name: Lint on: push: branches: - develop pull_request: workflow_dispatch: jobs: clippy: strategy: matrix: os: [ubuntu-latest, macos-15-intel, macos-latest, windows-latest] runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # 6.0.0 - name: Get nightly version to use id: nightly shell: bash run: echo "version=$(cat .github/nightly-version)" >> $GITHUB_OUTPUT - name: Build Dependencies uses: ./.github/actions/build-dependencies - name: Install nightly rust run: rustup toolchain install ${{ steps.nightly.outputs.version }} --profile minimal -t wasm32v1-none -c clippy - name: Run Clippy run: cargo +${{ steps.nightly.outputs.version }} clippy --all-features --all-targets -- -D warnings -A clippy::items_after_test_module # Also verify the lockfile isn't dirty # This happens when someone edits a Cargo.toml yet doesn't do anything # which causes the lockfile to be updated # The above clippy run will cause it to be updated, so checking there's # no differences present now performs the desired check - name: Verify lockfile shell: bash run: git diff | wc -l | LC_ALL="en_US.utf8" grep -x -e "^[ ]*0" deny: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # 6.0.0 - name: Install cargo deny run: cargo +1.91.1 install cargo-deny --version =0.18.8 - name: Run cargo deny run: cargo deny -L error --all-features check --hide-inclusion-graph fmt: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # 6.0.0 - name: Get nightly version to use id: nightly shell: bash run: echo "version=$(cat .github/nightly-version)" >> $GITHUB_OUTPUT - name: Install nightly rust run: rustup toolchain install ${{ steps.nightly.outputs.version }} --profile minimal -c rustfmt - name: Run rustfmt run: cargo +${{ steps.nightly.outputs.version }} fmt -- --check - name: Install Foundry uses: foundry-rs/foundry-toolchain@50d5a8956f2e319df19e6b57539d7e2acb9f8c1e # 1.5.0 with: version: v1.5.0 cache: false - name: Run forge fmt run: FOUNDRY_FMT_SORT_INPUTS=false FOUNDRY_FMT_LINE_LENGTH=100 FOUNDRY_FMT_TAB_WIDTH=2 FOUNDRY_FMT_BRACKET_SPACING=true FOUNDRY_FMT_INT_TYPES=preserve forge fmt --check $(find . -iname "*.sol") machete: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # 6.0.0 - name: Verify all dependencies are in use run: | cargo +1.91.1 install cargo-machete --version =0.9.1 cargo +1.91.1 machete msrv: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # 6.0.0 - name: Verify claimed `rust-version` shell: bash run: | cargo +1.91.1 install cargo-msrv --version =0.18.4 function check_msrv { # We `cd` into the directory passed as the first argument, but will return to the # directory called from. return_to=$(pwd) echo "Checking $1" cd $1 # We then find the existing `rust-version` using `grep` (for the right line) and then a # regex (to strip to just the major and minor version). existing=$(cat ./Cargo.toml | grep "rust-version" | grep -Eo "[0-9]+\.[0-9]+") # We then backup the `Cargo.toml`, allowing us to restore it after, saving time on future # MSRV checks (as they'll benefit from immediately exiting if the queried version is less # than the declared MSRV). mv ./Cargo.toml ./Cargo.toml.bak # We then use an inverted (`-v`) grep to remove the existing `rust-version` from the # `Cargo.toml`, as required because else earlier versions of Rust won't even attempt to # compile this crate. cat ./Cargo.toml.bak | grep -v "rust-version" > Cargo.toml # We then find the actual `rust-version` using `cargo-msrv` (again stripping to just the # major and minor version). actual=$(cargo msrv find --output-format minimal | grep -Eo "^[0-9]+\.[0-9]+") # Finally, we compare the two. echo "Declared rust-version: $existing" echo "Actual rust-version: $actual" [ $existing == $actual ] result=$? # Restore the original `Cargo.toml`. rm Cargo.toml mv ./Cargo.toml.bak ./Cargo.toml # Return to the directory called from and return the result. cd $return_to return $result } # Check each member of the workspace function check_workspace { # Get the members array from the workspace's `Cargo.toml` cargo_toml_lines=$(cat ./Cargo.toml | wc -l) # Keep all lines after the start of the array, then keep all lines before the next "]" members=$(cat Cargo.toml | grep "members\ \=\ \[" -m1 -A$cargo_toml_lines | grep "]" -m1 -B$cargo_toml_lines) # Parse out any comments, whitespace, including comments post-fixed on the same line as an entry # We accomplish the latter by pruning all characters after the entry's "," members=$(echo "$members" | grep -Ev "^[[:space:]]*(#|$)" | awk -F',' '{print $1","}') # Replace the first line, which was "members = [" and is now "members = [,", with "[" members=$(echo "$members" | sed "1s/.*/\[/") # Correct the last line, which was malleated to "]," members=$(echo "$members" | sed "$(echo "$members" | wc -l)s/\]\,/\]/") # Don't check the following # Most of these are binaries, with the exception of the Substrate runtime which has a # bespoke build pipeline members=$(echo "$members" | grep -v "networks/ethereum/relayer\"") members=$(echo "$members" | grep -v "message-queue\"") members=$(echo "$members" | grep -v "processor/bin\"") members=$(echo "$members" | grep -v "processor/bitcoin\"") members=$(echo "$members" | grep -v "processor/ethereum\"") members=$(echo "$members" | grep -v "processor/monero\"") members=$(echo "$members" | grep -v "coordinator\"") members=$(echo "$members" | grep -v "substrate/runtime\"") members=$(echo "$members" | grep -v "substrate/node\"") members=$(echo "$members" | grep -v "orchestration\"") # Don't check the tests members=$(echo "$members" | grep -v "mini\"") members=$(echo "$members" | grep -v "tests/") # Remove the trailing comma by replacing the last line's "," with "" members=$(echo "$members" | sed "$(($(echo "$members" | wc -l) - 1))s/\,//") echo $members | jq -r ".[]" | while read -r member; do check_msrv $member correct=$? if [ $correct -ne 0 ]; then return $correct fi done } check_workspace slither: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # 6.0.0 - name: Build Dependencies uses: ./.github/actions/build-dependencies - name: Slither run: | python3 -m pip install slither-analyzer==0.11.3 slither ./networks/ethereum/schnorr/contracts/Schnorr.sol slither --include-paths ./networks/ethereum/schnorr/contracts ./networks/ethereum/schnorr/contracts/tests/Schnorr.sol slither processor/ethereum/deployer/contracts/Deployer.sol slither processor/ethereum/erc20/contracts/IERC20.sol cp networks/ethereum/schnorr/contracts/Schnorr.sol processor/ethereum/router/contracts/ cp processor/ethereum/erc20/contracts/IERC20.sol processor/ethereum/router/contracts/ cd processor/ethereum/router/contracts slither Router.sol