Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
0b296dc
Merge pull request #31 from fedify-dev/main
sij411 Jun 28, 2026
64365af
Add License descriptions
sij411 Jun 23, 2026
bd3c889
Add feder-runtime-linux crate
sij411 Jun 24, 2026
04af867
Rename crate to feder-runtime-server since it will support Linux, Win…
sij411 Jun 25, 2026
87e64ac
Add server entry point that consumes config from env
sij411 Jun 25, 2026
e91d12e
Add RuntimeConfig and tracing
sij411 Jun 25, 2026
954d837
Add AppState and attach it to the server
sij411 Jun 26, 2026
2d3c74d
Document runtime server startup Assisted-by: Codex:gpt-5.5
sij411 Jun 26, 2026
0520f97
Add cross-platform Cargo test CI
sij411 Jun 26, 2026
833c4d1
Document Windows runtime server startup
sij411 Jun 28, 2026
d3f6799
Merge pull request #28 from sij411/phase2-linux-runtime
sij411 Jun 28, 2026
170b961
Update license description to allow only 3.0
sij411 Jun 28, 2026
a4ffb6a
Merge pull request #32 from sij411/chore/license
sij411 Jun 28, 2026
b8fe0ab
Add typed server runtime errors
sij411 Jun 28, 2026
aceee50
Add webfinger query handling with default config
sij411 Jun 30, 2026
c09097d
Add response header and return response
sij411 Jun 30, 2026
82da624
Add mise run test command
sij411 Jun 30, 2026
0121411
Test WebFinger discovery responses
sij411 Jun 30, 2026
6278df4
Implement actor endpoint
sij411 Jul 1, 2026
11e7af0
Test local ActivityPub actor endpoint
sij411 Jul 1, 2026
7d67af1
Implement note endpoint
sij411 Jul 2, 2026
6cc594f
Test public Note endpoint
sij411 Jul 2, 2026
07be8f9
Fix hardcoded URL to suffix
sij411 Jul 3, 2026
0cc162c
Enable tower's util
sij411 Jul 3, 2026
ccc1623
Merge pull request #33 from sij411/feat/ap-discovery
sij411 Jul 3, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions .github/workflows/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,18 @@ jobs:
key: rustup-v1-${{ runner.os }}-${{ hashFiles('mise.toml') }}
- uses: jdx/mise-action@v4
- run: mise run check

cross-platform:
name: cargo test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- windows-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- run: cargo test --workspace
Comment on lines +24 to +37

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟡 Minor | ⚡ Quick win

Add persist-credentials: false to the new checkout step.

Static analysis flags the new cross-platform job's checkout for credential persistence (artipacked). Since this job only runs tests and doesn't push/write to the repo, disable credential persistence.

🔒️ Proposed fix
     steps:
     - uses: actions/checkout@v6
+      with:
+        persist-credentials: false
     - uses: dtolnay/rust-toolchain@stable
     - run: cargo test --workspace
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
cross-platform:
name: cargo test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- windows-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- run: cargo test --workspace
cross-platform:
name: cargo test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- windows-latest
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@stable
- run: cargo test --workspace
🧰 Tools
🪛 zizmor (1.26.1)

[warning] 35-35: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)


[warning] 24-38: overly broad permissions (excessive-permissions): default permissions used due to no permissions: block

(excessive-permissions)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/main.yaml around lines 24 - 37, The new cross-platform
job’s checkout step should disable Git credential persistence to avoid
unnecessary repo write access. Update the actions/checkout usage in the
cross-platform workflow step to include persist-credentials set to false, since
this job only runs cargo test and does not need to push or write back. Refer to
the cross-platform job and its checkout step in the workflow when making the
change.

Source: Linters/SAST tools

Loading
Loading