4 files changed, 389 insertions, 0 deletions
diff --git a/.github/workflows/cargo-vet-pr-comment.yml b/.github/workflows/cargo-vet-pr-comment.yml
new file mode 100644
index 000000000..dd8ef37a6
--- /dev/null
+++ b/.github/workflows/cargo-vet-pr-comment.yml
@@ -0,0 +1,137 @@
+# This workflow triggers after cargo-vet workflow has run.
+# It adds a comment to the PR with the results of the cargo vet run.
+# It first adds a comment if the cargo vet run fails,
+# and updates the comment if the cargo vet run succeeds after having failed at least once.
+name: Cargo vet PR comment
+on:
+  workflow_run:
+    workflows: [cargo-vet]
+    types:
+      - completed
+permissions:
+  contents: read
+  pull-requests: write
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+jobs:
+  find-pr-comment:
+    # This job runs when the cargo-vet job fails or succeeds
+    # It will download the artifact from the failed job and post a comment on the PR
+    runs-on: ubuntu-latest
+    outputs:
+      comment-id: ${{ steps.get-comment-id.outputs.comment-id }}
+      pr-number: ${{ steps.get-pr-number.outputs.pr_number }}
+    if: github.event.workflow_run.event == 'pull_request'
+    steps:
+      - name: 'Download artifact'
+        uses: actions/download-artifact@v4
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          name: pr
+          path: pr/
+          run-id: ${{ github.event.workflow_run.id }}
+      
+      - name: 'Get PR number'
+        id: get-pr-number
+        run: echo "pr_number=$(cat ./pr/NR)" >> $GITHUB_OUTPUT
+      
+      - name: 'Find existing comment'
+        id: find-comment
+        uses: peter-evans/find-comment@v3
+        with:
+          issue-number: ${{ steps.get-pr-number.outputs.pr_number }}
+          comment-author: 'github-actions[bot]'
+          body-includes: 'comment-tag: [cargo-vet]'
+      - name: 'Get comment ID'
+        id: get-comment-id
+        if: ${{ steps.find-comment.outputs.comment-id != '' }}
+        run: echo "comment-id=${{ steps.find-comment.outputs.comment-id }}" >> $GITHUB_OUTPUT
+  post-comment-failure:
+    # This job runs when the cargo-vet job fails
+    # It will download the artifact from the failed job and post a comment on the PR
+    runs-on: ubuntu-latest
+    needs: find-pr-comment
+    if: github.event.workflow_run.conclusion == 'failure'
+    steps:
+      - name: 'Comment on PR - Failure'
+        uses: peter-evans/create-or-update-comment@v4
+        with:
+          comment-id: ${{ needs.find-pr-comment.outputs.comment-id }}
+          issue-number: ${{ needs.find-pr-comment.outputs.pr-number }}
+          body: |
+            # Cargo Vet Audit Failed
+            `cargo vet` has failed in this PR. Please run `cargo vet --locked` locally to check for new or updated unvetted dependencies.
+            Details about the vetting process can be found in [supply-chain/README.md](../blob/main/supply-chain/README.md)
+                      
+            ## If the unvetted dependencies are not needed
+            Please modify Cargo.toml file to avoid including the dependencies.
+                      
+            ## If the unvetted dependencies are needed
+            Post a new comment with the questionnaire below to the PR to help the auditors vet the dependencies.
+            After the auditors have vetted the dependencies, the PR will need to be rebased to pick up the new audits and pass this check.
+                      
+            ### Copy and paste the questionnaire as a new comment and provide your answers:
+                
+            **1. What crates (with version) need to be audited?**
+                
+            **2. How many of the crates are version updates vs new dependencies?**
+                
+            **3. To confirm none of the already included crates serve your needs, please provide a brief description of the purpose of the new crates.**
+                
+            **4. Any extra notes to the auditors to help with their audits.**
+            
+            <!--
+            This comment is auto-generated by the cargo-vet workflow.
+            Please do not edit it directly.
+            
+            comment-tag: [cargo-vet]
+            -->
+          edit-mode: replace
+      - name: 'Label PR'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.addLabels({
+              issue_number: ${{ needs.find-pr-comment.outputs.pr-number }},
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ['cargo vet']
+            })
+  
+  post-comment-success:
+    # This job runs when the cargo-vet job succeeds
+    # It will update the comment on the PR with a success message
+    runs-on: ubuntu-latest
+    needs: find-pr-comment
+    if: github.event.workflow_run.conclusion == 'success'
+    steps:
+      - name: 'Comment on PR - Success'
+        # Only update the comment if it exists
+        # This is to avoid creating a new comment if the cargo-vet job has never failed before
+        if: ${{ needs.find-pr-comment.outputs.comment-id }}
+        uses: peter-evans/create-or-update-comment@v4
+        with:
+          comment-id: ${{ needs.find-pr-comment.outputs.comment-id }}
+          issue-number: ${{ needs.find-pr-comment.outputs.pr-number }}
+          body: |
+            # Cargo Vet Audit Passed
+            `cargo vet` has passed in this PR. No new unvetted dependencies were found.
+            <!--
+            This comment is auto-generated by the cargo-vet workflow.
+            Please do not edit it directly.
+            
+            comment-tag: [cargo-vet]
+            -->
+          edit-mode: replace
+\ No newline at end of file
diff --git a/.github/workflows/cargo-vet.yml b/.github/workflows/cargo-vet.yml
new file mode 100644
index 000000000..864c138e9
--- /dev/null
+++ b/.github/workflows/cargo-vet.yml
@@ -0,0 +1,53 @@
+# This workflow runs whenever a PR is opened or updated. It runs cargo vet to check for unvetted dependencies in the Cargo.lock file.
+permissions:
+  contents: read
+on:
+  pull_request:
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+name: cargo-vet
+jobs:
+  vet:
+    # cargo-vet checks for unvetted dependencies in the Cargo.lock file
+    # This is to ensure that new dependencies are vetted before they are added to the project
+    name: vet-dependencies
+    runs-on: ubuntu-latest
+    env:
+      CARGO_VET_VERSION: 0.10.1
+    
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+  
+    - uses: actions/cache@v4
+      with:
+        path: ${{ runner.tool_cache }}/cargo-vet
+        key: cargo-vet-bin-${{ env.CARGO_VET_VERSION }}
+  
+    - name: Add the tool cache directory to the search path
+      run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH
+  
+    - name: Ensure that the tool cache is populated with the cargo-vet binary
+      run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet
+  
+    - name: Invoke cargo-vet
+      run: cargo vet --locked
+    
+    - name: Save PR number
+    # PR number is saved as an artifact so it can be used to determine the PR to comment on by the vet-pr-comment workflow
+    # vet-pr-comment workflow is triggered by the workflow_run event so it runs in the context of the base branch and not the PR branch
+      if: ${{ failure() }} || ${{ success() }}
+      run: |
+        mkdir -p ./pr
+        echo ${{ github.event.number }} > ./pr/NR
+    - uses: actions/upload-artifact@v4
+    # Need to upload the artifact in both success and failure cases so comment can be updated in either case
+      if: ${{ failure() }} || ${{ success() }}
+      with:
+        name: pr
+        path: pr/
+        overwrite: true
+\ No newline at end of file
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
new file mode 100644
index 000000000..9bf402d61
--- /dev/null
+++ b/.github/workflows/check.yml
@@ -0,0 +1,169 @@
+# This workflow runs whenever a PR is opened or updated, or a commit is pushed to main. It runs
+# several checks:
+# - commit_list: produces a list of commits to be checked
+# - fmt: checks that the code is formatted according to rustfmt
+# - clippy: checks that the code does not contain any clippy warnings
+# - doc: checks that the code can be documented without errors
+# - hack: check combinations of feature flags
+# - msrv: check that the msrv specified in the crate is correct
+permissions:
+  contents: read
+# This configuration allows maintainers of this repo to create a branch and pull request based on
+# the new branch. Restricting the push trigger to the main branch ensures that the PR only gets
+# built once.
+on:
+  push:
+    branches: [main]
+  pull_request:
+# If new code is pushed to a PR branch, then cancel in progress workflows for that PR. Ensures that
+# we don't waste CI time, and returns results quicker https://github.com/jonhoo/rust-ci-conf/pull/5
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+name: check
+jobs:
+  fmt:
+    runs-on: ubuntu-latest
+    name: stable / fmt
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install stable
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: rustfmt
+      - name: cargo fmt --check
+        run: cargo fmt --check
+  clippy:
+    runs-on: ubuntu-latest
+    name: ${{ matrix.toolchain }} / clippy
+    permissions:
+      contents: read
+      checks: write
+    strategy:
+      fail-fast: false
+      matrix:
+        # Get early warning of new lints which are regularly introduced in beta channels.
+        toolchain: [stable, beta]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install ${{ matrix.toolchain }}
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.toolchain }}
+          components: clippy
+      - name: cargo clippy
+        uses: giraffate/clippy-action@v1
+        with:
+          reporter: 'github-pr-check'
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+  # Enable once we have a released crate
+  # semver:
+  #   runs-on: ubuntu-latest
+  #   name: semver
+  #   strategy:
+  #     fail-fast: false
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #       with:
+  #         submodules: true
+  #     - name: Install stable
+  #       uses: dtolnay/rust-toolchain@stable
+  #       with:
+  #         components: rustfmt
+  #     - name: cargo-semver-checks
+  #       uses: obi1kenobi/cargo-semver-checks-action@v2
+  doc:
+    # run docs generation on nightly rather than stable. This enables features like
+    # https://doc.rust-lang.org/beta/unstable-book/language-features/doc-cfg.html which allows an
+    # API be documented as only available in some specific platforms.
+    runs-on: ubuntu-latest
+    name: nightly / doc
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install nightly
+        uses: dtolnay/rust-toolchain@nightly
+      - name: cargo doc
+        run: cargo doc --no-deps --all-features
+        env:
+          RUSTDOCFLAGS: --cfg docsrs
+  hack:
+    # cargo-hack checks combinations of feature flags to ensure that features are all additive
+    # which is required for feature unification
+    runs-on: ubuntu-latest
+    name: ubuntu / stable / features
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install stable
+        uses: dtolnay/rust-toolchain@stable
+      - name: cargo install cargo-hack
+        uses: taiki-e/install-action@cargo-hack
+      # intentionally no target specifier; see https://github.com/jonhoo/rust-ci-conf/pull/4
+      # --feature-powerset runs for every combination of features
+      - name: cargo hack
+        run: cargo hack --feature-powerset check
+  deny:
+    # cargo-deny checks licenses, advisories, sources, and bans for
+    # our dependencies.
+    runs-on: ubuntu-latest
+    name: ubuntu / stable / deny
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install stable
+        uses: dtolnay/rust-toolchain@stable
+      - name: cargo install cargo-deny
+        uses: EmbarkStudios/cargo-deny-action@v2
+        with:
+          log-level: warn
+          manifest-path: ./Cargo.toml
+          command: check
+          arguments: --all-features
+  test:
+    runs-on: ubuntu-latest
+    name: ubuntu / stable / test
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install stable
+        uses: dtolnay/rust-toolchain@stable
+      - name: cargo install cargo-hack
+        uses: taiki-e/install-action@cargo-hack
+      - name: cargo test
+        run: cargo hack --feature-powerset test
+  msrv:
+    # check that we can build using the minimal rust version that is specified by this crate
+    runs-on: ubuntu-latest
+    # we use a matrix here just because env can't be used in job names
+    # https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability
+    strategy:
+      fail-fast: false
+      matrix:
+        msrv: ["1.85"]
+    name: ubuntu / ${{ matrix.msrv }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install ${{ matrix.msrv }}
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.msrv }}
+      - name: cargo +${{ matrix.msrv }} check
+        run: cargo check
diff --git a/.github/workflows/nostd.yml b/.github/workflows/nostd.yml
new file mode 100644
index 000000000..532235851
--- /dev/null
+++ b/.github/workflows/nostd.yml
@@ -0,0 +1,30 @@
+# This workflow checks whether the library is able to run without the std library (e.g., embedded).
+# This entire file should be removed if this crate does not support no-std. See check.yml for
+# information about how the concurrency cancellation and workflow triggering works
+permissions:
+  contents: read
+on:
+  push:
+    branches: [main]
+  pull_request:
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+name: no-std
+jobs:
+  nostd:
+    runs-on: ubuntu-latest
+    name: ${{ matrix.target }}
+    strategy:
+      matrix:
+        target: [thumbv8m.main-none-eabihf]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install stable
+        uses: dtolnay/rust-toolchain@stable
+      - name: rustup target add ${{ matrix.target }}
+        run: rustup target add ${{ matrix.target }}
+      - name: cargo check
+        run: cargo check --target ${{ matrix.target }}

diff --git a/.github/workflows/cargo-vet-pr-comment.yml b/.github/workflows/cargo-vet-pr-comment.yml new file mode 100644 index 000000000..dd8ef37a6 --- /dev/null +++ b/.github/workflows/cargo-vet-pr-comment.yml
@@ -0,0 +1,137 @@
	1	# This workflow triggers after cargo-vet workflow has run.
	2	# It adds a comment to the PR with the results of the cargo vet run.
	3	# It first adds a comment if the cargo vet run fails,
	4	# and updates the comment if the cargo vet run succeeds after having failed at least once.
	5
	6	name: Cargo vet PR comment
	7
	8	on:
	9	workflow_run:
	10	workflows: [cargo-vet]
	11	types:
	12	- completed
	13
	14	permissions:
	15	contents: read
	16	pull-requests: write
	17
	18	concurrency:
	19	group: ${{ github.workflow }}-${{ github.head_ref \|\| github.run_id }}
	20	cancel-in-progress: true
	21
	22	jobs:
	23
	24	find-pr-comment:
	25	# This job runs when the cargo-vet job fails or succeeds
	26	# It will download the artifact from the failed job and post a comment on the PR
	27	runs-on: ubuntu-latest
	28	outputs:
	29	comment-id: ${{ steps.get-comment-id.outputs.comment-id }}
	30	pr-number: ${{ steps.get-pr-number.outputs.pr_number }}
	31	if: github.event.workflow_run.event == 'pull_request'
	32	steps:
	33	- name: 'Download artifact'
	34	uses: actions/download-artifact@v4
	35	with:
	36	github-token: ${{ secrets.GITHUB_TOKEN }}
	37	name: pr
	38	path: pr/
	39	run-id: ${{ github.event.workflow_run.id }}
	40
	41	- name: 'Get PR number'
	42	id: get-pr-number
	43	run: echo "pr_number=$(cat ./pr/NR)" >> $GITHUB_OUTPUT
	44
	45	- name: 'Find existing comment'
	46	id: find-comment
	47	uses: peter-evans/find-comment@v3
	48	with:
	49	issue-number: ${{ steps.get-pr-number.outputs.pr_number }}
	50	comment-author: 'github-actions[bot]'
	51	body-includes: 'comment-tag: [cargo-vet]'
	52
	53	- name: 'Get comment ID'
	54	id: get-comment-id
	55	if: ${{ steps.find-comment.outputs.comment-id != '' }}
	56	run: echo "comment-id=${{ steps.find-comment.outputs.comment-id }}" >> $GITHUB_OUTPUT
	57
	58	post-comment-failure:
	59	# This job runs when the cargo-vet job fails
	60	# It will download the artifact from the failed job and post a comment on the PR
	61	runs-on: ubuntu-latest
	62	needs: find-pr-comment
	63	if: github.event.workflow_run.conclusion == 'failure'
	64	steps:
	65	- name: 'Comment on PR - Failure'
	66	uses: peter-evans/create-or-update-comment@v4
	67	with:
	68	comment-id: ${{ needs.find-pr-comment.outputs.comment-id }}
	69	issue-number: ${{ needs.find-pr-comment.outputs.pr-number }}
	70	body: \|
	71	# Cargo Vet Audit Failed
	72
	73	`cargo vet` has failed in this PR. Please run `cargo vet --locked` locally to check for new or updated unvetted dependencies.
	74	Details about the vetting process can be found in [supply-chain/README.md](../blob/main/supply-chain/README.md)
	75
	76	## If the unvetted dependencies are not needed
	77	Please modify Cargo.toml file to avoid including the dependencies.
	78
	79	## If the unvetted dependencies are needed
	80	Post a new comment with the questionnaire below to the PR to help the auditors vet the dependencies.
	81	After the auditors have vetted the dependencies, the PR will need to be rebased to pick up the new audits and pass this check.
	82
	83	### Copy and paste the questionnaire as a new comment and provide your answers:
	84
	85	1. What crates (with version) need to be audited?
	86
	87	2. How many of the crates are version updates vs new dependencies?
	88
	89	3. To confirm none of the already included crates serve your needs, please provide a brief description of the purpose of the new crates.
	90
	91	4. Any extra notes to the auditors to help with their audits.
	92
	93	<!--
	94	This comment is auto-generated by the cargo-vet workflow.
	95	Please do not edit it directly.
	96
	97	comment-tag: [cargo-vet]
	98	-->
	99	edit-mode: replace
	100
	101	- name: 'Label PR'
	102	uses: actions/github-script@v7
	103	with:
	104	script: \|
	105	github.rest.issues.addLabels({
	106	issue_number: ${{ needs.find-pr-comment.outputs.pr-number }},
	107	owner: context.repo.owner,
	108	repo: context.repo.repo,
	109	labels: ['cargo vet']
	110	})
	111
	112	post-comment-success:
	113	# This job runs when the cargo-vet job succeeds
	114	# It will update the comment on the PR with a success message
	115	runs-on: ubuntu-latest
	116	needs: find-pr-comment
	117	if: github.event.workflow_run.conclusion == 'success'
	118	steps:
	119	- name: 'Comment on PR - Success'
	120	# Only update the comment if it exists
	121	# This is to avoid creating a new comment if the cargo-vet job has never failed before
	122	if: ${{ needs.find-pr-comment.outputs.comment-id }}
	123	uses: peter-evans/create-or-update-comment@v4
	124	with:
	125	comment-id: ${{ needs.find-pr-comment.outputs.comment-id }}
	126	issue-number: ${{ needs.find-pr-comment.outputs.pr-number }}
	127	body: \|
	128	# Cargo Vet Audit Passed
	129	`cargo vet` has passed in this PR. No new unvetted dependencies were found.
	130
	131	<!--
	132	This comment is auto-generated by the cargo-vet workflow.
	133	Please do not edit it directly.
	134
	135	comment-tag: [cargo-vet]
	136	-->
	137	edit-mode: replace \ No newline at end of file


diff --git a/.github/workflows/cargo-vet.yml b/.github/workflows/cargo-vet.yml new file mode 100644 index 000000000..864c138e9 --- /dev/null +++ b/.github/workflows/cargo-vet.yml
@@ -0,0 +1,53 @@
	1	# This workflow runs whenever a PR is opened or updated. It runs cargo vet to check for unvetted dependencies in the Cargo.lock file.
	2	permissions:
	3	contents: read
	4	on:
	5	pull_request:
	6
	7	concurrency:
	8	group: ${{ github.workflow }}-${{ github.head_ref \|\| github.run_id }}
	9	cancel-in-progress: true
	10
	11	name: cargo-vet
	12	jobs:
	13	vet:
	14	# cargo-vet checks for unvetted dependencies in the Cargo.lock file
	15	# This is to ensure that new dependencies are vetted before they are added to the project
	16	name: vet-dependencies
	17	runs-on: ubuntu-latest
	18	env:
	19	CARGO_VET_VERSION: 0.10.1
	20
	21	steps:
	22	- uses: actions/checkout@v4
	23	with:
	24	submodules: true
	25
	26	- uses: actions/cache@v4
	27	with:
	28	path: ${{ runner.tool_cache }}/cargo-vet
	29	key: cargo-vet-bin-${{ env.CARGO_VET_VERSION }}
	30
	31	- name: Add the tool cache directory to the search path
	32	run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH
	33
	34	- name: Ensure that the tool cache is populated with the cargo-vet binary
	35	run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet
	36
	37	- name: Invoke cargo-vet
	38	run: cargo vet --locked
	39
	40	- name: Save PR number
	41	# PR number is saved as an artifact so it can be used to determine the PR to comment on by the vet-pr-comment workflow
	42	# vet-pr-comment workflow is triggered by the workflow_run event so it runs in the context of the base branch and not the PR branch
	43	if: ${{ failure() }} \|\| ${{ success() }}
	44	run: \|
	45	mkdir -p ./pr
	46	echo ${{ github.event.number }} > ./pr/NR
	47	- uses: actions/upload-artifact@v4
	48	# Need to upload the artifact in both success and failure cases so comment can be updated in either case
	49	if: ${{ failure() }} \|\| ${{ success() }}
	50	with:
	51	name: pr
	52	path: pr/
	53	overwrite: true \ No newline at end of file


diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml new file mode 100644 index 000000000..9bf402d61 --- /dev/null +++ b/.github/workflows/check.yml
@@ -0,0 +1,169 @@
	1	# This workflow runs whenever a PR is opened or updated, or a commit is pushed to main. It runs
	2	# several checks:
	3	# - commit_list: produces a list of commits to be checked
	4	# - fmt: checks that the code is formatted according to rustfmt
	5	# - clippy: checks that the code does not contain any clippy warnings
	6	# - doc: checks that the code can be documented without errors
	7	# - hack: check combinations of feature flags
	8	# - msrv: check that the msrv specified in the crate is correct
	9	permissions:
	10	contents: read
	11	# This configuration allows maintainers of this repo to create a branch and pull request based on
	12	# the new branch. Restricting the push trigger to the main branch ensures that the PR only gets
	13	# built once.
	14	on:
	15	push:
	16	branches: [main]
	17	pull_request:
	18	# If new code is pushed to a PR branch, then cancel in progress workflows for that PR. Ensures that
	19	# we don't waste CI time, and returns results quicker https://github.com/jonhoo/rust-ci-conf/pull/5
	20	concurrency:
	21	group: ${{ github.workflow }}-${{ github.head_ref \|\| github.run_id }}
	22	cancel-in-progress: true
	23	name: check
	24	jobs:
	25	fmt:
	26	runs-on: ubuntu-latest
	27	name: stable / fmt
	28	steps:
	29	- uses: actions/checkout@v4
	30	with:
	31	submodules: true
	32	- name: Install stable
	33	uses: dtolnay/rust-toolchain@stable
	34	with:
	35	components: rustfmt
	36	- name: cargo fmt --check
	37	run: cargo fmt --check
	38
	39	clippy:
	40	runs-on: ubuntu-latest
	41	name: ${{ matrix.toolchain }} / clippy
	42	permissions:
	43	contents: read
	44	checks: write
	45	strategy:
	46	fail-fast: false
	47	matrix:
	48	# Get early warning of new lints which are regularly introduced in beta channels.
	49	toolchain: [stable, beta]
	50	steps:
	51	- uses: actions/checkout@v4
	52	with:
	53	submodules: true
	54	- name: Install ${{ matrix.toolchain }}
	55	uses: dtolnay/rust-toolchain@master
	56	with:
	57	toolchain: ${{ matrix.toolchain }}
	58	components: clippy
	59	- name: cargo clippy
	60	uses: giraffate/clippy-action@v1
	61	with:
	62	reporter: 'github-pr-check'
	63	github_token: ${{ secrets.GITHUB_TOKEN }}
	64
	65	# Enable once we have a released crate
	66	# semver:
	67	# runs-on: ubuntu-latest
	68	# name: semver
	69	# strategy:
	70	# fail-fast: false
	71	# steps:
	72	# - uses: actions/checkout@v4
	73	# with:
	74	# submodules: true
	75	# - name: Install stable
	76	# uses: dtolnay/rust-toolchain@stable
	77	# with:
	78	# components: rustfmt
	79	# - name: cargo-semver-checks
	80	# uses: obi1kenobi/cargo-semver-checks-action@v2
	81
	82	doc:
	83	# run docs generation on nightly rather than stable. This enables features like
	84	# https://doc.rust-lang.org/beta/unstable-book/language-features/doc-cfg.html which allows an
	85	# API be documented as only available in some specific platforms.
	86	runs-on: ubuntu-latest
	87	name: nightly / doc
	88	steps:
	89	- uses: actions/checkout@v4
	90	with:
	91	submodules: true
	92	- name: Install nightly
	93	uses: dtolnay/rust-toolchain@nightly
	94	- name: cargo doc
	95	run: cargo doc --no-deps --all-features
	96	env:
	97	RUSTDOCFLAGS: --cfg docsrs
	98
	99	hack:
	100	# cargo-hack checks combinations of feature flags to ensure that features are all additive
	101	# which is required for feature unification
	102	runs-on: ubuntu-latest
	103	name: ubuntu / stable / features
	104	steps:
	105	- uses: actions/checkout@v4
	106	with:
	107	submodules: true
	108	- name: Install stable
	109	uses: dtolnay/rust-toolchain@stable
	110	- name: cargo install cargo-hack
	111	uses: taiki-e/install-action@cargo-hack
	112	# intentionally no target specifier; see https://github.com/jonhoo/rust-ci-conf/pull/4
	113	# --feature-powerset runs for every combination of features
	114	- name: cargo hack
	115	run: cargo hack --feature-powerset check
	116
	117	deny:
	118	# cargo-deny checks licenses, advisories, sources, and bans for
	119	# our dependencies.
	120	runs-on: ubuntu-latest
	121	name: ubuntu / stable / deny
	122	steps:
	123	- uses: actions/checkout@v4
	124	with:
	125	submodules: true
	126	- name: Install stable
	127	uses: dtolnay/rust-toolchain@stable
	128	- name: cargo install cargo-deny
	129	uses: EmbarkStudios/cargo-deny-action@v2
	130	with:
	131	log-level: warn
	132	manifest-path: ./Cargo.toml
	133	command: check
	134	arguments: --all-features
	135
	136	test:
	137	runs-on: ubuntu-latest
	138	name: ubuntu / stable / test
	139	steps:
	140	- uses: actions/checkout@v4
	141	with:
	142	submodules: true
	143	- name: Install stable
	144	uses: dtolnay/rust-toolchain@stable
	145	- name: cargo install cargo-hack
	146	uses: taiki-e/install-action@cargo-hack
	147	- name: cargo test
	148	run: cargo hack --feature-powerset test
	149
	150	msrv:
	151	# check that we can build using the minimal rust version that is specified by this crate
	152	runs-on: ubuntu-latest
	153	# we use a matrix here just because env can't be used in job names
	154	# https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability
	155	strategy:
	156	fail-fast: false
	157	matrix:
	158	msrv: ["1.85"]
	159	name: ubuntu / ${{ matrix.msrv }}
	160	steps:
	161	- uses: actions/checkout@v4
	162	with:
	163	submodules: true
	164	- name: Install ${{ matrix.msrv }}
	165	uses: dtolnay/rust-toolchain@master
	166	with:
	167	toolchain: ${{ matrix.msrv }}
	168	- name: cargo +${{ matrix.msrv }} check
	169	run: cargo check


diff --git a/.github/workflows/nostd.yml b/.github/workflows/nostd.yml new file mode 100644 index 000000000..532235851 --- /dev/null +++ b/.github/workflows/nostd.yml
@@ -0,0 +1,30 @@
	1	# This workflow checks whether the library is able to run without the std library (e.g., embedded).
	2	# This entire file should be removed if this crate does not support no-std. See check.yml for
	3	# information about how the concurrency cancellation and workflow triggering works
	4	permissions:
	5	contents: read
	6	on:
	7	push:
	8	branches: [main]
	9	pull_request:
	10	concurrency:
	11	group: ${{ github.workflow }}-${{ github.head_ref \|\| github.run_id }}
	12	cancel-in-progress: true
	13	name: no-std
	14	jobs:
	15	nostd:
	16	runs-on: ubuntu-latest
	17	name: ${{ matrix.target }}
	18	strategy:
	19	matrix:
	20	target: [thumbv8m.main-none-eabihf]
	21	steps:
	22	- uses: actions/checkout@v4
	23	with:
	24	submodules: true
	25	- name: Install stable
	26	uses: dtolnay/rust-toolchain@stable
	27	- name: rustup target add ${{ matrix.target }}
	28	run: rustup target add ${{ matrix.target }}
	29	- name: cargo check
	30	run: cargo check --target ${{ matrix.target }}