diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f082f30..04758cd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,8 +26,8 @@ jobs: nix: ${{ steps.filter.outputs.nix }} steps: - name: Checkout Repository - uses: actions/checkout@v4 - - uses: dorny/paths-filter@v2 + uses: actions/checkout@v5 + - uses: dorny/paths-filter@v3 id: filter with: filters: | @@ -59,7 +59,7 @@ jobs: - rust+wasm steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 @@ -72,7 +72,7 @@ jobs: other: "--lib" - name: Install Nix - uses: cachix/install-nix-action@v23 + uses: cachix/install-nix-action@v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -118,7 +118,7 @@ jobs: - bin steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 @@ -152,7 +152,7 @@ jobs: command: install - name: Setup Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v6 - name: Install pre-commit run: pip install pre-commit @@ -161,7 +161,7 @@ jobs: run: pre-commit install - name: Install Nix - uses: cachix/install-nix-action@v23 + uses: cachix/install-nix-action@v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -194,12 +194,12 @@ jobs: - rust+wasm steps: - name: Install Protoc - uses: arduino/setup-protoc@v2 + uses: arduino/setup-protoc@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 @@ -233,7 +233,7 @@ jobs: command: install - name: Setup Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v6 - name: Install pre-commit run: pip install pre-commit @@ -242,7 +242,7 @@ jobs: run: pre-commit install - name: Install Nix - uses: cachix/install-nix-action@v23 + uses: cachix/install-nix-action@v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -270,7 +270,7 @@ jobs: - bin steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -300,12 +300,12 @@ jobs: PROJECT_NAME: fission-codes-rust-template steps: - name: Install Protoc - uses: arduino/setup-protoc@v2 + uses: arduino/setup-protoc@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -340,7 +340,7 @@ jobs: - bin steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -375,12 +375,12 @@ jobs: PROJECT_NAME: fission-codes-rust-template steps: - name: Install Protoc - uses: arduino/setup-protoc@v2 + uses: arduino/setup-protoc@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -423,7 +423,7 @@ jobs: - bin steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -467,12 +467,12 @@ jobs: - rust+wasm steps: - name: Install Protoc - uses: arduino/setup-protoc@v2 + uses: arduino/setup-protoc@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -520,7 +520,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -598,7 +598,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup cargo-generate uses: cargo-generate/cargo-generate-action@v0.18.3 @@ -672,12 +672,12 @@ jobs: working-directory: examples steps: - name: Install Protoc - uses: arduino/setup-protoc@v2 + uses: arduino/setup-protoc@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Cache Project uses: Swatinem/rust-cache@v2 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d28edf7..6ce38d1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -28,3 +28,12 @@ repos: - id: check-executables-have-shebangs - id: check-toml exclude: ^(rust|rust+wasm) + + - repo: local + hooks: + - id: copy-example-lockfiles + name: copy example cargo lockfiles + entry: scripts/copy-example-lockfiles.sh + language: script + files: ^examples/(Cargo\.(toml|lock)|.*/Cargo\.toml)$ + pass_filenames: false diff --git a/examples/README.md b/examples/README.md index d4bab41..8dcd206 100644 --- a/examples/README.md +++ b/examples/README.md @@ -2,6 +2,21 @@ This workspace contains numerous examples demonstrating template-generated code and combinations. Each example is setup as its own crate, with its own dependencies. +## Cargo.lock Synchronization + +The workspace automatically maintains synchronized `Cargo.lock` files for all +example templates. When dependencies are updated at the workspace level, a +pre-commit hook automatically copies the workspace `Cargo.lock` to each example +directory that contains a `Cargo.toml` file. This ensures all templates have +up-to-date dependency resolution for use with `cargo generate`. + +This synchronization happens automatically during commits when `Cargo.toml` or +`Cargo.lock` files are modified. You can also run it manually: + +```console +./scripts/copy-example-lockfiles.sh +``` + ## Running Examples To run any example from this top-level: diff --git a/examples/gen-axum/deny.toml b/examples/gen-axum/deny.toml index c749950..aa4e655 100644 --- a/examples/gen-axum/deny.toml +++ b/examples/gen-axum/deny.toml @@ -105,11 +105,11 @@ confidence-threshold = 0.8 # Allow 1 or more licenses on a per-crate basis, so that particular licenses # aren't accepted for every possible crate as with the normal allow list exceptions = [ - # The Unicode-DFS-2016 license is necessary for unicode-ident because they + # The Unicode-3.0 license is necessary for unicode-ident because they # use data from the unicode tables to generate the tables which are # included in the application. We do not distribute those data files so # this is not a problem for us. See https://github.com/dtolnay/unicode-ident/pull/9/files - { allow = ["Unicode-DFS-2016"], name = "unicode-ident", version = "*"}, + { allow = ["Unicode-3.0"], name = "unicode-ident", version = "*"}, ] # Some crates don't have (easily) machine readable licensing information, diff --git a/rust+wasm/deny.toml b/rust+wasm/deny.toml index c9aa6ec..78c8f1f 100644 --- a/rust+wasm/deny.toml +++ b/rust+wasm/deny.toml @@ -52,6 +52,7 @@ ignore = [ "RUSTSEC-2023-0071", # Impacts rsa crate, which is only used in dev, see # https://github.com/RustCrypto/RSA/pull/394 for remediation { id = "RUSTSEC-2024-0320", reason = "Not planning to force upgrade to rust-yaml2 yet" }, + { id = "RUSTSEC-2024-0375", reason = "atty unmaintained, only used by criterion in dev. Can likely upgrade criterion to resolve" }, ] # Threshold for security vulnerabilities, any vulnerability with a CVSS score # lower than the range specified will be ignored. Note that ignored advisories @@ -109,11 +110,11 @@ confidence-threshold = 0.8 # Allow 1 or more licenses on a per-crate basis, so that particular licenses # aren't accepted for every possible crate as with the normal allow list exceptions = [ - # The Unicode-DFS-2016 license is necessary for unicode-ident because they + # The Unicode-3.0 license is necessary for unicode-ident because they # use data from the unicode tables to generate the tables which are # included in the application. We do not distribute those data files so # this is not a problem for us. See https://github.com/dtolnay/unicode-ident/pull/9/files - { allow = ["Unicode-DFS-2016"], name = "unicode-ident", version = "*"}, + { allow = ["Unicode-3.0"], name = "unicode-ident", version = "*"}, { allow = ["OpenSSL"], name = "ring", version = "*" }, { allow = ["OpenSSL"], name = "aws-lc-sys", version = "*" }, { allow = ["MPL-2.0"], name = "webpki-roots", version = "*"}, diff --git a/rust+wasm/{{project-name}}-wasm/src/lib.rs b/rust+wasm/{{project-name}}-wasm/src/lib.rs index e4ffcca..4522383 100644 --- a/rust+wasm/{{project-name}}-wasm/src/lib.rs +++ b/rust+wasm/{{project-name}}-wasm/src/lib.rs @@ -31,9 +31,9 @@ pub fn set_panic_hook() { #[wasm_bindgen] extern "C" { - // For alerting + /// For alerting pub(crate) fn alert(s: &str); - // For logging in the console. + /// For logging in the console. #[wasm_bindgen(js_namespace = console)] pub fn log(s: &str); } diff --git a/rust/deny.toml b/rust/deny.toml index c9aa6ec..78c8f1f 100644 --- a/rust/deny.toml +++ b/rust/deny.toml @@ -52,6 +52,7 @@ ignore = [ "RUSTSEC-2023-0071", # Impacts rsa crate, which is only used in dev, see # https://github.com/RustCrypto/RSA/pull/394 for remediation { id = "RUSTSEC-2024-0320", reason = "Not planning to force upgrade to rust-yaml2 yet" }, + { id = "RUSTSEC-2024-0375", reason = "atty unmaintained, only used by criterion in dev. Can likely upgrade criterion to resolve" }, ] # Threshold for security vulnerabilities, any vulnerability with a CVSS score # lower than the range specified will be ignored. Note that ignored advisories @@ -109,11 +110,11 @@ confidence-threshold = 0.8 # Allow 1 or more licenses on a per-crate basis, so that particular licenses # aren't accepted for every possible crate as with the normal allow list exceptions = [ - # The Unicode-DFS-2016 license is necessary for unicode-ident because they + # The Unicode-3.0 license is necessary for unicode-ident because they # use data from the unicode tables to generate the tables which are # included in the application. We do not distribute those data files so # this is not a problem for us. See https://github.com/dtolnay/unicode-ident/pull/9/files - { allow = ["Unicode-DFS-2016"], name = "unicode-ident", version = "*"}, + { allow = ["Unicode-3.0"], name = "unicode-ident", version = "*"}, { allow = ["OpenSSL"], name = "ring", version = "*" }, { allow = ["OpenSSL"], name = "aws-lc-sys", version = "*" }, { allow = ["MPL-2.0"], name = "webpki-roots", version = "*"}, diff --git a/scripts/copy-example-lockfiles.sh b/scripts/copy-example-lockfiles.sh new file mode 100755 index 0000000..0e928c6 --- /dev/null +++ b/scripts/copy-example-lockfiles.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +# Script to copy workspace Cargo.lock to all example template directories +# This ensures templates have up-to-date lock files for cargo generate + +set -e + +# Define paths +WORKSPACE_LOCK="examples/Cargo.lock" +EXAMPLES_DIR="examples" + +# Check if workspace lock file exists +if [[ ! -f "$WORKSPACE_LOCK" ]]; then + echo "Error: Workspace Cargo.lock not found at $WORKSPACE_LOCK" + exit 1 +fi + +# Check if examples directory exists +if [[ ! -d "$EXAMPLES_DIR" ]]; then + echo "Error: Examples directory not found at $EXAMPLES_DIR" + exit 1 +fi + +# Find all subdirectories in examples/ that contain a Cargo.toml (excluding target) +example_dirs=() +while IFS= read -r -d '' dir; do + # Skip the target directory + if [[ "$(basename "$dir")" == "target" ]]; then + continue + fi + + # Check if the directory contains a Cargo.toml file + if [[ -f "$dir/Cargo.toml" ]]; then + example_dirs+=("$dir") + fi +done < <(find "$EXAMPLES_DIR" -mindepth 1 -maxdepth 1 -type d -print0) + +# Check if we found any example directories +if [[ ${#example_dirs[@]} -eq 0 ]]; then + echo "No example directories with Cargo.toml found in $EXAMPLES_DIR" + exit 0 +fi + +# Copy workspace lock to each example directory +copied_count=0 +for example_dir in "${example_dirs[@]}"; do + target_lock="$example_dir/Cargo.lock" + cp "$WORKSPACE_LOCK" "$target_lock" + echo "Copied $WORKSPACE_LOCK to $target_lock" + ((copied_count++)) +done + +echo "Successfully copied Cargo.lock to $copied_count example template(s)"