51deadec41
After the [recent supply chain attack](https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup) in `tj-actions/changed-files` and actions based on it, it's become clear that relying on git tags to pin our dependencies is not enough (as tags can simply be replaced). Therefore we need to switch to hashes. Dependabot should continue to update these dependencies for us. Best reviewed commit-by-commit. Though if CI passes, we're *probably* fine.
49 lines
1.5 KiB
YAML
49 lines
1.5 KiB
YAML
# A helper workflow to automatically fixup any linting errors on a PR. Must be
|
|
# triggered manually.
|
|
|
|
name: Attempt to automatically fix linting errors
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
fixup:
|
|
name: Fix up
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
|
|
- name: Install Rust
|
|
uses: dtolnay/rust-toolchain@56f84321dbccf38fb67ce29ab63e4754056677e0 # master (rust 1.85.1)
|
|
with:
|
|
# We use nightly so that `fmt` correctly groups together imports, and
|
|
# clippy correctly fixes up the benchmarks.
|
|
toolchain: nightly-2022-12-01
|
|
components: clippy, rustfmt
|
|
- uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
|
|
|
|
- name: Setup Poetry
|
|
uses: matrix-org/setup-python-poetry@4421c92b6223f03ae55560e29aa8ebd39cf6314a # v1.2.4
|
|
with:
|
|
install-project: "false"
|
|
|
|
- name: Run ruff check
|
|
continue-on-error: true
|
|
run: poetry run ruff check --fix .
|
|
|
|
- name: Run ruff format
|
|
continue-on-error: true
|
|
run: poetry run ruff format --quiet .
|
|
|
|
- run: cargo clippy --all-features --fix -- -D warnings
|
|
continue-on-error: true
|
|
|
|
- run: cargo fmt
|
|
continue-on-error: true
|
|
|
|
- uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0
|
|
with:
|
|
commit_message: "Attempt to fix linting"
|