cargo-generate-lockfile

Generate a Cargo.lock file with the latest version of every package

$ cargo generate-lockfile

cargo generate-lockfile [--manifest-path <PATH>] [-h | --help] [-V | --version] [-Z <FLAG>...]

--manifest-path <PATH>
    Path to Cargo.toml manifest

-h, --help
    Print help information

-V, --version
    Print version information

-Z <FLAG>...
    Unstable (nightly-only) Cargo flags

The cargo generate-lockfile command is part of Rust's Cargo package manager. It resolves dependencies from a Cargo.toml manifest and generates a Cargo.lock file without downloading crates or building the project. This ensures reproducible builds by locking exact dependency versions.

Useful in CI/CD pipelines, Dockerfiles, or scripts to pre-generate lockfiles, avoiding network fetches during builds. It performs only the resolution step, making it fast and side-effect-free.

By default, it targets the Cargo.toml in the current directory. For workspaces, it generates a single root Cargo.lock. The command reads the manifest, queries the index (without downloading), computes the minimal set of compatible versions, and writes the lockfile.

This promotes hermetic builds and version pinning, aligning with Cargo's reproducibility goals. It's especially handy for vendoring or air-gapped environments.

Requires Cargo 1.80+ (stabilized then). Does not fetch or build; may fail if index unreachable. Generates root Cargo.lock for workspaces.

cargo generate-lockfile
cargo generate-lockfile --manifest-path subproject/Cargo.toml

Ideal for Dockerfiles: generate lockfile, copy it, then cargo build --locked.

Introduced as unstable -Z generate-lockfile in Cargo 1.70 (2023). Stabilized as subcommand in Cargo 1.80.0 (Sep 2024) to support CI and reproducible workflows.

cargo(1), cargo-build(1), cargo-check(1)