Skip to main content

Configuration Reference

Complete configuration file reference

Anodizer uses .anodizer.yaml (or .anodizer.toml) in your project root.

Top-Level Fields

FieldTypeDefaultDescription
afterHooksConfigHooks run after the release pipeline completes.
announceAnnounceConfigAnnouncement configuration (Slack, Discord, email, etc.).
appimageslist of AppImageConfig[]AppImage configurations. Each entry bundles a built Linux binary plus its desktop integration into a single self-contained .AppImage via linuxdeploy.
artifactorieslist of ArtifactoryConfigArtifactory upload configurations.
attestationsAttestationConfigSLSA build-provenance / attestation configuration for binaries and archives. In the default subjects mode, anodizer writes a subjects manifest for actions/attest-build-provenance; in emit mode it generates and signs a self-contained in-toto SLSA provenance statement. When omitted (or enabled: false), the attestation stage is a no-op.
aur_sourceslist of AurSourceConfigAUR source package publishing configurations (source-only PKGBUILD, not -bin).
beforeHooksConfigHooks run before the release pipeline starts.
before_publishHooksConfigHooks run after build/archive/sign/sbom/checksum complete but immediately before the publish phase dispatches any publisher.

Use cases: smoke-test artifacts against the staged dist tree, run external validators (antivirus, vulnerability scanners), stage external state, or abort the release before any publisher writes to a registry.

A non-zero exit code from any hook aborts the release before publish runs. Hooks fire in declared order. Use --skip=before-publish to bypass. | | binary_signs | list of SignConfig | [] | Binary-specific signing configs (same shape as signs but only for binary artifacts). The artifacts field on each entry is constrained at parse time to binary / none (or omitted) — a broader filter on binary_signs would silently match nothing because the loop only iterates Binary artifacts. Constraint lives in deserialize_binary_signs. | | changelog | ChangelogConfig | — | Changelog generation configuration. | | cloudsmiths | list of CloudSmithConfig | — | CloudSmith publisher configurations. | | crates | list of CrateConfig | [] | List of crates in this project. | | defaults | Defaults | — | Default values applied to all crates unless overridden. | | dist | string | ./dist | Output directory for build artifacts (default: ./dist). | | docker_signs | list of DockerSignConfig | — | Docker image signing configurations. | | dockerhub | list of DockerHubConfig | — | DockerHub description sync configurations. | | env | list of string | — | Environment variables available to all template expressions.

List of KEY=VALUE strings: env: ["MY_VAR=hello", "DEPLOY_ENV=staging"]. Order is preserved so chained env applications (sign + sbom + notarize) see entries in declared order. Values are rendered through the template engine before being set, so expressions like {{ Tag }} or {{ Date }} are expanded. | | env_files | EnvFilesConfig | — | Environment file configuration. Accepts either: - A list of .env file paths: [".env", ".release.env"] - A struct with token file paths: { github_token: "~/.config/goreleaser/github_token" } | | force_token | ForceTokenKind | — | Force a specific token type for authentication. When set, overrides automatic token detection from environment variables. | | gemfury | list of GemFuryConfig | — | GemFury (fury.io) deb/rpm/apk publishing configurations. Mirrors The gemfury: block. The legacy spelling furies: is accepted via serde alias; a one-time deprecation warning is emitted by [warn_on_legacy_furies_alias]. | | git | GitConfig | — | Git-level tag discovery and sorting settings. | | gitea_urls | GiteaUrlsConfig | — | Custom Gitea API/download URLs for self-hosted Gitea installations. | | github_urls | GitHubUrlsConfig | — | Custom GitHub API/upload/download URLs for GitHub Enterprise installations. | | gitlab_urls | GitLabUrlsConfig | — | Custom GitLab API/download URLs for self-hosted GitLab installations. | | homebrew_casks | list of HomebrewCaskConfig | — | Top-level Homebrew Cask configurations. homebrew_casks is a top-level array with its own repository, commit_author, directory, skip_upload, hooks, dependencies, conflicts, completions, manpages, structured uninstall/zap, etc. | | includes | list of IncludeSpec | — | Additional config files to merge into this config. Supports plain string paths, from_file: for structured file paths, and from_url: for fetching configs from URLs with optional headers. | | makeselfs | list of MakeselfConfig | [] | Makeself self-extracting archive configurations. | | mcp | McpConfig | {"name":null,"title":null,"description":null,"homepage":null,"packages":[],"transports":[],"skip":null,"repository":{"url":"","source":"","id":"","subfolder":""},"auth":{"type":"none"},"registry":null,"if":null,"retain_on_rollback":null} | MCP (Model Context Protocol) server registry publishing configuration. When name is empty (the default), the publisher is skipped. The mcp: publisher block. | | metadata | MetadataConfig | — | Project metadata configuration (applied to metadata.json output files). | | milestones | list of MilestoneConfig | — | Milestone closing configurations. | | monorepo | MonorepoConfig | — | Monorepo configuration. When configured, tag discovery filters by tag_prefix and the working directory is scoped to dir. | | nightly | NightlyConfig | — | Nightly release configuration. | | notarize | NotarizeConfig | — | macOS code signing and notarization configuration. | | npms | list of NpmConfig | — | NPM package registry publishing configurations. One entry per published package. In the default optional-deps mode anodizer emits npm's native per-platform packages (biome / git-cliff pattern); in postinstall mode it emits a download shim (the npms: parity). | | partial | PartialConfig | — | Partial/split build configuration for fan-out CI pipelines. | | project_name | string | — | Human-readable project name used in templates and release titles. | | publishers | list of PublisherConfig | — | Generic artifact publisher configurations. | | release | ReleaseConfig | — | GitHub release configuration shared by all crates. | | report_sizes | bool | — | When true, log artifact file sizes after building. | | retry | RetryConfig | — | Top-level retry configuration applied to network-bound operations (announcers, git providers, HTTP uploads, docker pipes). When omitted, RetryConfig::default() is used (10 attempts, 10s base, 5m cap — the project-level retry policy). | | sboms | list of SbomConfig | [] | Software bill of materials (SBOM) generation configurations. | | schemastore | SchemastoreConfig | {"repository":null,"commit_author":null,"versioned":null,"skip":null,"if":null,"schemas":[],"retain_on_rollback":null} | SchemaStore publisher. Registers the project's JSON Schema(s) on SchemaStore at release time. When schemas is empty (the default), the publisher is skipped. The schemastore: publisher block. | | signs | list of SignConfig | [] | Signing configurations for binaries, archives, and checksums. | | snapshot | SnapshotConfig | — | Snapshot release configuration (local/non-tag builds). | | source | SourceConfig | — | Source archive configuration. | | srpms | SrpmConfig | — | Source RPM configuration. Renamed from srpm: (singular) for spelling parity with Defaults.srpms and the rest of the plural-name packaging fields. The srpm: spelling is still accepted via serde alias for back-compat. | | tag | TagConfig | — | Automatic semantic version tagging configuration. | | template_files | list of TemplateFileConfig | — | Template files to render and include as release artifacts. File contents are processed through the template engine. | | uploads | list of UploadConfig | — | Generic HTTP upload configurations. | | upx | list of UpxConfig | [] | UPX binary compression configurations. | | variables | map | — | Custom template variables accessible as {{ Var.<key> }} in templates. Provides a way to define reusable values, especially useful with config includes.

Stored as a BTreeMap so rendering iterates in deterministic (sorted) key order — without this guarantee, a value that references another variable (b: "{{ Var.a }}_v2") could render before its dependency on a different process / host. The current resolver is single-pass (one render per value), so cross-variable references only resolve when the referenced key sorts earlier. | | verify_release | VerifyReleaseConfig | {"enabled":false,"assert_assets":true,"install_smoke":null} | Opt-in post-release verification gate. Runs LAST (after the release is created and every publisher has run) and REPORTS post-publish defects — missing assets, failed install smoke-tests, glibc-ceiling violations. Because it runs after the irreversible publish, a failure exits non-zero to flag CI but never undoes the release. Off unless verify_release.enabled: true. | | version | integer | — | Schema version. Currently supports 1 (implicit default) and 2. | | version_files | list of string | — | Repo-committed files that embed the release version outside Cargo.toml (e.g. a Helm Chart.yaml, an install doc, a README badge), given as repo-root-relative path strings. At tag time each listed file has its occurrences of the old version rewritten to the new version — both the bare (0.1.0) and v-prefixed (v0.1.0) forms, word-boundary anchored — and is staged into the same bump commit as Cargo.toml / Cargo.lock, so these files never drift from the tag.

yaml version_files: - charts/cfgd/Chart.yaml - docs/installation.md | | workspaces | list of WorkspaceConfig | — | Independent workspace roots in a monorepo. |

after

Top-level lifecycle hooks for before and after blocks. Each block carries a list of hook commands that run around the entire pipeline (not individual stages).

The canonical key is hooks: for both before: and after: to the conventional spelling. The post: spelling is accepted as a serde alias on hooks for back-compat with the previous anodizer spelling; users with after: { post: [...] } keep working and a deprecation warning is logged when both spellings appear in the same block (see [HooksConfig::merge_hook_aliases]).

FieldTypeDefaultDescription
hookslist of HookEntryCommands to run when the block fires. The wire format accepts either hooks: (canonical) or the legacy post: spelling; both fold into this field at parse time.
postlist of HookEntryLegacy alias for hooks: (anodizer pre-v0.4). Always None after parsing — merge_hook_aliases collapses it into hooks. Present on the struct only because Deserialize writes through it before the fold step.

announce

Announce-stage integrations.

Message bodies are secret-redacted before send: known secret env values are masked (a real token becomes $NAME). Redaction is on by default; anodizer notify --allow-secrets opts a single send out for a trusted private channel, while anodizer's own log output stays redacted regardless.

FieldTypeDefaultDescription
blueskyBlueskyAnnounceBluesky announcement configuration.
deadlineHumanDurationOverall wall-clock deadline for the announce stage (e.g. "90s", "2m"). Optional — defaults to [DEFAULT_ANNOUNCE_DEADLINE] (90s).

Announcers run concurrently; any still running when this deadline elapses is abandoned with a warning rather than awaited. This bounds the stage so unreachable channels cannot accumulate into a hang that trips the pipeline timeout after publishers already crossed one-way doors. Raise it only if a slow-but-reachable channel legitimately needs longer. | | discord | DiscordAnnounce | — | Discord announcement configuration. | | discourse | DiscourseAnnounce | — | Discourse announcement configuration. | | email | EmailAnnounce | — | Email announcement configuration. accepts the historical smtp: key as an alias because the field was renamed smtp: -> email: in v1.21+ and kept the alias for migration. Keeping the alias avoids forcing a re-yaml of legacy configs. | | gate_on | AnnounceGate | required_publishers | Selects when AnnounceStage runs vs. skips based on the PublishReport written by PublishStage/BlobStage. Default is required_publishers (announce only if every required publisher succeeded). See [AnnounceGate] for the other variants. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the entire announce stage is skipped. Render failure hard-errors. The announce.if:. Distinct from skip: (always-skip predicate) — both surfaces are documented. | | linkedin | LinkedInAnnounce | — | LinkedIn announcement configuration. | | mastodon | MastodonAnnounce | — | Mastodon announcement configuration. | | mattermost | MattermostAnnounce | — | Mattermost announcement configuration. | | opencollective | OpenCollectiveAnnounce | — | OpenCollective announcement configuration. | | reddit | RedditAnnounce | — | Reddit announcement configuration. | | skip | StringOrBool | — | Template-conditional skip: if rendered to "true", skip the entire announce stage. | | slack | SlackAnnounce | — | Slack announcement configuration. | | teams | TeamsAnnounce | — | Microsoft Teams announcement configuration. | | telegram | TelegramAnnounce | — | Telegram announcement configuration. | | twitter | TwitterAnnounce | — | Twitter/X announcement configuration. | | webhook | WebhookConfig | — | Generic webhook announcement configuration. |

appimages

AppImage packaging configuration.

Drives the AppImage stage, which bundles a built Linux binary plus its desktop integration (a .desktop entry + icon) into a single self-contained, runnable .AppImage file via linuxdeploy's appimage output plugin. One .AppImage is produced per matching Linux target so a multi-arch build yields distinct, non-colliding outputs.

YAML: yaml appimages: - id: helix ids: [helix-bin] desktop: contrib/Helix.desktop icon: contrib/helix.png appdir_extra: - src: runtime/ dst: usr/lib/helix/runtime update_information: "gh-releases-zsync|helix-editor|helix|latest|helix-*.AppImage.zsync" runtime_harvest: command: "{{ ArtifactPath }} --populate-runtime {{ HarvestDir }}" dir: runtime/

FieldTypeDefaultDescription
appdir_extralist of AppImageExtraExtra files / directories copied into the AppDir before linuxdeploy runs (e.g. a harvested runtime/ tree). Each entry's dst is interpreted relative to the AppDir root.
archlist of stringTarget architecture filter. When omitted, every architecture in the build matrix produces its own .AppImage.
desktopstringPath to the .desktop entry file (template). Required — linuxdeploy will not assemble an AppImage without a desktop file.
extra_argslist of stringExtra arguments appended to the linuxdeploy command line.
filenamestringOutput filename template (default includes project, version, os, arch). The .AppImage extension is appended automatically when absent.
iconstringPath to the application icon (template). Required.
idstringUnique identifier for this AppImage config (default: "default").
idslist of stringBuild IDs filter: only bundle binaries whose id is in this list. When omitted, every Linux binary in the build matrix is eligible.
namestringApplication name passed to linuxdeploy via the APP env var and used as the AppDir basename. Defaults to the project name.
oslist of stringTarget OS filter (default: ["linux"]). AppImage is a Linux-only format.
runtime_harvestRuntimeHarvestRuntime-asset harvest hook: run the freshly-built binary ONCE on the host to populate a directory, then bundle that directory into the AppDir. The harvested data is architecture-independent (grammars, themes, queries), so it is produced once on the host-native binary and reused for every target's AppImage.
skipStringOrBoolSkip this config. Accepts bool or template string.
update_informationstringzsync delta-update metadata embedded in the AppImage, passed to linuxdeploy via the UPDATE_INFORMATION env var. When omitted, the AppImage carries no update information and UPDATE_INFORMATION is left unset (matching linuxdeploy's default).

artifactories

Artifactory upload configuration. Uploads artifacts to JFrog Artifactory repositories.

FieldTypeDefaultDescription
checksumboolInclude checksums in uploaded artifacts.
checksum_headerstringHeader name used for checksum verification (e.g. X-Checksum-Sha256).
client_x509_certstringPath to client X.509 certificate for mTLS authentication.
client_x509_keystringPath to client X.509 private key for mTLS authentication.
custom_artifact_nameboolUse custom artifact naming instead of default.
custom_headersmapCustom HTTP headers sent with each upload request.
deb_architecturestringOverride the Debian architecture for .deb uploads (;deb.architecture=). When unset (the default), the architecture is derived from each artifact's build target (x86_64amd64, aarch64arm64, armv7armhf, i686i386, …), so it never needs to be set by hand. Set this only to force a value for an artifact whose target can't be mapped. Ignored for non-.deb artifacts.
deb_componentslist of stringDebian repository component(s) for .deb uploads, written into the ;deb.component= matrix param. Defaults to ["main"] when unset. Multiple components are emitted comma-separated. Ignored for non-.deb artifacts.
deb_distributionslist of stringDebian repository distribution(s) for .deb uploads, written into the Artifactory ;deb.distribution= upload matrix param so apt can index the package. Defaults to ["stable"] when unset. A multi-element list is emitted as Artifactory's comma-separated form (deb.distribution=bookworm,bullseye), publishing the same .deb into several distributions at once. Ignored for non-.deb artifacts.
excludelist of stringGlob patterns matched against each artifact's file name; anodizer drops any artifact whose name matches at least one glob from THIS Artifactory target only. Use it to keep heavy sidecars (checksums, signatures, SBOMs) off a given repository while archives still upload. Composes with ids: and exts: (all filters apply). None/empty keeps everything.

yaml artifactories: - target: "https://repo.example.com/{{ .ProjectName }}/{{ .Tag }}/{{ .ArtifactName }}" exclude: ["*.sha256", "*.sig", "*.cdx.json"] | | extra_files | list of ExtraFileSpec | — | Extra files to upload alongside build artifacts. | | extra_files_only | bool | — | When true, upload only extra_files (skip normal artifacts). | | exts | list of string | — | File extension filter: only upload artifacts matching these extensions. | | ids | list of string | — | Build IDs filter: only upload artifacts from builds whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the artifactory publisher is skipped. Render failure hard-errors. The artifactories[].if:. | | meta | bool | — | Include metadata artifacts in uploaded artifacts. | | method | string | — | HTTP method to use for uploads (default: "PUT"). | | mode | string | — | Upload mode: "archive" (upload archives) or "binary" (upload binaries). | | name | string | — | Human-readable name for this publisher (used in logs). | | overwrite | bool | — | Re-upload an artifact even when an identical one already exists at the target path (default: false).

With the default, a re-run that finds the same version's artifact already uploaded with a matching SHA-256 records an idempotent SKIP rather than re-PUTting it — so re-running a partially-failed release is safe. A path that already holds a different artifact for the same version still hard-errors (immutable-version drift) unless overwrite is set. With overwrite: true, every artifact is PUT unconditionally (Artifactory replaces the stored copy), restoring blind-overwrite behaviour for repos configured to allow it. | | password | string | — | Artifactory password or API key (or env var reference). | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | signature | bool | — | Include signatures in uploaded artifacts. | | skip | StringOrBool | — | Template-conditional skip: if rendered result is "true", skip this publisher. | | target | string | — | Target URL template for uploads (supports template variables). | | trusted_certificates | string | — | PEM-encoded trusted CA certificates for TLS verification. Appended to the system certificate pool. | | username | string | — | Artifactory username for authentication. |

attestations

SLSA build-provenance / attestation configuration for binaries and archives.

Two modes select how anodizer participates in attestation:

  • [AttestationMode::Subjects] (the default) emits a subjects manifest (dist/attestation-subjects.json) that anodizer-action feeds to GitHub's actions/attest-build-provenance. anodizer does NOT mint a GitHub-trusted attestation itself in this mode — the Action's OIDC identity does. This is the path fd / biome / gping use. - [AttestationMode::Emit] generates a self-contained in-toto v1 statement carrying an SLSA provenance v1 predicate over the selected artifacts, writes it as a release asset (attestation.intoto.jsonl), and lets the existing signs: stage sign it (keyed, not OIDC). This is for users who can't run the Action (the --with-provenance toggle).

YAML: yaml attestations: enabled: true mode: subjects # or: emit ; default = subjects artifacts: [archive, binary, checksum]

FieldTypeDefaultDescription
artifactslist of AttestationArtifactKindWhich produced-artifact kinds to attest. Each entry selects a KIND (archive, binary, checksum); the concrete subject set (filenames + sha256) is DERIVED from the artifacts anodizer already produced.

Defaults to [archive, binary, checksum] when omitted. | | enabled | bool | false | Enable attestation. When false (the default), the stage is a no-op. | | mode | AttestationMode | — | Participation mode: subjects (default) writes a manifest for actions/attest-build-provenance; emit generates and signs an in-toto SLSA provenance statement as a release asset. | | skip | StringOrBool | — | Skip the attestation stage. Accepts a bool or a template string. |

aur_sources

FieldTypeDefaultDescription
amd64_variantAmd64Variantx86_64 micro-architecture variant — v1 (baseline), v2, v3 (AVX2), or v4. Constrained to a typed enum because AUR source pkgs build from the upstream tarball (no binary artifacts to filter), so the value's only role is as the Amd64 template var consumed by prepare: / build: / package: script bodies — typos must fail at parse time, not silently render an invalid string into the PKGBUILD. When unset, defaults to v1 at template-render time.
archeslist of stringExplicit architecture list (default: auto-detect from artifacts).
backuplist of stringBackup files to preserve on upgrade.
buildstringCustom build() function body for PKGBUILD.
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template.
conflictslist of stringPackages this PKGBUILD conflicts with.
contributorslist of stringContributors listed in PKGBUILD comments.
dependslist of stringRuntime dependencies.
descriptionstringShort description of the package.
directorystringSubdirectory in the git repo for committed files.
git_ssh_commandstringCustom SSH command for git operations.
git_urlstringAUR SSH git URL override. Defaults to ssh://aur@aur.archlinux.org/<package>.git, derived from the resolved package name; set this only for a non-standard endpoint.
homepagestringProject homepage URL.
idslist of stringBuild IDs filter.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the AUR source config is skipped. Render failure hard-errors. The aur_sources[].if:.
installstringContent for a .install file (post-install/pre-remove scripts).
licensestringSPDX license identifier.
maintainerslist of stringPKGBUILD maintainer entries.
makedependslist of stringBuild-time dependencies (source packages need these).
namestringOverride the package name (default: crate name, no -bin suffix).
optdependslist of stringOptional dependencies.
packagestringCustom package() function body for PKGBUILD.
preparestringCustom prepare() function body for PKGBUILD.
private_keystringPath to SSH private key file.
provideslist of stringPackages this PKGBUILD provides.
relstringPackage release number (default: "1").
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip this config. Accepts the legacy disable: spelling via serde alias for back-compat. | | skip_upload | StringOrBool | — | Skip publishing. "true" always skips; "auto" skips for prereleases. | | url_template | string | — | Custom URL template for download URLs. |

before

Top-level lifecycle hooks for before and after blocks. Each block carries a list of hook commands that run around the entire pipeline (not individual stages).

The canonical key is hooks: for both before: and after: to the conventional spelling. The post: spelling is accepted as a serde alias on hooks for back-compat with the previous anodizer spelling; users with after: { post: [...] } keep working and a deprecation warning is logged when both spellings appear in the same block (see [HooksConfig::merge_hook_aliases]).

FieldTypeDefaultDescription
hookslist of HookEntryCommands to run when the block fires. The wire format accepts either hooks: (canonical) or the legacy post: spelling; both fold into this field at parse time.
postlist of HookEntryLegacy alias for hooks: (anodizer pre-v0.4). Always None after parsing — merge_hook_aliases collapses it into hooks. Present on the struct only because Deserialize writes through it before the fold step.

before_publish

Top-level lifecycle hooks for before and after blocks. Each block carries a list of hook commands that run around the entire pipeline (not individual stages).

The canonical key is hooks: for both before: and after: to the conventional spelling. The post: spelling is accepted as a serde alias on hooks for back-compat with the previous anodizer spelling; users with after: { post: [...] } keep working and a deprecation warning is logged when both spellings appear in the same block (see [HooksConfig::merge_hook_aliases]).

FieldTypeDefaultDescription
hookslist of HookEntryCommands to run when the block fires. The wire format accepts either hooks: (canonical) or the legacy post: spelling; both fold into this field at parse time.
postlist of HookEntryLegacy alias for hooks: (anodizer pre-v0.4). Always None after parsing — merge_hook_aliases collapses it into hooks. Present on the struct only because Deserialize writes through it before the fold step.

binary_signs

FieldTypeDefaultDescription
argslist of stringArguments passed to the signing command (supports templates with ${artifact} and ${signature}).
artifactsstringArtifact types to sign: "all", "archive", "binary", "checksum", "package", "sbom" (default: "none").
authenticodeAuthenticodeConfigAuthenticode (Windows PE/MSI) signing backend. When set, this sign config signs Windows artifacts in place via osslsigncode (Linux/cross) or signtool (Windows) instead of producing a detached cosign/gpg signature. The signing command, argv, timestamp URL, and artifact selector are all derived; supply only the cert (a secret).
certificatestringCertificate file to embed in the signature (Cosign bundle signing).
cmdstringSigning command to invoke (default: "cosign" or "gpg").
envlist of stringEnvironment variables passed to the signing command.
idstringUnique identifier for this sign config.
idslist of stringBuild IDs filter: only sign artifacts from builds whose id is in this list.
ifstringTemplate-conditional: skip this sign config if rendered result is "false" or empty.
outputStringOrBoolCapture and log stdout/stderr of the signing command. Accepts bool or template string (e.g., "{{ IsSnapshot }}").
signaturestringSignature output filename template (supports templates).
stdinstringContent written to the signing command's stdin.
stdin_filestringPath to a file whose content is written to the signing command's stdin.

changelog

FieldTypeDefaultDescription
abbrevintegerHash abbreviation length. Default: 0 (no truncation, emit the full SHA). Set to -1 to omit the hash entirely; positive values truncate to N chars. Values below -1 are clamped to -1 (a git log --abbrev=N would otherwise reject -2, -3, ...).
aiChangelogAiConfigAI-powered changelog enhancement configuration.
dividerstringDivider string inserted between changelog groups (e.g. "---"). Supports templates.
filesChangelogFilesConfigChangelog file-layout controls: which CHANGELOG.md files a release writes (per-crate vs the aggregate root). Separate from the content-generation keys above (use, format, groups, filters, paths, sort, ...) so file management and content concerns stay orthogonal. See [ChangelogFilesConfig].
filtersChangelogFiltersCommit message filters to include or exclude from the changelog.
footerContentSourceText appended to the changelog. Same shape as header.
formatstringTemplate for each changelog commit line. Available variables: SHA (full hash), ShortSHA (abbreviated), Message (commit subject), AuthorName, AuthorEmail, Login (per-commit GitHub username), Logins (per-entry comma-separated list of GitHub usernames for that commit), AllLogins (comma-separated list of all GitHub usernames across the entire release), AuthorUsername (renders @login when the login is known, the plain author name otherwise).

Logins come from the SCM API backends (use: github/gitea) and — when the release targets GitHub and a token is available — from GitHub-API enrichment of the default git backend, so use: git changelogs render @login mentions too. Release bodies carry bare @login (GitHub autolinks them); on-disk CHANGELOG.md files get explicit [@login](https://github.com/login) links. Without a token (or offline, or with a non-GitHub remote) rendering keeps the plain author name.

Default depends on backend (the full SHA is used):
git backend (default): "{{ SHA }} {{ Message }}"
github/gitlab/gitea backend: "{{ SHA }}: {{ Message }} (@Login or AuthorName <AuthorEmail>)" — falls back to AuthorName <AuthorEmail> when Login is empty.

When abbrev < 0, the default reduces to "{{ Message }}" (no hash prefix).
groupslist of ChangelogGroupGroups for organizing changelog entries by commit message prefix.
headerContentSourceText prepended to the changelog. Inline string, from_file: <path>, or from_url: <url> — symmetric with the release block's header/footer so users can compose headers from a templated file or remote endpoint (the upstream uses a plain string here; anodizer extends to ContentSource for consistency with release.header).
pathslist of stringOptional path filter that NARROWS the per-crate scope by intersection — it never replaces it. Each changelog track already scopes to its own commits (a per-crate track to its crate directory; the aggregate to the union of every crate directory plus the workspace manifests). When set, paths further restricts that derived scope to commits whose touched files match these globs; it can only ever drop commits, never widen to another track's directory. A paths value that is a superset of the derived scope (e.g. ["crates/**", "Cargo.toml", "Cargo.lock"] over a workspace) is therefore a no-op — and so is the recommended default of leaving paths unset, where scoping is fully derived. The same derived scope and intersect drive all three changelog formats (keep-a-changelog, json, and release-notes), so they cannot drift.

With use: git the intersect is precise (commits are filtered by their touched files). With use: github only the first path is used for API queries; with use: gitlab / gitea path filtering is unsupported, so a narrowing paths there is coarse and a warning is emitted. Supports template rendering. | | skip | StringOrBool | — | Skip changelog generation. Accepts bool or template string (e.g. "{{ if IsSnapshot }}true{{ endif }}" for conditional skip).

Accepts disable: as an alias so imported configs (which use changelog.disable:) parse cleanly without a rename. Anodizer's broader convention is skip: (mirrors release.skip_upload, stage-level skip: flags), so the canonical key stays skip:. | | snapshot | bool | — | When true, render the changelog even in snapshot mode. Anodizer matches the default (skip changelog on snapshot) and lets users opt back in here for local preview / draft generation. Wired in crates/stage-changelog/src/lib.rs::ChangelogStage::run. | | sort | string | — | Sort order for changelog entries: "asc" or "desc" (default: "asc"). | | title | string | — | Title heading for the changelog. Default: "Changelog". Supports templates. | | use | string | — | Changelog source: "git" (default), "github", or "github-native". "github" fetches commits via the GitHub API, enriching entries with author login information (available as the {{ Logins }} per-entry template variable and the {{ AllLogins }} release-wide variable). "github-native" delegates entirely to GitHub's auto-generated notes. |

cloudsmiths

CloudSmith publisher configuration. Pushes packages to CloudSmith repositories.

FieldTypeDefaultDescription
componentstringDebian component name (e.g. "main").
distributionsmapDistribution mapping per format. Each entry accepts either a single slug (deb: "ubuntu/focal") or an array of slugs (deb: ["ubuntu/focal", "ubuntu/jammy"]); the array form issues one upload per entry.
excludelist of stringGlob patterns matched against each artifact's file name; anodizer drops any artifact whose name matches at least one glob from THIS CloudSmith target only. Use it to keep heavy sidecars off a given repository while packages still upload. Composes with ids: and formats: (all filters apply). None/empty keeps everything.

yaml cloudsmiths: - organization: my-org repository: my-repo exclude: ["*.sha256", "*.sig", "*.cdx.json"] | | formats | list of string | — | Package format filter: only publish artifacts matching these formats. | | ids | list of string | — | Build IDs filter: only publish artifacts from builds whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the CloudSmith publisher is skipped. Render failure hard-errors. Config key: cloudsmiths[].if:. | | keep_versions | integer | — | Retain only the N most-recent release versions of each published package, pruning older ones from the CloudSmith repository after a successful upload.

This is opt-in and destructive: leaving it unset (the default) prunes nothing. When set, after the just-uploaded artifacts are confirmed present the publisher lists every version of this package in the repository, ranks the distinct release versions by SemVer (newest first), keeps the top N — which always includes the version just published — and issues DELETE for every artifact (all formats and architectures) belonging to versions ranked beyond N. Other packages sharing the repository are never touched.

All package formats of one release are treated as the same version: the deb/rpm epoch (1:0.9.1-1) and apk revision (0.9.1-r1) suffixes are normalized to the base SemVer (0.9.1) before ranking, so keeping 2 versions keeps every .deb/.rpm/.apk of the two newest releases.

Pruning is best-effort: it runs only after the upload (the real work) has already succeeded, is skipped entirely in dry-run and snapshot mode, and a list/delete failure emits a prominent warning and continues rather than failing the release or rolling anything back. keep_versions: 0 is rejected — anodizer never prunes every version.

Primarily a remedy for storage-capped repositories (e.g. the CloudSmith free plan's 500 MB limit, which offers no server-side retention policy).

yaml cloudsmiths: - organization: acme repository: tools keep_versions: 3 # keep the 3 newest releases, prune older ones | | organization | string | — | CloudSmith organization slug. | | repository | string | — | CloudSmith repository slug. | | republish | StringOrBool | — | When true, allow republishing over existing package versions. | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | secret_name | string | — | Environment variable name containing the CloudSmith API key. | | skip | StringOrBool | — | Template-conditional skip: if rendered result is "true", skip this publisher. |

crates

FieldTypeDefaultDescription
afterHooksConfigHooks that run inside THIS crate's scope at the end of the release, after the crate's publish dispatch (and post-publish verification) completes. Per-crate counterpart of the top-level after: (which fires once around the whole release). Same per-crate firing semantics across all modes, template surface, and abort semantics as the per-crate before:.
app_bundleslist of AppBundleConfigmacOS app bundle configurations for this crate.
archiveslist of ArchiveConfig[]Archive configurations for this crate. Set to false to disable archiving, or provide an array of archive configs.
beforeHooksConfigHooks that run inside THIS crate's scope at the start of the release, before the build. Distinct from the top-level before:, which fires ONCE around the whole release; these fire once per crate with that crate's version/tag template vars anchored, so cmd / dir / env / if render against the crate's own Version / Tag / ProjectName. A non-zero exit aborts the release.

Fires once per crate in EVERY multi-crate mode — workspace per-crate AND workspace lockstep with multiple publisher crates — in both a full anodizer release and anodizer release --publish-only, matching the per-crate iteration of before_publish: and the publishers. With an explicit --crate subset only the selected crates' hooks fire. No-op in a single-crate config with no crates: block (use the top-level before: there). | | before_publish | HooksConfig | — | Hooks that run immediately before THIS crate's publishers dispatch, once per matching artifact (the same per-artifact semantics as the top-level before_publish:), scoped to the crate's own artifacts and template vars. Honors the per-entry ids: / artifacts: filters. A non-zero exit aborts the release before that crate publishes to any registry. The top-level before_publish: still fires once over the full artifact set; this one targets a single crate's artifacts. | | binstall | BinstallConfig | — | cargo-binstall metadata configuration for this crate. | | blobs | list of BlobConfig | — | Cloud storage (S3/GCS/Azure) upload configurations for this crate. | | builds | list of BuildConfig | — | Build configurations for this crate. One entry per binary by default. | | checksum | ChecksumConfig | — | Checksum configuration for this crate. | | cross | CrossStrategy | — | Cross-compilation strategy for this crate: auto, zigbuild, cross, or cargo. | | depends_on | list of string | — | Other crates this crate depends on; ensures release ordering. | | dmgs | list of DmgConfig | — | macOS DMG disk image configurations for this crate. | | docker_digest | DockerDigestConfig | — | Docker image digest file configuration for this crate. | | docker_manifests | list of DockerManifestConfig | — | Docker multi-platform manifest configurations for this crate. | | dockers_v2 | list of DockerV2Config | — | Docker V2 image build configurations for this crate (canonical API: images+tags, annotations, build_args, sbom, disable). The legacy docker: block was removed; this is the only docker surface. The docker_v2: spelling is still accepted via serde alias for back-compat. | | flatpaks | list of FlatpakConfig | — | Linux Flatpak bundle configurations for this crate. | | msis | list of MsiConfig | — | Windows MSI installer configurations for this crate. | | name | string | — | Crate name as published (must match the Cargo.toml package name). | | nfpms | list of NfpmConfig | — | Linux package (deb, rpm, apk) configurations for this crate. Renamed from nfpm: (singular) for spelling parity with Defaults.nfpms and the rest of the plural-name per-crate packaging lists (dmgs, msis, pkgs, nsis, ...). The nfpm: spelling is still accepted via serde alias for back-compat. | | no_unique_dist_dir | StringOrBool | — | When true (or template evaluating to "true"), all build outputs are placed in a flat dist/ directory instead of dist/{target}/. | | nsis | list of NsisConfig | — | NSIS installer configurations for this crate. | | path | string | — | Relative path to the crate directory from the project root. | | pkgs | list of PkgConfig | — | macOS PKG installer configurations for this crate. | | publish | PublishConfig | — | Publishing targets (Homebrew, Scoop, AUR, etc.) for this crate. | | release | ReleaseConfig | — | GitHub release configuration for this crate. | | snapcrafts | list of SnapcraftConfig | — | Snapcraft package configurations for this crate. | | tag_template | string | — | Git tag template used to tag and identify releases (supports templates). | | universal_binaries | list of UniversalBinaryConfig | — | macOS universal binary (fat binary) configurations for this crate. | | version | string | — | Pinned semver version. When set, anodizer bump --strict refuses to edit this crate's Cargo.toml to anything other than this value; without --strict, the bump proceeds with a warning. Lets a release captain freeze a crate's version while still running broad --workspace bumps. | | version_files | list of string | — | Repo-committed files that embed this crate's release version outside Cargo.toml (repo-root-relative path strings). At tag time each file has its occurrences of the old version rewritten to the new version — both bare and v-prefixed forms, word-boundary anchored — and is staged into the same bump commit as this crate's Cargo.toml. Overrides the workspace-level defaults.version_files. | | version_sync | VersionSyncConfig | — | Automatic version number synchronization configuration for this crate. |

defaults

Workspace-level defaults that path-mirror the CrateConfig (and select top-level Config) shape. Each field here is folded into every resolved crate by defaults_merge::apply_defaults according to the deep-merge / merge-by-identity semantics documented in defaults_merge.

Multi-publisher fields are single-struct on both sides today: defaults supplies one struct per publisher, and per-crate publish.* fields are also single-struct. A future change may introduce list-or-scalar via OneOrMany<T> on the per-crate side so a crate can declare multiple homebrew taps / scoop buckets / etc.; the defaults side would stay single-struct and merge into the first per-crate entry by identity.

FieldTypeDefaultDescription
app_bundlesAppBundleConfigDefault app-bundle settings applied to all crates.
archivesArchiveConfigDefault archive settings applied to all crates.
binary_signsSignConfigDefault binary-signing settings.
buildsBuildConfigDefault build settings applied to every crate's builds (deep-merged into each CrateConfig.builds[] entry by identity on id/binary).
checksumChecksumConfigDefault checksum settings applied to all crates. Mirrors CrateConfig.checksum so checksum config can be hoisted to defaults.
cratesDefaultsCrateBlockCrate-axis defaults marker. Only valid when top-level crates: is set. Reserved for per-crate overrides keyed by crate id (future waves).
crossCrossStrategyDefault cross-compilation strategy: auto, zigbuild, cross, or cargo. Mirrors CrateConfig.cross so the strategy can be hoisted to defaults.
dmgsDmgConfigDefault DMG settings applied to all crates.
docker_signsDockerSignConfigDefault Docker image signing settings.
dockers_v2DockerV2ConfigDefault Docker (V2 API) image settings applied to all crates. The docker_v2: spelling is still accepted via serde alias for back-compat.
envlist of stringDefault environment variables (KEY=VALUE strings) hoisted across crates.
flatpaksFlatpakConfigDefault flatpak settings applied to all crates.
makeselvesMakeselfConfigDefault makeself settings applied to all crates.
msisMsiConfigDefault MSI settings applied to all crates.
nfpmsNfpmConfigDefault nfpm (deb/rpm/apk) settings applied to all crates.
notarizeNotarizeConfigDefault macOS notarization settings.
nsisNsisConfigDefault NSIS settings applied to all crates.
pkgsPkgConfigDefault macOS PKG settings applied to all crates.
publishPublishDefaultsDefault publisher configurations (single-struct per publisher). Per-crate publish.* entries are merged into these by identity.
sbomSbomConfigDefault SBOM generation settings.
signSignConfigDefault artifact signing settings.
snapcraftsSnapcraftConfigDefault snapcraft settings applied to all crates.
sourceSourceConfigDefault source-archive settings applied to all crates.
srpmsSrpmConfigDefault SRPM settings applied to all crates.
targetslist of stringDefault build targets (e.g., ["x86_64-unknown-linux-gnu", "aarch64-apple-darwin"]).
upxUpxConfigDefault UPX compression settings applied to all crates.
version_fileslist of stringDefault repo-committed files whose embedded release version is rewritten at tag time (repo-root-relative path strings). Hoisted across crates; folded into each crate's version_files by defaults_merge when the crate does not set its own list. Mirrors CrateConfig.version_files.
workspacesDefaultsWorkspaceBlockWorkspace-axis defaults marker. Only valid when top-level workspaces: is set. Reserved for per-workspace overrides keyed by workspace name (future waves).

docker_signs

FieldTypeDefaultDescription
argslist of stringArguments passed to the signing command (supports templates).
artifactsstringDocker artifact types to sign: "all", "image", or "manifest" (default: "none").
certificatestringCertificate file to embed in the signature (Cosign bundle signing).
cmdstringSigning command to invoke (default: "cosign").
envlist of stringEnvironment variables passed to the signing command.
idstringUnique identifier for this docker sign config.
idslist of stringDocker config IDs filter: only sign images from configs whose id is in this list.
ifstringTemplate-conditional: skip this docker sign config if rendered result is "false" or empty.
outputStringOrBoolCapture and log stdout/stderr of the docker signing command.
signaturestringSignature output filename template (supports templates).
stdinstringContent written to the signing command's stdin.
stdin_filestringPath to a file whose content is written to the signing command's stdin.

dockerhub

DockerHub description sync configuration. Pushes image descriptions and README content to DockerHub repositories.

FieldTypeDefaultDescription
descriptionstringShort description for the DockerHub repository (max 100 chars).
full_descriptionDockerHubFullDescriptionFull description (README) source for the DockerHub repository.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the DockerHub publisher is skipped. Render failure hard-errors. Exposes the dockerhub[].if: conditional gate; distinct from skip: (which expresses "always skip") and provides config-import parity.
imageslist of stringDockerHub image names to update (e.g. myorg/myapp).
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | secret_name | string | — | Environment variable name containing the DockerHub token. | | skip | StringOrBool | — | Skip this publisher. Accepts bool or template string. Accepts the legacy disable: spelling via serde alias for back-compat with imported configs (the legacy disable: spelling). | | username | string | — | DockerHub username for authentication. |

gemfury

GemFury package registry publisher configuration.

Pushes deb / rpm / apk artifacts to https://push.fury.io/<account>. Authenticates via HTTP Basic auth using the push token as the username (empty password) — the conventional Fury push surface.

FieldTypeDefaultDescription
accountstringGemFury account name. Required; rendered through the template engine so account: "{{ Env.MY_FURY_ACCOUNT }}" works.
api_secret_namestringEnvironment variable name carrying the API (delete) token. Default FURY_API_TOKEN.
api_tokenstringOptional API token used by rollback to issue DELETE /<account>/packages/<name>/versions/<version>. When unset, the env var named by api_secret_name (default FURY_API_TOKEN) is consulted at rollback time. If both are absent at rollback time, the publisher falls back to a manual-cleanup warn.
excludelist of stringGlob patterns matched against each artifact's file name; anodizer drops any artifact whose name matches at least one glob from THIS GemFury target only. Use it to keep heavy sidecars off the account while packages still upload. Composes with ids: and the format filter (all filters apply). None/empty keeps everything.

yaml gemfury: - account: my-account exclude: ["*.sha256", "*.sig", "*.cdx.json"] | | formats | list of string | — | Package format filter: only push artifacts matching these formats. Defaults to ["apk", "deb", "rpm"]. | | id | string | — | Unique identifier for selecting this entry from the CLI (--id=...). | | ids | list of string | — | Build IDs filter: only include artifacts whose archive id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the GemFury publisher entry is skipped. Render failure hard-errors. Exposes the gemfury[].if: conditional gate; distinct from skip: (which expresses "always skip") and provides config-import parity. | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: true — GemFury is a Manager-group publisher (mutable but reversible via the delete API), so a failed publish aborts by default to avoid surprising the operator with a half-released version. Set to false to log failures but continue. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | secret_name | string | — | Environment variable name carrying the push token. Default FURY_PUSH_TOKEN. The actual token VALUE is read from this env var at publish/rollback time. | | skip | StringOrBool | — | Template-conditional skip: if rendered result is "true", skip this publisher entry. Accepts bool or template string. Accepts the legacy disable: spelling via serde alias for back-compat with imported gemfury[].disable: configs. | | token | string | — | Push token used as the HTTP Basic auth username (empty password). When unset, the env var named by secret_name (default FURY_PUSH_TOKEN) is consulted at publish time. NEVER logged. |

git

Git-level tag discovery and sorting settings.

Controls how anodizer discovers and orders tags when determining the current and previous versions. This is separate from TagConfig, which controls version bumping logic.

FieldTypeDefaultDescription
ignore_tag_prefixeslist of stringTag prefixes to ignore during version detection (supports templates). Tags starting with any prefix in this list are excluded. The ignore-tag-prefixes feature.
ignore_tagslist of stringTag patterns to ignore during version detection (supports templates). Tags matching any pattern in this list are excluded from version detection entirely.
prerelease_suffixstringSuffix that identifies pre-release tags for sorting purposes. When set, tags ending with this suffix are treated as pre-releases and sorted accordingly during tag discovery.
tag_sortstringHow to sort git tags when determining the latest version.

Accepted values: - "-version:refname" (default) — lexicographic version sort on the tag name. - "-version:creatordate" — sort by the tag's creation date (newest first). - "semver" — strict SemVer 2.0.0 ordering computed in Rust; prereleases sort below their release per spec section 11. Bypasses git's native sort. - "smartsemver" — same ordering as "semver", but when the current version (resolved from the template Version variable) is non-prerelease, prerelease tags are filtered out before previous-tag selection. Prevents v0.2.0-beta.3 from being picked as the predecessor of v0.2.0 (which would otherwise produce an empty changelog). |

gitea_urls

Custom Gitea API/download URLs for self-hosted Gitea installations. Gitea API/download URL overrides.

FieldTypeDefaultDescription
apistringGitea API base URL (e.g. https://gitea.example.com/api/v1/).
downloadstringGitea download URL for release assets.
skip_tls_verifyboolWhen true, skip TLS certificate verification for the custom URLs.

github_urls

Custom GitHub API/upload/download URLs for GitHub Enterprise installations. GitHub API/download URL overrides.

FieldTypeDefaultDescription
apistringGitHub API base URL (e.g. https://github.example.com/api/v3/).
downloadstringGitHub download URL for release assets (e.g. https://github.example.com/).
skip_tls_verifyboolWhen true, skip TLS certificate verification for the custom URLs.
uploadstringGitHub upload URL for release assets (e.g. https://github.example.com/api/uploads/).

gitlab_urls

Custom GitLab API/download URLs for self-hosted GitLab installations. GitLab API/download URL overrides.

FieldTypeDefaultDescription
apistringGitLab API base URL (e.g. https://gitlab.example.com/api/v4/).
downloadstringGitLab download URL for release assets.
skip_tls_verifyboolWhen true, skip TLS certificate verification for the custom URLs.
use_job_tokenboolWhen true, use the CI_JOB_TOKEN for authentication instead of a personal token.
use_package_registryboolWhen true, use the GitLab Package Registry for uploads instead of Generic Packages.

homebrew_casks

Unified Homebrew Cask configuration.

Used at both call-sites: - homebrew_casks: — top-level array; carries repository, commit_author, directory, ids, url, structured uninstall/zap, etc. - crates[].publish.homebrew_cask: — per-crate override; same shape, with url_template as the simpler URL alternative.

Fields from both original types are present; any field may be None at either call-site. The union avoids a two-type bifurcation while keeping both axes.

FieldTypeDefaultDescription
alternative_nameslist of stringAlternative cask names (aliases).
appstringmacOS .app bundle name (e.g. "MyApp.app").
binarieslist of HomebrewCaskBinaryBinary stubs to create in /usr/local/bin.

Each entry is either a bare string ("my-cli" → emits binary "my-cli") or a structured { name, target } object ({ name: "my-cli", target: "mycli" } → emits binary "my-cli", target: "mycli"). The target: form mirrors the Homebrew Ruby cask DSL for binary renames — without it, a wrapped binary installs at the wrong path. Cask binary entry. | | binary | string | — | Deprecated singular spelling of [Self::binaries]. The upstream replaced binary: foo with binaries: [foo]; this field captures the legacy spelling so imported configs keep parsing. apply_homebrew_cask_legacy_singulars folds the value into [Self::binaries] at config-load time and emits a one-time deprecation warning per occurrence. The field is excluded from serialization so a round-tripped config emits only the canonical plural form. | | caveats | string | — | Custom caveats shown after install. | | commit_author | CommitAuthorConfig | — | Commit author with optional signing. | | commit_msg_template | string | — | Custom commit message template. Default: "Brew cask update for {{ ProjectName }} version {{ Tag }}" | | completions | HomebrewCaskCompletions | — | Shell completion definitions. | | conflicts | list of HomebrewCaskConflictEntry | — | Conflicting casks or formulae. | | custom_block | string | — | Arbitrary Ruby code inserted into the cask block. | | dependencies | list of HomebrewCaskDependencyEntry | — | Cask dependencies (other casks or formulae). | | description | string | — | Cask description. | | directory | string | — | Subdirectory in the tap repo for cask placement (default: "Casks"). | | generate_completions_from_executable | HomebrewCaskGeneratedCompletions | — | Auto-generate shell completions from an executable. | | homepage | string | — | Project homepage URL. | | hooks | HomebrewCaskHooks | — | Pre/post install/uninstall hooks. | | ids | list of string | — | Build IDs filter: only include artifacts from builds whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Homebrew Cask config is skipped. Render failure hard-errors. Config key: homebrew_casks[].if:. | | license | string | — | License identifier (SPDX). | | livecheck | HomebrewLivecheck | — | livecheck stanza configuration for the cask. When unset, the cask emits livecheck do\n skip "Auto-generated on release."\nend (a binary cask's download URL/sha256 are rewritten on every release, so brew livecheck has nothing stable to poll). Set strategy: / url: / regex: (with skip: false) to opt into active version detection — the same shape a Homebrew cask livecheck do … end block accepts. Reuses the formula livecheck config type. | | manpage | string | — | Deprecated singular spelling of [Self::manpages]. The upstream replaced manpage: foo.1 with manpages: [foo.1]; this field captures the legacy spelling so imported configs keep parsing. apply_homebrew_cask_legacy_singulars folds the value into [Self::manpages] at config-load time and emits a one-time deprecation warning per occurrence. The field is excluded from serialization so a round-tripped config emits only the canonical plural form. | | manpages | list of string | — | Manual page references to install. | | name | string | — | Cask name (default: crate / project name). | | repository | RepositoryConfig | — | Unified repository config for the Homebrew tap. | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | service | string | — | Homebrew service definition. | | skip_upload | StringOrBool | — | Skip publishing the cask. "true" always skips; "auto" skips for prerelease versions. Accepts bool or template string. | | uninstall | HomebrewCaskUninstall | — | Structured uninstall stanza configuration. | | update_existing_pr | StringOrBool | — | When true, force-push the updated cask file to the existing PR branch when a PR for the same head branch already exists. The PR content is updated in place rather than creating a duplicate. When false (default), the push is skipped and a warning is emitted so the operator sees that the publisher did not update the PR. | | url | HomebrewCaskURL | — | Structured download URL configuration (top-level axis). | | url_template | string | — | Simple URL template for the .dmg/.zip download (per-crate shorthand).

Cannot be combined with url.template: — set one or the other. If both are present, config validation rejects the config at parse time. Use url: for the structured form (verified domain, custom headers, etc.) or url_template: for a bare string shorthand — never both simultaneously. | | zap | HomebrewCaskUninstall | — | Deep uninstall (zap) stanza configuration. |

makeselfs

FieldTypeDefaultDescription
archlist of stringTarget architecture filter.
compressionstringCompression algorithm: gzip, bzip2, xz, lzo, compress, or none.
descriptionstringDescription for LSM metadata.
extra_argslist of stringExtra arguments passed to the makeself command.
filenamestringOutput filename template (default includes project, version, os, arch).
fileslist of MakeselfFileAdditional files to include in the archive.
homepagestringHomepage URL for LSM metadata.
idstringUnique identifier for this makeself config (default: "default").
idslist of stringBuild IDs filter: only include artifacts whose id is in this list.
keywordslist of stringKeywords for LSM metadata.
licensestringLicense for LSM metadata.
maintainerstringMaintainer for LSM metadata.
namestringDisplay name embedded in the self-extracting archive.
oslist of stringTarget OS filter (default: ["linux", "darwin"]).
scriptstringStartup script to run when the archive is extracted and executed. Required — the archive will not be created without this.
skipStringOrBoolSkip this config. Accepts bool or template string. Accepts the legacy disable: spelling via serde alias for back-compat with imported configs.

mcp

MCP server registry publisher configuration.

Publishes an apiv0.ServerJSON document to the MCP registry (https://registry.modelcontextprotocol.io/v0/publish by default). MCP config (server details flattened onto the publisher block).

FieldTypeDefaultDescription
authMcpAuth{"type":"none"}Authentication method for the registry's /v0/publish endpoint. Defaults to none (anonymous publish, allowed for development / staging registries).
descriptionstringClear human-readable description of server functionality (max 100 chars).
homepagestringOptional URL to the server's homepage, documentation, or project website. Serialized as websiteUrl in the registry payload.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the MCP publisher is skipped. Render failure hard-errors. The mcp.if: conditional gate.
namestringServer name in reverse-DNS format (e.g. io.github.user/weather). Must contain exactly one forward slash separating namespace from server name. An empty / unset value skips the publisher entirely.
packageslist of McpPackage[]Distribution packages — one entry per package registry (npm, pypi, nuget, oci, mcpb).
registrystringOverride the registry endpoint (for staging or a private mirror). Defaults to https://registry.modelcontextprotocol.io when unset.
repositoryMcpRepository{"url":"","source":"","id":"","subfolder":""}Optional source repository metadata. Emitted as the repository object in the registry payload — omitted entirely when url is empty.
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip this publisher when the expression evaluates truthy. Accepts a bool or a Tera template that renders to "true"/"false" (e.g. "{{ if .IsSnapshot }}true{{ endif }}"). Accepts the legacy disable: spelling via serde alias for back-compat with imported imported configs (the MCP config field MCP.Disable string). | | title | string | — | Optional human-readable title shown in registry UIs (max 100 chars). Templated; supports {{ ProjectName \| title }}, {{ Version }}, etc. | | transports | list of McpTransport | [] | Top-level transports list. Intentional config-portability shim: McpConfig carries deny_unknown_fields, so a migrated an imported config containing transports: would fail to parse if the field were absent. The list is accepted and discarded — the current MCP server schema derives transports per-package via packages[].transport, so the top-level list is never read after deserialization and is intentionally not emitted to the registry. |

metadata

FieldTypeDefaultDescription
commit_authorCommitAuthorConfigCommit author identity for commit workflows. Reuses the shared CommitAuthorConfig (name + email + optional signing). Exposed as {{ Metadata.CommitAuthor.Name }} / {{ Metadata.CommitAuthor.Email }}.
descriptionstringHuman-readable project description (exposed as {{ Metadata.Description }}).
documentationstringProject documentation URL, e.g. a docs.rs or hosted-docs link (exposed as {{ Metadata.Documentation }}). Derived from Cargo.toml [package].documentation when unset.
full_descriptionContentSourceLong-form project description. Supports inline string, from_file, or from_url. Exposed as {{ Metadata.FullDescription }}. FromUrl is resolved lazily (requires the release stage); FromFile is resolved at context-populate time with template-rendered path.
homepagestringProject homepage URL (exposed as {{ Metadata.Homepage }}).
licensestringProject license identifier, e.g. "MIT" or "Apache-2.0" (exposed as {{ Metadata.License }}).
maintainerslist of stringList of project maintainers (exposed as {{ Metadata.Maintainers }}).
mod_timestampstringGlobal modification timestamp for metadata output files (metadata.json and artifacts.json). Template string (e.g. "{{ CommitTimestamp }}") or unix timestamp. When set, rendered late in the pipeline and applied as file mtime. Exposed as {{ Metadata.ModTimestamp }}.
repositorystringProject source-repository URL, e.g. a GitHub URL (exposed as {{ Metadata.Repository }}). Derived from Cargo.toml [package].repository when unset; feeds the npm package.json repository field, which npm provenance validates against the OIDC-claimed repository.

milestones

FieldTypeDefaultDescription
closeboolClose the milestone on release. Default: false.
fail_on_errorboolFail the pipeline if milestone close fails. Default: false.
name_templatestringMilestone name template (default: "{{ Tag }}").
repoScmRepoConfigRepository owner/name. Auto-detected from git remote if not set.

monorepo

Monorepo configuration.

When configured, tag discovery filters by tag_prefix and the working directory is scoped to dir.

This is DIFFERENT from TagConfig.tag_prefix: - MonorepoConfig.tag_prefix: tags in git already HAVE the prefix (e.g. subproject1/v1.2.3). The prefix is STRIPPED for {{ Tag }} while {{ PrefixedTag }} retains the full tag. - TagConfig.tag_prefix: a prefix to PREPEND when constructing {{ PrefixedTag }} from a plain tag.

When monorepo is configured, it takes precedence over tag.tag_prefix for PrefixedTag / PrefixedPreviousTag behavior.

FieldTypeDefaultDescription
dirstringWorking directory for this subproject.

Used for changelog path filtering (when no explicit changelog.paths or crate.path is configured) and as the default build dir. | | tag_prefix | string | — | Tag prefix for this subproject (e.g. "subproject1/").

Tags matching this prefix are selected during tag discovery, and the prefix is stripped from {{ Tag }} while {{ PrefixedTag }} retains the full tag. |

nightly

FieldTypeDefaultDescription
draftboolOverride release.draft for nightly runs only. None falls through to release.draft; Some(v) overrides it.
keep_single_releaseboolDelete the prior release that points at the same tag before creating the new one. Default: false. Set true to maintain a single rolling nightly release on GitHub.

Back-compat alias for retention: { keep_last: 1 }. When both keep_single_release and retention are set, retention wins. Destructive: deletes a published release via the GitHub Releases API. GitHub-only. | | name_template | string | — | Template for the release name. Default: "{{ ProjectName }}-nightly". | | publish_release | bool | — | Whether to publish a GitHub Release at all. Default: true. Set false for nightly-only docker pushes / blob uploads. | | publish_repo | string | — | Publish the nightly release to a DIFFERENT repository than the source repo, in "owner/repo" form (e.g. "nushell/nightly"). Default (None) publishes to the configured release.github repo, unchanged.

When set, the nightly release create, asset upload, AND retention (keep_single_release / retention.keep_last) delete calls all target this repo. The active SCM token is assumed to have write access to publish_repo. GitHub-only (the nushell adoption target). | | retention | RetentionConfig | — | Retention policy for nightly releases on GitHub. Generalizes keep_single_release (which is keep_last: 1): keeps the N newest nightly releases matching the nightly tag/name and deletes the rest (releases + the tags anodizer created for them). Operates on publish_repo when set. Default (None): no retention sweep. | | tag_name | string | — | Tag name used for the nightly release. Default: "nightly". Templates allowed. | | version_template | string | — | Template for the rendered version string the nightly run sets on Version / RawVersion. Default: "{{ incpatch(v=Version) }}-{{ ShortCommit }}-nightly" — produces commit-immutable nightly versions (two same-day commits yield two distinct nightly versions).

The {{ NightlyBuild }} template var (a stateless per-base-version build counter derived from git rev-list --count <last-tag>..HEAD) enables nushell-style schemes such as "{{ Base }}-nightly.{{ NightlyBuild }}+{{ ShortCommit }}". |

notarize

Top-level notarization configuration supporting both cross-platform (rcodesign) and native macOS (codesign + xcrun notarytool) modes.

FieldTypeDefaultDescription
macoslist of MacOSSignNotarizeConfigCross-platform signing/notarization (rcodesign-based, works on any OS).
macos_nativelist of MacOSNativeSignNotarizeConfigNative signing/notarization (codesign + xcrun, macOS only).
skipStringOrBoolSkip all notarization. Accepts bool or template string.

npms

NPM package registry publisher configuration.

In the default optional-deps mode anodizer emits one thin npm package per built platform (with os/cpu/libc selectors derived from the target triple) plus a metapackage whose optionalDependencies lists every platform package; npm's native resolution installs only the one matching the host. In postinstall mode a single package carries a postinstall script that downloads the matching release archive at npm install time. Each npms[] entry produces one publish.

FieldTypeDefaultDescription
accessstringNPM access level for scoped packages. Accepts "public" / "restricted". Scoped packages on npmjs.org default to restricted unless this is set to public.
authNpmAuthModeautoCredential-selection strategy: auto (default) decides per package by probing the registry for the package's existence; token always uses the token; oidc always uses Trusted Publishing with no token fallback. See [NpmAuthMode]. Absent in existing configs resolves to auto.
authorstringTemplated author field for package.json. Falls back to the project's metadata.maintainers[0], and then to the crate's Cargo.toml [package].authors[0], when unset.
binstringCommand name installed by the metapackage's bin map (optional-deps mode). Falls back to the metapackage basename when unset.
bugsstringTemplated bug tracker URL. Emitted as bugs.url in package.json.
descriptionstringTemplated package description. Falls back to the project-level metadata.description when unset.
enginesmapnpm engines constraint map written verbatim into package.json (e.g. { node: ">=18" }). When unset, anodizer emits a sensible default of { node: ">=18" } — the floor every leading native-CLI wrapper (esbuild, biome, swc) declares. Set to an empty map to suppress the field entirely.
extramapFree-form root-level package.json fields. Shallow-merged into the generated package.json (config keys win over generated ones). Useful for mcpName, funding, or other npm metadata fields anodizer does not surface as first-class options.
extra_fileslist of stringAdditional files to include in the published package alongside the generated metadata. Default ["README*", "LICENSE*"] (applied at the Default pass).
fileslist of stringExplicit npm files allowlist written into package.json. When unset, anodizer derives it from what each package actually ships (the per-platform binary, the metapackage shim.js, or the postinstall launcher/script) plus any extra_files basenames. Set to an empty list to suppress the field (npm then falls back to its implicit inclusion rules).
formatstringArchive format the postinstall script downloads (tgz, tar.gz, tar, zip, binary). Default tgz. Only consulted in postinstall mode.
homepagestringTemplated homepage URL. Falls back to metadata.homepage when unset.
idstringUnique identifier for selecting this entry from the CLI (--id=...).
idslist of stringBuild IDs filter: only include artifacts whose archive id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the NPM publisher entry is skipped. Render failure hard-errors.
keywordslist of stringNPM keywords list.
libc_awarebooltrueIn optional-deps mode, emit separate per-platform packages for linux musl vs glibc (distinguished by the npm libc selector). When false, a single linux package per cpu is emitted with no libc selector. Default true — musl and glibc binaries are not interchangeable, so collapsing them risks installing the wrong one.
licensestringTemplated SPDX license identifier (e.g. MIT, Apache-2.0). Falls back to metadata.license when unset.
metapackagestringMetapackage name for optional-deps mode (e.g. biome). This is the package users npm install; it lists every per-platform package under optionalDependencies and ships the bin shim. Falls back to name (or the crate name) when unset.
modeNpmModeoptional-depsBinary-distribution strategy. optional-deps (default) emits npm's native per-platform packages; postinstall emits a download shim.
namestringNPM package name (the metapackage / postinstall package). May be scoped (@org/foo) or unscoped (foo). Falls back to the crate name when unset.
provenanceboolnpm publishConfig.provenance flag. When unset, anodizer emits true — the npm supply-chain norm that biome and swc both set, pairing with anodizer's signing story. Set to false to disable.
registrystringOverride the registry endpoint (default https://registry.npmjs.org).
repositorystringTemplated repository URL. Emitted as repository.url in package.json with type: git.
requiredboolOverride whether this publisher failing should fail the overall release.

Default: true — NPM is a Manager-group publisher (one-way 72-hour unpublish window), so a failed publish aborts by default to avoid surprising the operator with a half-released version. Set to false to log failures but continue. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | scope | string | — | npm scope for the per-platform packages emitted in optional-deps mode (e.g. @biomejs). The per-platform packages are named <scope>/<bin>-<os>-<cpu>[-<libc>]. Required for optional-deps mode; ignored in postinstall mode. | | skip | StringOrBool | — | Skip this publisher. Accepts bool or template string. Accepts the legacy disable: spelling via serde alias for back-compat. | | tag | string | — | NPM dist-tag for the publish (default latest). Templated. | | templated_extra_files | list of NpmTemplatedExtraFile | — | Template-rendered file mappings (src may be a glob; rendered contents written to dst). | | token | string | — | Auth token for the registry. Falls back to the NPM_TOKEN env var when unset. Stored in .npmrc as //<registry>/:_authToken=... at publish time and never passed via argv. | | url_template | string | — | Override the download URL emitted into the postinstall script (templated). When unset, anodizer derives the URL from the release context. Only consulted in postinstall mode. |

partial

FieldTypeDefaultDescription
bystringHow to split builds: "os" (by OS, default) or "target" (by full triple). "os" groups all arch variants for the same OS into one split job. "target" gives each unique target triple its own split job.

The legacy goos spelling is accepted as a back-compat alias for os (folded at parse time, with a deprecation warning); imported configs keep loading. |

publishers

FieldTypeDefaultDescription
argslist of stringArguments passed to the publish command (supports templates).
artifact_typeslist of stringArtifact type filter: only publish artifacts of these types (e.g., "archive", "binary").
checksumboolInclude checksums in published artifacts.
cmdstringCommand to invoke for publishing.
dirstringWorking directory for the publisher command.
envlist of stringEnvironment variables passed to the publish command.
extra_fileslist of ExtraFileSpecExtra files to include in publishing (glob patterns with optional name override).
idslist of stringBuild IDs filter: only publish artifacts from builds whose id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the publisher is skipped. Render failure hard-errors. The customization/publishers/ if: field. Distinct from skip: (which expresses "always skip") and provides config-import parity.
metaboolInclude metadata artifacts in published artifacts.
namestringHuman-readable name for this publisher (used in logs).
signatureboolInclude signatures in published artifacts.
skipStringOrBoolTemplate-conditional skip: if rendered result is "true", skip this publisher. Accepts bool or template string (e.g. "{{ if .IsSnapshot }}true{{ endif }}"). Accepts the legacy disable: spelling via serde alias for back-compat.
templated_extra_fileslist of TemplatedExtraFileExtra files whose contents are rendered through the template engine before publishing. Unlike extra_files which copy as-is, template variables like {{ Tag }} are expanded.

release

FieldTypeDefaultDescription
discussion_category_namestringGitHub Discussion category name for the release.
draftboolWhen true, create the release as a draft (unpublished).
excludelist of stringGlob patterns matched against each release asset's file name; anodizer drops any asset whose name matches at least one glob before attaching it to THIS GitHub release only (a mirror configured elsewhere is unaffected). Use it to keep heavy sidecars (checksums, signatures, SBOMs) off the GitHub release while archives still attach. Composes with ids: (both filters apply). None/empty keeps everything.

yaml release: github: { owner: my-org, name: my-repo } exclude: ["*.sha256", "*.sig", "*.cdx.json"] | | extra_files | list of ExtraFileSpec | — | Extra files to upload to the release beyond build artifacts.

Paths / globs are resolved relative to the project root. .. segments are accepted, so an entry like ../sibling/dist/* will reach outside the project tree — security-conscious users should keep the entries inside the repo or canonicalise them before invoking the release pipeline. | | footer | ContentSource | — | Text appended to the release body (inline string, from_file, or from_url). | | gitea | ScmRepoConfig | — | Gitea repository to release to (owner and name). | | github | ScmRepoConfig | — | GitHub repository to release to (owner and name). | | gitlab | ScmRepoConfig | — | GitLab repository to release to (owner and name). | | header | ContentSource | — | Text prepended to the release body (inline string, from_file, or from_url). | | ids | list of string | — | Artifact IDs filter for uploads. Release-wide artifacts (checksums, source archive, extra files, metadata) always upload regardless of the filter, and derived artifacts (signatures, certificates, SBOMs) inherit the verdict of the artifact they derive from — a signature uploads iff the artifact it signs uploads. | | include_meta | bool | — | Upload metadata.json and artifacts.json as release assets. | | make_latest | object | — | Mark release as latest: true, false, or "auto" (latest non-prerelease). | | mode | string | — | Release mode: "keep-existing", "append", "prepend", or "replace". | | name_template | string | — | Release title template (supports templates). | | on_failure | OnFailureConfig | — | In-process failure policy: what anodizer release does after a release-pipeline failure. rollback (default) deletes the run's release tag(s) and reverts the version-bump commit so the same version can be re-cut; hold leaves everything in place for forensics and manual recovery (release --rollback-only --from-run=<id>). rollback automatically degrades to hold the moment any one-way-door (Submitter) publisher has landed: the version is burned at a registry that never accepts it twice, so destructive rollback is refused and fix-forward is the only path. Root-level policy — in workspace configs (lockstep or per-crate) the top-level release.on_failure governs the whole run; setting it in a crate-level release: block is rejected at config load (validate_on_failure_root_only). | | prerelease | object | — | Mark release as pre-release: true, false, or "auto" (inferred from tag). | | provider | ForceTokenKind | — | Explicit publish target — the SCM provider whose release.<provider> block the publisher uses. When set, overrides the implicit token-type fallback chain in [crate::scm::resolve_token_type].

Use this for cross-platform publishing pattern: source repo on one provider (e.g. GitLab) but releases land on another (e.g. GitHub). Without it, the publish target is inferred from which *_TOKEN env-var is set — fine for single-provider setups but ambiguous when both tokens are available.

yaml release: provider: github github: owner: my-org name: my-app | | replace_existing_artifacts | bool | — | When true, replace existing release artifacts with the same name. | | replace_existing_draft | bool | — | When true, replace an existing draft release instead of failing. | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: true — a failure here aborts the release. Set to false to log failures but continue. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip the release stage. Accepts bool or template string (e.g. "{{ if IsSnapshot }}true{{ endif }}" for conditional skip). Template strings are supported here. Accepts the legacy disable: spelling via serde alias for back-compat with imported configs (the legacy disable: spelling). | | skip_upload | StringOrBool | — | Skip uploading artifacts: true, false, or "auto" (skip for snapshots). Accepts bool or template string. | | tag | string | — | Override the release tag (template string). When set, this tag is used as the tag_name in the GitHub release API instead of the crate's tag_template. Useful in monorepo setups to strip a tag prefix (e.g. "{{ Tag }}" to publish v1.0.0 instead of myapp/v1.0.0). A cross-platform publishing feature provided for free by anodizer. | | target_commitish | string | — | Target branch or SHA for the release tag. | | templated_extra_files | list of TemplatedExtraFile | — | Extra files whose contents are rendered through the template engine before upload. Unlike extra_files which copy as-is, template variables like {{ Tag }} are expanded.

Same path-traversal caveat as extra_files: .. segments reach outside the project tree. | | upload_concurrency | integer | — | Maximum number of asset-upload requests in flight simultaneously.

GitHub's secondary rate-limit is triggered by burst traffic. Keeping this value low avoids tripping the limit even for releases with many artifacts. Default: 4. Override at runtime with ANODIZER_GITHUB_UPLOAD_CONCURRENCY. | | upload_pace | HumanDuration | — | Minimum interval between successive asset-upload starts (a humantime string, e.g. "200ms", "1s", "0s").

This is a proactive pace that smooths the initial burst of upload requests, layered on top of [Self::upload_concurrency] (the concurrency cap) and the reactive secondary-rate-limit backoff. With the concurrency cap alone, the first N uploads fire in the same instant — exactly the burst pattern that trips GitHub's secondary rate limit. Spacing each upload's start by this interval (with ±20% jitter so concurrent releases don't synchronise) makes the burst far less likely to trip the limit in the first place.

Default: "200ms" — at the default concurrency of 4 this caps the initial start rate at ~5/s, which is below the burst threshold yet adds negligible wall-clock to a normal release (upload time is dominated by transfer, not start-spacing). Set to "0s" to disable pacing entirely (rely on the concurrency cap + reactive backoff). Override at runtime with ANODIZER_GITHUB_UPLOAD_PACE_MS (integer milliseconds; 0 disables). | | use_existing_draft | bool | — | Reuse an existing draft release instead of creating a new one. |

retry

User-facing retry configuration block (retry: at config root).

All fields are optional in YAML; missing fields fall back to the defaults (10 attempts, 10s base delay, 5m cap).

FieldTypeDefaultDescription
attemptsinteger10Total attempts (including the first). Default 10. Values < 1 are clamped up to 1 by the policy layer.
delayHumanDuration10sInitial delay before the second attempt. Default 10s. Subsequent delays grow exponentially (delay × 2^(n-2)) up to [Self::max_delay].
max_delayHumanDuration5mUpper bound on any individual sleep between attempts. Default 5m. Without this cap, an exponential backoff with delay=10s would stretch attempt 9 to ~42 minutes.

sboms

FieldTypeDefaultDescription
argslist of stringCommand-line arguments (supports templates and $artifact, $document vars).
artifactsstringWhich artifacts to catalog: "source", "archive", "binary", "package", "diskimage", "installer", "any" (default: "archive").
cmdstringCommand to run for SBOM generation (default: "syft").
documentslist of stringOutput document path templates (supports templates).
envlist of stringEnvironment variables to pass to the command, as KEY=VALUE strings. Order is preserved. Values are template-rendered before being set.
idstringUnique identifier for this SBOM config (default: "default").
idslist of stringFilter by artifact IDs (ignored if artifacts="source").
skipStringOrBoolSkip this SBOM config. Accepts bool or template string. Accepts the legacy disable: spelling via serde alias for back-compat.

schemastore

Top-level schemastore: block. Shared fields here are defaults for every entry in schemas; a per-entry field overrides them (cascade).

FieldTypeDefaultDescription
commit_authorCommitAuthorConfigCommit author for the SchemaStore commit (defaults to git config).
ifstringTera condition; when it renders falsy the publisher is skipped.
repositoryRepositoryConfigFork of SchemaStore/schemastore to push branches to and open the PR from.
retain_on_rollbackboolWhen true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false.
schemaslist of SchemaEntry[]The schema entries to register/refresh.
skipStringOrBoolSkip the whole publisher. Alias: disable.
versionedboolDefault for SchemaEntry::versioned.

signs

FieldTypeDefaultDescription
argslist of stringArguments passed to the signing command (supports templates with ${artifact} and ${signature}).
artifactsstringArtifact types to sign: "all", "archive", "binary", "checksum", "package", "sbom" (default: "none").
authenticodeAuthenticodeConfigAuthenticode (Windows PE/MSI) signing backend. When set, this sign config signs Windows artifacts in place via osslsigncode (Linux/cross) or signtool (Windows) instead of producing a detached cosign/gpg signature. The signing command, argv, timestamp URL, and artifact selector are all derived; supply only the cert (a secret).
certificatestringCertificate file to embed in the signature (Cosign bundle signing).
cmdstringSigning command to invoke (default: "cosign" or "gpg").
envlist of stringEnvironment variables passed to the signing command.
idstringUnique identifier for this sign config.
idslist of stringBuild IDs filter: only sign artifacts from builds whose id is in this list.
ifstringTemplate-conditional: skip this sign config if rendered result is "false" or empty.
outputStringOrBoolCapture and log stdout/stderr of the signing command. Accepts bool or template string (e.g., "{{ IsSnapshot }}").
signaturestringSignature output filename template (supports templates).
stdinstringContent written to the signing command's stdin.
stdin_filestringPath to a file whose content is written to the signing command's stdin.

snapshot

FieldTypeDefaultDescription
version_templatestringVersion string template for snapshot builds (e.g., "{{ Commit }}-SNAPSHOT"). Accepts the deprecated name_template: alias (renamed to version_template): a non-empty name_template is folded into version_template. A deprecation warning is emitted at config-load time when the alias is hit (see apply_snapshot_legacy_aliases).

source

FieldTypeDefaultDescription
enabledboolWhen true, generate a source code archive for the release.
fileslist of SourceFileEntry[]Extra files to include in the source archive. Accepts strings (glob patterns) or objects with src/dst/info.
formatstringArchive format for the source tarball: tar.gz, tgz, tar, or zip (default: tar.gz).
name_templatestringFilename template for the source archive (supports templates).
prefix_templatestringPrefix prepended to all paths inside the archive (supports templates). Defaults to name_template value. Use this to set a different prefix than the archive name.

srpms

FieldTypeDefaultDescription
binsmapMap of binary name → install path declared in the spec's %files section. Each entry tells the generated .spec which installed file the package owns. When omitted, each binary produced by the build for this crate defaults to %{_bindir}/<name> (i.e. /usr/bin/<name>, the RPM-idiomatic location for a built binary). Provide this only to override the install path or to declare extra owned paths. Stored as a BTreeMap so the emitted %files section iterates in deterministic key order.
build_hoststringOverride the build host recorded in the RPM header. Useful for reproducible builds where the actual hostname leaks build-env detail.
compressionstringCompression algorithm (gzip, xz, zstd, none).
contentslist of NfpmContentAdditional contents to include in the source RPM. Shares the unified [NfpmContent] type with nFPM contents; SRPM-style source: / destination: / type: keys are accepted via serde aliases.
descriptionstringPackage description.
docslist of stringDocumentation files to include.
enabledboolEnable source RPM generation. Default: false.
epochstringRPM epoch.
file_name_templatestringOutput filename template.
groupstringRPM group.
licensestringLicense identifier.
license_file_namestringLicense file name to include.
maintainerstringPackage maintainer.
package_namestringPackage name (default: project_name).
packagerstringRPM packager field.
posttransstring%posttrans scriptlet — executed after all packages in the transaction have been installed. Path to a script file.
prefixeslist of stringFilesystem prefixes the package may install to (RPM Prefix: tag). Each entry becomes one Prefix: directive — relocatable RPMs need at least one prefix declared.
prereleasestringPrerelease suffix appended to the version (e.g. rc1, beta2). Prerelease component of the package version.
pretransstring%pretrans scriptlet — executed on the package transaction before any package in the transaction is installed. Path to a script file.
sectionstringRPM section.
signatureNfpmSignatureConfigRPM signature configuration. Shares the unified [NfpmSignatureConfig] type with nFPM.
skipStringOrBoolSkip this config. Accepts bool or template string.
spec_filestringPath to the RPM spec file template.
summarystringSummary line.
urlstringHomepage URL.
vendorstringPackage vendor.
version_metadatastringBuild metadata appended to the version (e.g. git commit hash). Version-metadata component of the package version.

tag

FieldTypeDefaultDescription
branch_historystringBranch history mode for determining the previous tag: "full" or "last".
bump_minor_pre_majorboolWhile the current major version is 0, demote a conventional breaking change (feat!: / BREAKING CHANGE) from a major bump to a minor bump (e.g. 0.5.00.6.0 instead of 1.0.0). Honors the SemVer rule that anything may change in the 0.y.z range. An explicit #major/#minor token, a custom_tag, or a manually-ahead Cargo.toml version always wins over this demotion. No-op once a real tag reaches 1.x. Default false.
bump_patch_for_minor_pre_majorboolWhile the current major version is 0, demote a conventional feature (feat:) from a minor bump to a patch bump (e.g. 0.5.00.5.1 instead of 0.6.0). Independent of bump_minor_pre_major. An explicit token / custom_tag / ahead Cargo.toml always wins. No-op at 1.x. Default false.
custom_tagstringCustom version tag to use instead of auto-incrementing.
default_bumpstringDefault bump when a commit range carries no explicit # token and no conventional-commit marker: "major", "minor", "patch", or "none". Defaults to "none" — a range of only chore/docs/style/refactor/test/ build/ci commits produces no release (the conventional-commit contract). Set "patch"/"minor" to cut a release on every range regardless of type.
force_without_changesboolWhen true, create a new tag even if no commits have changed since the last tag.
force_without_changes_preboolLike force_without_changes but only for pre-release versions.
git_api_taggingboolWhen true, use the GitHub/GitLab API for tagging instead of git CLI.
initial_versionstringVersion string to use when no previous tag exists (default: "0.1.0").
major_string_tokenstringConventional commit token triggering a major bump (default: "major").
minor_string_tokenstringConventional commit token triggering a minor bump (default: "minor" or "feat").
none_string_tokenstringConventional commit token suppressing a version bump entirely (default: "none").
patch_string_tokenstringConventional commit token triggering a patch bump (default: "patch" or "fix").
prereleaseboolWhen true, apply a pre-release suffix to the generated version.
prerelease_suffixstringSuffix appended to pre-release versions (e.g., "beta").
pushboolWhen true, anodizer tag also pushes the version-sync bump commit to the release branch (atomically with the tag), not just the tag. CLI --push / --no-push override this. Default false preserves the "push the tag, inspect the branch locally before pushing" workflow.
release_brancheslist of stringBranch name patterns (supports wildcards) that trigger releases (default: ["master", "main"]).
skip_ci_on_bumpboolAppend [skip ci] to the version-sync bump commit subject.

Off by default. Only enable with a workflow_run-triggered release workflow: [skip ci] on the bump commit (which becomes the tag target) ALSO suppresses an on: push: tags: release trigger, so enabling this with a tag-push-triggered release silently skips the release. Leave off for the tag-push pattern; enable for the workflow_run pattern to skip the (already crate-gated, harmless) redundant CI re-run. | | tag_context | string | — | Source for determining the previous tag: "repo" (default) or "branch". | | tag_post_hooks | list of HookEntry | — | Commands to run after anodizer tag successfully creates and pushes the tag. Env and template vars same as tag_pre_hooks. | | tag_pre_hooks | list of HookEntry | — | Commands to run before anodizer tag creates the tag. Useful for updating lockfiles or committing sibling changes that must be part of the tagged commit. Env: ANODIZER_CURRENT_TAG, ANODIZER_PREVIOUS_TAG are set; template vars {{ Tag }}, {{ PreviousTag }}, {{ Version }}, {{ PrefixedTag }} are available. | | tag_prefix | string | — | Prefix prepended to version tags (e.g., "v" produces "v1.2.3"). | | verbose | bool | — | When true, print verbose tag calculation output. |

template_files

Configuration for a template file that is rendered through the template engine and placed in the dist directory as a release artifact.

All rendered template files are uploaded to the release by default. Both src and dst paths support template rendering.

FieldTypeDefaultDescription
dststringDestination filename, prefixed with the dist directory. Templates: allowed.
idstringIdentifier for this template file entry (default: "default").
modestringFile permissions in octal notation as a string, e.g. "0755" (default: "0655"). Parsed at runtime via parse_octal_mode() to avoid YAML interpreting as decimal.
skipStringOrBoolSkip this entry when truthy. Accepts a literal bool or a Tera template that renders to "true"/"false" (e.g. '{{ if eq .Os "windows" }}true{{ end }}'). Mirrors the per-entry skip: pattern used by ChangelogConfig, ChecksumConfig, and the publishers.
srcstringSource template file path. The file contents are rendered through the template engine. Templates: allowed (in path itself).

uploads

FieldTypeDefaultDescription
checksumboolInclude checksums in uploaded artifacts.
checksum_headerstringHeader name for the SHA256 checksum of the artifact.
client_x509_certstringPath to PEM-encoded client X.509 certificate for mTLS.
client_x509_keystringPath to PEM-encoded client X.509 key for mTLS.
custom_artifact_nameboolWhen true, use the artifact name as-is (don't append to target URL).
custom_headersmapCustom HTTP headers (each value is template-expanded).
excludelist of stringGlob patterns matched against each artifact's file name; anodizer drops any artifact whose name matches at least one glob from THIS upload target only. Use it to keep heavy sidecars (checksums, signatures, SBOMs) off a given endpoint while archives still upload. Composes with ids: and exts: (all filters apply). None/empty keeps everything.

yaml uploads: - name: mirror target: "https://mirror.example.com/{{ .ArtifactName }}" exclude: ["*.sha256", "*.sig", "*.cdx.json"] | | extra_files | list of ExtraFileSpec | — | Extra files to include in uploading. | | extra_files_only | bool | — | Upload only extra files, skip normal artifacts. | | exts | list of string | — | File extension filter: only upload artifacts with these extensions. | | ids | list of string | — | Build IDs filter: only upload artifacts whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the upload is skipped. Render failure hard-errors. The uploads[].if: conditional gate. | | meta | bool | — | Include metadata artifacts in uploaded artifacts. | | method | string | — | HTTP method: PUT or POST (default: PUT). | | mode | string | — | Upload mode: "archive" (default) or "binary". | | name | string | — | Human-readable name for this upload config. | | overwrite | bool | — | Re-upload an artifact even when an identical one already exists at the target path (default: false).

With the default, a re-run that finds the same version's artifact already uploaded with a matching SHA-256 records an idempotent SKIP rather than re-PUTting it — so re-running a partially-failed release is safe. A path that already holds a different artifact for the same version still hard-errors (immutable-version drift) unless overwrite is set. With overwrite: true, every artifact is PUT unconditionally. | | password | string | — | Password for HTTP basic auth.

Strongly prefer {{ Env.UPLOAD_PASSWORD }} (or any other env-var template) over an in-config literal — plaintext values here are NOT redacted from dry-run output and will land in dist/config.yaml when the pipeline runs with --dry-run / --snapshot. Resolution order: rendered password template → env UPLOAD_{NAME}_SECRET. Password-resolution cascade. | | required | bool | — | Override whether this upload failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this upload's artifacts in place rather than issuing a server-side DELETE. Default false. | | signature | bool | — | Include signatures in uploaded artifacts. | | skip | StringOrBool | — | Skip condition template (if rendered to "true", skip this upload). | | target | string | — | Target URL template (supports template variables like {{ ProjectName }}, {{ Version }}). | | trusted_certificates | string | — | Path to PEM-encoded trusted CA certificates. | | username | string | — | Username for HTTP basic auth. Resolution order: rendered username template → env UPLOAD_{NAME}_USERNAME. Set this to a literal value or a {{ Env.X }} template. |

upx

FieldTypeDefaultDescription
argslist of string[]Extra arguments passed to UPX (e.g., ["-9", "--brute"]).
binarystringupxUPX executable path or name (default: "upx").
bruteboolUse brute-force compression (--brute flag). Very slow but produces smallest output.
compressstringUPX compression level string (e.g., "1"-"9", "best"). Maps to --compress flag.
enabledStringOrBoolWhether to compress binaries with UPX. Accepts a bool or a template string that evaluates to a bool.
idstringUnique identifier for this UPX config.
idslist of stringBuild IDs filter: only compress binaries from builds whose id is in this list.
lzmaboolUse LZMA compression (--lzma flag).
requiredboolfalseWhen true, fail the build if UPX is not found.
targetslist of stringTarget triples to compress binaries for (empty means all targets).

verify_release

Top-level verify_release: block.

See the module-level docs for the verification lifecycle. The gate is a no-op unless enabled: true.

FieldTypeDefaultDescription
assert_assetsbooltrueAssert that every produced artifact has a matching uploaded asset on the published release, and that every signature / certificate / SBOM asset the resolved signs: / sboms: config demands exists there too (derived from config + the artifact set, so a sign or SBOM stage that silently produced nothing still fails the gate with the exact missing names; intentional skips — if: falsy, skip: truthy, --skip=sign — create no expectations). Default true (no extra config: anodizer already knows the produced set and can fetch the release's asset list). Independent of Docker and the network smoke-test.
enabledboolfalseWhether to run the post-release verification gate at all. Default false — the gate is opt-in because it needs the published release to already exist (it runs after publish) and, for install-smoke, a Docker daemon.
glibc_ceilingstringglibc version ceiling, e.g. "2.36". When any glibc-linked .deb requires a glibc NEWER than this floor, the gate reports it and exits non-zero. None (the default) disables the libc check entirely. musl binaries have no glibc requirement and are skipped.
install_smokeInstallSmokeConfigPer-package install smoke-test images. When None, smoke-testing is off. When present, each package type that produced an artifact is installed in its (configured or default) container and <bin> --version is run.

workspaces

A workspace represents an independent project root within a monorepo. Each workspace has its own crates, changelog, and release configuration, allowing independently-versioned components that aren't Cargo workspace members.

FieldTypeDefaultDescription
afterHooksConfigHooks run after this workspace's pipeline completes.
beforeHooksConfigHooks run before this workspace's pipeline starts.
binary_signslist of SignConfig[]Binary-specific signing configs (same shape as signs but only for binary artifacts). The artifacts field on each entry is constrained at parse time to binary / none (or omitted) — a broader filter on binary_signs would silently match nothing because the loop only iterates Binary artifacts. Constraint lives in deserialize_binary_signs.
changelogChangelogConfigChangelog configuration for this workspace.
crateslist of CrateConfig[]Crates belonging to this workspace.
envlist of stringEnvironment variables scoped to this workspace.

List of KEY=VALUE strings. Order is preserved. Values are template-rendered at pipeline startup. | | name | string | — | Workspace identifier used in logs and template variables. | | signs | list of SignConfig | [] | Signing configurations for binaries, archives, and checksums. | | skip | list of string | [] | Pipeline stages to skip when releasing this workspace. Stage names match the CLI --skip flag (e.g., announce, publish). |

crates[].dockers_v2

Docker V2 configuration — the canonical Docker build API.

Notable surface: - images + tags (cleaner separation than a single image_templates list) - annotations map for OCI annotations (--annotation) - build_args map for build-time variables - skip as a [StringOrBool] template for conditional opt-out - sbom as a [StringOrBool] — when truthy, adds --sbom=true to buildx - flags for arbitrary extra docker build flags - platforms is the only target selector — no per-arch field overrides

FieldTypeDefaultDescription
annotationsmapOCI annotations to apply via --annotation key=value flags.
build_argsmapBuild arguments passed as --build-arg KEY=VALUE.

Each value is template-expanded and forwarded verbatim to buildx (one argv token per pair, no shell tokenization). Prefer {{ Env.VAR }} over raw user-config strings for secrets — buildx records build-args in image history by default, so plaintext values here propagate into the image metadata. | | dockerfile | string | — | Path to the Dockerfile relative to the project root. | | extra_files | list of string | — | Extra files to copy into the Docker build context. | | flags | list of string | — | Arbitrary extra flags passed to the docker build command. | | hooks | BuildHooksConfig | — | Pre/post hooks for this dockers_v2 config. Each hook accepts the same cmd/dir/env/output shape as build/archive hooks. pre hooks run after the staging directory is prepared but before docker buildx build; post hooks run after the image digest is captured. Hook commands, working directories, and env values are template-expanded; in addition to the standard template surface, hooks see:

  • {{ Images }} — list of image:tag references for this build. Iterate via {% for img in Images %}{{ img }}{% endfor %} to mirror a list exposure of the same field; {{ Images \| join(sep=",") }} reproduces a flat comma-separated string for legacy templates. - {{ Dockerfile }} — path to the rendered Dockerfile - {{ ContextDir }} — path to the buildx context staging directory - {{ Digest }} — image manifest digest (post hooks only) - {{ BaseImage }} / {{ BaseImageDigest }} — final-stage base image (the BaseImage / BaseImageDigest overlay) | | id | string | — | Unique identifier for this Docker V2 config. | | ids | list of string | — | Build IDs filter: only include binary artifacts whose metadata id is in this list. | | images | list of string | [] | Base image names (e.g., ["ghcr.io/owner/app"]). Combined with tags to form full references. | | labels | map | — | OCI labels to apply to the image via --label key=value flags. | | oci_labels | StringOrBool | — | Auto-inject the standard predefined org.opencontainers.image.* labels (created, source, revision, version, title, description, licenses, url, documentation, vendor), derived from project/git/Cargo context. Default ON; set oci_labels: false to opt out. Each auto-label is emitted only when its value is derivable, and any key the user also supplies in labels: wins (the auto value never clobbers an explicit user label). created is derived from SOURCE_DATE_EPOCH for byte-reproducibility (never wall-clock) and is omitted when no reproducible source date is resolvable. | | platforms | list of string | — | Target platforms for multi-arch builds (e.g., ["linux/amd64", "linux/arm64"]). | | retry | DockerRetryConfig | — | Retry configuration for docker push operations. | | sbom | StringOrBool | — | When truthy, adds --sbom=true to buildx. Supports templates. | | skip | StringOrBool | — | When truthy, skip this docker build entirely. Supports templates. Accepts the legacy disable: spelling via serde alias for back-compat. | | tags | list of string | [] | Tag suffixes (e.g., ["latest", "{{ Version }}"]). Each image is tagged with each tag. | | use | string | — | Docker backend for build commands: "buildx" (default) or "podman".

The default "buildx" invokes docker buildx build with the full set of BuildKit features (multi-platform, attestations, --rewrite-timestamp, SBOM, OCI exporter). Setting use: podman swaps the binary to podman build and disables every buildx-only flag — anodizer rejects configs that mix use: podman with sbom: true, --rewrite-timestamp, --provenance, --attest, --cache-from, --cache-to, --output, or --sbom because plain podman does not recognise them.

Linux-only. The podman backend is restricted to Linux hosts. Configs setting use: podman on macOS or Windows fail at config-validation time with a clear error rather than blowing up later when podman is not on PATH. |

crates[].docker_manifests

Deprecated: prefer dockers_v2 (which produces multi-arch manifests via the platforms: field automatically). DockerManifestConfig is retained for back-compat with imported configs and for the niche case of stitching together manifest lists from images that were not built by dockers_v2 in the same run.

The v1 docker / docker manifest pipes deprecated in favour of the v2 buildx flow. The rustdoc here is the load-bearing surface for the deprecation: it flows into the schemars-generated JSON Schema (consumed by IDEs / editor tooling) and rustdoc HTML, both of which are how downstream config authors discover that the v2 pipe is the preferred entry point.

FieldTypeDefaultDescription
create_flagslist of stringExtra flags for docker manifest create.
idstringUnique identifier for this manifest config.
image_templateslist of string[]Image references to include in the manifest.
name_templatestringTemplate for the manifest name, e.g. "ghcr.io/owner/app:{{ Version }}".
push_flagslist of stringExtra flags for docker manifest push.
retryDockerRetryConfigRetry configuration for manifest push (handles transient registry errors).
skip_pushobjectSkip push: true, false, or "auto" (skip for prereleases).
usestringDocker backend for manifest commands: "docker" (default) or "podman". The "podman" backend is Linux-only (per Pro): configs on macOS or Windows fail at config-validation time with a clear error rather than blowing up later when podman is not on PATH.

crates[].docker_digest

Controls docker image digest file creation.

After each docker image push, a digest file (containing the sha256 digest) is written to the dist directory. This config controls whether that happens and how the files are named.

FieldTypeDefaultDescription
name_templatestringTemplate for the digest artifact filename. Default: tag-based naming (e.g., "ghcr.io_owner_app_v1.0.0.digest").
skipStringOrBoolWhen truthy, disable docker digest artifact creation. Accepts the legacy disable: spelling via serde alias for back-compat.

crates[].nfpms

FieldTypeDefaultDescription
amd64_variantlist of stringamd64 microarchitecture variant filter (["v1"], ["v2", "v3"], etc.), set via the amd64_variant: key. When set, only amd64 binaries with amd64_variant matching one of the listed values are included. The legacy goamd64: spelling is accepted via serde alias for back-compat with imported configs. When unset, all amd64 variants are included (no filtering).
apkNfpmApkConfigAPK-specific configuration.
archlinuxNfpmArchlinuxConfigArchlinux-specific configuration.
bin_aliasstringRename the installed binary inside the package only.

When set, the auto-emitted binary content entry is installed under this name (in bindir) instead of the built file's name; the archive/build output is untouched. Use this to resolve Debian/RPM name clashes — e.g. fd ships its binary as fdfind in the Debian package while the tarball keeps fd. Templated. | | bindir | string | — | Installation directory for binaries (default: /usr/bin). | | changelog | string | — | Path to a YAML-format changelog file for deb/rpm packages. | | conflicts | list of string | — | Packages this package conflicts with. | | contents | list of NfpmContent | — | Files to include in the package beyond the main binary. | | deb | NfpmDebConfig | — | Deb-specific configuration. | | dependencies | map | — | Runtime package dependencies keyed by format (e.g., {"deb": ["libc6"], "rpm": ["glibc"]}). | | description | string | — | Package description (multiline supported). | | epoch | string | — | Package epoch for versioning (integer as string). | | file_name_template | string | — | Package filename template (supports templates). | | formats | list of string | [] | Package formats to produce: deb, rpm, apk, archlinux (at least one required). | | homepage | string | — | Project homepage URL. | | id | string | — | Unique identifier for cross-referencing this nFPM config. | | ids | list of string | — | Build IDs filter: only include artifacts from builds whose id is in this list. Accepts the deprecated builds: spelling via serde alias for back-compat with imported configs (the legacy builds key marked deprecated, aliasing ids). | | if | string | — | Template-conditional: skip this nfpm config if rendered result is "false" or empty. Conditional-skip gate. | | ipk | NfpmIpkConfig | — | IPK-specific configuration (OpenWrt packages). | | libdirs | NfpmLibdirs | — | CGo library installation directories (header, carchive, cshared). | | license | string | — | SPDX license identifier (e.g., "MIT", "Apache-2.0"). | | maintainer | string | — | Package maintainer in "Name " format. | | meta | bool | — | Whether this is a meta-package (no files, only dependencies). | | mtime | string | — | Default modification time for files in the package. | | overrides | map | — | Per-format setting overrides (e.g., {"deb": {compression: "xz"}}). | | package_name | string | — | Package name (defaults to crate name). | | prerelease | string | — | Prerelease version suffix. | | priority | string | — | Package priority (e.g. "optional", "required"). | | provides | list of string | — | Virtual packages provided by this package. | | recommends | list of string | — | Packages recommended (soft dependency) by this package. | | release | string | — | Package release number. | | replaces | list of string | — | Packages this package replaces (for upgrade paths from old package names). | | rpm | NfpmRpmConfig | — | RPM-specific configuration. | | scripts | NfpmScripts | — | Package lifecycle scripts (preinstall, postinstall, preremove, postremove). | | section | string | — | Package section (e.g. "utils", "devel"). | | suggests | list of string | — | Packages suggested (weaker than recommends) by this package. | | templated_contents | list of NfpmContent | — | Extra file contents whose source files are Tera-rendered before packaging. Each entry mirrors contents; the difference is that at stage time the file at src is read, rendered through the template engine, written to a temp file, and then included in the package at dst using the temp file as the real source. Useful for shipping config files with templated values (version, commit, maintainer, etc.). | | templated_scripts | NfpmScripts | — | Lifecycle scripts whose script-file bodies are Tera-rendered before packaging Each path is read, rendered through the template engine, written to a temp file, and used as the real script. If a field is set on both scripts and templated_scripts, the templated version wins. | | umask | integer | — | File permission umask. Accepts a YAML int (18), an octal-prefixed string ("0o022"), or a leading-zero octal string ("022"). | | vendor | string | — | Package vendor name — the distributing entity recorded in the rpm/deb Vendor field. When unset, derived from the crate's first Cargo.toml [package].authors entry with any <email> suffix stripped (e.g. "Ada Lovelace <ada@x>""Ada Lovelace"). | | version_metadata | string | — | Version metadata (e.g. git commit hash). |

crates[].publish

FieldTypeDefaultDescription
aurAurConfigAUR (Arch User Repository) binary package publishing configuration.
aur_sourceAurSourceConfigAUR source package publishing configuration (source-only PKGBUILD, not -bin).
cargoCargoPublishConfigPublish to crates.io. Presence opts in; use cargo: { skip: true } to opt out.
chocolateyChocolateyConfigChocolatey package publishing configuration.
homebrewHomebrewConfigHomebrew formula publishing configuration.
homebrew_caskHomebrewCaskConfigHomebrew Cask publishing configuration (macOS .app bundles).

Uses the unified HomebrewCaskConfig which carries all fields from both the per-crate cask config and the top-level homebrew_casks: config. | | krew | KrewConfig | — | Krew (kubectl plugin manager) manifest publishing configuration. | | nix | NixConfig | — | Nix derivation publishing configuration. | | on_error | list of HookEntry | — | Hooks that fire once per FAILED publisher, after rollback has been attempted. Each entry is a standard hook (cmd / dir / env / output); the template surface adds {{ .Publisher }}, {{ .Error }}, {{ .Version }}, {{ .Tag }}, {{ .Group }} (Assets/Manager/Submitter), {{ .Required }}, and {{ .RolledBack }} — true if any publisher was rolled back (or rollback was attempted and failed) during this run. The same values are also exported to the hook process as environment variables: ANODIZER_PUBLISHER, ANODIZER_ERROR, ANODIZER_VERSION, ANODIZER_TAG, ANODIZER_GROUP, ANODIZER_REQUIRED, ANODIZER_ROLLED_BACK. A hook's own failure is logged as a warning and never changes the release outcome.

Security: the rendered cmd string is parsed by sh -c, and {{ .Error }} carries untrusted remote text (HTTP error bodies, git stderr) — interpolating it into cmd lets crafted error content break quoting and execute. Read untrusted values from the env vars instead ($ANODIZER_ERROR), and pass anodizer notify --raw so the text is sent literally rather than Tera-rendered. The outbound notification body is secret-redacted by default, so a secret reference smuggled into the error body is masked (sent as $NAME) even without --raw; --raw stays recommended because it avoids re-rendering already-final text and keeps untrusted content out of the shell-parsed cmd string:

yaml publish: on_error: - cmd: 'anodizer notify --raw "anodizer: $ANODIZER_PUBLISHER failed @ $ANODIZER_VERSION: $ANODIZER_ERROR"' | | scoop | ScoopConfig | — | Scoop manifest publishing configuration. | | winget | WingetConfig | — | WinGet manifest publishing configuration. |

crates[].publish.cargo

cargo publish flag surface.

Presence under publish: opts the crate in; use skip: true (or a truthy template) to opt out. There is no enabled field — presence is the on-switch.

Fields intentionally omitted because anodizer owns them: - --package / --workspace / --exclude: the top-level crates[] axis owns crate selection. - --dry-run: pipeline-level CLI ergonomics (anodizer release --dry-run). - -v / -q / --color: CLI ergonomics, not config. - --config / -Z: cargo CLI escape hatches; out of scope.

FieldTypeDefaultDescription
all_featuresboolActivate every feature, including default (--all-features).
allow_dirtyboolAllow publishing with an uncommitted working tree (--allow-dirty).
featureslist of stringCrate features to activate (--features).
frozenboolBoth --locked and --offline (--frozen).
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the cargo publisher is skipped. Render failure hard-errors. Config key: the publisher's if:.
indexstringRegistry index URL (--index).
index_timeoutintegerSeconds to wait for the crates.io sparse index to publish a crate before its dependents are pushed (anodizer-original — no cargo publish equivalent).
jobsintegerNumber of parallel compile jobs for verification (--jobs).
keep_goingboolContinue on errors when verifying multiple crates (--keep-going).
lockedboolRequire an up-to-date Cargo.lock matching the resolver (--locked).
manifest_pathstringPath to the crate's Cargo.toml (--manifest-path).
no_default_featuresboolDisable the default feature set (--no-default-features).
no_verifyboolSkip the local cargo build --release verification step (--no-verify).
offlineboolRequire offline resolution; never hit the network (--offline).
registrystringAlternate registry name from ~/.cargo/config.toml (--registry).
requiredboolOverride whether this publisher failing should fail the overall release.

Default: true — a failure here aborts the release. Set to false to log failures but continue. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip this publisher; supports template strings or bool. Truthy renders disable the publisher without removing the block. | | target | string | — | Build target triple for the verification step (--target). | | target_dir | string | — | Override the cargo target directory (--target-dir). | | wait_for_workspace_deps | WaitForWorkspaceDepsConfig | — | Pre-publish gate that polls crates.io for every workspace-internal dep of the crate being published, blocking until each is queryable at its expected version. Required for multi-tag-multi-crate workspaces (e.g. cfgd) where per-crate tags fire independent Release.yml runs that would otherwise race the sparse-index propagation.

Single-crate workspaces and lockstep-bumped monorepos (anodizer itself) leave this off — there is no inter-tag race to gate on. |

crates[].publish.homebrew

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
arm_variantstringARM version filter (e.g. "6", "7"). Only artifacts matching this variant are included.
caskHomebrewCaskConfigHomebrew Cask configuration (macOS .app bundles).
caveatsstringPost-install user-facing notes shown by brew info.
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template. Rendered via Tera with the standard release template variables (ProjectName, Tag, Version, etc.). Default: "Brew formula update for {{ ProjectName }} version {{ Tag }}" (set in crates/stage-publish/src/homebrew.rs::default_commit_msg_template).
completionsHomebrewCaskCompletionsPrebuilt shell-completion file paths to install. When set, the formula emits bash_completion.install "<path>" / zsh_completion.install / fish_completion.install in its install block — the form used when the archive ships ready-made completion files.
conflictslist of HomebrewConflictConflicting formula names with optional reason.
custom_blockstringCustom Ruby code block inserted into the formula class body.
custom_requirestringRuby require statement for custom download strategies.
dependencieslist of HomebrewDependencyPackage dependencies (e.g. openssl, libgit2).
descriptionstringShort description of the formula (shown in brew info).
directorystringFormula directory in the tap (e.g. "Formula").
download_strategystringCustom download strategy class name (e.g. :using => GitHubPrivateRepositoryReleaseDownloadStrategy).
extra_installstringAdditional install commands appended after the main install block.
generate_completions_from_executableHomebrewCaskGeneratedCompletionsGenerate completions by running the installed binary at install time. Renders the modern homebrew-core idiom generate_completions_from_executable(bin/"<exe>", ...) in the install block. Preferred over completions when the binary can emit its own completions; the two are independent and may both be set.
homepagestringProject homepage URL. Falls back to the GitHub release URL when unset.
idslist of stringBuild IDs filter: only include artifacts whose id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Homebrew publisher is skipped. Render failure hard-errors. Config key: brews[].if:.
installstringRuby install block content for the formula.
licensestringSPDX license identifier (e.g., "MIT", "Apache-2.0").
livecheckHomebrewLivechecklivecheck stanza configuration for the formula. When unset, a binary tap formula emits livecheck { skip "Auto-generated on release." } to match the cask (the archive URL/sha are rewritten on every release, so brew livecheck cannot meaningfully poll). Set strategy: / regex:/url: to opt into active version detection instead.
manpageslist of stringManpage file paths to install into the formula's man1 (e.g. ["mytool.1"]). Each entry renders a man1.install "<path>" line in the install block, mirroring real Rust-CLI formulae (ripgrep, fd, bat). A path ending in .N (where N is 1–8) routes to the matching manN section; anything else defaults to man1.
namestringOverride the formula name (default: crate name).
pliststringLaunchd plist content for brew services.
post_installstringPost-install commands (separate def post_install block in formula).
repositoryRepositoryConfigUnified repository config with branch, token, PR, git SSH support. (Replaces the legacy tap: TapConfig owner/name-only form.)
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | service | string | — | Homebrew service block content (alternative to plist). | | skip_upload | StringOrBool | — | Skip publishing the formula. "true" always skips; "auto" skips for prerelease versions. Accepts bool or template string. | | test | string | — | Ruby test block content for the formula (run by brew test). | | url_headers | list of string | — | HTTP headers to include in download requests (e.g. for private repos). | | url_template | string | — | Custom URL template for download URLs (overrides release URL). |

crates[].publish.homebrew_cask

Unified Homebrew Cask configuration.

Used at both call-sites: - homebrew_casks: — top-level array; carries repository, commit_author, directory, ids, url, structured uninstall/zap, etc. - crates[].publish.homebrew_cask: — per-crate override; same shape, with url_template as the simpler URL alternative.

Fields from both original types are present; any field may be None at either call-site. The union avoids a two-type bifurcation while keeping both axes.

FieldTypeDefaultDescription
alternative_nameslist of stringAlternative cask names (aliases).
appstringmacOS .app bundle name (e.g. "MyApp.app").
binarieslist of HomebrewCaskBinaryBinary stubs to create in /usr/local/bin.

Each entry is either a bare string ("my-cli" → emits binary "my-cli") or a structured { name, target } object ({ name: "my-cli", target: "mycli" } → emits binary "my-cli", target: "mycli"). The target: form mirrors the Homebrew Ruby cask DSL for binary renames — without it, a wrapped binary installs at the wrong path. Cask binary entry. | | binary | string | — | Deprecated singular spelling of [Self::binaries]. The upstream replaced binary: foo with binaries: [foo]; this field captures the legacy spelling so imported configs keep parsing. apply_homebrew_cask_legacy_singulars folds the value into [Self::binaries] at config-load time and emits a one-time deprecation warning per occurrence. The field is excluded from serialization so a round-tripped config emits only the canonical plural form. | | caveats | string | — | Custom caveats shown after install. | | commit_author | CommitAuthorConfig | — | Commit author with optional signing. | | commit_msg_template | string | — | Custom commit message template. Default: "Brew cask update for {{ ProjectName }} version {{ Tag }}" | | completions | HomebrewCaskCompletions | — | Shell completion definitions. | | conflicts | list of HomebrewCaskConflictEntry | — | Conflicting casks or formulae. | | custom_block | string | — | Arbitrary Ruby code inserted into the cask block. | | dependencies | list of HomebrewCaskDependencyEntry | — | Cask dependencies (other casks or formulae). | | description | string | — | Cask description. | | directory | string | — | Subdirectory in the tap repo for cask placement (default: "Casks"). | | generate_completions_from_executable | HomebrewCaskGeneratedCompletions | — | Auto-generate shell completions from an executable. | | homepage | string | — | Project homepage URL. | | hooks | HomebrewCaskHooks | — | Pre/post install/uninstall hooks. | | ids | list of string | — | Build IDs filter: only include artifacts from builds whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Homebrew Cask config is skipped. Render failure hard-errors. Config key: homebrew_casks[].if:. | | license | string | — | License identifier (SPDX). | | livecheck | HomebrewLivecheck | — | livecheck stanza configuration for the cask. When unset, the cask emits livecheck do\n skip "Auto-generated on release."\nend (a binary cask's download URL/sha256 are rewritten on every release, so brew livecheck has nothing stable to poll). Set strategy: / url: / regex: (with skip: false) to opt into active version detection — the same shape a Homebrew cask livecheck do … end block accepts. Reuses the formula livecheck config type. | | manpage | string | — | Deprecated singular spelling of [Self::manpages]. The upstream replaced manpage: foo.1 with manpages: [foo.1]; this field captures the legacy spelling so imported configs keep parsing. apply_homebrew_cask_legacy_singulars folds the value into [Self::manpages] at config-load time and emits a one-time deprecation warning per occurrence. The field is excluded from serialization so a round-tripped config emits only the canonical plural form. | | manpages | list of string | — | Manual page references to install. | | name | string | — | Cask name (default: crate / project name). | | repository | RepositoryConfig | — | Unified repository config for the Homebrew tap. | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | service | string | — | Homebrew service definition. | | skip_upload | StringOrBool | — | Skip publishing the cask. "true" always skips; "auto" skips for prerelease versions. Accepts bool or template string. | | uninstall | HomebrewCaskUninstall | — | Structured uninstall stanza configuration. | | update_existing_pr | StringOrBool | — | When true, force-push the updated cask file to the existing PR branch when a PR for the same head branch already exists. The PR content is updated in place rather than creating a duplicate. When false (default), the push is skipped and a warning is emitted so the operator sees that the publisher did not update the PR. | | url | HomebrewCaskURL | — | Structured download URL configuration (top-level axis). | | url_template | string | — | Simple URL template for the .dmg/.zip download (per-crate shorthand).

Cannot be combined with url.template: — set one or the other. If both are present, config validation rejects the config at parse time. Use url: for the structured form (verified domain, custom headers, etc.) or url_template: for a bare string shorthand — never both simultaneously. | | zap | HomebrewCaskUninstall | — | Deep uninstall (zap) stanza configuration. |

crates[].publish.scoop

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
checkverstringScoop checkver strategy used by bucket maintainers to detect new releases. Defaults to "github" (derived from the configured GitHub repo) — ScoopInstaller/Main requires checkver for automated-update PRs. Override with a homepage regex when GitHub release detection is not appropriate.

Example: checkver: "github" or checkver: "v([\\d.]+)". | | commit_author | CommitAuthorConfig | — | Commit author with optional signing. | | commit_msg_template | string | — | Custom commit message template. | | depends | list of string | — | Application dependencies (other Scoop packages). | | description | string | — | Short description of the package (shown in scoop info). | | directory | string | — | Subdirectory in the bucket repo for manifest placement. | | homepage | string | — | Project homepage URL. Falls back to the GitHub-derived URL when unset. | | ids | list of string | — | Build IDs filter: only include artifacts whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Scoop publisher is skipped. Render failure hard-errors. Config key: scoop[].if:. | | license | string | — | SPDX license identifier (e.g., "MIT", "Apache-2.0"). | | name | string | — | Override the manifest name (default: crate name). | | persist | list of string | — | Data paths persisted between Scoop updates. | | post_install | list of string | — | Commands to run after installation. | | pre_install | list of string | — | Commands to run before installation. | | repository | RepositoryConfig | — | Unified repository config with branch, token, PR, git SSH support. (Replaces the legacy bucket: BucketConfig owner/name-only form.) | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | shortcuts | list of list of string | — | Start menu shortcuts as [executable, label] pairs. | | skip_upload | StringOrBool | — | Skip publishing the manifest. "true" always skips; "auto" skips for prerelease versions. Accepts bool or template string. | | url_template | string | — | Custom URL template for download URLs (overrides release URL). | | use | string | — | Artifact selection: "archive" (default), "msi", or "nsis". |

crates[].publish.chocolatey

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
api_keystringChocolatey API key for choco push. Falls back to CHOCOLATEY_API_KEY env var.
authorsstringPackage author(s) displayed in the Chocolatey gallery.
bug_tracker_urlstringBug tracker URL (<bugTrackerUrl>). Defaults to {repository}/issues when unset.
copyrightstringCopyright notice.
dependencieslist of ChocolateyDependencyPackage dependencies with optional version constraints.
descriptionstringPackage description (supports markdown).
docs_urlstringDocumentation URL.
icon_urlstringURL to the package icon image shown in the Chocolatey gallery.
idslist of stringBuild IDs filter: only include artifacts whose id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Chocolatey publisher is skipped. Render failure hard-errors. Config key: chocolateys[].if:.
licensestringSPDX license expression (e.g. "MIT", "Apache-2.0", "MIT OR Apache-2.0"). Emitted as the modern <license type="expression"> element, which accepts compound expressions losslessly.
license_urlstringOptional explicit <licenseUrl>. When unset, anodizer derives a real GitHub …/blob/<tag>/LICENSE URL from repository (what ripgrep / fd / gh ship); when no repository is known, no <licenseUrl> is emitted. anodizer never synthesizes an opensource.org/licenses/<spdx> URL — it 404s for compound SPDX and gets the package rejected at moderation.
namestringOverride the package name (default: crate name).
ownersstringPackage owners (Chocolatey gallery user).
package_source_urlstringURL shown as the package source in the Chocolatey gallery.
post_publish_pollPostPublishPollConfigPost-publish moderation-queue polling settings. Polling is disabled by default — Chocolatey's community moderation queue routinely takes hours to days, and blocking a CI workflow on that wait is wrong. Opt in per-publisher with post_publish_poll: { enabled: true } when running locally and willing to wait, or disable globally via --no-post-publish-poll.
project_source_urlstringSource code project URL (<projectSourceUrl>). Defaults to the derived repository URL when unset.
project_urlstringProject homepage URL.
release_notesstringRelease notes for this version.
repositoryRepositoryConfigUnified project repo config (owner/name). Used to derive <projectUrl> (the Chocolatey gallery link) and download URLs. <projectUrl> resolves through project_url: (if set) → derived https://github.com/{repository.owner}/{repository.name}.
republish_in_moderationStringOrBoolWhen true, re-push the nupkg even when a version is already in the community moderation queue (PackageStatus=Submitted). Chocolatey's API accepts re-pushes of in-moderation versions; the new nupkg replaces the queued one. When false (default), the push is skipped and a warning is emitted so the operator sees that the publisher did not push.
require_license_acceptanceboolRequire license acceptance before install.
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip pushing to the Chocolatey community repository. Bool, string, or template expression (e.g. "{{ IsSnapshot }}"). Accepts the legacy skip_publish: spelling for back-compat with configs; canonical name is skip: to align with every other publisher. | | source_repo | string | — | Push source URL (default: "https://push.chocolatey.org/"). | | summary | string | — | Short summary of the package. | | tags | list of string | — | Tags for the Chocolatey gallery (joined with single spaces in the emitted nuspec). Always a typed list — the legacy space-separated-string form was dropped now for IDE-completion friendliness and to remove whitespace ambiguity. | | title | string | — | Package title (default: project name). | | url_template | string | — | Custom URL template for download URLs (overrides release URL). | | use | string | — | Artifact selection: "archive" (default), "msi", or "nsis". |

crates[].publish.winget

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
authorstringAuthor name.
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template.
copyrightstringCopyright notice.
copyright_urlstringCopyright URL.
dependencieslist of WingetDependencyPackage dependencies.
descriptionstringFull package description displayed in the WinGet gallery.
documentationslist of WingetDocumentationDocumentation links rendered as the Documentations[] block on the locale manifest. Each entry is a { label, url } pair surfaced in the winget gallery (real ripgrep emits a FAQ and a User Guide entry). Omitted entirely when empty.

Example: yaml documentations: - label: "User Guide" url: "https://github.com/owner/repo/blob/master/GUIDE.md" | | homepage | string | — | Project homepage URL. | | ids | list of string | — | Build IDs filter: only include artifacts whose id is in this list. | | if | string | — | Template-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the WinGet publisher is skipped. Render failure hard-errors. Config key: winget[].if:. | | installation_notes | string | — | Post-install notes shown to the user. | | license | string | — | License identifier (required, e.g. "MIT"). | | license_url | string | — | License URL. | | moniker | string | — | Short invoke alias shown as the package Moniker (e.g. rg for ripgrep, fd for fd). This is the command users type, NOT the package/crate name. When unset, anodizer derives it from the single published binary name; with multiple binaries and no override the Moniker is omitted (winget treats it as optional).

Example: moniker: "rg". | | name | string | — | Override the package name (default: crate name). | | package_identifier | string | — | WinGet package identifier (e.g. "Publisher.AppName"). Auto-generated if empty. | | package_name | string | — | Package name as displayed (default: same as name). | | path | string | — | Manifest file path (auto-generated if empty from publisher/name/version). | | post_publish_poll | PostPublishPollConfig | — | Post-publish PR-validation polling settings. Polling is disabled by default — winget-pkgs PR validation routinely takes hours to days, and blocking a CI workflow on that wait is wrong. Opt in per-publisher with post_publish_poll: { enabled: true } when running locally and willing to wait, or disable globally via --no-post-publish-poll. | | privacy_url | string | — | Privacy policy URL. | | product_code | string | — | Product code for the installer (used in Add/Remove Programs). | | publisher | string | — | Publisher name (required). | | publisher_support_url | string | — | Publisher support URL. | | publisher_url | string | — | Publisher homepage URL shown in the WinGet manifest. | | release_notes | string | — | Release notes for this version. | | release_notes_url | string | — | URL to full release notes. | | repository | RepositoryConfig | — | Unified repository config with branch, token, PR, git SSH support. (Replaces the legacy manifests_repo: WingetManifestsRepoConfig.) | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | short_description | string | — | Short description (required, max 256 chars). | | silent_switch | string | — | Silent-install switch string emitted as InstallerSwitches.Silent for actual installers (wix/msi/exe/nsis). When unset, anodizer derives the switch from the installer type (/quiet for msi, /S for exe/nsis). Never emitted for zip/portable artifacts.

Example: silent_switch: "/qn". | | skip_upload | StringOrBool | — | Skip publishing. "true" always skips; "auto" skips for prereleases. Accepts bool or template string. | | tags | list of string | — | Tags for package discovery (lowercased, spaces→hyphens). | | update_existing_pr | StringOrBool | — | When true, force-push the updated manifest to the existing PR branch when a PR for the same head branch already exists. The PR content is updated in place rather than creating a duplicate. When false (default), the push is skipped and a warning is emitted so the operator sees that the publisher did not update the PR. | | upgrade_behavior | string | — | Installer UpgradeBehavior for every installer entry. winget accepts install, uninstallPrevious, and deny. Defaults to install — the correct behavior for portable-zip CLI tools (uninstallPrevious forces a clobbering reinstall).

Example: upgrade_behavior: "uninstallPrevious". | | url_template | string | — | Custom URL template for download URLs (overrides release URL). | | use | string | — | Artifact selection: "archive" (default), "msi", or "nsis". |

crates[].publish.aur

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
backuplist of stringList of config files to preserve on upgrade (relative to /).
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template. Default: "Update to {{ version }}".
conflictslist of stringPackages this PKGBUILD conflicts with.
contributorslist of stringContributors listed in PKGBUILD comments.
dependslist of stringRuntime dependencies required by this package.
descriptionstringShort description of the package for PKGBUILD.
directorystringSubdirectory in the git repo for committed files.
git_ssh_commandstringCustom SSH command for git operations.
git_urlstringAUR SSH git URL override. Defaults to ssh://aur@aur.archlinux.org/<package>.git, derived from the resolved package name; set this only for a non-standard endpoint.
homepagestringProject homepage URL.
idslist of stringBuild IDs filter: only include artifacts whose id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the AUR publisher is skipped. Render failure hard-errors. The aurs[].if: conditional gate.
installstringContent for a .install file (post-install/pre-remove scripts).
licensestringSPDX license identifier (e.g., "MIT", "Apache-2.0").
maintainerslist of stringPKGBUILD maintainer entries (e.g., "Name email@example.com").
namestringOverride the package name (default: crate name + "-bin").
optdependslist of stringOptional dependencies with descriptions (e.g., "fzf: fuzzy finder support").
packagestringCustom PKGBUILD package() function body.
private_keystringPath to SSH private key file.
provideslist of stringPackages this PKGBUILD provides (virtual package names).
relstringPackage release number (default: "1").
replaceslist of stringPackages this PKGBUILD replaces (for upgrade paths from old package names).
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip this AUR config. Accepts bool or template string (e.g. "{{ if .IsSnapshot }}true{{ endif }}" for conditional skip). Accepts the legacy disable: spelling via serde alias for back-compat. | | skip_upload | StringOrBool | — | Skip publishing. "true" always skips; "auto" skips for prereleases. Accepts bool or template string. | | url_template | string | — | Custom URL template for download URLs (overrides release URL). |

crates[].publish.aur_source

FieldTypeDefaultDescription
amd64_variantAmd64Variantx86_64 micro-architecture variant — v1 (baseline), v2, v3 (AVX2), or v4. Constrained to a typed enum because AUR source pkgs build from the upstream tarball (no binary artifacts to filter), so the value's only role is as the Amd64 template var consumed by prepare: / build: / package: script bodies — typos must fail at parse time, not silently render an invalid string into the PKGBUILD. When unset, defaults to v1 at template-render time.
archeslist of stringExplicit architecture list (default: auto-detect from artifacts).
backuplist of stringBackup files to preserve on upgrade.
buildstringCustom build() function body for PKGBUILD.
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template.
conflictslist of stringPackages this PKGBUILD conflicts with.
contributorslist of stringContributors listed in PKGBUILD comments.
dependslist of stringRuntime dependencies.
descriptionstringShort description of the package.
directorystringSubdirectory in the git repo for committed files.
git_ssh_commandstringCustom SSH command for git operations.
git_urlstringAUR SSH git URL override. Defaults to ssh://aur@aur.archlinux.org/<package>.git, derived from the resolved package name; set this only for a non-standard endpoint.
homepagestringProject homepage URL.
idslist of stringBuild IDs filter.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the AUR source config is skipped. Render failure hard-errors. The aur_sources[].if:.
installstringContent for a .install file (post-install/pre-remove scripts).
licensestringSPDX license identifier.
maintainerslist of stringPKGBUILD maintainer entries.
makedependslist of stringBuild-time dependencies (source packages need these).
namestringOverride the package name (default: crate name, no -bin suffix).
optdependslist of stringOptional dependencies.
packagestringCustom package() function body for PKGBUILD.
preparestringCustom prepare() function body for PKGBUILD.
private_keystringPath to SSH private key file.
provideslist of stringPackages this PKGBUILD provides.
relstringPackage release number (default: "1").
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip this config. Accepts the legacy disable: spelling via serde alias for back-compat. | | skip_upload | StringOrBool | — | Skip publishing. "true" always skips; "auto" skips for prereleases. | | url_template | string | — | Custom URL template for download URLs. |

crates[].publish.krew

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
arm_variantstringARM version filter (e.g. "6", "7"). Only artifacts matching this variant are included.
caveatsstringPost-install message shown to the user.
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template.
descriptionstringFull description of the kubectl plugin.
homepagestringProject homepage URL for the plugin.
idslist of stringBuild IDs filter: only include artifacts whose id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Krew publisher is skipped. Render failure hard-errors. Config key: krews[].if:.
modeKrewModeWhich krew-index submission path to take.
  • auto (default): probe whether the plugin already exists in kubernetes-sigs/krew-index. Already present → bot (the hosted krew-release-bot opens the version-bump PR server-side); definitively absent → pr-direct (anodizer opens the initial fork PR). A probe that can't reach a definitive answer (rate-limit, network error) hard-errors rather than guessing, so a transient blip never routes an existing plugin into a maintainer-hostile fork PR. - bot: always POST to the krew-release-bot webhook. Use when the plugin is known to be in krew-index and you want to skip the membership probe entirely. - pr-direct: always open a fork PR against krew-index. Use for the initial submission, or a self-hosted krew-index mirror the hosted bot can't reach. | | name | string | — | Override the plugin name (default: crate name). | | repository | RepositoryConfig | — | Unified repository config with branch, token, PR, git SSH support. (Replaces the legacy manifests_repo: / upstream_repo: form.) The upstream PR target is derived from repository.pull_request.base when set, falling back to the canonical kubernetes-sigs/krew-index. | | required | bool | — | Override whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | short_description | string | — | One-line summary of the kubectl plugin (max 255 chars). | | skip | StringOrBool | — | Skip this Krew config. Accepts bool or template string (e.g. "{{ if .IsSnapshot }}true{{ endif }}" for conditional skip). Distinct from skip_upload so users can opt out of generating the manifest entirely (common when a project is not a kubectl plugin and has no krew channel). | | skip_upload | StringOrBool | — | Skip publishing. "true" always skips; "auto" skips for prereleases. Accepts bool or template string. | | update_existing_pr | StringOrBool | — | When true, force-push the updated plugin manifest to the existing PR branch when a PR for the same head branch already exists. The PR content is updated in place rather than creating a duplicate. When false (default), the push is skipped and a warning is emitted so the operator sees that the publisher did not update the PR. | | url_template | string | — | Custom URL template for download URLs (overrides release URL). |

crates[].publish.nix

FieldTypeDefaultDescription
amd64_variantstringamd64 microarchitecture variant filter (e.g. "v1", "v2", "v3", "v4"). Only artifacts matching this variant are included. Default: "v1".
changelogstringURL for meta.changelog. When unset, anodizer derives <host>/<owner>/<repo>/releases/tag/<tag> from the crate's release repository and the release tag (matching what ripgrep/fd set in nixpkgs). Set this to override (e.g. a …/blob/<tag>/CHANGELOG.md URL). Templated. Omitted only when no release repo is configured and no explicit value is given.
commit_authorCommitAuthorConfigCommit author with optional signing.
commit_msg_templatestringCustom commit message template.
dependencieslist of NixDependencyNix package dependencies with optional OS filtering.
descriptionstringShort description of the Nix derivation.
extra_installstringAdditional install commands appended after the main install.
formatterstringNix formatter to run on the generated file: "alejandra" or "nixfmt".
homepagestringProject homepage URL.
idslist of stringBuild IDs filter: only include artifacts whose id is in this list.
ifstringTemplate-conditional gate: when the rendered result is falsy ("false" / "0" / "no" / empty), the Nix publisher is skipped. Render failure hard-errors. Config key: nix[].if:.
installstringCustom install commands (replaces auto-generated binary install).
licensestringLicense for the derivation's meta.license. Accepts a nix lib.licenses attribute (e.g. mit, asl20) or an SPDX expression (e.g. MIT, Apache-2.0, MIT OR Apache-2.0). A known single id maps to lib.licenses.<attr>; an OR/AND list of known ids maps to with lib.licenses; [ … ]. An unknown id or an unparseable compound (e.g. a WITH exception) degrades to a quoted-string license in meta — never rejected, never an invalid attr-path. When unset, the license is derived from the crate's Cargo.toml [package].license.
long_descriptionstringLong-form description for meta.longDescription, rendered as a multi-line longDescription = '' … ''; block. Optional; omitted when unset. Templated.
main_programstringValue for meta.mainProgram in the generated Nix derivation. When set, the rendered derivation includes mainProgram = "<value>"; inside the meta block, telling Nix which binary nix run should execute when the derivation contains multiple executables. Templated: supports {{ Version }} etc. Omitted when unset.
maintainerslist of stringnixpkgs maintainer handles (from lib.maintainers) rendered as maintainers = with lib.maintainers; [ alice bob ]; in the derivation's meta. These are nixpkgs handles (e.g. globin, zowoq), NOT Name <email> author strings — a nixpkgs review rejects a derivation whose meta.maintainers is absent. When unset the derivation still emits maintainers = [ ]; (an empty-but-present list is valid and clears the "field absent" rejection); a user fills in their handle. Each entry is rendered verbatim as a Nix identifier, so values must be valid lib.maintainers attribute names.
namestringOverride the derivation name (default: crate name).
pathstringPath for the .nix file in the repository (default: pkgs/<name>/default.nix).
post_installstringPost-install commands (postInstall phase).
repositoryRepositoryConfigUnified repository config with branch, token, PR, git SSH support.
requiredboolOverride whether this publisher failing should fail the overall release.

Default: false — a failure here is logged but does not abort the release. Set to true to fail the release on any error. | | retain_on_rollback | bool | — | When true, a triggered rollback leaves this publisher's work in place rather than attempting to undo it. Default false. | | skip | StringOrBool | — | Skip this Nix config. Accepts bool or template string (e.g. "{{ if .IsSnapshot }}true{{ endif }}" for conditional skip). Distinct from skip_upload so users can model both intents — disable means "don't generate at all", skip_upload means "generate but don't push". Without this field, nix: { skip: true } was silently dropped by the serde unknown-field default. | | skip_upload | StringOrBool | — | Skip publishing. "true" always skips; "auto" skips for prereleases. Accepts bool or template string. | | url_template | string | — | Custom URL template for download URLs (overrides release URL). |