From 5f01d3d0fea658926609c98e6448a8b6955c25db Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 2 Feb 2026 15:31:57 +0000 Subject: [PATCH 01/42] chore(deps): Update pre-commit hook crate-ci/typos to v1.43.0 --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7aa56f7..714e2e1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -10,7 +10,7 @@ repos: - id: check-case-conflict - id: detect-private-key - repo: https://github.com/crate-ci/typos - rev: v1.42.1 + rev: v1.43.0 hooks: - id: typos - repo: https://github.com/crate-ci/committed From bda89afdb392607c2dd24187c8ffe2b526c2b1dc Mon Sep 17 00:00:00 2001 From: Ed Page Date: Wed, 18 Feb 2026 10:39:14 -0600 Subject: [PATCH 02/42] chore(ci): Fix prek version updating --- .github/renovate.json5 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index cc1fefc..cf9d0bc 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -64,7 +64,7 @@ matchDepNames: [ 'prek', ], - extractVersion: '^(?\\d+\\.\\d+\\.\\d+)', + extractVersion: '^v(?\\d+\\.\\d+\\.\\d+)', schedule: [ '* * * * *', ], From 8485f9d184100e64d65639c4423509144b7d4845 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 18 Feb 2026 16:45:48 +0000 Subject: [PATCH 03/42] chore(deps): Update Prek to v0.3.3 (#45) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | minor | `0.2.27` → `0.3.3` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.3`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#033) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.2...v0.3.3) Released on 2026-02-15. ##### Enhancements - Read Python version specifier from hook repo `pyproject.toml` ([#​1596](https://redirect.github.com/j178/prek/pull/1596)) - Add `#:schema` directives to generated prek.toml ([#​1597](https://redirect.github.com/j178/prek/pull/1597)) - Add `prek util list-builtins` command ([#​1600](https://redirect.github.com/j178/prek/pull/1600)) - Expand install source detection to `mise`, `uv tool`, `pipx`, and `asdf` ([#​1605](https://redirect.github.com/j178/prek/pull/1605), [#​1607](https://redirect.github.com/j178/prek/pull/1607)) - Add progress bar to `cache clean` and show removal summary ([#​1616](https://redirect.github.com/j178/prek/pull/1616)) - Make `yaml-to-toml` CONFIG argument optional ([#​1593](https://redirect.github.com/j178/prek/pull/1593)) - `prek uninstall` removes legacy scripts too ([#​1622](https://redirect.github.com/j178/prek/pull/1622)) ##### Bug fixes - Fix underflow when formatting summary output ([#​1626](https://redirect.github.com/j178/prek/pull/1626)) - Match `files/exclude` filter against relative path of nested project ([#​1624](https://redirect.github.com/j178/prek/pull/1624)) - Select `musllinux` wheel tag for uv on musl-based distros ([#​1628](https://redirect.github.com/j178/prek/pull/1628)) ##### Documentation - Clarify `prek list` description ([#​1604](https://redirect.github.com/j178/prek/pull/1604)) ##### Contributors - [@​ichoosetoaccept](https://redirect.github.com/ichoosetoaccept) - [@​shaanmajid](https://redirect.github.com/shaanmajid) - [@​soraxas](https://redirect.github.com/soraxas) - [@​9999years](https://redirect.github.com/9999years) - [@​j178](https://redirect.github.com/j178) ### [`v0.3.2`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#032) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.1...v0.3.2) Released on 2026-02-06. ##### Highlights - **`prek.toml` is here!** You can now use `prek.toml` as an alternative to `.pre-commit-config.yaml` for configuring prek. `prek.toml` mirrors the structure of `.pre-commit-config.yaml`, but TOML is less error-prone. Your existing `.pre-commit-config.yaml` will continue to work, but for new users and new projects, `prek.toml` may make more sense. If you want to switch, run `prek util yaml-to-toml` to convert YAML configs to `prek.toml`. See [configuration docs](configuration.md) for details. For example, this config: ```yaml repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: - id: check-yaml ``` Can be written as `prek.toml` like this: ```toml [[repos]] repo = "https://github.com/pre-commit/pre-commit-hooks" rev = "v6.0.0" hooks = [ { id = "check-yaml" } ] ``` - **`serde-yaml` has been replaced with `serde-saphyr`** We replaced the long-deprecated `serde-yaml` crate with [`serde-saphyr`](https://crates.io/crates/serde-saphyr) for YAML parsing. It is written in safe Rust and has better error messages, performance, and security. This lets us provide precise location information for configuration parsing errors, which should make it easier to fix config issues. For example, this invalid config: ```yaml repos: - repo: https://github.com/crate-ci/typos hooks: - id: typos ``` Before: ```console $ prek run error: Failed to parse `.pre-commit-config.yaml` caused by: Invalid remote repo: missing field `rev` ``` Now: ```console $ prek run error: Failed to parse `.pre-commit-config.yaml` caused by: error: line 2 column 5: missing field `rev` at line 2, column 5 --> :2:5 | 1 | repos: 2 | - repo: https://github.com/crate-ci/typos | ^ missing field `rev` at line 2, column 5 3 | hooks: 4 | - id: typos | ``` - **`prek util` subcommands** We added a new `prek util` top-level command for miscellaneous utilities that don't fit into other categories. The first two utilities are: - `prek util identify`: shows the identification tags of files that prek uses for file filtering, which can be useful for debugging and writing `types/types_or/exclude_types` filters. - `prek util yaml-to-toml`: converts `.pre-commit-config.yaml` to `prek.toml`. We also moved `prek init-template-dir` under `prek util` for better organization. The old `prek init-template-dir` command is still available (hidden) as an alias for backward compatibility. ##### Enhancements - Add `prek util identify` subcommand ([#​1554](https://redirect.github.com/j178/prek/pull/1554)) - Add `prek util yaml-to-toml` to convert `.pre-commit-config.yaml` to `prek.toml` ([#​1584](https://redirect.github.com/j178/prek/pull/1584)) - Detect install source for actionable upgrade hints ([#​1540](https://redirect.github.com/j178/prek/pull/1540)) - Detect prek installed by the standalone installer ([#​1545](https://redirect.github.com/j178/prek/pull/1545)) - Implement `serialize_yaml_scalar` using `serde-saphyr` ([#​1534](https://redirect.github.com/j178/prek/pull/1534)) - Improve max cli arguments length calculation ([#​1518](https://redirect.github.com/j178/prek/pull/1518)) - Move `identify` and `init-template-dir` under the `prek util` top-level command ([#​1574](https://redirect.github.com/j178/prek/pull/1574)) - Replace serde-yaml with serde-saphyr (again) ([#​1520](https://redirect.github.com/j178/prek/pull/1520)) - Show precise location for config parsing error ([#​1530](https://redirect.github.com/j178/prek/pull/1530)) - Support `Julia` language ([#​1519](https://redirect.github.com/j178/prek/pull/1519)) - Support `prek.toml` ([#​1271](https://redirect.github.com/j178/prek/pull/1271)) - Added `PREK_QUIET` environment variable support ([#​1513](https://redirect.github.com/j178/prek/pull/1513)) - Remove upper bound constraint of uv version ([#​1588](https://redirect.github.com/j178/prek/pull/1588)) ##### Bug fixes - Do not make the child a session leader ([#​1586](https://redirect.github.com/j178/prek/pull/1586)) - Fix FilePattern schema to accept plain strings ([#​1564](https://redirect.github.com/j178/prek/pull/1564)) - Use semver fallback sort when tag timestamps are equal ([#​1579](https://redirect.github.com/j178/prek/pull/1579)) ##### Documentation - Add `OpenClaw` to the list of users ([#​1517](https://redirect.github.com/j178/prek/pull/1517)) - Add `cachix/devenv`, `apache/lucene`, `copper-project/copper-rs` as projects using prek ([#​1531](https://redirect.github.com/j178/prek/pull/1531), [#​1514](https://redirect.github.com/j178/prek/pull/1514), [#​1569](https://redirect.github.com/j178/prek/pull/1569)) - Add document about authoring remote hooks ([#​1571](https://redirect.github.com/j178/prek/pull/1571)) - Add `llms.txt` generation for LLM-friendly documentation ([#​1553](https://redirect.github.com/j178/prek/pull/1553)) - Document using `--refresh` to pick up `.prekignore` changes ([#​1575](https://redirect.github.com/j178/prek/pull/1575)) - Fix PowerShell completion instruction syntax ([#​1568](https://redirect.github.com/j178/prek/pull/1568)) - Update quick start to use `prek.toml` ([#​1576](https://redirect.github.com/j178/prek/pull/1576)) ##### Other changes - Include `prek.toml` in run hint for config filename ([#​1578](https://redirect.github.com/j178/prek/pull/1578)) ##### Contributors - [@​fatelei](https://redirect.github.com/fatelei) - [@​domenkozar](https://redirect.github.com/domenkozar) - [@​makeecat](https://redirect.github.com/makeecat) - [@​fllesser](https://redirect.github.com/fllesser) - [@​j178](https://redirect.github.com/j178) - [@​copilot-swe-agent](https://redirect.github.com/copilot-swe-agent) - [@​oopscompiled](https://redirect.github.com/oopscompiled) - [@​rmuir](https://redirect.github.com/rmuir) - [@​shaanmajid](https://redirect.github.com/shaanmajid) ### [`v0.3.1`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#031) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.0...v0.3.1) Released on 2026-01-31. ##### Enhancements - Add `language: swift` support ([#​1463](https://redirect.github.com/j178/prek/pull/1463)) - Add `language: haskell` support ([#​1484](https://redirect.github.com/j178/prek/pull/1484)) - Extract go version constraint from `go.mod` ([#​1457](https://redirect.github.com/j178/prek/pull/1457)) - Warn when config file exists but fails to parse ([#​1487](https://redirect.github.com/j178/prek/pull/1487)) - Add GitHub artifact attestations to release and build-docker workflow ([#​1494](https://redirect.github.com/j178/prek/pull/1494), [#​1497](https://redirect.github.com/j178/prek/pull/1497)) - Allow `GIT_CONFIG_PARAMETERS` for private repository authentication ([#​1472](https://redirect.github.com/j178/prek/pull/1472)) - Show progress bar when running builtin hooks ([#​1504](https://redirect.github.com/j178/prek/pull/1504)) ##### Bug fixes - Cap ARG\_MAX at `1<<19` for safety ([#​1506](https://redirect.github.com/j178/prek/pull/1506)) - Don't check Python executable path in health check ([#​1496](https://redirect.github.com/j178/prek/pull/1496)) ##### Documentation - Include `CocoIndex` as a project using prek ([#​1477](https://redirect.github.com/j178/prek/pull/1477)) - Add commands for artifact verification using GitHub Attestations ([#​1500](https://redirect.github.com/j178/prek/pull/1500)) ##### Contributors - [@​halms](https://redirect.github.com/halms) - [@​Haleshot](https://redirect.github.com/Haleshot) - [@​simono](https://redirect.github.com/simono) - [@​tisonkun](https://redirect.github.com/tisonkun) - [@​fllesser](https://redirect.github.com/fllesser) - [@​j178](https://redirect.github.com/j178) - [@​shaanmajid](https://redirect.github.com/shaanmajid) ### [`v0.3.0`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#030) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.2.30...v0.3.0) Released on 2026-01-22. ##### Highlights - `prek cache gc` (also available via `prek gc` for pre-commit compatibility) is finally here! You can now run `prek cache gc` to clean up unused repos, hook envs and tool versions from prek cache. - `language: bun` is now supported, making it possible to write and run hooks with [Bun](https://bun.sh/). ##### Enhancements - Implement `prek cache gc` ([#​1410](https://redirect.github.com/j178/prek/pull/1410)) - Bootstrap tracking configs from workspace cache ([#​1417](https://redirect.github.com/j178/prek/pull/1417)) - Show total size `prek cache gc` removed ([#​1418](https://redirect.github.com/j178/prek/pull/1418)) - Show accurate repo and hook details in `prek cache gc -v` ([#​1420](https://redirect.github.com/j178/prek/pull/1420)) - `prek cache gc` remove specific unused tool versions ([#​1422](https://redirect.github.com/j178/prek/pull/1422)) - Fix unused tool versions not removed in `prek cache gc` ([#​1436](https://redirect.github.com/j178/prek/pull/1436)) - Add `language: bun` support ([#​1411](https://redirect.github.com/j178/prek/pull/1411)) - Use `git ls-remote --tags` to list bun versions ([#​1439](https://redirect.github.com/j178/prek/pull/1439)) - Accept `--stage` as an alias for `--hook-stage` in `prek run` ([#​1398](https://redirect.github.com/j178/prek/pull/1398)) - Expand `~` tilde in `PREK_HOME` ([#​1431](https://redirect.github.com/j178/prek/pull/1431)) - Support refs to trees ([#​1449](https://redirect.github.com/j178/prek/pull/1449)) ##### Bug fixes - Avoid file lock warning for in-process contention ([#​1406](https://redirect.github.com/j178/prek/pull/1406)) - Resolve relative repo paths from config file directory ([#​1443](https://redirect.github.com/j178/prek/pull/1443)) - fix: use `split()` instead of `resolve(None)` for builtin hook argument parsing ([#​1415](https://redirect.github.com/j178/prek/pull/1415)) ##### Documentation - Add `simple-icons` and `ast-grep` to the users of prek ([#​1403](https://redirect.github.com/j178/prek/pull/1403)) - Improve JSON schema for `repo` field ([#​1432](https://redirect.github.com/j178/prek/pull/1432)) - Improve JSON schema for builtin and meta hooks ([#​1427](https://redirect.github.com/j178/prek/pull/1427)) - Add pronunciation entry to FAQ ([#​1442](https://redirect.github.com/j178/prek/pull/1442)) - Add commitizen to the list of projects using prek ([#​1413](https://redirect.github.com/j178/prek/pull/1413)) - Move docs to zensical ([#​1421](https://redirect.github.com/j178/prek/pull/1421)) ##### Other Changes - Refactor config layout ([#​1407](https://redirect.github.com/j178/prek/pull/1407)) ##### Contributors - [@​shaanmajid](https://redirect.github.com/shaanmajid) - [@​KevinGimbel](https://redirect.github.com/KevinGimbel) - [@​jtamagnan](https://redirect.github.com/jtamagnan) - [@​jmeickle-theaiinstitute](https://redirect.github.com/jmeickle-theaiinstitute) - [@​YazdanRa](https://redirect.github.com/YazdanRa) - [@​j178](https://redirect.github.com/j178) - [@​mschoettle](https://redirect.github.com/mschoettle) - [@​tisonkun](https://redirect.github.com/tisonkun) ### [`v0.2.30`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#0230) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.2.29...v0.2.30) Released on 2026-01-18. ##### Enhancements - Build binaries using minimal-size profile ([#​1376](https://redirect.github.com/j178/prek/pull/1376)) - Check for duplicate keys in `check-json5` builtin hook ([#​1387](https://redirect.github.com/j178/prek/pull/1387)) - Preserve quoting style in `auto-update` ([#​1379](https://redirect.github.com/j178/prek/pull/1379)) - Show warning if file lock acquiring blocks for long time ([#​1353](https://redirect.github.com/j178/prek/pull/1353)) - Singleflight Python health checks with cached interpreter info ([#​1381](https://redirect.github.com/j178/prek/pull/1381)) ##### Bug fixes - Do not resolve entry for docker\_image ([#​1386](https://redirect.github.com/j178/prek/pull/1386)) - Fix command lookup on Windows ([#​1383](https://redirect.github.com/j178/prek/pull/1383)) ##### Documentation - Document language support details ([#​1380](https://redirect.github.com/j178/prek/pull/1380)) - Document that `check-json5` now rejects duplicate keys ([#​1391](https://redirect.github.com/j178/prek/pull/1391)) ##### Contributors - [@​j178](https://redirect.github.com/j178) ### [`v0.2.29`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#0229) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.2.28...v0.2.29) Released on 2026-01-16. ##### Highlights `files` / `exclude` now support globs (including glob lists), making config filters much easier to read and maintain than heavily-escaped regex. Before (regex): ```yaml files: "^(src/.*\\.rs$|crates/[^/]+/src/.*\\.rs$)" ``` After (glob list): ```yaml files: glob: - src/**/*.rs - crates/**/src/**/*.rs ``` ##### Enhancements - Add `check-json5` as builtin hooks ([#​1367](https://redirect.github.com/j178/prek/pull/1367)) - Add glob list support for file patterns (`files` and `exclude`) ([#​1197](https://redirect.github.com/j178/prek/pull/1197)) ##### Bug fixes - Fix missing commit hash from version info ([#​1352](https://redirect.github.com/j178/prek/pull/1352)) - Remove git env vars from `uv pip install` subprocess ([#​1355](https://redirect.github.com/j178/prek/pull/1355)) - Set `TERM=dumb` under PTY to prevent capability-probe hangs ([#​1363](https://redirect.github.com/j178/prek/pull/1363)) ##### Documentation - Add `home-assistant/core` to the users of prek ([#​1350](https://redirect.github.com/j178/prek/pull/1350)) - Document builtin hooks ([#​1370](https://redirect.github.com/j178/prek/pull/1370)) - Explain project configuration scope ([#​1373](https://redirect.github.com/j178/prek/pull/1373)) ##### Contributors - [@​Goldziher](https://redirect.github.com/Goldziher) - [@​yihong0618](https://redirect.github.com/yihong0618) - [@​j178](https://redirect.github.com/j178) - [@​shaanmajid](https://redirect.github.com/shaanmajid) - [@​ulgens](https://redirect.github.com/ulgens) ### [`v0.2.28`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#0228) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.2.27...v0.2.28) Released on 2026-01-13. ##### Enhancements - Avoid running `git diff` for skipped hooks ([#​1335](https://redirect.github.com/j178/prek/pull/1335)) - More accurate command line length limit calculation ([#​1348](https://redirect.github.com/j178/prek/pull/1348)) - Raise platform command line length upper limit ([#​1347](https://redirect.github.com/j178/prek/pull/1347)) - Use `/bin/sh` in generated git hook scripts ([#​1333](https://redirect.github.com/j178/prek/pull/1333)) ##### Bug fixes - Avoid rewriting if config is up-to-date ([#​1346](https://redirect.github.com/j178/prek/pull/1346)) ##### Documentation - Add `ty` to the users of prek ([#​1342](https://redirect.github.com/j178/prek/pull/1342)) - Add `ruff` to the users of prek ([#​1334](https://redirect.github.com/j178/prek/pull/1334)) - Complete configuration document ([#​1338](https://redirect.github.com/j178/prek/pull/1338)) - Document UV environment variable inheritance in prek ([#​1339](https://redirect.github.com/j178/prek/pull/1339)) ##### Contributors - [@​copilot-swe-agent](https://redirect.github.com/copilot-swe-agent) - [@​MatthewMckee4](https://redirect.github.com/MatthewMckee4) - [@​yihong0618](https://redirect.github.com/yihong0618) - [@​j178](https://redirect.github.com/j178)
--- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index ef1a54a..3d5f0fe 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -25,4 +25,4 @@ jobs: - uses: actions/checkout@v6 - uses: j178/prek-action@v1 with: - prek-version: '0.2.27' + prek-version: '0.3.3' From 207c3d97a58fe498fb549b2509c7fd85e47c4a1d Mon Sep 17 00:00:00 2001 From: Ed Page Date: Mon, 23 Feb 2026 16:55:27 -0600 Subject: [PATCH 04/42] chore(release): Make use of new template variable --- CHANGELOG.md | 2 +- Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b7fa4c..ed49653 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,4 +8,4 @@ and this project adheres to [Semantic Versioning](https://semver.org/). ## [Unreleased] - ReleaseDate -[Unreleased]: https://github.com/rust-cli/argfile/compare/e7b7555...HEAD +[Unreleased]: https://github.com/ORG/PROJECT/compare/e7b7555...HEAD diff --git a/Cargo.toml b/Cargo.toml index 55d98ad..679d9e5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -116,7 +116,7 @@ pre-release-replacements = [ {file="CHANGELOG.md", search="\\.\\.\\.HEAD", replace="...{{tag_name}}", exactly=1}, {file="CHANGELOG.md", search="ReleaseDate", replace="{{date}}", min=1}, {file="CHANGELOG.md", search="", replace="\n## [Unreleased] - ReleaseDate\n", exactly=1}, - {file="CHANGELOG.md", search="", replace="\n[Unreleased]: https://github.com/ORG/PROJECT/compare/{{tag_name}}...HEAD", exactly=1}, + {file="CHANGELOG.md", search="", replace="\n[Unreleased]: {{repository}}/compare/{{tag_name}}...HEAD", exactly=1}, ] [features] From 096034c719a8c9d04bcaf46850087d7247cd34aa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 28 Feb 2026 06:02:36 +0000 Subject: [PATCH 05/42] chore(deps): Update Prek to v0.3.4 (#46) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.3` → `0.3.4` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.4`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#034) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.3...v0.3.4) Released on 2026-02-28. ##### Enhancements - Allow `pass_filenames` to accept a positive integer ([#​1698](https://redirect.github.com/j178/prek/pull/1698)) - Install and compile gems in parallel ([#​1674](https://redirect.github.com/j178/prek/pull/1674)) - Sync identify file-type mappings with pre-commit identify ([#​1660](https://redirect.github.com/j178/prek/pull/1660)) - Use `--locked` for Rust `cargo install` commands ([#​1661](https://redirect.github.com/j178/prek/pull/1661)) - Add `PREK_MAX_CONCURRENCY` environment variable for configuring maximum concurrency ([#​1697](https://redirect.github.com/j178/prek/pull/1697)) - Add `PREK_LOG_TRUNCATE_LIMIT` environment variable for configuring log truncation ([#​1679](https://redirect.github.com/j178/prek/pull/1679)) - Add support for `python -m prek` ([#​1686](https://redirect.github.com/j178/prek/pull/1686)) ##### Bug fixes - Skip invalid Rust toolchains instead of failing ([#​1699](https://redirect.github.com/j178/prek/pull/1699)) ##### Performance - Bitset-based TagSet refactor: precompute tag masks and speed up hook type filtering ([#​1665](https://redirect.github.com/j178/prek/pull/1665)) ##### Documentation - Document `winget install j178.Prek` ([#​1670](https://redirect.github.com/j178/prek/pull/1670)) ##### Contributors - [@​uplsh580](https://redirect.github.com/uplsh580) - [@​Svecco](https://redirect.github.com/Svecco) - [@​dbast](https://redirect.github.com/dbast) - [@​drichardson](https://redirect.github.com/drichardson) - [@​JP-Ellis](https://redirect.github.com/JP-Ellis) - [@​j178](https://redirect.github.com/j178) - [@​is-alnilam](https://redirect.github.com/is-alnilam) - [@​copilot-swe-agent](https://redirect.github.com/copilot-swe-agent)
--- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 3d5f0fe..03d02f5 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -25,4 +25,4 @@ jobs: - uses: actions/checkout@v6 - uses: j178/prek-action@v1 with: - prek-version: '0.3.3' + prek-version: '0.3.4' From 476c9552522e734d568bf4615087ae5959ce68ac Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Mar 2026 20:10:25 +0000 Subject: [PATCH 06/42] chore(deps): Update Rust Stable to v1.94 (#49) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [STABLE](https://redirect.github.com/rust-lang/rust) | minor | `1.93` → `1.94` | --- ### Release Notes
rust-lang/rust (STABLE) ### [`v1.94`](https://redirect.github.com/rust-lang/rust/blob/HEAD/RELEASES.md#Version-1940-2026-03-05) [Compare Source](https://redirect.github.com/rust-lang/rust/compare/1.93.0...1.94.0) \========================== ## Language - [Impls and impl items inherit `dead_code` lint level of the corresponding traits and trait items](https://redirect.github.com/rust-lang/rust/pull/144113) - [Stabilize additional 29 RISC-V target features including large portions of the RVA22U64 / RVA23U64 profiles](https://redirect.github.com/rust-lang/rust/pull/145948) - [Add warn-by-default `unused_visibilities` lint for visibility on `const _` declarations](https://redirect.github.com/rust-lang/rust/pull/147136) - [Update to Unicode 17](https://redirect.github.com/rust-lang/rust/pull/148321) - [Avoid incorrect lifetime errors for closures](https://redirect.github.com/rust-lang/rust/pull/148329) ## Platform Support - [Add `riscv64im-unknown-none-elf` as a tier 3 target](https://redirect.github.com/rust-lang/rust/pull/148790) Refer to Rust's [platform support page][platform-support-doc] for more information on Rust's tiered platform support. [platform-support-doc]: https://doc.rust-lang.org/rustc/platform-support.html ## Libraries - [Relax `T: Ord` bound for some `BinaryHeap` methods.](https://redirect.github.com/rust-lang/rust/pull/149408) ## Stabilized APIs - [`<[T]>::array_windows`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.array_windows) - [`<[T]>::element_offset`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.element_offset) - [`LazyCell::get`](https://doc.rust-lang.org/stable/std/cell/struct.LazyCell.html#method.get) - [`LazyCell::get_mut`](https://doc.rust-lang.org/stable/std/cell/struct.LazyCell.html#method.get_mut) - [`LazyCell::force_mut`](https://doc.rust-lang.org/stable/std/cell/struct.LazyCell.html#method.force_mut) - [`LazyLock::get`](https://doc.rust-lang.org/stable/std/sync/struct.LazyLock.html#method.get) - [`LazyLock::get_mut`](https://doc.rust-lang.org/stable/std/sync/struct.LazyLock.html#method.get_mut) - [`LazyLock::force_mut`](https://doc.rust-lang.org/stable/std/sync/struct.LazyLock.html#method.force_mut) - [`impl TryFrom for usize`](https://doc.rust-lang.org/stable/std/convert/trait.TryFrom.html#impl-TryFrom%3Cchar%3E-for-usize) - [`std::iter::Peekable::next_if_map`](https://doc.rust-lang.org/stable/std/iter/struct.Peekable.html#method.next_if_map) - [`std::iter::Peekable::next_if_map_mut`](https://doc.rust-lang.org/stable/std/iter/struct.Peekable.html#method.next_if_map_mut) - [x86 `avx512fp16` intrinsics](https://redirect.github.com/rust-lang/rust/issues/127213) (excluding those that depend directly on the unstable `f16` type) - [AArch64 NEON fp16 intrinsics](https://redirect.github.com/rust-lang/rust/issues/136306) (excluding those that depend directly on the unstable `f16` type) - [`f32::consts::EULER_GAMMA`](https://doc.rust-lang.org/stable/std/f32/consts/constant.EULER_GAMMA.html) - [`f64::consts::EULER_GAMMA`](https://doc.rust-lang.org/stable/std/f64/consts/constant.EULER_GAMMA.html) - [`f32::consts::GOLDEN_RATIO`](https://doc.rust-lang.org/stable/std/f32/consts/constant.GOLDEN_RATIO.html) - [`f64::consts::GOLDEN_RATIO`](https://doc.rust-lang.org/stable/std/f64/consts/constant.GOLDEN_RATIO.html) These previously stable APIs are now stable in const contexts: - [`f32::mul_add`](https://doc.rust-lang.org/stable/std/primitive.f32.html#method.mul_add) - [`f64::mul_add`](https://doc.rust-lang.org/stable/std/primitive.f64.html#method.mul_add) ## Cargo - Stabilize the config include key. The top-level include config key allows loading additional config files, enabling better organization, sharing, and management of Cargo configurations across projects and environments. [docs](https://doc.rust-lang.org/nightly/cargo/reference/config.html#including-extra-configuration-files) [#​16284](https://redirect.github.com/rust-lang/cargo/pull/16284) - Stabilize the pubtime field in registry index. This records when a crate version was published and enables time-based dependency resolution in the future. Note that crates.io will gradually backfill existing packages when a new version is published. Not all crates have pubtime yet. [#​16369](https://redirect.github.com/rust-lang/cargo/pull/16369) [#​16372](https://redirect.github.com/rust-lang/cargo/pull/16372) - Cargo now parses [TOML v1.1](https://toml.io/en/v1.1.0) for manifests and configuration files. Note that using these features in Cargo.toml will raise your development MSRV, but the published manifest remains compatible with older parsers. [#​16415](https://redirect.github.com/rust-lang/cargo/pull/16415) - [Make `CARGO_BIN_EXE_` available at runtime ](https://redirect.github.com/rust-lang/cargo/pull/16421/) ## Compatibility Notes - [Forbid freely casting lifetime bounds of `dyn`-types](https://redirect.github.com/rust-lang/rust/pull/136776) - [Make closure capturing have consistent and correct behaviour around patterns](https://redirect.github.com/rust-lang/rust/pull/138961) Some finer details of how precise closure captures get affected by pattern matching have been changed. In some cases, this can cause a non-move closure that was previously capturing an entire variable by move, to now capture only part of that variable by move, and other parts by borrow. This can cause the borrow checker to complain where it previously didn't, or cause `Drop` to run at a different point in time. - [Standard library macros are now imported via prelude, not via injected `#[macro_use]`](https://redirect.github.com/rust-lang/rust/pull/139493) This will raise an error if macros of the same name are glob imported. For example if a crate defines their own `matches` macro and then glob imports that, it's now ambiguous whether the custom or standard library `matches` is meant and an explicit import of the name is required to resolve the ambiguity. One exception is `core::panic` and `std::panic`, if their import is ambiguous a new warning ([`ambiguous_panic_imports`](https://redirect.github.com/rust-lang/rust/issues/147319)) is raised. This may raise a new warning ([`ambiguous_panic_imports`](https://redirect.github.com/rust-lang/rust/issues/147319)) on `#![no_std]` code glob importing the std crate. Both `core::panic!` and `std::panic!` are then in scope and which is used is ambiguous. - [Don't strip shebang in expression-context `include!(…)`s](https://redirect.github.com/rust-lang/rust/pull/146377) This can cause previously working includes to no longer compile if they included files which started with a shebang. - [Ambiguous glob reexports are now also visible cross-crate](https://redirect.github.com/rust-lang/rust/pull/147984) This unifies behavior between local and cross-crate errors on these exports, which may introduce new ambiguity errors. - [Don't normalize where-clauses before checking well-formedness](https://redirect.github.com/rust-lang/rust/pull/148477) - [Introduce a future compatibility warning on codegen attributes on body-free trait methods](https://redirect.github.com/rust-lang/rust/pull/148756) These attributes currently have no effect in this position. - [On Windows `std::time::SystemTime::checked_sub_duration` will return `None` for times before the Windows epoch (1/1/1601)](https://redirect.github.com/rust-lang/rust/pull/148825) - [Lifetime identifiers such as `'a` are now NFC normalized](https://redirect.github.com/rust-lang/rust/pull/149192). - [Overhaul filename handling for cross-compiler consistency](https://redirect.github.com/rust-lang/rust/pull/149709) Any paths emitted by compiler now always respect the relative-ness of the paths and `--remap-path-prefix` given originally. One side-effect of this change is that paths emitted for local crates in Cargo (path dependencies and workspace members) are no longer absolute but relative when emitted as part of a diagnostic in a downstream crate. ## Internal Changes These changes do not affect any public interfaces of Rust, but they represent significant improvements to the performance or internals of rustc and related tools. - [Switch to `annotate-snippets` for error emission](https://redirect.github.com/rust-lang/rust/pull/150032) This should preserve mostly the same outputs in rustc error messages.
--- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 72ec649..4ad9782 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -113,7 +113,7 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@stable with: - toolchain: "1.93" # STABLE + toolchain: "1.94" # STABLE - uses: Swatinem/rust-cache@v2 - name: Check documentation env: @@ -128,7 +128,7 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@stable with: - toolchain: "1.93" # STABLE + toolchain: "1.94" # STABLE components: rustfmt - uses: Swatinem/rust-cache@v2 - name: Check formatting @@ -144,7 +144,7 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@stable with: - toolchain: "1.93" # STABLE + toolchain: "1.94" # STABLE components: clippy - uses: Swatinem/rust-cache@v2 - name: Install SARIF tools From 5762560415a15bbeaf423590b62b1cb146732628 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 12:40:56 +0000 Subject: [PATCH 07/42] chore(deps): Update Prek to v0.3.5 (#50) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.4` → `0.3.5` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.5`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#035) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.4...v0.3.5) Released on 2026-03-09. ##### Enhancements - Add automatic Ruby download support using rv binaries ([#​1668](https://redirect.github.com/j178/prek/pull/1668)) - Adjust open file limit on process startup ([#​1705](https://redirect.github.com/j178/prek/pull/1705)) - Allow parallel gem retry ([#​1732](https://redirect.github.com/j178/prek/pull/1732)) - Enable system-proxy feature on reqwest ([#​1738](https://redirect.github.com/j178/prek/pull/1738)) - Expose `--git-dir` to force hook installation target ([#​1723](https://redirect.github.com/j178/prek/pull/1723)) - Pass `--quiet`, `--verbose`, and `--no-progress` through `prek install` into generated hook scripts ([#​1753](https://redirect.github.com/j178/prek/pull/1753)) - Respect `core.sharedRepository` for hook permissions ([#​1755](https://redirect.github.com/j178/prek/pull/1755)) - Support legacy mode hook script ([#​1706](https://redirect.github.com/j178/prek/pull/1706)) - rust: support `cli:` git dependency 4th segment package disambiguation ([#​1747](https://redirect.github.com/j178/prek/pull/1747)) ##### Bug fixes - Fix Python `__main__.py` entry ([#​1741](https://redirect.github.com/j178/prek/pull/1741)) - python: strip `UV_SYSTEM_PYTHON` from `uv venv` and `pip install` commands ([#​1756](https://redirect.github.com/j178/prek/pull/1756)) ##### Other changes - Sync latest identify tags ([#​1733](https://redirect.github.com/j178/prek/pull/1733)) ##### Contributors - [@​Dev-iL](https://redirect.github.com/Dev-iL) - [@​tennox](https://redirect.github.com/tennox) - [@​shaanmajid](https://redirect.github.com/shaanmajid) - [@​is-alnilam](https://redirect.github.com/is-alnilam) - [@​github-actions](https://redirect.github.com/github-actions) - [@​j178](https://redirect.github.com/j178)
--- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 03d02f5..879f7df 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -25,4 +25,4 @@ jobs: - uses: actions/checkout@v6 - uses: j178/prek-action@v1 with: - prek-version: '0.3.4' + prek-version: '0.3.5' From dee0db54c1f12640975312f54ad046e3f9b7c21f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 10:39:52 +0000 Subject: [PATCH 08/42] chore(deps): Update Prek to v0.3.6 (#51) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.5` → `0.3.6` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.6`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#036) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.5...v0.3.6) Released on 2026-03-16. ##### Enhancements - Allow selectors for hook ids containing colons ([#​1782](https://redirect.github.com/j178/prek/pull/1782)) - Rename `prek install-hooks` to `prek prepare-hooks` and `prek install --install-hooks` to `prek install --prepare-hooks` ([#​1766](https://redirect.github.com/j178/prek/pull/1766)) - Retry auth-failed repo clones with terminal prompts enabled ([#​1761](https://redirect.github.com/j178/prek/pull/1761)) ##### Performance - Optimize `detect_private_key` by chunked reading and using aho-corasick ([#​1791](https://redirect.github.com/j178/prek/pull/1791)) - Optimize `fix_byte_order_marker` by shifting file contents in place ([#​1790](https://redirect.github.com/j178/prek/pull/1790)) ##### Bug fixes - Align stage defaulting behavior with pre-commit ([#​1788](https://redirect.github.com/j178/prek/pull/1788)) - Make sure child output is drained in the PTY subprocess ([#​1768](https://redirect.github.com/j178/prek/pull/1768)) - fix(golang): use `GOTOOLCHAIN=local` when probing system go ([#​1797](https://redirect.github.com/j178/prek/pull/1797)) ##### Documentation - Disambiguate “hook” terminology by renaming "Git hooks" to "Git shims" ([#​1776](https://redirect.github.com/j178/prek/pull/1776)) - Document compatibility with pre-commit ([#​1767](https://redirect.github.com/j178/prek/pull/1767)) - Update configuration.md with TOML 1.1 notes ([#​1764](https://redirect.github.com/j178/prek/pull/1764)) ##### Other changes - Sync latest identify tags ([#​1798](https://redirect.github.com/j178/prek/pull/1798)) ##### Contributors - [@​github-actions](https://redirect.github.com/github-actions) - [@​j178](https://redirect.github.com/j178) - [@​pcastellazzi](https://redirect.github.com/pcastellazzi) - [@​deadnews](https://redirect.github.com/deadnews) - [@​copilot-swe-agent](https://redirect.github.com/copilot-swe-agent)
--- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 879f7df..db605ea 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -25,4 +25,4 @@ jobs: - uses: actions/checkout@v6 - uses: j178/prek-action@v1 with: - prek-version: '0.3.5' + prek-version: '0.3.6' From 80afe4dbffac684bad6722559913860c215ea15a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 10:01:47 +0000 Subject: [PATCH 09/42] chore(deps): Update Prek to v0.3.8 (#52) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.6` → `0.3.8` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.8`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#038) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.6...v0.3.8) Released on 2026-03-23. ##### Enhancements - Add experimental `language: deno` support ([#​1516](https://redirect.github.com/j178/prek/pull/1516)) - Add `pretty-format-json` as builtin hook ([#​915](https://redirect.github.com/j178/prek/pull/915)) - Add `check-vcs-permalinks` as builtin hook ([#​1842](https://redirect.github.com/j178/prek/pull/1842)) - Add `check-illegal-windows-names` as builtin hook ([#​1841](https://redirect.github.com/j178/prek/pull/1841)) - Add `check-shebang-scripts-are-executable` builtin hook ([#​1847](https://redirect.github.com/j178/prek/pull/1847)) - Add `destroyed-symlinks` builtin hook ([#​1851](https://redirect.github.com/j178/prek/pull/1851)) - Add `file-contents-sorter` as builtin hook ([#​1846](https://redirect.github.com/j178/prek/pull/1846)) - Add `--all` flag to `prek uninstall` ([#​1817](https://redirect.github.com/j178/prek/pull/1817)) - Improve file pattern parse errors ([#​1829](https://redirect.github.com/j178/prek/pull/1829)) - Validate `uv` binary after download ([#​1825](https://redirect.github.com/j178/prek/pull/1825)) ##### Bug fixes - Fix workspace-relative added file paths ([#​1852](https://redirect.github.com/j178/prek/pull/1852)) - Relax alias-anchor ratio check for check-yaml ([#​1839](https://redirect.github.com/j178/prek/pull/1839)) ##### Contributors - [@​j178](https://redirect.github.com/j178) - [@​shaanmajid](https://redirect.github.com/shaanmajid) - [@​mvanhorn](https://redirect.github.com/mvanhorn) - [@​feliblo](https://redirect.github.com/feliblo) - [@​Tiryoh](https://redirect.github.com/Tiryoh)
--- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index db605ea..caf4b4c 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -25,4 +25,4 @@ jobs: - uses: actions/checkout@v6 - uses: j178/prek-action@v1 with: - prek-version: '0.3.6' + prek-version: '0.3.8' From dcb79c9bfcffa941b05351ae3201e280eeda5b28 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 14:23:06 -0500 Subject: [PATCH 10/42] chore(ci): Pin actions --- .github/renovate.json5 | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index cf9d0bc..d880c30 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,4 +1,5 @@ { + extends: ["helpers:pinGitHubActionDigests"], schedule: [ 'before 5am on the first day of the month', ], From f1f2452ceb80116b840bd61cb095be9030e9e366 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 27 Mar 2026 19:27:03 +0000 Subject: [PATCH 11/42] chore(deps): Pin dependencies --- .github/workflows/audit.yml | 8 ++--- .github/workflows/ci.yml | 56 ++++++++++++++++---------------- .github/workflows/committed.yml | 4 +-- .github/workflows/pre-commit.yml | 4 +-- .github/workflows/rust-next.yml | 16 ++++----- .github/workflows/spelling.yml | 4 +-- .github/workflows/template.yml | 2 +- 7 files changed, 47 insertions(+), 47 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 7446e08..7407583 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -31,8 +31,8 @@ jobs: continue-on-error: true steps: - name: Checkout repository - uses: actions/checkout@v6 - - uses: actions-rs/audit-check@v1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # v1 with: token: ${{ secrets.GITHUB_TOKEN }} @@ -46,8 +46,8 @@ jobs: checks: - bans licenses sources steps: - - uses: actions/checkout@v6 - - uses: EmbarkStudios/cargo-deny-action@v2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 with: command: check ${{ matrix.checks }} rust-version: stable diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4ad9782..638fc3f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,13 +43,13 @@ jobs: CARGO_PROFILE_DEV_DEBUG: line-tables-only steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: ${{ matrix.rust }} - - uses: Swatinem/rust-cache@v2 - - uses: taiki-e/install-action@cargo-hack + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack - name: Build run: cargo test --workspace --no-run - name: Test @@ -62,13 +62,13 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@v2 - - uses: taiki-e/install-action@cargo-hack + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack - name: Default features run: cargo hack check --each-feature --locked --rust-version --ignore-private --workspace --all-targets --keep-going minimal-versions: @@ -79,13 +79,13 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install stable Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - name: Install nightly Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: nightly - name: Downgrade dependencies to minimal versions @@ -96,12 +96,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@v2 + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: "Is lockfile updated?" run: cargo update --workspace --locked docs: @@ -109,12 +109,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: "1.94" # STABLE - - uses: Swatinem/rust-cache@v2 + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Check documentation env: RUSTDOCFLAGS: -D warnings @@ -124,13 +124,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: "1.94" # STABLE components: rustfmt - - uses: Swatinem/rust-cache@v2 + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Check formatting run: cargo fmt --check clippy: @@ -140,13 +140,13 @@ jobs: security-events: write # to upload sarif results steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: "1.94" # STABLE components: clippy - - uses: Swatinem/rust-cache@v2 + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Install SARIF tools run: cargo install clippy-sarif --locked - name: Install SARIF tools @@ -159,7 +159,7 @@ jobs: | sarif-fmt continue-on-error: true - name: Upload - uses: github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: clippy-results.sarif wait-for-processing: true @@ -170,17 +170,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@v2 + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Install cargo-tarpaulin run: cargo install cargo-tarpaulin - name: Gather coverage run: cargo tarpaulin --output-dir coverage --out lcov - name: Publish to Coveralls - uses: coverallsapp/github-action@master + uses: coverallsapp/github-action@09b709cf6a16e30b0808ba050c7a6e8a5ef13f8d # master with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/committed.yml b/.github/workflows/committed.yml index 9138a8e..655ec93 100644 --- a/.github/workflows/committed.yml +++ b/.github/workflows/committed.yml @@ -21,8 +21,8 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Actions Repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - name: Lint Commits - uses: crate-ci/committed@master + uses: crate-ci/committed@4cd58ed75e5f581ba45f42ef52e055cc001def37 # master diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index caf4b4c..cd4443d 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -22,7 +22,7 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 - - uses: j178/prek-action@v1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: j178/prek-action@0bb87d7f00b0c99306c8bcb8b8beba1eb581c037 # v1 with: prek-version: '0.3.8' diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index 8e4a1e9..1e53d3a 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -33,13 +33,13 @@ jobs: CARGO_PROFILE_DEV_DEBUG: line-tables-only steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: ${{ matrix.rust }} - - uses: Swatinem/rust-cache@v2 - - uses: taiki-e/install-action@cargo-hack + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack - name: Build run: cargo test --workspace --no-run - name: Test @@ -54,13 +54,13 @@ jobs: CARGO_RESOLVER_INCOMPATIBLE_RUST_VERSIONS: allow steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Rust - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@v2 - - uses: taiki-e/install-action@cargo-hack + - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack - name: Update dependencies run: cargo update - name: Build diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index cf4c1bf..baf93ba 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -20,6 +20,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Actions Repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Spell Check Repo - uses: crate-ci/typos@master + uses: crate-ci/typos@8f11c0dc0f31c780c45b3dd5b72ff4b48a350b75 # master diff --git a/.github/workflows/template.yml b/.github/workflows/template.yml index 1d4fd85..6603a78 100644 --- a/.github/workflows/template.yml +++ b/.github/workflows/template.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - name: Configure git From 4af143d0148e7c4f7c98cec3f76b61f260631e61 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 14:01:37 -0500 Subject: [PATCH 12/42] chore(ci): Don't persist git credentials by default --- .github/workflows/audit.yml | 4 ++++ .github/workflows/ci.yml | 16 ++++++++++++++++ .github/workflows/committed.yml | 1 + .github/workflows/pre-commit.yml | 2 ++ .github/workflows/rust-next.yml | 4 ++++ .github/workflows/spelling.yml | 2 ++ .github/workflows/template.yml | 1 + 7 files changed, 30 insertions(+) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 7407583..f896104 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -32,6 +32,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # v1 with: token: ${{ secrets.GITHUB_TOKEN }} @@ -47,6 +49,8 @@ jobs: - bans licenses sources steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 with: command: check ${{ matrix.checks }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 638fc3f..a80c28b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,6 +44,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -63,6 +65,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -80,6 +84,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install stable Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -97,6 +103,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -110,6 +118,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -125,6 +135,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -141,6 +153,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -171,6 +185,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: diff --git a/.github/workflows/committed.yml b/.github/workflows/committed.yml index 655ec93..755a367 100644 --- a/.github/workflows/committed.yml +++ b/.github/workflows/committed.yml @@ -24,5 +24,6 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 + persist-credentials: false - name: Lint Commits uses: crate-ci/committed@4cd58ed75e5f581ba45f42ef52e055cc001def37 # master diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index cd4443d..a5eaf13 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -23,6 +23,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - uses: j178/prek-action@0bb87d7f00b0c99306c8bcb8b8beba1eb581c037 # v1 with: prek-version: '0.3.8' diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index 1e53d3a..c66dc21 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -34,6 +34,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: @@ -55,6 +57,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index baf93ba..addbe4b 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -21,5 +21,7 @@ jobs: steps: - name: Checkout Actions Repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false - name: Spell Check Repo uses: crate-ci/typos@8f11c0dc0f31c780c45b3dd5b72ff4b48a350b75 # master diff --git a/.github/workflows/template.yml b/.github/workflows/template.yml index 6603a78..09da81c 100644 --- a/.github/workflows/template.yml +++ b/.github/workflows/template.yml @@ -31,6 +31,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 + persist-credentials: false - name: Configure git run: | git config --global user.name '${{ github.actor }}' From 3e98dbeebff3daa8dd02bb1c7a663b0a1f341a4c Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 14:01:57 -0500 Subject: [PATCH 13/42] chore(ci): Use env instead of templates --- .github/workflows/template.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/template.yml b/.github/workflows/template.yml index 09da81c..c51104f 100644 --- a/.github/workflows/template.yml +++ b/.github/workflows/template.yml @@ -34,7 +34,7 @@ jobs: persist-credentials: false - name: Configure git run: | - git config --global user.name '${{ github.actor }}' + git config --global user.name '${GITHUB_ACTOR}' git config --global user.email '<>' - name: Fetch template run: "git remote add template ${{ env.TEMPLATE_URL }} && git fetch template ${{ env.TEMPLATE_BRANCH }}" From fb7a03078da87c16d0d27e107640ef7d602bc779 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 14:37:46 -0500 Subject: [PATCH 14/42] chore(ci): Switch from cargo-audit to cargo-deny --- .github/workflows/audit.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index f896104..7749706 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -29,14 +29,18 @@ jobs: runs-on: ubuntu-latest # Prevent sudden announcement of a new advisory from failing ci: continue-on-error: true + strategy: + matrix: + checks: + - advisories steps: - - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: persist-credentials: false - - uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # v1 + - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 with: - token: ${{ secrets.GITHUB_TOKEN }} + command: check ${{ matrix.checks }} + rust-version: stable cargo_deny: permissions: From e60a418c60abd4b31c719817620b79b21f89bc9f Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 14:39:55 -0500 Subject: [PATCH 15/42] chore(ci): Adopt zizmor --- .github/workflows/audit.yml | 14 ++++++++++++++ .github/zizmor.yml | 4 ++++ 2 files changed, 18 insertions(+) create mode 100644 .github/zizmor.yml diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 7749706..ddbc9c9 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -59,3 +59,17 @@ jobs: with: command: check ${{ matrix.checks }} rust-version: stable + + actions: + runs-on: ubuntu-latest + permissions: + security-events: write + contents: read # only needed for private or internal repos + actions: read # only needed for private or internal repos + steps: + - name: Checkout repository + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false + - name: Run zizmor + uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 diff --git a/.github/zizmor.yml b/.github/zizmor.yml new file mode 100644 index 0000000..45aa9c9 --- /dev/null +++ b/.github/zizmor.yml @@ -0,0 +1,4 @@ +rules: + superfluous-actions: + # https://github.com/zizmorcore/zizmor/issues/1817 + disable: true From c00ccb718bbe9447ad2162d1d568cb665b34881b Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 16:11:55 -0500 Subject: [PATCH 16/42] chore(ci): Fix content --- .github/workflows/audit.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index ddbc9c9..6ad5fec 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -34,7 +34,8 @@ jobs: checks: - advisories steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - name: Checkout repository + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: persist-credentials: false - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 @@ -52,7 +53,8 @@ jobs: checks: - bans licenses sources steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - name: Checkout repository + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: persist-credentials: false - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 @@ -68,7 +70,7 @@ jobs: actions: read # only needed for private or internal repos steps: - name: Checkout repository - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: persist-credentials: false - name: Run zizmor From 509fb92da3800429c034a207059ad5410504392c Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 16:13:06 -0500 Subject: [PATCH 17/42] chore(ci): Shorten workflow name --- .github/workflows/audit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 6ad5fec..399f90c 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -1,4 +1,4 @@ -name: Security audit +name: Audit permissions: contents: read From 616ecc0ab086297ff6f95008f15bad3135dd91bb Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 16:15:53 -0500 Subject: [PATCH 18/42] chore(ci): Add a central audit job --- .github/workflows/audit.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 399f90c..7342993 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -22,7 +22,18 @@ concurrency: cancel-in-progress: true jobs: - security_audit: + audit: + permissions: + contents: none + name: CI + needs: [advisories, cargo_deny, actions] + runs-on: ubuntu-latest + if: "always()" + steps: + - name: Failed + run: exit 1 + if: "contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped')" + advisories: permissions: issues: write # to create issues (actions-rs/audit-check) checks: write # to create check (actions-rs/audit-check) From e4210b94aed44f374a673a5b2aba4b2a2c5710fc Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 27 Mar 2026 16:16:29 -0500 Subject: [PATCH 19/42] chore(ci): Fix the audit display name --- .github/workflows/audit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 7342993..8e63c6f 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -25,7 +25,7 @@ jobs: audit: permissions: contents: none - name: CI + name: Audit needs: [advisories, cargo_deny, actions] runs-on: ubuntu-latest if: "always()" From 1601c98de40a656585db942eadc5ba7f6554be73 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 00:47:40 +0000 Subject: [PATCH 20/42] chore(deps): Update j178/prek-action action to v2 --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index a5eaf13..1c35527 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -25,6 +25,6 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: persist-credentials: false - - uses: j178/prek-action@0bb87d7f00b0c99306c8bcb8b8beba1eb581c037 # v1 + - uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2 with: prek-version: '0.3.8' From 1edb51e8848e6824dccd8d73d4ecfe442719b5dd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 05:28:42 +0000 Subject: [PATCH 21/42] chore(deps): Update taiki-e/install-action digest to 4fea3cb --- .github/workflows/ci.yml | 4 ++-- .github/workflows/rust-next.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a80c28b..f2a2358 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,7 +51,7 @@ jobs: with: toolchain: ${{ matrix.rust }} - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack + - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack - name: Build run: cargo test --workspace --no-run - name: Test @@ -72,7 +72,7 @@ jobs: with: toolchain: stable - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack + - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack - name: Default features run: cargo hack check --each-feature --locked --rust-version --ignore-private --workspace --all-targets --keep-going minimal-versions: diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index c66dc21..be90d6c 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -41,7 +41,7 @@ jobs: with: toolchain: ${{ matrix.rust }} - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack + - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack - name: Build run: cargo test --workspace --no-run - name: Test @@ -64,7 +64,7 @@ jobs: with: toolchain: stable - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4448ce47d533cbe63d6dfafa732cf574a34606b5 # cargo-hack + - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack - name: Update dependencies run: cargo update - name: Build From 2fc4cd2bc2357a160d11f5c47e4a301256fb6e58 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Wed, 1 Apr 2026 11:33:53 -0500 Subject: [PATCH 22/42] chore(pre): Always check zizmor --- .pre-commit-config.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 714e2e1..65cff49 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -17,3 +17,7 @@ repos: rev: v1.1.10 hooks: - id: committed + - repo: https://github.com/zizmorcore/zizmor-pre-commit + rev: v1.22.0 + hooks: + - id: zizmor From 2f37b604b34f3d023060c82737ee926941e3c1c3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 16:35:38 +0000 Subject: [PATCH 23/42] chore(deps): Update pre-commit hook crate-ci/typos to v1.45.0 --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 714e2e1..e6f47f1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -10,7 +10,7 @@ repos: - id: check-case-conflict - id: detect-private-key - repo: https://github.com/crate-ci/typos - rev: v1.43.0 + rev: v1.45.0 hooks: - id: typos - repo: https://github.com/crate-ci/committed From 8ed1cfa1af3733393a44782a27d90f5a6a35e8c0 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Wed, 1 Apr 2026 11:39:07 -0500 Subject: [PATCH 24/42] chore(ci): Run audits more frequently --- .github/workflows/audit.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 8e63c6f..905a295 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -5,9 +5,6 @@ permissions: on: pull_request: - paths: - - '**/Cargo.toml' - - '**/Cargo.lock' push: branches: - main From 15908a84310610e6bc0b7c71a05bf06ae4e1e518 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Mon, 6 Apr 2026 10:01:05 -0500 Subject: [PATCH 25/42] chore(gh): Fix template updating See rust-cli/anstyle#311 --- .github/workflows/template.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/template.yml b/.github/workflows/template.yml index c51104f..de3d1da 100644 --- a/.github/workflows/template.yml +++ b/.github/workflows/template.yml @@ -31,7 +31,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - persist-credentials: false + persist-credentials: true - name: Configure git run: | git config --global user.name '${GITHUB_ACTOR}' From ea3cbc8a339cdc93829bc28f314848b092b8cdb3 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Mon, 6 Apr 2026 10:03:42 -0500 Subject: [PATCH 26/42] chore(gh): Document why template updating needs credentials --- .github/workflows/template.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/template.yml b/.github/workflows/template.yml index de3d1da..a934b82 100644 --- a/.github/workflows/template.yml +++ b/.github/workflows/template.yml @@ -31,7 +31,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - persist-credentials: true + persist-credentials: true # to push the branch and create PR - name: Configure git run: | git config --global user.name '${GITHUB_ACTOR}' From 29448ed7636fb14d8678454f56ba190b311a1536 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Mon, 6 Apr 2026 11:30:07 -0400 Subject: [PATCH 27/42] Use full-length tags for hash-pinned action references Signed-off-by: William Woodruff --- .github/workflows/audit.yml | 10 +++++----- .github/workflows/ci.yml | 18 +++++++++--------- .github/workflows/committed.yml | 2 +- .github/workflows/pre-commit.yml | 4 ++-- .github/workflows/rust-next.yml | 4 ++-- .github/workflows/spelling.yml | 2 +- .github/workflows/template.yml | 2 +- 7 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 905a295..eca6f3d 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -43,10 +43,10 @@ jobs: - advisories steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 + - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 with: command: check ${{ matrix.checks }} rust-version: stable @@ -62,10 +62,10 @@ jobs: - bans licenses sources steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2 + - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 with: command: check ${{ matrix.checks }} rust-version: stable @@ -78,7 +78,7 @@ jobs: actions: read # only needed for private or internal repos steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Run zizmor diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f2a2358..65a4919 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,7 +43,7 @@ jobs: CARGO_PROFILE_DEV_DEBUG: line-tables-only steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -64,7 +64,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -83,7 +83,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install stable Rust @@ -102,7 +102,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -117,7 +117,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -134,7 +134,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -152,7 +152,7 @@ jobs: security-events: write # to upload sarif results steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -173,7 +173,7 @@ jobs: | sarif-fmt continue-on-error: true - name: Upload - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 with: sarif_file: clippy-results.sarif wait-for-processing: true @@ -184,7 +184,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust diff --git a/.github/workflows/committed.yml b/.github/workflows/committed.yml index 755a367..36529fd 100644 --- a/.github/workflows/committed.yml +++ b/.github/workflows/committed.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Actions Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 1c35527..2bd7509 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -22,9 +22,9 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2 + - uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2.0.1 with: prek-version: '0.3.8' diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index be90d6c..d1d9d60 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -33,7 +33,7 @@ jobs: CARGO_PROFILE_DEV_DEBUG: line-tables-only steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust @@ -56,7 +56,7 @@ jobs: CARGO_RESOLVER_INCOMPATIBLE_RUST_VERSIONS: allow steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Install Rust diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index addbe4b..e3cec04 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Actions Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Spell Check Repo diff --git a/.github/workflows/template.yml b/.github/workflows/template.yml index a934b82..0ca8d2d 100644 --- a/.github/workflows/template.yml +++ b/.github/workflows/template.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: true # to push the branch and create PR From 94c8ee6e54f2c1ae6eb3d18e6a90c18c4e037bad Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 13 Apr 2026 15:15:05 +0000 Subject: [PATCH 28/42] chore(deps): Update Prek to v0.3.9 (#59) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.8` → `0.3.9` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.9`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#039) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.8...v0.3.9) Released on 2026-04-13. ##### Highlight `prek auto-update` is now stricter about pinned revisions and more useful in CI. It now keeps `rev` and `# frozen:` comments in sync, can detect [impostor commits](https://docs.zizmor.sh/audits/#impostor-commit) when validating pinned SHAs, and lets you use `prek auto-update --check` to fail on both available updates and frozen-ref mismatches without rewriting the config. Examples: ```console $ prek auto-update # updates revs and repairs stale `# frozen:` comments $ prek auto-update --freeze # writes frozen SHAs with matching `# frozen: ` comments $ prek auto-update --check # exits non-zero when updates are available, a `# frozen:` comment is stale, # or a pinned SHA does not belong to the fetched upstream refs ``` ##### Enhancements - Check and sync frozen comments during auto-update ([#​1896](https://redirect.github.com/j178/prek/pull/1896)) - Handle impostor commits in auto-update ([#​1919](https://redirect.github.com/j178/prek/pull/1919)) - Add experimental `language: dotnet` support ([#​1871](https://redirect.github.com/j178/prek/pull/1871)) - Honor repo and worktree `core.hooksPath` ([#​1892](https://redirect.github.com/j178/prek/pull/1892)) - Add `prek run --no-fail-fast` to override config file ([#​1859](https://redirect.github.com/j178/prek/pull/1859)) - Add `forbid-new-submodules` as builtin hook ([#​1853](https://redirect.github.com/j178/prek/pull/1853)) - Clean stale patch files in `cache gc` ([#​1877](https://redirect.github.com/j178/prek/pull/1877)) - Display auto-update results by config entry ([#​1922](https://redirect.github.com/j178/prek/pull/1922)) - Restrict patch directory permissions ([#​1876](https://redirect.github.com/j178/prek/pull/1876)) - Show tag names in `auto-update --freeze` output ([#​1916](https://redirect.github.com/j178/prek/pull/1916)) - Use a bitset for hook stages ([#​1860](https://redirect.github.com/j178/prek/pull/1860)) ##### Bug fixes - Canonicalize CWD and GIT\_ROOT paths ([#​1878](https://redirect.github.com/j178/prek/pull/1878)) - Ensure quotes are added for non-string revisions in `auto-update` ([#​1936](https://redirect.github.com/j178/prek/pull/1936)) ##### Documentation - Update docs for case of hooks modifying files with a non-zero exit code ([#​1879](https://redirect.github.com/j178/prek/pull/1879)) ##### Contributors - [@​RicardoVercetti](https://redirect.github.com/RicardoVercetti) - [@​nathanjmcdougall](https://redirect.github.com/nathanjmcdougall) - [@​renovate](https://redirect.github.com/renovate) - [@​sadjow](https://redirect.github.com/sadjow) - [@​j178](https://redirect.github.com/j178)
--- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Every minute (`* * * * *`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 2bd7509..2cb7ed9 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -27,4 +27,4 @@ jobs: persist-credentials: false - uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2.0.1 with: - prek-version: '0.3.8' + prek-version: '0.3.9' From 8cda912a4f095a9d0222c2b64a94e446eb31682c Mon Sep 17 00:00:00 2001 From: Ed Page Date: Tue, 14 Apr 2026 09:24:24 -0500 Subject: [PATCH 29/42] chore: Anchor includes to be at package root --- Cargo.toml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 679d9e5..12c0c36 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,13 +7,13 @@ license = "MIT OR Apache-2.0" edition = "2021" rust-version = "1.65.0" # MSRV include = [ - "build.rs", - "src/**/*", - "Cargo.toml", - "Cargo.lock", - "LICENSE*", - "README.md", - "examples/**/*" + "/build.rs", + "/src/**/*", + "/Cargo.toml", + "/Cargo.lock", + "/LICENSE*", + "/README.md", + "/examples/**/*" ] [workspace.lints.rust] From b7f02f0008e1e585f4f8423be8c20a1eb3cdc767 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Thu, 16 Apr 2026 15:58:59 -0500 Subject: [PATCH 30/42] chore(ci): Ignore collapsible_match Ifs inside of match arms can be useful for communicating intent. --- Cargo.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/Cargo.toml b/Cargo.toml index 12c0c36..8c7aef7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -30,6 +30,7 @@ bool_assert_comparison = "allow" branches_sharing_code = "allow" checked_conversions = "warn" collapsible_else_if = "allow" +collapsible_match = "allow" create_dir = "warn" dbg_macro = "warn" debug_assert_with_mut_call = "warn" From 18b53842013dee57ba842a4dd6174b8ddc621233 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 21:11:49 +0000 Subject: [PATCH 31/42] chore(deps): Update Rust Stable to v1.95 (#61) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [STABLE](https://redirect.github.com/rust-lang/rust) | minor | `1.94` → `1.95` | --- ### Release Notes
rust-lang/rust (STABLE) ### [`v1.95`](https://redirect.github.com/rust-lang/rust/blob/HEAD/RELEASES.md#Version-1950-2026-04-16) [Compare Source](https://redirect.github.com/rust-lang/rust/compare/1.94.0...1.95.0) \=========================== ## Language - [Stabilize `if let` guards on match arms](https://redirect.github.com/rust-lang/rust/pull/141295) - [`irrefutable_let_patterns` lint no longer lints on let chains](https://redirect.github.com/rust-lang/rust/pull/146832) - [Support importing path-segment keywords with renaming](https://redirect.github.com/rust-lang/rust/pull/146972) - [Stabilize inline assembly for PowerPC and PowerPC64](https://redirect.github.com/rust-lang/rust/pull/147996) - [const-eval: be more consistent in the behavior of padding during typed copies](https://redirect.github.com/rust-lang/rust/pull/148967) - [Const blocks are no longer evaluated to determine if expressions involving fallible operations can implicitly be constant-promoted.](https://redirect.github.com/rust-lang/rust/pull/150557). Expressions whose ability to implicitly be promoted would depend on the result of a const block are no longer implicitly promoted. - [Make operational semantics of pattern matching independent of crate and module](https://redirect.github.com/rust-lang/rust/pull/150681) ## Compiler - [Stabilize `--remap-path-scope` for controlling the scoping of how paths get remapped in the resulting binary](https://redirect.github.com/rust-lang/rust/pull/147611) ## Platform Support - [Promote `powerpc64-unknown-linux-musl` to Tier 2 with host tools](https://redirect.github.com/rust-lang/rust/pull/149962) - [Promote `aarch64-apple-tvos` to Tier 2](https://redirect.github.com/rust-lang/rust/pull/152021) - [Promote `aarch64-apple-tvos-sim` to Tier 2](https://redirect.github.com/rust-lang/rust/pull/152021) - [Promote `aarch64-apple-watchos` to Tier 2](https://redirect.github.com/rust-lang/rust/pull/152021) - [Promote `aarch64-apple-watchos-sim` to Tier 2](https://redirect.github.com/rust-lang/rust/pull/152021) - [Promote `aarch64-apple-visionos` to Tier 2](https://redirect.github.com/rust-lang/rust/pull/152021) - [Promote `aarch64-apple-visionos-sim` to Tier 2](https://redirect.github.com/rust-lang/rust/pull/152021) Refer to Rust's [platform support page][platform-support-doc] for more information on Rust's tiered platform support. [platform-support-doc]: https://doc.rust-lang.org/rustc/platform-support.html ## Libraries - [`thread::scope`: document how join interacts with TLS destructors](https://redirect.github.com/rust-lang/rust/pull/149482) - [Speed up `str::contains` on aarch64 targets with `neon` target feature enabled by default](https://redirect.github.com/rust-lang/rust/pull/152176) ## Stabilized APIs - [`MaybeUninit<[T; N]>: From<[MaybeUninit; N]>`](https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#impl-From%3CMaybeUninit%3C%5BT;+N%5D%3E%3E-for-%5BMaybeUninit%3CT%3E;+N%5D) - [`MaybeUninit<[T; N]>: AsRef<[MaybeUninit; N]>`](https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#impl-AsRef%3C%5BMaybeUninit%3CT%3E;+N%5D%3E-for-MaybeUninit%3C%5BT;+N%5D%3E) - [`MaybeUninit<[T; N]>: AsRef<[MaybeUninit]>`](https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#impl-AsRef%3C%5BMaybeUninit%3CT%3E%5D%3E-for-MaybeUninit%3C%5BT;+N%5D%3E) - [`MaybeUninit<[T; N]>: AsMut<[MaybeUninit; N]>`](https://doc.rust-lang.org/beta/std/mem/union.MaybeUninit.html#impl-AsMut%3C%5BMaybeUninit%3CT%3E;+N%5D%3E-for-MaybeUninit%3C%5BT;+N%5D%3E) - [`MaybeUninit<[T; N]>: AsMut<[MaybeUninit]>`](https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#impl-AsMut%3C%5BMaybeUninit%3CT%3E%5D%3E-for-MaybeUninit%3C%5BT;+N%5D%3E) - [`[MaybeUninit; N]: From>`](https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#impl-From%3C%5BMaybeUninit%3CT%3E;+N%5D%3E-for-MaybeUninit%3C%5BT;+N%5D%3E) - [`Cell<[T; N]>: AsRef<[Cell; N]>`](https://doc.rust-lang.org/stable/std/cell/struct.Cell.html#impl-AsRef%3C%5BCell%3CT%3E;+N%5D%3E-for-Cell%3C%5BT;+N%5D%3E) - [`Cell<[T; N]>: AsRef<[Cell]>`](https://doc.rust-lang.org/stable/std/cell/struct.Cell.html#impl-AsRef%3C%5BCell%3CT%3E%5D%3E-for-Cell%3C%5BT;+N%5D%3E) - [`Cell<[T]>: AsRef<[Cell]>`](https://doc.rust-lang.org/stable/std/cell/struct.Cell.html#impl-AsRef%3C%5BCell%3CT%3E%5D%3E-for-Cell%3C%5BT%5D%3E) - [`bool: TryFrom<{integer}>`](https://doc.rust-lang.org/stable/std/primitive.bool.html#impl-TryFrom%3Cu128%3E-for-bool) - [`AtomicPtr::update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicPtr.html#method.update) - [`AtomicPtr::try_update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicPtr.html#method.try_update) - [`AtomicBool::update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicBool.html#method.update) - [`AtomicBool::try_update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicBool.html#method.try_update) - [`AtomicIn::update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicIsize.html#method.update) - [`AtomicIn::try_update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicIsize.html#method.try_update) - [`AtomicUn::update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicUsize.html#method.update) - [`AtomicUn::try_update`](https://doc.rust-lang.org/stable/std/sync/atomic/struct.AtomicUsize.html#method.try_update) - [`cfg_select!`](https://doc.rust-lang.org/stable/std/macro.cfg_select.html) - [`mod core::range`](https://doc.rust-lang.org/stable/core/range/index.html) - [`core::range::RangeInclusive`](https://doc.rust-lang.org/stable/core/range/struct.RangeInclusive.html) - [`core::range::RangeInclusiveIter`](https://doc.rust-lang.org/stable/core/range/struct.RangeInclusiveIter.html) - [`core::hint::cold_path`](https://doc.rust-lang.org/stable/core/hint/fn.cold_path.html) - [`<*const T>::as_ref_unchecked`](https://doc.rust-lang.org/stable/std/primitive.pointer.html#method.as_ref_unchecked) - [`<*mut T>::as_ref_unchecked`](https://doc.rust-lang.org/stable/std/primitive.pointer.html#method.as_ref_unchecked-1) - [`<*mut T>::as_mut_unchecked`](https://doc.rust-lang.org/stable/std/primitive.pointer.html#method.as_mut_unchecked) These previously stable APIs are now stable in const contexts: - [`fmt::from_fn`](https://doc.rust-lang.org/stable/std/fmt/fn.from_fn.html) - [`ControlFlow::is_break`](https://doc.rust-lang.org/stable/core/ops/enum.ControlFlow.html#method.is_break) - [`ControlFlow::is_continue`](https://doc.rust-lang.org/stable/core/ops/enum.ControlFlow.html#method.is_continue) ## Cargo - [docs(report): enhance man pages for `cargo report *`](https://redirect.github.com/rust-lang/cargo/pull/16430/) ## Rustdoc - [In search results, rank unstable items lower](https://redirect.github.com/rust-lang/rust/pull/149460) - [Add new "hide deprecated items" setting in rustdoc](https://redirect.github.com/rust-lang/rust/pull/151091) ## Compatibility Notes - [Array coercions may now result in less inference constraints than before](https://redirect.github.com/rust-lang/rust/pull/140283) - Importing `$crate` without renaming, i.e. `use $crate::{self};`, is now no longer permitted due to stricter error checking for `self` imports. - [const-eval: be more consistent in the behavior of padding during typed copies.](https://redirect.github.com/rust-lang/rust/pull/148967) In very rare cases, this may cause compilation errors due to bytes from parts of a pointer ending up in the padding bytes of a `const` or `static`. - [A future-incompatibility warning lint `ambiguous_glob_imported_traits` is now reported when using an ambiguously glob imported trait](https://redirect.github.com/rust-lang/rust/pull/149058) - [Check lifetime bounds of types mentioning only type parameters](https://redirect.github.com/rust-lang/rust/pull/149389) - [Report more visibility-related ambiguous import errors](https://redirect.github.com/rust-lang/rust/pull/149596) - [Deprecate `Eq::assert_receiver_is_total_eq` and emit future compatibility warnings on manual impls](https://redirect.github.com/rust-lang/rust/pull/149978) - [powerpc64: Use the ELF ABI version set in target spec instead of guessing](https://redirect.github.com/rust-lang/rust/pull/150468) (fixes the ELF ABI used by the OpenBSD target) - Matching on a `#[non_exhaustive]` enum [now reads the discriminant, even if the enum has only one variant](https://redirect.github.com/rust-lang/rust/pull/150681). This can cause closures to capture values that they previously wouldn't. - `mut ref` and `mut ref mut` patterns, part of the unstable [Match Ergonomics 2024 RFC](https://redirect.github.com/rust-lang/rust/issues/123076), were accidentally allowed on stable within struct pattern field shorthand. These patterns are now correctly feature-gated as unstable in this position. - [Add future-compatibility warning for derive helper attributes which conflict with built-in attributes](https://redirect.github.com/rust-lang/rust/pull/151152) - [JSON target specs](https://doc.rust-lang.org/rustc/targets/custom.html) have been destabilized and now require `-Z unstable-options` to use. Previously, they could not be used without the standard library, which has no stable build mechanism. In preparation for the `build-std` project adding that support, JSON target specs are being proactively gated to ensure they remain unstable even if `build-std` is stabilized. Cargo now includes the `-Z json-target-spec` CLI flag to automatically pass `-Z unstable-options` to the compiler when needed. See [#​150151](https://redirect.github.com/rust-lang/rust/pull/150151), [#​151534](https://redirect.github.com/rust-lang/rust/pull/150151), and [rust-lang/cargo#16557](https://redirect.github.com/rust-lang/cargo/pull/16557). - [The arguments of `#[feature]` attributes on invalid targets are now checked](https://redirect.github.com/rust-lang/rust/issues/153764) ## Internal Changes These changes do not affect any public interfaces of Rust, but they represent significant improvements to the performance or internals of rustc and related tools. - [Update to LLVM 22](https://redirect.github.com/rust-lang/rust/pull/150722)
--- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Every minute (`* * * * *`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 65a4919..dde8a26 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -123,7 +123,7 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: - toolchain: "1.94" # STABLE + toolchain: "1.95" # STABLE - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Check documentation env: @@ -140,7 +140,7 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: - toolchain: "1.94" # STABLE + toolchain: "1.95" # STABLE components: rustfmt - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Check formatting @@ -158,7 +158,7 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: - toolchain: "1.94" # STABLE + toolchain: "1.95" # STABLE components: clippy - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Install SARIF tools From 18b0c5ea4424446b819fc36eb992724e3ee3a29e Mon Sep 17 00:00:00 2001 From: Ed Page Date: Thu, 16 Apr 2026 16:10:20 -0500 Subject: [PATCH 32/42] chore(ci): Switch to versioned install action --- .github/workflows/ci.yml | 8 ++++++-- .github/workflows/rust-next.yml | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dde8a26..7eb0e8c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,7 +51,9 @@ jobs: with: toolchain: ${{ matrix.rust }} - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack + - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + with: + tool: cargo-hack - name: Build run: cargo test --workspace --no-run - name: Test @@ -72,7 +74,9 @@ jobs: with: toolchain: stable - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack + - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + with: + tool: cargo-hack - name: Default features run: cargo hack check --each-feature --locked --rust-version --ignore-private --workspace --all-targets --keep-going minimal-versions: diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index d1d9d60..08fd567 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -41,7 +41,9 @@ jobs: with: toolchain: ${{ matrix.rust }} - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack + - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + with: + tool: cargo-hack - name: Build run: cargo test --workspace --no-run - name: Test @@ -64,7 +66,9 @@ jobs: with: toolchain: stable - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@4fea3cb182fc2e9b0c29175fd0624e1489b7510f # cargo-hack + - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + with: + tool: cargo-hack - name: Update dependencies run: cargo update - name: Build From e36b072e4596a1b07da9949429311383c35174bd Mon Sep 17 00:00:00 2001 From: Ed Page Date: Thu, 16 Apr 2026 16:15:03 -0500 Subject: [PATCH 33/42] chore(ci): Name every step This is to provide better anchors for resolving conflicts --- .github/workflows/audit.yml | 6 ++++-- .github/workflows/ci.yml | 27 ++++++++++++++++++--------- .github/workflows/committed.yml | 2 +- .github/workflows/pre-commit.yml | 6 ++++-- .github/workflows/rust-next.yml | 12 ++++++++---- 5 files changed, 35 insertions(+), 18 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index eca6f3d..8158c03 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -46,7 +46,8 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 + - name: Lint advisories + uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 with: command: check ${{ matrix.checks }} rust-version: stable @@ -65,7 +66,8 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 + - name: Lint bans + uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 with: command: check ${{ matrix.checks }} rust-version: stable diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7eb0e8c..25e1295 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -50,8 +50,10 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: ${{ matrix.rust }} - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Install cargo-hack + uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: tool: cargo-hack - name: Build @@ -73,8 +75,10 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Install cargo-hack + uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: tool: cargo-hack - name: Default features @@ -113,7 +117,8 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: "Is lockfile updated?" run: cargo update --workspace --locked docs: @@ -128,7 +133,8 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: "1.95" # STABLE - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Check documentation env: RUSTDOCFLAGS: -D warnings @@ -146,7 +152,8 @@ jobs: with: toolchain: "1.95" # STABLE components: rustfmt - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Check formatting run: cargo fmt --check clippy: @@ -164,7 +171,8 @@ jobs: with: toolchain: "1.95" # STABLE components: clippy - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Install SARIF tools run: cargo install clippy-sarif --locked - name: Install SARIF tools @@ -195,7 +203,8 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - name: Install cargo-tarpaulin run: cargo install cargo-tarpaulin - name: Gather coverage diff --git a/.github/workflows/committed.yml b/.github/workflows/committed.yml index 36529fd..f15e815 100644 --- a/.github/workflows/committed.yml +++ b/.github/workflows/committed.yml @@ -20,7 +20,7 @@ jobs: name: Lint Commits runs-on: ubuntu-latest steps: - - name: Checkout Actions Repository + - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 2cb7ed9..f4b086c 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -22,9 +22,11 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - name: Checkout repository + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2.0.1 + - name: prek + uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2.0.1 with: prek-version: '0.3.9' diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index 08fd567..2d68164 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -40,8 +40,10 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: ${{ matrix.rust }} - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Install cargo-hack + uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: tool: cargo-hack - name: Build @@ -65,8 +67,10 @@ jobs: uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: toolchain: stable - - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 - - uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 + - name: Initialize cache + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + - name: Install cargo-hack + uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: tool: cargo-hack - name: Update dependencies From 54f523dc52136dd895d2eafb0ca60547e535d8fe Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 17 Apr 2026 09:27:25 -0500 Subject: [PATCH 34/42] chore(ci): Approve another license --- deny.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/deny.toml b/deny.toml index 27bf59a..c617b41 100644 --- a/deny.toml +++ b/deny.toml @@ -97,6 +97,7 @@ allow = [ "OpenSSL", "Zlib", "NCSA", + "CDLA-Permissive-2.0", ] # The confidence threshold for detecting a license from license text. # The higher the value, the more closely the license text must be to the From ff00184746c7bd7a313908c5b44eacdd7480dbd2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 12:33:54 +0000 Subject: [PATCH 35/42] chore(deps): Update Prek to v0.3.10 (#63) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.9` → `0.3.10` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.10`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#0310) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.9...v0.3.10) Released on 2026-04-21. ##### Enhancements - Disallow rev for non-remote repos in schema ([#​1964](https://redirect.github.com/j178/prek/pull/1964)) - Hide up-to-date output in non-verbose mode ([#​1942](https://redirect.github.com/j178/prek/pull/1942)) - Improve merge conflict marker detection ([#​1937](https://redirect.github.com/j178/prek/pull/1937)) - Keep finished hooks visible ([#​1967](https://redirect.github.com/j178/prek/pull/1967)) - Preserve frozen comment spacing in auto-update ([#​1945](https://redirect.github.com/j178/prek/pull/1945)) - Reimplement `@j178/prek` npm package ([#​1973](https://redirect.github.com/j178/prek/pull/1973)) ##### Bug fixes - Prefer stable Rust toolchains ([#​1974](https://redirect.github.com/j178/prek/pull/1974)) ##### Documentation - Add `SKILL.md` for prek ([#​1950](https://redirect.github.com/j178/prek/pull/1950)) - Document `gh skill install j178/prek prek` to install prek skill for agents ([#​1951](https://redirect.github.com/j178/prek/pull/1951)) - Improve compatibility and migration docs ([#​1940](https://redirect.github.com/j178/prek/pull/1940)) ##### Other changes - Sync latest identify tags ([#​1947](https://redirect.github.com/j178/prek/pull/1947)) ##### Contributors - [@​github-actions](https://redirect.github.com/github-actions) - [@​renovate](https://redirect.github.com/renovate) - [@​j178](https://redirect.github.com/j178)
--- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Every minute (`* * * * *`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index f4b086c..dac32f9 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -29,4 +29,4 @@ jobs: - name: prek uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2.0.1 with: - prek-version: '0.3.9' + prek-version: '0.3.10' From dd01d8b3115618381f2a4af1aac05d184b0832ea Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Apr 2026 05:15:50 +0000 Subject: [PATCH 36/42] chore(deps): Update Prek to v0.3.11 (#64) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prek](https://redirect.github.com/j178/prek) | patch | `0.3.10` → `0.3.11` | --- ### Release Notes
j178/prek (prek) ### [`v0.3.11`](https://redirect.github.com/j178/prek/blob/HEAD/CHANGELOG.md#0311) [Compare Source](https://redirect.github.com/j178/prek/compare/v0.3.10...v0.3.11) Released on 2026-04-27. ##### Highlights Hook entries now have an explicit `shell` option for shell snippets. Set `shell: sh`, `bash`, `pwsh`, `powershell`, or `cmd` when an entry should be evaluated by that shell; leaving it unset keeps prek's direct argv execution. `prek auto-update` can now filter tag candidates before choosing an update. Both options take glob patterns: use `--include-tag` to only consider matching tag names, and `--exclude-tag` to skip matching tags such as moving tags or prereleases. ##### Enhancements - Add `auto-update --exclude-repo ` to skip repos ([#​1983](https://redirect.github.com/j178/prek/pull/1983)) - Add `auto-update --exit-code` to exit with non-zero on updates ([#​2002](https://redirect.github.com/j178/prek/pull/2002)) - Add `auto-update --include-tag `/`--exclude-tag ` to filter tags ([#​1984](https://redirect.github.com/j178/prek/pull/1984)) - Adds an explicit `shell` hook option for entries that should run as shell source ([#​2004](https://redirect.github.com/j178/prek/pull/2004)) - Make `--hook-dir` optional for hook-impl ([#​1989](https://redirect.github.com/j178/prek/pull/1989)) - Skip shim warning when `--script-version` is missing ([#​1990](https://redirect.github.com/j178/prek/pull/1990)) ##### Bug fixes - Install Ruby executable in gem bin ([#​2017](https://redirect.github.com/j178/prek/pull/2017)) - Use dedicated Android npm package ([#​1982](https://redirect.github.com/j178/prek/pull/1982)) - Use stable repo keys without breaking cached clones ([#​1995](https://redirect.github.com/j178/prek/pull/1995)) ##### Documentation - Explain prek name ([#​1980](https://redirect.github.com/j178/prek/pull/1980)) - Clarify `pass_filenames` concurrency docs ([#​1999](https://redirect.github.com/j178/prek/pull/1999)) - Reorganize documentation references ([#​2005](https://redirect.github.com/j178/prek/pull/2005)) - Clarify hook author manifest env docs ([#​1991](https://redirect.github.com/j178/prek/pull/1991)) - docs: add Sentry to users list ([#​1981](https://redirect.github.com/j178/prek/pull/1981)) ##### Contributors - [@​j178](https://redirect.github.com/j178)
--- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Every minute (`* * * * *`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/epage/_rust). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index dac32f9..b3d501c 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -29,4 +29,4 @@ jobs: - name: prek uses: j178/prek-action@53276d8b0d10f8b6672aa85b4588c6921d0370cc # v2.0.1 with: - prek-version: '0.3.10' + prek-version: '0.3.11' From cc53e464457e2c5e59ec17bc29fc6921778697b8 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 1 May 2026 10:42:46 -0500 Subject: [PATCH 37/42] chore(ci): Track specific tags --- .github/workflows/ci.yml | 14 +++++++------- .github/workflows/committed.yml | 2 +- .github/workflows/rust-next.yml | 4 ++-- .github/workflows/spelling.yml | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 25e1295..2f8fbb3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,7 +51,7 @@ jobs: with: toolchain: ${{ matrix.rust }} - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Install cargo-hack uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: @@ -76,7 +76,7 @@ jobs: with: toolchain: stable - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Install cargo-hack uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: @@ -118,7 +118,7 @@ jobs: with: toolchain: stable - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: "Is lockfile updated?" run: cargo update --workspace --locked docs: @@ -134,7 +134,7 @@ jobs: with: toolchain: "1.95" # STABLE - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Check documentation env: RUSTDOCFLAGS: -D warnings @@ -153,7 +153,7 @@ jobs: toolchain: "1.95" # STABLE components: rustfmt - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Check formatting run: cargo fmt --check clippy: @@ -172,7 +172,7 @@ jobs: toolchain: "1.95" # STABLE components: clippy - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Install SARIF tools run: cargo install clippy-sarif --locked - name: Install SARIF tools @@ -204,7 +204,7 @@ jobs: with: toolchain: stable - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Install cargo-tarpaulin run: cargo install cargo-tarpaulin - name: Gather coverage diff --git a/.github/workflows/committed.yml b/.github/workflows/committed.yml index f15e815..3f18252 100644 --- a/.github/workflows/committed.yml +++ b/.github/workflows/committed.yml @@ -26,4 +26,4 @@ jobs: fetch-depth: 0 persist-credentials: false - name: Lint Commits - uses: crate-ci/committed@4cd58ed75e5f581ba45f42ef52e055cc001def37 # master + uses: crate-ci/committed@faeed42f2e10c244533a01525f13c4d8b6ce383f # v1.11.1 diff --git a/.github/workflows/rust-next.yml b/.github/workflows/rust-next.yml index 2d68164..d749e86 100644 --- a/.github/workflows/rust-next.yml +++ b/.github/workflows/rust-next.yml @@ -41,7 +41,7 @@ jobs: with: toolchain: ${{ matrix.rust }} - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Install cargo-hack uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: @@ -68,7 +68,7 @@ jobs: with: toolchain: stable - name: Initialize cache - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 + uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 - name: Install cargo-hack uses: taiki-e/install-action@97a5807a604e12de3a13b52d868ebecaeeea757c # v2.75.4 with: diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index e3cec04..37a8847 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -24,4 +24,4 @@ jobs: with: persist-credentials: false - name: Spell Check Repo - uses: crate-ci/typos@8f11c0dc0f31c780c45b3dd5b72ff4b48a350b75 # master + uses: crate-ci/typos@bbaefadf97b0ec5fdc942684b647f1a6ab250274 # v1.46.0 From f3e0cc04a86c05122a0cca68ad5a2a053fd00221 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 1 May 2026 11:00:39 -0500 Subject: [PATCH 38/42] chore: Experiment with more lints --- Cargo.toml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/Cargo.toml b/Cargo.toml index 8c7aef7..016a8a8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -18,6 +18,9 @@ include = [ [workspace.lints.rust] rust_2018_idioms = { level = "warn", priority = -1 } + +non_ascii_idents = "warn" +trivial_numeric_casts = "warn" unnameable_types = "warn" unreachable_pub = "warn" unsafe_op_in_unsafe_fn = "warn" @@ -26,11 +29,16 @@ unused_macro_rules = "warn" unused_qualifications = "warn" [workspace.lints.clippy] +allow_attributes_without_reason = "warn" bool_assert_comparison = "allow" branches_sharing_code = "allow" +cast_possible_truncation = "warn" +cast_possible_wrap = "warn" +cast_sign_loss = "warn" checked_conversions = "warn" collapsible_else_if = "allow" collapsible_match = "allow" +collection_is_never_read = "warn" create_dir = "warn" dbg_macro = "warn" debug_assert_with_mut_call = "warn" @@ -43,8 +51,10 @@ explicit_into_iter_loop = "warn" fallible_impl_from = "warn" filter_map_next = "warn" flat_map_option = "warn" +float_cmp = "warn" float_cmp_const = "warn" fn_params_excessive_bools = "warn" +fn_to_numeric_cast_any = "warn" from_iter_instead_of_collect = "warn" if_same_then_else = "allow" implicit_clone = "warn" @@ -61,10 +71,12 @@ linkedlist = "warn" lossy_float_literal = "warn" macro_use_imports = "warn" mem_forget = "warn" +mismatching_type_param_order = "warn" mutex_integer = "warn" needless_continue = "allow" needless_for_each = "warn" negative_feature_names = "warn" +partial_pub_fields = "warn" path_buf_push_overwrite = "warn" ptr_as_ptr = "warn" rc_mutex = "warn" @@ -75,13 +87,19 @@ result_large_err = "allow" same_functions_in_if_condition = "warn" self_named_module_files = "warn" semicolon_if_nothing_returned = "warn" +should_panic_without_expect = "warn" str_to_string = "warn" string_add = "warn" string_add_assign = "warn" string_lit_as_bytes = "warn" todo = "warn" trait_duplication_in_bounds = "warn" +undocumented_unsafe_blocks = "warn" uninlined_format_args = "warn" +unnecessary_safety_comment = "warn" +unnecessary_safety_doc = "warn" +unseparated_literal_suffix = "warn" +use_self = "warn" verbose_file_reads = "warn" wildcard_imports = "warn" zero_sized_map_values = "warn" From 1071ec1f73fcf82bb104bc4b45a73fe6a7babe92 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 1 May 2026 15:31:20 -0500 Subject: [PATCH 39/42] chore(ci): Batch action updates --- .github/renovate.json5 | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index d880c30..c02c2a6 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -71,6 +71,17 @@ ], automerge: true, }, + { + matchManagers: [ + 'github-actions', + ], + matchUpdateTypes: [ + 'minor', + 'patch', + ], + automerge: true, + groupName: 'compatible (actions)', + }, // Goals: // - Keep version reqs low, ignoring compatible normal/build dependencies // - Take advantage of latest dev-dependencies From 372a47db1c742ad84100a07222da7694e9ef35c8 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 1 May 2026 15:33:37 -0500 Subject: [PATCH 40/42] chore: Drop automod --- Cargo.lock | 49 ------------------------------------ Cargo.toml | 3 --- tests/testsuite/delete_me.rs | 0 tests/testsuite/main.rs | 2 +- 4 files changed, 1 insertion(+), 53 deletions(-) delete mode 100644 tests/testsuite/delete_me.rs diff --git a/Cargo.lock b/Cargo.lock index ab75bda..49c1f2d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -5,52 +5,3 @@ version = 3 [[package]] name = "PROJECT" version = "0.0.1" -dependencies = [ - "automod", -] - -[[package]] -name = "automod" -version = "1.0.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ebb4bd301db2e2ca1f5be131c24eb8ebf2d9559bc3744419e93baf8ddea7e670" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "proc-macro2" -version = "1.0.79" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e835ff2298f5721608eb1a980ecaee1aef2c132bf95ecc026a11b7bf3c01c02e" -dependencies = [ - "unicode-ident", -] - -[[package]] -name = "quote" -version = "1.0.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" -dependencies = [ - "proc-macro2", -] - -[[package]] -name = "syn" -version = "2.0.55" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "002a1b3dbf967edfafc32655d0f377ab0bb7b994aa1d32c8cc7e9b8bf3ebb8f0" -dependencies = [ - "proc-macro2", - "quote", - "unicode-ident", -] - -[[package]] -name = "unicode-ident" -version = "1.0.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" diff --git a/Cargo.toml b/Cargo.toml index 016a8a8..42b2116 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -143,8 +143,5 @@ default = [] [dependencies] -[dev-dependencies] -automod = "1.0.14" - [lints] workspace = true diff --git a/tests/testsuite/delete_me.rs b/tests/testsuite/delete_me.rs deleted file mode 100644 index e69de29..0000000 diff --git a/tests/testsuite/main.rs b/tests/testsuite/main.rs index 4441374..8b13789 100644 --- a/tests/testsuite/main.rs +++ b/tests/testsuite/main.rs @@ -1 +1 @@ -automod::dir!("tests/testsuite"); + From 1e1d586ea665125e50de4c237afe98b907391035 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 1 May 2026 16:43:25 -0500 Subject: [PATCH 41/42] chore(renovate): Fix the tag --- .github/workflows/committed.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/committed.yml b/.github/workflows/committed.yml index 3f18252..188c58b 100644 --- a/.github/workflows/committed.yml +++ b/.github/workflows/committed.yml @@ -26,4 +26,4 @@ jobs: fetch-depth: 0 persist-credentials: false - name: Lint Commits - uses: crate-ci/committed@faeed42f2e10c244533a01525f13c4d8b6ce383f # v1.11.1 + uses: crate-ci/committed@faeed42f2e10c244533a01525f13c4d8b6ce383f # v1.1.11 From 68d88b4d33133a3ec9e4f7e6a6bd8209acd33171 Mon Sep 17 00:00:00 2001 From: Ed Page Date: Fri, 1 May 2026 18:59:01 -0500 Subject: [PATCH 42/42] style: Make clippy happy --- examples/failure.rs | 2 +- src/assert.rs | 6 +++--- src/fixture/child.rs | 2 +- src/fixture/errors.rs | 12 ++++++------ tests/assert.rs | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/examples/failure.rs b/examples/failure.rs index eb29a7b..9a788b6 100644 --- a/examples/failure.rs +++ b/examples/failure.rs @@ -1,4 +1,4 @@ -#![allow(clippy::unwrap_used)] +#![allow(clippy::unwrap_used, reason = "simplicity")] use assert_fs::prelude::*; diff --git a/src/assert.rs b/src/assert.rs index 4f16b40..6873474 100644 --- a/src/assert.rs +++ b/src/assert.rs @@ -223,7 +223,7 @@ pub struct BytesContentPathPredicate( impl BytesContentPathPredicate { pub(crate) fn new(value: &'static [u8]) -> Self { let pred = predicates::ord::eq(value).from_file_path(); - BytesContentPathPredicate(pred) + Self(pred) } } @@ -298,7 +298,7 @@ pub struct StrContentPathPredicate( impl StrContentPathPredicate { pub(crate) fn new(value: String) -> Self { let pred = predicates::str::diff(value).from_utf8().from_file_path(); - StrContentPathPredicate(pred) + Self(pred) } } @@ -391,7 +391,7 @@ where { pub(crate) fn new(value: P) -> Self { let pred = value.from_utf8().from_file_path(); - StrPathPredicate(pred) + Self(pred) } } diff --git a/src/fixture/child.rs b/src/fixture/child.rs index 32723e9..13c5c72 100644 --- a/src/fixture/child.rs +++ b/src/fixture/child.rs @@ -45,7 +45,7 @@ impl PathChild for ChildPath { where P: AsRef, { - ChildPath::new(self.path().join(path.as_ref())) + Self::new(self.path().join(path.as_ref())) } } diff --git a/src/fixture/errors.rs b/src/fixture/errors.rs index 47f97f2..1077a35 100644 --- a/src/fixture/errors.rs +++ b/src/fixture/errors.rs @@ -48,12 +48,12 @@ pub enum FixtureKind { impl fmt::Display for FixtureKind { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { match *self { - FixtureKind::Walk => write!(f, "Failed when walking the source tree,"), - FixtureKind::CopyFile => write!(f, "Failed when copying a file."), - FixtureKind::WriteFile => write!(f, "Failed when writing to a file."), - FixtureKind::CreateDir => write!(f, "Failed when creating a directory."), - FixtureKind::Cleanup => write!(f, "Failed to cleanup fixture."), - FixtureKind::Symlink => write!(f, "Failed when symlinking to the target."), + Self::Walk => write!(f, "Failed when walking the source tree,"), + Self::CopyFile => write!(f, "Failed when copying a file."), + Self::WriteFile => write!(f, "Failed when writing to a file."), + Self::CreateDir => write!(f, "Failed when creating a directory."), + Self::Cleanup => write!(f, "Failed to cleanup fixture."), + Self::Symlink => write!(f, "Failed when symlinking to the target."), } } } diff --git a/tests/assert.rs b/tests/assert.rs index 887383a..efa14a0 100644 --- a/tests/assert.rs +++ b/tests/assert.rs @@ -16,7 +16,7 @@ fn code_example() { } #[test] -#[should_panic] +#[should_panic = "Unexpected file"] fn verify_failure_output() { let f = assert_fs::fixture::ChildPath::new("Cargo.toml"); f.assert("Not real content");