📖 Introduction

When developing Rust projects, we frequently need to add new crates or remove unused ones. While Rust provides the cargo add command as a standard tool for managing dependencies from the command line:

cargo add serde --features derive

However, cargo add requires manual execution and doesn't detect or remove unused dependencies. To further automate this dependency management process, I developed "cargo-autodd" 🚀.

I developed "cargo-autodd", a CLI tool to automate dependency management in Rust. It analyzes use statements and extern crates to add required crates to Cargo.toml. Release planned this week with nvim support.https://t.co/ZNfOu4AxEd pic.twitter.com/Tsh0KzEiZV

— nwiizo (@nwiizo) 2025年2月16日

🎯 What is cargo-autodd?

cargo-autodd is a tool that automatically analyzes Rust source code to detect required dependencies and updates Cargo.toml accordingly.

github.com

Key features include:

1. 🔍 Analysis of use statements and extern crate declarations in source code
2. 🤖 Automatic detection of required crates
3. ⬆️ Addition of latest stable versions to Cargo.toml
4. 🗑️ Removal of unused crates
5. ⚡ Advanced analysis using rust-analyzer (optional)

🛠️ Technical Details

📊 Project Structure Analysis

The analysis is centered around the DependencyManager struct, which has the following fields:

struct DependencyManager {
    project_root: PathBuf,  // Project root directory
    cargo_toml: PathBuf,    // Path to Cargo.toml
}

🔄 Dependency Analysis Process

The analyze_dependencies method performs analysis in three stages:

1. 🚀 rust-analyzer Analysis (Priority)

let output = Command::new("rust-analyzer")
    .arg("analysis")
    .arg("--workspace")
    .current_dir(&self.project_root)
    .output()?;

1. 📝 Regex Analysis (Fallback)

let use_regex = Regex::new(r"use\s+([a-zA-Z_][a-zA-Z0-9_]*)(::|\s|;)")?;
let extern_regex = Regex::new(r"extern\s+crate\s+([a-zA-Z_][a-zA-Z0-9_]*)")?;

1. ✅ Result Aggregation and Verification
2. Records usage locations and feature flags for each detected crate
3. Excludes standard library crates
4. Eliminates duplicates

📝 Cargo.toml Update Mechanism

The update_cargo_toml method updates dependencies through the following steps:

1. 📖 Reading Current Dependencies

let content = fs::read_to_string(&self.cargo_toml)?;
let mut doc = content.parse::<DocumentMut>()?;

1. ➕ Adding New Dependencies

for (name, crate_ref) in crate_refs {
    if !current_deps.contains(name) && !is_std_crate(name) {
        self.add_dependency(&mut doc, crate_ref)?;
    }
}

1. ➖ Removing Unused Dependencies
2. Preserves essential dependencies specified by is_essential_dep

fn is_essential_dep(name: &str) -> bool {
    let essential_deps = [
        "serde",
        "tokio",
        "anyhow",
        "thiserror",
        "async-trait",
        "futures",
    ];
    essential_deps.contains(&name)
}

📈 Version Management Details

Version management is handled by the get_latest_version method with the following features:

1. 🌐 Fetching Latest Version from crates.io API

let url = format!("https://crates.io/api/v1/crates/{}/versions", crate_name);

1. 🚫 Excluding Yanked Versions

let latest_version = response
    .versions
    .iter()
    .find(|v| !v.yanked)?;

1. 🔢 Applying Semantic Versioning
2. Specifies only major and minor versions
3. Allows automatic patch version updates

Ok(format!("^{}.{}.0", version.major, version.minor))

📚 Best Practices and Usage Guidelines

1. 🔧 Preparation

   • Install rust-analyzer (recommended)
   • Ensure project builds successfully

2. 🚀 Execution Steps

   • Run cargo autodd in the project root directory
   • Review the changes
   • Pay special attention to version specifications
   • Verify dependency consistency with cargo check

3. 🔍 Troubleshooting

   • Falls back to regex analysis if rust-analyzer is unavailable
   • Manually correct any falsely detected dependencies

🔮 Future Plans

Future enhancements planned for cargo-autodd include:

1. 🔍 Enhanced Analysis

   • Macro expansion and dependency analysis
   • More accurate feature flag detection
   • Consideration of conditional compilation (cfg attributes)

2. 📦 Extended Dependency Management

   • Automatic management of dev-dependencies
   • Enhanced workspace support
   • Automatic version conflict resolution

3. 💻 Improved Developer Experience

   • Editor integration (e.g., VSCode extension)
   • More detailed dependency graph visualization
   • CI automation options

🎉 Conclusion

cargo-autodd is a powerful tool for automating dependency management in Rust projects. Its strengths can be summarized in three key areas:

1. ⚡ Enhanced Efficiency

   • Eliminates manual dependency management overhead
   • Maintains project dependencies at latest necessary versions
   • Improves maintainability through automated version management

2. 🔒 Ensured Safety

   • Accurate dependency analysis using rust-analyzer
   • Proper handling of semantic versioning
   • Protection of essential dependencies

3. 🎯 Improved Developer Experience

   • Simple usage pattern
   • Reduced maintenance time through automation
   • Clear visualization of project dependencies

These features allow developers to focus more on essential coding tasks. As an open-source project, it continues to evolve through community feedback and contributions.

cargo-autodd is expected to become an increasingly important tool as the Rust ecosystem matures. We hope it serves as an effective solution to the challenge of dependency management for many developers in the Rust community. 🚀

日本語版:

syu-m-5151.hatenablog.com