Conversation
Greptile SummaryAdds a top-level Confidence Score: 5/5Safe to merge — all changes are additive, behavioral parity with No P0 or P1 findings. The refactoring is clean: the extracted free functions reproduce exactly the same logic as the removed private methods, the fallback path (ALL_CONFIG_FILES.first()) is unchanged, the new command's synchronous run() is correctly dispatched without .await in mod.rs, and all generated docs/completions are regenerated consistently. No files require special attention. Important Files Changed
Sequence DiagramsequenceDiagram
participant User
participant CLI as mise CLI (mod.rs)
participant Untrust as Untrust (untrust.rs)
participant Trust as trust.rs helpers
participant CF as config_file module
User->>CLI: mise untrust [CONFIG_FILE]
CLI->>Untrust: Untrust::run(self)
Untrust->>Trust: resolve_config_file(self.config_file.as_ref())
Trust-->>Untrust: Option<PathBuf>
Untrust->>Trust: untrust_config_file(Option<PathBuf>)
alt config_file provided
Trust->>CF: config_trust_root(&path)
CF-->>Trust: cfr
Trust->>CF: config_file::untrust(&cfr)
Trust->>Trust: cfr.canonicalize()
Trust-->>User: info untrusted path
else no config_file fallback
Trust->>Trust: ALL_CONFIG_FILES.first()
Trust->>CF: config_file::untrust(&cfr)
Trust-->>User: info untrusted path
end
Reviews (3): Last reviewed commit: "refactor(trust): share config file resol..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| assert "mise trust mise.toml" | ||
| assert_contains "mise trust --show" "trusted" | ||
| assert_contains "mise untrust 2>&1" "untrusted" |
There was a problem hiding this comment.
The test verifies the untrust command prints "untrusted" but never re-runs mise trust --show to confirm the file's trust status has actually changed back to untrusted. Adding assert_contains "mise trust --show" "untrusted" after line 10 would give a round-trip signal that the state was persisted correctly.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces the mise untrust command, allowing users to revoke trust from configuration files. The implementation includes the new CLI command, updated documentation, and an end-to-end test. A review comment identifies code duplication in the logic used to resolve configuration file paths and suggests refactoring it into a shared helper function to improve maintainability.
| fn config_file(&self) -> Option<PathBuf> { | ||
| self.config_file.as_ref().map(|config_file| { | ||
| if config_file.is_dir() { | ||
| config_files_in_dir(config_file) | ||
| .last() | ||
| .cloned() | ||
| .unwrap_or(config_file.join(&*env::MISE_DEFAULT_CONFIG_FILENAME)) | ||
| } else { | ||
| config_file.clone() | ||
| } | ||
| }) | ||
| } |
There was a problem hiding this comment.
The config_file method is a duplicate of the implementation found in src/cli/trust.rs. This logic, which handles resolving the correct config file when a directory is provided, should be moved to a shared helper function (e.g., in src/cli/trust.rs or src/config/mod.rs) to improve maintainability and avoid duplication.
Hyperfine Performance
|
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.4.20 x -- echo |
17.4 ± 0.6 | 16.1 | 20.9 | 1.00 |
mise x -- echo |
17.8 ± 0.7 | 16.7 | 23.6 | 1.02 ± 0.05 |
mise env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.4.20 env |
16.8 ± 0.6 | 15.9 | 21.2 | 1.00 |
mise env |
17.7 ± 0.7 | 16.4 | 23.6 | 1.05 ± 0.06 |
mise hook-env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.4.20 hook-env |
17.8 ± 0.6 | 16.1 | 20.2 | 1.00 |
mise hook-env |
18.2 ± 0.5 | 17.0 | 20.0 | 1.02 ± 0.04 |
mise ls
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.4.20 ls |
16.8 ± 0.5 | 15.7 | 19.6 | 1.00 |
mise ls |
17.3 ± 0.5 | 16.1 | 19.0 | 1.03 ± 0.04 |
xtasks/test/perf
| Command | mise-2026.4.20 | mise | Variance |
|---|---|---|---|
| install (cached) | 120ms | 123ms | -2% |
| ls (cached) | 65ms | 69ms | -5% |
| bin-paths (cached) | 66ms | 67ms | -1% |
| task-ls (cached) | 704ms | 702ms | +0% |
### 🚀 Features - **(registry)** add --security flag to include security info in JSON output by @jdx in [#9364](#9364) ### 🐛 Bug Fixes - **(config)** limit resolved backend opts to aliases by @risu729 in [#9315](#9315) - **(docs)** stack banner message and link on mobile by @jdx in [#9362](#9362) - **(github)** prefer shortest asset name as tiebreaker in auto-detection by @jdx in [#9361](#9361) - **(java)** newer zulu versions use a different directory structure by @roele in [#9365](#9365) - **(prune)** respect tracked lockfiles by @jdx in [#9373](#9373) - **(task)** skip tool install for missing naked tasks by @jdx in [#9374](#9374) - **(trust)** add untrust command by @jdx in [#9370](#9370) - fix - flux-operator-mcp aqua path by @monotek in [#9357](#9357) ### 📚 Documentation - update ruby compile msg by @fladson in [#9338](#9338) ### 📦️ Dependency Updates - update ubuntu docker tag to v26 by @renovate[bot] in [#9347](#9347) - update ghcr.io/jdx/mise:deb docker digest to 1af5a69 by @renovate[bot] in [#9352](#9352) - update taiki-e/install-action digest to 787505c by @renovate[bot] in [#9354](#9354) - update ghcr.io/jdx/mise:rpm docker digest to 7015ff3 by @renovate[bot] in [#9353](#9353) - update ghcr.io/jdx/mise:copr docker digest to da63a0f by @renovate[bot] in [#9351](#9351) - update ghcr.io/jdx/mise:alpine docker digest to 461700f by @renovate[bot] in [#9350](#9350) - bump communique 1.0.3 → 1.0.4 by @jdx in [#9378](#9378) ### 📦 Registry - remove openshift-install by @jdx in [#9372](#9372) - remove go-sdk by @jdx in [#9371](#9371) ### Chore - **(npm-publish)** use aube publish instead of npm publish by @jdx in [#9328](#9328) ### New Contributors - @fladson made their first contribution in [#9338](#9338)
1 participant
Summary
mise untrust [CONFIG_FILE]command that reuses the existing trust untrust implementationmise trust --untrustbehavior intactuntrustso naked task fallback cannot run itTest
mise run formatmise run render:usagemise run test:e2e e2e/cli/test_untrustNote
Medium Risk
Adds a new CLI entry point that mutates trusted-config state; behavior is mostly reused but touches config trust controls and command dispatch, so regressions could affect how configs are treated as trusted/untrusted.
Overview
Adds a new top-level
mise untrust [CONFIG_FILE]command, wired into CLI dispatch, that reuses the existing trust-removal logic (previously only reachable viamise trust --untrust).Refactors the untrust implementation in
trust.rsinto shared helpers (untrust_config_file,resolve_config_file) so both commands resolve directories the same way.Regenerates user-facing artifacts (usage spec, docs site command list, man page, Fig completions) and adds an e2e regression test to ensure
mise untrustdoes not fall back to running a task nameduntrust.Reviewed by Cursor Bugbot for commit 95064bc. Bugbot is set up for automated code reviews on this repo. Configure here.