cargo aggregate failure due to mismatched criteria description is difficult to diagnose

[anforowicz]

Repro:

$ cat sources.list
# Chromium OS:
https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT

# Chromium:
https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT

# Fuchsia:
https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT

# google3:
https://raw.githubusercontent.com/google/rust-crate-audits/main/manual-sources/google3-audits.toml

$ cargo vet aggregate --output-file audits.toml sources.list --verbose=info
ERROR   × there were errors aggregating source audit files

(The repro works because Chromium uses incompatible descriptions. I'll work on fixing this on Chromium side - at that point the repro steps above will not work anymore.)

Expected behavior: Details about AggregateCriteriaDescriptionMismatchError are displayed. (This class has a very nice auto-derived Display implementation that would be sufficient if only it was used/displayed.)

Actual behavior: Only general, non-actionable/diagnosable info about AggregateErrors is displayed.

[anforowicz]

I am not sure what changes can be made in cargo vet to emit better diagnostics.

• One naive approach would be to loop through the aggregated errors in fn do_aggregate_audits and call info!("{err}") for each of them.
• OTOH, maybe the miele crate should somehow be used to handle displaying the aggregated errors?

Also - I think that I agree with the decision to not display the (quite verbose) details from AggregateCriteriaDescriptionMismatchError by default. OTOH, it would be nice if the short, default display had a some kind of summary of the problems that hints that description mismatches were the root problem.