Rust makes memory safety guarantees that most languages can't touch. Ownership, lifetimes, thread safety—these aren't suggestions, they're enforced at compile time. But here's what Rust can't tell you: whether your code is safe to modify tomorrow. That's the gap cargo-crap fills. Built by developer Minikin, this Cargo-style tool calculates the Change Risk Anti-Patterns (CRAP) metric for Rust functions, flagging code that's both complex and poorly tested. The tool surfaced on Hacker News this week with a straightforward pitch: coverage metrics alone don't cut it when you need to know if a function is dangerous to touch.

The CRAP Metric Explained

The CRAP formula combines cyclomatic complexity with test coverage into one actionable number: CRAP(m) = comp(m)² × (1 − cov(m)/100)³ + comp(m). Complexity measures independent paths through a function—every if, match, loop adds another path. Coverage shows which lines tests actually exercised. Multiply those signals together and you get a score that surfaces code requiring the most scrutiny. A simple, well-tested function scores low. Complex but well-covered code sits in manageable territory. The danger zone? High complexity with zero coverage—that's where silent risk accumulates faster than anyone notices.

AI Agents Move Fast and Break Things (Quietly)

Here's why this matters more now than ever: AI coding agents generate Rust at impressive speed, but they also introduce a pattern the author calls "preservation by accumulation." Instead of simplifying a model when edge cases arise, agents add another fallback, another special case, another compatibility branch. Tests pass. The code compiles. But the function has become a minefield waiting for the next person who needs to change it. The author describes their intended workflow: let an agent implement the change, run tests and coverage, then run cargo-crap. If the score increased, ask the agent to either simplify the function or add meaningful branch coverage. That's the guardrail—measurable feedback that catches creeping complexity before it becomes technical debt you can never pay down.

Getting Started

Install via cargo-binstall (pre-built binary) or from source with cargo install cargo-crap. The workflow is two commands: generate an LCOV coverage report with cargo llvm-cov --lcov, then feed it to cargo-crap. The tool outputs a ranked table showing CRAP score, cyclomatic complexity, coverage percentage, function name, and file location for every function analyzed. The default threshold of 30 follows original CRAP guidance—once a function crosses that line, treat it as high-risk change territory rather than routine maintenance. Functions below the threshold get a checkmark; those above get flagged for attention.

CI Integration Is Where This Gets Serious

For new projects, you can gate builds on absolute thresholds with --fail-above --threshold 30. For existing codebases with legacy complexity, the author recommends baseline mode instead: establish what your current state looks like, then fail only on regressions that make things worse than they already are. That's a healthier engineering rule for teams inheriting messy codebases. Output formats include JSON for automation pipelines, SARIF 2.1.0 for security tooling integration, GitHub Actions annotations for pull request visibility, and PR comment format for human reviewers scanning changes during review. The simplest CI workflow is intentionally minimal: checkout, install toolchain, run coverage, then cargo-crap with your chosen threshold gate.

What This Tool Is Not

Cargo-crap doesn't replace engineering judgment, understand your business domain, or prove that tests actually assert correct behavior. A function can hit 100% coverage without validating anything meaningful—the metric measures untested complexity, not test quality. Treat the score as a signal pointing you toward questions, not answers.

Key Takeaways

  • The CRAP metric combines cyclomatic complexity with test coverage to surface risky code
  • AI coding agents tend to add complexity through accumulation rather than simplification
  • Default threshold of 30 flags high-risk functions for human review or refactoring
  • Baseline mode helps existing projects enforce "no regressions" without blocking on legacy debt
  • Output formats support GitHub Actions, PR comments, and SARIF integration

The Bottom Line

Rust gives you ironclad guarantees about what your programs cannot do. AI agents give you speed that cuts both ways. Cargo-crap connects those realities with a simple principle: move fast by all means, but measure the risk you're adding so it doesn't quietly become your tomorrow's production incident. If you're shipping Rust with AI assistance and not tracking CRAP scores in CI, you're flying blind.