Add more information to HTTP errors to help with debugging.
This adds some extra information to the HTTP error message about some headers and the remote IP address that could potentially be useful in diagnosing issues.
Closes#8691
The headers can significantly contribute to noise in the output,
drowning out the rest of the output. Most investigation will likely be
focused on the case where cargo completely fails to download, so this
only shows the full detail in the final error message.
Use registry.default for login/logout
This changes `cargo login` and `cargo logout` to use the registry configured at `registry.default` as the registry instead of crates.io. For `cargo login`, this was an unintentional regression from #6466. The documentation has always stated that it will use the default registry.
This makes the command more in line with other registry-involving commands. There are still some inconsistencies.
These commands use the default if not specified:
* `cargo init`
* `cargo new`
* `cargo owner`
* `cargo search`
* `cargo yank`
* `cargo publish` uses the default, but will also look at the `publish` field `Cargo.toml` and use that if the registry is not specified.
These commands would always use crates.io if `--registry` is not specified:
* `cargo login`
* `cargo logout`
* `cargo install`
I'm a bit uncertain how to proceed, since this is technically a breaking change particularly if someone has scripted it. I suspect that the number of users that use `registry.default` is very small, and those that script `cargo login` are even smaller, and thus the intersection is probably small or nonexistent. However, there is some risk here.
Fix credential token format validation.
The existing validation incorrectly excluded tab because of a missing backslash. This updates to add the backslash.
This also rewords the comments. I found the current comments to be a little confusing.
This also extends the test to verify more valid inputs.
cc #11600
Validate token on publish.
The `publish` path was not validating the token like the other API routes were (like owner, or yank). This does not appear to be intentional from what I can tell. This consolidates the relevant code so that it is shared with all the API calls.
cc #11600Closes#11571
Clarify docs on `-C` that it appears before the command.
The docs for `-C` currently don't mention that it must appear before the command name. This is the only root option that behaves this way that is documented in every page (except for `+toolchain`, which already mentions its position restriction). This adds some text to explain this restriction.
Add `try_canonicalize` and use it over `std::fs::canonicalize`
This adds a `try_canonicalize` function that calls `std::fs::canonicalize` and on Windows falls back to getting an absolute path. Uses of `canonicalize` have been replaced with `std::fs::canonicalize`. On Windows `std::fs::canonicalize` may fail due to incomplete drivers. In particular `ImDisk` does not support it.
Combined with https://github.com/rust-lang/rust/pull/109231 this allows compiling crates on an `ImDisk` RAM disk and I've tested that it works with various configuration using [rcb](https://github.com/Zoxc/rcb).
docs(changelog): Change wording about auto-fix message
The wording in the changelog regarding the auto-fix message specified that it would show for "warnings/errors", but Cargo only shows the message for warnings currently.
The reason that errors were not included was that there were concerns with `rustfix`/`cargo`'s ability to deal with errors, so we decided to skip showing it when there were any errors.
Stop using UncanonicalizedIter for QueryKind::Exact
`QueryKind::Exact` causes unnecessary HTTP requests when querying for crates that don't exist. Even though the query is `Exact`, when fetching `Summaries`, Cargo still uses `UncanonicalizedIter` and requests additional possible crate names if the first one isn't found.
This change moves the use of `UncanonicalizedIter` further up the call stack such that we have the `QueryKind` available, and only do the additional queries for `QueryKind::Fuzzy`.
The impact is most noticeable when publishing a new crate that contains `-` or `_`. Since Cargo waits for publish by querying the registry, if the crate name is `my-example-test-crate`, Cargo currently makes 8 HTTP requests each second while waiting for the crate to be available. With this fix, Cargo makes only 1 request per second.
cc #11934
Don't query permutations of the path prefix.
This fixes the use of the `UncanonicalizedIter` to not create permutations that are not valid paths if the crate has a dash or underscore in the first four characters of the name.
Previously it was permuting the path in the prefix, creating invalid paths. For example, `my-tool` would create a path like `my/_t/my-tool` which isn't valid since the filename doesn't match the prefix directories.
This fixes it so that it permutes just the name, and then generates the index path *after* permuting it.
The test included here goes from 16 queries to just 4 queries.
Fixes#11935
Fix Cargo warning about unused sparse configuration key
When doing a credential lookup, Cargo deserializes the registry configuration and detects the `registries.crates-io.protocol` key as unused and issues a warning:
```
warning: unused config key `registries.crates-io.protocol` in [..]
```
This fixes the issue by adding the field to the `RegistryConfig` struct.
Switch benchsuite to the index archive.
Due to the index squash this morning, the commit of the index that the benchsuite was using is no longer available. This switches to the archive which contains the complete history of the index and shouldn't have issues with commits going away.
When doing a credential lookup, Cargo deserializes the registry configuration and detects the
registries.crates-io.protocol key as unused and issues a warning.
This fixes the issue by adding the field to the struct
Update git2
This updates git2 from 0.16 to 0.17, which updates libgit2 from 1.5.0 to 1.6.3. This is quite a large update (particularly around SSH handling), so this update is fairly risky. All of the issues I'm aware of have been resolved.
Due to some changes in how libgit2 handles SSH agent errors, I tweaked the wording of the error generated by cargo when all authentications fail. Previously, libgit2 would abort the authentication when an ssh-agent connection failed.
Changelog for git2: https://github.com/rust-lang/git2-rs/blob/master/CHANGELOG.md#0170---2023-04-02
Changelog for libgit2: https://github.com/libgit2/libgit2/blob/main/docs/changelog.md#v163Closes#11611
Publish docs: Clarify requirements about the state of the index after publish.
The current Publish API docs don't mention anything about the requirements of updating the index asynchronously, so this adds some information about how cargo handles that.
Call out the differences between the index JSON and the API or metadata.
This adds some clarifications to the differences between the index JSON format and the Publish API and `cargo metadata`. This seems to be a common source of confusion for registry implementers, so hopefully this will highlight the differences and make them more evident.
