Lib.rs

›

#credentials #cargo #pass #encryption #cargo-subcommand

app cargo-credential-pass

Keep your cargo registry tokens encrypted in your pass store

by Dom

2 releases (1 stable)

1.0.0	Sep 2, 2024
0.1.0	Aug 1, 2024

#109 in Cargo plugins

192 downloads per month

Apache-2.0

15KB
225 lines

cargo-credential-pass

A Cargo credential provider for pass.

No config needed[^cargo]
Stores encrypted tokens in your password store with all your other secrets
Automatically encrypts using your password store GPG key
Works great with keys stored on HSMs too (hello YubiKey!)

Because no one likes plaintext credentials on disk :(

Use It

Install cargo-credential-pass:

% cargo install --locked cargo-credential-pass

Configure Cargo to use this credential provider:

[registry]
global-credential-providers = ["cargo-credential-pass"]

Login! cargo login will pop up your editor - paste your registry token and close the window.

Your token will now be stored as an encrypted text file in $PASSWORD_STORE_DIR/cargo-registry/<registery-name>.token.

That's it - you're good to go!

[^cargo]: Kinda - just cargo!

Dependencies

~1.5–9MB
~85K SLoC