Skip to content

Commit

Permalink
Merge #466 #467
Browse files Browse the repository at this point in the history 
466: Use external action to setup the Rust toolchain r=jonasbb a=jonasbb

The action takes care of integrating CI and caching too.

467: Bump ossf/scorecard-action from 1.1.0 to 1.1.1 r=jonasbb a=dependabot[bot]

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.0 to 1.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p>
<blockquote>
<h2>v1.1.1</h2>
<h2>What's Changed</h2>
<p>Fix for <a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/323">ossf/scorecard-action#323</a></p>
<p><strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v1.1.0...v1.1.1">https://github.com/ossf/scorecard-action/compare/v1.1.0...v1.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/ossf/scorecard-action/commit/3e15ea8318eee9b333819ec77a36aca8d39df13e"><code>3e15ea8</code></a> ✨ Bump container hash to use scorecard v4.3.1 (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/324">#324</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/6c071aca8599d63e8125a51b6b698c0f9e75bc54"><code>6c071ac</code></a> 🌱 Bump actions/setup-go from 3.1.0 to 3.2.0</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/51fbe793f85fb5cc5ba2014839c838aff0228177"><code>51fbe79</code></a> 🌱 Bump debian from <code>fbaacd5</code> to <code>06a93cb</code></li>
<li><a href="https://github.com/ossf/scorecard-action/commit/d8a25b210c487a143a67fac8ae05612b6ee81ff9"><code>d8a25b2</code></a> 🌱 Bump github.com/caarlos0/env/v6 from 6.9.2 to 6.9.3</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/cd3637b65cef198b9be1162b557eeaab7a0a8887"><code>cd3637b</code></a> Update README.md (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/319">#319</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/77f5e34142bc416a475a7c6abd090302af532f7c"><code>77f5e34</code></a> 🌱 .github: Add dependency review action (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/165">#165</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/ef34fe9e22cb41cacfa034924045103524c632f1"><code>ef34fe9</code></a> 📖 docs/e2e: Add information about golang-staging branch tests (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/170">#170</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/1aa187dfb0742950fb8f08f4068dd6af6bd3367a"><code>1aa187d</code></a> 🌱 Bump github/codeql-action from 2.1.10 to 2.1.11 (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/311">#311</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/049eb0c0d4a12868f4be4b39f1f896ca0cd3aa13"><code>049eb0c</code></a> 🌱 Bump github.com/ossf/scorecard/v4 from 4.2.0 to 4.3.0 (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/313">#313</a>)</li>
<li>See full diff in <a href="https://github.com/ossf/scorecard-action/compare/v1.1.0...v1.1.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=1.1.0&new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: Jonas Bushart <jonas@bushart.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@bors @jonasbb @dependabot
3 people committed Jun 4, 2022
3 parents 7d9aebc + 46d3540 + c0dbe73 commit 53af356
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 68 deletions.
33 changes: 0 additions & 33 deletions .github/rust.json
View file

This file was deleted.

53 changes: 19 additions & 34 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,6 @@ on:
- cron: "0 0 * * 1"
permissions: read-all

env:
CARGO_INCREMENTAL: 0
# Debug infos are not really needed for CI and this keeps the cache smaller
CARGO_PROFILE_DEV_DEBUG: 0
RUSTFLAGS: -D warnings

jobs:
clippy_check:
strategy:
Expand All @@ -30,13 +24,11 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: "Install/Update the Rust version"
run: |
rustup toolchain install ${{ matrix.rust }} --profile minimal --component clippy
rustup default ${{ matrix.rust }}
cargo --version
rustc --version
- run: echo "::add-matcher::.github/rust.json"
- uses: Swatinem/rust-cache@v1
uses: actions-rust-lang/setup-rust-toolchain@v1
with:
toolchain: ${{ matrix.rust }}
components: clippy

- name: clippy "No Default Features" (${{ matrix.os }} / ${{ matrix.rust }})
run: cargo clippy --workspace --no-default-features --all-targets
- name: clippy "Default" (${{ matrix.os }} / ${{ matrix.rust }})
Expand All @@ -54,12 +46,10 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: "Install/Update the Rust version"
run: |
rustup toolchain install ${{ matrix.rust }} --profile minimal --component rustfmt
rustup default ${{ matrix.rust }}
cargo --version
rustc --version
- run: echo "::add-matcher::.github/rust.json"
uses: actions-rust-lang/setup-rust-toolchain@v1
with:
components: rustfmt

- name: Rustfmt Check (${{ matrix.rust }})
run: cargo fmt --all -- --check

Expand All @@ -72,38 +62,33 @@ jobs:
# breakage occurs in intermediate versions.
# IMPORTANT: Synchronize the MSRV with the Cargo.toml values.
rust: ["1.53", "1.55", "1.60", "stable", "beta", "nightly"]
crate: ["serde_with", "serde_with_macros", "serde_with_test"]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- name: "Install/Update the Rust version"
run: |
rustup toolchain install ${{ matrix.rust }} --profile minimal
rustup default ${{ matrix.rust }}
cargo --version
rustc --version
- run: echo "::add-matcher::.github/rust.json"
- uses: Swatinem/rust-cache@v1
uses: actions-rust-lang/setup-rust-toolchain@v1
with:
toolchain: ${{ matrix.rust }}

# Build the project
- name: "Build (${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Build (${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo build --all-features --all-targets

# The tests are split into build and run steps, to see the time impact of each
# cargo test --all-targets does NOT run doctests
# since doctests are important this should not be added
# https://github.com/rust-lang/cargo/issues/6669
- name: "Test Build (No Default Features / ${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Test Build (No Default Features / ${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo test --no-default-features --no-run
- name: "Test Run (No Default Features / ${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Test Run (No Default Features / ${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo test --no-default-features --no-fail-fast
- name: "Test Build (Default Features / ${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Test Build (Default Features / ${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo test --no-run
- name: "Test Run (Default Features / ${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Test Run (Default Features / ${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo test --no-fail-fast
- name: "Test Build (All Features / ${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Test Build (All Features / ${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo test --all-features --no-run
- name: "Test Run (All Features / ${{ matrix.os }} / ${{ matrix.rust }} / Crate ${{ matrix.crate }})"
- name: "Test Run (All Features / ${{ matrix.os }} / ${{ matrix.rust }})"
run: cargo test --all-features --no-default-features --no-fail-fast

- name: Run cargo-tarpaulin
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scorecards-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@v1.1.0
uses: ossf/scorecard-action@v1.1.1
with:
results_file: results.sarif
results_format: sarif
Expand Down

0 comments on commit 53af356

Please sign in to comment.