Decision Workspace

supply-scan vs sloppy-joe vs cargo-diagnose

Side-by-side comparison of Rust crates

experimentalv0.1.1

Scan project dependencies for malicious, typosquatted, and AI-hallucinated packages

experimentalv0.9.1

Detect hallucinated, typosquatted, and non-canonical dependencies

experimentalv0.1.2

A command-line dependency health analyzer for Rust projects, scoring OSV vulnerabilities and GitHub maintenance APIs.

Core Metrics

	supply-scan	sloppy-joe	cargo-diagnose
Health Score	43	42	43
Total Downloads	20	121	50
30d Downloads	20	121	50
Dependents	0	0	0
Releases	2	11	3
Last Updated	today	3d ago	20d ago
Age	1d	6d	21d

Health Breakdown

supply-scan

Maintenance

14

Quality

11

Community

6

Popularity

2

Documentation

10

sloppy-joe

Maintenance

19

Quality

5

Community

6

Popularity

2

Documentation

10

cargo-diagnose

Maintenance

13

Quality

12

Community

6

Popularity

2

Documentation

10

Technical Details

	supply-scan	sloppy-joe	cargo-diagnose
Version	0.1.1	0.9.1	0.1.2
Stable (≥1.0)	✗ No	✗ No	✗ No
License	MIT	Apache-2.0	MIT
Dependencies	8	11	9
Crate Size	190KB	147KB	28KB
Features	0	0	0
Yanked %	0.0%	63.6%	0.0%
Edition	2021	2024	2024
MSRV	—	—	—
Owners	1	1	1

Links

supply-scan detail →GitHub ↗crates.io ↗

sloppy-joe detail →GitHub ↗crates.io ↗

cargo-diagnose detail →GitHub ↗crates.io ↗

Quick Verdict

•supply-scan leads with a health score of 43/100, but none of the options score above 80.
•sloppy-joe has the most downloads (121), suggesting wider adoption.