chore: CI + scripts cleanup (review items #12 #13 #24 #31 #32 #37)#108
Merged
chore: CI + scripts cleanup (review items #12 #13 #24 #31 #32 #37)#108
Conversation
Six small review-list items rolled together — all CI/dev-tooling, no runtime behaviour change. #12 Dockerfile: pin Rust 1.95.0 and cargo-ndk 4.1.2 (was floating `stable` + latest cargo-ndk on monthly rebuild). Versions live in ENV vars to make the next bump a one-line edit. #13 Add shellcheck to lint job. SC2034/SC3043 excluded — Magisk reads SKIPUNZIP externally; Android's /system/bin/sh (mksh on Pixel) does support `local` despite POSIX. Verified locally that the 11 .sh files (module-side + dev tooling) pass. shellcheck baked into the CI image via apt; inline apt-get fallback covers the window before image rebuild. #24 ci.yml keystore.properties: replace heredoc with `printf '%s\n'`. Heredoc without single-quoted EOF re-expands $, backticks and backslashes in the password — printf takes the value verbatim. #31 scripts/release.py::patch_file now hard-fails when a regex pattern doesn't match (was silently leaving stale versions). #32 Split rotate_fragments_into_history into rotate + delete steps so release.py can save_json + write_md *before* unlinking the fragment files. If anything in between fails, fragments are still on disk and the run is retryable. #37 codegen-interfaces.py: emit `assert!(matches_vpn(…), msg)` / `assert!(!matches_vpn(…), msg)` instead of `assert_eq!(matches_vpn(…), true/false, msg)` — clippy::bool_assert_comparison was firing on every generated row under `cargo clippy --tests`. Both generated test modules regenerated. CI's clippy steps now also pass `--tests` so this class of regression is caught.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Six small review-list items rolled into one PR — all CI/dev-tooling, no runtime behaviour change.
Verified
Image-rebuild note
Both `#12` (rust pin) and `#13` (shellcheck) only fully take effect after the next `ci-image.yml` run, which triggers on push-to-main with paths-filter on `Dockerfile`. The `apt-get install` fallback inside the shellcheck step covers the gap; `#12` is harmless until then (CI keeps using whatever was in the previous image, which is `stable` anyway).
No changelog (CI/dev-tooling).