install cargo audit #782
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Rust crate | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- "**" | |
pull_request: | |
branches: | |
- "**" | |
concurrency: | |
group: ${{ github.event_name == 'pull_request' && format('{0}-{1}', github.workflow_ref, github.event.pull_request.number) || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
build_crate: | |
name: Build crate | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Rust | |
uses: dtolnay/rust-toolchain@stable | |
with: | |
components: rustfmt, clippy | |
- name: Fmt | |
run: cargo fmt --all -- --files-with-diff --check | |
- name: Clippy | |
run: cargo clippy --workspace --all-features --all-targets -- -D warnings | |
- name: Install cargo-machete | |
run: cargo install cargo-machete | |
- name: Unused dependencies | |
run: cargo machete | |
- name: Tests (debug) | |
run: cargo test --workspace --all-features | |
- name: Tests (release) | |
run: cargo test --workspace --all-features --release | |
- name: Build (release) | |
run: cargo build --workspace --all-features --release | |
- name: Install cargo-workspaces | |
run: cargo install cargo-workspaces --locked | |
- name: Publish (dry run) | |
run: cargo ws publish --publish-as-is --dry-run | |
- name: Upload crate artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: crate | |
path: ./target/package/*-*.crate | |
- name: Publish (crates.io) | |
if: startsWith(github.event.ref, 'refs/tags') | |
env: | |
CARGO_REGISTRY_TOKEN: ${{ secrets.cargo_registry_token }} | |
run: cargo ws publish --publish-as-is | |
fuzz_tests: | |
runs-on: ubuntu-latest | |
env: | |
CARGO_PROFILE_RELEASE_LTO: false | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@nightly | |
with: | |
toolchain: nightly-2025-01-12 | |
- name: Install cargo-fuzz | |
run: cargo +nightly-2025-01-12 install cargo-fuzz | |
- name: Fuzz (chia-consensus) | |
run: | | |
cd crates/chia-consensus | |
cargo fuzz list | xargs -I "%" sh -c "cargo +nightly-2025-01-12 fuzz run % -- -max_total_time=20 || exit 255" | |
- name: Fuzz (chia-bls) | |
env: | |
# We disable leak reports here because blspy appears to be allocating | |
# memory that's not freed. It might be a false positive since python is | |
# not unloaded before exiting. | |
LSAN_OPTIONS: detect_leaks=0 | |
run: | | |
cd crates/chia-bls | |
python -m pip install blspy | |
cargo fuzz list | xargs -I "%" sh -c "cargo +nightly-2025-01-12 fuzz run % -- -max_total_time=10 || exit 255" | |
- name: Fuzz (clvm-utils) | |
run: | | |
cd crates/clvm-utils | |
cargo fuzz list | xargs -I "%" sh -c "cargo +nightly-2025-01-12 fuzz run % -- -max_total_time=20 || exit 255" | |
- name: Fuzz (chia-protocol) | |
run: | | |
cd crates/chia-protocol | |
cargo fuzz list | xargs -I "%" sh -c "cargo +nightly-2025-01-12 fuzz run % -- -max_total_time=20 || exit 255" | |
- name: Fuzz (chia-puzzle-types) | |
run: | | |
cd crates/chia-puzzle-types | |
cargo fuzz list | xargs -I "%" sh -c "cargo +nightly-2025-01-12 fuzz run % -- -max_total_time=20 || exit 255" | |
- name: Fuzz (clvm-traits) | |
run: | | |
cd crates/clvm-traits | |
cargo fuzz list | xargs -I "%" sh -c "cargo +nightly-2025-01-12 fuzz run % -- -max_total_time=20 || exit 255" |