-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add subcommand to download the crate source #1861
Comments
cc me |
How do you think this subcommand should be named? Should it essentially work like git clone? |
Maybe |
@JanLikar yeah I've thought in the past that |
I'm willing to do this, but I would need some guidance. @alexcrichton, would you be my mentor? |
Certainly! You'll likely want to start this outside of this repo and use the cargo crate on crates.io Once you've got that you'll do something along the lines of:
You may want to also explore other cargo subcommands to explore how to set up the CLI. |
Why shouldn't I just work with a copy of the master branch? |
@JanLikar Because it is fairly trivial to |
FYI @JanLikar has since created the cargo-clone for this exact purpose. (I note that here because I was asked about the feature and found that the subcommand is not yet mentioned in this issue.) |
cargo-clone is useful; however, it would also be nice to have a cargo-download that downloads the .crate file, with checksum verification (and optional specification of a version other than the latest). |
I will give you one example where this would be useful to have directly inside |
As there hasn't been any activity here in over 6 months I've marked this as stale and if no further activity happens for 7 days I will close it. I'm a bot so this may be in error! If this issue should remain open, could someone (the author, a team member, or any interested party) please comment to that effect? The team would be especially grateful if such a comment included details such as:
Thank you for contributing! (The cargo team is currently evaluating the use of Stale bot, and using #6035 as the tracking issue to gather feedback.) If you're reading this comment from the distant future, fear not if this was closed automatically. If you believe it's still an issue please leave a comment and a team member can reopen this issue. Opening a new issue is also acceptable! |
This issue still exists. The next step would be the implementation of a command ( |
|
I'm inclined to close this issue. Multiple implementations as third party tools exist, and we'd want an RFC to add a built-in command to cargo. I think there's no further progress that can be made in this repository without an RFC. |
That's fair; the next step is probably an RFC, not further implementation work. |
Another potentially similar command: https://github.com/nakabonne/rhack |
Yet another third-party implementation of this: |
just want to mention two existing commands that fetch package sources: cargo fetch and cargo vendor. adding a flag to cargo fetch that would allow fetching an individual package and print the directory of that package would be one possible solution. |
For people who just want to browse source, you can do so at Could people help me understand the use case for this command? I'm wanting to make sure we focus on the right feature set for this. |
For me, I can think of two use-cases off the top of my head:
In both cases, the common thread is "I want the version Cargo is going to use and I don't want to have to slurp it back out of HTML". In case 1, "without running any of its code" is also an important constraint since "analysis" may very well be auditing the crate for trustworthiness. (So I imagine, if the version hasn't been |
Would #1545 (getting source from |
No. I can already do that manually if that's what I intended. I'm talking about specifically the situation where I want to patch against the exact code published in that specific release on Crates.io. (In the most extreme case, possibly even where I want to do a fork-and-fix on a Last I checked, Cargo doesn't even have a mechanism to match the SHA256 from |
The |
I stand corrected. However, that doesn't change that, were any proposed subcommand to work by downloading from |
My main use case for this feature is release-plz/release-plz#1331 In my tool, I want to download the source of what's published in crates.io to understand if what was published is the same as the current commit. Other use cases I can think about:
Is the cargo team willing to review PRs in case somebody (maybe me 👀) tries to implement it? Or are you still evaluating if it's worth adding this command in cargo? |
No, this is not implementation ready as this is marked Generally the path for a new subcommand is
FYI if you want anything other than vcs info, then this is complicated as you need the details in the published
Have you seen crates.io's work in this direction? |
It would be nice to be able to download the source for a crates.io crate. Currently, I either google the repository name to find the github page, or find the crate on crates.io and find the repository link on the crate page. Not only is this process long, but it also may not always work as some crates may have generic and hard to search names, may be hosted on less popular hosting platforms, or may not have include the repository link in the manifest.
A subcommand would be useful to quickly download the source without running into these issues.
The text was updated successfully, but these errors were encountered: