dev-deps 0.1.0

Dependency health checking for Rust. Unused, outdated, policy-violating deps. Wraps cargo-udeps and cargo-outdated. Part of the dev-* verification suite.
Documentation
  • Coverage
  • 100%
    32 out of 32 items documented1 out of 13 items with examples
  • Size
  • Source code size: 45.64 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 651.07 kB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 17s Average build duration of successful builds.
  • all releases: 17s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Homepage
  • jamesgober/dev-deps
    0 0 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • jamesgober

What it does

dev-deps answers three questions about your dependency tree:

  • Are any declared dependencies actually unused?
  • Are any outdated, and by how many major versions?
  • Are any flagged by policy (license, banned, source)?

Wraps cargo-udeps and cargo-outdated. Emits findings as dev-report::Report so AI agents and CI gates can act on them programmatically.

Quick start

[dependencies]
dev-deps = "0.9"

use dev_deps::{DepCheck, DepScope};

let check = DepCheck::new("my-crate", "0.1.0").scope(DepScope::All);
let result = check.execute()?;
let report = result.into_report();
println!("{}", report.to_json()?);
# Ok::<(), Box<dyn std::error::Error>>(())

Requirements

cargo install cargo-udeps cargo-outdated

cargo-udeps requires nightly Rust. The crate handles that transparently when it shells out.

Scopes

Scope What it runs
Unused cargo-udeps only.
Outdated cargo-outdated only.
All Both.

Severity assignment

Finding Severity
Unused dependency Warning
Outdated, 0-1 major behind Info
Outdated, 2+ major behind Warning

Verdicts are Warn, not Fail, by default — dependency health is advisory, not blocking. You can configure this via thresholds in later releases.

The dev-* suite

See dev-tools for the full suite.

Status

v0.9.0 is the foundation release: API shape defined, subprocess integration lands in 0.9.1. Production use is discouraged until 1.0.

Minimum supported Rust version

1.85 — pinned in Cargo.toml and verified by CI.

License

Apache-2.0. See LICENSE.