Skip to content

ci: harden workflow best practices#23

Merged
ubugeeei merged 1 commit into
mainfrom
codex/cicd-best-practices
May 18, 2026
Merged

ci: harden workflow best practices#23
ubugeeei merged 1 commit into
mainfrom
codex/cicd-best-practices

Conversation

@ubugeeei
Copy link
Copy Markdown
Member

@ubugeeei ubugeeei commented May 18, 2026

Summary

  • Use locked Cargo operations throughout CI and local scripts.
  • Cancel stale PR runs while preserving main/release runs.
  • Add job timeouts, explicit shell defaults, and Cargo color.
  • Harden release publishing with tag-on-main verification, lockfile verification, core tests, package listing, and publish dry-run before publish.
  • Add Dependabot coverage for GitHub Actions and Cargo updates.
  • Add crate description metadata and local package:core validation.

Local validation before push

  • pnpm ci:local
  • pnpm package:core
  • git diff --check
  • cargo fmt --all -- --check
  • cargo metadata --locked --format-version 1 >/dev/null
  • YAML parse for .github/workflows/ci.yml, .github/workflows/release_core.yml, and .github/dependabot.yml

Closes #22

@ubugeeei ubugeeei merged commit d393f1d into main May 18, 2026
2 checks passed
@ubugeeei ubugeeei deleted the codex/cicd-best-practices branch May 18, 2026 04:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

ci: harden CI/CD workflow best practices

1 participant

@ubugeeei