fix(github): skip versions host for non-registry attestations

[jdx]

Summary

• pass the existing registry/default backend gate into GitHub attestation detection and verification
• apply the same gate to Aqua GitHub attestations so custom Aqua packages use GitHub directly
• keep known core precompiled repos eligible, while custom Ruby precompiled repos bypass mise-versions

Tests

• cargo test test_use_versions_host_for_attestations --all-features
• cargo test test_ruby_precompiled_versions_host_only_for_default_source --all-features
• mise run test:unit
• cargo fmt --check
• git diff --check

---

Note

Medium Risk
Changes provenance/attestation fetch paths for installs and lock-time verification; mis-gating could skip cached attestations or hit the wrong API, but behavior is narrowed with tests and known core paths preserved.

Overview
GitHub artifact attestation detect and verify now take an explicit use_versions_host flag instead of always routing public GitHub API traffic through mise-versions when global settings allow it.

GitHub and Aqua backends pass the existing registry/default-backend gate (backend_arg_matches_registry_backend), so custom github: repos and non-registry Aqua packages talk to GitHub directly. Python precompiled builds still use the versions host (true). Ruby precompiled attestations use mise-versions only for the default jdx/ruby source; other owner/repo precompiled URLs skip it.

use_versions_host_for_attestations now requires that flag and the usual offline / use_versions_host settings. Unit tests cover the new gate and Ruby source behavior.

^{Reviewed by Cursor Bugbot for commit 146c0dc. Bugbot is set up for automated code reviews on this repo. Configure here.}

Summary by CodeRabbit

• Improvements
  • Enhanced GitHub package attestation verification to respect configured metadata host settings consistently across all verification flows, including aqua backend, Python/Ruby plugins, and lock-time verification.
  • Improved cryptographic signature validation by ensuring attestation host configuration is applied uniformly during attestation detection and validation operations.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds an explicit use_versions_host: bool parameter to GitHub sigstore attestation functions, allowing backends and plugins to control registry-gated routing to mise-versions versus direct API verification. The change threads through the GitHub backend, aqua backend, and language plugins for consistent provenance evaluation.

Changes

Registry-gated attestation versions host routing

Layer / File(s)	Summary
GitHub sigstore public API and helper contract update src/github/sigstore.rs	verify_attestation and detect_attestations gain a use_versions_host: bool parameter. The helper use_versions_host_for_attestations is refactored to accept both an optional api_url and the explicit boolean, incorporating the boolean into its eligibility logic. Unit tests validate both allowed and blocked outcomes when registry gating is applied.
GitHub backend provenance detection and verification src/backend/github.rs	The GitHub backend threads self.use_versions_host_for_github_metadata() into all three call sites: detect_provenance_type for attestation detection, verify_provenance_at_lock_time for lock-time verification, and try_verify_github_attestations for install-time verification.
Aqua backend registry matching for attestations src/backend/aqua.rs	The aqua backend imports backend_arg_matches_registry_backend and uses it to pass a boolean into both detect_attestations and verify_attestation calls, allowing registry-specific routing decisions.
Plugin-specific attestation verification decisions src/plugins/core/python.rs, src/plugins/core/ruby.rs	Python plugin passes true to enable versions-host for precompiled attestations. Ruby plugin introduces a helper that returns true only for the default precompiled source (jdx/ruby), controlling whether to route through versions-host for each artifact source. Tests validate the helper behavior.

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• jdx/mise#10255: Directly aligns with this PR's threading of registry-gated use_versions_host into GitHub sigstore flows; appears to be part of the same refactor effort.
• jdx/mise#10240: Changes versions_host's GitHub owner/repo URL casing validation that underlies whether versions-host attestations are eligible, complementing this PR's registry-gating mechanism.

🐰 A flag hops through the stack so grand,
From sigstore to plugins, carefully planned,
Each backend decides the attestation's fate,
Routing through versions or direct—regulate!
No trust is assumed, the registry gates.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: gating versions host usage for GitHub attestations when backends or precompiled sources are not the default/known registry.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/skip-versions-host-for-non-registry-attestations

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR threads the existing registry/default-backend gate (backend_arg_matches_registry_backend) into the GitHub attestation detection and verification paths, so custom (non-registry) packages skip the mise-versions cache and query GitHub directly. The change is applied consistently across the GitHub backend, Aqua backend, and the Ruby core plugin, while Python and the default Ruby precompiled URL remain opted-in.

• sigstore.rs: verify_attestation and detect_attestations gain a use_versions_host: bool parameter, propagated into the private use_versions_host_for_attestations helper; two new unit tests validate the gate.
• github.rs / aqua.rs: Each call site now passes use_versions_host_for_github_metadata() / backend_arg_matches_registry_backend(&self.ba) respectively, mirroring how those same predicates already gate other metadata fetches.
• ruby.rs: A new use_versions_host_for_precompiled_attestations(source) helper uses an exact equality check against DEFAULT_RUBY_PRECOMPILED_URL ("jdx/ruby"), moved from the test module to module scope.

Confidence Score: 5/5

Safe to merge — the change narrows when the versions-host cache is consulted for attestations, falling back to direct GitHub API calls; the fallback path was already proven to work.

All five changed files make a small, well-scoped boolean-gate addition. The logic is consistent: every call site applies the same predicate that already governs other metadata fetches for that backend. New unit tests explicitly cover the false/true branches of the gate, and the Ruby source-equality check is tested for both the default and a custom URL. No existing behavior is removed — packages that previously used the versions host still do; custom packages now bypass it instead of hitting a potentially mismatched cache entry.

No files require special attention.

Important Files Changed

Filename	Overview
src/github/sigstore.rs	Adds use_versions_host: bool parameter to verify_attestation, detect_attestations, and the private helper; new unit test validates the registry gate correctly short-circuits when false.
src/backend/github.rs	Threads use_versions_host_for_github_metadata() into all three detect_attestations/verify_attestation call sites, consistently applying the existing registry gate to attestation paths.
src/backend/aqua.rs	Passes backend_arg_matches_registry_backend(&self.ba) to both Aqua attestation call sites so custom Aqua packages skip the versions-host cache and go direct to GitHub.
src/plugins/core/python.rs	Passes hardcoded true to verify_attestation; python-build-standalone is a fixed core registry repo, so always routing through the versions host is correct.
src/plugins/core/ruby.rs	Moves DEFAULT_RUBY_PRECOMPILED_URL to module scope, adds use_versions_host_for_precompiled_attestations that gates versions-host on the exact default URL, and tests both the default and custom-source cases.

_{Reviews (1): Last reviewed commit: "fix(github): skip versions host for non-..." | Re-trigger Greptile}

[github-actions]

Hyperfine Performance

mise x -- echo

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.6.0 x -- echo	21.8 ± 1.5	18.8	26.7	1.00
mise x -- echo	22.4 ± 2.5	18.9	50.5	1.03 ± 0.14

mise env

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.6.0 env	20.6 ± 1.8	17.8	29.0	1.00
mise env	21.4 ± 1.8	18.3	29.4	1.04 ± 0.13

mise hook-env

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.6.0 hook-env	21.5 ± 1.7	18.3	27.9	1.00
mise hook-env	22.0 ± 1.8	18.8	28.7	1.02 ± 0.12

mise ls

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.6.0 ls	17.5 ± 1.6	14.9	24.3	1.00
mise ls	18.5 ± 1.7	15.3	24.8	1.05 ± 0.14

xtasks/test/perf

Command	mise-2026.6.0	mise	Variance
install (cached)	149ms	149ms	+0%
ls (cached)	67ms	68ms	-1%
bin-paths (cached)	72ms	75ms	-4%
task-ls (cached)	143ms	141ms	+1%