reasonkit · Lenvanderhof · Jan 18, 2026 · Jan 18, 2026 · Jan 18, 2026 · Jan 18, 2026
@@ -22,6 +22,10 @@ env:
   CARGO_INCREMENTAL: 0
   # Override .cargo/config.toml target-cpu=native to prevent SIGILL on different runners
   CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS: ""
+  # PyO3: Enable forward compatibility with newer Python versions on macOS
+  PYO3_USE_ABI3_FORWARD_COMPATIBILITY: "1"
+  # CI-safe features (excludes python, local-embeddings which require system deps)
+  CI_FEATURES: "compression,vdreamteam"
 
 jobs:
   # ===========================================================================
@@ -56,8 +60,8 @@ jobs:
       - name: Build
         run: cargo build --release
 
-      - name: Build (all features)
-        run: cargo build --release --all-features
+      - name: Build (CI features)
+        run: cargo build --release --features "$CI_FEATURES"
 
   # ===========================================================================
   # GATE 2: Lint with Clippy
@@ -85,7 +89,7 @@ jobs:
           cache-on-failure: true
 
       - name: Run Clippy
-        run: cargo clippy --all-targets --all-features -- -D warnings
+        run: cargo clippy --all-targets --features "$CI_FEATURES" -- -D warnings
 
   # ===========================================================================
   # GATE 3: Format Check
@@ -136,7 +140,7 @@ jobs:
           cache-on-failure: true
 
       - name: Run tests
-        run: cargo test --all-features
+        run: cargo test --features "$CI_FEATURES"
 
       - name: Run doc tests
         run: cargo test --doc

@@ -37,21 +37,21 @@ jobs:
         run: |
           # Run audit and capture output
           cargo audit --json > audit.json 2>&1 || true
-          
+
           # Check for critical/high severity vulnerabilities only
           CRITICAL=$(jq '[.vulnerabilities.list[]? | select(.advisory.severity == "critical")] | length' audit.json 2>/dev/null || echo "0")
           HIGH=$(jq '[.vulnerabilities.list[]? | select(.advisory.severity == "high")] | length' audit.json 2>/dev/null || echo "0")
-          
+
           echo "Critical vulnerabilities: $CRITICAL"
           echo "High vulnerabilities: $HIGH"
-          
+
           # Fail only on critical/high (warnings handled by cargo-deny)
           if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ]; then
             echo "❌ Critical or high severity vulnerabilities found"
             cat audit.json | jq '.vulnerabilities.list[]? | select(.advisory.severity == "critical" or .advisory.severity == "high")'
             exit 1
           fi
-          
+
           echo "✅ No critical/high vulnerabilities found"
 
   cargo-deny:

@@ -67,7 +67,6 @@
 **/*.d
 **/*.o
 **/*.rs.bk
-Cargo.lock
 
 # ============================================================
 # DATA DIRECTORIES