8

Github Cargo alternative registry auth by arlosi · Pull Request #3139 · rust-lan...

 3 years ago
source link: https://github.com/rust-lang/rfcs/pull/3139
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

New issue

Cargo alternative registry auth #3139

Conversation

Copy link

arlosi commented 2 days ago

edited

This RFC adds authorization for alternative registries, taking in to account the recent developments in HTTP-based registries (RFC2789).

Zulip discussion
Internals thread

Rendered

Copy link

Member

joshtriplett commented 2 days ago

This seems reasonable.

The RFC should explicitly state that authorization headers are only provided for https:// URLs, and that under no circumstances will cargo ever pass an authorization header over plaintext HTTP.

Copy link

Member

joshtriplett commented 2 days ago

edited

Also, the RFC suggests that there's nowhere to pass this information for git, but if you're using git via https, it'd be possible to pass the authorization header. We may or may not want to support that. But at the very least, the RFC should document this possibility, and then state a concrete proposal for how we want to handle this case.

Copy link

Author

arlosi commented yesterday

Thanks for taking a look! I've updated the RFC to include more details on requiring HTTPS, as well as a section on how we might handle adding an Authorization header for git over https in the future.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

No reviews

Assignees

No one assigned

Labels
Projects

None yet

Milestone

No milestone

Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK