From 91ef7a34317e65559fc77f341ba667095457ae09 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 17:38:37 +0100 Subject: [PATCH 01/11] feat: Added copilot-instructions.md --- .github/copilot-instructions.md | 123 +++++++++++++++++++++++++++++ .github/workflows/code-quality.yml | 102 ++++++++++++++++++++++++ 2 files changed, 225 insertions(+) create mode 100644 .github/copilot-instructions.md create mode 100644 .github/workflows/code-quality.yml diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md new file mode 100644 index 000000000..62a8331e1 --- /dev/null +++ b/.github/copilot-instructions.md @@ -0,0 +1,123 @@ +# GitHub Copilot Instructions for Rust Development + +## Code Quality and Style Guidelines + +### Variable Naming and Declaration +- **No abbreviations**: Use descriptive, full names for variables (e.g., `user_account` not `usr_acc`) +- **Lazy declaration**: Only define variables when you need them, not at the beginning of functions +- **Meaningful names**: Variable names should clearly describe their purpose and content +- **Snake_case**: Use snake_case for variables, functions, and modules +- **PascalCase**: Use PascalCase for types, structs, enums, and traits + +### Logging and Output Best Practices +- **Inline variables in macros**: Always inline variables within `info!`, `debug!`, `warn!`, `error!`, and `println!` macros + ```rust + // ✅ Good + info!("Processing user {user_id} with status {status}"); + + // ❌ Bad + info!("Processing user {} with status {}", user_id, status); + ``` +- **Use structured logging**: Include context and relevant data in log messages +- **Appropriate log levels**: Use the correct log level for different types of messages + +### Error Handling +- **Prefer `Result`**: Use Result types for error handling instead of panicking +- **Use `anyhow`** for all errors. +- **Propagate errors**: Use `?` operator to propagate errors up the call stack +- **Meaningful error messages**: Provide context about what operation failed and why +- **Avoid unwrap()**: Only use `unwrap()` when you can prove the operation cannot fail + +### Memory Management and Performance +- **Prefer borrowing**: Use references (`&T`) instead of owned values when possible +- **Avoid unnecessary clones**: Only clone when ownership transfer is required +- **Use `Cow`** when you might need either borrowed or owned strings +- **Prefer iterators**: Use iterator chains over manual loops when appropriate +- **Avoid premature optimization**: Write clear code first, optimize when needed + +### Type Safety and Design +- **Strong typing**: Use newtype patterns for domain-specific types +- **Prefer enums**: Use enums with variants instead of boolean flags or magic numbers +- **Implement standard traits**: Derive or implement `Debug`, `Clone`, `PartialEq` as appropriate +- **Use type-level constants**: Prefer `const` over hardcoded values +- **Validate at boundaries**: Validate input at API boundaries, trust internal data + +### Function and Module Design +- **Small functions**: Keep functions focused on a single responsibility +- **Pure functions**: Prefer functions without side effects when possible +- **Clear signatures**: Function signatures should be self-documenting +- **Module organization**: Group related functionality in modules +- **Public API**: Minimize public surface area, prefer private by default + +### Testing +- **Unit tests**: Write tests for individual functions and methods +- **Integration tests**: Test module interactions and public APIs +- **Property-based testing**: Use `proptest` for complex invariants +- **Test naming**: Use descriptive test names that explain the scenario +- **Arrange-Act-Assert**: Structure tests with clear setup, execution, and verification + +### Documentation +- **Doc comments**: Use `///` for public APIs with examples +- **Module docs**: Document module purpose and usage patterns +- **Examples**: Include code examples in documentation +- **README**: Keep README up-to-date with build and usage instructions + +### Async Programming +- **Use `tokio`**: Prefer tokio ecosystem for async runtime and utilities +- **Avoid blocking**: Never use blocking operations in async contexts +- **Structured concurrency**: Use `tokio::select!` and `join!` for concurrent operations +- **Timeout operations**: Add timeouts to network and I/O operations + +### Dependencies and Cargo +- **Minimal dependencies**: Only add dependencies you actually need +- **Version pinning**: Use specific versions for production applications +- **Feature flags**: Use cargo features to make dependencies optional +- **Workspace organization**: Use cargo workspaces for multi-crate projects + +### Security Best Practices +- **Input validation**: Validate all external input +- **Secure defaults**: Choose secure defaults for configuration +- **Avoid `unsafe`**: Only use unsafe code when absolutely necessary with proper documentation +- **Dependency auditing**: Regularly audit dependencies for security vulnerabilities +- **Secret management**: Never hardcode secrets, use environment variables or secret management + +### Code Organization Patterns +- **Builder pattern**: Use for complex object construction +- **RAII**: Leverage Rust's ownership system for resource management +- **Composition over inheritance**: Prefer composition and traits over complex hierarchies +- **Hexagonal architecture**: Separate business logic from external dependencies + +### Specific Project Guidelines +- **Post-quantum cryptography**: Always use quantum-resistant algorithms +- **Keystore security**: Validate hex strings and cryptographic parameters +- **Account management**: Use type-safe enums for message types and crypto functions +- **Error context**: Provide meaningful context in error messages for debugging +- **Configuration**: Use strongly-typed configuration with validation + +## Code Review Checklist +- [ ] Variable names are descriptive and use snake_case +- [ ] No unnecessary variable declarations +- [ ] Error handling uses Result types appropriately +- [ ] Log messages use inline variable syntax +- [ ] Functions are focused and well-named +- [ ] Tests cover the happy path and error cases +- [ ] Documentation is clear and includes examples +- [ ] No hardcoded values or magic numbers +- [ ] Memory usage is efficient (minimal cloning) +- [ ] Security considerations are addressed + +## Performance Considerations +- **Profile before optimizing**: Use `cargo flamegraph` or similar tools +- **Benchmark critical paths**: Use `criterion` for performance testing +- **Memory profiling**: Monitor memory usage in long-running applications +- **Compile-time optimization**: Use const evaluation where possible +- **Zero-cost abstractions**: Leverage Rust's zero-cost abstractions + +## Tooling Integration +- **Clippy**: Always run `cargo clippy` and address warnings +- **Rustfmt**: Use `cargo fmt` for consistent code formatting +- **Rust analyzer**: Configure IDE with rust-analyzer for better development experience +- **Pre-commit hooks**: Set up hooks for formatting and linting +- **CI/CD**: Automate testing, linting, and security audits + +Remember: Write code that is readable, maintainable, and follows Rust idioms. When in doubt, favor explicitness over cleverness. diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml new file mode 100644 index 000000000..aaa61be28 --- /dev/null +++ b/.github/workflows/code-quality.yml @@ -0,0 +1,102 @@ +name: Code Quality Checks + +on: + push: + branches: [ main, develop ] + pull_request: + branches: [ main, develop ] + +env: + CARGO_TERM_COLOR: always + +jobs: + code-quality: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Install Rust toolchain + uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt, clippy + + - name: Cache cargo registry + uses: actions/cache@v3 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + target + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + + - name: Check formatting + run: cargo fmt --all -- --check + + - name: Run Clippy (enforce warnings as errors) + run: cargo clippy --all-targets --all-features -- -D warnings + + - name: Run tests + run: cargo test --all-features --verbose + + - name: Check for hardcoded values + run: | + echo "Checking for hardcoded magic numbers..." + if grep -r --include="*.rs" -E '\b[0-9]{3,}\b' src/ && ! grep -r --include="*.rs" 'const.*=' src/; then + echo "❌ Found potential magic numbers. Use constants instead." + exit 1 + fi + echo "✅ No hardcoded values found" + + - name: Check variable naming conventions + run: | + echo "Checking for abbreviations in variable names..." + if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' src/ | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then + echo "❌ Found potential abbreviations in variable names" + exit 1 + fi + echo "✅ Variable naming looks good" + + - name: Check for inline variables in macros + run: | + echo "Checking for proper variable inlining in log macros..." + if grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' src/; then + echo "❌ Found {} placeholders in log macros. Use inline variables instead." + echo "Example: info!(\"User {user_id} status {status}\") instead of info!(\"User {} status {}\", user_id, status)" + exit 1 + fi + echo "✅ Log macro usage looks good" + + - name: Check for unwrap() usage + run: | + echo "Checking for unwrap() usage..." + unwrap_count=$(grep -r --include="*.rs" '\.unwrap()' src/ | wc -l || true) + if [ "$unwrap_count" -gt 5 ]; then + echo "❌ Found $unwrap_count instances of .unwrap(). Consider using proper error handling." + grep -r --include="*.rs" '\.unwrap()' src/ | head -10 + exit 1 + fi + echo "✅ Unwrap usage is reasonable ($unwrap_count instances)" + + security-audit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: dtolnay/rust-toolchain@stable + - name: Install cargo-audit + run: cargo install cargo-audit + - name: Run security audit + run: cargo audit + + performance-check: + runs-on: ubuntu-latest + if: github.event_name == 'pull_request' + steps: + - uses: actions/checkout@v4 + - uses: dtolnay/rust-toolchain@stable + - name: Install cargo-bloat + run: cargo install cargo-bloat + - name: Check binary size + run: | + cargo build --release + cargo bloat --release --crates From c87bb4f19c3bb32309365f2a4992cd68d9c12aff Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 17:47:50 +0100 Subject: [PATCH 02/11] Fix: included master branch --- .github/workflows/code-quality.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index aaa61be28..689748f5c 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -2,9 +2,9 @@ name: Code Quality Checks on: push: - branches: [ main, develop ] + branches: [ main, master, develop ] pull_request: - branches: [ main, develop ] + branches: [ main, master, develop ] env: CARGO_TERM_COLOR: always From fec6bf0a5cb91ad12bf62e3950156aa8b2cee390 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 17:59:24 +0100 Subject: [PATCH 03/11] Fix: enforcing checks on all .rs files --- .github/copilot-instructions.md | 8 +++++ .github/workflows/code-quality.yml | 53 ++++++++++++++++++++++++------ 2 files changed, 51 insertions(+), 10 deletions(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 62a8331e1..926f711e7 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,5 +1,13 @@ # GitHub Copilot Instructions for Rust Development +**Scope**: These guidelines apply to ALL Rust files (*.rs) in this repository, including: +- `src/` - Main source code +- `bin/` - Binary crates +- `crates/` - Workspace crates +- `examples/` - Example code +- `tests/` - Integration tests +- `benches/` - Benchmarks + ## Code Quality and Style Guidelines ### Variable Naming and Declaration diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 689748f5c..953bed66b 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -39,10 +39,17 @@ jobs: - name: Run tests run: cargo test --all-features --verbose + - name: Validate copilot-instructions.md compliance + run: | + echo "🤖 Enforcing GitHub Copilot Instructions across ALL Rust files" + echo "📋 Reference: .github/copilot-instructions.md" + echo "🔍 Scanning: src/, bin/, crates/, examples/, tests/, benches/" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + - name: Check for hardcoded values run: | - echo "Checking for hardcoded magic numbers..." - if grep -r --include="*.rs" -E '\b[0-9]{3,}\b' src/ && ! grep -r --include="*.rs" 'const.*=' src/; then + echo "Checking for hardcoded magic numbers in all Rust files..." + if grep -r --include="*.rs" -E '\b[0-9]{3,}\b' . --exclude-dir=target && ! grep -r --include="*.rs" 'const.*=' . --exclude-dir=target; then echo "❌ Found potential magic numbers. Use constants instead." exit 1 fi @@ -50,33 +57,59 @@ jobs: - name: Check variable naming conventions run: | - echo "Checking for abbreviations in variable names..." - if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' src/ | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then + echo "Checking for abbreviations in variable names across all Rust files..." + if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' . --exclude-dir=target | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then echo "❌ Found potential abbreviations in variable names" + echo "Use full descriptive names as per copilot-instructions.md" exit 1 fi echo "✅ Variable naming looks good" - name: Check for inline variables in macros run: | - echo "Checking for proper variable inlining in log macros..." - if grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' src/; then + echo "Checking for proper variable inlining in log macros across all Rust files..." + if grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' . --exclude-dir=target; then echo "❌ Found {} placeholders in log macros. Use inline variables instead." echo "Example: info!(\"User {user_id} status {status}\") instead of info!(\"User {} status {}\", user_id, status)" + echo "See copilot-instructions.md for logging best practices" exit 1 fi echo "✅ Log macro usage looks good" - name: Check for unwrap() usage run: | - echo "Checking for unwrap() usage..." - unwrap_count=$(grep -r --include="*.rs" '\.unwrap()' src/ | wc -l || true) - if [ "$unwrap_count" -gt 5 ]; then + echo "Checking for unwrap() usage across all Rust files..." + unwrap_count=$(grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | wc -l || true) + if [ "$unwrap_count" -gt 10 ]; then echo "❌ Found $unwrap_count instances of .unwrap(). Consider using proper error handling." - grep -r --include="*.rs" '\.unwrap()' src/ | head -10 + echo "See copilot-instructions.md for error handling best practices" + grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | head -10 exit 1 fi echo "✅ Unwrap usage is reasonable ($unwrap_count instances)" + + - name: Check for lazy variable declaration + run: | + echo "Checking for early variable declarations..." + # Look for functions with multiple let statements at the beginning + if grep -r --include="*.rs" -A 10 'fn.*{' . --exclude-dir=target | grep -E 'let.*=.*;\s*$' | grep -E 'let.*=.*;\s*let.*=.*;\s*let.*=.*;'; then + echo "❌ Found potential early variable declarations. Declare variables when needed." + echo "See copilot-instructions.md for lazy declaration guidelines" + exit 1 + fi + echo "✅ Variable declarations look appropriately lazy" + + - name: Check for TODO/FIXME comments + run: | + echo "Checking for TODO/FIXME comments..." + todo_count=$(grep -r --include="*.rs" -E '(TODO|FIXME|XXX|HACK)' . --exclude-dir=target | wc -l || true) + if [ "$todo_count" -gt 0 ]; then + echo "⚠️ Found $todo_count TODO/FIXME comments:" + grep -r --include="*.rs" -E '(TODO|FIXME|XXX|HACK)' . --exclude-dir=target | head -5 + echo "Consider addressing these before merging" + else + echo "✅ No TODO/FIXME comments found" + fi security-audit: runs-on: ubuntu-latest From 483506ce79d3c61d0601eee2e8ab2c4e9d9004c7 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 18:05:14 +0100 Subject: [PATCH 04/11] Fix: amended copilot-instructions --- .github/copilot-instructions.md | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 926f711e7..6b0a2fd09 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -11,7 +11,6 @@ ## Code Quality and Style Guidelines ### Variable Naming and Declaration -- **No abbreviations**: Use descriptive, full names for variables (e.g., `user_account` not `usr_acc`) - **Lazy declaration**: Only define variables when you need them, not at the beginning of functions - **Meaningful names**: Variable names should clearly describe their purpose and content - **Snake_case**: Use snake_case for variables, functions, and modules From 6e18dd1c8e136a6fe6550e44e923cd6ef049eff9 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 18:06:30 +0100 Subject: [PATCH 05/11] Fix: removed precommit-check hook --- .github/copilot-instructions.md | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 6b0a2fd09..3d2e52d0b 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -124,7 +124,6 @@ - **Clippy**: Always run `cargo clippy` and address warnings - **Rustfmt**: Use `cargo fmt` for consistent code formatting - **Rust analyzer**: Configure IDE with rust-analyzer for better development experience -- **Pre-commit hooks**: Set up hooks for formatting and linting - **CI/CD**: Automate testing, linting, and security audits Remember: Write code that is readable, maintainable, and follows Rust idioms. When in doubt, favor explicitness over cleverness. From 7a7a1b3217003496fd2109834fcd6504ebf1d617 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 19:31:13 +0100 Subject: [PATCH 06/11] Fix: removed duplicate jobs in the workflow --- .github/workflows/code-quality.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 953bed66b..59fb4a12d 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -29,15 +29,6 @@ jobs: ~/.cargo/git target key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - - name: Check formatting - run: cargo fmt --all -- --check - - - name: Run Clippy (enforce warnings as errors) - run: cargo clippy --all-targets --all-features -- -D warnings - - - name: Run tests - run: cargo test --all-features --verbose - name: Validate copilot-instructions.md compliance run: | From 6ab52ed127d7a50763e960787881070a0d0191dc Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 19:32:12 +0100 Subject: [PATCH 07/11] Fix: removed redundant task --- .github/workflows/code-quality.yml | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 59fb4a12d..0a4398cbd 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -45,17 +45,7 @@ jobs: exit 1 fi echo "✅ No hardcoded values found" - - - name: Check variable naming conventions - run: | - echo "Checking for abbreviations in variable names across all Rust files..." - if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' . --exclude-dir=target | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then - echo "❌ Found potential abbreviations in variable names" - echo "Use full descriptive names as per copilot-instructions.md" - exit 1 - fi - echo "✅ Variable naming looks good" - + - name: Check for inline variables in macros run: | echo "Checking for proper variable inlining in log macros across all Rust files..." From 4b357ce38c5d459c8209f47f313ee30a5ed5570b Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 20:32:53 +0100 Subject: [PATCH 08/11] Fix: added additional filters to code-quality.yml --- .github/workflows/code-quality.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 0a4398cbd..35d4b2c18 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -49,9 +49,13 @@ jobs: - name: Check for inline variables in macros run: | echo "Checking for proper variable inlining in log macros across all Rust files..." - if grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' . --exclude-dir=target; then + violations=$(grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' . --exclude-dir=target | \ + grep -v -E '\w+\.\w+\(\)' || true) + if [ -n "$violations" ]; then echo "❌ Found {} placeholders in log macros. Use inline variables instead." + echo "$violations" echo "Example: info!(\"User {user_id} status {status}\") instead of info!(\"User {} status {}\", user_id, status)" + echo "Note: Function calls like variable.method() are allowed as exceptions" echo "See copilot-instructions.md for logging best practices" exit 1 fi From 27f81ad009fdbe5f7c2c4e628e1d718859de9b74 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 20:56:29 +0100 Subject: [PATCH 09/11] fix: run all tasks before erroring out --- .github/workflows/code-quality.yml | 85 +++++++++++++++++++++++++----- 1 file changed, 72 insertions(+), 13 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 35d4b2c18..2a83959a5 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -37,18 +37,63 @@ jobs: echo "🔍 Scanning: src/, bin/, crates/, examples/, tests/, benches/" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + - name: Initialize failure tracking + run: echo "FAILED_CHECKS=" >> $GITHUB_ENV + + - name: Check formatting + run: | + echo "1️⃣ Checking code formatting..." + if ! cargo fmt --all -- --check; then + echo "❌ Code formatting check failed" + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} formatting" >> $GITHUB_ENV + else + echo "✅ Code formatting looks good" + fi + + - name: Run Clippy + run: | + echo "2️⃣ Running Clippy linter..." + if ! cargo clippy --all-targets --all-features -- -D warnings; then + echo "❌ Clippy check failed" + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} clippy" >> $GITHUB_ENV + else + echo "✅ Clippy check passed" + fi + + - name: Run tests + run: | + echo "3️⃣ Running tests..." + if ! cargo test --all-features --verbose; then + echo "❌ Tests failed" + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} tests" >> $GITHUB_ENV + else + echo "✅ All tests passed" + fi + - name: Check for hardcoded values run: | - echo "Checking for hardcoded magic numbers in all Rust files..." + echo "4️⃣ Checking for hardcoded magic numbers..." if grep -r --include="*.rs" -E '\b[0-9]{3,}\b' . --exclude-dir=target && ! grep -r --include="*.rs" 'const.*=' . --exclude-dir=target; then echo "❌ Found potential magic numbers. Use constants instead." - exit 1 + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} hardcoded-values" >> $GITHUB_ENV + else + echo "✅ No hardcoded values found" + fi + + - name: Check variable naming conventions + run: | + echo "5️⃣ Checking variable naming conventions..." + if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' . --exclude-dir=target | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then + echo "❌ Found potential abbreviations in variable names" + echo "Use full descriptive names as per copilot-instructions.md" + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} variable-naming" >> $GITHUB_ENV + else + echo "✅ Variable naming looks good" fi - echo "✅ No hardcoded values found" - name: Check for inline variables in macros run: | - echo "Checking for proper variable inlining in log macros across all Rust files..." + echo "6️⃣ Checking log macro formatting..." violations=$(grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' . --exclude-dir=target | \ grep -v -E '\w+\.\w+\(\)' || true) if [ -n "$violations" ]; then @@ -56,33 +101,35 @@ jobs: echo "$violations" echo "Example: info!(\"User {user_id} status {status}\") instead of info!(\"User {} status {}\", user_id, status)" echo "Note: Function calls like variable.method() are allowed as exceptions" - echo "See copilot-instructions.md for logging best practices" - exit 1 + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} log-macros" >> $GITHUB_ENV + else + echo "✅ Log macro usage looks good" fi - echo "✅ Log macro usage looks good" - name: Check for unwrap() usage run: | - echo "Checking for unwrap() usage across all Rust files..." + echo "7️⃣ Checking unwrap() usage..." unwrap_count=$(grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | wc -l || true) if [ "$unwrap_count" -gt 10 ]; then echo "❌ Found $unwrap_count instances of .unwrap(). Consider using proper error handling." echo "See copilot-instructions.md for error handling best practices" grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | head -10 - exit 1 + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} unwrap-usage" >> $GITHUB_ENV + else + echo "✅ Unwrap usage is reasonable ($unwrap_count instances)" fi - echo "✅ Unwrap usage is reasonable ($unwrap_count instances)" - name: Check for lazy variable declaration run: | - echo "Checking for early variable declarations..." + echo "8️⃣ Checking variable declaration patterns..." # Look for functions with multiple let statements at the beginning if grep -r --include="*.rs" -A 10 'fn.*{' . --exclude-dir=target | grep -E 'let.*=.*;\s*$' | grep -E 'let.*=.*;\s*let.*=.*;\s*let.*=.*;'; then echo "❌ Found potential early variable declarations. Declare variables when needed." echo "See copilot-instructions.md for lazy declaration guidelines" - exit 1 + echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} lazy-declaration" >> $GITHUB_ENV + else + echo "✅ Variable declarations look appropriately lazy" fi - echo "✅ Variable declarations look appropriately lazy" - name: Check for TODO/FIXME comments run: | @@ -95,6 +142,18 @@ jobs: else echo "✅ No TODO/FIXME comments found" fi + + - name: Final validation result + run: | + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + if [ -n "${{ env.FAILED_CHECKS }}" ]; then + echo "❌ Code quality checks FAILED for:${{ env.FAILED_CHECKS }}" + echo "Please fix the issues above and re-run the workflow" + exit 1 + else + echo "✅ All code quality checks PASSED!" + echo "Code follows all guidelines from copilot-instructions.md" + fi security-audit: runs-on: ubuntu-latest From dc8f159319b0c2e112ce1dab3e569f6f986ca1e0 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Wed, 17 Sep 2025 23:41:22 +0100 Subject: [PATCH 10/11] fix: changing rules in code-quality.yml --- .github/workflows/code-quality.yml | 42 +++++------------------------- 1 file changed, 6 insertions(+), 36 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 2a83959a5..d5d3080a8 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -40,39 +40,9 @@ jobs: - name: Initialize failure tracking run: echo "FAILED_CHECKS=" >> $GITHUB_ENV - - name: Check formatting - run: | - echo "1️⃣ Checking code formatting..." - if ! cargo fmt --all -- --check; then - echo "❌ Code formatting check failed" - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} formatting" >> $GITHUB_ENV - else - echo "✅ Code formatting looks good" - fi - - - name: Run Clippy - run: | - echo "2️⃣ Running Clippy linter..." - if ! cargo clippy --all-targets --all-features -- -D warnings; then - echo "❌ Clippy check failed" - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} clippy" >> $GITHUB_ENV - else - echo "✅ Clippy check passed" - fi - - - name: Run tests - run: | - echo "3️⃣ Running tests..." - if ! cargo test --all-features --verbose; then - echo "❌ Tests failed" - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} tests" >> $GITHUB_ENV - else - echo "✅ All tests passed" - fi - - name: Check for hardcoded values run: | - echo "4️⃣ Checking for hardcoded magic numbers..." + echo "1️⃣ Checking for hardcoded magic numbers..." if grep -r --include="*.rs" -E '\b[0-9]{3,}\b' . --exclude-dir=target && ! grep -r --include="*.rs" 'const.*=' . --exclude-dir=target; then echo "❌ Found potential magic numbers. Use constants instead." echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} hardcoded-values" >> $GITHUB_ENV @@ -82,7 +52,7 @@ jobs: - name: Check variable naming conventions run: | - echo "5️⃣ Checking variable naming conventions..." + echo "2️⃣ Checking variable naming conventions..." if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' . --exclude-dir=target | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then echo "❌ Found potential abbreviations in variable names" echo "Use full descriptive names as per copilot-instructions.md" @@ -93,7 +63,7 @@ jobs: - name: Check for inline variables in macros run: | - echo "6️⃣ Checking log macro formatting..." + echo "3️⃣ Checking log macro formatting..." violations=$(grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' . --exclude-dir=target | \ grep -v -E '\w+\.\w+\(\)' || true) if [ -n "$violations" ]; then @@ -108,7 +78,7 @@ jobs: - name: Check for unwrap() usage run: | - echo "7️⃣ Checking unwrap() usage..." + echo "4️⃣ Checking unwrap() usage..." unwrap_count=$(grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | wc -l || true) if [ "$unwrap_count" -gt 10 ]; then echo "❌ Found $unwrap_count instances of .unwrap(). Consider using proper error handling." @@ -121,7 +91,7 @@ jobs: - name: Check for lazy variable declaration run: | - echo "8️⃣ Checking variable declaration patterns..." + echo "5️⃣ Checking variable declaration patterns..." # Look for functions with multiple let statements at the beginning if grep -r --include="*.rs" -A 10 'fn.*{' . --exclude-dir=target | grep -E 'let.*=.*;\s*$' | grep -E 'let.*=.*;\s*let.*=.*;\s*let.*=.*;'; then echo "❌ Found potential early variable declarations. Declare variables when needed." @@ -133,7 +103,7 @@ jobs: - name: Check for TODO/FIXME comments run: | - echo "Checking for TODO/FIXME comments..." + echo "6️⃣ Checking for TODO/FIXME comments..." todo_count=$(grep -r --include="*.rs" -E '(TODO|FIXME|XXX|HACK)' . --exclude-dir=target | wc -l || true) if [ "$todo_count" -gt 0 ]; then echo "⚠️ Found $todo_count TODO/FIXME comments:" From a67520015023cd129829eab11be23244e067dea6 Mon Sep 17 00:00:00 2001 From: ch4r10t33r Date: Thu, 18 Sep 2025 07:28:43 +0100 Subject: [PATCH 11/11] fix: deleted workflow and added new instructions --- .github/copilot-instructions.md | 9 +- .github/workflows/code-quality.yml | 149 ----------------------------- 2 files changed, 4 insertions(+), 154 deletions(-) delete mode 100644 .github/workflows/code-quality.yml diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 3d2e52d0b..68e89b204 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -8,7 +8,7 @@ - `tests/` - Integration tests - `benches/` - Benchmarks -## Code Quality and Style Guidelines +## Ream Code Standards & Expectations ### Variable Naming and Declaration - **Lazy declaration**: Only define variables when you need them, not at the beginning of functions @@ -17,7 +17,7 @@ - **PascalCase**: Use PascalCase for types, structs, enums, and traits ### Logging and Output Best Practices -- **Inline variables in macros**: Always inline variables within `info!`, `debug!`, `warn!`, `error!`, and `println!` macros +- **Inline variables in macros**: Inline variables directly in `info!`, `debug!`, `warn!`, `error!`,`println!` and similar macros wherever possible. ```rust // ✅ Good info!("Processing user {user_id} with status {status}"); @@ -29,8 +29,7 @@ - **Appropriate log levels**: Use the correct log level for different types of messages ### Error Handling -- **Prefer `Result`**: Use Result types for error handling instead of panicking -- **Use `anyhow`** for all errors. +- **Prefer anyhow::Result`**: Prefer using anyhow::Result instead of Result. - **Propagate errors**: Use `?` operator to propagate errors up the call stack - **Meaningful error messages**: Provide context about what operation failed and why - **Avoid unwrap()**: Only use `unwrap()` when you can prove the operation cannot fail @@ -79,7 +78,7 @@ - **Minimal dependencies**: Only add dependencies you actually need - **Version pinning**: Use specific versions for production applications - **Feature flags**: Use cargo features to make dependencies optional -- **Workspace organization**: Use cargo workspaces for multi-crate projects +- **Workspace organization**: Only add a crate dependency to the workspace’s main Cargo.toml if it is required by more than one crate. ### Security Best Practices - **Input validation**: Validate all external input diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml deleted file mode 100644 index d5d3080a8..000000000 --- a/.github/workflows/code-quality.yml +++ /dev/null @@ -1,149 +0,0 @@ -name: Code Quality Checks - -on: - push: - branches: [ main, master, develop ] - pull_request: - branches: [ main, master, develop ] - -env: - CARGO_TERM_COLOR: always - -jobs: - code-quality: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v4 - - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - with: - components: rustfmt, clippy - - - name: Cache cargo registry - uses: actions/cache@v3 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - target - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - - name: Validate copilot-instructions.md compliance - run: | - echo "🤖 Enforcing GitHub Copilot Instructions across ALL Rust files" - echo "📋 Reference: .github/copilot-instructions.md" - echo "🔍 Scanning: src/, bin/, crates/, examples/, tests/, benches/" - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" - - - name: Initialize failure tracking - run: echo "FAILED_CHECKS=" >> $GITHUB_ENV - - - name: Check for hardcoded values - run: | - echo "1️⃣ Checking for hardcoded magic numbers..." - if grep -r --include="*.rs" -E '\b[0-9]{3,}\b' . --exclude-dir=target && ! grep -r --include="*.rs" 'const.*=' . --exclude-dir=target; then - echo "❌ Found potential magic numbers. Use constants instead." - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} hardcoded-values" >> $GITHUB_ENV - else - echo "✅ No hardcoded values found" - fi - - - name: Check variable naming conventions - run: | - echo "2️⃣ Checking variable naming conventions..." - if grep -r --include="*.rs" -E 'let\s+[a-z]*[aeiou]*[bcdfghjklmnpqrstvwxyz]{3,}[aeiou]*[bcdfghjklmnpqrstvwxyz]\s*=' . --exclude-dir=target | grep -E '(usr|addr|cfg|mgr|ctx|impl|proc)'; then - echo "❌ Found potential abbreviations in variable names" - echo "Use full descriptive names as per copilot-instructions.md" - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} variable-naming" >> $GITHUB_ENV - else - echo "✅ Variable naming looks good" - fi - - - name: Check for inline variables in macros - run: | - echo "3️⃣ Checking log macro formatting..." - violations=$(grep -r --include="*.rs" -E '(info!|debug!|warn!|error!|println!)\s*\([^)]*\{\}' . --exclude-dir=target | \ - grep -v -E '\w+\.\w+\(\)' || true) - if [ -n "$violations" ]; then - echo "❌ Found {} placeholders in log macros. Use inline variables instead." - echo "$violations" - echo "Example: info!(\"User {user_id} status {status}\") instead of info!(\"User {} status {}\", user_id, status)" - echo "Note: Function calls like variable.method() are allowed as exceptions" - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} log-macros" >> $GITHUB_ENV - else - echo "✅ Log macro usage looks good" - fi - - - name: Check for unwrap() usage - run: | - echo "4️⃣ Checking unwrap() usage..." - unwrap_count=$(grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | wc -l || true) - if [ "$unwrap_count" -gt 10 ]; then - echo "❌ Found $unwrap_count instances of .unwrap(). Consider using proper error handling." - echo "See copilot-instructions.md for error handling best practices" - grep -r --include="*.rs" '\.unwrap()' . --exclude-dir=target | head -10 - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} unwrap-usage" >> $GITHUB_ENV - else - echo "✅ Unwrap usage is reasonable ($unwrap_count instances)" - fi - - - name: Check for lazy variable declaration - run: | - echo "5️⃣ Checking variable declaration patterns..." - # Look for functions with multiple let statements at the beginning - if grep -r --include="*.rs" -A 10 'fn.*{' . --exclude-dir=target | grep -E 'let.*=.*;\s*$' | grep -E 'let.*=.*;\s*let.*=.*;\s*let.*=.*;'; then - echo "❌ Found potential early variable declarations. Declare variables when needed." - echo "See copilot-instructions.md for lazy declaration guidelines" - echo "FAILED_CHECKS=${{ env.FAILED_CHECKS }} lazy-declaration" >> $GITHUB_ENV - else - echo "✅ Variable declarations look appropriately lazy" - fi - - - name: Check for TODO/FIXME comments - run: | - echo "6️⃣ Checking for TODO/FIXME comments..." - todo_count=$(grep -r --include="*.rs" -E '(TODO|FIXME|XXX|HACK)' . --exclude-dir=target | wc -l || true) - if [ "$todo_count" -gt 0 ]; then - echo "⚠️ Found $todo_count TODO/FIXME comments:" - grep -r --include="*.rs" -E '(TODO|FIXME|XXX|HACK)' . --exclude-dir=target | head -5 - echo "Consider addressing these before merging" - else - echo "✅ No TODO/FIXME comments found" - fi - - - name: Final validation result - run: | - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" - if [ -n "${{ env.FAILED_CHECKS }}" ]; then - echo "❌ Code quality checks FAILED for:${{ env.FAILED_CHECKS }}" - echo "Please fix the issues above and re-run the workflow" - exit 1 - else - echo "✅ All code quality checks PASSED!" - echo "Code follows all guidelines from copilot-instructions.md" - fi - - security-audit: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: dtolnay/rust-toolchain@stable - - name: Install cargo-audit - run: cargo install cargo-audit - - name: Run security audit - run: cargo audit - - performance-check: - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - steps: - - uses: actions/checkout@v4 - - uses: dtolnay/rust-toolchain@stable - - name: Install cargo-bloat - run: cargo install cargo-bloat - - name: Check binary size - run: | - cargo build --release - cargo bloat --release --crates