Rust - Cargo

Note

The support for this language is currently in beta. Vulnerability results may be less accurate than normal.

We support tracking Rust dependencies installed using Cargo (opens new window), Rust's default package manager. Specifically, we look at Cargo's lock file, Cargo.lock. This file is generated whenever one of the following is run:

cargo build

cargo update

By keeping this file committed to your repository, we will automatically scan it for dependencies, vulnerabilities and licenses when you have done any of our integrations to your CI/CD pipeline.