update varint and CI

[hayanesuru]

Summary by CodeRabbit

• Chores

  • Bumped package versions to 3.0.0 across the workspace.
  • CI enhanced with formatting checks, linting, and additional runtime/tests.

• Refactor

  • Optimized serialization/encoding and decoding for smaller, faster messages.
  • Reorganized how a custom action payload is represented in configuration packets to streamline handling.
  • Internal macro and helper logic simplified to reduce complexity.

[coderabbitai]

📝 Walkthrough

Walkthrough

Bumps several crate versions to 3.0, adds #[mser(varint)] to protocol enums, moves CustomClickAction from configuration to common, refactors varint encode/decode logic in haya_ser, adjusts haya_ser_macro attribute handling, and enhances CI with Clippy, Miri, and rustfmt checks.

Changes

Cohort / File(s)	Summary
CI/CD Configuration ​.github/workflows/rust.yml	Adds RUSTFLAGS, replaces prior Clippy integration with cargo clippy --verbose --tests, adds Miri (cargo miri setup + cargo miri test) and cargo fmt --all -- --check.
Workspace & Crate Versions Cargo.toml, haya_data/Cargo.toml, haya_ser/Cargo.toml, haya_ser_macro/Cargo.toml	Bumps package/workspace dependency versions from 2.2.x → 3.0.0 and updates three workspace dependency versions to "3.0".
Protocol enum varint attributes haya_protocol/src/lib.rs	Annotated four public enums with #[mser(varint)]: KnownLinkType, ChatVisibility, HumanoidArm, ParticleStatus (affects serialization encoding).
CustomClickAction reorg haya_protocol/src/serverbound.rs, haya_protocol/src/serverbound/common.rs, haya_protocol/src/serverbound/configuration.rs	Removed CustomClickAction from configuration, added CustomClickAction<'a> (with id: Ident<'a> and payload: Option<Tag>) in common, and updated packet field type reference accordingly.
Varint encoding refactor haya_ser/src/varint.rs	Large internal rewrite of V21/V32/V64 Read/Write implementations: replaces stepwise/unsafe logic with iterative/loop-driven decoding and consolidated write paths; public APIs unchanged.
Macro attribute handling haya_ser_macro/src/lib.rs, haya_ser_macro/src/serialize.rs	crate_name now returns (Option<&Attribute>, Path); call sites updated. Removed alternate nested-attribute parsing path in enum serialization logic and removed alloc-related scaffolding.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐇 I nibble bits and hop through change,

varints snug in tidy range,
crates bumped up to version three,
config moved to common, whee!
CI checks hop in after me. ✨

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch play

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

.github/workflows/rust.yml (1)

23-24: 🧹 Nitpick | 🔵 Trivial

Pin actions/checkout to a specific version or SHA for reproducibility and security.

Using @master means the workflow could break or be compromised if the action's master branch changes unexpectedly. Consider pinning to a tagged version like v4 or a specific commit SHA.

♻️ Suggested fix

       - name: Checkout
-        uses: actions/checkout@master
+        uses: actions/checkout@v4
         with:
           submodules: recursive

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/rust.yml around lines 23 - 24, The workflow Checkout step
currently uses actions/checkout@master which is not pinned; update the uses
field in the "Checkout" step to reference a fixed tagged version or commit SHA
(for example actions/checkout@v4 or a specific commit SHA) to ensure
reproducible and secure CI runs—locate the "Checkout" step and replace
actions/checkout@master with the chosen tag or SHA.

haya_ser_macro/src/lib.rs (1)

17-32: 🧹 Nitpick | 🔵 Trivial

The returned attribute is redundantly parsed and unused.

The crate_name function returns an Option<&syn::Attribute> that is captured as _attr but never used in the serialize or deserialize functions. Meanwhile, both serialize.rs (lines 67–69) and deserialize.rs (lines 68–71) independently iterate through and parse the mser attributes from input.attrs to check for the varint flag. This means the attribute found and returned by crate_name is discarded, and the modules re-parse the attributes from scratch. Either use the returned attribute to avoid redundant parsing, or remove the return value if it's not needed.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@haya_ser_macro/src/lib.rs` around lines 17 - 32, crate_name currently returns
an Option<&syn::Attribute> that is found but never used downstream (captured as
_attr), causing serialize.rs and deserialize.rs to re-scan input.attrs for the
same `mser` attribute; fix by either (A) using the returned
Option<&syn::Attribute> from crate_name in serialize and deserialize so they
parse the found attribute once (pass the attribute through the calls to the
functions that check for the `varint` flag), or (B) simplify crate_name to only
return the syn::Path (remove the Option<&syn::Attribute> from its signature and
callers) and let serialize.rs/deserialize.rs own attribute parsing—update
function signatures and all call sites accordingly (look for crate_name,
serialize.rs, deserialize.rs, and the _attr variable).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@haya_ser/src/varint.rs`:
- Around line 225-262: The empty if branch around the 4-byte case makes the
logic hard to follow; refactor the block that writes continuation bytes in the
function handling varint (the section using n, w.write and w.write_byte) so the
4-byte case is explicit instead of an empty branch: detect the 4-byte range (n &
0xFFFFFFFFF0000000 == 0) and handle it in its own branch that writes the
four-byte sequence, otherwise emit the initial three bytes with 0x80 and then
fall through to the existing branches that append bytes using (n >> 28), (n >>
35), etc.; keep references to w.write and w.write_byte and preserve all existing
bit checks but remove the empty if to improve readability.
- Around line 309-311: The unsafe cast-and-dereference of
buf.as_ptr().cast::<[u8; 8]>() before calling u64::from_le_bytes assumes the
8-byte alignment of buf and may UB on strict-alignment platforms; instead copy
the eight bytes into a local [u8; 8] (or use ptr::read_unaligned) and then call
u64::from_le_bytes on that array, and replace buf = unsafe {
buf.get_unchecked(8..) } with a safe slice advance (e.g., buf = &buf[8..]) or
otherwise documented safe pointer advance; update the code paths involving
u64::from_le_bytes, the cast buf.as_ptr().cast::<[u8; 8]>() and
buf.get_unchecked(8..) accordingly.
- Around line 21-51: The V21::read implementation fails to mask the third byte
before shifting, allowing the high bit of the third byte to overflow the 21-bit
range; in function V21::read (variables a and p) change the third-byte
accumulation from p |= (a as u32) << 14 to p |= ((a & 0x7F) as u32) << 14 so the
third byte is masked like the first two, leaving the rest of the control flow
(cold_path(), Error handling) untouched.

---

Outside diff comments:
In @.github/workflows/rust.yml:
- Around line 23-24: The workflow Checkout step currently uses
actions/checkout@master which is not pinned; update the uses field in the
"Checkout" step to reference a fixed tagged version or commit SHA (for example
actions/checkout@v4 or a specific commit SHA) to ensure reproducible and secure
CI runs—locate the "Checkout" step and replace actions/checkout@master with the
chosen tag or SHA.

In `@haya_ser_macro/src/lib.rs`:
- Around line 17-32: crate_name currently returns an Option<&syn::Attribute>
that is found but never used downstream (captured as _attr), causing
serialize.rs and deserialize.rs to re-scan input.attrs for the same `mser`
attribute; fix by either (A) using the returned Option<&syn::Attribute> from
crate_name in serialize and deserialize so they parse the found attribute once
(pass the attribute through the calls to the functions that check for the
`varint` flag), or (B) simplify crate_name to only return the syn::Path (remove
the Option<&syn::Attribute> from its signature and callers) and let
serialize.rs/deserialize.rs own attribute parsing—update function signatures and
all call sites accordingly (look for crate_name, serialize.rs, deserialize.rs,
and the _attr variable).

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/rust.yml (1)

23-24: ⚠️ Potential issue | 🟠 Major

Pin GitHub Actions to immutable refs to reduce supply chain risk.

Using @master can introduce unreviewed changes into CI. Pin both actions/checkout (line 24) and crate-ci/typos (line 41) to a specific commit SHA (preferred) or a stable version tag, not to branch heads or @latest.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/rust.yml around lines 23 - 24, Replace branch/head refs
for the GitHub Actions usages with immutable refs: change uses:
actions/checkout@master to a specific tag or commit SHA (e.g.,
actions/checkout@v3 or @<commit-sha>) and likewise pin crate-ci/typos (uses:
crate-ci/typos@...) to a stable tag or commit SHA; update both the
actions/checkout and crate-ci/typos entries in the workflow so the workflow
references explicit immutable versions rather than branch names.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In @.github/workflows/rust.yml:
- Around line 23-24: Replace branch/head refs for the GitHub Actions usages with
immutable refs: change uses: actions/checkout@master to a specific tag or commit
SHA (e.g., actions/checkout@v3 or @<commit-sha>) and likewise pin crate-ci/typos
(uses: crate-ci/typos@...) to a stable tag or commit SHA; update both the
actions/checkout and crate-ci/typos entries in the workflow so the workflow
references explicit immutable versions rather than branch names.