chore(deps): bump actions/checkout from 4 to 6 #83
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pinning policy: | |
| # - Third-party actions are pinned to a full commit SHA with a version comment. | |
| # - First-party `actions/*` actions may use a major version tag (per GitHub's | |
| # own guidance), since they are maintained by GitHub. | |
| # Note: this repo ships a `rust-toolchain.toml` pinned to `stable`. To make the | |
| # matrix actually exercise both MSRV and stable we set a directory override | |
| # with `rustup override set` after installing the requested toolchain. | |
| name: test | |
| on: | |
| push: | |
| branches: [main] | |
| paths-ignore: | |
| - "**.md" | |
| - "docs/**" | |
| - "LICENSE" | |
| - ".gitignore" | |
| - ".editorconfig" | |
| pull_request: | |
| branches: [main] | |
| paths-ignore: | |
| - "**.md" | |
| - "docs/**" | |
| - "LICENSE" | |
| - ".gitignore" | |
| - ".editorconfig" | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| permissions: | |
| contents: read | |
| # Required for tokenless Codecov uploads via OIDC. | |
| # Codecov rejects pushes to protected branches without either a CODECOV_TOKEN | |
| # secret or an OIDC ID token. We use OIDC so the workflow stays self-bootstrapping. | |
| id-token: write | |
| jobs: | |
| test: | |
| name: test (${{ matrix.rust }}) | |
| runs-on: ubuntu-24.04-arm | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # MSRV is read from `Cargo.toml` (`rust-version = "1.88"`). Keep in sync. | |
| rust: ["1.88", "stable"] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install Rust toolchain (${{ matrix.rust }}) | |
| # dtolnay/rust-toolchain @ master (pinned to SHA below) | |
| uses: dtolnay/rust-toolchain@3c5f7ea28cd621ae0bf5283f0e981fb97b8a7af9 # master 2026-04 | |
| with: | |
| toolchain: ${{ matrix.rust }} | |
| components: rustfmt, clippy | |
| - name: Override repo toolchain for this directory | |
| run: rustup override set ${{ matrix.rust }} | |
| - name: Print toolchain versions | |
| run: | | |
| rustc --version | |
| cargo --version | |
| cargo fmt --version | |
| cargo clippy --version | |
| - name: Cache cargo registry and target | |
| # Swatinem/rust-cache v2.7.5 | |
| uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 | |
| with: | |
| key: ${{ matrix.rust }} | |
| - name: cargo fmt --check | |
| run: cargo fmt --all -- --check | |
| - name: cargo clippy | |
| run: cargo clippy --all-targets --all-features -- -D warnings | |
| - name: cargo build | |
| run: cargo build --all-targets --all-features | |
| - name: cargo test | |
| run: cargo test --all-targets --all-features | |
| # Coverage is collected from the `stable` matrix entry only — the | |
| # report is the same on every Rust version. cargo-llvm-cov drives | |
| # llvm-cov over the existing test invocation (no separate test run). | |
| # taiki-e/install-action provides prebuilt binaries to avoid a long | |
| # source compile. Non-blocking so a Codecov outage cannot break CI. | |
| - name: Install cargo-llvm-cov | |
| if: matrix.rust == 'stable' | |
| # taiki-e/install-action v2.79.7 | |
| uses: taiki-e/install-action@7a79fe8c3a13344501c80d99cae481c1c9085912 # v2.81.10 | |
| with: | |
| tool: cargo-llvm-cov | |
| - name: cargo llvm-cov (lcov) | |
| if: matrix.rust == 'stable' | |
| run: cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info | |
| - name: Upload coverage to Codecov | |
| if: matrix.rust == 'stable' | |
| # codecov/codecov-action v6.0.1 | |
| uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 | |
| with: | |
| fail_ci_if_error: false | |
| flags: unittests | |
| files: ./lcov.info | |
| # OIDC keeps the upload tokenless on protected branches. Fork PRs can't mint | |
| # an ID token, so skip OIDC for them — the action's tokenless path takes over. | |
| use_oidc: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }} | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Upload test artifacts on failure | |
| if: failure() | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: test-artifacts-${{ matrix.rust }} | |
| path: | | |
| target/debug/deps/*.log | |
| target/nextest/** | |
| target/debug/test-results/** | |
| if-no-files-found: ignore | |
| retention-days: 7 |