It is quite common for big projects with Rust code to vendor their dependencies. rust2rpm should be able to scan for vendored dependencies and generate Provides: bundled(crate(foo)) = 1.2.3 lines for the bundled dependencies.
Provides: bundled(crate(foo)) = 1.2.3
Note that while it's generally in a vendor subdirectory in the same directory as Cargo.toml, that isn't necessarily guaranteed. But at least at a first pass, we can start here...
(10:55:58 PM) jistone: ignatenkobrain, won't it be hard to tell what's actually shipped? I don't think you need bundled() for transient build artifacts
to comment on this ticket.