From bfee1175f6378c9191eca0af88e068ed49d48bef Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Sat, 11 Nov 2023 01:14:12 -0800 Subject: [PATCH 01/13] docs: Add documentation based on the youtube video (#10) --- .github/DOCS.md | 23 ++++++++++++++++++++ .github/codecov.yml | 2 +- .github/dependabot.yml | 6 ++++-- .github/workflows/check.yml | 21 ++++++++++++++++++- .github/workflows/nostd.yml | 4 +++- .github/workflows/safety.yml | 8 ++++++- .github/workflows/scheduled.yml | 16 +++++++++----- .github/workflows/test.yml | 37 ++++++++++++++++++++++++++++++++- 8 files changed, 105 insertions(+), 12 deletions(-) create mode 100644 .github/DOCS.md diff --git a/.github/DOCS.md b/.github/DOCS.md new file mode 100644 index 00000000..e932784c --- /dev/null +++ b/.github/DOCS.md @@ -0,0 +1,23 @@ +# Github config and workflows + +In this folder there is configuration for codecoverage, dependabot, and ci +workflows that check the library more deeply than the default configurations. + +This folder can be or was merged using a --allow-unrelated-histories merge +strategy from which provides a +reasonably sensible base for writing your own ci on. By using this strategy +the history of the CI repo is included in your repo, and future updates to +the CI can be merged later. + +To perform this merge run: + +```shell +git remote add ci https://github.com/jonhoo/rust-ci-conf.git +git fetch ci +git merge --allow-unrelated-histories ci/main +``` + +An overview of the files in this project is available at: +, which contains some +rationale for decisions and runs through an example of solving minimal version +and OpenSSL issues. diff --git a/.github/codecov.yml b/.github/codecov.yml index ff4f571d..cd5ce8fc 100644 --- a/.github/codecov.yml +++ b/.github/codecov.yml @@ -18,4 +18,4 @@ ignore: # Make comments less noisy comment: layout: "files" - require_changes: yes + require_changes: true diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8139a93a..d0f091e7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,8 +10,10 @@ updates: interval: daily ignore: - dependency-name: "*" - # patch and minor updates don't matter for libraries - # remove this ignore rule if your package has binaries + # patch and minor updates don't matter for libraries as consumers of this library build + # with their own lockfile, rather than the version specified in this library's lockfile + # remove this ignore rule if your package has binaries to ensure that the binaries are + # built with the exact set of dependencies and those are up to date. update-types: - "version-update:semver-patch" - "version-update:semver-minor" diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 3fdc139e..6b4d13a7 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -1,10 +1,21 @@ +# This workflow runs whenever a PR is opened or updated, or a commit is pushed to main. It runs +# several checks: +# - fmt: checks that the code is formatted according to rustfmt +# - clippy: checks that the code does not contain any clippy warnings +# - doc: checks that the code can be documented without errors +# - hack: check combinations of feature flags +# - msrv: check that the msrv specified in the crate is correct permissions: contents: read +# This configuration allows maintainers of this repo to create a branch and pull request based on +# the new branch. Restricting the push trigger to the main branch ensures that the PR only gets +# built once. on: push: branches: [main] pull_request: -# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +# If new code is pushed to a PR branch, then cancel in progress workflows for that PR. Ensures that +# we don't waste CI time, and returns results quicker https://github.com/jonhoo/rust-ci-conf/pull/5 concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true @@ -32,6 +43,7 @@ jobs: strategy: fail-fast: false matrix: + # Get early warning of new lints which are regularly introduced in beta channels. toolchain: [stable, beta] steps: - uses: actions/checkout@v4 @@ -47,6 +59,9 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} doc: + # run docs generation on nightly rather than stable. This enables features like + # https://doc.rust-lang.org/beta/unstable-book/language-features/doc-cfg.html which allows an + # API be documented as only available in some specific platforms. runs-on: ubuntu-latest name: nightly / doc steps: @@ -60,6 +75,8 @@ jobs: env: RUSTDOCFLAGS: --cfg docsrs hack: + # cargo-hack checks combinations of feature flags to ensure that features are all additive + # which is required for feature unification runs-on: ubuntu-latest name: ubuntu / stable / features steps: @@ -71,9 +88,11 @@ jobs: - name: cargo install cargo-hack uses: taiki-e/install-action@cargo-hack # intentionally no target specifier; see https://github.com/jonhoo/rust-ci-conf/pull/4 + # --feature-powerset runs for every combination of features - name: cargo hack run: cargo hack --feature-powerset check msrv: + # check that we can build using the minimal rust version that is specified by this crate runs-on: ubuntu-latest # we use a matrix here just because env can't be used in job names # https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability diff --git a/.github/workflows/nostd.yml b/.github/workflows/nostd.yml index 00362a6c..93a16980 100644 --- a/.github/workflows/nostd.yml +++ b/.github/workflows/nostd.yml @@ -1,10 +1,12 @@ +# This workflow checks whether the library is able to run without the std library (e.g., embedded). +# This entire file should be removed if this crate does not support no-std. See check.yml for +# information about how the concurrency cancelation and workflow triggering works permissions: contents: read on: push: branches: [main] pull_request: -# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml index ce1e38e8..afea8dfe 100644 --- a/.github/workflows/safety.yml +++ b/.github/workflows/safety.yml @@ -1,10 +1,16 @@ +# This workflow runs checks for unsafe code. In crates that don't have any unsafe code, this can be +# removed. Runs: +# - miri - detects undefined behavior and memory leaks +# - address santizer - detects memory errors +# - leak sanitizer - detects memory leaks +# - loom - Permutation testing for concurrent code https://crates.io/crates/loom +# See check.yml for information about how the concurrency cancelation and workflow triggering works permissions: contents: read on: push: branches: [main] pull_request: -# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index 4607f3e0..15b1a7cd 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -1,3 +1,6 @@ +# Run scheduled (rolling) jobs on a nightly basis, as your crate may break independently of any +# given PR. E.g., updates to rust nightly and updates to this crates dependencies. See check.yml for +# information about how the concurrency cancelation and workflow triggering works permissions: contents: read on: @@ -6,7 +9,6 @@ on: pull_request: schedule: - cron: '7 7 * * *' -# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true @@ -29,12 +31,16 @@ jobs: run: cargo test --locked --all-features --all-targets # https://twitter.com/alcuadrado/status/1571291687837732873 update: + # This action checks that updating the dependencies of this crate to the latest available that + # satisfy the versions in Cargo.toml does not break this crate. This is important as consumers + # of this crate will generally use the latest available crates. This is subject to the standard + # Cargo semver rules (i.e cargo does not update to a new major version unless explicitly told + # to). runs-on: ubuntu-latest name: ubuntu / beta / updated - # There's no point running this if no Cargo.lock was checked in in the - # first place, since we'd just redo what happened in the regular test job. - # Unfortunately, hashFiles only works in if on steps, so we reepeat it. - # if: hashFiles('Cargo.lock') != '' + # There's no point running this if no Cargo.lock was checked in in the first place, since we'd + # just redo what happened in the regular test job. Unfortunately, hashFiles only works in if on + # steps, so we repeat it. steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 56bd5606..ab86e2d3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,10 +1,17 @@ +# This is the main CI workflow that runs the test suite on all pushes to main and all pull requests. +# It runs the following jobs: +# - required: runs the test suite on ubuntu with stable and beta rust toolchains +# - minimal: runs the test suite with the minimal versions of the dependencies that satisfy the +# requirements of this crate, and its dependencies +# - os-check: runs the test suite on mac and windows +# - coverage: runs the test suite and collects coverage information +# See check.yml for information about how the concurrency cancelation and workflow triggering works permissions: contents: read on: push: branches: [main] pull_request: -# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true @@ -15,6 +22,8 @@ jobs: name: ubuntu / ${{ matrix.toolchain }} strategy: matrix: + # run on stable and beta to ensure that tests won't break on the next version of the rust + # toolchain toolchain: [stable, beta] steps: - uses: actions/checkout@v4 @@ -25,6 +34,7 @@ jobs: with: toolchain: ${{ matrix.toolchain }} - name: cargo generate-lockfile + # enable this ci template to run regardless of whether the lockfile is checked in or not if: hashFiles('Cargo.lock') == '' run: cargo generate-lockfile # https://twitter.com/jonhoo/status/1571290371124260865 @@ -34,6 +44,28 @@ jobs: - name: cargo test --doc run: cargo test --locked --all-features --doc minimal: + # This action chooses the oldest version of the dependencies permitted by Cargo.toml to ensure + # that this crate is compatible with the minimal version that this crate and its dependencies + # require. This will pickup issues where this create relies on functionality that was introduced + # later than the actual version specified (e.g., when we choose just a major version, but a + # method was added after this version). + # + # This particular check can be difficult to get to succeed as often transitive dependencies may + # be incorrectly specified (e.g., a dependency specifies 1.0 but really requires 1.1.5). There + # is an alternative flag available -Zminimal-direct that uses the minimal versions for direct + # dependencies of this crate, while selecting the maximal versions for the transitive + # dependencies. Alternatively, you can add a line in your Cargo.toml to artificially increase + # the minimal dependency, which you do with e.g.: + # ```toml + # # for minimal-versions + # [target.'cfg(any())'.dependencies] + # openssl = { version = "0.10.55", optional = true } # needed to allow foo to build with -Zminimal-versions + # ``` + # The optional = true is necessary in case that dependency isn't otherwise transitively required + # by your library, and the target bit is so that this dependency edge never actually affects + # Cargo build order. See also + # https://github.com/jonhoo/fantoccini/blob/fde336472b712bc7ebf5b4e772023a7ba71b2262/Cargo.toml#L47-L49. + # This action is run on ubuntu with the stable toolchain, as it is not expected to fail runs-on: ubuntu-latest name: ubuntu / stable / minimal-versions steps: @@ -51,6 +83,7 @@ jobs: - name: cargo test run: cargo test --locked --all-features --all-targets os-check: + # run cargo test on mac and windows runs-on: ${{ matrix.os }} name: ${{ matrix.os }} / stable strategy: @@ -75,6 +108,8 @@ jobs: - name: cargo test run: cargo test --locked --all-features --all-targets coverage: + # use llvm-cov to build and collect coverage and outputs in a format that is compatible with + # codecov.io runs-on: ubuntu-latest name: ubuntu / stable / coverage steps: From 3d6ab95662ede7ae2898cdc7bd5b75668c7b8ca0 Mon Sep 17 00:00:00 2001 From: Mathias Pius Date: Sat, 11 Nov 2023 15:01:33 +0100 Subject: [PATCH 02/13] Nit: Selecting direct minimal versions flag is -Zdirect-minimal-versions (#16) --- .github/workflows/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ab86e2d3..59028e1f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -52,14 +52,14 @@ jobs: # # This particular check can be difficult to get to succeed as often transitive dependencies may # be incorrectly specified (e.g., a dependency specifies 1.0 but really requires 1.1.5). There - # is an alternative flag available -Zminimal-direct that uses the minimal versions for direct - # dependencies of this crate, while selecting the maximal versions for the transitive + # is an alternative flag available -Zdirect-minimal-versions that uses the minimal versions for + # direct dependencies of this crate, while selecting the maximal versions for the transitive # dependencies. Alternatively, you can add a line in your Cargo.toml to artificially increase # the minimal dependency, which you do with e.g.: # ```toml # # for minimal-versions # [target.'cfg(any())'.dependencies] - # openssl = { version = "0.10.55", optional = true } # needed to allow foo to build with -Zminimal-versions + # openssl = { version = "0.10.55", optional = true } # needed to allow foo to build with -Zminimal-versions # ``` # The optional = true is necessary in case that dependency isn't otherwise transitively required # by your library, and the target bit is so that this dependency edge never actually affects From 60fdfbb65055e7e852820a75d9cf80b88d020702 Mon Sep 17 00:00:00 2001 From: Anas Date: Sun, 17 Dec 2023 17:52:41 +0200 Subject: [PATCH 03/13] chore: fix typos (#17) --- .github/workflows/nostd.yml | 2 +- .github/workflows/safety.yml | 4 ++-- .github/workflows/scheduled.yml | 2 +- .github/workflows/test.yml | 6 +++--- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/nostd.yml b/.github/workflows/nostd.yml index 93a16980..c12227af 100644 --- a/.github/workflows/nostd.yml +++ b/.github/workflows/nostd.yml @@ -1,6 +1,6 @@ # This workflow checks whether the library is able to run without the std library (e.g., embedded). # This entire file should be removed if this crate does not support no-std. See check.yml for -# information about how the concurrency cancelation and workflow triggering works +# information about how the concurrency cancellation and workflow triggering works permissions: contents: read on: diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml index afea8dfe..6bdd0550 100644 --- a/.github/workflows/safety.yml +++ b/.github/workflows/safety.yml @@ -1,10 +1,10 @@ # This workflow runs checks for unsafe code. In crates that don't have any unsafe code, this can be # removed. Runs: # - miri - detects undefined behavior and memory leaks -# - address santizer - detects memory errors +# - address sanitizer - detects memory errors # - leak sanitizer - detects memory leaks # - loom - Permutation testing for concurrent code https://crates.io/crates/loom -# See check.yml for information about how the concurrency cancelation and workflow triggering works +# See check.yml for information about how the concurrency cancellation and workflow triggering works permissions: contents: read on: diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index 15b1a7cd..02aa275a 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -1,6 +1,6 @@ # Run scheduled (rolling) jobs on a nightly basis, as your crate may break independently of any # given PR. E.g., updates to rust nightly and updates to this crates dependencies. See check.yml for -# information about how the concurrency cancelation and workflow triggering works +# information about how the concurrency cancellation and workflow triggering works permissions: contents: read on: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 59028e1f..b98103d2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -5,7 +5,7 @@ # requirements of this crate, and its dependencies # - os-check: runs the test suite on mac and windows # - coverage: runs the test suite and collects coverage information -# See check.yml for information about how the concurrency cancelation and workflow triggering works +# See check.yml for information about how the concurrency cancellation and workflow triggering works permissions: contents: read on: @@ -91,8 +91,8 @@ jobs: matrix: os: [macos-latest, windows-latest] steps: - # if your project needs OpenSSL, uncommment this to fix Windows builds. - # it's commented out by default as tthe install command takes 5-10m. + # if your project needs OpenSSL, uncomment this to fix Windows builds. + # it's commented out by default as the install command takes 5-10m. # - run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append # if: runner.os == 'Windows' # - run: vcpkg install openssl:x64-windows-static-md From a13691528b3f1918594bfc53db8cf5ad0240c59e Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Sun, 17 Dec 2023 18:15:06 +0100 Subject: [PATCH 04/13] Remove stray trailing whitespace --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b98103d2..fce71181 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -57,8 +57,8 @@ jobs: # dependencies. Alternatively, you can add a line in your Cargo.toml to artificially increase # the minimal dependency, which you do with e.g.: # ```toml - # # for minimal-versions - # [target.'cfg(any())'.dependencies] + # # for minimal-versions + # [target.'cfg(any())'.dependencies] # openssl = { version = "0.10.55", optional = true } # needed to allow foo to build with -Zminimal-versions # ``` # The optional = true is necessary in case that dependency isn't otherwise transitively required From f505e09b2a145de0df7445ca0ebe1f98b52ab3bc Mon Sep 17 00:00:00 2001 From: rtkay123 <70331483+rtkay123@users.noreply.github.com> Date: Sat, 20 Jan 2024 11:10:51 +0200 Subject: [PATCH 05/13] replace actions-rs/clippy-check with giraffate/clippy-action (#19) Co-authored-by: rtkay123 --- .github/workflows/check.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 6b4d13a7..c869ee7a 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -55,9 +55,10 @@ jobs: toolchain: ${{ matrix.toolchain }} components: clippy - name: cargo clippy - uses: actions-rs/clippy-check@v1 + uses: giraffate/clippy-action@v1 with: - token: ${{ secrets.GITHUB_TOKEN }} + reporter: 'github-pr-check' + github_token: ${{ secrets.GITHUB_TOKEN }} doc: # run docs generation on nightly rather than stable. This enables features like # https://doc.rust-lang.org/beta/unstable-book/language-features/doc-cfg.html which allows an From f8f04aefdf3c756e6a769399ce2ac89979338ad0 Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Sat, 3 Feb 2024 09:31:12 +0100 Subject: [PATCH 06/13] Semi-breaking: update codecov action Note: this requires adding `CODECOV_TOKEN` to your GitHub repository's secrets! See associated comment in the commit content. --- .github/workflows/test.yml | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fce71181..debdfe8b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -108,8 +108,27 @@ jobs: - name: cargo test run: cargo test --locked --all-features --all-targets coverage: - # use llvm-cov to build and collect coverage and outputs in a format that is compatible with - # codecov.io + # use llvm-cov to build and collect coverage and outputs in a format that + # is compatible with codecov.io + # + # note that codecov as of v4 requires that CODECOV_TOKEN from + # + # https://app.codecov.io/gh///settings + # + # is set in two places on your repo: + # + # - https://github.com/jonhoo/guardian/settings/secrets/actions + # - https://github.com/jonhoo/guardian/settings/secrets/dependabot + # + # (the former is needed for codecov uploads to work with Dependabot PRs) + # + # PRs coming from forks of your repo will not have access to the token, but + # for those, codecov allows uploading coverage reports without a token. + # it's all a little weird and inconvenient. see + # + # https://github.com/codecov/feedback/issues/112 + # + # for lots of more discussion runs-on: ubuntu-latest name: ubuntu / stable / coverage steps: @@ -127,7 +146,11 @@ jobs: run: cargo generate-lockfile - name: cargo llvm-cov run: cargo llvm-cov --locked --all-features --lcov --output-path lcov.info + - name: record Rust version + run: echo "RUST=$(rustc --version)" >> "$GITHUB_ENV" - name: Upload to codecov.io - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 with: fail_ci_if_error: true + token: ${{ secrets.CODECOV_TOKEN }} + env_vars: OS,RUST From caa3616c250361bac585b6979e5390e403b45097 Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Sat, 3 Feb 2024 09:44:41 +0100 Subject: [PATCH 07/13] Uniform capitalization --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index debdfe8b..f7540aee 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -146,7 +146,7 @@ jobs: run: cargo generate-lockfile - name: cargo llvm-cov run: cargo llvm-cov --locked --all-features --lcov --output-path lcov.info - - name: record Rust version + - name: Record Rust version run: echo "RUST=$(rustc --version)" >> "$GITHUB_ENV" - name: Upload to codecov.io uses: codecov/codecov-action@v4 From 528977532c28ad859bea7ba0cb5e6cb3e0fce56b Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Sun, 31 Mar 2024 10:42:53 +0200 Subject: [PATCH 08/13] Add cargo-semver-checks --- .github/workflows/check.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index c869ee7a..98834bfe 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -59,6 +59,19 @@ jobs: with: reporter: 'github-pr-check' github_token: ${{ secrets.GITHUB_TOKEN }} + semver: + runs-on: ubuntu-latest + name: semver + steps: + - uses: actions/checkout@v4 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt + - name: cargo-semver-checks + uses: obi1kenobi/cargo-semver-checks-action@v2 doc: # run docs generation on nightly rather than stable. This enables features like # https://doc.rust-lang.org/beta/unstable-book/language-features/doc-cfg.html which allows an From dcf68836181145511a35a269e8392d0a0f0c61e1 Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Sun, 7 Jul 2024 10:05:52 +0200 Subject: [PATCH 09/13] More intelligent dependabot behaviour --- .github/dependabot.yml | 59 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 53 insertions(+), 6 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d0f091e7..f9d7d1c3 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,16 +4,63 @@ updates: directory: / schedule: interval: daily + # Cargo major version update notifications (PRs) we always want - package-ecosystem: cargo directory: / - schedule: - interval: daily ignore: - dependency-name: "*" - # patch and minor updates don't matter for libraries as consumers of this library build - # with their own lockfile, rather than the version specified in this library's lockfile - # remove this ignore rule if your package has binaries to ensure that the binaries are - # built with the exact set of dependencies and those are up to date. update-types: - "version-update:semver-patch" - "version-update:semver-minor" + schedule: + # we want to know about them immediately + interval: daily + groups: + # we group major bumps for dev-dependencies together in case there are + # related groups of breaking changes. that _can_ be the case for + # production dependencies too, but there one should be more diligent + # about each major bump in case it constitutes a breaking change to the + # current crate too. + major-dev: + dependency-type: "development" + update-types: + - "major" + # patch and minor updates don't matter for libraries, as consumers of a + # library build with their own lockfile, rather than the version specified in + # this library's lockfile. so for libraries (which is most crates), we should + # never update non-major versions, and so the following rule is disabled by + # default. + # + # if your package has binaries, enable this rule by commenting out the + # `open-pull-requests-limit` line. this will open a PR once a month that + # effectively runs `cargo update` to ensure that the binaries are built with + # the exact set of dependencies and those are up to date. + - package-ecosystem: cargo + # this rule is disabled by default; comment out this line to re-enable: + open-pull-requests-limit: 0 + directory: / + schedule: + interval: monthly + # select only minor + patch by excluding major. dependabot doesn't appear + # to have an include-only rule, so we have to do it by exclusion. + ignore: + - dependency-name: "*" + update-types: + - "version-update:semver-major" + # never bump the version in `Cargo.toml` for minor/patch upgrades; it + # should only change when the major version changes to avoid requiring + # downstream packages from also running a `cargo update` (and possibly + # bumping MSRV unnecessarily as a result). + # + # TODO: https://github.com/dependabot/dependabot-core/issues/4009 + # versioning-strategy: "increase-if-necessary" + versioning-strategy: "lockfile-only" + groups: + # note that since this is perfectly disjoint with the `ignore` rule, all + # minor/patch updates will end up in a single group, and thus in a single + # PR. grouping all of these together only (generally) works because the + # Rust community is fairly good about respecting semver. + cargo-update: + update-types: + - "minor" + - "patch" From 799c99e0cf77d2289ab47e84fa3b8296cfc5beb1 Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Sun, 7 Jul 2024 10:18:50 +0200 Subject: [PATCH 10/13] Revert "More intelligent dependabot behaviour" This reverts commit dcf68836181145511a35a269e8392d0a0f0c61e1. Will not work due to https://github.com/dependabot/dependabot-core/issues/10160 --- .github/dependabot.yml | 59 +++++------------------------------------- 1 file changed, 6 insertions(+), 53 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f9d7d1c3..d0f091e7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,63 +4,16 @@ updates: directory: / schedule: interval: daily - # Cargo major version update notifications (PRs) we always want - package-ecosystem: cargo directory: / - ignore: - - dependency-name: "*" - update-types: - - "version-update:semver-patch" - - "version-update:semver-minor" schedule: - # we want to know about them immediately interval: daily - groups: - # we group major bumps for dev-dependencies together in case there are - # related groups of breaking changes. that _can_ be the case for - # production dependencies too, but there one should be more diligent - # about each major bump in case it constitutes a breaking change to the - # current crate too. - major-dev: - dependency-type: "development" - update-types: - - "major" - # patch and minor updates don't matter for libraries, as consumers of a - # library build with their own lockfile, rather than the version specified in - # this library's lockfile. so for libraries (which is most crates), we should - # never update non-major versions, and so the following rule is disabled by - # default. - # - # if your package has binaries, enable this rule by commenting out the - # `open-pull-requests-limit` line. this will open a PR once a month that - # effectively runs `cargo update` to ensure that the binaries are built with - # the exact set of dependencies and those are up to date. - - package-ecosystem: cargo - # this rule is disabled by default; comment out this line to re-enable: - open-pull-requests-limit: 0 - directory: / - schedule: - interval: monthly - # select only minor + patch by excluding major. dependabot doesn't appear - # to have an include-only rule, so we have to do it by exclusion. ignore: - dependency-name: "*" + # patch and minor updates don't matter for libraries as consumers of this library build + # with their own lockfile, rather than the version specified in this library's lockfile + # remove this ignore rule if your package has binaries to ensure that the binaries are + # built with the exact set of dependencies and those are up to date. update-types: - - "version-update:semver-major" - # never bump the version in `Cargo.toml` for minor/patch upgrades; it - # should only change when the major version changes to avoid requiring - # downstream packages from also running a `cargo update` (and possibly - # bumping MSRV unnecessarily as a result). - # - # TODO: https://github.com/dependabot/dependabot-core/issues/4009 - # versioning-strategy: "increase-if-necessary" - versioning-strategy: "lockfile-only" - groups: - # note that since this is perfectly disjoint with the `ignore` rule, all - # minor/patch updates will end up in a single group, and thus in a single - # PR. grouping all of these together only (generally) works because the - # Rust community is fairly good about respecting semver. - cargo-update: - update-types: - - "minor" - - "patch" + - "version-update:semver-patch" + - "version-update:semver-minor" From 5ed5ed26c75685740abb4af25c17b18cc091edcf Mon Sep 17 00:00:00 2001 From: Charles Edward Gagnon <76854355+carloskiki@users.noreply.github.com> Date: Sun, 18 Aug 2024 03:28:39 -0400 Subject: [PATCH 11/13] documentation check with `cargo-docs-rs` (#23) --- .github/workflows/check.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 98834bfe..5251954f 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -84,10 +84,10 @@ jobs: submodules: true - name: Install nightly uses: dtolnay/rust-toolchain@nightly - - name: cargo doc - run: cargo doc --no-deps --all-features - env: - RUSTDOCFLAGS: --cfg docsrs + - name: Install cargo-docs-rs + uses: dtolnay/install@cargo-docs-rs + - name: cargo docs-rs + run: cargo docs-rs hack: # cargo-hack checks combinations of feature flags to ensure that features are all additive # which is required for feature unification From c6a836118612ec10478df972f523000eb4387339 Mon Sep 17 00:00:00 2001 From: cospectrum Date: Sat, 14 Sep 2024 11:18:31 +0300 Subject: [PATCH 12/13] fix shell-check (#24) --- .github/workflows/safety.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml index 6bdd0550..83da574d 100644 --- a/.github/workflows/safety.yml +++ b/.github/workflows/safety.yml @@ -59,7 +59,7 @@ jobs: with: submodules: true - run: | - echo "NIGHTLY=nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)" >> $GITHUB_ENV + echo "NIGHTLY=nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)" >> "$GITHUB_ENV" - name: Install ${{ env.NIGHTLY }} uses: dtolnay/rust-toolchain@master with: From fabb82abd53e0052c8b70ae197a80e6203ede26d Mon Sep 17 00:00:00 2001 From: Jon Gjengset Date: Tue, 19 Nov 2024 12:08:56 +0100 Subject: [PATCH 13/13] Upgrade codecov-action to v5 See https://github.com/codecov/codecov-action/issues/1645. --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f7540aee..0c04742a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -149,7 +149,7 @@ jobs: - name: Record Rust version run: echo "RUST=$(rustc --version)" >> "$GITHUB_ENV" - name: Upload to codecov.io - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: fail_ci_if_error: true token: ${{ secrets.CODECOV_TOKEN }}