Skip to content

feat: disable-other-publish-methods default value true #2147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: disable-other-publish-methods default value true #2147

wants to merge 1 commit into from
+7 −7

Conversation

@amustaque97
Copy link
Contributor

@amustaque97 amustaque97 commented Dec 3, 2025

Closes: #2141

Copilot AI review requested due to automatic review settings December 3, 2025 07:05
Copilot finished reviewing on behalf of amustaque97 December 3, 2025 07:07
Copilot AI reviewed Dec 3, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR changes the default value of disable-other-publish-methods (mapped to trusted_publishing_only in the API) from false to true for crates.io trusted publishing configuration. This makes trusted publishing the default enforcement mechanism for crate publishing, requiring repositories to explicitly opt-out if they want to allow other publishing methods.

Key Changes

  • Changed the default value of disable_other_publish_methods field in the schema from false to true
  • Updated documentation to reflect the new default behavior
  • Updated test expectations to match the new default value

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
src/schema.rs Changed serde default attribute from default to default = "default_true" for disable_other_publish_methods field
docs/toml-schema.md Updated documentation comment and example to show default is now true instead of false
tests/static-api/_expected/v1/repos.json Updated test expectations for trusted_publishing_only from false to true
tests/static-api/_expected/v1/repos/some_repo.json Updated test expectations for trusted_publishing_only from false to true

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link

github-actions bot commented Dec 3, 2025

Dry-run check results 

[WARN  sync_team] sync-team is running in dry mode, no changes will be applied.
[INFO  sync_team] synchronizing github

@marcoieni
Copy link
Member

marcoieni commented Dec 3, 2025

You requested copilot review? I didn't change any setting, so not sure why it reviewed the PR 🤔

@amustaque97
Copy link
Contributor Author

amustaque97 commented Dec 3, 2025
edited
Loading

You requested copilot review? I didn't change any setting, so not sure why it reviewed the PR 🤔

No, I didn't. I'm also surprised why this would happen.

Whoops, I found the option and disabled it 🙂

Screen.Recording.2025-12-03.at.2.50.22.PM.mov

@marcoieni
Copy link
Member

marcoieni commented Dec 3, 2025

Whoops, I found the option and disabled it 🙂

Oh, ok, so it's a personal setting. Ok good to know. If you find it useful, feel free to enable it 👍

Kobzol
Kobzol reviewed Dec 3, 2025
View reviewed changes
Copy link
Member

@Kobzol Kobzol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I wonder why the dry run is empty. Do the crates whose publishing we represent in team already have trustpub_only enabled? 🤔

@Kobzol
Copy link
Member

Kobzol commented Dec 3, 2025
edited
Loading

Actually, nevermind, we don't run crates.io sync in the dry run at all right now 🤦

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Mark-Simulacrum Mark-Simulacrum Awaiting requested review from Mark-Simulacrum Mark-Simulacrum is a code owner

@pietroalbini pietroalbini Awaiting requested review from pietroalbini pietroalbini is a code owner

@jdno jdno Awaiting requested review from jdno jdno is a code owner

@marcoieni marcoieni Awaiting requested review from marcoieni marcoieni is a code owner

+1 more reviewer

@Kobzol Kobzol Kobzol left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Make disable-other-publish-methods true by default

3 participants

@amustaque97 @marcoieni @Kobzol