Workflow: Cargo Ecosystem ​
Updated Mar 2026Overview ​
Cargo is Rust's build system and package manager. This workflow covers project management, dependency handling, workspaces, feature flags, and the publishing pipeline.
Cargo Workflow ​
Cargo.toml Deep Dive ​
toml
[package]
name = "my_project"
version = "0.1.0"
edition = "2021"
rust-version = "1.75"
authors = ["Your Name <you@example.com>"]
description = "A short description"
license = "MIT OR Apache-2.0"
repository = "https://github.com/you/project"
keywords = ["cli", "tool"]
categories = ["command-line-utilities"]
[dependencies]
# Crates.io dependency
serde = { version = "1.0", features = ["derive"] }
# Git dependency
my_crate = { git = "https://github.com/user/repo", branch = "main" }
# Path dependency (local)
shared = { path = "../shared" }
# Optional dependency (for feature flags)
fancy_output = { version = "0.5", optional = true }
[dev-dependencies]
pretty_assertions = "1"
criterion = { version = "0.5", features = ["html_reports"] }
[build-dependencies]
cc = "1"
[features]
default = ["fancy"]
fancy = ["dep:fancy_output"]
full = ["fancy", "serde/rc"]
[profile.release]
opt-level = 3
lto = true
strip = true
codegen-units = 1
panic = "abort"
[profile.dev]
opt-level = 0
debug = true
[[bench]]
name = "my_benchmark"
harness = falseDependency Management ​
bash
# Add a dependency
cargo add serde --features derive
cargo add tokio -F full
# Add dev dependency
cargo add --dev pretty_assertions
# Add build dependency
cargo add --build cc
# Remove dependency
cargo remove serde
# Update dependencies
cargo update # Update all within semver ranges
cargo update serde # Update specific crate
# Check for outdated dependencies
cargo install cargo-outdated
cargo outdated
# Audit for vulnerabilities
cargo install cargo-audit
cargo auditVersion Syntax ​
| Syntax | Meaning | Example |
|---|---|---|
"1.0" | >=1.0.0, <2.0.0 | Compatible updates |
"=1.0.5" | Exactly 1.0.5 | Pin exact version |
">=1.0, <1.5" | Range | Custom range |
"~1.0.4" | >=1.0.4, <1.1.0 | Patch updates only |
"*" | Any version | Not recommended |
Workspaces ​
toml
# Root Cargo.toml
[workspace]
members = [
"crates/core",
"crates/api",
"crates/cli",
]
resolver = "2"
# Shared dependencies — declare once, use everywhere
[workspace.dependencies]
serde = { version = "1", features = ["derive"] }
tokio = { version = "1", features = ["full"] }
anyhow = "1"
[workspace.package]
version = "0.1.0"
edition = "2021"
license = "MIT"toml
# crates/core/Cargo.toml
[package]
name = "my-core"
version.workspace = true
edition.workspace = true
[dependencies]
serde = { workspace = true }bash
# Build specific crate
cargo build -p my-core
# Run specific binary
cargo run -p my-cli
# Test all crates
cargo test --workspace
# Test specific crate
cargo test -p my-coreFeature Flags ​
rust
// Conditional compilation based on features
#[cfg(feature = "fancy")]
fn render_fancy() {
println!("Fancy rendering enabled!");
}
#[cfg(not(feature = "fancy"))]
fn render_fancy() {
println!("Basic rendering.");
}
// Conditional dependency usage
#[cfg(feature = "serde")]
use serde::{Serialize, Deserialize};
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
struct Config {
name: String,
value: i32,
}bash
# Build with specific features
cargo build --features "fancy,serde"
# Build without default features
cargo build --no-default-features
# Build with all features
cargo build --all-featuresBuild Scripts ​
rust
// build.rs — runs BEFORE compilation
fn main() {
// Tell Cargo to rerun if file changes
println!("cargo:rerun-if-changed=src/native/helper.c");
// Set environment variable for code
println!("cargo:rustc-env=BUILD_TIME={}", chrono::Utc::now());
// Link a system library
println!("cargo:rustc-link-lib=ssl");
// Compile C code
cc::Build::new()
.file("src/native/helper.c")
.compile("helper");
}Publishing to crates.io ​
bash
# Login (one time)
cargo login your-api-token
# Verify package
cargo package --list # See what will be included
cargo package # Create .crate file locally
# Dry run
cargo publish --dry-run
# Publish
cargo publish
# Yank a version (prevent new downloads)
cargo yank --version 0.1.0Essential Cargo Plugins ​
bash
# Install useful plugins
cargo install cargo-watch # Auto-rebuild on save
cargo install cargo-expand # Expand macros
cargo install cargo-bloat # Analyze binary size
cargo install cargo-flamegraph # Performance profiling
cargo install cargo-deny # License and vulnerability checking
# Usage
cargo watch -x check # Re-check on file save
cargo expand # Show macro expansions
cargo bloat --release # See what's making the binary big
cargo flamegraph # Generate flamegraph
cargo deny check # Check licenses and advisoriesCargo.lock Strategy ​
| Project Type | Commit Cargo.lock? | Why |
|---|---|---|
| Binary / Application | Yes | Reproducible builds |
| Library | No (.gitignore it) | Let consumers resolve versions |
| Workspace | Yes | Shared lock for all members |