matrix256 1.0.2

Rust reference implementation of matrix256v1 — a SHA-256 fingerprint over the (path, size) records of a rooted filesystem tree.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

name: release

on:
  push:
    tags: ['v*']

jobs:
  publish:
    name: Publish to crates.io
    runs-on: ubuntu-latest
    environment: crates-io
    permissions:
      id-token: write
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - uses: dtolnay/rust-toolchain@stable

      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1

      - name: Verify Cargo.toml version matches tag
        run: |
          tag="${GITHUB_REF_NAME#v}"
          cargover=$(cargo metadata --format-version=1 --no-deps | jq -r '.packages[0].version')
          if [ "$tag" != "$cargover" ]; then
            echo "::error::tag $GITHUB_REF_NAME (parsed as $tag) does not match Cargo.toml version $cargover"
            exit 1
          fi

      # Tests are not run here. The conformance suite runs on every push
      # to main via conformance.yml; by the time a tag exists, that gate
      # has already passed. cargo publish --dry-run below catches any
      # packaging-time regressions.

      - name: Authenticate to crates.io via OIDC
        id: auth
        uses: rust-lang/crates-io-auth-action@bbd81622f20ce9e2dd9622e3218b975523e45bbe # v1.0.4

      - name: Dry-run publish
        run: cargo publish --dry-run --locked
        env:
          CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}

      - name: Publish to crates.io
        run: cargo publish --locked
        env:
          CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}