ci: enforce clippy -D warnings and cargo audit as hard gates · ccc6ba9c02 - guru-connect

ci: enforce clippy -D warnings and cargo audit as hard gates

All checks were successful

Build and Test / Build Agent (Windows) (push) Successful in 12m18s

Details

Build and Test / Build Server (Linux) (push) Successful in 14m11s

Details

Build and Test / Security Audit (push) Successful in 5m32s

Details

Build and Test / Build Summary (push) Successful in 9s

Details

Flip both CI gates from informational to hard-fail (SPEC-001 quality gates):
- clippy: `-- -D warnings` on the server crate. Cleared the debt via clippy --fix
  (unused imports/style), targeted #[allow(dead_code)] on native-remote-control
  future API, and #[allow(clippy::too_many_arguments)] on 3 protocol-mirroring fns.
- cargo audit: hard-fail with documented per-ID --ignore flags (rsa RUSTSEC-2023-0071
  unfixable/unreachable in active tree; gtk-rs + glib Linux-only tray backend not
  compiled into the Windows agent; proc-macro-error build-time). New advisories fail.
- Move [profile.release] to the workspace root (it was silently ignored in the server
  member), activating lto/codegen-units/strip.

No behavioral changes. Reviewed and gates verified passing on the build host.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

This commit is contained in:

Mike Swanson

2026-05-30 00:18:50 +00:00

parent 6e7e7c0ccb

commit ccc6ba9c02

21 changed files with 92 additions and 55 deletions

									
										5

server/Cargo.toml
									
												View File
												
				@@ -60,8 +60,3 @@ prometheus-client = "0.22"

				[build-dependencies]

				prost-build = "0.13"

				[profile.release]

				lto = true

				codegen-units = 1

				strip = true

5 server/Cargo.toml Unescape Escape View File

5

server/Cargo.toml

View File