Lib.rs

Issues found

Based on crates you own that have been published to crates.io. The best way to monitor these issues is to subscribe to the atom feed in your RSS reader.

• mmap-io

  • Dependency memmap2 0.7 is significantly outdated

    Upgrade to 0.9.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    In Cargo, different 0.x versions are considered incompatible, so this is a semver-major upgrade.

    memmap2 versions

  • Failed to verify create's content against its repository

    Partially verified 36 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v0.9.4'.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.

    Fetched https://github.com/asotex/mmap-io.git tagged v0.9.3 (b94dc44c7f129b5bc5320d26d32eedc9707b7057).

    Checked on 2025-08-24

    This check is experimental.

    Forum thread

  • Optional dependency 'tokio' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'tokio' may have been unintentional.

    Crate features

• mod-cli

  • Dependency terminal_size 0.3 is significantly outdated

    Upgrade to 0.4.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    terminal_size versions

  • Imprecise dependency requirement serde = 1

    Cargo does not always pick latest versions of dependencies! Specify the version as serde = "1.0.228". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    This crate does not bump semver-minor when adding new features, so to be safe you get all the features/APIs/fixes that your crate depends on, require a more specific patch version.

    serde versions

  • Published crate doesn't match its repository

    Partially verified 107 files (includes 3 Cargo-generated).

    Files in the crates.io crate compared to the repository:

    • Cargo.lock exists, but elsewhere in the repo.

    Looked for the crate in modcli/. Fetched https://github.com/jamesgober/mod-cli.git tagged v0.6.4 (0be480ec85e4b8993e41d6afd5a1265b9099edce).

    Checked on 2025-09-14

    Forum thread

  • Dependency console 0.15 is a bit outdated

    Consider upgrading to 0.16.1 to get all the fixes and improvements.

    console versions

  • Dependency crossterm 0.27.0 is outdated

    Upgrade to 0.29.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    crossterm versions

  • Dependency image 0.24 is outdated

    Upgrade to 0.25.8 to get all the fixes, and avoid causing duplicate dependencies in projects.

    image versions

• network-protocol

  • Dependency tokio-rustls 0.24 is significantly outdated

    Upgrade to 0.26.4 to get all the fixes, and avoid causing duplicate dependencies in projects.

    tokio-rustls versions

  • Dependency rand_chacha 0.3 is outdated

    Upgrade to 0.9.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rand_chacha versions

  • Dependency rand_core 0.6 is outdated

    Consider upgrading to 0.9.3 to get all the fixes and improvements.

    rand_core versions

  • Dependency rcgen 0.11 is outdated

    Upgrade to 0.14.5 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rcgen versions

  • Dependency rustls 0.21 is significantly outdated

    Upgrade to 0.23.32 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls versions

  • Dependency rustls-native-certs 0.6 is outdated

    Upgrade to 0.8.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    rustls-native-certs versions

  • Dependency rustls-pemfile 1.0 is outdated

    Upgrade to 2.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    Easy way to bump dependencies: cargo install cargo-edit; cargo upgrade -i; Also check out Dependabot service on GitHub.

    rustls-pemfile versions

  • Dependency toml 0.8 is outdated

    Upgrade to 0.9.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    toml versions

• mmap-io, config-lib, noml, error-forge, proc-daemon, network-protocol, daemon-base

  • Dependency thiserror 1.0 is outdated

    Consider upgrading to 2.0.17 to get all the fixes and improvements.

    thiserror versions

• config-lib

  • Dependency quick-xml 0.31 is significantly outdated

    Upgrade to 0.38.3 to get all the fixes, and avoid causing duplicate dependencies in projects.

    quick-xml versions

  • Dependency base64 0.21 is outdated

    Upgrade to 0.22.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    base64 versions

• proc-daemon

  • Dependency async-std 1.12 has issues

    It may not be actively developed any more. Consider changing the dependency.

    async-std crate

  • Dependency metrics 0.17 is significantly outdated

    Upgrade to 0.24.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    metrics versions

  • Dependency console 0.15 is a bit outdated

    Consider upgrading to 0.16.1 to get all the fixes and improvements.

    console versions

  • Dependency nix 0.29 is outdated

    Upgrade to 0.30.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    nix versions

  • Dependency notify 6.1 is outdated

    Upgrade to 8.2.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    notify versions

  • Dependency pprof 0.13 is outdated

    Upgrade to 0.15.0 to get all the fixes, and avoid causing duplicate dependencies in projects.

    pprof versions

  • Dependency toml 0.8 is outdated

    Upgrade to 0.9.7 to get all the fixes, and avoid causing duplicate dependencies in projects.

    toml versions

  • Dependency windows 0.58 is outdated

    Upgrade to 0.62.1 to get all the fixes, and avoid causing duplicate dependencies in projects.

    windows versions

  • Failed to verify create's content against its repository

    Partially verified 42 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v0.9.0'.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.

    Fetched https://github.com/jamesgober/proc-daemon.git 21148b5b6bc316f8c3bd024da18a3a8f43b5f943.

    Checked on 2025-09-07

    Forum thread

  • Optional dependency 'notify' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Features 'notify', 'windows', 'serde_json' may have been unintentional.

    Crate features

• noml

  • Dependency reqwest 0.11 is outdated

    Upgrade to 0.12.23 to get all the fixes, and avoid causing duplicate dependencies in projects.

    reqwest versions

  • Failed to verify create's content against its repository

    Partially verified 44 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from a different commit than the commit tagged by git tag 'v0.9.0'.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.

    Fetched https://github.com/noml-lang/noml-rust.git a25ea35808ba5bcc0c0705f08b4bd8bbb66d6e6d.

    Checked on 2025-09-21

    Forum thread

• error-forge

  • Dependency rand 0.8.5 is outdated

    Consider upgrading to 0.9.2 to get all the fixes and improvements.

    rand versions

  • Optional dependency 'error-forge-derive' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'error-forge-derive' may have been unintentional.

    Crate features

• benchmark

  • Imprecise dependency requirement hdrhistogram = 7

    Cargo does not always pick latest versions of dependencies! Specify the version as hdrhistogram = "7.5.0". If Cargo.lock ends up having an unexpectedly old version of the dependency, you might get a dependency that lacks features/APIs or important bugfixes that you depend on. This is most likely to happen when using the minimal-versions flag, used by users of old Rust versions.

    If you want to keep using truly minimal dependency requirements, please make sure you test them in CI with -Z minimal-versions Cargo option, because it's very easy to accidentally use a feature added in a later version.

    hdrhistogram versions

• metrics-lib

  • Dependency sysinfo 0.29 is outdated

    Upgrade to 0.37.2 to get all the fixes, and avoid causing duplicate dependencies in projects.

    sysinfo versions

• mod-cli, mod-events

  • Dependency thiserror 1.0.56 is outdated

    Consider upgrading to 2.0.17 to get all the fixes and improvements.

    thiserror versions

• network-protocol, aether-protocol

  • Dependency bincode 1.3 is a bit outdated

    Consider upgrading to 2.0.1 to get all the fixes and improvements.

    bincode versions

• daemon-base

  • Failed to verify create's content against its repository

    Partially verified 19 files (includes 2 Cargo-generated).

    • warning: Crate tarball has been published from a different commit than the commit tagged by git tag '0.1.1'.
      • Create git tags after comitting any changes, and commit changes after bumping versions and running cargo update.

    Fetched https://github.com/jamesgober/daemon-base.git 568be2c5fb0e02b600fb409f355ca5d6a35a358f.

    Checked on 2025-03-21

    Forum thread

  • Optional dependency 'tokio' exposed as an implicit feature

    Cargo automatically makes publicly-available crate features for every optional dependency, unless the dependencies are referenced using dep: syntax. Feature 'tokio' may have been unintentional.

    Crate features

• error-forge-derive

  • No repository property

    Specify git repository URL in Cargo.toml to help users find more information, contribute, and for lib.rs to read more info.

  • Dependency syn 1.0 is significantly outdated

    Upgrade to 2.0.106 to get all the fixes, and avoid causing duplicate dependencies in projects.

    syn versions

  • No readme property

    Specify path to a README file for the project, so that information about is included in the crates.io tarball.

• healthcheck

  • Crate is 'reserved'

    Please be respectful of crates.io and don't squat crate names.

    It's OK if you intend to publish this project in the near future. Keep in mind that even if you have good intentions, things may not go as planned. crates.io won't reclaim abandoned crates, so reserving good names may end up wasting the good names.

No issues found in: nanobit

If some of these crates are unmaintained and shouldn't be checked, yank them or add [badges.maintenance]
status = "deprecated" to their Cargo.toml.