Gem name should be validated before creating a pending trusted publisher #6273
Description
Steps to Reproduce
- Go to https://rubygems.org/profile/oidc/pending_trusted_publishers
- Create a new pending trusted publisher for a "protected typo" name. In my case I created
type_kit(which turned out to be too similar totypekit) - Attempt to publish the gem via trusted publisher
Expected Behavior
The typo is eagerly detected at the time you attempt to create the pending trusted publisher on the rubygems.org web UI.
Current Behavior
The site will let your create the publisher, even though that name is ultimately unavailable for new gems to use.
The error isn't surfaced until you eventually try to actually published the gem. Here's my example GitHub publish action, which failed with:
Pushing gem to https://rubygems.org.../
There was a problem saving your gem: Name 'type_kit' is too similar to an existing gem named 'typekit'
Possible Solution
Run the pre-existing Gem model validations in the OIDC::PendingTrustedPublishersController#create action.