[−][src]Crate cargo_lock

cargo-lock: Self-contained Cargo.lock parser/serializer with support for both the V1 and V2 (merge-friendly) formats, as well as optional dependency tree analysis features. Used by RustSec.

Usage Example

use cargo_lock::Lockfile;

let lockfile = Lockfile::load("Cargo.lock").unwrap();
println!("number of dependencies: {}", lockfile.packages.len());

Command Line Interface

This crate provides a cargo lock Cargo subcommand which can be installed by running the following:

$ cargo install cargo-lock

It supports the following subcommands:

`list`: summarize packages in `Cargo.lock`

The cargo lock list subcommand provides a short synopsis of the packages enumerated in Cargo.lock:

$ cargo lock list
- autocfg 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)
- cargo-lock 3.0.0
- fixedbitset 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)
- gumdrop 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)
- gumdrop_derive 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)
- idna 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)
- indexmap 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)
- matches 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)
[...]

`translate`: convert `Cargo.lock` files between the V1 and V2 formats

The cargo lock translate subcommand can translate V1 Cargo.lock files to the new V2 format and vice versa:

$ cargo lock translate

...will translate Cargo.lock to the V2 format. To translate a V2 Cargo.lock file back to the V1 format, use:

$ cargo lock translate --v1

`tree`: provide information for how a dependency is included

The cargo lock tree subcommand (similar to the cargo-tree command) can provide a visualization of how a particular dependency is being used in your project, by consulting Cargo.lock alone:

$ cargo lock tree syn
syn 1.0.14
├── serde_derive 1.0.104
│   └── serde 1.0.104
│       ├── toml 0.5.6
│       │   └── cargo-lock 3.0.0
│       ├── semver 0.9.0
│       │   └── cargo-lock 3.0.0
│       └── cargo-lock 3.0.0
└── gumdrop_derive 0.7.0
   └── gumdrop 0.7.0
       └── cargo-lock 3.0.0

Dependency tree API

When the dependency-tree feature of this crate is enabled, it supports computing a directed graph of the dependency tree expressed in the lockfile, modeled using the petgraph crate, along with support for printing dependency trees ala the cargo-tree crate, a CLI intreface for which is provided by the cargo lock tree subcommand described above.

This same graph representation of a Cargo.lock file is programatically available via this crate's API.

Re-exports

pub use self::dependency::Dependency;

pub use self::error::Error;

pub use self::error::ErrorKind;

pub use self::lockfile::Lockfile;

pub use self::lockfile::ResolveVersion;

pub use self::metadata::Metadata;

pub use self::package::Checksum;

pub use self::package::Name;

pub use self::package::Package;

pub use self::package::SourceId;

pub use self::patch::Patch;

Modules

dependency	Package dependencies
error	Error types
lockfile	Parser for `Cargo.lock` files
metadata	Package metadata
package	Rust packages enumerated in `Cargo.lock`
patch	The `[[patch]]` section

Structs

Version

Represents a version number conforming to the semantic versioning scheme.