Allow usernames in alt registry URLs

sfackler · sfackler · commit 6e90641759ef · 2018-10-30T18:01:44.000-07:00
We want to forbid secrets since they'll commonly end up checked into source control, but usernames are fine (and are commonly going to be `git`). Closes #6241
diff --git a/src/cargo/util/config.rs b/src/cargo/util/config.rs
@@ -669,8 +669,8 @@ impl Config {
             match self.get_string(&format!("registries.{}.index", registry))? {
                 Some(index) => {
                     let url = index.val.to_url()?;
-                    if url.username() != "" || url.password().is_some() {
-                        bail!("Registry URLs may not contain credentials");
+                    if url.password().is_some() {
+                        bail!("Registry URLs may not contain passwords");
                     }
                     url
                 }
diff --git a/tests/testsuite/alt_registry.rs b/tests/testsuite/alt_registry.rs
@@ -458,7 +458,7 @@ fn publish_with_crates_io_dep() {
 }
 
 #[test]
-fn credentials_in_url_forbidden() {
+fn passwords_in_url_forbidden() {
     registry::init();
 
     let config = paths::home().join(".cargo/config");
@@ -489,6 +489,6 @@ fn credentials_in_url_forbidden() {
     p.cargo("publish --registry alternative -Zunstable-options")
         .masquerade_as_nightly_cargo()
         .with_status(101)
-        .with_stderr_contains("error: Registry URLs may not contain credentials")
+        .with_stderr_contains("error: Registry URLs may not contain passwords")
         .run();
 }

Original file line number	Diff line number	Diff line change
`@@ -669,8 +669,8 @@ impl Config {`
`669`	`669`	`match self.get_string(&format!("registries.{}.index", registry))? {`
`670`	`670`	`Some(index) => {`
`671`	`671`	`let url = index.val.to_url()?;`
`672`		`- if url.username() != "" \|\| url.password().is_some() {`
`673`		`- bail!("Registry URLs may not contain credentials");`
	`672`	`+ if url.password().is_some() {`
	`673`	`+ bail!("Registry URLs may not contain passwords");`
`674`	`674`	`}`
`675`	`675`	`url`
`676`	`676`	`}`
Original file line number	Diff line number	Diff line change
`@@ -458,7 +458,7 @@ fn publish_with_crates_io_dep() {`
`458`	`458`	`}`
`459`	`459`
`460`	`460`	`#[test]`
`461`		`-fn credentials_in_url_forbidden() {`
	`461`	`+fn passwords_in_url_forbidden() {`
`462`	`462`	`registry::init();`
`463`	`463`
`464`	`464`	`let config = paths::home().join(".cargo/config");`
`@@ -489,6 +489,6 @@ fn credentials_in_url_forbidden() {`
`489`	`489`	`p.cargo("publish --registry alternative -Zunstable-options")`
`490`	`490`	`.masquerade_as_nightly_cargo()`
`491`	`491`	`.with_status(101)`
`492`		`- .with_stderr_contains("error: Registry URLs may not contain credentials")`
	`492`	`+ .with_stderr_contains("error: Registry URLs may not contain passwords")`
`493`	`493`	`.run();`
`494`	`494`	`}`