Crate rust_secure_dependency_audit 

rust_secure_dependency_audit

A comprehensive tool for auditing Rust project dependencies, providing insights into:

• Health scoring: Assess dependency maintenance status and community activity
• License analysis: Identify license risks and compliance issues
• Footprint estimation: Evaluate dependency bloat for embedded/mobile projects
• Risk assessment: Detect stale, unmaintained, or risky dependencies

Quick Start

use rust_secure_dependency_audit::{audit_project, AuditConfig};
use std::path::Path;

let config = AuditConfig::default();
let report = audit_project(Path::new("."), &config).await?;

for dep in report.dependencies {
    println!("{}: {} (score: {})", dep.name, dep.status, dep.health_score);
}

Features

• Parallel metadata fetching for fast analysis
• Configurable health scoring heuristics
• Support for crates.io and Git-hosted dependencies
• Comprehensive license categorization (SPDX)
• CLI tool with multiple output formats (JSON, Markdown)

Structs

AuditConfig

Main configuration for the audit process

AuditReport

Complete audit report for a Rust project

DependencyHealth

Health information for a single dependency

FootprintThresholds

Footprint risk thresholds

LicensePolicy

License policy configuration

NetworkConfig

Network configuration for API calls

ScoringWeights

Weights for different components of the health score

StalenessThresholds

Thresholds for determining staleness

Enums

AuditError

Main error type for audit operations

HealthStatus

Health status categories

LicenseRisk

License risk categorization

Functions

audit_project

Audit a Rust project and generate a health report

Type Aliases

Result

Result type alias for audit operations