Indicates that the branch contains code changes from authors who do not otherwise have the write access to the repository.

Such code can contain malicious changes, so this flag serves as a signal to allow other plugins in Jenkins to set up a higher degree of isolation to protect the build infrastructure, as well as disabling activities with side-effect, such as deploying to a server.

Some examples of where the trusted vs non-trusted distinction becomes important:

• Github pull requests should be non-trusted as they can be created by any user
• A Subversion branching structure such as trunk, branches, tags, sandbox would probably have trunk, branches, tags as trusted and sandbox as untrusted where the Subversion permissions give any authenticated user write access to sandbox but allow the project team to commit to all four locations
• In a closed source code development where only employees and contractors work on the code, no branch needs to be marked as non-trusted because every commit comes from a known set of people.