Commit graph

122 commits

Author SHA1 Message Date
Ed Page
675224b3a0 test(config): Shift to config.toml 2024-01-26 13:40:46 -06:00
Eric Huss
0afd943dad Fix some test output validation. 2023-11-15 15:10:18 -08:00
Jacob Finkelman
6644828028 add test 2023-10-19 18:44:42 +00:00
Jacob Finkelman
dcde7eb316 move pre-release specific error message 2023-09-12 16:06:29 +00:00
loloicci
7880215265 fix error message trying patch non-existing package with prerelease version 2023-09-12 15:57:29 +00:00
Ed Page
385dfb6298 test(registry): Show current too-new schema error
This reproduces the problem in #10623.
2023-09-11 16:19:15 +00:00
Ed Page
293b71a961 test(registry): Provide more room from tests conflicting with reality 2023-09-11 16:19:15 +00:00
Ed Page
4bf1af0cd0 fix(update): Make -p more convenient by being positional
Generally, cargo avoids positional arguments.  Mostly for the commands
that might forward arguments to another command, like `cargo test`.
It also allows some flexibility in turning flags into options.

For `cargo add` and `cargo remove`, we decided to accept positionals
because the motivations didn't seem to apply as much (similar to `cargo
install`).

This applies the pattern to `cargo update` as well which is in the same
category of commands as `cargo add` and `cargo remove`.

As for `--help` formatting, I'm mixed on whether `[SPEC]...` should be at the top like
other positionals or should be relegated to "Package selection".  I went
with the latter mostly to make it easier to visualize the less common
choice.

Switching to a positional for `cargo update` (while keeping `-p` for
backwards compatibility) was referenced in #12425.
2023-08-23 11:57:36 -05:00
Arlo Siemsen
fb98f3fcba Add test differ_only_by_metadata 2023-08-11 18:42:40 -05:00
Weihang Lo
c60c06585c
fix: clear cache for old .cargo-ok format
In 1.71, `.cargo-ok` changed to contain a JSON `{ v: 1 }` to indicate
the version of it. A failure of parsing will result in a heavy-hammer
approach that unpacks the `.crate` file again. This is in response to a
security issue that the unpacking didn't respect umask on Unix systems.
2023-08-03 13:42:54 +01:00
Weihang Lo
4fafa69a4d
fix: respect umask when unpacking .crate files
Without this, an attacker can leverage globally writable files buried
in the `.crate` file. After a user downloaded and unpacked the file,
the attacker can then write malicous code to the downloaded sources.
2023-08-03 13:41:08 +01:00
Weihang Lo
789a2fb4bf
test: verify permissions bits are preserved when unpacking
This is not secure and will be fixed in the next commit.
2023-08-03 13:39:48 +01:00
Jacob Finkelman
d6021c9c34 do not try an exponential number of package names 2023-05-05 17:15:06 +00:00
Eric Huss
6fa758e83c Fix flaky not_found_permutations test. 2023-04-14 08:01:34 -07:00
Eric Huss
c00a633bd6 Don't display headers in spurious warning message.
The headers can significantly contribute to noise in the output,
drowning out the rest of the output. Most investigation will likely be
focused on the case where cargo completely fails to download, so this
only shows the full detail in the final error message.
2023-04-12 09:38:53 -07:00
Eric Huss
4702fa3ad3 Include the IP address in HTTP errors. 2023-04-12 09:38:53 -07:00
Eric Huss
c7c9b8f32b Show some HTTP headers in error messages. 2023-04-12 09:38:52 -07:00
Eric Huss
a9e0b505d6 Update auth error message to specify args for cargo login. 2023-04-10 10:20:21 -07:00
Eric Huss
1ee340c0a7 Don't query permutations of the path prefix. 2023-04-04 18:49:42 -07:00
Eric Huss
6bd1209a55 Add delays to network retries. 2023-03-31 14:04:48 -07:00
Arlo Siemsen
78d4f2cb84 Make sparse the default protocol for crates.io 2023-03-02 10:50:22 -06:00
Scott Schafer
98c746629b chore: update registry tests to use check 2023-02-20 12:22:24 -06:00
Eric Huss
5c160dde1c Handle .cargo-ok being truncated 2023-01-31 15:03:28 -08:00
Arlo Siemsen
7dc5506756 Stabilize sparse-registry 2023-01-05 11:04:52 -06:00
Jacob Finkelman
f20ab0fa9b move login tests 2022-12-14 20:40:59 +00:00
Jacob Finkelman
29ff25f6d9 cleanups round 1 2022-12-13 23:49:07 +00:00
Jacob Finkelman
c2a1daab63 print the public key on login 2022-12-13 19:09:57 +00:00
Jacob Finkelman
40325c4d4a generate and check secret_key 2022-12-12 17:52:49 +00:00
Jacob Finkelman
b907a7f7ea Add test for wrighting keys 2022-12-12 17:51:47 +00:00
bors
0460192d1a Auto merge of #11337 - weihanglo:compression-ratio, r=ehuss
Aware of compression ratio for unpack size limit
2022-11-29 19:10:00 +00:00
Arlo Siemsen
9827412fee Implement RFC 3139: alternative registry authentication support 2022-11-16 14:36:19 -06:00
Weihang Lo
de7cd31eac
aware of compression ratio for unpack size limit 2022-11-04 18:40:44 +00:00
Anton Lazarev
d70a4ee93c
update stderr in tests for unrelated functionality 2022-10-28 17:13:25 -07:00
Eric Huss
5e6da66c03 Add test for deleted index entry 2022-10-22 18:20:52 -07:00
bors
5788d76d68 Auto merge of #11209 - arlosi:sparse-kind, r=ehuss
Add new SourceKind::SparseRegistry to differentiate sparse registries

Refactor sparse registry to have its own `SourceKind`.
Follow up from https://github.com/rust-lang/cargo/pull/11177#issuecomment-1272395571

r? `@ehuss`
2022-10-12 21:03:19 +00:00
Arlo Siemsen
d77aef5ba4 Add configuration option for controlling crates.io protocol
`registries.crates-io.protocol` can be set to either `sparse` or `git`.
The default is `git` unless `-Z sparse-registry` is passed.
2022-10-11 14:44:09 -05:00
Arlo Siemsen
56f68168f3 Add new SourceKind::SparseRegistry to differentiate sparse registries 2022-10-11 09:26:59 -05:00
Arlo Siemsen
dd5134c7a5 Implement RFC 3289: source replacement ambiguity 2022-10-07 22:30:59 -05:00
Arlo Siemsen
dcc512b317 Add retry support to sparse registries 2022-10-07 12:00:24 -05:00
Scott Schafer
ab18bd40d5 refactor(testsuite): Replace [project] with [package] 2022-09-26 09:51:16 -06:00
Weihang Lo
22ac249db2
Run reach_max_unpack_size test only on debug build 2022-09-15 19:02:26 +01:00
Weihang Lo
d87d57dbbd
CVE-2022-36114: add tests 2022-09-14 10:54:49 +02:00
Weihang Lo
dafe4a7ea0
CVE-2022-36113: add tests 2022-09-14 10:54:47 +02:00
Scott Schafer
c239e407e7 add a reason to masquerade_as_nightly_cargo so it is searchable 2022-07-15 21:32:23 -05:00
Eric Huss
502a9c5407 Fix tests due to change in dead_code diagnostic. 2022-06-23 13:08:08 -07:00
Jacob Finkelman
288856b778 HTTP-based -> sparse
Co-authored-by: Arlo Siemsen <arkixml@gmail.com>
2022-06-17 16:45:33 +00:00
Kornel
a9faf49040 Use specific terminology for sparse HTTP-based registry
Git-based registry uses HTTP too
2022-06-17 15:09:56 +01:00
Arlo Siemsen
24dac452c5 Improve testing framework for http registries
Improve integration of the http server introduced by the http-registry feature.
Now the same HTTP server is used for serving downloads, the index, and
the API.

This makes it easier to write tests that deal with authentication and
http registries.
2022-06-10 16:51:35 -05:00
Arlo Siemsen
2622074d43 Require http-registry URLs to end with a '/' 2022-05-23 21:39:23 -05:00
Martin Pool
0c525bbb0e Test CACHEDIR.TAG is created in an existing registry 2022-04-24 19:51:01 -07:00