From 2ae2b978f3fad7a58cb129333b36a210bb200488 Mon Sep 17 00:00:00 2001 From: seth Date: Thu, 19 Dec 2024 16:26:18 -0500 Subject: jolly winter cleanup (#251) * ci: bump DeterminateSystems/nix-installer-action from 13 to 16 Bumps [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action) from 13 to 16. - [Release notes](https://github.com/determinatesystems/nix-installer-action/releases) - [Commits](https://github.com/determinatesystems/nix-installer-action/compare/v13...v16) --- updated-dependencies: - dependency-name: DeterminateSystems/nix-installer-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * crates: bump serde from 1.0.209 to 1.0.215 Bumps [serde](https://github.com/serde-rs/serde) from 1.0.209 to 1.0.215. - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.209...v1.0.215) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * crates: bump serde_json from 1.0.127 to 1.0.133 Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.127 to 1.0.133. - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.127...v1.0.133) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * crates: bump tokio from 1.40.0 to 1.41.1 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.40.0 to 1.41.1. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.40.0...tokio-1.41.1) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * crates: bump reqwest from 0.12.7 to 0.12.9 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.7 to 0.12.9. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.7...v0.12.9) --- updated-dependencies: - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * nix: update flake.lock * ci: bump DeterminateSystems/magic-nix-cache-action from 7 to 8 Bumps [DeterminateSystems/magic-nix-cache-action](https://github.com/determinatesystems/magic-nix-cache-action) from 7 to 8. - [Release notes](https://github.com/determinatesystems/magic-nix-cache-action/releases) - [Commits](https://github.com/determinatesystems/magic-nix-cache-action/compare/v7...v8) --- updated-dependencies: - dependency-name: DeterminateSystems/magic-nix-cache-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * treewide: debrand * nix: adopt new darwin sdk * nix: drop treefmt * nix: misc formatting changes * ci: cleanup * nix: pass version info to static builds * nix: mv {derivation,package}.nix * eyre -> anyhow * remove 2024 edition warnings * format with rustfmt * remove optional commands * ci: don't include internal variables in job names * nix: enable for lto builds --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: getchoo-bot[bot] <183349775+getchoo-bot[bot]@users.noreply.github.com> --- .github/workflows/clippy.yaml | 66 +++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 34 deletions(-) (limited to '.github/workflows/clippy.yaml') diff --git a/.github/workflows/clippy.yaml b/.github/workflows/clippy.yaml index cd99256..138e418 100644 --- a/.github/workflows/clippy.yaml +++ b/.github/workflows/clippy.yaml @@ -1,56 +1,54 @@ -name: Clippy +name: "Clippy" on: push: - branches: [main] + branches: [ "main" ] paths: - - 'Cargo.toml' - - 'Cargo.lock' - - '**.rs' + - "**.rs" + - "**.lock" + - "Cargo.toml" + - "flake.nix" + + - ".github/workflows/clippy.yaml" pull_request: paths: - - 'Cargo.toml' - - 'Cargo.lock' - - '**.rs' + - "**.rs" + - "**.lock" + - "Cargo.toml" + - "flake.nix" + + - ".github/workflows/clippy.yaml" workflow_dispatch: jobs: clippy: - name: Run scan + name: "Run scan" - runs-on: ubuntu-latest + runs-on: "ubuntu-latest" permissions: - security-events: write + contents: "read" + security-events: "write" steps: - - name: Checkout repository - uses: actions/checkout@v4 + - name: "Checkout repository" + uses: "actions/checkout@v4" - - name: Install Rust - uses: actions-rust-lang/setup-rust-toolchain@v1 - with: - components: clippy + - name: "Install Nix" + uses: "cachix/install-nix-action@v30" - - name: Install SARIF tools - run: | - cargo install clippy-sarif sarif-fmt + - name: "Setup Nix cache" + uses: "DeterminateSystems/magic-nix-cache-action@v8" - - name: Fetch Cargo deps + - name: "Run Clippy" + id: "clippy-run" run: | - cargo fetch --locked + nix build --print-build-logs .#checks.x86_64-linux.clippy-sarif + [ -L result ] || exit 1 + echo "sarif-file=$(readlink -f result)" >> "$GITHUB_OUTPUT" - - name: Run Clippy - continue-on-error: true - run: | - cargo clippy \ - --all-features \ - --all-targets \ - --message-format=json \ - | clippy-sarif | tee /tmp/clippy.sarif | sarif-fmt - - - name: Upload results - uses: github/codeql-action/upload-sarif@v3 + - name: "Upload results" + uses: "github/codeql-action/upload-sarif@v3" with: - sarif_file: /tmp/clippy.sarif + sarif_file: ${{ steps.clippy-run.outputs.sarif-file }} wait-for-processing: true -- cgit v1.2.3