Toward Better Crate Dependency Graphs

Judging from the search hits in google and on crates.io (below), many people seem to think dependency graphs of rust crates are useful. Here's a recent blog post about coming to a dependency graph, from the other, manual, human luddite direction:

Important Crates Graph

Have ≥5 inter-dependent crates? You need a graph.

(I'd include the SVG but its apparently not supported here, so please click and have a look.)

Graph Automation Crates

Automation is good, if it can help yield similar results. Just searched a little in this vast landscape:

• https://github.com/ehuss/cargo-dep

• https://crates.io/crates/cargo-deps

• depgraph github crates.io

• cargo-dot github

deprecated in favor of cargo-graph

• cargo-graph github crate

Doesn't build (via cargo install) for me, per below: Victim of cargo patch feature?

error: failed to compile cargo-graph v0.3.1, intermediate artifacts can be found at /tmp/cargo-installWtM0pq

Caused by:
failed to select a version for the requirement clap = "~2.11.3"
candidate versions found which didn't match: 2.33.3, 2.33.2, 2.33.1, ...
location searched: crates.io index
required by package cargo-graph v0.3.1

• cargo-depgraph git.sr.ht crate

⸘git.sr.ht‽

Installed. Made fun of its default output in my blog post—no offense intended, just as a form of hopefully constructive criticism.

I'm pretty sure there is more than what I've found and listed above.

1st question: Who is or wants to become the "heir apparent" in this fertile space?

2nd question: Who might be interested in finding a way to add configuration or flags to such a cargo plugin, in order to be able to automatically arrive at similar quality?

Adding features like:

• Allowed/disallowed list of deps and/or maximum (e.g. transitive 1° 2°…) distance setting from root
  of project/workspace.

• Filtering deps by number of connections (e.g. filtering out leaf nodes that are wholly owned by another closer crate dependency.

• Providing a means to group or otherwise color code crate (like I did in the above).

• Distinguish between private and public (and default or non-default feature) dependencies, via edge styles or other markers (like mine above).

• Any other interesting statistical/heuristic improvements to default graph output, without additional settings.

Also what about some kind of output mode flag for alternatives to graphviz dot like:

• graphviz neato, circulo
• GitHub - mersinvald/aquamarine: Inline diagrams for rustdoc with mermade.js (recently advertised as crate of week)
• GitHub - ivanceras/svgbob: Convert your ascii diagram scribbles into happy little SVG

Anyone interested in working with me on this? I think I'd want "+1" or commit bit to a github hosted source tree, CI, etc. Or lacking that, maybe, I'll just fork and forget, if I can find the time? Thanks for your code under permissive license!

@cuviper pointed me at cargo-deps being worth an install. This is approaching usable (but not great IMO) if I don't use the --all-deps or any other add-more-crates type flags:

yah2404×827 242 KB

Sadly this is missing the whole hyperium-tokio-rs nexus which is important for reasons described in the blog post. Here is --depth 5 --optional-deps which becomes unwieldy as expected:

yah27690×1019 1.14 MB

Tried again with cargo-depgraph (the other repo that looks alive). The main problem I see with the output (as well as cargo-deps) is that they use incrementing integers for node names and thus its very unfriendly for hand customization:

#! cargo depgraph --focus=body-image --all-features

digraph {
    0 [ label = "body-image" shape = box]
    1 [ label = "barc" shape = box]
    2 [ label = "body-image-futio" shape = box]
    3 [ label = "barc-cli" shape = box]
    1 -> 0 [ ]
    2 -> 0 [ ]
    3 -> 1 [ ]
    3 -> 0 [ ]
    3 -> 2 [ style = dotted]
}

This is what lead me to just do it™ by text editor and scan of Cargo.toml files, initially. In my hand roled version, node 0 is named bodyimage (dot doesn't like '-' or '_' in the names), but then all the edge associations are intuitive.

Note in theory one could find a collision by simply removing special characters from the crate name. A better strategy for the tool would be to append an incremented integer value, in the unlikely event that a collision occurs (if and only if).

cc: @jplatte

Rendered:

Hi! I'd be stoked to help you find your way around cargo-depgraph to implement any of the features you are missing.

One note about the the numbers in the output though: this is the output of petgraph's graphviz export and I'm not sure whether the node names are customizable. I don't exactly understand why this would complicate customization too. (are you talking about editing it by hand, or passing cargo-depgraph's output to a customization script before dot?)

If it helps, I can mirror the repository on GitHub. I'm not a huge fan of GitHub because it's closed-source and a big point of centralization in Open Source, but also haven't been super happy with the rejection of any social features (stars, reactions, ...) in sourcehut so I think for now the best solution in many cases may just be to use multiple platforms.

Do you need it to be visual? An ASCII tree can be generated by cargo tree (built-in command). IMHO it works well. It has some useful features like cargo tree -d that shows duplicate crates.

Thanks Jonas! Your hosting choice seems well reasoned. I was mostly just being a jerk about the git.sr.ht host name, which I literally assumed was either a joke or a typo when I first saw it, coming from the repository link of crates.io, your crate.

I think I could work directly with git.sr.ht, if you don't mind patch emails with long commit messages? (Old school that.)

I hadn't really looked at your code yet, but the fact that the graph is represented via petgraph means that I could offer my own tree-walker-style output mode, right?

And yes, if you look at my hand done graph's dot source code (I'll share an excerpt below), you will see that I'm customizing down at the level of individual nodes (e.g. xhtml label, colors) and edges (e.g. weights):

  taolog [ label=<tao-log>, fillcolor="#eed35b" ];
  log [ fillcolor="#e93d19" ];

  taolog -> log [ weight=2 ];

I'm super excited to try and dive in!

Yeah I use that all the time as well, because its so immediate and easy for small sub-graphs. However for the use cases I describe in the above linked blog post, I think its inferior, primarily because of the duplication (below as (*)).

Included below the whole cargo tree output. How do we tell this renderer to not assume every code block (e.g. ```) is rust?

barc-cli v2.2.0 (/home/david/src/body-image/barc-cli)
├── barc v2.2.1 (/home/david/src/body-image/barc)
│   ├── body-image v2.2.1 (/home/david/src/body-image/body-image)
│   │   ├── bytes v1.0.1
│   │   ├── http v0.2.3
│   │   │   ├── bytes v1.0.1
│   │   │   ├── fnv v1.0.7
│   │   │   └── itoa v0.4.7
│   │   ├── memmap v0.7.0
│   │   │   └── libc v0.2.82
│   │   ├── olio v1.4.0
│   │   │   ├── libc v0.2.82
│   │   │   └── memmap v0.7.0 (*)
│   │   ├── remove_dir_all v0.5.2
│   │   ├── tao-log v1.0.1
│   │   │   └── log v0.4.8
│   │   │       └── cfg-if v0.1.10
│   │   └── tempfile v3.2.0
│   │       ├── cfg-if v1.0.0
│   │       ├── libc v0.2.82
│   │       ├── rand v0.8.2
│   │       │   ├── libc v0.2.82
│   │       │   ├── rand_chacha v0.3.0
│   │       │   │   ├── ppv-lite86 v0.2.10
│   │       │   │   └── rand_core v0.6.1
│   │       │   │       └── getrandom v0.2.1
│   │       │   │           ├── cfg-if v1.0.0
│   │       │   │           └── libc v0.2.82
│   │       │   └── rand_core v0.6.1 (*)
│   │       └── remove_dir_all v0.5.2
│   ├── brotli v3.3.0
│   │   ├── alloc-no-stdlib v2.0.1
│   │   ├── alloc-stdlib v0.2.1
│   │   │   └── alloc-no-stdlib v2.0.1
│   │   └── brotli-decompressor v2.3.1
│   │       ├── alloc-no-stdlib v2.0.1
│   │       └── alloc-stdlib v0.2.1 (*)
│   ├── bytes v1.0.1
│   ├── flate2 v1.0.19
│   │   ├── cfg-if v1.0.0
│   │   ├── crc32fast v1.2.1
│   │   │   └── cfg-if v1.0.0
│   │   ├── libc v0.2.82
│   │   └── miniz_oxide v0.4.3
│   │       └── adler v0.2.3
│   │       [build-dependencies]
│   │       └── autocfg v1.0.1
│   ├── http v0.2.3 (*)
│   ├── httparse v1.3.4
│   ├── memmap v0.7.0 (*)
│   ├── mime v0.3.16
│   ├── olio v1.4.0 (*)
│   └── tao-log v1.0.1 (*)
├── body-image v2.2.1 (/home/david/src/body-image/body-image) (*)
├── body-image-futio v2.2.1 (/home/david/src/body-image/body-image-futio)
│   ├── blocking-permit v1.3.0
│   │   ├── bytes v1.0.1
│   │   ├── futures-core v0.3.12
│   │   ├── log v0.4.8 (*)
│   │   ├── num_cpus v1.13.0
│   │   │   └── libc v0.2.82
│   │   ├── parking_lot v0.11.1
│   │   │   ├── instant v0.1.9
│   │   │   │   └── cfg-if v1.0.0
│   │   │   ├── lock_api v0.4.2
│   │   │   │   └── scopeguard v1.1.0
│   │   │   └── parking_lot_core v0.8.2
│   │   │       ├── cfg-if v1.0.0
│   │   │       ├── instant v0.1.9 (*)
│   │   │       ├── libc v0.2.82
│   │   │       └── smallvec v1.6.1
│   │   └── tokio v1.0.2
│   │       ├── libc v0.2.82
│   │       ├── mio v0.7.7
│   │       │   ├── libc v0.2.82
│   │       │   └── log v0.4.8 (*)
│   │       ├── num_cpus v1.13.0 (*)
│   │       └── pin-project-lite v0.2.4
│   │       [build-dependencies]
│   │       └── autocfg v1.0.1
│   ├── body-image v2.2.1 (/home/david/src/body-image/body-image) (*)
│   ├── brotli v3.3.0 (*)
│   ├── bytes v1.0.1
│   ├── flate2 v1.0.19 (*)
│   ├── futures-core v0.3.12
│   ├── futures-sink v0.3.12
│   ├── futures-util v0.3.12
│   │   ├── futures-core v0.3.12
│   │   ├── futures-macro v0.3.12 (proc-macro)
│   │   │   ├── proc-macro-hack v0.5.19 (proc-macro)
│   │   │   ├── proc-macro2 v1.0.24
│   │   │   │   └── unicode-xid v0.2.1
│   │   │   ├── quote v1.0.8
│   │   │   │   └── proc-macro2 v1.0.24 (*)
│   │   │   └── syn v1.0.58
│   │   │       ├── proc-macro2 v1.0.24 (*)
│   │   │       ├── quote v1.0.8 (*)
│   │   │       └── unicode-xid v0.2.1
│   │   ├── futures-sink v0.3.12
│   │   ├── futures-task v0.3.12
│   │   │   └── once_cell v1.5.2
│   │   ├── pin-project-lite v0.2.4
│   │   ├── pin-utils v0.1.0
│   │   ├── proc-macro-hack v0.5.19 (proc-macro)
│   │   ├── proc-macro-nested v0.1.7
│   │   └── slab v0.4.2
│   ├── http v0.2.3 (*)
│   ├── http-body v0.4.0
│   │   ├── bytes v1.0.1
│   │   └── http v0.2.3 (*)
│   ├── httparse v1.3.4
│   ├── hyper v0.14.2
│   │   ├── bytes v1.0.1
│   │   ├── futures-channel v0.3.12
│   │   │   └── futures-core v0.3.12
│   │   ├── futures-core v0.3.12
│   │   ├── futures-util v0.3.12 (*)
│   │   ├── http v0.2.3 (*)
│   │   ├── http-body v0.4.0 (*)
│   │   ├── httparse v1.3.4
│   │   ├── httpdate v0.3.2
│   │   ├── itoa v0.4.7
│   │   ├── pin-project v1.0.4
│   │   │   └── pin-project-internal v1.0.4 (proc-macro)
│   │   │       ├── proc-macro2 v1.0.24 (*)
│   │   │       ├── quote v1.0.8 (*)
│   │   │       └── syn v1.0.58 (*)
│   │   ├── socket2 v0.3.19
│   │   │   ├── cfg-if v1.0.0
│   │   │   └── libc v0.2.82
│   │   ├── tokio v1.0.2 (*)
│   │   ├── tower-service v0.3.0
│   │   ├── tracing v0.1.22
│   │   │   ├── cfg-if v1.0.0
│   │   │   ├── pin-project-lite v0.2.4
│   │   │   └── tracing-core v0.1.17
│   │   │       └── lazy_static v1.4.0
│   │   └── want v0.3.0
│   │       ├── log v0.4.8 (*)
│   │       └── try-lock v0.2.3
│   ├── hyper-tls v0.5.0
│   │   ├── bytes v1.0.1
│   │   ├── hyper v0.14.2 (*)
│   │   ├── native-tls v0.2.7
│   │   │   ├── log v0.4.8 (*)
│   │   │   ├── openssl v0.10.32
│   │   │   │   ├── bitflags v1.2.1
│   │   │   │   ├── cfg-if v1.0.0
│   │   │   │   ├── foreign-types v0.3.2
│   │   │   │   │   └── foreign-types-shared v0.1.1
│   │   │   │   ├── lazy_static v1.4.0
│   │   │   │   ├── libc v0.2.82
│   │   │   │   └── openssl-sys v0.9.60
│   │   │   │       └── libc v0.2.82
│   │   │   │       [build-dependencies]
│   │   │   │       ├── autocfg v1.0.1
│   │   │   │       ├── cc v1.0.66
│   │   │   │       └── pkg-config v0.3.19
│   │   │   ├── openssl-probe v0.1.2
│   │   │   └── openssl-sys v0.9.60 (*)
│   │   ├── tokio v1.0.2 (*)
│   │   └── tokio-native-tls v0.3.0
│   │       ├── native-tls v0.2.7 (*)
│   │       └── tokio v1.0.2 (*)
│   ├── hyperx v1.3.0
│   │   ├── base64 v0.13.0
│   │   ├── bytes v1.0.1
│   │   ├── http v0.2.3 (*)
│   │   ├── httparse v1.3.4
│   │   ├── httpdate v0.3.2
│   │   ├── language-tags v0.2.2
│   │   ├── mime v0.3.16
│   │   ├── percent-encoding v2.1.0
│   │   └── unicase v2.6.0
│   │       [build-dependencies]
│   │       └── version_check v0.9.2
│   ├── memmap v0.7.0 (*)
│   ├── olio v1.4.0 (*)
│   ├── tao-log v1.0.1 (*)
│   └── tokio v1.0.2 (*)
├── clap v2.33.3
│   ├── bitflags v1.2.1
│   ├── term_size v0.3.2
│   │   └── libc v0.2.82
│   ├── textwrap v0.11.0
│   │   ├── term_size v0.3.2 (*)
│   │   └── unicode-width v0.1.8
│   └── unicode-width v0.1.8
├── http v0.2.3 (*)
├── hyper v0.14.2 (*)
├── piccolog v1.0.2 (/home/david/src/body-image/piccolog)
│   └── log v0.4.8 (*)
└── tao-log v1.0.1 (*)

How do we tell this renderer to not assume every code block is rust?

(Thanks, corrected. I've been using txt all along. Isn't that kind of sad it can't interpret that? Also for the dot files, its best to use ruby for formatting. )

Honestly the whole email workflow thing is the feature I like least about sourcehut. I don't think I've even set up a mailing list for any of my projects there. Since I haven't set anything else up feel free to send patches to my email address from the git log, create todos with a link to your fork at cargo-depgraph — sourcehut todo or whatever else might be convenienct for you. I'll probably set up a GitHub mirror soon and make issues from the current todos.

Sure, that should be possible.

Forked! (In the github sense, not "I'm going to publish cargo-depgraph2" sense!)