Wasmtime GitHub notifications bot (Jan 07 2026 at 19:27): Wasmtime GitHub notifications bot (Jan 07 2026 at 19:27):alexcrichton opened PR #12257 from alexcrichton:trusted-publishin to bytecodealliance:main:
This commit updates CI config and such to ensure that we're compatible with crates.io-based trusted publishing. Eventually we'll want the restriction that only
wasmtime-publishis the user on all of our crates, but for now this needs to land and get backported before that's done.Changes here are:
- The
publish-to-cratesio.ymlworkflow now usesrust-lang/crates-io-auth-action@v1to get a crates.io-based token. The in-repository secret is no longer used.- The
publish-to-cratesio.ymlworkflow has a new github "Environment" it runs in namedpublish- The publish script no longer adds the
github:bytecodealliance:wasmtime-publishuser to crates.- The publish script now verifies that the
wasmtime-publishgithub users is on all crates.- Eventually the publish script will verify that it's the only user on all the crates, but that's left for a future PR.
External changes are:
- A new
publish"Environment" was added to this repository.- All crates are configured on crates.io to have a trusted publishing workflow for this repository.
- All crates now require being published through a trusted publishing workflow.
My plan is to backport this to the 40.0.0 branch, run a point release, fix anything that comes up, and then backport this to all supported branches of Wasmtime. Once that's all done and sorted I'll follow-up with more contributor-facing documentation about how to add new crates.
<!--
Please make sure you include the following information:
If this work has been discussed elsewhere, please include a link to that
conversation. If it was discussed in an issue, just mention "issue #...".Explain why this change is needed. If the details are in an issue already,
this can be brief.Our development process is documented in the Wasmtime book:
https://docs.wasmtime.dev/contributing-development-process.htmlPlease ensure all communication follows the code of conduct:
https://github.com/bytecodealliance/wasmtime/blob/main/CODE_OF_CONDUCT.md
-->
Wasmtime GitHub notifications bot (Jan 07 2026 at 19:27):alexcrichton requested dicej for a review on PR #12257.
Wasmtime GitHub notifications bot (Jan 07 2026 at 19:27):alexcrichton requested wasmtime-default-reviewers for a review on PR #12257.
Wasmtime GitHub notifications bot (Jan 07 2026 at 20:43):dicej submitted PR review.
Wasmtime GitHub notifications bot (Jan 07 2026 at 21:44):alexcrichton merged PR #12257.
Last updated: Jan 09 2026 at 13:15 UTC