omni-dev 0.32.0

AI-powered git commit rewriter, PR generator, and MCP server for Jira, Confluence, and Datadog.
Documentation
name: CI

on:
  push:
    branches: [ main ]
    tags: [ 'v*' ]
  pull_request:
    branches: [ main ]

env:
  CARGO_TERM_COLOR: always

jobs:
  test:
    name: Test
    runs-on: ubuntu-latest
    strategy:
      matrix:
        rust:
          - stable
          - beta
          - nightly
        features:
          - ""
          - "mcp"
    steps:
    - uses: actions/checkout@v7
    - uses: dtolnay/rust-toolchain@master
      with:
        toolchain: ${{ matrix.rust }}
        components: rustfmt
    - uses: Swatinem/rust-cache@v2
    - name: Run tests
      run: |
        if [ -z "${{ matrix.features }}" ]; then
          cargo test --verbose
        else
          cargo test --features "${{ matrix.features }}" --verbose
        fi

  mcp-build:
    name: MCP Release Build
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v7
    - uses: dtolnay/rust-toolchain@stable
    - uses: Swatinem/rust-cache@v2
    - name: Build omni-dev-mcp (release)
      run: cargo build --release --features mcp --bin omni-dev-mcp

  windows-build:
    name: Windows Build
    runs-on: windows-latest
    # Mirrors the release.yml win-msvc binary build so platform-portability
    # regressions (e.g. the Unix-only daemon, #1041) are caught on every PR
    # rather than only when a release tag is pushed.
    steps:
    - uses: actions/checkout@v7
    - uses: dtolnay/rust-toolchain@stable
    - uses: Swatinem/rust-cache@v2
    - name: Build binaries (release, mcp)
      run: cargo build --release --features mcp --bin omni-dev --bin omni-dev-mcp

  fmt:
    name: Rustfmt
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v7
    - uses: dtolnay/rust-toolchain@stable
      with:
        components: rustfmt
    - name: Check formatting
      run: cargo fmt --all -- --check

  clippy:
    name: Clippy
    runs-on: ubuntu-latest
    strategy:
      matrix:
        features:
          - ""
          - "mcp"
    steps:
    - uses: actions/checkout@v7
    - uses: dtolnay/rust-toolchain@stable
      with:
        components: clippy
    - uses: Swatinem/rust-cache@v2
    - name: Run clippy
      run: |
        if [ -z "${{ matrix.features }}" ]; then
          cargo clippy --all-targets -- -D warnings
        else
          cargo clippy --all-targets --features "${{ matrix.features }}" -- -D warnings
        fi

  docs:
    name: Docs
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v7
    - uses: dtolnay/rust-toolchain@stable
    - uses: Swatinem/rust-cache@v2
    - name: Build docs
      run: cargo doc --no-deps --document-private-items

  coverage:
    name: Coverage
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write        # required to post the coverage comment
    steps:
    - uses: actions/checkout@v7
      with:
        fetch-depth: 0          # full history so `git merge-base` can resolve the PR's fork point
    # The coverage pipeline — cargo-llvm-cov run, merge-base baseline (download
    # + git-worktree recompute fallback), `omni-dev coverage diff` sticky PR
    # comment, summary + artifacts, baseline publish on main, and the line gate
    # — is packaged in action-works/omni-dev-coverage-check (issue #1024).
    # worktree-system-deps installs the ALSA headers only on the merge-base
    # recompute path, for fork points that predate the cpal/voice removal
    # (#980); a no-op once the merge-base is itself cpal-free.
    - uses: action-works/omni-dev-coverage-check@v1
      with:
        fail-under-lines: 30
        worktree-system-deps: libasound2-dev

  audit:
    name: Security Audit
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v7
    # Pull a prebuilt cargo-audit binary instead of `cargo install` (which
    # compiles from source every run — rust-cache can't help since it doesn't
    # cache ~/.cargo/bin). Mirrors the prebuilt cargo-deny-action below.
    - uses: taiki-e/install-action@v2
      with:
        tool: cargo-audit
    - name: Run cargo-audit
      run: cargo audit

  deny:
    name: Dependency Policy
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v7
    - uses: EmbarkStudios/cargo-deny-action@v2.0.20
      with:
        command: check all

  secrets:
    name: Secret Scanning
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v7
      with:
        fetch-depth: 0
    - name: TruffleHog scan
      uses: trufflesecurity/trufflehog@main
      with:
        extra_args: --only-verified