mirror of
https://github.com/rust-lang/cargo
synced 2024-08-28 11:50:23 +00:00
cleanups round 1
This commit is contained in:
parent
c2a1daab63
commit
29ff25f6d9
|
@ -19,7 +19,7 @@ path = "src/cargo/lib.rs"
|
||||||
bytesize = "1.0"
|
bytesize = "1.0"
|
||||||
cargo-platform = { path = "crates/cargo-platform", version = "0.1.2" }
|
cargo-platform = { path = "crates/cargo-platform", version = "0.1.2" }
|
||||||
cargo-util = { path = "crates/cargo-util", version = "0.2.3" }
|
cargo-util = { path = "crates/cargo-util", version = "0.2.3" }
|
||||||
crates-io = { path = "crates/crates-io", version = "0.35.0" }
|
crates-io = { path = "crates/crates-io", version = "0.35.1" }
|
||||||
curl = { version = "0.4.44", features = ["http2"] }
|
curl = { version = "0.4.44", features = ["http2"] }
|
||||||
curl-sys = "0.4.59"
|
curl-sys = "0.4.59"
|
||||||
env_logger = "0.10.0"
|
env_logger = "0.10.0"
|
||||||
|
|
|
@ -294,8 +294,8 @@ impl RegistryBuilder {
|
||||||
&config_path,
|
&config_path,
|
||||||
format!(
|
format!(
|
||||||
"
|
"
|
||||||
[registries.{alternative}]
|
[registries.{alternative}]
|
||||||
index = '{}'",
|
index = '{}'",
|
||||||
registry.index_url
|
registry.index_url
|
||||||
)
|
)
|
||||||
.as_bytes(),
|
.as_bytes(),
|
||||||
|
@ -306,11 +306,11 @@ impl RegistryBuilder {
|
||||||
&config_path,
|
&config_path,
|
||||||
format!(
|
format!(
|
||||||
"
|
"
|
||||||
[source.crates-io]
|
[source.crates-io]
|
||||||
replace-with = 'dummy-registry'
|
replace-with = 'dummy-registry'
|
||||||
|
|
||||||
[registries.dummy-registry]
|
[registries.dummy-registry]
|
||||||
index = '{}'",
|
index = '{}'",
|
||||||
registry.index_url
|
registry.index_url
|
||||||
)
|
)
|
||||||
.as_bytes(),
|
.as_bytes(),
|
||||||
|
@ -799,7 +799,7 @@ impl HttpServer {
|
||||||
// todo: PASETO with challenges
|
// todo: PASETO with challenges
|
||||||
// - If the operation is a mutation:
|
// - If the operation is a mutation:
|
||||||
if let Some(mutation) = mutation {
|
if let Some(mutation) = mutation {
|
||||||
// - That the operation matches the mutation field an is one of publish, yank, or unyank.
|
// - That the operation matches the mutation field and is one of publish, yank, or unyank.
|
||||||
if message.mutation != Some(mutation.mutation) {
|
if message.mutation != Some(mutation.mutation) {
|
||||||
dbg!(message.mutation);
|
dbg!(message.mutation);
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "crates-io"
|
name = "crates-io"
|
||||||
version = "0.35.0"
|
version = "0.35.1"
|
||||||
edition = "2021"
|
edition = "2021"
|
||||||
license = "MIT OR Apache-2.0"
|
license = "MIT OR Apache-2.0"
|
||||||
repository = "https://github.com/rust-lang/cargo"
|
repository = "https://github.com/rust-lang/cargo"
|
||||||
|
|
|
@ -11,15 +11,24 @@ pub fn cli() -> Command {
|
||||||
.arg_quiet()
|
.arg_quiet()
|
||||||
.arg(Arg::new("token").action(ArgAction::Set))
|
.arg(Arg::new("token").action(ArgAction::Set))
|
||||||
.arg(opt("registry", "Registry to use").value_name("REGISTRY"))
|
.arg(opt("registry", "Registry to use").value_name("REGISTRY"))
|
||||||
.arg(flag("generate-keypair", "Generate a public/secret keypair").conflicts_with("token"))
|
|
||||||
.arg(
|
.arg(
|
||||||
flag("secret-key", "Prompt for secret key")
|
flag(
|
||||||
|
"generate-keypair",
|
||||||
|
"Generate a public/secret keypair (unstable)",
|
||||||
|
)
|
||||||
|
.conflicts_with("token"),
|
||||||
|
)
|
||||||
|
.arg(
|
||||||
|
flag("secret-key", "Prompt for secret key (unstable)")
|
||||||
.conflicts_with_all(&["generate-keypair", "token"]),
|
.conflicts_with_all(&["generate-keypair", "token"]),
|
||||||
)
|
)
|
||||||
.arg(
|
.arg(
|
||||||
opt("key-subject", "Set the key subject for this registry")
|
opt(
|
||||||
.value_name("SUBJECT")
|
"key-subject",
|
||||||
.conflicts_with("token"),
|
"Set the key subject for this registry (unstable)",
|
||||||
|
)
|
||||||
|
.value_name("SUBJECT")
|
||||||
|
.conflicts_with("token"),
|
||||||
)
|
)
|
||||||
.after_help("Run `cargo help login` for more detailed information.\n")
|
.after_help("Run `cargo help login` for more detailed information.\n")
|
||||||
}
|
}
|
||||||
|
|
|
@ -807,7 +807,11 @@ pub fn registry_login(
|
||||||
let new_token;
|
let new_token;
|
||||||
if generate_keypair || secret_key_required || key_subject.is_some() {
|
if generate_keypair || secret_key_required || key_subject.is_some() {
|
||||||
if !config.cli_unstable().registry_auth {
|
if !config.cli_unstable().registry_auth {
|
||||||
panic!("-Zregistry_auth required.");
|
// todo use fail_if_stable_opt
|
||||||
|
bail!(
|
||||||
|
"asymmetric token options are unstable and require the \
|
||||||
|
`-Z registry-auth` option on the nightly channel"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
assert!(token.is_none());
|
assert!(token.is_none());
|
||||||
// we are dealing with asymmetric tokens
|
// we are dealing with asymmetric tokens
|
||||||
|
|
|
@ -3,9 +3,9 @@
|
||||||
use crate::util::{config, config::ConfigKey, CanonicalUrl, CargoResult, Config, IntoUrl};
|
use crate::util::{config, config::ConfigKey, CanonicalUrl, CargoResult, Config, IntoUrl};
|
||||||
use anyhow::{bail, format_err, Context as _};
|
use anyhow::{bail, format_err, Context as _};
|
||||||
use cargo_util::ProcessError;
|
use cargo_util::ProcessError;
|
||||||
use pasetors::paserk::FormatAsPaserk;
|
|
||||||
use core::fmt;
|
use core::fmt;
|
||||||
use pasetors::keys::{AsymmetricPublicKey, AsymmetricSecretKey};
|
use pasetors::keys::{AsymmetricPublicKey, AsymmetricSecretKey};
|
||||||
|
use pasetors::paserk::FormatAsPaserk;
|
||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
use std::error::Error;
|
use std::error::Error;
|
||||||
|
|
|
@ -903,7 +903,7 @@ This same flag is also used to enable asymmetric authentication tokens.
|
||||||
|
|
||||||
Add support for Cargo to authenticate the user to registries without sending secrets over the network.
|
Add support for Cargo to authenticate the user to registries without sending secrets over the network.
|
||||||
|
|
||||||
In [`config.toml`](https://doc.rust-lang.org/cargo/reference/config.html) and `credentials.toml` files there is a field called `private-key`, which is a private key formatted in the secret [subset of `PASERK`](https://github.com/paseto-standard/paserk/blob/master/types/secret.md) and is used to sign asymmetric tokens
|
In [`config.toml`](config.md) and `credentials.toml` files there is a field called `private-key`, which is a private key formatted in the secret [subset of `PASERK`](https://github.com/paseto-standard/paserk/blob/master/types/secret.md) and is used to sign asymmetric tokens
|
||||||
|
|
||||||
A keypair can be generated with `cargo login --generate-keypair` which will:
|
A keypair can be generated with `cargo login --generate-keypair` which will:
|
||||||
- generate a public/private keypair in the currently recommended fashion.
|
- generate a public/private keypair in the currently recommended fashion.
|
||||||
|
|
|
@ -153,3 +153,20 @@ fn bad_asymmetric_token_args() {
|
||||||
.with_status(1)
|
.with_status(1)
|
||||||
.run();
|
.run();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// todo why do theas hang when run as a test?
|
||||||
|
// #[cargo_test]
|
||||||
|
// fn asymmetric_requires_nightly() {
|
||||||
|
// cargo_process("login --key-subject=foo")
|
||||||
|
// .with_status(101)
|
||||||
|
// .with_stderr_contains("asymmetric token options are unstable and require the `-Z registry-auth` option on the nightly channel")
|
||||||
|
// .run();
|
||||||
|
// cargo_process("login --generate-keypair")
|
||||||
|
// .with_status(101)
|
||||||
|
// .with_stderr_contains("asymmetric token options are unstable and require the `-Z registry-auth` option on the nightly channel")
|
||||||
|
// .run();
|
||||||
|
// cargo_process("login --secret-key")
|
||||||
|
// .with_status(101)
|
||||||
|
// .with_stderr_contains("asymmetric token options are unstable and require the `-Z registry-auth` option on the nightly channel")
|
||||||
|
// .run();
|
||||||
|
// }
|
||||||
|
|
|
@ -115,7 +115,7 @@ fn simple_add_with_asymmetric() {
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
// The http_api server will check that the authorization is correct.
|
// The http_api server will check that the authorization is correct.
|
||||||
// If the authorization was not sent then we wuld get an unauthorized error.
|
// If the authorization was not sent then we would get an unauthorized error.
|
||||||
p.cargo("owner -a username")
|
p.cargo("owner -a username")
|
||||||
.arg("-Zregistry-auth")
|
.arg("-Zregistry-auth")
|
||||||
.masquerade_as_nightly_cargo(&["registry-auth"])
|
.masquerade_as_nightly_cargo(&["registry-auth"])
|
||||||
|
@ -182,7 +182,7 @@ fn simple_remove_with_asymmetric() {
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
// The http_api server will check that the authorization is correct.
|
// The http_api server will check that the authorization is correct.
|
||||||
// If the authorization was not sent then we wuld get an unauthorized error.
|
// If the authorization was not sent then we would get an unauthorized error.
|
||||||
p.cargo("owner -r username")
|
p.cargo("owner -r username")
|
||||||
.arg("-Zregistry-auth")
|
.arg("-Zregistry-auth")
|
||||||
.replace_crates_io(registry.index_url())
|
.replace_crates_io(registry.index_url())
|
||||||
|
|
|
@ -1179,7 +1179,7 @@ fn login_with_asymmetric_key_subject_without_key() {
|
||||||
.with_status(101)
|
.with_status(101)
|
||||||
.run();
|
.run();
|
||||||
|
|
||||||
// ok so ad a secret_key to the credentials
|
// ok so add a secret_key to the credentials
|
||||||
cargo_process("login --secret-key -v -Z registry-auth")
|
cargo_process("login --secret-key -v -Z registry-auth")
|
||||||
.masquerade_as_nightly_cargo(&["registry-auth"])
|
.masquerade_as_nightly_cargo(&["registry-auth"])
|
||||||
.replace_crates_io(registry.index_url())
|
.replace_crates_io(registry.index_url())
|
||||||
|
|
|
@ -74,7 +74,7 @@ fn explicit_version_with_asymmetric() {
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
// The http_api server will check that the authorization is correct.
|
// The http_api server will check that the authorization is correct.
|
||||||
// If the authorization was not sent then we wuld get an unauthorized error.
|
// If the authorization was not sent then we would get an unauthorized error.
|
||||||
p.cargo("yank --version 0.0.1")
|
p.cargo("yank --version 0.0.1")
|
||||||
.arg("-Zregistry-auth")
|
.arg("-Zregistry-auth")
|
||||||
.masquerade_as_nightly_cargo(&["registry-auth"])
|
.masquerade_as_nightly_cargo(&["registry-auth"])
|
||||||
|
|
Loading…
Reference in a new issue