Rust files detection

The following is a known issue with the Rust files detection functionality.

SCA-59583: Cargo Analyzer resolves git/path-based Rust dependency to latest version

When you scan a Rust project with a direct scan profile where Cargo.toml defines a dependency using a git or path pattern, Cargo Analyzer may resolve the dependency to the latest available version (for example 0.2.0) instead of the version implied by the specified git branch (for example 0.1.0). This can cause the project inventory to show an incorrect version for the affected dependency.

Workaround: None Exists

SCA-59583: Cargo Analyzer resolves git/path-based Rust dependency to latest version​

SCA-59583: Cargo Analyzer resolves git/path-based Rust dependency to latest version