fix(upgrade): skip untrusted tracked configs during upgrade#8195
Conversation
When `mise upgrade --bump` runs, it loads all tracked config files to determine which tool versions are still needed by other projects. If any tracked config (e.g. ~/foo/.mise.toml from a prior `cd ~/foo`) is untrusted, this would trigger an interactive trust prompt mid-upgrade and then display a scary ERROR message, even though the upgrade itself succeeded. Skip untrusted/ignored tracked configs silently instead of prompting or erroring. Also downgrade the error log to warn for other parse failures. Fixes #8130 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Summary of ChangesHello @jdx, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request enhances the robustness of the Highlights
Changelog
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request addresses an issue where mise upgrade could trigger an interactive prompt for untrusted config files. The changes introduce a pre-check to silently skip untrusted or ignored tracked configs, which effectively prevents the interactive prompt and improves the user experience during upgrades. Additionally, the log level for parsing errors on these files has been appropriately downgraded from error to warn, with a more informative message. The implementation is correct and directly solves the problem described. Overall, this is a good improvement.
There was a problem hiding this comment.
Pull request overview
This PR fixes an issue where mise up --bump would trigger interactive trust prompts when loading tracked config files from previously visited directories. The fix skips untrusted tracked configs and downgrades parse error logging from error to warning level.
Changes:
- Add trust checks before parsing tracked config files to prevent interactive prompts
- Downgrade parse failure logging from
error!()towarn!() - Add debug logging when skipping untrusted configs
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // Skip untrusted/ignored configs to avoid interactive prompts | ||
| // when loading tracked configs (e.g., during `mise upgrade`) | ||
| let trust_root = config_file::config_trust_root(&path); | ||
| if !config_file::is_trusted(&trust_root) && !config_file::is_trusted(&path) { |
There was a problem hiding this comment.
The trust check logic uses AND (&&) which means a config will only be skipped if BOTH the trust_root and path are untrusted. This seems incorrect - a config should be skipped if EITHER the trust_root OR the path is untrusted. Consider changing to OR (||) logic instead.
| if !config_file::is_trusted(&trust_root) && !config_file::is_trusted(&path) { | |
| if !config_file::is_trusted(&trust_root) || !config_file::is_trusted(&path) { |
.tool-versions and idiomatic version files (.node-version, etc.) don't go through trust_check during parsing, so they won't have trust entries and would be incorrectly skipped. Limit the pre-check to TOML files. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The .toml extension check missed non-.toml files that can still be parsed as MiseToml via MISE_OVERRIDE_CONFIG_FILENAMES or MISE_DEFAULT_CONFIG_FILENAME. Add is_mise_toml() helper that covers all cases where trust_check would be triggered. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove is_mise_toml() which incorrectly matched idiomatic .toml files like rust-toolchain.toml. Revert to checking is_trusted for all tracked files — non-MiseToml files (.tool-versions, idiomatic) don't call trust_check during parsing so they work fine when trusted. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Hyperfine Performance
|
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.2.13 x -- echo |
24.0 ± 0.4 | 23.2 | 28.9 | 1.00 |
mise x -- echo |
24.2 ± 0.7 | 23.4 | 30.2 | 1.01 ± 0.04 |
mise env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.2.13 env |
23.6 ± 0.5 | 22.7 | 28.5 | 1.00 |
mise env |
23.7 ± 0.3 | 22.9 | 24.8 | 1.00 ± 0.03 |
mise hook-env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.2.13 hook-env |
24.4 ± 0.5 | 23.5 | 30.4 | 1.00 |
mise hook-env |
24.4 ± 0.4 | 23.6 | 26.3 | 1.00 ± 0.03 |
mise ls
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.2.13 ls |
22.5 ± 0.3 | 21.9 | 24.2 | 1.00 |
mise ls |
22.8 ± 0.4 | 22.1 | 25.5 | 1.02 ± 0.02 |
xtasks/test/perf
| Command | mise-2026.2.13 | mise | Variance |
|---|---|---|---|
| install (cached) | 129ms | 133ms | -3% |
| ls (cached) | 81ms | 82ms | -1% |
| bin-paths (cached) | 85ms | 86ms | -1% |
| task-ls (cached) | 826ms | 820ms | +0% |
### 🚀 Features - **(task)** stream keep-order output in real-time per task by @jdx in [#8164](#8164) ### 🐛 Bug Fixes - **(aqua)** resolve lockfile artifacts for target platform (fix discussion #7479) by @mackwic in [#8183](#8183) - **(exec)** strip shims from PATH to prevent recursive shim execution by @jdx in [#8189](#8189) - **(hook-env)** preserve PATH reordering done after activation by @jdx in [#8190](#8190) - **(lockfile)** resolve version aliases before lockfile lookup by @jdx in [#8194](#8194) - **(registry)** set helm-diff archive bin name to diff by @jean-humann in [#8173](#8173) - **(task)** improve source freshness checks with dynamic task dirs by @rooperuu in [#8169](#8169) - **(task)** resolve global tasks when running from monorepo root by @jdx in [#8192](#8192) - **(task)** prevent wildcard glob `test:*` from matching parent task `test` by @jdx in [#8165](#8165) - **(task)** resolve task_config.includes relative to config root by @jdx in [#8193](#8193) - **(upgrade)** skip untrusted tracked configs during upgrade by @jdx in [#8195](#8195) ### 🚜 Refactor - use enum for npm.pacakge_manager by @risu729 in [#8180](#8180) ### 📚 Documentation - **(plugins)** replace node/asdf-nodejs examples with vfox plugins by @jdx in [#8191](#8191) ### ⚡ Performance - call npm view only once by @risu729 in [#8181](#8181) ### New Contributors - @jean-humann made their first contribution in [#8173](#8173) - @mackwic made their first contribution in [#8183](#8183) - @rooperuu made their first contribution in [#8169](#8169) ## 📦 Aqua Registry Updates #### New Packages (2) - [`BetterDiscord/cli`](https://github.com/BetterDiscord/cli) - [`glossia.ai/cli`](https://github.com/glossia.ai/cli)
## Summary - `mise up --bump` loads all tracked config files to determine which tool versions are still needed by other projects - If any tracked config (e.g. `~/foo/.mise.toml` from a prior `cd ~/foo`) is untrusted, this triggers an interactive trust prompt mid-upgrade and then displays a scary `mise ERROR` message - Skip untrusted/ignored tracked configs silently instead of prompting or erroring - Downgrade remaining parse failure log from `error!()` to `warn!()` Fixes jdx#8130 ## Test plan - [x] Builds and passes lint - [x] Verified `get_tracked_config_files()` checks `is_trusted()` before calling `parse()`, avoiding the interactive `trust_check()` prompt in `MiseToml::from_str()` 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Small change scoped to tracked-config loading and logging; main risk is inadvertently skipping a config that should have been considered trusted due to trust-root/path edge cases. > > **Overview** > `get_tracked_config_files()` now pre-checks trust (via `config_trust_root`/`is_trusted`) for each tracked config and **skips untrusted files** instead of attempting to parse them, preventing interactive trust prompts during operations like `mise upgrade`. > > Parse failures for tracked configs are now logged as `warn!` (with path context) rather than `error!`, reducing scary upgrade output while still surfacing issues. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit e8ae343. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
### 🚀 Features - **(task)** stream keep-order output in real-time per task by @jdx in [jdx#8164](jdx#8164) ### 🐛 Bug Fixes - **(aqua)** resolve lockfile artifacts for target platform (fix discussion jdx#7479) by @mackwic in [jdx#8183](jdx#8183) - **(exec)** strip shims from PATH to prevent recursive shim execution by @jdx in [jdx#8189](jdx#8189) - **(hook-env)** preserve PATH reordering done after activation by @jdx in [jdx#8190](jdx#8190) - **(lockfile)** resolve version aliases before lockfile lookup by @jdx in [jdx#8194](jdx#8194) - **(registry)** set helm-diff archive bin name to diff by @jean-humann in [jdx#8173](jdx#8173) - **(task)** improve source freshness checks with dynamic task dirs by @rooperuu in [jdx#8169](jdx#8169) - **(task)** resolve global tasks when running from monorepo root by @jdx in [jdx#8192](jdx#8192) - **(task)** prevent wildcard glob `test:*` from matching parent task `test` by @jdx in [jdx#8165](jdx#8165) - **(task)** resolve task_config.includes relative to config root by @jdx in [jdx#8193](jdx#8193) - **(upgrade)** skip untrusted tracked configs during upgrade by @jdx in [jdx#8195](jdx#8195) ### 🚜 Refactor - use enum for npm.pacakge_manager by @risu729 in [jdx#8180](jdx#8180) ### 📚 Documentation - **(plugins)** replace node/asdf-nodejs examples with vfox plugins by @jdx in [jdx#8191](jdx#8191) ### ⚡ Performance - call npm view only once by @risu729 in [jdx#8181](jdx#8181) ### New Contributors - @jean-humann made their first contribution in [jdx#8173](jdx#8173) - @mackwic made their first contribution in [jdx#8183](jdx#8183) - @rooperuu made their first contribution in [jdx#8169](jdx#8169) ## 📦 Aqua Registry Updates #### New Packages (2) - [`BetterDiscord/cli`](https://github.com/BetterDiscord/cli) - [`glossia.ai/cli`](https://github.com/glossia.ai/cli)
### 🚀 Features - **(task)** stream keep-order output in real-time per task by @jdx in [jdx#8164](jdx#8164) ### 🐛 Bug Fixes - **(aqua)** resolve lockfile artifacts for target platform (fix discussion jdx#7479) by @mackwic in [jdx#8183](jdx#8183) - **(exec)** strip shims from PATH to prevent recursive shim execution by @jdx in [jdx#8189](jdx#8189) - **(hook-env)** preserve PATH reordering done after activation by @jdx in [jdx#8190](jdx#8190) - **(lockfile)** resolve version aliases before lockfile lookup by @jdx in [jdx#8194](jdx#8194) - **(registry)** set helm-diff archive bin name to diff by @jean-humann in [jdx#8173](jdx#8173) - **(task)** improve source freshness checks with dynamic task dirs by @rooperuu in [jdx#8169](jdx#8169) - **(task)** resolve global tasks when running from monorepo root by @jdx in [jdx#8192](jdx#8192) - **(task)** prevent wildcard glob `test:*` from matching parent task `test` by @jdx in [jdx#8165](jdx#8165) - **(task)** resolve task_config.includes relative to config root by @jdx in [jdx#8193](jdx#8193) - **(upgrade)** skip untrusted tracked configs during upgrade by @jdx in [jdx#8195](jdx#8195) ### 🚜 Refactor - use enum for npm.pacakge_manager by @risu729 in [jdx#8180](jdx#8180) ### 📚 Documentation - **(plugins)** replace node/asdf-nodejs examples with vfox plugins by @jdx in [jdx#8191](jdx#8191) ### ⚡ Performance - call npm view only once by @risu729 in [jdx#8181](jdx#8181) ### New Contributors - @jean-humann made their first contribution in [jdx#8173](jdx#8173) - @mackwic made their first contribution in [jdx#8183](jdx#8183) - @rooperuu made their first contribution in [jdx#8169](jdx#8169) ## 📦 Aqua Registry Updates #### New Packages (2) - [`BetterDiscord/cli`](https://github.com/BetterDiscord/cli) - [`glossia.ai/cli`](https://github.com/glossia.ai/cli)
Summary
mise up --bumploads all tracked config files to determine which tool versions are still needed by other projects~/foo/.mise.tomlfrom a priorcd ~/foo) is untrusted, this triggers an interactive trust prompt mid-upgrade and then displays a scarymise ERRORmessageerror!()towarn!()Fixes #8130
Test plan
get_tracked_config_files()checksis_trusted()before callingparse(), avoiding the interactivetrust_check()prompt inMiseToml::from_str()🤖 Generated with Claude Code
Note
Low Risk
Small change scoped to tracked-config loading and logging; main risk is inadvertently skipping a config that should have been considered trusted due to trust-root/path edge cases.
Overview
get_tracked_config_files()now pre-checks trust (viaconfig_trust_root/is_trusted) for each tracked config and skips untrusted files instead of attempting to parse them, preventing interactive trust prompts during operations likemise upgrade.Parse failures for tracked configs are now logged as
warn!(with path context) rather thanerror!, reducing scary upgrade output while still surfacing issues.Written by Cursor Bugbot for commit e8ae343. This will update automatically on new commits. Configure here.