Merge pull request #41 from flibusta-apps/dependabot/github_actions/github/codeql-action-4

Bump github/codeql-action from 3 to 4
2025-12-06 14:45:38 +01:00 · 2025-10-14 17:53:01 +02:00 · 2025-10-08 09:04:36 +00:00 · 2025-09-10 17:08:32 +02:00 · 2025-08-31 14:10:17 +02:00 · 2025-08-18 15:38:32 +00:00
4 changed files with 1048 additions and 530 deletions
--- a/.github/workflows/build_docker_image.yaml
+++ b/.github/workflows/build_docker_image.yaml
@@ -3,18 +3,16 @@ name: Build docker image
 on:
  push:
    branches:
-      - 'main'
+      - "main"
 jobs:
  Build-Docker-Image:
    runs-on: ubuntu-latest
    steps:
-      -
+      - name: Checkout
-        name: Checkout
+        uses: actions/checkout@v5
        uses: actions/checkout@v4
-      -
+      - name: Set up Docker Buildx
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - id: repository_name
@@ -22,16 +20,14 @@ jobs:
        with:
          string: ${{ github.repository }}
-      -
+      - name: Login to ghcr.io
        name: Login to ghcr.io
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
-      -
+      - name: Build and push
        name: Build and push
        id: docker_build
        uses: docker/build-push-action@v6
        env:
@@ -39,12 +35,11 @@ jobs:
        with:
          push: true
          platforms: linux/amd64
-          tags: ghcr.io/${{ env.IMAGE }}:latest
+          tags: ghcr.io/${{ env.IMAGE }}:latest,ghcr.io/${{ env.IMAGE }}:${{ github.sha }}
          context: .
          file: ./docker/build.dockerfile
-      -
+      - name: Invoke deployment hook
        name: Invoke deployment hook
        uses: joelwmale/webhook-action@master
        with:
-          url: ${{ secrets.WEBHOOK_URL }}
+          url: ${{ secrets.WEBHOOK_URL }}?USERS_SETTINGS_SERVER_TAG=${{ github.sha }}
--- a/.github/workflows/rust-clippy.yml
+++ b/.github/workflows/rust-clippy.yml
@@ -0,0 +1,55 @@
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
 # separate terms of service, privacy policy, and support
 # documentation.
 # rust-clippy is a tool that runs a bunch of lints to catch common
 # mistakes in your Rust code and help improve your Rust code.
 # More details at https://github.com/rust-lang/rust-clippy
 # and https://rust-lang.github.io/rust-clippy/
 name: rust-clippy analyze
 on:
  push:
    branches: [ "main" ]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [ "main" ]
  schedule:
    - cron: '45 23 * * 1'
 jobs:
  rust-clippy-analyze:
    name: Run rust-clippy analyzing
    runs-on: ubuntu-latest
    permissions:
      contents: read
      security-events: write
      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
    steps:
      - name: Checkout code
        uses: actions/checkout@v5
      - name: Install Rust toolchain
        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af #@v1
        with:
          profile: minimal
          toolchain: stable
          components: clippy
          override: true
      - name: Install required cargo
        run: cargo install clippy-sarif sarif-fmt
      - name: Run rust-clippy
        run:
          cargo clippy
          --all-features
          --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
        continue-on-error: true
      - name: Upload analysis results to GitHub
        uses: github/codeql-action/upload-sarif@v4
        with:
          sarif_file: rust-clippy-results.sarif
          wait-for-processing: true
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -4,20 +4,34 @@ version = "0.1.0"
 edition = "2021"
 [profile.release]
 opt-level = 3
 debug = false
 strip = true
 lto = true
 codegen-units = 1
 panic = 'abort'
 [profile.profiling]
 inherits = "release"
 debug = true
 strip = false
 [dependencies]
 once_cell = "1.21.1"
 serde = { version = "1.0.219", features = ["derive"] }
-tokio = { version = "1.44.1", features = ["full"] }
+tokio = { version = "1.44.2", features = ["full"] }
 axum = { version = "0.8.1", features = ["json"] }
-axum-prometheus = "0.8.0"
+axum-prometheus = "0.9.0"
 chrono = { version = "0.4.40", features = ["serde"] }
-sentry = { version = "0.36.0", features = ["debug-images"] }
+sentry = { version = "0.42.0", features = ["debug-images"] }
 tracing = "0.1.41"
 tracing-subscriber = { version = "0.3.19", features = ["env-filter"]}
-sentry-tracing = "0.36.0"
+sentry-tracing = "0.42.0"
 tower-http = { version = "0.6.2", features = ["trace"] }
 sqlx = { version = "0.8.3", features = ["runtime-tokio", "postgres", "macros", "chrono"] }
Author	SHA1	Message	Date
Kurbanov Bulat	e5b4b6744c	Merge pull request #41 from flibusta-apps/dependabot/github_actions/github/codeql-action-4 Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details rust-clippy analyze / Run rust-clippy analyzing (push) Has been cancelled Details Bump github/codeql-action from 3 to 4	2025-10-14 17:53:01 +02:00
dependabot[bot]	6c37d8c118	Bump github/codeql-action from 3 to 4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-08 09:04:36 +00:00
Kurbanov Bulat	6310625717	Merge pull request #39 from flibusta-apps/dependabot/github_actions/actions/checkout-5 Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details rust-clippy analyze / Run rust-clippy analyzing (push) Has been cancelled Details Bump actions/checkout from 4 to 5	2025-09-10 17:08:32 +02:00
Bulat Kurbanov	e6894674ab	Update deps Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details rust-clippy analyze / Run rust-clippy analyzing (push) Has been cancelled Details	2025-08-31 14:10:17 +02:00
dependabot[bot]	c6bc146b0a	Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-18 15:38:32 +00:00
Kurbanov Bulat	fbc783b252	Create rust-clippy.yml Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details rust-clippy analyze / Run rust-clippy analyzing (push) Has been cancelled Details	2025-08-17 23:23:32 +02:00
Kurbanov Bulat	6cb14a8b26	Merge pull request #38 from flibusta-apps/dependabot/cargo/slab-0.4.11 Bump slab from 0.4.10 to 0.4.11	2025-08-17 23:19:46 +02:00
dependabot[bot]	d130e4bd3d	Bump slab from 0.4.10 to 0.4.11 Bumps [slab](https://github.com/tokio-rs/slab) from 0.4.10 to 0.4.11. - [Release notes](https://github.com/tokio-rs/slab/releases) - [Changelog](https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md) - [Commits](https://github.com/tokio-rs/slab/compare/v0.4.10...v0.4.11) --- updated-dependencies: - dependency-name: slab dependency-version: 0.4.11 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-17 21:17:05 +00:00
Kurbanov Bulat	380fdf66de	Merge pull request #37 from flibusta-apps/dependabot/github_actions/actions/checkout-5 Bump actions/checkout from 4 to 5	2025-08-17 23:16:01 +02:00
dependabot[bot]	7ec5a64e12	Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-12 20:03:20 +00:00
Bulat Kurbanov	e3a9e0ce66	Optimize release build Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details	2025-06-28 22:38:13 +02:00
Bulat Kurbanov	a65307bac6	Update deps	2025-06-28 22:22:18 +02:00
Bulat Kurbanov	673d014cf5	Update dependencies and improve Docker image build workflow Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details - Update Rust dependencies in Cargo.lock to latest versions - Add git SHA tag to Docker image for traceability - Pass deployment hook the built image tag for improved automation - Refactor GitHub Actions YAML for cleaner syntax	2025-06-21 23:24:53 +02:00
Kurbanov Bulat	a6044a1734	Merge pull request #36 from flibusta-apps/dependabot/cargo/tokio-1.44.2 Some checks failed Build docker image / Build-Docker-Image (push) Has been cancelled Details Bump tokio from 1.44.1 to 1.44.2	2025-04-08 15:54:07 +02:00
dependabot[bot]	6371148f7a	Bump tokio from 1.44.1 to 1.44.2 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.44.1 to 1.44.2. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.44.1...tokio-1.44.2) --- updated-dependencies: - dependency-name: tokio dependency-version: 1.44.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-04-08 02:08:52 +00:00