Skip to content

Scan content of $CARGO_HOME/bin on restore instead of relying on cargo install metadata #325

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Swatinem merged 1 commit into from
Apr 12, 2026
+42 −12
Merged

Scan content of $CARGO_HOME/bin on restore instead of relying on cargo install metadata #325

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 34 additions & 0 deletions .github/workflows/binstall.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: binstall

on: [push, pull_request]

permissions: {}

jobs:
binstall:
if: github.repository == 'Swatinem/rust-cache'
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]

name: Test `cargo binstall` on ${{ matrix.os }}
runs-on: ${{ matrix.os }}

env:
CARGO_TERM_COLOR: always

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

- run: rustup toolchain install stable --profile minimal --no-self-update

- uses: cargo-bins/[email protected]

Check failure

Code scanning / zizmor

unpinned action reference Error

unpinned action reference
Copy link
Copy Markdown
Contributor Author

@clechasseur clechasseur Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In case this helps, that tag is linked to an immutable release and it therefore cannot be modified. That is why I pinned it there; otherwise I would've pinned to a commit hash.


- uses: ./

- run: cargo binstall -y cargo-deny
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Comment on lines +33 to +34
Copy link
Copy Markdown
Owner

@Swatinem Swatinem Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why does this need the github token? I couldn’t find any docs that mention this, and I would prefer to rather remove this.

Copy link
Copy Markdown
Contributor Author

@clechasseur clechasseur Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not strictly required, but if cargo-binstall downloads binaries from GitHub, it will try to use a GitHub token to avoid hitting more stringent API rate limits. It's possible to pass --github-token on the command-line, otherwise the fallback is to check the GITHUB_TOKEN environment variable.

This is documented in HELP.md, although admittedly not that clearly.

Before I added this, I often hit rate limits in my CI workflows. It's possible that yours wouldn't be that affected, however.

Copy link
Copy Markdown
Owner

@Swatinem Swatinem Apr 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the explanation. This looks good to me.

20 changes: 8 additions & 12 deletions src/cleanup.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,16 +77,16 @@ async function cleanProfileTarget(profileDir: string, packages: Packages, checkT

export async function getCargoBins(): Promise<Set<string>> {
const bins = new Set<string>();

try {
const { installs }: { installs: { [key: string]: { bins: Array<string> } } } = JSON.parse(
await fs.promises.readFile(path.join(CARGO_HOME, ".crates2.json"), "utf8"),
);
for (const pkg of Object.values(installs)) {
for (const bin of pkg.bins) {
bins.add(bin);
const dir = await fs.promises.opendir(path.join(CARGO_HOME, "bin"));
for await (const dirent of dir) {
if (dirent.isFile()) {
bins.add(dirent.name);
}
}
} catch {}

return bins;
}

Expand All @@ -97,15 +97,11 @@ export async function getCargoBins(): Promise<Set<string>> {
* @param oldBins The binaries that existed when the action started.
*/
export async function cleanBin(oldBins: Array<string>) {
const bins = await getCargoBins();

for (const bin of oldBins) {
bins.delete(bin);
}
const binsToRemove = new Set<string>(oldBins);

const dir = await fs.promises.opendir(path.join(CARGO_HOME, "bin"));
for await (const dirent of dir) {
if (dirent.isFile() && !bins.has(dirent.name)) {
if (dirent.isFile() && binsToRemove.has(dirent.name)) {
await rm(dir.path, dirent);
}
}
Expand Down
Loading