FOSSA supports Rust codebases through Cargo.
|Tool||Repository Scanning||CI/CD Scanning|
Feature in Alpha
FOSSA's support for Cargo is currently in Alpha.
When Rust code is imported, FOSSA will inspect any
cargo.lock files and download their dependencies for analysis.
- Optional dependencies are currently handled like Java optional dependencies, when they should be enabled/disabled based on features
- FOSSA does not currently understand default/missing features
- FOSSA does not handle path dependencies that point above your repo root
CI/CD Scanning currently does not have support for Cargo builds.
Comment on this GitHub issue to receive updates on fossa-cli support for Rust.
View our docs on adding a new language integration yourself!
Currently, FOSSA supports only public packages on the Cargo registry.
Cargo packages are downloaded and extracted for full code auditing; metadata from the registry and
cargo.toml manifest are parsed and extracted.
Updated 8 months ago