flutter/plugins#4288 was an ecosystem-breaking PR that passed both presubmit and postsubmit (and was thus auto-published), demonstrating that we need a stronger safety system.

In particular, it looks like the CI did correctly detect that the isolated change to the interface package was wrong (a breaking change, but not marked as such)—I assume via the build_all_plugins test, but can't tell because of force-pushing that happened in the PR—but then that safety was disabled by the addition of unpublished source changes to a different package in the same PR. That should absolutely not have happened, and ideally should have been caught in review, but it was missed and the PR was approved with that change.

We should have something that's not subject to human error that would prevent that. The tricky part is going to be figuring out how to do it in a way that doesn't have false positives that prevent reasonable multi-package changes (e.g., something that is fixing a new analyzer warning that involves changing both interface and implementation packages). Worst case we could force the false positives to just require separate PRs, but I'd rather not do that if possible.