autocfg

Using autocfg in build scripts is straightforward and solves a real pain point: detecting compiler capabilities without manually maintaining complex cfg combinations. The API is minimal and intuitive - you create an `AutoCfg` instance in your build.rs and call methods like `probe_rustc_version()`, `probe_type()`, or `probe_expression()`. It emits cargo instructions automatically, so you just check the generated cfgs in your code.

The documentation is sparse but functional. The examples in the repository README cover the common cases (checking for std features, type availability, expression validity), and that's honestly enough for most uses. Error messages when probes fail are silent by design - it just returns false - which makes sense for feature detection but can be confusing initially if you have typos.

Debugging is reasonable since you can inspect the generated features in your build output. The main gotcha is understanding that this runs at build time, so mistakes don't surface until compilation. For library authors needing conditional compilation based on Rust version or feature availability, it's a time-saver that just works.

autocfg is primarily used in build.rs scripts to detect Rust compiler features at build time, letting you write code that adapts to different compiler versions. The API is straightforward - you create an AutoCfg instance and probe for features using methods like `probe_type()`, `probe_path()`, or `probe_expression()`. Once you understand the basic pattern, it's quite intuitive.

The main challenge is that documentation is minimal. The crate docs explain what each function does, but there are very few complete examples showing real-world usage patterns. I found myself reading other crates' build.rs files (like rayon, num-traits) to understand best practices. Error messages are generally unhelpful - probes just return bool, so debugging why a feature isn't detected requires manually inspecting the underlying compiler output.

Day-to-day usage is smooth once set up. The API rarely changes, so code written years ago still works. It's a specialized tool that does one thing well, but expect to invest time upfront learning through experimentation rather than comprehensive tutorials.

autocfg is a build-time utility that probes the Rust compiler to detect available features, eliminating the need for hardcoded version checks in build.rs scripts. From a security perspective, it's remarkably safe: it runs only at build time, produces no runtime code, and has zero dependencies beyond std. The attack surface is minimal—it's essentially just invoking rustc with test programs and parsing the output.

In practice, it's straightforward to use. You instantiate AutoCfg in your build script, call probe methods like `probe_type()` or `probe_path()`, and emit the appropriate `cargo:rustc-cfg` directives. The API is well-documented with clear examples. Error handling is sensible—failures to probe features are treated as absence rather than panicking, which is the correct default behavior.

The main limitation is that it's purely a build-time tool with no runtime implications. It doesn't validate inputs from external sources or handle crypto, but that's by design. For supply chain risk, having zero dependencies is a significant advantage—there's no transitive dependency tree to audit.