An easy way to see all (sub)dependencies of a Rust crate (online)?

Question

On crates.io we can easily see the direct dependencies of a crate by just clicking on the Dependencies tab. Is there a way to also easily see the sub-dependencies of a crate? Perhaps in a tree-like view, similar to what cargo tree would display. Or at least the number of all (sub)dependencies.

I think that can be helpful, for example, when we need to decide which crate to use among alternatives. By having an indicator of the total number of (sub)dependencies, we would have a better idea on how "heavy" a library actually is. I think that can be especially useful for a language like Rust where the build speed seems to heavily depend on the number of dependencies.

Answer 1

$ cargo tree --package mio-serial
mio-serial v5.0.5
├── log v0.4.21
├── mio v0.8.11
│   ├── libc v0.2.153
│   └── log v0.4.21
├── nix v0.26.4
│   ├── bitflags v1.3.2
│   ├── cfg-if v1.0.0
│   ├── libc v0.2.153
│   ├── memoffset v0.7.1
│   │   [build-dependencies]
│   │   └── autocfg v1.2.0
│   └── pin-utils v0.1.0
└── serialport v4.3.0
    ├── bitflags v2.5.0
    ├── cfg-if v1.0.0
    ├── core-foundation-sys v0.8.6
    ├── io-kit-sys v0.4.1
    │   ├── core-foundation-sys v0.8.6
    │   └── mach2 v0.4.2
    │       └── libc v0.2.153
    ├── mach2 v0.4.2 (*)
    ├── nix v0.26.4 (*)
    └── scopeguard v1.2.0

Answer 2

Such tool cannot be written, because since adding/removing a (private) dependency is not semver-breaking, it can be (and is) done in minor/patch releases, and the version of a library you're using is not determined just by the minimum version you (or its dependent library) declare you supports, but also by the other dependencies you have in your project and their requirements. In other words, the only way to know for sure the libraries included is to look in the Cargo.lock of the final project. An approximation that only looks at the latest supported version of for each library can be written, though.

If a library has published its source code, and it's including Cargo.toml (as it is recommended to do now, but it was not always this way), you can inspect it to see the dependencies with which it was compiled.