Crate dep_insight

Crate dep_insight 

Source
Expand description

§dep-insight

purpose: help you understand and analyze dependencies in rust projects

this library lets you scan cargo projects to find duplicates, security issues, license problems, and heavy dependencies. you can use it as a library or through the cargo dep-insight command line tool.

§example

use dep_insight::analyze_project;

let report = analyze_project(".", false).expect("failed to analyze");
println!("found {} dependencies!", report.summary.total_dependencies);

Re-exports§

pub use report::DuplicateGroup;
pub use report::LicenseViolation;
pub use report::Report;
pub use report::Suggestion;
pub use report::Vulnerability;
pub use report::LicenseViolation as LicenseFinding;

Modules§

analyzer
purpose: build the dependency graph and find cool patterns in it params: none, this is a module args: none raise: none returns: analysis functions
config
purpose: load and validate settings from .depinsight.toml files params: none, this is a module args: none raise: none returns: config structures
parser
purpose: read and understand cargo.toml and cargo.lock files params: none, this is a module args: none raise: none returns: parser functions
report
purpose: holds all the cool data about what we found in the project params: none, this is a module args: none raise: none, just structs returns: data types we can use everywhere
risk
purpose: check for security problems and license issues params: none, this is a module args: none raise: none returns: risk checking functions
utils
purpose: helper functions that lots of other modules need params: none, this is a module args: none raise: none returns: utility functions
visualize
purpose: make pretty html graphs you can open in your browser params: none, this is a module args: none raise: none returns: visualization functions

Functions§

analyze_project
purpose: analyze a rust project and return a full report params: path -> where the project lives on your computer, run_audit -> whether to check for vulnerabilities args: uses config from .depinsight.toml if it exists raise: returns error if the path is not a cargo project or we can’t read files returns: a report with numbers and lists you can show to your friends
analyze_project_with_config
purpose: analyze a rust project with a custom config file params: path -> project location, config_path -> optional custom config file, run_audit -> whether to check for vulnerabilities args: none raise: returns error if the path is not a cargo project or config is invalid returns: a report with analysis results
report_to_json
purpose: convert a report to json text params: report -> the report to convert args: none raise: error if serialization fails returns: json string you can save to a file