I'm not sure the history of why this field is a prerequisite to publishing. However, I don't think it should be limited to just GitHub logins since some of us use (or... want to use) a private index not hosted on GitHub.

If the idea is to limit who can modify the crate, perhaps instead of hard coding rules to match GitHub logins, it can automatically detect which system (GitLab, GitHub, others) and use rules to match logins for that. Alternatively, provide some way to generate publishing information from the alr publish commands that allows you to omit this field. A third option is to look for a code owners file in the repo and respect those rules on who can update the crate.