Track and query Cargo dependency graphs.

Related tags

Command-line guppy
Overview

cargo-guppy: track and query dependency graphs

Build Status License License

This repository contains the source code for:

  • guppy: a library for performing queries on Cargo dependency graphs guppy on crates.io Documentation (latest release) Documentation (main)

  • libraries used by guppy:

    • guppy-summaries: a library for managing build summaries listing packages and features guppy-summaries on crates.io Documentation (latest release) Documentation (main)
    • target-spec: an evaluator for Cargo.toml target specifications target-spec on crates.io Documentation (latest release) Documentation (main)

  • integrations for target-spec:

  • tools built on top of guppy:

    • determinator: figure out what packages changed between two revisions determinator on crates.io Documentation (latest release) Documentation (main)
    • cargo-hakari: a command-line tool to manage workspace-hack packages cargo-hakari on crates.io Documentation (latest release) Documentation (main)
      • available in library form as hakari hakari on crates.io Documentation (latest release) Documentation (main)
    • cargo-guppy: an experimental command-line frontend for guppy Documentation (main)

  • and a number of internal tools and test fixtures used to verify that guppy behaves correctly.

Use cases

guppy and cargo-guppy can be used to solve many practical problems related to dependency graphs in large Rust codebases. Some examples -- all of these are available through the guppy library, and will eventually be supported in the cargo-guppy CLI as well:

  • track existing dependencies for a crate or workspace
  • query direct or transitive dependencies of a subset of packages — useful when some packages have greater assurance or reliability requirements
  • figure out what's causing a particular crate to be included as a dependency
  • iterate over reverse dependencies of a crate in topological order
  • iterate over some or all links (edges) in a dependency graph, querying if the link is a build, dev or regular dependency
  • filter out dev-only dependencies while performing queries
  • perform queries based on Cargo features
  • simulate Cargo builds and return what packages and features would be built by it
  • evaluate target specs for platform-specific dependencies
  • generate summary files for Cargo builds, which can be used to:
    • receive CI feedback if a dependency is added, updated or removed, or if new features are added
    • receive CI feedback if a package is added to a high-assurance subset, or if any new features are enabled in an existing package in that subset. This can be used to flag those changes for extra scrutiny.
  • print out a dot graph for a subset of crates, for formatting with graphviz

Still to come:

  • a command-line query language

Development status

The core guppy code in this repository is considered mostly complete and the API is mostly stable.

We're building a number of tools on top of guppy, and those are still are under active development. Tool requirements may cause further changes in the API, but the goal will be to avoid extensive overhauls.

guppy's simulation of Cargo builds is extensively tested against upstream Cargo, and there are no known differences. Comparison testing has found a number of bugs in upstream Cargo, for example:

Production users

cargo-guppy is extensively used by the Diem Core project.

guppy is used for several lint checks. This includes basic rules that look at every workspace package separately:

  • every package has fields like author and license specified
  • crate names and paths should use - instead of _

to more complex rules about the overall dependency graph, such as:

  • some third-party dependencies are banned from the workspace entirely, or only from default builds
  • every workspace package depends on a workspace-hack crate (similar to rustc-workspace-hack)
  • for any given third-party dependency, the workspace only depends on one version of it directly (transitive dependencies to other versions are still allowed)
  • every workspace package is categorized as either production or test-only, and the linter checks that test-only crates are not included in production builds
  • support for overlay features, which allow test-only code to be:
    • included in crates (similar to the #[cfg(test)] annotation)
    • depended on by test-only code in other crates (#[cfg(test)] does not allow this)
    • but guaranteed to be excluded from production builds

In addition, guppy-summaries is used to generate build summaries of packages and features (particularly for high-security subsets of the codebase), and changes to these sets are flagged by Diem's CI (example).

Design

guppy is written on top of the excellent petgraph library. It is a separate codebase from cargo, depending only on the stable cargo metadata format. (Some other tools in this space like cargo-tree use cargo internals directly.)

Minimum supported Rust version

The minimum supported Rust version (MSRV) is 1.58.

While a crate is pre-release status (0.x.x) it may have its MSRV bumped in a patch release. Once a crate has reached 1.x, any MSRV bump will be accompanied with a new minor version.

Contributing

See the CONTRIBUTING file for how to help out.

License

This project is available under the terms of either the Apache 2.0 license or the MIT license.

Comments
  • Elide build metadata for dependencies in `workspace-hack`

    Elide build metadata for dependencies in `workspace-hack`

    Hey @sunshowers!

    We've been using hakari happily for a couple weeks now in the MaterializeInc/materialize repository with one little nit—builds now produce this (harmless) warning:

    warning: /Users/benesch/Sites/materialize/materialize/src/workspace-hack/Cargo.toml: version requirement `0.4.2+5.2.1-patched.2` for dependency `tikv-jemalloc-sys` includes semver metadata which will be ignored, removing the metadata is recommended to avoid confusion

    The reason is that the workspace-hack crate includes the build metadata when it writes the tikv-jemalloc-sys dependency into that crate's Cargo.toml:

    https://github.com/MaterializeInc/materialize/blob/92bd33f24a132018716783be2566f48515b52d67/src/workspace-hack/Cargo.toml#L228

    Manually removing the build metadata from the Cargo.toml doesn't help, since it comes right back on the next cargo hakari generate.

    Seems to me like cargo hakari should unconditionally strip metadata when writing a Cargo.toml? But not sure if there is some wrinkle I'm not seeing.

    opened by benesch 3
  • `cargo-hakari generate` panics in MaterializeInc/materialize

    `cargo-hakari generate` panics in MaterializeInc/materialize

    Porting over @guswynn's issue from the original repository: https://github.com/facebookarchive/cargo-guppy/issues/658.

    cargo hakari generate panics when run against https://github.com/MaterializeInc/materialize. Reproduction instructions:

    $ git clone https://github.com/MaterializeInc/materialize.git
$ cd materialize
$ cargo hakari init my-workspace-hack
$ RUST_BACKTRACE=1 cargo hakari generate
The application panicked (crashed).
Message:  full value should be present
Location: /Users/benesch/.cargo/registry/src/github.com-1ecc6299db9ec823/hakari-0.11.0/src/hakari.rs:680

  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ BACKTRACE ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
                                ⋮ 7 frames hidden ⋮                               
   8: core::panicking::panic_display::h0b3cf32cf3b35897
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/core/src/panicking.rs:72
   9: core::panicking::panic_str::hedee8590c93b39b0
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/core/src/panicking.rs:56
  10: core::option::expect_failed::h0b457b49698c9371
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/core/src/option.rs:1880
  11: hakari::hakari::HakariBuilder::compute::h8c5877c80a9017cf
      at <unknown source file>:<unknown line>
  12: cargo_hakari::command::Command::exec::hec101a2d0b09ce33
      at <unknown source file>:<unknown line>
  13: cargo_hakari::command::Args::exec::h6f37e86ca17b5c4a
      at <unknown source file>:<unknown line>
  14: cargo_hakari::main::h5056dcf6c229d01f
      at <unknown source file>:<unknown line>
  15: std::sys_common::backtrace::__rust_begin_short_backtrace::haffac7619f39d7af
      at <unknown source file>:<unknown line>
  16: std::rt::lang_start::{{closure}}::hdb63a4232a026ebb
      at <unknown source file>:<unknown line>
  17: core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h0c60ab225fafdaa1
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/core/src/ops/function.rs:283
  18: std::panicking::try::do_call::he83c34dec7ecf156
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/panicking.rs:492
  19: std::panicking::try::hf8a127683312d6e6
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/panicking.rs:456
  20: std::panic::catch_unwind::h6bfb2185c735f4ae
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/panic.rs:137
  21: std::rt::lang_start_internal::{{closure}}::he1235e45f833117a
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/rt.rs:148
  22: std::panicking::try::do_call::h600fcfa83f96c092
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/panicking.rs:492
  23: std::panicking::try::h3ab439188ed13993
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/panicking.rs:456
  24: std::panic::catch_unwind::hb86c613836afcf80
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/panic.rs:137
  25: std::rt::lang_start_internal::h94fa211da9d06d56
      at /rustc/897e37553bba8b42751c67658967889d11ecd120/library/std/src/rt.rs:148
  26: _main<unknown>
      at <unknown source file>:<unknown line>

Run with COLORBT_SHOW_HIDDEN=1 environment variable to disable frame filtering.
Run with RUST_BACKTRACE=full to include source snippets.
    opened by benesch 3
  • Upgrade cfg-expr to support parsing of `target_abi` cfg

    Upgrade cfg-expr to support parsing of `target_abi` cfg

    Hi!!

    Over at IOx, we tried to upgrade to ahash 0.8.1. ahash v0.8.1 uses target_abi in some of its cfgs.

    target_abi is currently unstable, but is described in:

    cargo hakari couldn't parse target_abi and fails with this error:

    Error: 
   0: building package graph failed
   1: failed to construct package graph: for package 'ahash 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)': for dependency 'getrandom', parsing target 'cfg(any(target_arch = "wasm32", target_abi = "unknown"))' failed: invalid cfg() expression

    I sent a PR to cfg-expr and it got merged and released as cfg-expr 0.12.0.

    This PR upgrades target-spec to that version and adds a regression test that TargetSpec will parse target_abi correctly.

    Thank you!!!

    opened by carols10cents 3
  • [hakari] elide build metadata when printing dep versions

    [hakari] elide build metadata when printing dep versions

    @sunshowers I wasn't sure how to tackle the format version stuff you mentioned in #52. The existing dep-format-version is documented to only impact the format of the workspace-hack = ... line that gets added to other crates, and now the format of dependencies in the workspace-hack crate itself. Wasn't sure if you wanted to add a new format version option, or just generalize the dep-format-version option and update the various docstrings.

    This commit elides build metadata when printing dependency versions for the workspace-hack crate's Cargo.toml. Without this change, cargo build in the resulting workspace will produce a warning about superfluous build metadata (if a dependency under management has a version that includes build metadata).

    Fix #52.

    opened by benesch 2
  • Bump cargo from 0.60.0 to 0.66.0

    Bump cargo from 0.60.0 to 0.66.0

    Bumps cargo from 0.60.0 to 0.66.0.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 2
  • Update links to the repo since it was moved

    Update links to the repo since it was moved

    Hiiii I was trying to find this repo so I went to https://crates.io/crates/cargo-hakari, clicked on the repository link, saw that https://github.com/facebookarchive/cargo-guppy is archived and 😱😱😱😱

    But then I found this repo! But this repo still links to the old one!!

    I tried to find all places that contained facebookincubator and update them, except for links to issues and PRs.

    I separated the sorts of places that I updated into separate commits in case some shouldn't be updated or I did them wrong.

    opened by carols10cents 2
  • Bump cargo from 0.60.0 to 0.63.1

    Bump cargo from 0.60.0 to 0.63.1

    Bumps cargo from 0.60.0 to 0.63.1.

    Commits
    • d39343d Auto merge of #10806 - ehuss:bump-cargo-util-stable-1.62, r=joshtriplett
    • 20e282b Auto merge of #10785 - ehuss:fix-dead_code-diag, r=Eh2406
    • 6dedcf8 Ignore invalid_target_empty test.
    • 524745d Bump cargo-util version.
    • a748cf5 Auto merge of #10737 - ehuss:revert-num-cpus, r=weihanglo
    • 0cfdbc0 [beta] Revert #10427: switch from num_cpus
    • 4751950 Auto merge of #10707 - ehuss:beta-backport, r=weihanglo
    • 735f2c8 Auto merge of #10677 - likzn:fix_publish_p, r=ehuss
    • 3f052d8 Auto merge of #10659 - Muscraft:prestabilization-inheritance-docs, r=epage
    • 6892cc3 pre-stabilization documentation for workspace inheritance
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 2
  • Bump toml_edit from 0.14.4 to 0.16.2

    Bump toml_edit from 0.14.4 to 0.16.2

    Bumps toml_edit from 0.14.4 to 0.16.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump toml_edit from 0.14.4 to 0.16.1

    Bump toml_edit from 0.14.4 to 0.16.1

    Bumps toml_edit from 0.14.4 to 0.16.1.

    Commits
    • e51f83f chore: Release
    • 9e3491d docs: Update changelog
    • 0c71a0f Merge pull request #404 from epage/limit
    • 1ad4147 fix(parser): Limit recursion to block stackoverflow
    • f284001 chore: Release
    • 83f69ab chore: Update CHANGELOG
    • 3bb6b20 Merge pull request #402 from epage/nom
    • 24a79a7 perf: Speed up compile times with nom
    • 9965ad4 Merge pull request #401 from epage/refactor
    • 3082067 test(parser): Move parser tests next to there definitions
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump toml_edit from 0.14.4 to 0.16.0

    Bump toml_edit from 0.14.4 to 0.16.0

    Bumps toml_edit from 0.14.4 to 0.16.0.

    Commits
    • f284001 chore: Release
    • 83f69ab chore: Update CHANGELOG
    • 3bb6b20 Merge pull request #402 from epage/nom
    • 24a79a7 perf: Speed up compile times with nom
    • 9965ad4 Merge pull request #401 from epage/refactor
    • 3082067 test(parser): Move parser tests next to there definitions
    • 2839693 style(parser): Organize imports
    • dbc70a8 refactor(parser): Encapsulate state
    • eeb2794 refactor(parser): Pull out error constructors
    • 5e50115 refactor(parser): Decouple parsing from state
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump toml_edit from 0.14.4 to 0.15.0

    Bump toml_edit from 0.14.4 to 0.15.0

    Bumps toml_edit from 0.14.4 to 0.15.0.

    Commits
    • d4dc827 chore: Release
    • 949809f docs: Update changelog
    • a235020 chore: Release
    • 5d6e0de chore: Update release process
    • bedf1e2 Merge pull request #362 from epage/newline
    • 6277608 fix(edit): Be smart with default decor for table
    • 181eb84 fix(edit): No newline when first table is dotted
    • 402c5a0 test(edit): Reproduce newline
    • eb348ae Merge pull request #357 from clint-white/fix-typo
    • 5331cfe docs: Fix rendering of emphasis
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump env_logger from 0.9.3 to 0.10.0

    Bump env_logger from 0.9.3 to 0.10.0

    Bumps env_logger from 0.9.3 to 0.10.0.

    Changelog

    Sourced from env_logger's changelog.

    [0.10.0] - 2022-11-24

    MSRV changed to 1.60 to hide optional dependencies

    Fixes

    • Resolved soundness issue by switching from atty to is-terminal

    Breaking Changes

    To open room for changing dependencies:

    • Renamed termcolor feature to color
    • Renamed atty feature to auto-color
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump supports-color from 1.3.1 to 2.0.0

    Bump supports-color from 1.3.1 to 2.0.0

    Bumps supports-color from 1.3.1 to 2.0.0.

    Changelog

    Sourced from supports-color's changelog.

    2.0.0 (2022-12-15)

    Bug Fixes

    • deps: Replace atty with is_terminal (#10) (edf565e5)
      • BREAKING CHANGE: Exported stream types are no longer atty's getting re-exported.

    Commits
    • c3ced07 (cargo-release) version 2.0.0
    • 9c0887c docs: update changelog
    • edf565e fix(deps): Replace atty with is_terminal (#10)
    • 5481a51 (cargo-release) start next development iteration 1.3.2-alpha.0
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump criterion from 0.3.6 to 0.4.0

    Bump criterion from 0.3.6 to 0.4.0

    Bumps criterion from 0.3.6 to 0.4.0.

    Changelog

    Sourced from criterion's changelog.

    [0.4.0] - 2022-09-10

    Removed

    • The Criterion::can_plot function has been removed.
    • The Criterion::bench_function_over_inputs function has been removed.
    • The Criterion::bench_functions function has been removed.
    • The Criterion::bench function has been removed.

    Changed

    • HTML report hidden behind non-default feature flag: 'html_reports'
    • Standalone support (ie without cargo-criterion) feature flag: 'cargo_bench_support'
    • MSRV bumped to 1.57
    • rayon and plotters are optional (and default) dependencies.
    • Status messages ('warming up', 'analyzing', etc) are printed to stderr, benchmark results are printed to stdout.
    • Accept subsecond durations for --warm-up-time, --measurement-time and --profile-time.
    • Replaced serde_cbor with ciborium because the former is no longer maintained.
    • Upgrade clap to v3 and regex to v1.5.

    Added

    • A --discard-baseline flag for discarding rather than saving benchmark results.
    • Formal support for benchmarking code compiled to web-assembly.
    • A --quiet flag for printing just a single line per benchmark.
    • A Throughput::BytesDecimal option for measuring throughput in bytes but printing them using decimal units like kilobytes instead of binary units like kibibytes.

    Fixed

    • When using bench_with_input, the input parameter will now be passed through black_box before passing it to the benchmark.
    Commits
    • 5e27b69 Merge branch 'version-0.4'
    • 4d6d69a Increment version numbers.
    • 935c632 Add Throughput::BytesDecimal. Fixes #581.
    • f82ce59 Remove critcmp code (it belongs in cargo-criterion) (#610)
    • a18d080 Merge branch 'master' into version-0.4
    • f9c6b8d Merge pull request #608 from Cryptex-github/patch-1
    • 8d0224e Fix html report path
    • 2934163 Add missing black_box for bench_with_input parameters. Fixes 566.
    • dfd7b65 Add duplicated benchmark ID to assertion message.
    • ce8259e Bump criterion-plot version number.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Feature request: package ID specification

    Feature request: package ID specification

    It is possible to access the PackageId attached to each crate in a workspace via guppy, but I can't see any functionality to generated a valid package ID specification starting from that PackageId (or, more likely, its PackageMetadata.

    This would be quite convenient when having to issue other cargo commands!

    (Moving this issue over from the other repo 👍🏻 )

    opened by LukeMathWalker 0
  • generate workspace dependencies

    generate workspace dependencies

    Cargo now supports specify workspace.dependencies. Is it possible for cargo-hakari to generate workspace.dependencies so that workspace-hack isn't needed anymore? 🤔

    https://blog.rust-lang.org/2022/09/22/Rust-1.64.0.html#cargo-improvements-workspace-inheritance-and-multi-target-builds

    opened by xxchan 2
  • Add a way not to enable features in workspace crates

    Add a way not to enable features in workspace crates

    This is a direct copy of https://github.com/facebookincubator/cargo-guppy/issues/655; let me know if I should add more details from the discussion there.

    I have a workspace that looks like this, where my-crate: feature1 => x/feature2 means "my-crate has a feature named feature1 which enables feature2 in the dependency x":

    bin/my-app: fips => transitive-dep/fips: => boring-sys/fips

    When I run cargo hakari generate, it adds a line to workspace-hack/Cargo.toml that looks like

    transitive-dep = { git = "...", branch = "...", default-features = false, features = ["fips"] }

    I think haraki is running cargo tree --all-features or something like that. I want it not to enable that feature; it only builds on linux machines and some of the people on my team use Mac. I don't see an existing way to do this:

    $ cargo hakari generate -h
Generate or update the contents of the workspace-hack crate

USAGE:
    cargo-hakari generate [OPTIONS]

OPTIONS:
        --color <COLOR>    Produce color output [default: auto] [possible values: auto, always,
                           never]
        --diff             Print a diff of contents instead of writing them out. Can be combined
                           with `--quiet`
    -h, --help             Print help information
    -q, --quiet            Suppress output
    -v, --verbose          Produce extra output

    Would it be possible to add one?

    opened by jyn514 0
Releases(target-spec-1.3.1)
Owner
guppy
Track and query dependency graphs.
guppy
GitHub
A rust-cli to track and practise all your DSA links :)

Abhyas Abhyas is a Rust command-line application for managing and interacting with a database of links. Features Check Status: Get the total, complete

Harshal Jadhav 3 Nov 25, 2023
Kusa is a simple CLI tool that works on any platform and displays GitHub contribution graphs.

Kusa is a simple CLI tool that works on any platform and displays GitHub contribution graphs. Installation Homebrew (only macOS) $ brew tap Ryu0118/Ku

Ryu 103 Jun 18, 2023
App to collect ram/cpu usage from OS and show it in pretty graphs

System info collector This is simple app to collect data about system cpu and memory usage over time. After collecting results into csv file, html fil

Rafał Mikrut 3 Jul 11, 2023
A cargo plugin to shrink cargo's output

cargo single-line A simple cargo plugin that shrinks the visible cargo output to a single line (okay, in the best case scenario). In principle, the pl

Denis 5 Oct 30, 2022
Cargo-eval - A cargo plugin to quickly evaluate some Rust source code.

cargo eval A cargo plugin to quickly evaluate some Rust source code. Installation $ cargo install --git https://github.com/timClicks/cargo-eval.git Us

Tim McNamara 9 Dec 21, 2022
Cargo-about - 📜 Cargo plugin to generate list of all licenses for a crate 🦀

?? cargo-about Cargo plugin for generating a license listing for all dependencies of a crate See the book ?? for in-depth documentation. Please Note:

Embark 281 Jan 1, 2023
Cargo subcommand for running cargo without dev-dependencies.

cargo-no-dev-deps Cargo subcommand for running cargo without dev-dependencies. This is an extraction of the --no-dev-deps flag of cargo-hack to be use

Taiki Endo 5 Jan 12, 2023
Dead simple, memoized cargo subcommand to hoist cargo-built binaries into the current working directory, written in Rust.

cargo-hoist Dead simple cargo subcommand to hoist cargo-built binaries into scope. stable Install | User Docs | Crate Docs | Reference | Contributing

refcell.eth 6 Nov 9, 2023
Deadliner helps you keep track of the time left for your deadline by dynamically updating the wallpaper of your desktop with the time left.

Deadliner Watch the YouTube video What's Deadliner? Deadliner is a cross-platform desktop application for setting deadline for a project and keeping t

Deadliner 34 Dec 16, 2022
gfold is a CLI-driven application that helps you keep track of multiple Git repositories.

gfold is a CLI-driven application that helps you keep track of multiple Git repositories.

Nick Gerace 215 Jan 4, 2023
Helps you keep track of time for team members across different time zones & DST changes

Teamdate Helps you keep track of time for team members across different timezones and other daylight saving changes based off their location. Because

Alex Snaps 7 Jan 9, 2023
Track activity time from terminal.

Time Tracker This is a command-line time-tracking tool that allows you to manually or automatically time-track your activity. Manual tracking In order

Mario Dujić 4 Mar 14, 2023
Tool to draw low-resolution graphs in terminal

lowcharts Tool to draw low-resolution graphs in terminal. lowcharts is meant to be used in those scenarios where we have numerical data in text files

juanleon lahoz 114 Dec 31, 2022
Tiny Rust library to draw pretty line graphs using ascii characters.

rasciigraph Tiny Rust library to draw pretty line graphs using ascii characters. Usage Add this to your Cargo.toml [dependencies] rasciigraph = "0.1.1

Orhan Balci 54 Jan 6, 2023
A zero-dependency crate for writing repetitive code easier and faster.

akin A zero-dependency crate for writing repetitive code easier and faster. Check Syntax for information about how to use it. Why? Example Syntax NONE

LyonSyonII 36 Dec 29, 2022
A truly zero-dependency crate providing quick, easy, reliable, and scalable access to the name "jordin"

jordin Finally! A truly zero-dependency crate providing quick, easy, reliable, and scalable access to the name "jordin". Additionally, this one-of-a-k

jordin 2 Aug 4, 2022
A lightweight, zero-dependency struct diffing library which allows changed fields to be collected and applied

structdiff A lightweight, zero-dependency struct diffing library which allows changed fields to be collected and applied. Derive Difference on a struc

null 7 Dec 25, 2022
zero-dependency 3d math library in rust

dualquat A lightweight, zero-dependency 3d math library for use in Dual Quaternion based physics simulation. Capable of representing and transforming

null 4 Nov 11, 2022
Generate a dependency list to thank them on README.

thanks-dependencies This generates list of dependencies. I think it's better to publish dependencies explicitly on documentation. Of course users can

keiya sasaki 7 Jan 30, 2023