diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 466eb1b7d..e79910a44 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -69,6 +69,7 @@ rust-checks:
     - ./maint/check_licenses
     - ./maint/cargo_sort
     - ./maint/check_tree
+    - ./maint/check_all_lockfiles
   cache:
     paths:
       - cargo-sort
diff --git a/maint/check_all_lockfiles b/maint/check_all_lockfiles
new file mode 100755
index 000000000..ae75423ab
--- /dev/null
+++ b/maint/check_all_lockfiles
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+#
+# Everywhere we have a Cargo.lock checked into git, check that it's usable.
+#
+# This avoids doing a full `cargo check` which actually compiles the crates.
+# Our needs are closer to `cargo verify-project`, but we do want to check
+# the entire dependency tree without compiling anything.
+#
+# The approach we use now is to run `cargo tree --locked`, which catches
+# missing dependencies relatively quickly.
+#
+
+set -eu
+
+for subdir in $(git ls-files | sed -n 's/^/.\//;s/Cargo.lock$//p'); do
+    echo
+    echo "---- Checking $subdir"
+    (cd "$subdir" && cargo tree --locked > /dev/null)
+done