fix: Remove fetch_remote_manifest feature

.github/workflows/beta-preflight.yml

@@ -114,9 +114,8 @@ jobs:
       # doc tests.
 
       - name: Run doc tests (COVERAGE DISABLED)
-        run:
-          cargo test --workspace --all-features --doc
-
+        run: cargo test --workspace --all-features --doc
+
       # - name: Generate code coverage
       #   env:
       #     RUST_BACKTRACE: "1"
@@ -216,7 +215,7 @@ jobs:
         run: cargo binstall -y wasm-bindgen-cli --version 0.2.105
 
       - name: Run Wasm tests
-        run: cargo test -p c2pa --no-default-features --features rust_native_crypto,fetch_remote_manifests --target wasm32-unknown-unknown
+        run: cargo test -p c2pa --no-default-features --features rust_native_crypto, --target wasm32-unknown-unknown
         env:
           CARGO_TARGET_WASM32_UNKNOWN_UNKNOWN_RUNNER: wasm-bindgen-test-runner
           WASM_BINDGEN_TEST_TIMEOUT: 60

.github/workflows/tier-1a.yml

@@ -331,7 +331,7 @@ jobs:
         run: cargo binstall -y wasm-bindgen-cli --version 0.2.105
 
       - name: Run Wasm tests
-        run: cargo test -p c2pa --no-default-features --features rust_native_crypto,fetch_remote_manifests,http_reqwest --target wasm32-unknown-unknown
+        run: cargo test -p c2pa --no-default-features --features rust_native_crypto,http_reqwest --target wasm32-unknown-unknown
         env:
           CARGO_TARGET_WASM32_UNKNOWN_UNKNOWN_RUNNER: wasm-bindgen-test-runner
           WASM_BINDGEN_TEST_TIMEOUT: 60

Makefile

@@ -23,20 +23,20 @@ clippy:
 	cargo clippy --features="file_io" --all-targets -- -D warnings
 
 test-local:
-	cargo test --features="file_io, fetch_remote_manifests, add_thumbnails" --all-targets
+	cargo test --features="file_io, add_thumbnails" --all-targets
 
 test-wasm:
-	cd sdk && wasm-pack test --node -- --no-default-features --features="rust_native_crypto, fetch_remote_manifests, http_reqwest"
+	cd sdk && wasm-pack test --node -- --no-default-features --features="rust_native_crypto, http_reqwest"
 
 test-wasm-web:
-	cd sdk && wasm-pack test --chrome --headless -- --no-default-features --features="rust_native_crypto, fetch_remote_manifests, http_reqwest"
+	cd sdk && wasm-pack test --chrome --headless -- --no-default-features --features="rust_native_crypto, http_reqwest"
 
 # WASI testing requires upstream llvm clang (not XCode), wasmtime, and the target wasm32-wasip2 on the nightly toolchain
 test-wasi:
 ifeq ($(PLATFORM),mac)
 	$(eval CC := /opt/homebrew/opt/llvm/bin/clang)
 endif
-	CC=$(CC) CARGO_TARGET_WASM32_WASIP2_RUNNER="wasmtime -S cli -S http --dir ." cargo +nightly test --target wasm32-wasip2 -p c2pa --no-default-features --features="rust_native_crypto, file_io, fetch_remote_manifests, add_thumbnails, http_wasi, http_wstd"
+	CC=$(CC) CARGO_TARGET_WASM32_WASIP2_RUNNER="wasmtime -S cli -S http --dir ." cargo +nightly test --target wasm32-wasip2 -p c2pa --no-default-features --features="rust_native_crypto, file_io, add_thumbnails, http_wasi, http_wstd"
 	rm -r sdk/Users
 
 # Full local validation, build and test all features including wasm

c2pa_c_ffi/Cargo.toml

@@ -25,7 +25,6 @@ pdf = ["c2pa/pdf"]
 [dependencies]
 c2pa = { path = "../sdk", version = "0.72.0", default-features = false, features = [
     "add_thumbnails",
-    "fetch_remote_manifests",
     "file_io",
     "pdf",
     "default_http",

c2pa_c_ffi/src/c_api.rs

@@ -2134,6 +2134,19 @@ mod tests {
 
     #[test]
     fn test_c2pa_reader_remote_url() {
+        let settings = serde_json::json!( {
+            "verify": {
+                "remote_manifest_fetch": true
+            }
+        });
+        let result = unsafe {
+            c2pa_load_settings(
+                CString::new(settings.to_string()).unwrap().as_ptr(),
+                c"json".as_ptr(),
+            )
+        };
+        assert_eq!(result, 0);
+
         let mut stream = TestC2paStream::new(include_bytes!(fixture_path!("cloud.jpg")).to_vec())
             .into_c_stream();
 

cli/Cargo.toml

@@ -29,7 +29,6 @@ networking = [
 anyhow = "1.0"
 atree = "0.5.2"
 c2pa = { path = "../sdk", version = "0.72.0", features = [
-    "fetch_remote_manifests",
     "file_io",
     "add_thumbnails",
     "pdf",

cli/src/main.rs

@@ -389,6 +389,15 @@ fn blocking_get(url: &str) -> Result<String> {
 }
 
 fn configure_sdk(args: &CliArgs) -> Result<()> {
+    // Enable remote manifest fetching for backwards compatibility.
+    Settings::from_toml(
+        &toml::toml! {
+            [verify]
+            remote_manifest_fetch = true
+        }
+        .to_string(),
+    )?;
+
     if args.settings.exists() {
         let settings = fs::read_to_string(&args.settings)?;
         Settings::from_toml(&settings)?

docs/support-tiers.md

@@ -35,7 +35,7 @@ These requirements are enforced in the [Tier 1A workflow](/.github/workflows/tie
 ### Tier 1A for c2pa-rs
 
 * **Ubuntu:** `x86_64-unknown-linux-gnu`, Rust `stable`, `all` features, `openssl` | `rust_native_crypto`, `glibc`
-* **Wasm:** `wasm32-unknown-unknown`, Rust `stable`, `fetch_remote_manifests` feature, `rust_native_crypto`
+* **Wasm:** `wasm32-unknown-unknown`, Rust `stable`, feature, `rust_native_crypto`
 * **WASI:** `wasm32-wasip2`, Rust `nightly-2025-08-25`, `all` features
 
 ### Tier 1A for c2pa-c-ffi

docs/usage.md

@@ -38,7 +38,6 @@ You can enable any of the following features:
 - **openssl** *(enabled by default)*: Use the vendored `openssl` implementation for cryptography.
 - **rust_native_crypto**: Use Rust native cryptography.
 - **add_thumbnails**: Adds the [`image`](https://github.com/image-rs/image) crate to enable auto-generated thumbnails, if possible and enabled in settings.
-- **fetch_remote_manifests**: Fetches remote manifests over the network when no embedded manifest is present and that option is enabled in settings.
 - **file_io**: Enables APIs that use filesystem I/O.
 - **json_schema**: Adds the [`schemars`](https://github.com/GREsau/schemars) crate to derive JSON schemas for JSON-compatible structs.
 - **pdf**: Enables basic PDF read support.

make_test_images/Cargo.toml

@@ -13,7 +13,6 @@ unexpected_cfgs = { level = "warn", check-cfg = ['cfg(test)'] }
 [dependencies]
 anyhow = "1.0.40"
 c2pa = { path = "../sdk", version = "0.72.0", features = [
-	"fetch_remote_manifests",
 	"file_io",
 	"add_thumbnails",
 	"pdf",

sdk/Cargo.toml

@@ -31,7 +31,6 @@ rustdoc-args = ["--cfg", "docsrs"]
 default = ["openssl", "default_http"]
 add_thumbnails = ["image"]
 file_io = []
-fetch_remote_manifests = ["dep:wasi"]
 json_schema = ["dep:schemars"]
 openssl = [
     "dep:openssl",

sdk/src/builder.rs

@@ -3186,7 +3186,6 @@ mod tests {
     /// example of creating a builder directly with a [`ManifestDefinition`]
     #[c2pa_test_async]
     /// test if the sdk can add a cloud ingredient retrieved from a stream and a cloud manifest
-    // This works with or without the fetch_remote_manifests feature
     async fn test_add_cloud_ingredient() {
         crate::settings::set_settings_value("verify.remote_manifest_fetch", false).unwrap();
 

sdk/src/ingredient.rs

@@ -1839,7 +1839,6 @@ mod tests {
         );
     }
 
-    #[cfg(feature = "fetch_remote_manifests")]
     #[c2pa_test_async]
     async fn test_jpg_cloud_from_memory() {
         crate::settings::set_settings_value("verify.verify_trust", false).unwrap();
@@ -1861,11 +1860,10 @@ mod tests {
         assert_eq!(ingredient.validation_status(), None);
     }
 
-    #[cfg(not(any(feature = "fetch_remote_manifests", feature = "file_io")))]
     #[c2pa_test_async]
-    async fn test_jpg_cloud_from_memory_no_file_io() {
+    async fn test_jpg_cloud_from_memory_no_remote_fetch() {
         crate::settings::set_settings_value("verify.verify_trust", false).unwrap();
-        crate::settings::set_settings_value("verify.remote_manifest_fetch", true).unwrap();
+        crate::settings::set_settings_value("verify.remote_manifest_fetch", false).unwrap();
 
         let image_bytes = include_bytes!("../tests/fixtures/cloud.jpg");
         let format = "image/jpeg";
@@ -2111,7 +2109,6 @@ mod tests_file_io {
     }
 
     #[test]
-    #[cfg(feature = "fetch_remote_manifests")]
     fn test_jpg_cloud_failure() {
         let ap = fixture_path("cloudx.jpg");
         let ingredient = Ingredient::from_file(ap).expect("from_file");

sdk/src/lib.rs

@@ -98,7 +98,6 @@
 //! - **openssl** *(enabled by default)*: Use the vendored `openssl` implementation for cryptography.
 //! - **rust_native_crypto**: Use Rust native cryptography.
 //! - **add_thumbnails**: Adds the [`image`](https://github.com/image-rs/image) crate to enable auto-generated thumbnails, if possible and enabled in settings.
-//! - **fetch_remote_manifests**: Fetches remote manifests over the network when no embedded manifest is present and that option is enabled in settings.
 //! - **file_io**: Enables APIs that use filesystem I/O.
 //! - **json_schema**: Adds the [`schemars`](https://github.com/GREsau/schemars) crate to derive JSON schemas for JSON-compatible structs.
 //! - **pdf**: Enables basic PDF read support.

sdk/src/reader.rs

@@ -222,7 +222,7 @@ impl Reader {
 
     #[cfg(feature = "file_io")]
     /// Create a manifest store [`Reader`] from a file.
-    /// If the `fetch_remote_manifests` feature is enabled, and the asset refers to a remote manifest, the function fetches a remote manifest.
+    /// If the `verify.remote_manifest_fetch` setting is enabled, and the asset refers to a remote manifest, the function fetches a remote manifest.
     ///
     /// NOTE: If the file does not have a manifest store, the function will check for a sidecar manifest with the same base file name and a .c2pa extension.
     ///
@@ -1215,8 +1215,15 @@ pub mod tests {
     }
 
     #[test]
-    #[cfg(feature = "fetch_remote_manifests")]
     fn test_reader_remote_url() -> Result<()> {
+        Settings::from_toml(
+            &toml::toml! {
+                [verify]
+                remote_manifest_fetch = true
+            }
+            .to_string(),
+        )?;
+
         let reader = Reader::from_stream("image/jpeg", Cursor::new(IMAGE_WITH_REMOTE_MANIFEST))?;
         let remote_url = reader.remote_url();
         assert_eq!(remote_url, Some("https://cai-manifests.adobe.com/manifests/adobe-urn-uuid-5f37e182-3687-462e-a7fb-573462780391"));

sdk/src/settings/mod.rs

@@ -295,11 +295,7 @@ pub struct Verify {
     /// - Constructing an [`Ingredient`]
     /// - Adding an [`Ingredient`] to the [`Builder`]
     ///
-    /// The default value is true.
-    ///
-    /// <div class="warning">
-    /// This setting is only applicable if the crate is compiled with the `fetch_remote_manifests` feature.
-    /// </div>
+    /// The default value is false.
     ///
     /// [`Reader`]: crate::Reader
     /// [`Ingredient`]: crate::Ingredient
@@ -328,7 +324,7 @@ impl Default for Verify {
             verify_trust: true,
             verify_timestamp_trust: !cfg!(test), // verify timestamp trust unless in test mode
             ocsp_fetch: false,
-            remote_manifest_fetch: true,
+            remote_manifest_fetch: false,
             skip_ingredient_conflict_resolution: false,
             strict_v1_validation: false,
         }
@@ -679,7 +675,7 @@ pub mod tests {
 
         // test updating values
         Settings::set_value("core.merkle_tree_chunk_size_in_kb", 10).unwrap();
-        Settings::set_value("verify.remote_manifest_fetch", false).unwrap();
+        Settings::set_value("verify.remote_manifest_fetch", true).unwrap();
         Settings::set_value("builder.thumbnail.enabled", false).unwrap();
         Settings::set_value(
             "trust.user_anchors",
@@ -691,7 +687,7 @@ pub mod tests {
             get_settings_value::<usize>("core.merkle_tree_chunk_size_in_kb").unwrap(),
             10
         );
-        assert!(!get_settings_value::<bool>("verify.remote_manifest_fetch").unwrap());
+        assert!(get_settings_value::<bool>("verify.remote_manifest_fetch").unwrap());
         assert!(!get_settings_value::<bool>("builder.thumbnail.enabled").unwrap());
         assert_eq!(
             get_settings_value::<Option<String>>("trust.user_anchors").unwrap(),

sdk/src/store.rs

@@ -3409,7 +3409,6 @@ impl Store {
     }
 
     // fetch remote manifest if possible
-    #[cfg(feature = "fetch_remote_manifests")]
     #[async_generic(async_signature(
         url: &str,
         http_resolver: &impl AsyncHttpResolver
@@ -3472,22 +3471,16 @@ impl Store {
     ) -> Result<Vec<u8>> {
         // verify provenance path is remote url
         if Store::is_valid_remote_url(ext_ref) {
-            #[cfg(feature = "fetch_remote_manifests")]
-            {
-                // Everything except browser wasm if fetch_remote_manifests is enabled
-                if settings.verify.remote_manifest_fetch {
-                    if _sync {
-                        Store::fetch_remote_manifest(ext_ref, http_resolver)
-                    } else {
-                        Store::fetch_remote_manifest_async(ext_ref, http_resolver).await
-                    }
+            // Everything except browser wasm if fetch_remote_manifests is enabled
+            if settings.verify.remote_manifest_fetch {
+                if _sync {
+                    Store::fetch_remote_manifest(ext_ref, http_resolver)
                 } else {
-                    Err(Error::RemoteManifestUrl(ext_ref.to_owned()))
+                    Store::fetch_remote_manifest_async(ext_ref, http_resolver).await
                 }
+            } else {
+                Err(Error::RemoteManifestUrl(ext_ref.to_owned()))
             }
-
-            #[cfg(not(feature = "fetch_remote_manifests"))]
-            Err(Error::RemoteManifestUrl(ext_ref.to_owned()))
         } else {
             Err(Error::JumbfNotFound)
         }

sdk/tests/test_reader.rs

@@ -70,9 +70,16 @@ fn test_reader_xca_jpg() -> Result<()> {
     compare_to_known_good(&reader, "XCA.json")
 }
 
-#[cfg(feature = "fetch_remote_manifests")]
 #[c2pa_test_async]
 async fn test_reader_remote_url_async() -> Result<()> {
+    Settings::from_toml(
+        &toml::toml! {
+            [verify]
+            remote_manifest_fetch = true
+        }
+        .to_string(),
+    )?;
+
     let reader = Reader::from_stream_async(
         "image/jpeg",
         std::io::Cursor::new(include_bytes!("./fixtures/cloud.jpg")),