How to set up Chartered for a private Rust project?

Deploy the git server as per https://book.chart.rs/, then configure .cargo/config.toml with SSH endpoints for each organization. Authentication is handled via the git server for secure downloads.

What's better for private crates, Chartered or crates.io?

Chartered is ideal for secure, self-hosted private registries with permissions, while crates.io is public and free. Choose Chartered if you need authentication and control over internal code.

What permissions does Chartered support for crate management?

Chartered offers VISIBLE, PUBLISH_VERSION, YANK_VERSION, and MANAGE_USERS per user per crate, enabling detailed access control as specified in the README.

Is Chartered production-ready for my team?

The project is functional but has open tasks and depends on evolving Cargo RFCs. Evaluate based on your security needs and willingness to adapt to potential changes.

How does authentication work in Chartered?

Users authenticate through the git server, which generates a temporary credential-embedded index for each user, ensuring secure and private crate downloads.

Can I use Chartered with CI/CD pipelines?

Yes, by setting up authentication tokens or SSH keys in your CI environment, Chartered integrates with standard Cargo commands for building and deploying private crates.

chartered

WTFPLRustv0.1.0

A private, authenticated, permissioned Cargo registry for Rust crates with fine-grained user permissions.

GitHub

129 stars9 forks0 contributors

What is chartered?

Chartered is a private, authenticated, and permissioned Cargo registry for Rust crates. It allows teams to host proprietary or internal Rust libraries securely, with fine-grained access controls per user and per crate. It solves the problem of sharing private Rust code within organizations without exposing it publicly on crates.io.

Target Audience

Rust developers and teams working on proprietary or internal projects who need to share crates securely within their organization.

Value Proposition

Developers choose Chartered because it provides a secure, self-hosted alternative to public registries with robust authentication and permission systems, and it's designed to integrate seamlessly with Cargo's workflow while being future-proof for upcoming Cargo RFCs.

Overview

✈️ a private, authenticated, permissioned cargo registry

Use Cases

Best For

Hosting proprietary Rust crates within a company
Enforcing fine-grained access controls on internal libraries

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

Setting up a private registry for closed-source Rust projects

Managing crate permissions per user and per organization

Integrating private crates into CI/CD pipelines securely

Teams needing a self-hosted alternative to crates.io

Not Ideal For

Open-source projects that can use the public, free crates.io registry without authentication needs
Teams wanting a fully managed, hosted private registry without self-hosting complexity
Projects that require immediate compatibility with Cargo's future official authenticated registry standards

Pros & Cons

Pros

Authenticated Security

Ensures private crates are only accessible to authenticated users, preventing unauthorized access as highlighted in the key features.

Fine-Grained Permissions

Supports per-user, per-crate permissions like VISIBLE and PUBLISH_VERSION, allowing precise control over crate interactions.

Organization Management

Structures crates under organizations with separate registry endpoints in .cargo/config.toml, facilitating multi-team workflows.

Git-Based Integration

Uses a git server to serve dynamic indexes with embedded credentials, aligning with Cargo's existing workflow for seamless adoption.

Cons

Pending RFC Dependency

Designed to evolve with Cargo RFCs 2719 and 3139, meaning future changes may be required as official standards are finalized.

Setup Complexity

Requires configuring SSH endpoints and a git server, which is more involved than simpler private registry solutions or using crates.io.

Limited Ecosystem

As a self-hosted tool, it lacks the community tooling, extensive documentation, and integrations available for public registries like crates.io.

Frequently Asked Questions

Home

Rust

cratery

Cratery is a private Cargo registry designed for organizations that need to host and manage their internal Rust crates. It provides a secure, self-contained solution with essential features like documentation generation and dependency analysis out of the box, eliminating the need to rely on public infrastructure for proprietary code. ## Key Features - **Private Cargo Registry** — Host and manage internal Rust crates with authentication and access control. - **Automatic Documentation Generation** — Generates and serves documentation for published crates, similar to docs.rs, with support for worker nodes and target-specific builds. - **Dependency Analysis** — Scans dependency graphs to detect outdated dependencies and vulnerabilities from RustSec, with email notifications for owners. - **Administration Panel** — Manage crate owners and permissions through a web interface. - **Download Statistics** — Tracks and displays usage statistics for hosted crates. - **Flexible Storage** — Supports local filesystem or S3 for storing crates, metadata, and generated documentation. - **Index Protocols** — Supports both legacy git and modern sparse protocols for registry access. ## Philosophy Cratery is built to be a comprehensive, 'batteries-included' solution that prioritizes security and ease of use for organizations, providing all the essential tools for managing a private Rust ecosystem in one package.

Stars176

Forks11

Last commit2 months ago

Crates

The official public registry for Rust/Cargo

Simple and fast platform for hosting private Composer registries. Also supports Docker, npm, PyPI, Maven, and RubyGems. Offers free options for both cloud and self-hosted setups

A fully managed package management SaaS, with first-class support for public and private Cargo/Rust registries (plus many others). Has a generous free-tier and is also completely free for open-source