3 Likes
tl;dr - crates.io
has been using an insecure RNG for generating API keys and used to store them in plaintext. Even though there's no evidence suggesting this has been expoited, all existing API keys have been revoked, so if you want to publish crates, you have to create a new one at crates.io/me.
1 Like
This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.