "packet-parser", "validate", "create", "mangle"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

  • Optional dependency 'libloading' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'libloading' may have been unintentional.

    Crate features

• p384_rs

  • Dependency ecdsa 0.14 is significantly outdated

    Upgrade to 0.16.9 to get all the fixes, and avoid causing duplicate dependencies in projects.

    ecdsa versions

  • Dependency elliptic-curve 0.12 is significantly outdated

    Upgrade to 0.13.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    elliptic-curve versions

  • Dependency serdect 0.1 is significantly outdated

    Upgrade to 0.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    serdect versions

  • Dependency hex-literal 0.3 is outdated

    Upgrade to 1.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    hex-literal versions

• wasmsign2-cli

  • Dependency clap 3.2.25 is significantly outdated

    Upgrade to 4.5.31 to get all the fixes, and avoid causing duplicate dependencies in projects.

    clap versions

  • Dependency ureq 2.10.1 is a bit outdated

    Consider upgrading to 3.0.6 to get all the fixes and improvements.

    ureq versions

• jwt-compact-preview

  • Dependency base64 0.12.1 is significantly outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency ed25519-compact 0.1.4 is significantly outdated

    Upgrade to 2.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    ed25519-compact versions

  • Dependency hmac 0.8.0 is significantly outdated

    Upgrade to 0.12.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    hmac versions

  • Dependency rand 0.7.3 is significantly outdated

    Upgrade to 0.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rand versions

  • Dependency rand_core 0.5.1 is significantly outdated

    Upgrade to 0.9.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rand_core versions

  • Dependency rsa 0.3 is significantly outdated

    Upgrade to 0.9.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rsa versions

  • Dependency secp256k1 0.17.2 is significantly outdated

    Upgrade to 0.30.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    secp256k1 versions

  • Dependency sha2 0.9.0 is significantly outdated

    Upgrade to 0.10.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    sha2 versions

  • Dependency ed25519-dalek 1.0.0-pre.3 is outdated

    Upgrade to 2.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    ed25519-dalek versions

  • Dependency thiserror 1.0.16 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• encrypted-dns, byteripper, witx-indent

  • Dependency clap 3.2.25 is significantly outdated

    Consider upgrading to 4.5.31 to get all the fixes and improvements.

    clap versions

• wasmonkey

  • Dependency clap 3.2.23 is significantly outdated

    Upgrade to 4.5.31 to get all the fixes, and avoid causing duplicate dependencies in projects.

    clap versions

  • Dependency goblin 0.6.0 is significantly outdated

    Upgrade to 0.9.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    goblin versions

  • Dependency siphasher 0.3.10 is outdated

    Upgrade to 1.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    siphasher versions

  • Dependency thiserror 1.0.38 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Missing keywords

    Help users find your crates. Add keywords = ["object-file", "exported", "replace", "patch", "functions"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

  • Published crate contains binary files

    The crate contains binary files (Mach-o exe). Crates are meant to be compiled from source. Please check that you haven't published temporary build files by accident. If you have test fixtures, consider excluding them from crates-io tarball, since Cargo doesn't run tests from crates-io packages.

    Audit page

• byteripper

  • Imprecise dependency requirement anyhow = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as anyhow = "1.0.96". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    anyhow versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["os::macos-apis"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["extract", "shared", "mach-o", "binary", "individual"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• wasi-crypto-preview

  • Dependency parking_lot 0.11 is significantly outdated

    Upgrade to 0.12.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    parking_lot versions

  • Dependency wiggle 0.20 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wiggle versions

  • Dependency curve25519-dalek 3 is outdated

    Upgrade to 4.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    curve25519-dalek versions

  • Dependency pqcrypto 0.11 is outdated

    Upgrade to 0.18.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    pqcrypto versions

  • Dependency thiserror 1.0 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Dependency xoodyak 0.5 is outdated

    Upgrade to 0.8.4 to get all the fixes, and avoid causing duplicate dependencies in projects.

    xoodyak versions

  • Imprecise dependency requirement curve25519-dalek = 3

    Cargo does not always pick latest versions of dependencies! Specify the version as curve25519-dalek = "4.1.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    curve25519-dalek versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["wasm", "cryptography"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["wasi", "proposal", "module", "witx", "secret"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• libdoh

  • Dependency hyper ^0.14.29 is outdated

    Upgrade to 1.6.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    hyper versions

  • Dependency rustls-pemfile ^1.0.4 is outdated

    Upgrade to 2.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls-pemfile versions

  • Dependency tokio-rustls ^0.24.1 is outdated

    Upgrade to 0.26.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio-rustls versions

  • Optional dependency 'tokio-rustls' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'tokio-rustls' may have been unintentional.

    Crate features

  • README missing from crate tarball

    Cargo sometimes fails to package the README file. Ensure the path to the README in Cargo.toml is valid, and points to a file inside the crate's directory.

  • Using outdated edition for no reason

    We estimate that this crate requires at least Rust 1.63, which is newer than the last 2018-edition compiler. You can upgrade without breaking any compatibility. Run cargo fix --edition and update edition="…" in Cargo.toml.

    The Edition Guide

• iptrap

  • Dependency rustc-serialize 0.3 has issues

    It may not be actively developed any more. Consider changing the dependency.

    rustc-serialize crate

  • Dependency zmq 0.9 is significantly outdated

    Upgrade to 0.10.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    zmq versions

  • Dependency rand 0.8.0 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

  • Dependency siphasher 0.3 is outdated

    Upgrade to 1.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    siphasher versions

  • Missing keywords

    Help users find your crates. Add keywords = ["tcp", "stateless", "sinkhole", "ip", "port"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• count-min-sketch, binstring, uri_encode, daemonize-simple, curve25519-compact

  • No readme property

    Specify path to a README file for the project, so that information about is included in the crates.io tarball.

• wasmtime-crypto

  • Dependency wasm-encoder 0.31.1 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasm-encoder versions

  • Dependency wasmparser 0.110.0 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmparser versions

  • Dependency wasmtime 12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime versions

  • Dependency wasmtime-cache =12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-cache versions

  • Dependency wasmtime-cranelift =12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-cranelift versions

  • Dependency wasmtime-environ =12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-environ versions

  • Dependency wasmtime-wasi 12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-wasi versions

  • Dependency wasmtime-wasi-http =12.0.2 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-wasi-http versions

  • Locked dependency version wasmtime-cache =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-cache versions

  • Locked dependency version wasmtime-cli-flags =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-cli-flags versions

  • Locked dependency version wasmtime-cranelift =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-cranelift versions

  • Locked dependency version wasmtime-environ =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-environ versions

  • Locked dependency version wasmtime-explorer =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-explorer versions

  • Locked dependency version wasmtime-wasi-http =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-wasi-http versions

  • Locked dependency version wasmtime-wast =12.0.2

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmtime-wast versions

  • Dependency target-lexicon 0.12.3 is slightly outdated

    Consider upgrading to 0.13.2 to get all the fixes and improvements.

    target-lexicon versions

  • Dependency wasmtime-cli-flags =12.0.2 is outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-cli-flags versions

  • Dependency wasmtime-explorer =12.0.2 is outdated

    Consider upgrading to 30.0.2 to get all the fixes and improvements.

    wasmtime-explorer versions

  • Dependency wasmtime-wasi-nn 12.0.2 is outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmtime-wasi-nn versions

  • Dependency wasmtime-wasi-threads 12.0.2 is outdated

    Consider upgrading to 30.0.2 to get all the fixes and improvements.

    wasmtime-wasi-threads versions

  • Dependency wasmtime-wast =12.0.2 is outdated

    Consider upgrading to 30.0.2 to get all the fixes and improvements.

    wasmtime-wast versions

• dnsstamps

  • Published crate doesn't match its repository

    Verified 10 out of 11 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from a commit that is not in the main branch (searched 4 commits deep).

    Files in the crates.io crate compared to the repository:

    • dooh.rs not found.

    Fetched https://github.com/jedisct1/rust-dnsstamps.git tagged 0.1.10 (1429f7545af15c6348c08639dbfdfd2013e3f422).

    Checked on 2024-12-15

    Forum thread

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["network-programming"] to the Cargo.toml.

    List of available categories

• encrypted-dns

  • Dependency hyper 0.14.31 is outdated

    Consider upgrading to 1.6.0 to get all the fixes and improvements.

    hyper versions

  • Optional dependency 'prometheus' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'prometheus', 'hyper' may have been unintentional.

    Crate features

• sightglass

  • Dependency goblin 0.0 is significantly outdated

    Consider upgrading to 0.9.3 to get all the fixes and improvements.

    goblin versions

  • Dependency libloading 0.5 is significantly outdated

    Consider upgrading to 0.8.6 to get all the fixes and improvements.

    libloading versions

  • Dependency core_affinity 0.5.9 is outdated

    Consider upgrading to 0.8.1 to get all the fixes and improvements.

    core_affinity versions

  • Dependency toml 0.5 is outdated

    Consider upgrading to 0.8.20 to get all the fixes and improvements.

    toml versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["development-tools::profiling"] to the Cargo.toml.

    List of available categories

  • Published crate contains binary files

    The crate contains binary files (WOFF font). Crates are meant to be compiled from source. Please check that you haven't published temporary build files by accident. If you have test fixtures, consider excluding them from crates-io tarball, since Cargo doesn't run tests from crates-io packages.

    Audit page

• prometheus-32bitfix

  • Dependency procfs ^0.12 is significantly outdated

    Upgrade to 0.17.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    procfs versions

  • Dependency protobuf ^2.0 is a bit outdated

    Consider upgrading to 3.7.0 to get all the fixes and improvements.

    protobuf versions

  • Dependency reqwest ^0.11 is outdated

    Upgrade to 0.12.12 to get all the fixes, and avoid causing duplicate dependencies in projects.

    reqwest versions

  • Dependency thiserror ^1.0 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["encoding"] to the Cargo.toml.

    List of available categories

• softaes

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-softaes\.git and could not find a README file there.

• hyperloglog

  • Dependency rand 0.8.0 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

  • Dependency siphasher 0.3 is outdated

    Upgrade to 1.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    siphasher versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["algorithms"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["sketching", "hll", "bias", "merge"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• cart-cache, witnext2, occlum-pal, witx-generate-raw, ipext

  • No repository property

    Specify git repository URL in Cargo.toml to help users find more information, contribute, and for lib.rs to read more info.

• precision

  • Dependency wasi 0.13.3 is significantly outdated

    Upgrade to 0.14.1+wasi-0.2.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasi versions

  • Imprecise dependency requirement cc = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as cc = "1.2.15". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    cc versions

  • Missing keywords

    Help users find your crates. Add keywords = ["high-precision", "low-overhead", "measurement", "counter", "benchmarking"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• wasmsign2, seekable-stream-cipher

  • Dependency getrandom 0.2.15 is outdated

    Consider upgrading to 0.3.1 to get all the fixes and improvements.

    getrandom versions

• dnstap

  • Dependency mio 0.6 is significantly outdated

    Upgrade to 1.0.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    mio versions

  • docs.rs build failed

    docs.rs site failed to build the crate, so users will have trouble finding the documentation. Docs.rs supports multiple platforms and custom configurations, so you can make the build work even if normal crate usage has special requirements.

    Docs.rs doesn't need to run or even link any code, so system dependencies can simply be skipped. You can also set cfg() flags just for docs.rs and use them to hide problematic code.

    Detecting docs.rs

• superboring

  • Optional dependency 'rand' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'rand', 'rrsa', 'hmac-sha256', 'hmac-sha512' may have been unintentional.

    Crate features

• framestream, padme-padding, witx-generate-raw, ipext, printtable, dns-stamp

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["…"] to the Cargo.toml.

    List of available categories

• ffmpeg-wasi

  • Big download

    The crate is a 10MB download. You can use cargo package command to review crate's archive in target/package dir.

    Check that large files weren't included by accident. Note that tarballs uploaded to crates.io can't be used to run examples or tests, so it's fine to exclude them and their data files. You can use the include or exclude properties in Cargo.toml to minimize crate's download size. Crates.io keeps all versions of all crates forever, so this storage adds up.

  • Failed to verify create's content against its repository

    Verified 22 out of 23 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from the commit f4c9025b8d452c00d8106bc1d16045fd2dc7c51a, which is not in the repository.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.
    • warning: Found a Cargo.toml for this package in its repo (via tags), but the version was different.
      • Make sure to commit and tag after bumping the version number.
    • warning: Had to perform fuzzy search of the head branch due to lack of commit information in the package.

    Files in the crates.io crate compared to the repository:

    • Cargo.toml.orig does not match the repository.

    Fetched https://github.com/jedisct1/rust-ffmpeg-wasi.git 29d62b20de8d14ddbef527f8197feb2fed0ee35b.

    Checked on 2024-07-28

    Forum thread

• socket-priority

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-socket\-priority\.git and could not find a README file there.

  • Missing keywords

    Help users find your crates. Add keywords = ["priority", "sockets", "raw", "raw-sockets"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• libsodium-sys-stable

  • Dependency ureq 2.12 is a bit outdated

    Consider upgrading to 3.0.6 to get all the fixes and improvements.

    ureq versions

• libhydrogen

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["cryptography"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["cryptography", "curve25519", "libsodium", "modern", "byte"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• aegis

  • Optional dependency 'aead' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'aead' may have been unintentional.

    Crate features

• aegis, ffmpeg-wasi, aes-wasm, sealed_box

  • Published crate contains binary files

    The crate contains binary files (static library). Crates are meant to be compiled from source. Please check that you haven't published temporary build files by accident. If you have test fixtures, consider excluding them from crates-io tarball, since Cargo doesn't run tests from crates-io packages.

    Audit page

• sieve-cache

  • Dependency rand_distr 0.4.3 is slightly outdated

    Consider upgrading to 0.5.1 to get all the fixes and improvements.

    rand_distr versions

• qptrie

  • Missing keywords

    Help users find your crates. Add keywords = ["trie", "key-value", "lookup", "compact", "prefix"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

  • Using outdated edition for no reason

    We estimate that this crate requires at least Rust 1.61, which is newer than the last 2015-edition compiler. You can upgrade without breaking any compatibility. Run cargo fix --edition and update edition="…" in Cargo.toml.

    The Edition Guide

• wasi-update

  • Dependency thiserror 1 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• paseto-wasi07

  • Dependency aead 0.2 is significantly outdated

    Upgrade to 0.5.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    aead versions

  • Dependency base64 0.12.0 is significantly outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

  • Dependency blake2 0.8 is significantly outdated

    Upgrade to 0.10.6 to get all the fixes, and avoid causing duplicate dependencies in projects.

    blake2 versions

  • Dependency chacha20poly1305 0.4.1 is significantly outdated

    Upgrade to 0.10.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    chacha20poly1305 versions

  • Dependency failure ^0.1 has issues

    It may not be actively developed any more. Consider changing the dependency.

    failure crate

  • Dependency failure_derive ^0.1 has issues

    It may not be actively developed any more. Consider changing the dependency.

    failure_derive crate

  • Dependency rand 0.7 is significantly outdated

    Upgrade to 0.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rand versions

  • Dependency constant_time_eq 0.1 is outdated

    Upgrade to 0.4.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    constant_time_eq versions

  • Dependency ed25519-dalek 1.0.0-pre is outdated

    Upgrade to 2.1.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    ed25519-dalek versions

  • Missing keywords

    Help users find your crates. Add keywords = ["paseto", "token", "jwt", "public-key", "encryption-key"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• aes-wasm

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["cryptography", "wasm"] to the Cargo.toml.

    List of available categories

• witx-docgen

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-witx\-docgen\.git and could not find a README file there.

• zmq-sys

  • Dependency system-deps 6 is outdated

    Consider upgrading to 7.0.3 to get all the fixes and improvements.

    system-deps versions

  • Dependency zeromq-src 0.2.1 is slightly outdated

    Consider upgrading to 0.3.4+4.3.5 to get all the fixes and improvements.

    zeromq-src versions

  • License MIT/Apache-2.0 is not in SPDX syntax

    Use OR instead of /.

    SPDX license list

  • Needs more categories

    Please more specific categories that describe functionality of the crate. Expand categories = ["network-programming", "external-ffi-bindings"] in your Cargo.toml.

    List of available categories

• zmq-sys, softaes, wasi-crypto-preview, witnext2, sendfd-new, socket-priority, witx-docgen, wasi-crypto-guest, sightglass-api, witx-generate-raw, fehler-more, ipext, witx-lucet-bindings-gen, xfailure, lucet-runtime-tests, lucetc, geoip-sys, lucet-wasi, lucet-runtime, lucet-wasi-sdk, lucet-runtime-internals, lucet-module-data, lucet-analyze, elimac, wasi-compat, areion, banana-slicer

  • README missing from crate tarball

    Cargo sometimes fails to package the README file. Ensure the path to the README in Cargo.toml is valid, and points to a file inside the crate's directory.

• binstring

  • Missing keywords

    Help users find your crates. Add keywords = ["binary-data", "string", "store"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• zmq

  • Dependency bitflags 1.0 is outdated

    Upgrade to 2.8.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bitflags versions

• prometheus-32bitfix, wasmonkey, dnstap, jwt-compact-preview, wasmsign, iptoasn-webservice, wasi-crypto-preview, witnext2, ring-wasi, printtable, xfailure, lucet-runtime-tests, lucetc, lucet-wasi, lucet-runtime, lucet-wasi-sdk, lucet-runtime-internals

  • The Cargo package has no git commit information

    Before publishing a package, make sure all packaged files are committed to the repository, and there are no "dirty" files. Push this commit to crate's public repository.

    More info

• xoodyak

  • Failed to verify create's content against its repository

    Verified 19 out of 22 files (includes 1 Cargo-generated).

    • warning: The crates.io package has no commit hash associated with it.
      • Publish a new version, without using --allow-dirty flag. Make sure all changes are committed before publishing. Use include/exclude in Cargo.toml to omit unnecessary files.
    • warning: There is no matching git tag containing version '0.8.4'.
    • warning: Had to perform fuzzy search of the head branch due to lack of commit information in the package.

    Files in the crates.io crate compared to the repository:

    • .rustfmt.toml not found.
    • settings.json not found.
    • impl_aarch64.rs not found.

    Fetched https://github.com/jedisct1/rust-xoodyak.git 3d23d3968eac6a49287bec8f8ab272d5eae71a66.

    Checked on 2024-08-05

    Forum thread

• witnext2

  • Dependency wast 33 is significantly outdated

    Upgrade to 226.0.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wast versions

  • Imprecise dependency requirement id-arena = 2

    Cargo does not always pick latest versions of dependencies! Specify the version as id-arena = "2.2.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    id-arena versions

  • Missing keywords

    Help users find your crates. Add keywords = ["preview", "witx2", "variant"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• privdrop

  • Dependency nix 0.26 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    nix versions

• rawbytes

  • Missing keywords

    Help users find your crates. Add keywords = ["byte-array", "raw", "view", "value", "sized"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• fehler-more

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-fehler\-more\.git and could not find a README file there.

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["rust-patterns"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["macro", "fehler", "fehler-more"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• witnext, lucet-runtime-tests, lucetc, lucet-wasi

  • Imprecise dependency requirement anyhow = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as anyhow = "1.0.96". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    anyhow versions

• wasmsign, printtable, dns-stamp

  • Latest stable release is old

    It's been over 6 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• wasmsign, sightglass, lucetc, lucet-wasi-sdk, lucet-module-data

  • Dependency failure 0.1 has issues

    It may not be actively developed any more. Consider changing the dependency.

    failure crate

• sparx

  • Imprecise dependency requirement byteorder = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as byteorder = "1.5.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    byteorder versions

  • Latest stable release is old

    It's been over 5 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• witx-lucet-bindings-gen

  • README missing from the repository

    We've searched https://github\.com/jedisct1/rust\-witx\-lucet\-bindings\.git and could not find a README file there.

  • Dependency witx 0.8 is significantly outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    witx versions

• jumphash

  • Dependency rand 0.8.0 is a bit outdated

    Consider upgrading to 0.9.0 to get all the fixes and improvements.

    rand versions

  • Dependency siphasher 0.3 is outdated

    Upgrade to 1.0.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    siphasher versions

• sendfd-new

  • Could not fetch repository

    We've had trouble cloning git repo from https://github\.com/standard\-cognition/sendfd\.git

• ring-wasi

  • Dependency getrandom 0.2.10 is outdated

    Consider upgrading to 0.3.1 to get all the fixes and improvements.

    getrandom versions

  • Dependency spin 0.5.2 is outdated

    Upgrade to 0.9.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    spin versions

  • Dependency untrusted 0.7.1 is significantly outdated

    Upgrade to 0.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    untrusted versions

  • Published crate contains binary files

    The crate contains binary files (static library). Crates are meant to be compiled from source. Please check that you haven't published temporary build files by accident. If you have test fixtures, consider excluding them from crates-io tarball, since Cargo doesn't run tests from crates-io packages.

    Audit page

• libhydrogen-sys

  • *-sys crate without links property

    If this crate uses C libraries with public symbols, consider adding links = "hydrogen" to crate's Cargo.toml to avoid other libraries colliding with them. Note that the links property adds exclusivity to dependency resolution, but doesn't do any linking.

    This is also needed to protect your crate from duplicate older versions of itself. C symbols are global, and duplicate symbols can cause all sorts of breakage.

  • Missing keywords

    Help users find your crates. Add keywords = ["bindings", "elliptic-curve", "low-level", "gimli", "permutation"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• wasi-crypto-guest

  • Dependency num_enum 0.6.1 is significantly outdated

    Upgrade to 0.7.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    num_enum versions

  • Missing keywords

    Help users find your crates. Add keywords = ["bindings", "guest", "cryptography", "extension", "wasi-crypto"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• jumphash, morus, jwt-compact-preview, witnext2, occlum-pal, sightglass-api

  • Latest stable release is old

    It's been over 3 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• time-format, sendfd-new

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["os::unix-apis"] to the Cargo.toml.

    List of available categories

• sightglass-api

  • Could not fetch repository

    We've had trouble cloning git repo from https://github\.com/bytecodealliance/sightglass\.git

  • Missing keywords

    Help users find your crates. Add keywords = ["api-bindings", "benchmarking", "wasm", "sightglass-next", "suite"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• wasi-common-lucet

  • Dependency wasi-common 0.8 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasi-common versions

• as-witx

  • Dependency witx 0.8.5 is significantly outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    witx versions

  • Dependency clap 2.33.1 is outdated

    Consider upgrading to 4.5.31 to get all the fixes and improvements.

    clap versions

• iptrap, cart-cache, iptoasn-webservice, framestream, wasi-crypto-preview, sendfd-new, witx-docgen, as-witx, paseto-wasi07, witx-overview-docgen, rust-aes-keywrap, witx-lucet-bindings-gen

  • Latest stable release is old

    It's been over 4 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• libhydrogen-sys, wasmsign, wasi-crypto-guest, paseto-wasi07

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["cryptography"] to the Cargo.toml.

    List of available categories

• wit-component-update, witnext2, sightglass-api

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["wasm"] to the Cargo.toml.

    List of available categories

• iptoasn-webservice, sightglass, witx-docgen, witx-lucet-bindings-gen

  • Dependency clap 2 is outdated

    Consider upgrading to 4.5.31 to get all the fixes and improvements.

    clap versions

• iptoasn-webservice, sightglass, witx-docgen, witx-lucet-bindings-gen

  • Imprecise dependency requirement clap = 2

    Cargo does not always pick latest versions of dependencies! Specify the version as clap = "4.5.31". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    clap versions

• framestream

  • Missing keywords

    Help users find your crates. Add keywords = ["stream", "frame", "protocols"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• sightglass, socket-priority, bpf, wasi-common-lucet, xlru-cache, padme-padding, fehler-more, ipext

  • Latest stable release is old

    It's been over 5 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

• witx-overview-docgen

  • Dependency witx 0.8.5 is significantly outdated

    Consider upgrading to 0.9.1 to get all the fixes and improvements.

    witx versions

  • Dependency clap 2.33.1 is outdated

    Consider upgrading to 4.5.31 to get all the fixes and improvements.

    clap versions

• bpf

  • Missing keywords

    Help users find your crates. Add keywords = ["filter", "attach", "ebpf"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• occlum-pal

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["hardware-support"] to the Cargo.toml.

    List of available categories

• xfailure

  • Latest stable release is old

    It's been over 7 years. Is this crate still maintained? Make a new release, either to refresh it, or to set

    [badges.maintenance]
    status = "deprecated"
    

    (or "as-is", "passively-maintained").

    Maintenance status field docs

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["rust-patterns"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["macro", "failure", "helper"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• xlru-cache

  • License MIT/Apache-2.0 is not in SPDX syntax

    Use OR instead of /.

    SPDX license list

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["caching"] to the Cargo.toml.

    List of available categories

• rust-aes-keywrap

  • Dependency aes 0.5 is significantly outdated

    Upgrade to 0.8.4 to get all the fixes, and avoid causing duplicate dependencies in projects.

    aes versions

• witx-generate-raw

  • Dependency heck 0.3.2 is outdated

    Upgrade to 0.5.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    heck versions

  • Missing keywords

    Help users find your crates. Add keywords = ["generate", "stub", "witx"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• xaes-gcm

  • Dependency getrandom 0.2.12 is outdated

    Consider upgrading to 0.3.1 to get all the fixes and improvements.

    getrandom versions

• ipext

  • Missing keywords

    Help users find your crates. Add keywords = ["ip", "stable", "feature"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• dns-stamp

  • Dependency base64 0.10 is significantly outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

• printtable

  • Missing keywords

    Help users find your crates. Add keywords = ["table", "format", "nicely"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucet-wasi

  • Dependency bindgen 0.51.1 is significantly outdated

    Upgrade to 0.71.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bindgen versions

  • Dependency cast 0.2 is significantly outdated

    Upgrade to 0.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cast versions

  • Dependency nix 0.15 is significantly outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    nix versions

  • Dependency rand 0.6 is significantly outdated

    Upgrade to 0.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rand versions

  • Dependency wasi-common 0.7 is significantly outdated

    Upgrade to 30.0.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasi-common versions

  • Dependency clap 2.23 is outdated

    Upgrade to 4.5.31 to get all the fixes, and avoid causing duplicate dependencies in projects.

    clap versions

  • Missing keywords

    Help users find your crates. Add keywords = ["wasi", "wasm", "lucet", "run-time", "fastly"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucetc

  • Dependency bimap 0.2 is significantly outdated

    Upgrade to 0.6.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bimap versions

  • Dependency cranelift-codegen 0.51.0 is significantly outdated

    Upgrade to 0.117.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-codegen versions

  • Dependency cranelift-entity 0.51.0 is significantly outdated

    Upgrade to 0.117.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-entity versions

  • Dependency cranelift-faerie 0.51.0 has issues

    It may not be actively developed any more. Consider changing the dependency.

    cranelift-faerie crate

  • Dependency cranelift-frontend 0.51.0 is significantly outdated

    Upgrade to 0.117.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-frontend versions

  • Dependency cranelift-native 0.51.0 is significantly outdated

    Upgrade to 0.117.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-native versions

  • Dependency cranelift-wasm 0.51.0 is significantly outdated

    Upgrade to 0.112.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-wasm versions

  • Dependency env_logger 0.6 is significantly outdated

    Upgrade to 0.11.6 to get all the fixes, and avoid causing duplicate dependencies in projects.

    env_logger versions

  • Dependency goblin 0.0.24 is significantly outdated

    Upgrade to 0.9.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    goblin versions

  • Dependency raw-cpuid 6.0.0 is significantly outdated

    Upgrade to 11.4.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    raw-cpuid versions

  • Dependency target-lexicon 0.9 is significantly outdated

    Upgrade to 0.13.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    target-lexicon versions

  • Dependency wabt 0.9.2 is significantly outdated

    Upgrade to 0.10.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wabt versions

  • Dependency wasmparser 0.39.1 is significantly outdated

    Upgrade to 0.226.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    wasmparser versions

  • Locked dependency version wasmonkey =0.1.9

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    wasmonkey versions

  • Dependency clap 2.32 is outdated

    Upgrade to 4.5.31 to get all the fixes, and avoid causing duplicate dependencies in projects.

    clap versions

  • Dependency cranelift-module 0.51.0 is outdated

    Upgrade to 0.117.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-module versions

  • Dependency faerie 0.12.0 is outdated

    Upgrade to 0.16.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    faerie versions

  • Dependency memoffset 0.5.1 is outdated

    Upgrade to 0.9.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    memoffset versions

  • Dependency minisign 0.5.11 is outdated

    Upgrade to 0.7.9 to get all the fixes, and avoid causing duplicate dependencies in projects.

    minisign versions

  • Dependency parity-wasm 0.41 is significantly outdated

    Upgrade to 0.45.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    parity-wasm versions

  • Dependency wasmonkey =0.1.9 is slightly outdated

    Consider upgrading to 0.1.17 to get all the fixes and improvements.

    wasmonkey versions

  • Missing keywords

    Help users find your crates. Add keywords = ["compiler", "wasm", "native", "wasi", "fastly"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucet-runtime-internals

  • Dependency getrandom =0.1.3 is significantly outdated

    Upgrade to 0.3.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    getrandom versions

  • Dependency libloading 0.5 is significantly outdated

    Upgrade to 0.8.6 to get all the fixes, and avoid causing duplicate dependencies in projects.

    libloading versions

  • Dependency nix 0.15 is significantly outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    nix versions

  • Dependency raw-cpuid 6.0.0 is significantly outdated

    Upgrade to 11.4.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    raw-cpuid versions

  • Locked dependency version getrandom =0.1.3

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    getrandom versions

  • Dependency bitflags 1.0 is outdated

    Upgrade to 2.8.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bitflags versions

  • Dependency memoffset 0.5.2 is outdated

    Upgrade to 0.9.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    memoffset versions

  • Dependency num-derive 0.3.0 is outdated

    Upgrade to 0.4.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    num-derive versions

  • Missing keywords

    Help users find your crates. Add keywords = ["run-time", "wasm-module", "sandbox", "lucet-runtime", "running"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• geoip

  • Dependency rustc-serialize 0.3 has issues

    It may not be actively developed any more. Consider changing the dependency.

    rustc-serialize crate

  • Imprecise dependency requirement lazy_static = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as lazy_static = "1.5.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    lazy_static versions

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["date-and-time"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["bindings", "city", "legacy"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucet-module-data

  • Dependency bincode ~1.0.1 is significantly outdated

    Upgrade to 1.3.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    bincode versions

  • Dependency cranelift-codegen 0.31.0 is significantly outdated

    Upgrade to 0.117.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    cranelift-codegen versions

  • Dependency minisign = 0.5.11 is significantly outdated

    Upgrade to 0.7.9 to get all the fixes, and avoid causing duplicate dependencies in projects.

    minisign versions

  • Dependency num-derive 0.2 is significantly outdated

    Upgrade to 0.4.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    num-derive versions

  • Dependency object 0.12 is significantly outdated

    Upgrade to 0.36.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    object versions

  • Locked dependency version minisign = 0.5.11

    This can easily cause a dependency resolution conflict. If you must work around a semver-breaking dependency that can't be yanked, use a range of versions or fork it.

    minisign versions

  • Missing keywords

    Help users find your crates. Add keywords = ["module", "lucet", "metadata", "serialization", "values"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucet-runtime-tests, lucetc, lucet-wasi, lucet-runtime, lucet-wasi-sdk, lucet-runtime-internals, lucet-module-data, lucet-analyze

  • Could not fetch repository

    We've had trouble cloning git repo from https://github\.com/fastly/lucet\.git

• geoip-sys

  • Missing categories

    Categories improve browsing of lib.rs and crates.io. Add categories = ["database"] to the Cargo.toml.

    List of available categories

  • Missing keywords

    Help users find your crates. Add keywords = ["geo-ip", "bindings", "low-level", "city", "database"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucet-runtime

  • Dependency num-derive 0.3.0 is outdated

    Upgrade to 0.4.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    num-derive versions

  • Missing keywords

    Help users find your crates. Add keywords = ["run-time", "lucet", "wasm", "signal-handler", "memory"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

  • Published crate contains binary files

    The crate contains binary files (ELF lib). Crates are meant to be compiled from source. Please check that you haven't published temporary build files by accident. If you have test fixtures, consider excluding them from crates-io tarball, since Cargo doesn't run tests from crates-io packages.

    Audit page

• lucet-runtime-tests

  • Missing keywords

    Help users find your crates. Add keywords = ["testing", "wasm", "lucet", "run-time", "pure"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucetc, lucet-wasi-sdk, lucet-runtime-internals

  • Dependency thiserror 1.0.4 is a bit outdated

    Consider upgrading to 2.0.11 to get all the fixes and improvements.

    thiserror versions

• lucet-analyze

  • Dependency colored 1.6.1 is significantly outdated

    Consider upgrading to 3.0.0 to get all the fixes and improvements.

    colored versions

  • Dependency goblin 0.0.21 is significantly outdated

    Consider upgrading to 0.9.3 to get all the fixes and improvements.

    goblin versions

  • Dependency lucet-module-data 0.1.1 has issues

    It may not be actively developed any more. Consider changing the dependency.

    lucet-module-data crate

  • Missing keywords

    Help users find your crates. Add keywords = ["lucet", "deprecated", "wasm", "now", "package"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• lucet-wasi-sdk

  • Missing keywords

    Help users find your crates. Add keywords = ["wasi", "compiler", "lucet", "wasi-sdk", "wasm"] (up to 5) to the Cargo.toml. Best keywords are alternative terms or their spellings that aren't in the name or description. Also add a keyword that precisely categorizes this crate and groups it with other similar crates.

• hiae, elimac, banana-slicer

  • Crate contains junk files

    The crate contains boilerplate Rust files with no real functionality.

• hiae

  • No readme property

    Specify path to a README file for the project, so that information about is included in the crates.io tarball.

• wasi-compat

  • Crate is 'reserved'

    Please be respectful of crates.io and don't squat crate names.

    It's OK if you intend to publish this project in the near future. Keep in mind that even if you have good intentions, things may not go as planned. crates.io won't reclaim abandoned crates, so reserving good names may end up wasting the good names.

• areion

  • Crate is 'reserved'

    Please be respectful of crates.io and don't squat crate names.

No issues found in: minisign-verify ct-codecs aes-keywrap benchmark-simple nonce-extension polymur-hash rocca rust-blind-rsa-signatures cart

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.