crates.io adds source code viewer and decouples accounts from GitHub
crates.io ships a source code viewer, GitHub-independent accounts via RFC, unmaintained-crate warnings, and a completed Svelte frontend migration.
Rust's package registry crates.io shipped a significant set of updates over the past six months. The headline feature is a new 'Code' tab that lets developers browse the exact files inside published crate versions—including generated files like normalized Cargo.toml—directly on the site, independent of the linked repository. The backend repacks .crate archives into seekable zip files served from a CDN, so browsing sources adds no load to the API servers; a version diff viewer is reportedly in progress.
On the account side, the team accepted RFC #3946, introducing crates.io-native usernames decoupled from GitHub, laying groundwork for future support of other identity providers. The rollout is deliberately incremental given the security implications.
Security tooling also improved: crates flagged as unmaintained by RustSec now display warning banners, and crates superseded by the standard library (like lazy_static) get a 'you might not need this dependency' notice backed by a new curated dataset. Separately, the frontend's migration from Ember.js to Svelte is complete, alongside performance fixes to search ranking, reverse-dependency lookups, accessibility, and the git index worker.
For engineers, these changes mean easier dependency auditing, a more modern account and frontend foundation, and a faster, more resilient registry infrastructure.