feat: Verify cksum of crate tarball from cargo registry (#1260)

Fixed #1183 Since the crate tarball could be downloaded from a different set of servers than where the cargo registry is hosted, verifying the checksum is necessary to verify its integrity. Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
2025-04-24 22:30:03 +00:00 · 2023-08-09 20:57:47 +10:00 · 2023-08-09 20:57:47 +10:00 · 3e80b12748
commit 3e80b12748
parent 1c886d8897
10 changed files with 112 additions and 45 deletions
--- a/crates/bin/src/entry.rs
+++ b/crates/bin/src/entry.rs
@ -1,5 +1,4 @@
 use std::{
-    borrow::Cow,
    env, fs,
    future::Future,
    path::{Path, PathBuf},