Add test for rustdoc-map generation when using sparse registries
Fixes#11402.
Adds an explicit check for sparse registries when generating the mappings for `-Zrustdoc-map`, so that the `sparse+` qualifier is removed before the comparison.
Add error message when `cargo fix` on an empty repo
### What does this PR try to resolve?
close https://github.com/rust-lang/cargo/issues/11380
Add error message when `cargo fix` on an empty repo.
### How should we test and review this PR?
- [x] unit test
```sh
set -eux
cargo +nightly new repro
cd repro
echo "fn main() { let _ = 0.clone(); }" > src/main.rs
cargo fix
```
Store the sparse+ prefix in the SourceId for sparse registries
#11209 added a new `SourceKind::SparseRegistry` and removed the `sparse+` prefix from the URLs stored in the `SourceId`.
The removal of the `sparse+` prefix from the URLs in the `SourceId` has led to several bugs, since registry URLs no longer round-trip through a `SourceId`. The most recent one I found was that the example configuration generated by `cargo vendor` did not include the `sparse+` prefix. Any place that calls the `.url()` method on a `SourceId` potentially has this bug.
This change puts the `sparse+` prefix back in the URL stored in the `SourceId`, but keeps the new `SourceKind::SparseRegistry`.
A test is added for doing `cargo vendor` on an alternative registry using the sparse protocol.
Update documentation for -Zrustdoc-scrape-examples in the Cargo Book
### What does this PR try to resolve?
Description in the title. Fixes#11424.
### How should we test and review this PR?
Here's a screenshot of the updated documentation:
<img width="814" alt="Screen Shot 2022-11-25 at 6 24 49 PM" src="https://user-images.githubusercontent.com/663326/204065460-4e06c638-7e3d-4c00-a805-7cb4b5a3803b.png">
r? `@weihanglo`
fix: Move off atty to resolve soundness issue
There is a soundness issue with atty when building on Windows with a custom allocator.
This PR switches direct dependencies on atty to is-terminal. New semver compatible versions of clap and snapbox remove atty. #11417 upgrades env_logger to remove it from there.
Fixes#11416
add newline char to `cargo install .` error message for easier reading.
I just noticed the `cargo install .` error message was not formatted very nicely.
Just added a newline char to make it cleaner.
Thanks
There is a soundness issue with atty when building on Windows with a
custom allocator.
This PR switches direct dependencies on atty to is-terminal. New semver
compatible versions of clap and snapbox remove atty. #11417 upgrades
env_logger to remove it from there.
Fixes#11415
chore: Upgrade to env_logger
This removes one path to `atty`.
Others:
- clap: fixed in 4.0.27
- pretty-env-logger: seanmonstar/pretty-env-logger#52 needs to be resolved first
- snapbox: this will be fixed soonish but is also only a test dependency
- direct dependency
This is part of #11416
Change rustdoc-scrape-examples to be a target-level configuration
This PR addresses issues raised in rust-lang/cargo#9525. Specifically:
1. It enables examples to be scraped from `#[test]` functions, by passing additional flags to Rustdoc to ensure that these functions aren't ignored by rustc.
2. It moves the `arg` from `-Z rustdoc-scrape-examples={arg}` into a target-level configuration that can be added to Cargo.toml.
The added test `scrape_examples_configure_target` shows a concrete example. In short, examples will be default scraped from Example and Lib targets. Then the user can enable or disable scraping like so:
```toml
[lib]
doc-scrape-examples = false
[[test]]
name = "my_test"
doc-scrape-examples = true
```
This removes one path to `atty`.
Others:
- clap: fixed in 4.0.27
- pretty-env-logger: seanmonstar/pretty-env-logger#52 needs to be resolved first
- snapbox: this will be fixed soonish but is also only a test dependency
- direct dependency
This is part of #11416
Add warning when `cargo tree -i <spec>` can not find packages
### What does this PR try to resolve?
close https://github.com/rust-lang/cargo/issues/11315
Add warning when `cargo tree -i <spec>` can not find packages.
### How should we test and review this PR?
Please run the unit test.
Clean profile, patch, and replace in cargo remove
### What does this PR try to resolve?
This PR is part of the continued work on cargo remove (#11099, see deferred work).
After a successful removal of a dependency, clean up the profile, patch, and replace sections to remove all references to it.
**Note** the GC process was expanded to clean up not just references to the dependencies just removed, but also references of all dependencies. This was because there's not an easy way to determine which dependencies correspond to the given TOML keys, without either 1) figuring that out before the removal (therefore having to predict the behavior), or 2) returning that information from the remove function (somewhat unorthodox for an op).
### How should we review and test this PR?
Verify that the implementation makes sense and that the tests are sufficient.
chore: Upgrade miow
Upgrade `miow` to the latest release.
The main change from miow is the upgrade of transitive dependency `windows-sys` from 0.28 to 0.42, which removes a duplicate dependency for cargo.
Fix several tests that are waiting 60 seconds for publishing to time out
Several tests are missing the pre-publishing hack to avoid the 60 second wait-for-publish timeout.
r? `@epage`
Implement RFC 3139: alternative registry authentication support
Allows registries to request Cargo to send the authentication token for all requests, rather than just publish/yank, implementing [RFC 3139](https://github.com/rust-lang/cargo/issues/10474).
### Items from the [tracking issue](https://github.com/rust-lang/cargo/issues/10474)
> Do registries need a more fine-grained switch for which API commands require authentication?
This PR uses the `auth_required` boolean as described in the RFC.
> The RFC mentions adding --token to additional commands like install and search
These flags are not added by this PR.
> Consider changing the name and form of the X- header
Changed to the `www-authenticate` header as suggested by the comments.
> Will there be any concerns with the interaction with https://github.com/rust-lang/rfcs/pull/3231
Not that I know of.
-------------
Adds a new field `"auth-required": true` to `config.json` that indicates Cargo should include the token in all requests to a registry.
For HTTP registries, Cargo first attempts an un-authenticated request, then if that fails with HTTP 401, an authenticated request is attempted. The registry server may include a `www-authenticate` header with the HTTP 401 to instruct Cargo with URL the user can visit to acquire a token (crates.io/me).
Since the API URL is not known (because it's stored in the index), the unstable credential provider feature is modified to key off the index url, and the registry name is no longer provided.
To handle the case where an alternative registry's name is not known (such as coming from a lock file, or via `--index`), Cargo can now look up the token in the configuration by matching on the index URL. This introduces a new error if two alternative registries are configured with the same index URL.
Several operations, such as `cargo install` could have had a `--token` argument added, however it appears that Cargo would like to move away from passing the token on the command line for security reasons. In this case, users would need to configure the registry via the config file (or environment variables) when using `cargo install --index ...` or similar.
Fix cargo install --index when used with registry.default
Setting `registry.default` causes the `args.registry` call to return the default registry as if it were passed through `--registry`, which leaves the `--index` argument ignored in `cargo install`, since `registry` is checked first.
Fixes#11301 by checking for `index` before `registry`.
Note that if you try to pass both `--index` and `--registry`, then a command-line parser error (correctly) occurs:
```
The argument '--registry <REGISTRY>' cannot be used with '--index <INDEX>'
```
