la-stack 0.4.2

Fast, stack-allocated linear algebra for fixed dimensions
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

# Advanced Clippy analysis with SARIF output for security integration
# Note: Basic clippy checks are also run in the main CI workflow

name: "Clippy Security Analysis"

on:
  pull_request:
    branches: ["main"]
  schedule:
    - cron: "17 22 * * 0" # Weekly on Sunday
  workflow_dispatch:
  # Run on main branch pushes for security scanning
  push:
    branches: ["main"]

# Security: Define minimal required permissions
permissions:
  contents: read
  security-events: write
  actions: read

jobs:
  clippy-sarif:
    name: Clippy SARIF Analysis
    runs-on: ubuntu-latest
    env:
      CLIPPY_SARIF_VERSION: "0.8.0"
      SARIF_FMT_VERSION: "0.8.0"
    steps:
      - name: Checkout code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

      - name: Install Rust toolchain
        uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1
        with:
          cache: true # toolchain/components are specified in rust-toolchain.toml

      - name: Install clippy-sarif
        uses: taiki-e/cache-cargo-install-action@417450f3c33ee20393705369577571770643d4c7 # v3.0.7
        with:
          tool: clippy-sarif@${{ env.CLIPPY_SARIF_VERSION }}

      - name: Install sarif-fmt
        uses: taiki-e/cache-cargo-install-action@417450f3c33ee20393705369577571770643d4c7 # v3.0.7
        with:
          tool: sarif-fmt@${{ env.SARIF_FMT_VERSION }}

      - name: Run clippy with SARIF output
        run: |
          set -euo pipefail
          cargo clippy \
            --workspace \
            --all-targets \
            --all-features \
            --message-format=json \
            -- -W clippy::pedantic -W clippy::nursery -W clippy::cargo | \
            clippy-sarif | \
            tee rust-clippy-results.sarif | \
            sarif-fmt
        continue-on-error: true

      - name: Upload SARIF results
        if: >-
          always()
          && hashFiles('rust-clippy-results.sarif') != ''
          && (
            github.event_name != 'pull_request'
            || github.event.pull_request.head.repo.full_name == github.repository
          )
        uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
        with:
          sarif_file: rust-clippy-results.sarif
          category: "clippy"
          wait-for-processing: true