v0.2.2

Patch release — crates.io / lib.rs dashboard hygiene (RT-125). No public API or behavior changes.

Dependencies

Pinned imprecise requirements and upgraded outdated ones (all to precise versions so minimal-versions resolution can't pick a stale patch):

• anyhow 1 → 1.0.102, syn 2 → 2.0.117
• thiserror 1 → 2.0.18, toml 0.8 → 1.1.2, ariadne 0.4 → 0.6.0

Required small API migrations: ariadne 0.6 Report::build now takes a single Span; toml 1.x Value parsing moved to toml::from_str.

Docs

Every published crate now ships a README.md (rendered on crates.io / lib.rs).

MSRV unchanged (1.85). All 10 crates published to crates.io at 0.2.2.

v0.2.1

First release since v0.2.0. Carries the two feature epics that had landed on main since 0.2.0 (RT-109, RT-115) plus this session's lint-clean + CI fixes (RT-122, RT-123). All additive — no breaking changes.

New user-facing tooling (RT-109 — dialect adoptability)

• cargo trustc adopt — one command to onboard a crate into the dialect: add the metadata opt-in, migrate positional calls to named-arg form, build through the gate, and report what's left.
• cargo trustc doctor — onboarding diagnostics + actionable "trust not found" errors.
• Whole-tree trust fix <dir|Cargo.toml> — workspace-wide plain-Rust → dialect migration (cross-file/crate named-arg index); --safety works on trees.
• trust.toml honored in the build gate (cargo trustc / trust-rustc); cache key folds in the config.
• Zero-config cross-crate signature index — cargo trustc auto-builds the workspace index, so cross-crate R0042 needs no manual TRUST_SIGNATURE_PATH.

Adoption-depth backlog (RT-115)

• Migration also names pub(crate)/private cross-file calls (cross-crate index stays pub-only).
• LSP honors trust.toml (allow/warn). Per-crate trust.toml in the multi-file walk.
• cargo trustc adopt works workspace-wide via [workspace.metadata.trust].
• CI self-scan uploads SARIF to the Security tab. Auto-index cached by source fingerprint.

This session

• RT-122: Trust's own source now passes the strict-mode lints it ships — all 64 self-scan findings fixed with behavior-preserving refactors. Self-scan reports 0.
• RT-123: fixed the CI test job's cargo-trustc invocation (red since the v0.2.0 RT-58 rename).

All 10 crates published to crates.io at 0.2.1.

⚠️ Note: the new adopt/doctor/whole-tree-fix commands are shipped but not yet covered in README/SPEC.

Trust 0.2.0 — adoptable as an advisory linter

First external integration feedback drove this release: Trust now meets a cargo workspace as an advisory linter that rides on the normal toolchain, not just a separate dialect you compile.

Highlights

• Advisory mode (no activation): trust check --rules bugs|safety runs the bug-catching rules (.unwrap(), as-casts, bare indexing, dropped error context) over plain Rust — no #![strict], no R0042, nothing added to source.
• Workspace-aware check: point trust check at a file, directory, or Cargo.toml — one command, CI-ready exit code.
• trust.toml config: project-level rules selection + allow (disable) / warn (relax to non-failing) — no more inline #[allow] sprinkling.
• SARIF output: --format sarif for GitHub code-scanning (inline annotations + Security tab).
• trust fix --safety: mechanically rewrites .unwrap()/.expect(…) → ? inside Result-returning functions.
• LSP: surfaces advisory findings in-editor on plain Rust.
• MSRV lowered 1.95 → 1.85 (verified, CI-guarded) — adopting Trust no longer drags your toolchain forward.
• Activation: [package.metadata.trust] is the recommended project opt-in (invisible to stock cargo); #![strict] is documented as not valid stock Rust.

Install: cargo install trust-lang (advisory CLI) — see the README for the full build-gate setup.

Trust 0.1.0 — strict Rust for the bugs LLMs actually ship

First public release. Trust is a strict Rust dialect for agent-written code: named arguments checked against declarations, a pipe operator, requires! precondition contracts, and 20 teaching-error lints — all lowered to plain Rust before stock rustc ever sees the file. In our 4-model, 3-vendor eval, ~60% of agent-authored files shipped an audited bug class in plain Rust; 0% shipped under Trust.

Install

cargo install trust-lang cargo-trustc trust-rustc trust-rustdoc

Use

[package.metadata.trust]
strict = true

cargo trustc build    # also: run, test — or scaffold fresh with `trust new`

Highlights

• Zero-ceremony adoption: two lines in Cargo.toml, one command; workspace-wide opt-in via [workspace.metadata.trust]; #[cfg(test)] code stays plain Rust
• The full rule set enforced at build — every diagnostic carries why: and instead:; --message-format json for agents; trust fix auto-inserts argument names
• Agent skills included: trust new scaffolds a CLAUDE.md; install the writing-trust skill via /plugin marketplace add briannadoubt/Trust → /plugin install trust@trust-plugins
• No fork, no runtime: stop using Trust tomorrow and the lowered output still builds
• Case studies (heck, tre) converted end-to-end and green; eval harness, prompts, and every run log in-repo

Published crates: trust-lang (bin trust), cargo-trustc, trust-lsp, and the trust-{diag,lower,lints,syntax,std,rustc,rustdoc} libraries.

🤖 Generated with Claude Code