Is gix-merge safe to use?

gix-merge has 1 known vulnerabilities on the latest version (0.16.0). DepScope rates its health at 78/100 (moderate risk).

What is the latest version of gix-merge?

The latest version of gix-merge is 0.16.0, released 2026-04-27.

Does gix-merge have known vulnerabilities?

Yes. gix-merge has 1 known vulnerabilities. See depscope.dev/pkg/cargo/gix-merge for details.

Is gix-merge deprecated?

No, gix-merge is actively maintained. Latest release: 0.16.0 (2026-04-27).

What are alternatives to gix-merge?

Popular alternatives to gix-merge in Cargo include: hashbrown, getrandom, windows-sys, syn.

What license does gix-merge use?

gix-merge is licensed under MIT OR Apache-2.0.

gix-merge

cargov0.16.0

A crate of the gitoxide project implementing merge algorithms

License MIT OR Apache-2.0permissive18 versions0 deps295,747 weekly dl

GitoxideLabs/gitoxide

/ 100

Health

safe to use

[email protected] is safe to use (health: 78/100)

Update to >= 0.18.0 to fix known vulnerabilities

Health breakdown0 – 100

25/25

maintenance

14/20

popularity

23/25

security

9/15

maturity

7/15

community

Vulnerabilities

1 medium

Advisories (1)

Severity	ID	Summary	Fixed in
medium	CVE-2025-31130	gitoxide does not detect SHA-1 collision attacks	0.18.0

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/cargo/gix-merge