quantus-cli 1.4.0

Command line interface and library for interacting with the Quantus Network
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158

---
name: Continuous Integration

on:
  pull_request:
    paths-ignore:
      - "docs/**"
      - "*.md"
      - "LICENSE"
  push:
    branches:
      - main
    paths-ignore:
      - "docs/**"
      - "*.md"
      - "LICENSE"

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

# Principle of least privilege: all jobs only read the repo (checkout + cargo).
# Per-job override is unnecessary because no job pushes, creates releases or PRs.
permissions:
  contents: read

env:
  CARGO_INCREMENTAL: 0
  CARGO_TERM_COLOR: always
  CARGO_NET_RETRY: 10
  CARGO_NET_TIMEOUT: 60

jobs:
  fast-checks:
    name: 🏁 Fast Checks (Format)
    runs-on: ubuntu-latest
    timeout-minutes: 15
    steps:
      - uses: actions/checkout@v5
      - uses: ./.github/actions/ubuntu
      - name: Install taplo
        run: cargo install taplo-cli --locked
      - name: Run format checks
        run: |
          taplo format --check --config taplo.toml
          cargo +nightly fmt --all -- --check

  build-and-test-matrix:
    name: 🛠️ Build & Test Matrix
    needs: fast-checks
    runs-on: ${{ matrix.os }}
    timeout-minutes: 60
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - macos-latest
    steps:
      - uses: actions/checkout@v5
      - name: Setup Ubuntu
        if: matrix.os == 'ubuntu-latest'
        uses: ./.github/actions/ubuntu
      - name: Setup macOS
        if: matrix.os == 'macos-latest'
        uses: ./.github/actions/macos
      - name: Cache cargo registry & target
        uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            target
          key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock', 'rust-toolchain.toml') }}
          restore-keys: |
            ${{ runner.os }}-cargo-build-
      - name: Build (all targets)
        run: cargo build --locked
      - name: Build (library only)
        run: cargo build --lib --locked
      - name: Test (all targets)
        run: cargo test --locked

  analysis:
    name: 🤖 Analysis (Clippy & Doc)
    needs: fast-checks
    runs-on: ubuntu-latest
    timeout-minutes: 30
    steps:
      - uses: actions/checkout@v5
      - uses: ./.github/actions/ubuntu
      - name: Cache cargo registry & target
        uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            target
          key: ${{ runner.os }}-cargo-analysis-${{ hashFiles('**/Cargo.lock', 'rust-toolchain.toml') }}
          restore-keys: |
            ${{ runner.os }}-cargo-analysis-
      - name: Run clippy (all targets)
        run: SKIP_CIRCUIT_BUILD=1 cargo clippy --all-targets --locked -- -D warnings
      - name: Run clippy (library only)
        run: SKIP_CIRCUIT_BUILD=1 cargo clippy --lib --locked -- -D warnings
      - name: Generate documentation
        run: SKIP_CIRCUIT_BUILD=1 cargo doc --locked --no-deps
      - name: Check documentation (with private items)
        run: SKIP_CIRCUIT_BUILD=1 cargo doc --locked --no-deps --document-private-items

  security-audit:
    name: 🔐 Security Audit (non-blocking)
    needs: fast-checks
    runs-on: ubuntu-latest
    timeout-minutes: 10
    steps:
      - uses: actions/checkout@v5
      - name: Cache cargo-audit binary
        uses: actions/cache@v5
        with:
          path: ~/.cargo/bin/cargo-audit
          key: cargo-audit-bin-${{ runner.os }}-0.22.1
      - name: Cache RustSec advisory database
        uses: actions/cache@v5
        with:
          path: ~/.cargo/advisory-db
          key: cargo-advisory-db-${{ runner.os }}-${{ github.run_id }}
          restore-keys: |
            cargo-advisory-db-${{ runner.os }}-
      - name: Install cargo-audit
        run: |
          if ! command -v cargo-audit >/dev/null 2>&1; then
            cargo install cargo-audit --locked --version 0.22.1
          fi
      - name: Run cargo audit (informational only)
        # Only this step is non-blocking — every other step in this job
        # (checkout, caches, cargo-audit install) must fail loudly so we
        # don't silently skip the audit.
        continue-on-error: true
        run: cargo audit

  examples:
    name: 📚 Examples
    needs: fast-checks
    runs-on: ubuntu-latest
    timeout-minutes: 30
    steps:
      - uses: actions/checkout@v5
      - uses: ./.github/actions/ubuntu
      - name: Build examples
        run: cargo build --examples --locked
      - name: Check example compilation
        run: |
          for example in examples/*.rs; do
            example_name=$(basename "$example" .rs)
            echo "Checking example: $example_name"
            cargo check --example "$example_name" --locked
          done