Expand description
Dependency-graph queries over a parsed lockfile.
The headline use is answering “why is this crate in my tree?” — the shortest path from a local/workspace crate down to a given dependency. That turns a bare finding (“openssl-sys is native FFI”) into actionable triage (“you pull it in via reqwest → native-tls → openssl-sys”).
Pure and allocation-bounded: it walks crate names (the granularity Cargo
records in [[package]].dependencies), multi-source BFS from every local
crate, recording the first (shortest) path discovered to each name.
Functions§
- dependency_
paths - Map of crate name -> shortest dependency path (inclusive of both the root crate and the target), following forward dependency edges from any local (workspace) crate. Names only — version-agnostic, matching the lockfile’s dependency granularity.
- format_
path - Render a path as
a → b → c.