
Nafiseh asked a question.
Why are the dependencies declared in the Cargo.toml files, with their versions clearly specified, not detected by the tool Code insight ( Compliance Library (version 2.43_RC1)?

Nafiseh asked a question.
Hi, I am Reva - Ask me anything.
No new updates
Thanks for the feedback!
Your feedback has been saved.Rate this response:
Add Additional feedback ( Optional )
Are you sure you want to cancel
the case creation?
Are you sure you want to cancel the case creation?
Activity: Status change: 2 hours ago
Are you sure you want to close this case
| Products | Region | Phone Numbers |
|---|---|---|
| FlexNet Operations FlexNet Embedded FlexNet Publisher FlexNet Connect FlexNet Code Insight InstallAnywhere InstallShield |
North America * |
+1 630-332-2513 (toll) +1 877-279-2853 (toll-free in North America) |
| Europe * |
+44 1925 944367 (toll) +44 800 047 8642 (toll-free in Europe) |
|
| Japan * | +81 3-4540-5335 (select option 2) | |
| Australia * |
+61 3 9895 2177 +61 1800 560 603 (toll-free in Australia) |
|
|
Usage Intelligence (formerly
Revulytics) Compliance Intelligence |
Please use the Case Portal to submit your support ticket or reach out to your Revenera contact. | |
Hi @Nafiseh ,
This is expected behavior with the current Rust support in Code Insight.
Although dependencies are declared in Cargo.toml, the tool does not fully rely on it because it often contains version ranges rather than resolved versions. Code Insight primarily depends on resolved data (typically from Cargo.lock) to build an accurate dependency graph.
Declaring dependencies in Cargo.toml alone may not guarantee detection due to current limited Rust ecosystem support.
For further clarification or deeper investigation specific to your project, please feel free to raise a support case with us, and we will be happy to assist.
You can find more information on the supported ecosystems here:
https://docs.codeinsight.revenera.com/user-guide/ref/automated-analysis/supported-development-ecosystems/supported-ecosystems/