Cargo Limitations in Artifactory

JFrog Artifactory Documentation
Products
JFrog Artifactory
Content Type
User Guide

The following are the limitations of Cargo in Artifactory:

  • Repository Layout: You need to maintain a path structure to manage crates in local Cargo repositories. Cargo Source packages are uploaded by default using the relative path: crates/<PACKAGE_NAME>/<PACKAGE_NAME>-<VERSION>.crate.

  • Version Support:

    • Artifactory supports Cargo version 1.49.0 and above.

    • Artifactory's sparse index requires Cargo version 1.60 or later. For Cargo versions 1.60 through 1.67, you must add the -Z sparse-registry flag to your commands. For versions prior to 1.60, use a Git implementation.

  • Git Indexing Limitations: Artifactory supports Sparse indexing for Cargo from Artifactory 7.46.3 and by default from 7.58.0. If you use Git indexing, you might experience the following issues and limitations:

    • Stability issues with repository initialization

    • Non-support of proxy in remote repositories

    • Slower performance and build time

    Sparse indexing is strongly recommended. For more information, see Index Cargo Repositories Using Sparse Indexing

  • Authentication with Older Versions of Cargo: If your Cargo repository requires authentication and you are using Cargo version 1.67 or earlier, you may need to enable the Allow anonymous download and search setting in order for install and search commands to work. This is because older versions of the Cargo client without sparse indexing do not send authentication headers with install and search commands.

  • Federation Limitations and Workaround: Due to the hardcoded registry URLs in crate files, which cannot be modified without invalidating the package checksum, Federation and virtual repositories are not supported for Cargo in Artifactory. However, there is a workaround for Federation. For more information, see Cargo Package Federation Limitation and Workaround.