Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: stabilize credential-process and registry-auth #12649

Merged
merged 1 commit into from
Sep 18, 2023
Merged

feat: stabilize credential-process and registry-auth #12649

merged 1 commit into from
Sep 18, 2023

Conversation

arlosi
Copy link
Contributor

@arlosi arlosi commented Sep 8, 2023
edited
Loading

Stabilization PR for registry-auth and credential-process.

Tracking approval of this stabilization is done in the via the FCP in #8933. This PR is here to help reviewers of the FCP.

  • Stabilizes registry-auth and credential-process
  • Makes authenticated registries require a credential provider
  • Adds stable documentation for credential providers and authenticated registries

Closes #8933
Closes #10474

@rustbot
Copy link
Collaborator

rustbot commented Sep 8, 2023

r? @epage

(rustbot has picked a reviewer for you, use r? to override)

@rustbot rustbot added A-documenting-cargo-itself Area: Cargo's documentation A-interacts-with-crates.io Area: interaction with registries A-registries Area: registries A-registry-authentication Area: registry authentication and authorization (authn authz) A-sparse-registry Area: http sparse registries A-unstable Area: nightly unstable support Command-publish S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Sep 8, 2023
@arlosi arlosi mentioned this pull request Sep 8, 2023
Closed
16 tasks
@arlosi arlosi added the relnotes Release-note worthy label Sep 8, 2023
@bors
Copy link
Collaborator

bors commented Sep 9, 2023

☔ The latest upstream changes (presumably #12648) made this pull request unmergeable. Please resolve the merge conflicts.

@ehuss
Copy link
Contributor

ehuss commented Sep 10, 2023

Thanks so much for writing all the documentation, it looks great!

Just some minor notes about the documentation:

Can you update https://github.com/rust-lang/cargo/blob/HEAD/src/doc/src/reference/environment-variables.md to include CARGO_CREDENTIAL_ALIAS_<name> and CARGO_REGISTRIES_<name>_CREDENTIAL_PROVIDER and CARGO_REGISTRY_GLOBAL_CREDENTIAL_PROVIDERS?

One thing I'd like to chat about is documenting the stability of the built-in credential providers. I'm concerned that we may not be able to support them indefinitely, at which point we would need to remove one which would break cargo's general compatibility guarantees. For example, let's say Apple or Microsoft suddenly start requiring signed binaries in order to access the global credential stores, and we can't accommodate that. Or, let's say libsecret stops development and distros stop using it. I'm wondering it there should be a note in the auth or config chapter about that? I don't want a note that sounds scary, since it is unlikely that we would stop supporting them, and we would also try to provide a warning ahead of time if possible if we plan to remove it. But I do think it is useful to clearly communicate to users what our expectations around compatibility are.

An alternate idea would be to have a separate "compatibility contract" that would generally state how cargo treats backwards and forwards compatibility, and then exceptions like this (and other things like RUSTFLAGS or platform support) could be mentioned there. Right now, we only have https://doc.crates.io/contrib/design.html which spells that out, but that is not end-user documentation. Perhaps that could move to the cargo guide?

Any thoughts on that?

@rustbot rustbot added A-cli Area: Command-line interface, option parsing, etc. A-cli-help Area: built-in command-line help Command-login labels Sep 11, 2023
@arlosi
Copy link
Contributor Author

arlosi commented Sep 11, 2023

Good catch on the missing docs in environment-variables.md. Updated.

I'm concerned that we may not be able to support them indefinitely, at which point we would need to remove one which would break cargo's general compatibility guarantees.

I've added a note in registry-authentication.md that says:

Cargo includes several built-in credential providers. The available built-in providers may change in future Cargo releases.

Do you think that's sufficient?

@ehuss
Copy link
Contributor

ehuss commented Sep 12, 2023

Do you think that's sufficient?

Seems good to me.

@Eh2406
Copy link
Contributor

Eh2406 commented Sep 12, 2023

Cargo includes several built-in credential providers. The available built-in providers may change in future Cargo releases. Although, we do not have plans to do so in the near future. If plans change we will update this documentation.

Or sum such.

@ehuss
Copy link
Contributor

ehuss commented Sep 13, 2023

I forgot, can you also update publish.py so that it includes all of the credential crates? 1password doesn't need to be included, but I don't think it will cause any harm to include it.

weihanglo
weihanglo reviewed Sep 14, 2023
View reviewed changes
src/doc/src/reference/environment-variables.md Outdated Show resolved Hide resolved
src/doc/src/reference/config.md Outdated Show resolved Hide resolved
@rustbot rustbot added the A-infrastructure Area: infrastructure around the cargo repo, ci, releases, etc. label Sep 14, 2023
@weihanglo weihanglo marked this pull request as ready for review September 16, 2023 23:52
@weihanglo
Copy link
Member

Your efforts on this are much appreciated, Arlo! Also thanks everyone for reviewing and testing on this feature :)

We're not going to wait for the FCP ended, as the beta branching-off window is approaching, and the FCP was started 9 days ago. If you encounter any issue with this stabilization, please report it here or open a new issue.

@bors r

@bors
Copy link
Collaborator

bors commented Sep 18, 2023

📌 Commit d345ca2 has been approved by weihanglo

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Sep 18, 2023
@bors
Copy link
Collaborator

bors commented Sep 18, 2023

⌛ Testing commit d345ca2 with merge 7149418...

@bors
Copy link
Collaborator

bors commented Sep 18, 2023

☀️ Test successful - checks-actions
Approved by: weihanglo
Pushing 7149418 to master...

@bors bors merged commit 7149418 into rust-lang:master Sep 18, 2023
22 checks passed
@weihanglo weihanglo mentioned this pull request Sep 18, 2023
Merged
bors added a commit to rust-lang-ci/rust that referenced this pull request Sep 18, 2023
@bors
Auto merge of rust-lang#115923 - weihanglo:update-cargo, r=weihanglo
078eb11 
Update cargo

6 commits in d5336f813df39d476e61fc46daabb1446350660a..b4ddf95ad9954118ac0dae835f2966394ad04c02
2023-09-14 19:55:49  0000 to 2023-09-18 03:48:09  0000
- doc: differentiate defaults for split-debuginfo (rust-lang/cargo#12680)
- feat(cli): Add '-n' to dry-run (rust-lang/cargo#12660)
- feat: stabilize credential-process and registry-auth (rust-lang/cargo#12649)
- refactor: use `RegistryOrIndex` enum to replace two booleans (rust-lang/cargo#12677)
- doc: clarify caret requirements (rust-lang/cargo#12679)
- feat(pkgid): Allow incomplete versions when unambigious (rust-lang/cargo#12614)

r? ghost
@Hirevo Hirevo mentioned this pull request Sep 29, 2023
Open
@ehuss ehuss added this to the 1.74.0 milestone Sep 30, 2023
@ehuss ehuss mentioned this pull request Oct 7, 2023
Merged
bors added a commit that referenced this pull request Oct 7, 2023
@bors
Auto merge of #12792 - ehuss:1.73-publish, r=weihanglo
d252bce 
[stable 1.73] backport publish script fixes

Backports:

* Add credential crates from [12649](#12649). I didn't realize that these crates were added as unstable dependencies in 1.73, and thus were required for publishing. `@Mark-Simulacrum` has already published the missing versions, but I am updating this just to be thorough.
* Remove sleep from #12686. This is just so the publish doesn't take forever.
@epage epage mentioned this pull request Oct 11, 2023
Open
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jan 8, 2024
@he32
rust: update to version 1.74.1.
1fca108 
Pkgsrc changes:

 * Remove NetBSD-8 support (embedded LLVm requires newer C  
   than what is in -8; it's conceivable that this could still
   build with an external LLVM)
 * undo powerpc 9.0 file naming tweak, since we no longer support -8.
 * Remove patch to LLVM for powerpc now included by upstream.
 * Minor adjustments, checksum changes etc.


Upstream changes:

Version 1.74.1 (2023-12-07)
===========================

- [Resolved spurious STATUS_ACCESS_VIOLATIONs in LLVM]
  (rust-lang/rust#118464)
- [Clarify guarantees for std::mem::discriminant]
  (rust-lang/rust#118006)
- [Fix some subtyping-related regressions]
  (rust-lang/rust#116415)

Version 1.74.0 (2023-11-16)
==========================

Language
--------

- [Codify that `std::mem::Discriminant<T>` does not depend on any
  lifetimes in T]
  (rust-lang/rust#104299)
- [Replace `private_in_public` lint with `private_interfaces` and
  `private_bounds` per RFC 2145]
  (rust-lang/rust#113126)
  Read more in
  [RFC 2145](https://rust-lang.github.io/rfcs/2145-type-privacy.html).
- [Allow explicit `#[repr(Rust)]`]
  (rust-lang/rust#114201)
- [closure field capturing: don't depend on alignment of packed fields]
  (rust-lang/rust#115315)
- [Enable MIR-based drop-tracking for `async` blocks]
  (rust-lang/rust#107421)

Compiler
--------

- [stabilize combining  bundle and  whole-archive link modifiers]
  (rust-lang/rust#113301)
- [Stabilize `PATH` option for `--print KIND=PATH`]
  (rust-lang/rust#114183)
- [Enable ASAN/LSAN/TSAN for `*-apple-ios-macabi`]
  (rust-lang/rust#115644)
- [Promote loongarch64-unknown-none* to Tier 2]
  (rust-lang/rust#115368)
- [Add `i686-pc-windows-gnullvm` as a tier 3 target]
  (rust-lang/rust#115687)

Libraries
---------

- [Implement `From<OwnedFd/Handle>` for ChildStdin/out/err]
  (rust-lang/rust#98704)
- [Implement `From<{&,&mut} [T; N]>` for `Vec<T>` where `T: Clone`]
  (rust-lang/rust#111278)
- [impl Step for IP addresses]
  (rust-lang/rust#113748)
- [Implement `From<[T; N]>` for `Rc<[T]>` and `Arc<[T]>`]
  (rust-lang/rust#114041)
- [`impl TryFrom<char> for u16`]
  (rust-lang/rust#114065)
- [Stabilize `io_error_other` feature]
  (rust-lang/rust#115453)
- [Stabilize the `Saturating` type]
  (rust-lang/rust#115477)
- [Stabilize const_transmute_copy]
  (rust-lang/rust#115520)

Stabilized APIs
---------------

- [`core::num::Saturating`]
  (https://doc.rust-lang.org/stable/std/num/struct.Saturating.html)
- [`impl From<io::Stdout> for std::process::Stdio`]
  (https://doc.rust-lang.org/stable/std/process/struct.Stdio.html#impl-From-for-Stdio)
- [`impl From<io::Stderr> for std::process::Stdio`]
  (https://doc.rust-lang.org/stable/std/process/struct.Stdio.html#impl-From-for-Stdio)
- [`impl From<OwnedHandle> for std::process::Child{Stdin, Stdout, Stderr}`]
  (https://doc.rust-lang.org/stable/std/process/struct.Stdio.html#impl-From-for-Stdio)
- [`impl From<OwnedFd> for std::process::Child{Stdin, Stdout, Stderr}`]
  (https://doc.rust-lang.org/stable/std/process/struct.Stdio.html#impl-From-for-Stdio)
- [`std::ffi::OsString::from_encoded_bytes_unchecked`]
  (https://doc.rust-lang.org/stable/std/ffi/struct.OsString.html#method.from_encoded_bytes_unchecked)
- [`std::ffi::OsString::into_encoded_bytes`]
  (https://doc.rust-lang.org/stable/std/ffi/struct.OsString.html#method.into_encoded_bytes)
- [`std::ffi::OsStr::from_encoded_bytes_unchecked`]
  (https://doc.rust-lang.org/stable/std/ffi/struct.OsStr.html#method.from_encoded_bytes_unchecked)
- [`std::ffi::OsStr::as_encoded_bytes`]
  (https://doc.rust-lang.org/stable/std/ffi/struct.OsStr.html#method.as_encoded_bytes)
- [`std::io::Error::other`]
  (https://doc.rust-lang.org/stable/std/io/struct.Error.html#method.other)
- [`impl TryFrom<char> for u16`]
  (https://doc.rust-lang.org/stable/std/primitive.u16.html#impl-TryFrom-for-u16)
- [`impl<T: Clone, const N: usize> From<&[T; N]> for Vec<T>`]
  (https://doc.rust-lang.org/stable/std/vec/struct.Vec.html#impl-From<&[T; N]>-for-Vec)
- [`impl<T: Clone, const N: usize> From<&mut [T; N]> for Vec<T>`]
  (https://doc.rust-lang.org/stable/std/vec/struct.Vec.html#impl-From<&mut [T; N]>-for-Vec)
- [`impl<T, const N: usize> From<[T; N]> for Arc<[T]>`]
  (https://doc.rust-lang.org/stable/std/sync/struct.Arc.html#impl-From<[T; N]>-for-Arc<[T], Global>)
- [`impl<T, const N: usize> From<[T; N]> for Rc<[T]>`]
  (https://doc.rust-lang.org/stable/std/rc/struct.Rc.html#impl-From<[T; N]>-for-Rc<[T], Global>)

These APIs are now stable in const contexts:

- [`core::mem::transmute_copy`]
  (https://doc.rust-lang.org/beta/std/mem/fn.transmute_copy.html)
- [`str::is_ascii`]
  (https://doc.rust-lang.org/beta/std/primitive.str.html#method.is_ascii)
- [`[u8]::is_ascii`]
  (https://doc.rust-lang.org/beta/std/primitive.slice.html#method.is_ascii)

Cargo
-----

- [fix: Set MSRV for internal packages]
  (rust-lang/cargo#12381)
- [config: merge lists in precedence order]
  (rust-lang/cargo#12515)
- [fix(update): Clarify meaning of --aggressive as --recursive]
  (rust-lang/cargo#12544)
- [fix(update): Make `-p` more convenient by being positional]
  (rust-lang/cargo#12545)
- [feat(help): Add styling to help output ]
  (rust-lang/cargo#12578)
- [feat(pkgid): Allow incomplete versions when unambigious]
  (rust-lang/cargo#12614)
- [feat: stabilize credential-process and registry-auth]
  (rust-lang/cargo#12649)
- [feat(cli): Add '-n' to dry-run]
  (rust-lang/cargo#12660)
- [Add support for `target.'cfg(..)'.linker`]
  (rust-lang/cargo#12535)
- [Stabilize `--keep-going`]
  (rust-lang/cargo#12568)
- [feat: Stabilize lints]
  (rust-lang/cargo#12648)

Rustdoc
-------

- [Add warning block support in rustdoc]
  (rust-lang/rust#106561)
- [Accept additional user-defined syntax classes in fenced code blocks]
  (rust-lang/rust#110800)
- [rustdoc-search: add support for type parameters]
  (rust-lang/rust#112725)
- [rustdoc: show inner enum and struct in type definition for concrete type]
  (rust-lang/rust#114855)

Compatibility Notes
-------------------

- [Raise minimum supported Apple OS versions]
  (rust-lang/rust#104385)
- [make Cell::swap panic if the Cells partially overlap]
  (rust-lang/rust#114795)
- [Reject invalid crate names in `--extern`]
  (rust-lang/rust#116001)
- [Don't resolve generic impls that may be shadowed by dyn built-in impls]
  (rust-lang/rust#114941)

Internal Changes
----------------

These changes do not affect any public interfaces of Rust, but they represent
significant improvements to the performance or internals of rustc and related
tools.

None this cycle.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehuss ehuss ehuss left review comments

@weihanglo weihanglo weihanglo approved these changes

Assignees

@epage epage

Labels
A-cli Area: Command-line interface, option parsing, etc. A-cli-help Area: built-in command-line help A-documenting-cargo-itself Area: Cargo's documentation A-infrastructure Area: infrastructure around the cargo repo, ci, releases, etc. A-interacts-with-crates.io Area: interaction with registries A-registries Area: registries A-registry-authentication Area: registry authentication and authorization (authn authz) A-sparse-registry Area: http sparse registries A-unstable Area: nightly unstable support Command-login Command-publish relnotes Release-note worthy S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion.
Projects
None yet
Milestone
1.74.0
7 participants
@arlosi @rustbot @bors @ehuss @Eh2406 @weihanglo @epage