feat (publish): deprecate --token option (#16046)

### What does this PR try to resolve?
Closes #15274
This PR adds a warning when `--token` option is used with `cargo
publish` command.
This PR removes `--token` from help and docs for publish command.

There's an `--index` option that still requires `--token` to be
specified, but addressing that is not the part of this PR.

### How to test and review this PR?
Please check changed test cases to see how behavior changes.

Author: weihanglo

src/bin/cargo/commands/publish.rs

@@ -1,14 +1,19 @@
 use crate::command_prelude::*;
 
 use cargo::ops::{self, PublishOpts};
+use cargo_credential::Secret;
 
 pub fn cli() -> Command {
     subcommand("publish")
         .about("Upload a package to the registry")
         .arg_dry_run("Perform all checks without uploading")
         .arg_index("Registry index URL to upload the package to")
         .arg_registry("Registry to upload the package to")
-        .arg(opt("token", "Token to use when uploading").value_name("TOKEN"))
+        .arg(
+            opt("token", "Token to use when uploading")
+                .value_name("TOKEN")
+                .hide(true),
+        )
         .arg(flag(
             "no-verify",
             "Don't verify the contents by building them",
@@ -45,13 +50,16 @@ pub fn exec(gctx: &mut GlobalContext, args: &ArgMatches) -> CliResult {
         .into());
     }
 
+    let token = args.get_one::<String>("token").cloned().map(Secret::from);
+    if token.is_some() {
+        let _ = gctx.shell().warn("`cargo publish --token` is deprecated in favor of using `cargo login` and environment variables");
+    }
+
     ops::publish(
         &ws,
         &PublishOpts {
             gctx,
-            token: args
-                .get_one::<String>("token")
-                .map(|s| s.to_string().into()),
+            token,
             reg_or_index,
             verify: !args.flag("no-verify"),
             allow_dirty: args.flag("allow-dirty"),

src/doc/man/cargo-publish.md

@@ -28,8 +28,9 @@ following steps:
    and may timeout. In that case, you will need to check for completion
    manually. This timeout does not affect the upload.
 
-This command requires you to be authenticated with either the `--token` option
-or using {{man "cargo-login" 1}}.
+This command requires you to be authenticated using {{man "cargo-login" 1}}
+or environment variables of the [`registry.token`](../reference/config.html#registrytoken)
+and [`registries.<name>.token`](../reference/config.html#registriesnametoken) config fields.
 
 See [the reference](../reference/publishing.html) for more details about
 packaging and publishing.
@@ -44,8 +45,6 @@ packaging and publishing.
 Perform all checks without uploading.
 {{/option}}
 
-{{> options-token }}
-
 {{#option "`--no-verify`" }}
 Don't verify the contents by building them.
 {{/option}}

src/doc/man/generated_txt/cargo-publish.txt

@@ -25,8 +25,12 @@ DESCRIPTION
           and may timeout. In that case, you will need to check for completion
           manually. This timeout does not affect the upload.
 
-       This command requires you to be authenticated with either the --token
-       option or using cargo-login(1).
+       This command requires you to be authenticated using cargo-login(1) or
+       environment variables of the registry.token
+       <https://doc.rust-lang.org/cargo/reference/config.html#registrytoken>
+       and registries.<name>.token
+       <https://doc.rust-lang.org/cargo/reference/config.html#registriesnametoken>
+       config fields.
 
        See the reference
        <https://doc.rust-lang.org/cargo/reference/publishing.html> for more
@@ -37,18 +41,6 @@ OPTIONS
        --dry-run
            Perform all checks without uploading.
 
-       --token token
-           API token to use when authenticating. This overrides the token
-           stored in the credentials file (which is created by cargo-login(1)).
-
-           Cargo config <https://doc.rust-lang.org/cargo/reference/config.html>
-           environment variables can be used to override the tokens stored in
-           the credentials file. The token for crates.io may be specified with
-           the CARGO_REGISTRY_TOKEN environment variable. Tokens for other
-           registries may be specified with environment variables of the form
-           CARGO_REGISTRIES_NAME_TOKEN where NAME is the name of the registry
-           in all capital letters.
-
        --no-verify
            Don’t verify the contents by building them.
 

src/doc/src/commands/cargo-publish.md

@@ -24,8 +24,9 @@ following steps:
    and may timeout. In that case, you will need to check for completion
    manually. This timeout does not affect the upload.
 
-This command requires you to be authenticated with either the `--token` option
-or using [cargo-login(1)](cargo-login.html).
+This command requires you to be authenticated using [cargo-login(1)](cargo-login.html)
+or environment variables of the [`registry.token`](../reference/config.html#registrytoken)
+and [`registries.<name>.token`](../reference/config.html#registriesnametoken) config fields.
 
 See [the reference](../reference/publishing.html) for more details about
 packaging and publishing.
@@ -40,17 +41,6 @@ packaging and publishing.
 <dd class="option-desc">Perform all checks without uploading.</dd>
 
 
-<dt class="option-term" id="option-cargo-publish---token"><a class="option-anchor" href="#option-cargo-publish---token"></a><code>--token</code> <em>token</em></dt>
-<dd class="option-desc">API token to use when authenticating. This overrides the token stored in
-the credentials file (which is created by <a href="cargo-login.html">cargo-login(1)</a>).</p>
-<p><a href="../reference/config.html">Cargo config</a> environment variables can be
-used to override the tokens stored in the credentials file. The token for
-crates.io may be specified with the <code>CARGO_REGISTRY_TOKEN</code> environment
-variable. Tokens for other registries may be specified with environment
-variables of the form <code>CARGO_REGISTRIES_NAME_TOKEN</code> where <code>NAME</code> is the name
-of the registry in all capital letters.</dd>
-
-
 <dt class="option-term" id="option-cargo-publish---no-verify"><a class="option-anchor" href="#option-cargo-publish---no-verify"></a><code>--no-verify</code></dt>
 <dd class="option-desc">Don’t verify the contents by building them.</dd>
 

src/etc/_cargo

@@ -251,7 +251,6 @@ _cargo() {
                         '--index=[specify registry index]:index' \
                         '--allow-dirty[allow dirty working directories to be packaged]' \
                         "--no-verify[don't verify the contents by building them]" \
-                        '--token=[specify token to use when uploading]:token' \
                         '--dry-run[perform all checks without uploading]'
                         ;;
 

src/etc/cargo.bashcomp.sh

@@ -73,7 +73,7 @@ _cargo()
 	local opt__owner="$opt_common $opt_lock -a --add -r --remove -l --list --index --token --registry"
 	local opt__package="$opt_common $opt_mani $opt_feat $opt_lock $opt_parallel --allow-dirty -l --list --no-verify --no-metadata --index --registry --target --target-dir"
 	local opt__pkgid="$opt_common $opt_mani $opt_lock $opt_pkg"
-	local opt__publish="$opt_common $opt_mani $opt_feat $opt_lock $opt_parallel --allow-dirty --dry-run --token --no-verify --index --registry --target --target-dir"
+	local opt__publish="$opt_common $opt_mani $opt_feat $opt_lock $opt_parallel --allow-dirty --dry-run --no-verify --index --registry --target --target-dir"
 	local opt__remove="$opt_common $opt_pkg $opt_lock $opt_mani --dry-run --dev --build --target"
 	local opt__rm="$opt__remove"
 	local opt__report="$opt_help $opt_verbose $opt_color future-incompat future-incompatibilities"

src/etc/man/cargo-publish.1

@@ -37,8 +37,9 @@ and may timeout. In that case, you will need to check for completion
 manually. This timeout does not affect the upload.
 .RE
 .sp
-This command requires you to be authenticated with either the \fB\-\-token\fR option
-or using \fBcargo\-login\fR(1).
+This command requires you to be authenticated using \fBcargo\-login\fR(1)
+or environment variables of the \fI\f(BIregistry.token\fI\fR <https://doc.rust\-lang.org/cargo/reference/config.html#registrytoken>
+and \fI\f(BIregistries.<name>.token\fI\fR <https://doc.rust\-lang.org/cargo/reference/config.html#registriesnametoken> config fields.
 .sp
 See \fIthe reference\fR <https://doc.rust\-lang.org/cargo/reference/publishing.html> for more details about
 packaging and publishing.
@@ -50,19 +51,6 @@ packaging and publishing.
 Perform all checks without uploading.
 .RE
 .sp
-\fB\-\-token\fR \fItoken\fR
-.RS 4
-API token to use when authenticating. This overrides the token stored in
-the credentials file (which is created by \fBcargo\-login\fR(1)).
-.sp
-\fICargo config\fR <https://doc.rust\-lang.org/cargo/reference/config.html> environment variables can be
-used to override the tokens stored in the credentials file. The token for
-crates.io may be specified with the \fBCARGO_REGISTRY_TOKEN\fR environment
-variable. Tokens for other registries may be specified with environment
-variables of the form \fBCARGO_REGISTRIES_NAME_TOKEN\fR where \fBNAME\fR is the name
-of the registry in all capital letters.
-.RE
-.sp
 \fB\-\-no\-verify\fR
 .RS 4
 Don\[cq]t verify the contents by building them.

tests/testsuite/alt_registry.rs

@@ -306,6 +306,7 @@ Caused by:
         .arg(crates_io.index_url().as_str())
         .with_status(101)
         .with_stderr_data(str![[r#"
+[WARNING] `cargo publish --token` is deprecated in favor of using `cargo login` and environment variables
 [UPDATING] crates.io index
 [ERROR] failed to verify manifest at `[ROOT]/foo/Cargo.toml`