Hamburger Cross Icon
Rust Project Guardrails - Cargo Lock Exists

Cargo Lock Exists

Guardrail Rust Project Guardrails Beta Devex Build And Ci
rust.cargo-lock-exists

Ensures the project has a Cargo.lock file for dependency pinning. By default required for applications, skipped for libraries (following Cargo conventions). Configurable via lock_mode.

Cargo.lock dependencies reproducibility lockfile
Get Started View All Rust Project Guardrails

Compatible Integrations

This guardrail works with the following integrations. Click to see how to use Cargo Lock Exists with each collector.

+
Cargo Lock Exists + Rust Collector Provides Rust project metadata

Enable This Guardrail

Add the parent policy to your lunar-config.yml to enable this guardrail.

📄 lunar-config.yml 
policies:
  - uses: github://earthly/lunar-lib/policies/rust@v1.0.0
    include: [cargo-lock-exists]
    # with: ...

How This Guardrail Works

This guardrail is part of the Rust Project Guardrails policy. It evaluates data collected by integrations and produces a pass/fail check with actionable feedback.

When enabled, this check runs automatically on every PR and in AI coding workflows, providing real-time enforcement of your engineering standards.

Learn How Lunar Works
1
Integrations Gather Data
Collectors extract metadata from code, CI pipelines, tool outputs, and scans
2
{ } Centralized as JSON
All data merged into each component's unified metadata document
3
This Guardrail Checks Current
Cargo Lock Exists runs and provides pass/fail feedback

Configuration Options

These inputs can be configured in your lunar-config.yml to customize how the parent policy (and this guardrail) behaves.

Input Required Default Description
lock_mode Optional auto Cargo.lock enforcement mode. The "auto" mode detects whether the crate is a library or application and applies the Cargo convention (required for apps, skipped for libs). - "auto": Require for applications, skip for libraries (default) - "required": Always require Cargo.lock - "forbidden": Fail if Cargo.lock exists - "none": Skip the check entirely
min_rust_edition Optional 2021 Minimum required Rust edition (e.g., "2021", "2024")
min_rust_version_cicd Optional 1.75.0 Minimum required Rust toolchain version for CI/CD (e.g., "1.75.0")
max_clippy_warnings Optional 0 Maximum allowed clippy warnings (0 = must be clean)
max_unsafe_blocks Optional 0 Maximum allowed unsafe blocks (0 = no unsafe allowed)

Related Guardrails

Other guardrails in the Rust Project Guardrails policy.

Guardrail Devex Build And Ci
Cargo Toml Exists

Ensures the project has a Cargo.toml file for crate configuration. Required for all Rust projects.
Guardrail Devex Build And Ci
Min Rust Edition

Ensures the project uses at least the minimum required Rust edition. Editions enable new language features while...
Guardrail Devex Build And Ci
Min Rust Version Cicd

Ensures the Rust toolchain version used in CI/CD commands meets the minimum required version. Helps maintain security...
Guardrail Devex Build And Ci
Clippy Clean

Ensures clippy reports no warnings (or fewer than the configured threshold). Clippy catches common mistakes and enforces...
Guardrail Devex Build And Ci
Max Unsafe Blocks

Limits the number of unsafe blocks in the codebase. Unsafe code bypasses Rust's safety guarantees and should be...
Rust Project Guardrails

Rust Project Guardrails

This guardrail is part of the Rust Project Guardrails policy, which includes 6 guardrails for devex build and ci.

View Policy

Ready to Automate Your Standards?

See how Lunar can turn your engineering wiki, compliance docs, or postmortem action items into automated guardrails with our 100+ built-in guardrails.

Works with any process
check Infrastructure conventions
check Post-mortem action items
check Security & compliance policies
check Testing & quality requirements
Automate Now
Turn any process doc into guardrails
Book a Demo