From a614e157b305c0c4cc38c3b0aa8c1b2377c1ca7c Mon Sep 17 00:00:00 2001 From: elipeter Date: Wed, 25 Jun 2025 00:49:29 +0200 Subject: [PATCH] ci: Update CI workflow with matrix strategy, security checks, and linting rules adjustments --- .github/workflows/ci.yml | 41 +++++++++++++++++++++++++++------------- src/patterns/mod.rs | 41 ++++++++++++++++++++-------------------- 2 files changed, 48 insertions(+), 34 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ccc84259..d20b9cbd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,22 +2,37 @@ name: CI on: push: - branches: [ "master" ] + branches: [main] pull_request: - branches: [ "master" ] - -env: - CARGO_TERM_COLOR: always + branches: [main] jobs: test: runs-on: ubuntu-latest + strategy: + matrix: + rust: [stable, beta] steps: - - uses: actions/checkout@v4 - - uses: Swatinem/rust-cache@v2 - - name: Build - run: cargo build - - name: Run linter - run: cargo clippy --all-targets --all-features -- -D warnings - - name: Run tests - run: cargo test --verbose + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 + with: + toolchain: ${{ matrix.rust }} + components: clippy, rustfmt + - uses: Swatinem/rust-cache@v2 + + - name: Format check + run: cargo fmt --all -- --check + + - name: Lint (Clippy) + run: cargo clippy --all-targets --all-features -- -D warnings + + - name: Build & Test + run: cargo test --all-features --verbose + + - name: Security audit + uses: actions-rs/audit-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: License & advisory checks + uses: EmbarkStudios/cargo-deny-action@v2 diff --git a/src/patterns/mod.rs b/src/patterns/mod.rs index c429eed6..0cc4173d 100644 --- a/src/patterns/mod.rs +++ b/src/patterns/mod.rs @@ -59,8 +59,7 @@ impl FromStr for Severity { } /// One AST pattern with a tree-sitter query and meta-data. -#[derive(Debug, Clone, Serialize)] -#[derive(PartialEq)] +#[derive(Debug, Clone, Serialize, PartialEq)] pub struct Pattern { /// Unique identifier (snake-case preferred). pub id: &'static str, @@ -117,32 +116,32 @@ pub fn load(lang: &str) -> Vec { #[test] fn severity_as_db_str_roundtrip() { - for &s in &[Severity::High, Severity::Medium, Severity::Low] { - let db = s.as_db_str(); - assert!(matches!(db, "HIGH" | "MEDIUM" | "LOW")); - - assert_eq!(db.parse::().unwrap(), s); - assert_eq!(db.to_lowercase().parse::().unwrap(), s); - } + for &s in &[Severity::High, Severity::Medium, Severity::Low] { + let db = s.as_db_str(); + assert!(matches!(db, "HIGH" | "MEDIUM" | "LOW")); + + assert_eq!(db.parse::().unwrap(), s); + assert_eq!(db.to_lowercase().parse::().unwrap(), s); + } } #[test] fn severity_display_contains_uppercase_name() { - assert!(Severity::High.to_string().contains("HIGH")); - assert!(Severity::Medium.to_string().contains("MEDIUM")); - assert!(Severity::Low.to_string().contains("LOW")); + assert!(Severity::High.to_string().contains("HIGH")); + assert!(Severity::Medium.to_string().contains("MEDIUM")); + assert!(Severity::Low.to_string().contains("LOW")); } #[test] fn load_returns_correct_pattern_slices() { - let rust = load("rust"); - assert!(!rust.is_empty(), "Rust patterns should be loaded"); + let rust = load("rust"); + assert!(!rust.is_empty(), "Rust patterns should be loaded"); - let ts = load("typescript"); - let tsx = load("tsx"); - assert_eq!(ts, tsx, "alias ‘tsx’ must map to TypeScript patterns"); - - assert_eq!(load("RUST"), rust); - - assert!(load("brainfuck").is_empty()); + let ts = load("typescript"); + let tsx = load("tsx"); + assert_eq!(ts, tsx, "alias ‘tsx’ must map to TypeScript patterns"); + + assert_eq!(load("RUST"), rust); + + assert!(load("brainfuck").is_empty()); }