ci: use crates.io trusted publishing

[dhth]

No description provided.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f0f0195f-1e6c-4a0c-b65e-37297bc4fb0e

📥 Commits

Reviewing files that changed from the base of the PR and between 4eeb902 and 1d98ebd.

📒 Files selected for processing (3)

• .github/workflows/publish-crates.yml
• .github/workflows/release.yml
• dist-workspace.toml

---

📝 Walkthrough

Walkthrough

This PR modernizes the CI release pipeline by implementing environment-based crate publishing authentication, upgrading GitHub Actions across all workflow jobs to recent versions, and updating the cargo-dist toolchain. The core change routes crate publishing through a GitHub environment with explicit id-token permissions, replacing the previous secret-based approach. A new custom-publish-crates job orchestrates this in the release workflow, and dist-workspace.toml is updated to match the new job structure and permission requirements.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	No pull request description was provided by the author.	Add a description explaining the benefits of trusted publishing, migration steps, and any breaking changes or considerations for reviewers.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'ci: use crates.io trusted publishing' accurately describes the main change: migrating to crates.io's trusted publishing mechanism instead of using custom token secrets.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}