How do you manage private libs?

Hi all,

how do you manage private rust libs?

Lately, this question became more pressing for me. After trying out the third-party-registries, I feel that this is way to difficult given the popularity of Rust. Does anyone know if Azure (artifacts) or Github (packages) is working on supporting the Cargo API?

I just found the following community question but I wonder why it has so few up-votes? Is this not relevant for the rest of the community?

2 Likes

This is a sample size of 1, but I've been using Rust for a while now - both personally and professionally - and haven't really needed to use a custom registry for managing my private crates.

95% of the time, a cargo workspace with path dependencies and a monorepo work fine for looking after the various sub-crates in a project.

When you've got multiple large projects, you often won't want fine grained dependencies going back and forth anyway because it increases coupling. That means it's quite feasible for project B to add project A's "main" crate as a git dependency (possibly pinning to a tag/commit) and let Cargo.lock manage the versioning via commit hashes.

3 Likes

Artifactory seems to support private registries, that should make some of the devs working for their corporate clients happy. (I've only seen artifactory used in that context so I'm thinking of ex-colleagues)

3 Likes

I'm using private git repositories. It works okay-ish. It's a bit slow and doesn't play well with semver (cargo update isn't as smart as with a registry).