From e908f6af15bceca05dc5ba7ab36a92bf0218c0ed Mon Sep 17 00:00:00 2001 From: Weihang Lo Date: Thu, 16 Mar 2023 22:42:18 +0000 Subject: [PATCH] doc(yank): mention help@crates.io and revoking creds --- src/doc/man/cargo-yank.md | 9 +++++++++ src/doc/man/generated_txt/cargo-yank.txt | 10 ++++++++++ src/doc/src/commands/cargo-yank.md | 9 +++++++++ src/etc/man/cargo-yank.1 | 8 ++++++++ 4 files changed, 36 insertions(+) diff --git a/src/doc/man/cargo-yank.md b/src/doc/man/cargo-yank.md index d760071e2a7..2eded26132c 100644 --- a/src/doc/man/cargo-yank.md +++ b/src/doc/man/cargo-yank.md @@ -61,7 +61,16 @@ A common workflow is to yank a crate having already published a semver compatible version, to reduce the probability of preventing dependent crates from compiling. +To address copyright, licensing, or personal data issues with your published +crate, contact the maintainers of the registry you used. For crates.io, refer +to their [policies] and contact them at . + +If your credentials have been leaked, the recommended process is to revoke them +immediately. Once a crate is published, it's impossible to know if those leaked +credentials have been copied, so taking swift action is crucial. + [RustSec]: https://rustsec.org/ +[policies]: https://crates.io/policies ## OPTIONS diff --git a/src/doc/man/generated_txt/cargo-yank.txt b/src/doc/man/generated_txt/cargo-yank.txt index 32eceb37efe..15aa4b58c11 100644 --- a/src/doc/man/generated_txt/cargo-yank.txt +++ b/src/doc/man/generated_txt/cargo-yank.txt @@ -66,6 +66,16 @@ DESCRIPTION compatible version, to reduce the probability of preventing dependent crates from compiling. + To address copyright, licensing, or personal data issues with your + published crate, contact the maintainers of the registry you used. For + crates.io, refer to their policies and + contact them at . + + If your credentials have been leaked, the recommended process is to + revoke them immediately. Once a crate is published, it’s impossible to + know if those leaked credentials have been copied, so taking swift + action is crucial. + OPTIONS Yank Options --vers version, --version version diff --git a/src/doc/src/commands/cargo-yank.md b/src/doc/src/commands/cargo-yank.md index 060ec1f5582..e653e7201dd 100644 --- a/src/doc/src/commands/cargo-yank.md +++ b/src/doc/src/commands/cargo-yank.md @@ -61,7 +61,16 @@ A common workflow is to yank a crate having already published a semver compatible version, to reduce the probability of preventing dependent crates from compiling. +To address copyright, licensing, or personal data issues with your published +crate, contact the maintainers of the registry you used. For crates.io, refer +to their [policies] and contact them at . + +If your credentials have been leaked, the recommended process is to revoke them +immediately. Once a crate is published, it's impossible to know if those leaked +credentials have been copied, so taking swift action is crucial. + [RustSec]: https://rustsec.org/ +[policies]: https://crates.io/policies ## OPTIONS diff --git a/src/etc/man/cargo-yank.1 b/src/etc/man/cargo-yank.1 index db05962ea36..dce54ff49af 100644 --- a/src/etc/man/cargo-yank.1 +++ b/src/etc/man/cargo-yank.1 @@ -91,6 +91,14 @@ irrespective of susceptibility to the vulnerability in question. A common workflow is to yank a crate having already published a semver compatible version, to reduce the probability of preventing dependent crates from compiling. +.sp +To address copyright, licensing, or personal data issues with your published +crate, contact the maintainers of the registry you used. For crates.io, refer +to their \fIpolicies\fR and contact them at \&. +.sp +If your credentials have been leaked, the recommended process is to revoke them +immediately. Once a crate is published, it\[cq]s impossible to know if those leaked +credentials have been copied, so taking swift action is crucial. .SH "OPTIONS" .SS "Yank Options" .sp