cargo icon indicating copy to clipboard operation
cargo copied to clipboard

Published 20 hours ago verified publisher icon rust-lang

"PyPi simple"-like directory based registry support.

Open evan0greenup opened this issue 1 year ago • 3 comments

Problem

Currently, when user want to setup his own registry, the procedures is very complicated.

For just specifying package name and version number, a simple directory based crate tarball collection set is adequate.

Proposed Solution

Considering this directory:

hello_reg/
├── goodbye
│   ├── goodbye-0.23.12.crate
│   └── goodbye-1.0.1.crate
└── helloworld
    ├── helloworld-0.0.1.crate
    └── helloworld-0.1.0.crate

It would be good to add Cargo feature to add dependencies from hello_reg/ directory. The version resolution is automatically done by Cargo like other type of registry or dependency. And the version wildcard is also supported.

Notes

This feature can make private dependency for private Rust project much more simpler.

Beside a local directory, it can also be a remote FTP URL or HTTP/HTTPS URL.

evan0greenup avatar Jun 21 '23 03:06 evan0greenup

Thanks for the report. Have you tried source replacements with either directory sources or local registry sources? Here are their filesystem hierarchy respectively:

  • https://doc.rust-lang.org/nightly/nightly-rustc/cargo/sources/directory/struct.DirectorySource.html
  • https://doc.rust-lang.org/nightly/nightly-rustc/cargo/sources/registry/local/struct.LocalRegistry.html

weihanglo avatar Jun 21 '23 09:06 weihanglo

@weihanglo , but both Directory Source and Local Registry required to be a subset of Remote Registry.

Why there is no a simplest Source, which just like how the majority package manager do?

evan0greenup avatar Jun 22 '23 07:06 evan0greenup

Why there is no a simplest Source, which just like how the majority package manager do?

Sorry. I don't know really know the answer. Adding a new kind of source sounds like requiring a (pre-)RFC first for soliciting feedback from the community.

Just had a look on Python's simple repository doc. It is fairly easy, though seems like you still need to spin up a web server. As an alternative, I feel like that vendor sources are mostly the same, but with an additional .cargo-checksum.json to make the integrity. It's a bit unfortunate Cargo doesn't have a mechanism to output such a checksum file during packaging. If it has that, does that resolves your use case? Or you want exactly what PyPI provides? I am saying so because adding things upon vendor sources is a bit easier to consider a whole new source kind.

weihanglo avatar Jun 26 '23 13:06 weihanglo