In nightly Rust as of 2023-09-19 (
rustc v1.74.0), Cargo requires the
[registry.global-credential-providers] key to be configured in
~/.cargo/config.toml to be able to use the
registry-auth feature and perform authenticated downloads:
# ~/.cargo/config.toml [registry] global-credential-providers = ["cargo:token"]
global-credential-providers, you may get an error like this when Cargo tries to download a
.crate file from the registry server:
$ cargo +nightly check error: failed to download `my-private-crate v1.2.3 (registry `shipyard-rs`)` Caused by: unable to get packages from source Caused by: authenticated registries require a credential-provider to be configured see https://doc.rust-lang.org/cargo/reference/registry-authentication.html for details
Note: the URL in the error message is currently incorrect; the documentation can be found instead at:
The current official documentation recommends also including
global-credential-providers on Linux. Including it may result in the following error message:
$ cargo +nightly check error: failed to download `my-private-crate v1.2.3 (registry `shipyard-rs`)` Caused by: unable to get packages from source Caused by: credential provider `cargo:libsecret` failed action `get` Caused by: failed to load libsecret: try installing the `libsecret` or `libsecret-1-0` package with the system package manager Caused by: libsecret-1.so: cannot open shared object file: No such file or directory
To resolve this error, either remove
cargo:libsecret from the list of credentials providers, or install libsecret using your package manager.
cargo:token will allow you to use token-based authentication as before the 1.74 changes.
With Rust 1.74.0, it looks like the
registry-auth feature is on track to finally be stabilized!
When it is stabilized, it will no longer be necessary to include the
[unstable] configuration in your
~/.cargo/config.toml, i.e. this section can be removed:
[unstable] registry-auth = true
If you use multiple versions of Rust in your development work, it may be prudent to leave the unstable configuration in place, despite the warning message from Cargo that it will be ignored (appears in Rust 1.74 and newer).