mirror of
https://github.com/openai/codex.git
synced 2026-04-28 00:25:56 +00:00
9a8730f31e
## Why Bazel clippy now catches lints that `cargo clippy` can still miss when a crate under `codex-rs` forgets to opt into workspace lints. The concrete example here was `codex-rs/app-server/tests/common/Cargo.toml`: Bazel flagged a clippy violation in `models_cache.rs`, but Cargo did not because that crate inherited workspace package metadata without declaring `[lints] workspace = true`. We already mirror the workspace clippy deny list into Bazel after [#15955](https://github.com/openai/codex/pull/15955), so we also need a repo-side check that keeps every `codex-rs` manifest opted into the same workspace settings. ## What changed - add `.github/scripts/verify_cargo_workspace_manifests.py`, which parses every `codex-rs/**/Cargo.toml` with `tomllib` and verifies: - `version.workspace = true` - `edition.workspace = true` - `license.workspace = true` - `[lints] workspace = true` - top-level crate names follow the `codex-*` / `codex-utils-*` conventions, with explicit exceptions for `windows-sandbox-rs` and `utils/path-utils` - run that script in `.github/workflows/ci.yml` - update the current outlier manifests so the check is enforceable immediately - fix the newly exposed clippy violations in the affected crates (`app-server/tests/common`, `file-search`, `feedback`, `shell-escalation`, and `debug-client`) --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/16353). * #16351 * __->__ #16353
70 lines
2.4 KiB
YAML
70 lines
2.4 KiB
YAML
name: ci
|
|
|
|
on:
|
|
pull_request: {}
|
|
push: { branches: [main] }
|
|
|
|
jobs:
|
|
build-test:
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
env:
|
|
NODE_OPTIONS: --max-old-space-size=4096
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
|
|
|
- name: Verify codex-rs Cargo manifests inherit workspace settings
|
|
run: python3 .github/scripts/verify_cargo_workspace_manifests.py
|
|
|
|
- name: Setup pnpm
|
|
uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5
|
|
with:
|
|
run_install: false
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
|
|
with:
|
|
node-version: 22
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
# stage_npm_packages.py requires DotSlash when staging releases.
|
|
- uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
|
|
|
|
- name: Stage npm package
|
|
id: stage_npm_package
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
run: |
|
|
set -euo pipefail
|
|
# Use a rust-release version that includes all native binaries.
|
|
CODEX_VERSION=0.115.0
|
|
OUTPUT_DIR="${RUNNER_TEMP}"
|
|
python3 ./scripts/stage_npm_packages.py \
|
|
--release-version "$CODEX_VERSION" \
|
|
--package codex \
|
|
--output-dir "$OUTPUT_DIR"
|
|
PACK_OUTPUT="${OUTPUT_DIR}/codex-npm-${CODEX_VERSION}.tgz"
|
|
echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Upload staged npm package artifact
|
|
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
|
|
with:
|
|
name: codex-npm-staging
|
|
path: ${{ steps.stage_npm_package.outputs.pack_output }}
|
|
|
|
- name: Ensure root README.md contains only ASCII and certain Unicode code points
|
|
run: ./scripts/asciicheck.py README.md
|
|
- name: Check root README ToC
|
|
run: python3 scripts/readme_toc.py README.md
|
|
|
|
- name: Ensure codex-cli/README.md contains only ASCII and certain Unicode code points
|
|
run: ./scripts/asciicheck.py codex-cli/README.md
|
|
- name: Check codex-cli/README ToC
|
|
run: python3 scripts/readme_toc.py codex-cli/README.md
|
|
|
|
- name: Prettier (run `pnpm run format:fix` to fix)
|
|
run: pnpm run format
|