feat(engine): detect usage of env.storage().instance().update() witho… #284

Workflow file for this run

	name: CI

	on:
	push:
	branches: ["main"]
	pull_request:
	branches: ["main"]

	env:
	CARGO_TERM_COLOR: always

	jobs:
	ci:
	name: Continuous Integration
	strategy:
	matrix:
	os: [ubuntu-latest, macos-latest, windows-latest]
	runs-on: ${{ matrix.os }}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Install stable Rust toolchain
	uses: dtolnay/rust-toolchain@stable
	with:
	components: rustfmt, clippy

	- name: Cache cargo registry & build artifacts
	uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/bin/
	~/.cargo/registry/index/
	~/.cargo/registry/cache/
	~/.cargo/git/db/
	target/
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-cargo-

	- name: Install Z3 (Linux)
	if: runner.os == 'Linux'
	run: \|
	sudo apt-get update
	sudo apt-get install -y libz3-dev

	- name: Install Z3 (macOS)
	if: runner.os == 'macOS'
	run: \|
	brew install z3 llvm
	echo "Z3_SYS_Z3_HEADER=$(brew --prefix z3)/include/z3.h" >> $GITHUB_ENV
	echo "LIBRARY_PATH=$(brew --prefix z3)/lib:$LIBRARY_PATH" >> $GITHUB_ENV
	echo "CPATH=$(brew --prefix z3)/include:$CPATH" >> $GITHUB_ENV
	echo "LLVM_CONFIG_PATH=$(brew --prefix llvm)/bin/llvm-config" >> $GITHUB_ENV

	- name: Install Z3 (Windows)
	if: runner.os == 'Windows'
	run: \|
	choco install z3 -y
	echo "Z3_SYS_Z3_HEADER=C:\ProgramData\chocolatey\lib\z3\tools\include\z3.h" \| Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
	echo "LIB=C:\ProgramData\chocolatey\lib\z3\tools\lib;$env:LIB" \| Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append

	- name: Install system dependencies (Linux only)
	if: runner.os == 'Linux'
	run: \|
	sudo apt-get update
	sudo apt-get install -y libdbus-1-dev pkg-config

	- name: Lint (make lint smoke test)
	run: make lint

	- name: Check formatting
	run: cargo fmt --all --check

	- name: Run Clippy (workspace)
	run: cargo clippy --workspace --all-targets --all-features -- -D warnings

	- name: Run Clippy (runtime guard wasm target)
	run: cargo clippy -p runtime-guard-wrapper --target wasm32-unknown-unknown -- -D warnings

	- name: Build All (Debug)
	run: \|
	cargo build -p sanctifier-core --all-features
	cd tooling/sanctifier-cli && cargo build

	- name: Run All Tests
	run: \|
	cargo test -p sanctifier-core --all-features
	cargo test -p sanctifier-cli

	- name: Code coverage (Linux only)
	if: runner.os == 'Linux'
	run: \|
	cargo install cargo-tarpaulin --locked --quiet
	cargo tarpaulin --workspace --out Xml --output-dir coverage/

	- name: Upload coverage to Codecov (Linux only)
	if: runner.os == 'Linux'
	uses: codecov/codecov-action@v4
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: coverage/cobertura.xml
	fail_ci_if_error: false
	slug: HyperSafeD/Sanctifier

	- name: Build Release CLI
	run: cd tooling/sanctifier-cli && cargo build --release

	frontend-test:
	name: Frontend Unit Tests
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 22
	cache: npm
	cache-dependency-path: frontend/package-lock.json

	- name: Build WASM stub
	run: \|
	mkdir -p tooling/sanctifier-wasm/pkg
	echo '{"name":"@sanctifier/wasm","version":"0.0.0","main":"index.js"}' > tooling/sanctifier-wasm/pkg/package.json
	echo 'module.exports = {};' > tooling/sanctifier-wasm/pkg/index.js

	- name: Install frontend dependencies
	run: cd frontend && npm ci

	- name: Run unit tests
	run: cd frontend && npm test

	- name: Generate coverage report
	run: cd frontend && npm run test:coverage
	continue-on-error: true

	- name: Upload coverage artifact
	uses: actions/upload-artifact@v4
	with:
	name: frontend-coverage
	path: frontend/coverage/
	retention-days: 7

	commitlint:
	name: Lint Commit Messages
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request'

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 22

	- name: Install commitlint
	run: \|
	cd frontend
	npm install --save-dev @commitlint/cli @commitlint/config-conventional

	- name: Validate PR commits
	run: \|
	cd frontend
	npx commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose

	wasm:
	name: Build WASM Package
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Install stable Rust toolchain
	uses: dtolnay/rust-toolchain@stable
	with:
	targets: wasm32-unknown-unknown

	- name: Cache cargo registry & build artifacts
	uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/bin/
	~/.cargo/registry/index/
	~/.cargo/registry/cache/
	~/.cargo/git/db/
	tooling/sanctifier-wasm/target/
	key: ${{ runner.os }}-wasm-${{ hashFiles('tooling/sanctifier-wasm/Cargo.lock', 'tooling/sanctifier-core/Cargo.toml') }}
	restore-keys: \|
	${{ runner.os }}-wasm-

	- name: Install wasm-pack
	run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf \| sh

	- name: Build WASM package
	run: \|
	cd tooling/sanctifier-wasm
	wasm-pack build --target web --out-dir pkg --out-name sanctifier_wasm
	# Inject the npm package name expected by the frontend
	node -e "
	const fs = require('fs');
	const pkg = JSON.parse(fs.readFileSync('pkg/package.json', 'utf8'));
	pkg.name = '@sanctifier/wasm';
	fs.writeFileSync('pkg/package.json', JSON.stringify(pkg, null, 2));
	"

	- name: Upload WASM artifact
	uses: actions/upload-artifact@v4
	with:
	name: sanctifier-wasm-pkg
	path: tooling/sanctifier-wasm/pkg/
	retention-days: 7

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(engine): detect usage of env.storage().instance().update() witho… #284

Workflow file

feat(engine): detect usage of env.storage().instance().update() witho… #284

Uh oh!

Workflow file for this run