Skip to content

cargo install should have an option to allow installing a yanked binary #13082

New issue
New issue
Open
Open
cargo install should have an option to allow installing a yanked binary#13082

Description

@leighmcculloch

leighmcculloch
openedon Nov 30, 2023

Problem

Installing binaries using cargo install --version <version> <crate> will fail if version is yanked.

Crates can be yanked for different reasons. While some of those reasons are security related, not all are. Even for security related reasons, blocking the install of yanked tools is disruptive. Teams may need time to update CI, install scripts, systems, to be able to upgrade to a new version.

In CI systems it breaks and prevents reproducibility when versions of tools can disappear.

Proposed Solution

Add an option --allow-yanked to allow installing yanked binaries.

Or, change the --force option to allow installing yanked binaries.

Notes

No response

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    A-yankedArea: yanked dependenciesArea: yanked dependenciesC-feature-requestCategory: proposal for a feature. Before PR, ping rust-lang/cargo if this is not `Feature accepted`Category: proposal for a feature. Before PR, ping rust-lang/cargo if this is not `Feature accepted`Command-installS-triageStatus: This issue is waiting on initial triage.Status: This issue is waiting on initial triage.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions