Skip to content
CI

chore: release v0.37.1 #103

Sign in to view logs

chore: release v0.37.1

chore: release v0.37.1 #103

Workflow file for this run

.github/workflows/ci.yml at d1cf2c2
name: CI
on:
pull_request:
branches: [main]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
# Override target-cpu=native from .cargo/config.toml (breaks CI runners)
RUSTFLAGS: ""
jobs:
# Detect what changed to decide which jobs to run
changes:
name: Detect Changes
runs-on: ubuntu-latest
outputs:
rust: ${{ steps.filter.outputs.rust }}
installer: ${{ steps.filter.outputs.installer }}
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
rust:
- 'src/**'
- 'Cargo.toml'
- 'Cargo.lock'
- 'tests/**/*.rs'
- '.github/workflows/ci.yml'
installer:
- 'installer/**'
- 'skills/**'
# Rust build, test, lint — only when Rust code changes
build:
name: Build & Test
needs: changes
if: needs.changes.outputs.rust == 'true'
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
# MSRV 1.88 - AWS SDK requires Rust 1.88
rust: ["1.88"]
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
components: clippy, rustfmt
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Check formatting
if: matrix.os == 'ubuntu-latest'
run: cargo fmt --all -- --check
- name: Build
run: cargo build --verbose
- name: Run tests
run: cargo test --verbose
- name: Clippy
if: matrix.os == 'ubuntu-latest'
# Focus on correctness lints, not style (too many legacy style warnings)
# Allow structural lints that require significant refactoring
run: |
cargo clippy -- \
-D clippy::correctness -D clippy::suspicious -D clippy::complexity \
-A clippy::collapsible_if -A clippy::collapsible_else_if \
-A clippy::needless_borrows_for_generic_args -A clippy::single_match \
-A clippy::too_many_arguments -A clippy::type_complexity \
-A clippy::only_used_in_recursion -A clippy::manual_is_multiple_of \
-A clippy::derivable_impls -A clippy::wildcard_in_or_patterns \
-A clippy::manual_strip -A clippy::manual_div_ceil \
-A dead_code -A unused_assignments
# Installer tests — only when installer or skills change
installer:
name: Installer Tests
needs: changes
if: needs.changes.outputs.installer == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install dependencies
working-directory: installer
run: npm ci
- name: Build
working-directory: installer
run: npm run build
- name: Run tests
working-directory: installer
run: npm test
# Security audit — only when Rust deps change
security:
name: Security Audit
needs: changes
if: needs.changes.outputs.rust == 'true'
runs-on: ubuntu-latest
permissions:
checks: write
contents: read
steps:
- uses: actions/checkout@v4
- uses: rustsec/audit-check@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
# Ignore advisories in transitive dependencies we cannot control:
# - gix-date (RUSTSEC-2025-0140): via rustsec crate, awaiting upstream fix
# - bincode (RUSTSEC-2025-0141): via syntect, marked "complete" by maintainer
# - aws-lc-sys (RUSTSEC-2026-0044..0048): via aws-sdk, awaiting upstream bump to >=0.39.0
# - rustls-webpki (RUSTSEC-2026-0049): via rustls, awaiting upstream bump to >=0.103.10
# - Other transitive deps from rustsec, aws-sdk, kube, etc.
ignore: RUSTSEC-2020-0163,RUSTSEC-2024-0320,RUSTSEC-2025-0057,RUSTSEC-2025-0074,RUSTSEC-2025-0075,RUSTSEC-2025-0080,RUSTSEC-2025-0081,RUSTSEC-2025-0098,RUSTSEC-2025-0104,RUSTSEC-2025-0134,RUSTSEC-2025-0140,RUSTSEC-2025-0141,RUSTSEC-2026-0044,RUSTSEC-2026-0045,RUSTSEC-2026-0046,RUSTSEC-2026-0047,RUSTSEC-2026-0048,RUSTSEC-2026-0049