hunch 2.0.2 - Docs.rs

name: CI

on:
  pull_request:
    branches: [main]
  workflow_call:

concurrency:
  group: ci-${{ github.ref }}
  cancel-in-progress: ${{ github.event_name == 'pull_request' }}

permissions:
  contents: read

env:
  CARGO_TERM_COLOR: always
  RUSTFLAGS: -Dwarnings

# Action SHAs are pinned (with version comments) and Dependabot-managed for
# supply-chain hygiene. Don't replace with floating tags.

jobs:
  fmt:
    name: Format
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6
      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8  # stable
        with:
          components: rustfmt
      - run: cargo fmt --check

  clippy:
    name: Clippy
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6
      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8  # stable
        with:
          components: clippy
      - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32  # v2
      - run: cargo clippy --all-targets -- -D warnings

  test:
    name: Test
    # Cross-OS test matrix catches platform-conditional behavior:
    # cfg(unix) symlink tests in tests/cli_walk_dir_safety.rs only run on
    # Linux/macOS; Windows path-separator + line-ending differences
    # surface here. `cargo test` already implies `cargo check`, so a
    # separate check job would be pure waste.
    strategy:
      fail-fast: false
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6
      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8  # stable
      - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32  # v2
      - run: cargo test

  doc:
    name: Docs
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6
      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8  # stable
      - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32  # v2
      - run: cargo doc --no-deps
        env:
          RUSTDOCFLAGS: -Dwarnings

  audit:
    name: Security Audit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6
      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8  # stable
      - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32  # v2
      # Prebuilt binary in seconds vs ~3 min for `cargo install`.
      - uses: taiki-e/install-action@cca35edeb1d01366c2843b68fc3ca441446d73d3  # v2
        with:
          tool: cargo-audit
      # Fails on RUSTSEC vulnerabilities; tolerates dev-dep yanks.
      - run: cargo audit

  semver:
    name: Semver Checks
    # Required (post-2.0.0): SemVer-incompatible changes vs the latest
    # crates.io release MUST be paired with a matching version bump in
    # the same PR. cargo-semver-checks compares the PR's public API
    # against the published baseline; a major-version bump in Cargo.toml
    # makes a breaking change pass the check.
    #
    # If you genuinely need to break the public API:
    #   1. Make the breaking change
    #   2. Bump Cargo.toml version (major: 2.x.y → 3.0.0)
    #   3. Add a CHANGELOG entry under [Unreleased] describing the break
    #
    # Until v1.0 this job ran with continue-on-error: true and breaking
    # changes accumulated for batch release. That escape hatch is gone
    # now that downstream consumers depend on stable API contracts.
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6
      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8  # stable
      - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32  # v2
      - uses: obi1kenobi/cargo-semver-checks-action@6b69fcf40e9b5fb17adeb57e4b6ecd020649a239  # v2.9