Merge pull request #12 from haha-business/release-prep

v1.1.0 release prep

.github/workflows/test.yml

@@ -8,11 +8,25 @@ on:
   merge_group:
 jobs:
   test:
-    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        toolchain: [stable, 1.59]
+        sysctl: ["vm.memfd_noexec=0", "vm.memfd_noexec=1"]
+        include:
+          - toolchain: 1.59
+            # https://users.rust-lang.org/t/skip-doctest-from-command-line/57379/2
+            test_args: --lib --bins --tests
+      fail-fast: false
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v4
-      - run: rustup update stable
+      - run: sudo sysctl -w ${{ matrix.sysctl }}
+      - run: rustup default ${{ matrix.toolchain }}
+      - run: cargo test --locked ${{ matrix.test_args }}
+      - run: cargo test --locked --no-default-features ${{ matrix.test_args }}
       - run: cargo fmt -- --check
-      - run: cargo clippy --all-targets -- -D warnings
-      - run: cargo test
-      - run: cargo doc
+        if: ${{ matrix.toolchain == 'stable' }}
+      - run: cargo clippy --locked --all-targets -- -D warnings
+        if: ${{ matrix.toolchain == 'stable' }}
+      - run: RUSTDOCFLAGS="-D warnings" cargo doc --locked
+        if: ${{ matrix.toolchain == 'stable' }}

CHANGELOG.md

@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [1.1.0] - 2024-10-03
 ### Added
 - `SealOptions`, an interface for directly creating and sealing anonymous files outside the context
   of executing them
@@ -17,6 +19,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 - `SealedCommand` and `execute_sealed` set `F_SEAL_EXEC` on Linux 6.3 and newer
+- `log` is now an optional dependency (remains enabled by default)
+- Log messages use symbolic names for syscall values
 - Moved source repository to <https://github.com/haha-business/pentacle>
 - Minimum supported Rust version (MSRV) now 1.59.0
 
@@ -37,7 +41,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Everything!
 
-[Unreleased]: https://github.com/iliana/pentacle/compare/v1.0.0...HEAD
+[Unreleased]: https://github.com/iliana/pentacle/compare/v1.1.0...HEAD
+[1.1.0]: https://github.com/iliana/pentacle/compare/v1.0.0...v1.1.0
 [1.0.0]: https://github.com/iliana/pentacle/compare/v0.2.0...v1.0.0
 [0.2.0]: https://github.com/iliana/pentacle/compare/v0.1.1...v0.2.0
 [0.1.1]: https://github.com/iliana/pentacle/compare/v0.1.0...v0.1.1

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "pentacle"
-version = "1.0.0"
+version = "1.1.0"
 edition = "2021"
 rust-version = "1.59"
 description = "Executes programs as sealed anonymous files on Linux"
@@ -12,7 +12,14 @@ exclude = [".github", ".gitignore"]
 
 [dependencies]
 libc = "0.2.153"
-log = "0.4.4"
+log = { version = "0.4.4", optional = true }
+
+[features]
+default = ["log"]
+
+[lints.rust.unexpected_cfgs]
+level = "warn"
+check-cfg = ["cfg(coverage_nightly)"]
 
 [package.metadata.docs.rs]
 # https://docs.rs/about/metadata

README.md

@@ -1,6 +1,6 @@
 # pentacle
 
-pentacle is a library for executing programs as sealed anonymous files on Linux, using `memfd_create(2)`.
+pentacle is a library for executing programs as sealed anonymous files on Linux, using `memfd_create(2)`. It also has a lower-level interface for creating and sealing anonymous files with various flags.
 
 This is useful for executing programs that execute untrusted programs with root permissions, or ensuring a cryptographically-verified program is not tampered with after verification but before execution.