Wrong redirect URL given for a download with -/_ canonicalization #1687
Description
I was poking around today at a crate I was working on and was confused that after publishing I was getting a 403 for the tarball for the crate that I wanted to manually inspect. I typed out everything below manually so the bug is definitely on me (not through Cargo or any tooling or anything like that), but figured it was still worth mentioning!
Specifically I was interested in the compiler_builtins crate and forgot whether it was _ or - so I typed out:
$ curl -L https://crates.io/api/v1/crates/compiler-builtins/0.1.8/download | tar xzf -
but that gave me some error about it not being gzip. Next I ran curl -I and it prints out:
$ curl -I https://crates.io/api/v1/crates/compiler-builtins/0.1.8/download | grep Location
Location: https://static.crates.io/crates/compiler-builtins/compiler-builtins-0.1.8.crate
turns out this URL doesn't exist! It should actually be:
$ curl -I https://crates.io/api/v1/crates/compiler_builtins/0.1.8/download | grep Location
Location: https://static.crates.io/crates/compiler_builtins/compiler_builtins-0.1.8.crate
Is this intended to work? If not that's totally fine, but I figure if it was intended to work may be good to know!