Skip to main content

Module build

toolkit_zero::dependency_graph

Module build 

Source
Expand description

Build-time fingerprint generator for use in a downstream build.rs.

Produces ironprint.json in $OUT_DIR: a compact, normalised, deterministically sorted JSON document capturing a stable snapshot of the build environment.

§Functions

FunctionDescription
generate_ironprintAlways call this. Writes compact ironprint.json to $OUT_DIR and emits cargo:rerun-if-changed directives.
exportOptional. Writes a pretty-printed ironprint.json alongside Cargo.toml for local inspection. Pass false or condition on cfg!(debug_assertions) to suppress in release builds.

§Sections captured

SectionContents
packageCrate name and version
buildProfile, opt-level, target triple, rustc version, and active feature flags
depsFull normalised cargo metadata dependency graph (sorted, no absolute paths)
cargo_lock_sha256SHA-256 of Cargo.lock (comment lines stripped)
sourceSHA-256 of every .rs file under src/

§Usage

In the downstream crate’s build.rs:

fn main() {
    toolkit_zero::dependency_graph::build::generate_ironprint()
        .expect("ironprint generation failed");
    // optional — pretty-print alongside Cargo.toml for local inspection
    toolkit_zero::dependency_graph::build::export(cfg!(debug_assertions))
        .expect("ironprint export failed");
}

Embed the fingerprint in the binary:

const IRONPRINT: &str = include_str!(concat!(env!("OUT_DIR"), "/ironprint.json"));

§Concerns

  • Not tamper-proof — the fingerprint resides as plain text in the binary’s read-only data section. It is informational in nature; it does not constitute a security boundary.
  • Export fileexport(true) writes ironprint.json to the crate root. Add it to .gitignore to prevent unintentional commits.
  • Build-time overheadcargo metadata is executed on every rebuild. The cargo:rerun-if-changed directives restrict this to changes in src/, Cargo.toml, or Cargo.lock.
  • Path stripping — absolute paths (workspace_root, manifest_path, src_path, path, and others) are removed from cargo metadata output to ensure the fingerprint is stable across machines and checkout locations.
  • Feature scopebuild.features captures the active features of the crate being built, not toolkit-zero’s own features.
  • Compile-time only — the snapshot does not update at runtime.

Enums§

IronprintError
Errors that can occur while generating ironprint.json.

Functions§

export
Write a pretty-printed ironprint.json alongside the crate’s Cargo.toml when enabled is true.
generate_ironprint
Generate ironprint.json in $OUT_DIR.