Skip to content

Add standardized CI lint workflow and enhance pre-commit hook #321

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
tarrencev wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add standardized CI lint workflow and enhance pre-commit hook #321

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 56 additions & 9 deletions .githooks/pre-commit
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,61 @@
#!/bin/bash
#!/usr/bin/env bash

# Exit immediately if a command exits with a non-zero status
set -e

echo "Running pre-commit hook..."
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

echo -e "${BLUE}Running pre-commit hooks...${NC}"

# Get the list of staged files
STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM)

if [ -z "$STAGED_FILES" ]; then
echo -e "${YELLOW}No staged files found.${NC}"
exit 0
fi

# Flag to track if any files were modified
FILES_MODIFIED=false

# Run clippy
echo "Running cargo clippy..."
./scripts/clippy.sh
# Process Rust files
RUST_FILES=$(echo "$STAGED_FILES" | grep '\.rs$' || true)
if [ -n "$RUST_FILES" ]; then
echo -e "${BLUE}Formatting Rust files...${NC}"

# Format Rust files using nightly (as per project convention)
echo "$RUST_FILES" | xargs cargo +nightly fmt --edition 2021

# Check if formatting changed any files
for file in $RUST_FILES; do
if ! git diff --exit-code "$file" > /dev/null; then
echo -e "${YELLOW}Formatted: $file${NC}"
FILES_MODIFIED=true
fi
done
Copy link

@cursor cursor bot Aug 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Rust Pre-commit Hook Fails on Spaces

The pre-commit hook incorrectly formats Rust files and fails to handle filenames with spaces.

  1. Incorrect cargo fmt invocation: The cargo +nightly fmt command is passed file arguments directly, which cargo fmt does not accept, and includes an invalid --edition 2021 flag. This will cause the formatting step to fail or behave unexpectedly.
  2. Filenames with spaces: The script fails to properly handle filenames containing spaces. Both the xargs command used for formatting and the subsequent loop checking for modifications will split such filenames on whitespace, leading to errors or processing of incorrect file paths.
Fix in Cursor Fix in Web


# Run clippy with strict settings
echo -e "${BLUE}Running clippy on Rust files...${NC}"
if ! cargo clippy --all-targets --all-features -- -D warnings -D future-incompatible -D nonstandard-style -D rust-2018-idioms -D unused; then
echo -e "${RED}Clippy failed. Please fix the issues and try again.${NC}"
exit 1
fi
fi

# Run rustfmt
echo "Running cargo +nightly fmt..."
./scripts/rust_fmt_fix.sh
# If any files were modified, inform the user
if [ "$FILES_MODIFIED" = true ]; then
echo -e "${YELLOW}"
echo "Some files were automatically formatted. Please review the changes and re-stage them:"
echo " git add <modified-files>"
echo " git commit"
echo -e "${NC}"
exit 1
fi

echo "Pre-commit hook completed successfully."
echo -e "${GREEN}✅ All pre-commit checks passed!${NC}"
exit 0
33 changes: 33 additions & 0 deletions .github/workflows/lint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: Lint

on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]

jobs:
lint:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Setup Rust toolchain
uses: actions-rust-lang/setup-rust-toolchain@v1

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'Lint' step
Uses Step
Loading
uses 'actions-rust-lang/setup-rust-toolchain' with ref 'v1', not a pinned commit hash
with:
toolchain: nightly
components: rustfmt, clippy

- name: Check Rust formatting
run: cargo +nightly fmt --all -- --check

- name: Run Rust linting (Clippy) - strict mode
run: cargo clippy --all-targets --all-features -- -D warnings -D future-incompatible -D nonstandard-style -D rust-2018-idioms -D unused

- name: Build project
run: cargo build --all-targets

- name: Run tests
run: cargo test --all-features
Comment on lines +11 to +33

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 7 months ago

To fix the problem, add a permissions block to the workflow to explicitly set the minimum required permissions for the GITHUB_TOKEN. Since the workflow only needs to check out code and does not perform any actions that require write access (such as creating issues, pushing code, or modifying pull requests), the minimal permission required is contents: read. This can be set at the workflow level (applies to all jobs) or at the job level (applies only to the lint job). The best practice is to set it at the workflow level unless a job requires different permissions. Add the following block after the name field and before the on field:

permissions:
  contents: read

No additional imports, methods, or definitions are needed.

Suggested changeset 1
.github/workflows/lint.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,2 +1,4 @@
 name: Lint
+permissions:
+  contents: read
 
EOF
@@ -1,2 +1,4 @@
name: Lint
permissions:
contents: read

Copilot is powered by AI and may make mistakes. Always verify output.
Loading