The FOSSA Developer Hub

Welcome to the FOSSA developer hub. You'll find comprehensive guides and documentation to help you start working with FOSSA as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    


FOSSA support for Rust / Cargo projects

FOSSA supports Rust codebases through Cargo.


Repository Scanning

CI/CD Scanning


cargo.toml or cargo.lock



Feature in Alpha

FOSSA's support for Cargo is currently in Alpha.

Repository Scanning

When Rust code is imported, FOSSA will inspect any cargo.toml or cargo.lock files and download their dependencies for analysis.

Known Limitations:

  • Optional dependencies are currently handled like Java optional dependencies, when they should be enabled/disabled based on features
  • FOSSA does not currently understand default/missing features
  • FOSSA does not handle path dependencies that point above your repo root

CI/CD Scanning

CI/CD Scanning currently does not have support for Cargo builds.

  1. Comment on this GitHub issue to receive updates on fossa-cli support for Rust.

  2. View our docs on adding a new language integration yourself!

Package Data

Currently, FOSSA supports only public packages on the Cargo registry.

Cargo packages are downloaded and extracted for full code auditing; metadata from the registry and cargo.toml manifest are parsed and extracted.

Updated about a year ago


FOSSA support for Rust / Cargo projects

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.