๐Ÿ“ฆ cargo-autodd

December 29, 2025 ยท View on GitHub

A Cargo subcommand that automatically manages dependencies in your Rust projects.

๐Ÿ” Overview

cargo-autodd simplifies Rust dependency management by automatically adding required crates to your Cargo.toml based on use statements, extern crate declarations, and direct references in your code.

cargo-autodd demo

โœจ Features

  • ๐Ÿ”Ž Scans Rust source files for imports and direct references
  • ๐Ÿค– Automatically detects required dependencies
  • โฌ†๏ธ Updates Cargo.toml with the latest stable versions (including patch versions)
  • ๐Ÿ—‘๏ธ Removes unused dependencies
  • ๐Ÿ“Š Generates dependency usage reports
  • ๐Ÿ”’ Checks for security vulnerabilities
  • ๐Ÿข Supports Cargo workspaces and monorepo structures
  • ๐Ÿ›ก๏ธ Handles internal crates with path dependencies correctly
  • ๐Ÿ› Debug mode for detailed analysis
  • ๐Ÿ” Detects direct references without use statements (e.g., serde_json::Value)
  • ๐Ÿ”„ Preserves original crate names (handles dashes and underscores correctly)
  • ๐Ÿ‘€ Dry-run mode to preview changes without modifying files
  • โš™๏ธ Configuration file support (.cargo-autodd.toml)
  • ๐Ÿงช Auto-detects dev-dependencies from tests/ directory

๐Ÿ“ฅ Installation

cargo install cargo-autodd

โš™๏ธ Requirements

  • ๐Ÿฆ€ Rust 1.56.0 or later
  • ๐Ÿ“ฆ Cargo

๐Ÿš€ Usage

Command Line Interface

# Show help information
cargo autodd --help

# Analyze and update dependencies in the current project
cargo autodd

# Preview changes without modifying files (dry-run)
cargo autodd --dry-run

# Run with debug mode for detailed analysis
cargo autodd --debug
# or
cargo autodd -d

# Use custom config file
cargo autodd --config /path/to/.cargo-autodd.toml
# or
cargo autodd -c /path/to/.cargo-autodd.toml

Update Dependencies

# Check and update all dependencies to their latest versions
cargo autodd update

Generate Reports

# Generate a detailed dependency usage report
cargo autodd report

Security Check

# Check for security vulnerabilities
cargo autodd security

Monorepo Usage

# Run in the root of your workspace to analyze all crates
cargo autodd

# Run in a specific crate directory within the workspace
cd crates/my-crate
cargo autodd

When using cargo-autodd in a monorepo:

  • Internal crates with path dependencies are automatically detected
  • The tool respects publish = false settings
  • Dependencies are correctly managed across the workspace

Debug Mode

In debug mode, the following detailed information is displayed:

  • ๐Ÿ” Path of detected Rust files
  • ๐Ÿ“ Content of each line being processed
  • ๐Ÿ”Ž Detected use statements and base crate names
  • ๐Ÿ“ฆ Details of nested imports
  • ๐Ÿ”ง Detection of extern crate statements
  • ๐Ÿ“Š Analysis results of each file
  • ๐Ÿ“‹ Final list of crate references

Dry-Run Mode

Preview what changes would be made without actually modifying files:

cargo autodd --dry-run

This shows:

  • Dependencies that would be added
  • Dependencies that would be removed
  • Dev-dependencies detected from tests/ directory

โš™๏ธ Configuration

Create a .cargo-autodd.toml file in your project root to customize behavior:

# Crates to exclude from analysis (e.g., internal crates, false positives)
exclude = ["internal_crate", "another_internal"]

# Additional essential dependencies (never removed automatically)
essential = ["custom_essential_lib"]

# Crates to always treat as dev-dependencies
dev_only = ["proptest", "criterion"]

# Skip tests/ directory analysis entirely
skip_tests = false

Configuration Options

OptionTypeDescription
excludeArrayCrates to skip during analysis
essentialArrayAdditional crates that should never be removed
dev_onlyArrayCrates to always add as dev-dependencies
skip_testsBooleanIf true, skip analyzing tests/ directory

๐Ÿ”„ How It Works

  1. ๐Ÿ“ Analyzes your Rust source files
  2. ๐Ÿ” Detects import statements, external crate declarations, and direct references
  3. ๐Ÿงช Crates used only in tests/ directory are added to [dev-dependencies]
  4. โšก Updates Cargo.toml with required dependencies
  5. โœ… Verifies changes with cargo check
  6. ๐Ÿ”’ Checks for security vulnerabilities
  7. ๐Ÿ“Š Generates detailed reports about dependency usage

๐Ÿข Monorepo Support

cargo-autodd fully supports Cargo workspaces and monorepo structures:

  • ๐Ÿ”„ Correctly detects and handles internal crates within a workspace
  • ๐Ÿ›ก๏ธ Respects publish = false settings for internal crates
  • ๐Ÿ”— Properly handles path dependencies in both standard and inline table formats: 
    # Both formats are supported:
internal-crate = { path = "../internal-crate" }

[dependencies.another-internal-crate]
path = "../another-internal-crate"
  • ๐Ÿšซ Avoids searching for internal crates on crates.io
  • ๐Ÿงฉ Works with workspace inheritance for dependency management

This ensures that your internal crates that aren't meant to be published to crates.io are handled correctly, avoiding errors like Crate 'internal_crate' not found on crates.io.

๐Ÿ‘ฅ Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

๐Ÿ“œ License

This project is licensed under the MIT License - see the LICENSE file for details.

๐Ÿ‘ค Author

nwiizo (@nwiizo)