From 047131306da2e95f969e45d66f78fcc1160eac13 Mon Sep 17 00:00:00 2001 From: Pietro Albini Date: Mon, 22 Jul 2019 20:24:19 +0200 Subject: [PATCH 1/8] initial draft of cargo_token_process --- text/0000-cargo-token-process.md | 140 +++++++++++++++++++++++++++++++ 1 file changed, 140 insertions(+) create mode 100644 text/0000-cargo-token-process.md diff --git a/text/0000-cargo-token-process.md b/text/0000-cargo-token-process.md new file mode 100644 index 00000000000..a5224961316 --- /dev/null +++ b/text/0000-cargo-token-process.md @@ -0,0 +1,140 @@ +- Feature Name: `cargo_token_process` +- Start Date: 2019-07-22 +- RFC PR: [rust-lang/rfcs#0000](https://github.com/rust-lang/rfcs/pull/0000) +- Rust Issue: [rust-lang/rust#0000](https://github.com/rust-lang/rust/issues/0000) + +# Summary +[summary]: #summary + +Add a cargo setting to fetch registry authentication tokens by calling an +external process. + +# Motivation +[motivation]: #motivation + +Some interactions with a registry require an authentication token, and Cargo +currently stores such token in plaintext in the [`.cargo/credentials`][creds] +file. While Cargo properly sets permissions on that file to only allow the +current user to read it, that's not enough to prevent other processes ran by +the same user from reading the token. + +This RFC aims to provide a way to configure Cargo to instead fetch the token +from any secrets storage system, for example a password manager or the system +keyring. + +[creds]: https://doc.rust-lang.org/stable/cargo/reference/config.html#credentials + +# Guide-level explanation +[guide-level-explanation]: #guide-level-explanation + +Suppose a user has their authentication token stored in a password manager, and +the password manager provides a command, `creds cargo`, to decrypt and print +that token in a secure way. Instead of also storing the token in plaintext, the +user can add this snippet to their own `.cargo/credentials` to authenticate +with crates.io: + +```toml +[registry] +token-process = "creds cargo" +``` + +When authentication is required Cargo will execute the command and use its +output as the token, which will never be stored by Cargo on disk. The command +will be executed inside the system's shell environment, to allow the usage of +CLI utilities: + +```toml +[registry] +token-process = "creds cargo | awk '{print($2)}'" +``` + +It will be possible to use `token-process` on both crates.io and alternative +registries. + +# Reference-level explanation +[reference-level-explanation]: #reference-level-explanation + +A new key, `token-process`, will be added to the `[registry]` and +`[registries.NAME]` sections of the `.cargo/credentials` configuration file. +When a `token` key is also present, the latter will take precedence over +`token-process` to maintain backward compatibility, and a warning will be +issued to let the user know about that. + +When a `cargo` subcommand needs the authentication token, Cargo will execute +the string contained in the configuration key with the system shell (`cmd.exe` +on Windows and `sh` on other platforms). If the command returns the `0` exit +code, the stardard output (with trimmed newlines) will be treated as the +authentication token. Otherwise an error message will be shown to the user, +along with the standard output. + +The following environment variables will be provided to the executed command: + +* `CARGO` - Path to the `cargo` binary executing the command. +* `CARGO_REGISTRY_NAME` - Name of the registry the authentication token is for. + +# Drawbacks +[drawbacks]: #drawbacks + +This RFC requires cargo to execute a command with the system shell, which could +make it more difficult to port Cargo to a new operative system without a shell. + +# Rationale and alternatives +[rationale-and-alternatives]: #rationale-and-alternatives + +The solution proposed by this RFC isn't tied to any secret storage services and +can be adapted to work with virtually any secret storage the user might rely +on, while being relatively easy to understand and use. + +An alternative with better user experience but more limited customization would +be for Cargo to provide cross platform, native integration with the most popular +secret storages, for example the system keyring: + +```toml +[registry] +system-keyring = true +``` + +The issue with the native integration proposal is it helps only a subset of +users, and it requires Cargo to implement and test integrations with each +secret storage we expect a lot of users to use. + +# Prior art +[prior-art]: #prior-art + +Multiple command line tools implement this system or a similar one to retrieve +authentication tokens or other secrets: + +* [awscli][awscli] includes the `credentials_process` setting with the same + behavior as the one proposed in this RFC. +* [Docker CLI][docker] offers "credential stores", programs the Docker CLI + calls with specific arguments expecting JSON output. Implementations are + provided for common storage systems, and the protocol is documented for users + who want to integrate with their custom system. +* [Ansible Vault][ansible] allows to specify an executable file as the + decryption password, executing it when needed. + +[awscli]: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html +[docker]: https://docs.docker.com/engine/reference/commandline/login/#credentials-store +[ansible]: https://docs.ansible.com/ansible/latest/user_guide/vault.html#providing-vault-passwords + +# Unresolved questions +[unresolved-questions]: #unresolved-questions + +*Nothing here yet.* + +# Future possibilities +[future-possibilities]: #future-possibilities + +To allow for a better user experience for users of popular secret storages the +community could create Cargo plugins that easily integrate with such systems. +For example, an hypothetical Cargo plugin to integrate with the system keyring +could allow users to add this configuration snippet: + +```toml +[registry] +token-process = "cargo credentials-system-keyring" +``` + +Encrypting the stored tokens or alternate authentication methods are out of the +scope of this RFC, but could be proposed in the future to provide additional +security for our users. From 270b203f2326661796c3ba43ced989463bfd5911 Mon Sep 17 00:00:00 2001 From: Pietro Albini Date: Wed, 24 Jul 2019 13:25:58 +0200 Subject: [PATCH 2/8] rename token-process to token-from-process --- ...ss.md => 0000-cargo-token-from-process.md} | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) rename text/{0000-cargo-token-process.md => 0000-cargo-token-from-process.md} (90%) diff --git a/text/0000-cargo-token-process.md b/text/0000-cargo-token-from-process.md similarity index 90% rename from text/0000-cargo-token-process.md rename to text/0000-cargo-token-from-process.md index a5224961316..30e8d31349b 100644 --- a/text/0000-cargo-token-process.md +++ b/text/0000-cargo-token-from-process.md @@ -1,4 +1,4 @@ -- Feature Name: `cargo_token_process` +- Feature Name: `cargo_token_from_process` - Start Date: 2019-07-22 - RFC PR: [rust-lang/rfcs#0000](https://github.com/rust-lang/rfcs/pull/0000) - Rust Issue: [rust-lang/rust#0000](https://github.com/rust-lang/rust/issues/0000) @@ -35,7 +35,7 @@ with crates.io: ```toml [registry] -token-process = "creds cargo" +token-from-process = "creds cargo" ``` When authentication is required Cargo will execute the command and use its @@ -45,19 +45,19 @@ CLI utilities: ```toml [registry] -token-process = "creds cargo | awk '{print($2)}'" +token-from-process = "creds cargo | awk '{print($2)}'" ``` -It will be possible to use `token-process` on both crates.io and alternative +It will be possible to use `token-from-process` on both crates.io and alternative registries. # Reference-level explanation [reference-level-explanation]: #reference-level-explanation -A new key, `token-process`, will be added to the `[registry]` and +A new key, `token-from-process`, will be added to the `[registry]` and `[registries.NAME]` sections of the `.cargo/credentials` configuration file. When a `token` key is also present, the latter will take precedence over -`token-process` to maintain backward compatibility, and a warning will be +`token-from-process` to maintain backward compatibility, and a warning will be issued to let the user know about that. When a `cargo` subcommand needs the authentication token, Cargo will execute @@ -86,12 +86,12 @@ can be adapted to work with virtually any secret storage the user might rely on, while being relatively easy to understand and use. An alternative with better user experience but more limited customization would -be for Cargo to provide cross platform, native integration with the most popular -secret storages, for example the system keyring: +be for Cargo to provide cross platform, native integration with the most +popular secret storages, for example the system keyring: ```toml [registry] -system-keyring = true +token-from-system-keyring = true ``` The issue with the native integration proposal is it helps only a subset of @@ -132,7 +132,7 @@ could allow users to add this configuration snippet: ```toml [registry] -token-process = "cargo credentials-system-keyring" +token-from-process = "cargo credentials-system-keyring" ``` Encrypting the stored tokens or alternate authentication methods are out of the From f28df0f43c24089bd5a0f59969eebe93b5465354 Mon Sep 17 00:00:00 2001 From: Pietro Albini Date: Wed, 24 Jul 2019 13:27:11 +0200 Subject: [PATCH 3/8] update issue and PR numbers --- text/0000-cargo-token-from-process.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/text/0000-cargo-token-from-process.md b/text/0000-cargo-token-from-process.md index 30e8d31349b..8e4facf0dcb 100644 --- a/text/0000-cargo-token-from-process.md +++ b/text/0000-cargo-token-from-process.md @@ -1,7 +1,7 @@ - Feature Name: `cargo_token_from_process` - Start Date: 2019-07-22 -- RFC PR: [rust-lang/rfcs#0000](https://github.com/rust-lang/rfcs/pull/0000) -- Rust Issue: [rust-lang/rust#0000](https://github.com/rust-lang/rust/issues/0000) +- RFC PR: [rust-lang/rfcs#2730](https://github.com/rust-lang/rfcs/pull/2730) +- Cargo Issue: [rust-lang/cargo#0000](https://github.com/rust-lang/cargo/issues/0000) # Summary [summary]: #summary From 73cbf47361c48fddf2b81cb8e697da485b8e9cb0 Mon Sep 17 00:00:00 2001 From: Pietro Albini Date: Thu, 25 Jul 2019 15:25:51 +0200 Subject: [PATCH 4/8] clarify stdin, stdout and stderr --- text/0000-cargo-token-from-process.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/text/0000-cargo-token-from-process.md b/text/0000-cargo-token-from-process.md index 8e4facf0dcb..475361ecb8a 100644 --- a/text/0000-cargo-token-from-process.md +++ b/text/0000-cargo-token-from-process.md @@ -62,10 +62,10 @@ issued to let the user know about that. When a `cargo` subcommand needs the authentication token, Cargo will execute the string contained in the configuration key with the system shell (`cmd.exe` -on Windows and `sh` on other platforms). If the command returns the `0` exit -code, the stardard output (with trimmed newlines) will be treated as the -authentication token. Otherwise an error message will be shown to the user, -along with the standard output. +on Windows and `sh` on other platforms). The process will inherit Cargo's +standard input and error, and the standard output will be captured by Cargo to +read the token (with trimmed newlines). If the command returns an exit code +other than `0` Cargo will treat that as a failure. The following environment variables will be provided to the executed command: From 020f794d48887c0bb0c57b47824a88bbcb9ae8ec Mon Sep 17 00:00:00 2001 From: Pietro Albini Date: Thu, 8 Aug 2019 15:27:36 +0200 Subject: [PATCH 5/8] avoid using the shell, accept a list of arguments instead --- text/0000-cargo-token-from-process.md | 44 ++++++++++++++------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/text/0000-cargo-token-from-process.md b/text/0000-cargo-token-from-process.md index 475361ecb8a..3db32791665 100644 --- a/text/0000-cargo-token-from-process.md +++ b/text/0000-cargo-token-from-process.md @@ -28,28 +28,28 @@ keyring. [guide-level-explanation]: #guide-level-explanation Suppose a user has their authentication token stored in a password manager, and -the password manager provides a command, `creds cargo`, to decrypt and print -that token in a secure way. Instead of also storing the token in plaintext, the -user can add this snippet to their own `.cargo/credentials` to authenticate -with crates.io: +the password manager provides a command, `/usr/bin/cargo-creds`, to decrypt and +print that token in a secure way. Instead of also storing the token in +plaintext, the user can add this snippet to their own `.cargo/credentials` to +authenticate with crates.io: ```toml [registry] -token-from-process = "creds cargo" +token-from-process = "/usr/bin/cargo-creds" ``` When authentication is required Cargo will execute the command and use its -output as the token, which will never be stored by Cargo on disk. The command -will be executed inside the system's shell environment, to allow the usage of -CLI utilities: +output as the token, which will never be stored by Cargo on disk. If the +command requires arguments, for example `password-manager creds crates-io`, you +can add them in a list: ```toml [registry] -token-from-process = "creds cargo | awk '{print($2)}'" +token-from-process = ["password-manager", "creds", "crates-io"] ``` -It will be possible to use `token-from-process` on both crates.io and alternative -registries. +It will be possible to use `token-from-process` on both crates.io and +alternative registries. # Reference-level explanation [reference-level-explanation]: #reference-level-explanation @@ -60,12 +60,15 @@ When a `token` key is also present, the latter will take precedence over `token-from-process` to maintain backward compatibility, and a warning will be issued to let the user know about that. +The `token-from-process` key accepts either a string containing the binary to +call or a list containing the binary name and the arguments to provide to it. + When a `cargo` subcommand needs the authentication token, Cargo will execute -the string contained in the configuration key with the system shell (`cmd.exe` -on Windows and `sh` on other platforms). The process will inherit Cargo's -standard input and error, and the standard output will be captured by Cargo to -read the token (with trimmed newlines). If the command returns an exit code -other than `0` Cargo will treat that as a failure. +the binary contained in the configuration key with the defined arguments (if +provided by the user). The process will inherit Cargo's standard input and +error, and the standard output will be captured by Cargo to read the token +(with trimmed newlines). If the command returns an exit code other than `0` +Cargo will treat that as a failure. The following environment variables will be provided to the executed command: @@ -75,8 +78,7 @@ The following environment variables will be provided to the executed command: # Drawbacks [drawbacks]: #drawbacks -This RFC requires cargo to execute a command with the system shell, which could -make it more difficult to port Cargo to a new operative system without a shell. +*No known drawbacks yet.* # Rationale and alternatives [rationale-and-alternatives]: #rationale-and-alternatives @@ -104,8 +106,8 @@ secret storage we expect a lot of users to use. Multiple command line tools implement this system or a similar one to retrieve authentication tokens or other secrets: -* [awscli][awscli] includes the `credentials_process` setting with the same - behavior as the one proposed in this RFC. +* [awscli][awscli] includes the `credentials_process` setting with nearly the + same behavior as the one proposed in this RFC. * [Docker CLI][docker] offers "credential stores", programs the Docker CLI calls with specific arguments expecting JSON output. Implementations are provided for common storage systems, and the protocol is documented for users @@ -120,7 +122,7 @@ authentication tokens or other secrets: # Unresolved questions [unresolved-questions]: #unresolved-questions -*Nothing here yet.* +*No known unresolved questions yet.* # Future possibilities [future-possibilities]: #future-possibilities From 6062e2a6ee78476ef8a9ef3ff4745aa87afc79d3 Mon Sep 17 00:00:00 2001 From: Pietro Albini Date: Thu, 26 Sep 2019 22:42:17 +0200 Subject: [PATCH 6/8] clarify future auth methods are out of scope --- text/0000-cargo-token-from-process.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/text/0000-cargo-token-from-process.md b/text/0000-cargo-token-from-process.md index 3db32791665..6c9e1d2a5ae 100644 --- a/text/0000-cargo-token-from-process.md +++ b/text/0000-cargo-token-from-process.md @@ -140,3 +140,8 @@ token-from-process = "cargo credentials-system-keyring" Encrypting the stored tokens or alternate authentication methods are out of the scope of this RFC, but could be proposed in the future to provide additional security for our users. + +Future RFCs introducing new kinds of secrets used by Cargo (i.e. 2FA codes) +could also add support for fetching those secrets from a process, in a similar +way to this RFC. Defining how that should work is outside the scope of this RFC +though. From e334da0fe574c736184c0e847fcf7a9d93a58a8b Mon Sep 17 00:00:00 2001 From: Eric Huss Date: Wed, 13 May 2020 11:15:53 -0700 Subject: [PATCH 7/8] Add store/get/erase option. --- text/0000-cargo-token-from-process.md | 156 +++++++++++++++++--------- 1 file changed, 105 insertions(+), 51 deletions(-) diff --git a/text/0000-cargo-token-from-process.md b/text/0000-cargo-token-from-process.md index 6c9e1d2a5ae..bad5a3762fd 100644 --- a/text/0000-cargo-token-from-process.md +++ b/text/0000-cargo-token-from-process.md @@ -29,51 +29,115 @@ keyring. Suppose a user has their authentication token stored in a password manager, and the password manager provides a command, `/usr/bin/cargo-creds`, to decrypt and -print that token in a secure way. Instead of also storing the token in -plaintext, the user can add this snippet to their own `.cargo/credentials` to -authenticate with crates.io: +print that token in a secure way. Instead of storing the token in plaintext, +the user can add this snippet to their own Cargo config to authenticate with +crates.io: ```toml [registry] -token-from-process = "/usr/bin/cargo-creds" +credential-process = "/usr/bin/cargo-creds" ``` -When authentication is required Cargo will execute the command and use its -output as the token, which will never be stored by Cargo on disk. If the -command requires arguments, for example `password-manager creds crates-io`, you -can add them in a list: +When authentication is required, Cargo will execute the command to acquire the +token, which will never be stored by Cargo on disk. + +It will be possible to use `credential-process` on both crates.io and alternative +registries. + +# Reference-level explanation +[reference-level-explanation]: #reference-level-explanation + +A new key, `credential-process`, will be added to the `[registry]` and +`[registries.NAME]` sections of the configuration file. When a `token` key is +also present, the latter will take precedence over `credential-process` to +maintain backward compatibility, and a warning will be issued to let the user +know about that. + +The `registry.credential-process` value will be used for all registries. If a +specific registry specifies the value in the `registries` table, then that +will take precedence. + +The `credential-process` key accepts either a string containing the executable +and arguments or an array containing the executable name and the arguments. +This follows Cargo's convention for executables defined in config. + +There are special strings in the `credential-process` that Cargo will replace +with a given value: + +* `{name}` — Name of the registry. +* `{api_url}` — The API URL. +* `{action}` — The authentication action (described below). ```toml [registry] -token-from-process = ["password-manager", "creds", "crates-io"] +credential-process = 'cargo osxkeychain {action}' + +[registries.my-registry] +credential-process = ['/path/to/myscript', '{name}'] ``` -It will be possible to use `token-from-process` on both crates.io and -alternative registries. +There are two different kinds of token processes that Cargo supports. The +simple "basic" kind will only be called by Cargo when it needs a token. This +is intended for simple and easy integration with password managers, that can +often use pre-existing tooling. The more advanced "Cargo" kind supports +different actions passed as a command-line argument. This is intended for more +pleasant integration experience, at the expense of requiring a Cargo-specific +process to glue to the password manager. Cargo will determine which kind is +supported by the `credential-process` definition. If it contains the +`{action}` argument, then it uses the advanced style, otherwise it assumes it +only supports the "basic" kind. -# Reference-level explanation -[reference-level-explanation]: #reference-level-explanation +## Basic authenticator + +A basic authenticator is a process that returns a token on stdout. Newlines +will be trimmed. The process inherits the user's stdin and stderr. It should +exit 0 on success, and nonzero on error. + +With this form, `cargo login` and `cargo logout` are not supported and return +an error if used. + +## Cargo authenticator -A new key, `token-from-process`, will be added to the `[registry]` and -`[registries.NAME]` sections of the `.cargo/credentials` configuration file. -When a `token` key is also present, the latter will take precedence over -`token-from-process` to maintain backward compatibility, and a warning will be -issued to let the user know about that. +The protocol between the Cargo and the process is very basic, intended to +ensure the credential process is kept as simple as possible. Cargo will +execute the process with the `{action}` argument indicating which action to +perform: -The `token-from-process` key accepts either a string containing the binary to -call or a list containing the binary name and the arguments to provide to it. +* `store` — Store the given token in secure storage. +* `get` — Get a token from storage. +* `erase` — Remove a token from storage. -When a `cargo` subcommand needs the authentication token, Cargo will execute -the binary contained in the configuration key with the defined arguments (if -provided by the user). The process will inherit Cargo's standard input and -error, and the standard output will be captured by Cargo to read the token -(with trimmed newlines). If the command returns an exit code other than `0` -Cargo will treat that as a failure. +The `cargo login` command will use `store` to save a token. Commands that +require authentication, like `cargo publish`, will use `get` to retrieve a +token. A new command, `cargo logout` will be added which will use the `erase` +command to remove a token. + +The process inherits the user's stderr, so the process can display messages. +Some values are passed in via environment variables (see below). The expected +interactions are: + +* `store` — The token is sent to the process's stdin, terminated by a newline. + The process should store the token keyed off the registry name. If the + process fails, it should exit with a nonzero exit status. + +* `get` — The process should send the token to its stdout (trailing newline + will be trimmed). The process inherits the user's stdin, should it need to + receive input. + + If the process is unable to fulfill the request, it should exit with a + nonzero exit code. + +* `erase` — The process should remove the token associated with the registry + name. If the token is not found, the process should exit with a 0 exit + status. + +## Environment The following environment variables will be provided to the executed command: -* `CARGO` - Path to the `cargo` binary executing the command. -* `CARGO_REGISTRY_NAME` - Name of the registry the authentication token is for. +* `CARGO` — Path to the `cargo` binary executing the command. +* `CARGO_REGISTRY_NAME` — Name of the registry the authentication token is for. +* `CARGO_REGISTRY_API_URL` — The URL of the registry API. # Drawbacks [drawbacks]: #drawbacks @@ -87,37 +151,28 @@ The solution proposed by this RFC isn't tied to any secret storage services and can be adapted to work with virtually any secret storage the user might rely on, while being relatively easy to understand and use. -An alternative with better user experience but more limited customization would -be for Cargo to provide cross platform, native integration with the most -popular secret storages, for example the system keyring: - -```toml -[registry] -token-from-system-keyring = true -``` - -The issue with the native integration proposal is it helps only a subset of -users, and it requires Cargo to implement and test integrations with each -secret storage we expect a lot of users to use. - # Prior art [prior-art]: #prior-art Multiple command line tools implement this system or a similar one to retrieve authentication tokens or other secrets: -* [awscli][awscli] includes the `credentials_process` setting with nearly the - same behavior as the one proposed in this RFC. +* [awscli][awscli] includes the `credentials_process` setting which calls + a process with arguments provided by the user. The process is expected to + emit JSON that contains the access key. * [Docker CLI][docker] offers "credential stores", programs the Docker CLI calls with specific arguments expecting JSON output. Implementations are provided for common storage systems, and the protocol is documented for users who want to integrate with their custom system. * [Ansible Vault][ansible] allows to specify an executable file as the decryption password, executing it when needed. +* [Git] has a credential mechanism using store/get/erase arguments, and + `key=value` parameters send and received with the process. [awscli]: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html [docker]: https://docs.docker.com/engine/reference/commandline/login/#credentials-store [ansible]: https://docs.ansible.com/ansible/latest/user_guide/vault.html#providing-vault-passwords +[git]: https://git-scm.com/docs/gitcredentials#_custom_helpers # Unresolved questions [unresolved-questions]: #unresolved-questions @@ -127,15 +182,14 @@ authentication tokens or other secrets: # Future possibilities [future-possibilities]: #future-possibilities -To allow for a better user experience for users of popular secret storages the -community could create Cargo plugins that easily integrate with such systems. -For example, an hypothetical Cargo plugin to integrate with the system keyring -could allow users to add this configuration snippet: +To allow for a better user experience for users of popular secret storages, +Cargo can provide built-in support for common systems. It is proposed that a +`credential-process` with a `cargo:` prefix will use some internal support. For +example, `credential-process = 'cargo:system-keychain'`. -```toml -[registry] -token-from-process = "cargo credentials-system-keyring" -``` +Additionally, the community could create Cargo plugins that implement +different storage systems. For example, a hypothetical Cargo plugin could be +specified as `credential-process = 'cargo credential-1password {action}'`. Encrypting the stored tokens or alternate authentication methods are out of the scope of this RFC, but could be proposed in the future to provide additional From 38eac0cf2c1b1491a82c6e732b5df5ce841a989c Mon Sep 17 00:00:00 2001 From: Eric Huss Date: Fri, 4 Dec 2020 08:56:00 -0800 Subject: [PATCH 8/8] Rename to RFC 2730 --- ...o-token-from-process.md => 2730-cargo-token-from-process.md} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename text/{0000-cargo-token-from-process.md => 2730-cargo-token-from-process.md} (98%) diff --git a/text/0000-cargo-token-from-process.md b/text/2730-cargo-token-from-process.md similarity index 98% rename from text/0000-cargo-token-from-process.md rename to text/2730-cargo-token-from-process.md index bad5a3762fd..782a518f454 100644 --- a/text/0000-cargo-token-from-process.md +++ b/text/2730-cargo-token-from-process.md @@ -1,7 +1,7 @@ - Feature Name: `cargo_token_from_process` - Start Date: 2019-07-22 - RFC PR: [rust-lang/rfcs#2730](https://github.com/rust-lang/rfcs/pull/2730) -- Cargo Issue: [rust-lang/cargo#0000](https://github.com/rust-lang/cargo/issues/0000) +- Cargo Issue: [rust-lang/cargo#8933](https://github.com/rust-lang/cargo/issues/8933) # Summary [summary]: #summary