diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 8c139c7..8c39432 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -4,3 +4,8 @@ updates: directory: "/" schedule: interval: "weekly" + +- package-ecosystem: cargo + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 13f3677..7b52e90 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,6 +8,10 @@ on: branches: - master +concurrency: + group: ${{ github.ref }} + cancel-in-progress: true + permissions: contents: read @@ -24,13 +28,14 @@ jobs: github.com:443 static.rust-lang.org:443 - - name: Checkout - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 + with: + fetch-depth: 0 - name: Rust toolchain uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a with: - toolchain: 1.73.0 + toolchain: "1.73.0" components: rustfmt - name: Check Formatting @@ -52,6 +57,9 @@ jobs: - os: ubuntu-latest python-version: "3.10" allow-prereleases: false + - os: ubuntu-latest + python-version: 3.9 + allow-prereleases: false - os: ubuntu-latest python-version: 3.8 allow-prereleases: false @@ -73,7 +81,10 @@ jobs: static.rust-lang.org:443 objects.githubusercontent.com:443 - - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 + with: + fetch-depth: 0 + - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # 5.1.0 with: python-version: ${{ matrix.python-version }} @@ -81,7 +92,7 @@ jobs: - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a with: - toolchain: 1.73.0 + toolchain: "1.73.0" - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # 2.7.3 - run: python3 -m pip install nox diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index dd52ae9..5b986b2 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -9,9 +9,16 @@ on: # branches: # - master +permissions: + contents: read + jobs: linux: runs-on: ubuntu-latest + permissions: + id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation + contents: read + attestations: write # persist the attestation strategy: matrix: platform: [ 'x86_64-unknown-linux-gnu', 'aarch64-unknown-linux-gnu' ] @@ -32,13 +39,13 @@ jobs: github.com:443 index.crates.io:443 objects.githubusercontent.com:443 - uploads.github.com:443 pkg-containers.githubusercontent.com:443 pypi.org:443 quay.io:443 sh.rustup.rs:443 static.crates.io:443 static.rust-lang.org:443 + uploads.github.com:443 - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d @@ -53,14 +60,23 @@ jobs: command: build args: --release --sdist -o dist -i 3.8 3.9 3.10 3.11 3.12 + - name: Generate artifact attestation + uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + with: + subject-path: 'dist/*' + - name: Upload wheels uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3 with: - name: wheels + name: wheels-${{ matrix.platform }} path: dist windows: runs-on: windows-latest + permissions: + id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation + contents: read + attestations: write # persist the attestation strategy: matrix: target: [x64] @@ -69,7 +85,7 @@ jobs: - name: Harden Runner uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs + egress-policy: audit - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d @@ -83,6 +99,11 @@ jobs: command: build args: --release -o dist + - name: Generate artifact attestation + uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + with: + subject-path: 'dist/*' + - name: Upload wheels uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3 with: @@ -91,6 +112,10 @@ jobs: macos: runs-on: macos-latest + permissions: + id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation + contents: read + attestations: write # persist the attestation strategy: matrix: python-version: ['3.8', '3.9', '3.10', '3.11', '3.12'] @@ -115,10 +140,15 @@ jobs: command: build args: --release -o dist + - name: Generate artifact attestation + uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + with: + subject-path: 'dist/*' + - name: Upload wheels uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3 with: - name: wheels + name: wheels-${{ matrix.platform }} path: dist python-release-github: @@ -144,7 +174,7 @@ jobs: - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a with: - toolchain: 1.73.0 + toolchain: "1.73.0" - name: Set up Python 3.8 uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 @@ -153,8 +183,9 @@ jobs: - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: - name: wheels path: wheels + pattern: wheels-* + merge-multiple: true - name: Upload release binaries uses: alexellis/upload-assets@13926a61cdb2cb35f5fdef1c06b8b591523236d3 @@ -173,12 +204,13 @@ jobs: - name: Harden Runner uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs + egress-policy: audit - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: - name: wheels path: wheels + pattern: wheels-* + merge-multiple: true - name: Publish package distributions to Test PyPI uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14 diff --git a/Cargo.lock b/Cargo.lock index aa6df96..1cba569 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1073,7 +1073,7 @@ dependencies = [ [[package]] name = "tantivy" -version = "0.21.0" +version = "0.22.0" dependencies = [ "base64", "chrono", @@ -1084,7 +1084,7 @@ dependencies = [ "pythonize", "serde", "serde_json", - "tantivy 0.22.0", + "tantivy 0.22.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 39cc95b..2ae6584 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tantivy" -version = "0.21.0" +version = "0.22.0" readme = "README.md" authors = ["Damir Jelić "] edition = "2021" diff --git a/src/document.rs b/src/document.rs index c8dfb1a..db0ab0c 100644 --- a/src/document.rs +++ b/src/document.rs @@ -230,7 +230,7 @@ fn value_to_py(py: Python, value: &Value) -> PyResult { .into_py(py) } Value::Facet(f) => Facet { inner: f.clone() }.into_py(py), - Value::Array(arr) => { + Value::Array(_arr) => { // TODO implement me unimplemented!(); }