Improve codeql action

.github/workflows/base.yml

@@ -32,8 +32,13 @@ jobs:
         with:
           submodules: recursive
 
+      - name: Install nightly toolchain
+        run: |
+          rustup toolchain install nightly --profile minimal
+          rustup component add rustfmt --toolchain nightly
+
       - name: Run rustfmt
-        run: cargo fmt --all --check
+        run: cargo +nightly fmt --all --check
 
   clippy:
     name: Clippy Check
@@ -43,6 +48,7 @@ jobs:
       pull-requests: write
     env:
       CARGO_TERM_COLOR: always
+      RUSTUP_TOOLCHAIN: stable
 
     steps:
       - name: Checkout repository
@@ -51,12 +57,16 @@ jobs:
           submodules: recursive
 
       - name: Run cargo clippy
-        run: cargo clippy -- -D warnings
+        run: cargo clippy --all-targets --all-features -- -D warnings
 
   redundancy:
     name: Redundancy Check
     runs-on: [ self-hosted ]
 
+    env:
+      CARGO_TERM_COLOR: always
+      RUSTUP_TOOLCHAIN: stable
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -82,6 +92,10 @@ jobs:
 
     runs-on: [ self-hosted ]
 
+    env:
+      CARGO_TERM_COLOR: always
+      RUSTUP_TOOLCHAIN: stable
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -97,6 +111,7 @@ jobs:
     runs-on: [ self-hosted ]
     env:
       CARGO_TERM_COLOR: always
+      RUSTUP_TOOLCHAIN: stable
 
     steps:
       - name: Checkout repository
@@ -106,4 +121,4 @@ jobs:
           lfs: true
 
       - name: Run cargo test
-        run: git lfs pull && cargo test --all
+        run: git lfs pull && cargo test --all

.github/workflows/claude-review.yml

@@ -138,7 +138,6 @@ jobs:
 
           # Enable progress tracking and show full Claude output in logs
           track_progress: true
-          show_full_output: true
 
           # Custom review instructions passed to Claude
           prompt: |

.github/workflows/codeql.yml

@@ -16,8 +16,6 @@ on:
     branches: [ "main" ]
   pull_request:
     branches: [ "main" ]
-  schedule:
-    - cron: '22 5 * * 4'
 
 jobs:
   analyze:
@@ -27,7 +25,7 @@ jobs:
     #   - https://gh.io/supported-runners-and-hardware-resources
     #   - https://gh.io/using-larger-runners (GitHub.com only)
     # Consider using larger runners or machines with greater resources for possible analysis time improvements.
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    runs-on: 'ubuntu-latest'
     permissions:
       # required for all workflows
       security-events: write
@@ -47,14 +45,6 @@ jobs:
           build-mode: none
         - language: rust
           build-mode: none
-        # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift'
-        # Use `c-cpp` to analyze code written in C, C++ or both
-        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
-        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
-        # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
-        # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
-        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
-        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
       uses: actions/checkout@v4
@@ -78,23 +68,6 @@ jobs:
         # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
         # queries: security-extended,security-and-quality
 
-    # If the analyze step fails for one of the languages you are analyzing with
-    # "We were unable to automatically build your code", modify the matrix above
-    # to set the build mode to "manual" for that language. Then modify this step
-    # to build your code.
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-    - name: Run manual build steps
-      if: matrix.build-mode == 'manual'
-      shell: bash
-      run: |
-        echo 'If you are using a "manual" build mode for one or more of the' \
-          'languages you are analyzing, replace this with the commands to build' \
-          'your code, for example:'
-        echo '  make bootstrap'
-        echo '  make release'
-        exit 1
-
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v4
       with:

BUCK

@@ -34,17 +34,17 @@ rust_library(
         "//third-party/rust/crates/bstr/1.12.1:bstr",
         "//third-party/rust/crates/byteorder/1.5.0:byteorder",
         "//third-party/rust/crates/bytes/1.11.0:bytes",
-        "//third-party/rust/crates/chrono/0.4.42:chrono",
+        "//third-party/rust/crates/chrono/0.4.43:chrono",
         "//third-party/rust/crates/colored/3.0.0:colored",
         "//third-party/rust/crates/crc32fast/1.5.0:crc32fast",
         "//third-party/rust/crates/dashmap/6.1.0:dashmap",
         "//third-party/rust/crates/diffs/0.5.1:diffs",
         "//third-party/rust/crates/encoding_rs/0.8.35:encoding_rs",
-        "//third-party/rust/crates/flate2/1.1.5:flate2",
+        "//third-party/rust/crates/flate2/1.1.8:flate2",
         "//third-party/rust/crates/futures-util/0.3.31:futures-util",
         "//third-party/rust/crates/futures/0.3.31:futures",
         "//third-party/rust/crates/hex/0.4.3:hex",
-        "//third-party/rust/crates/libc/0.2.179:libc",
+        "//third-party/rust/crates/libc/0.2.180:libc",
         "//third-party/rust/crates/lru-mem/0.3.0:lru-mem",
         "//third-party/rust/crates/memchr/2.7.6:memchr",
         "//third-party/rust/crates/natord/1.0.9:natord",
@@ -88,17 +88,17 @@ rust_test(
         "//third-party/rust/crates/bstr/1.12.1:bstr",
         "//third-party/rust/crates/byteorder/1.5.0:byteorder",
         "//third-party/rust/crates/bytes/1.11.0:bytes",
-        "//third-party/rust/crates/chrono/0.4.42:chrono",
+        "//third-party/rust/crates/chrono/0.4.43:chrono",
         "//third-party/rust/crates/colored/3.0.0:colored",
         "//third-party/rust/crates/crc32fast/1.5.0:crc32fast",
         "//third-party/rust/crates/dashmap/6.1.0:dashmap",
         "//third-party/rust/crates/diffs/0.5.1:diffs",
         "//third-party/rust/crates/encoding_rs/0.8.35:encoding_rs",
-        "//third-party/rust/crates/flate2/1.1.5:flate2",
+        "//third-party/rust/crates/flate2/1.1.8:flate2",
         "//third-party/rust/crates/futures-util/0.3.31:futures-util",
         "//third-party/rust/crates/futures/0.3.31:futures",
         "//third-party/rust/crates/hex/0.4.3:hex",
-        "//third-party/rust/crates/libc/0.2.179:libc",
+        "//third-party/rust/crates/libc/0.2.180:libc",
         "//third-party/rust/crates/lru-mem/0.3.0:lru-mem",
         "//third-party/rust/crates/memchr/2.7.6:memchr",
         "//third-party/rust/crates/natord/1.0.9:natord",
@@ -146,17 +146,17 @@ rust_test(
         "//third-party/rust/crates/bstr/1.12.1:bstr",
         "//third-party/rust/crates/byteorder/1.5.0:byteorder",
         "//third-party/rust/crates/bytes/1.11.0:bytes",
-        "//third-party/rust/crates/chrono/0.4.42:chrono",
+        "//third-party/rust/crates/chrono/0.4.43:chrono",
         "//third-party/rust/crates/colored/3.0.0:colored",
         "//third-party/rust/crates/crc32fast/1.5.0:crc32fast",
         "//third-party/rust/crates/dashmap/6.1.0:dashmap",
         "//third-party/rust/crates/diffs/0.5.1:diffs",
         "//third-party/rust/crates/encoding_rs/0.8.35:encoding_rs",
-        "//third-party/rust/crates/flate2/1.1.5:flate2",
+        "//third-party/rust/crates/flate2/1.1.8:flate2",
         "//third-party/rust/crates/futures-util/0.3.31:futures-util",
         "//third-party/rust/crates/futures/0.3.31:futures",
         "//third-party/rust/crates/hex/0.4.3:hex",
-        "//third-party/rust/crates/libc/0.2.179:libc",
+        "//third-party/rust/crates/libc/0.2.180:libc",
         "//third-party/rust/crates/lru-mem/0.3.0:lru-mem",
         "//third-party/rust/crates/memchr/2.7.6:memchr",
         "//third-party/rust/crates/natord/1.0.9:natord",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "git-internal"
-version = "0.4.0"
+version = "0.4.1"
 edition = "2024"
 license = "MIT"
 description = "Git-Internal is a high-performance Rust library for encoding and decoding Git internal objects and Pack files."
@@ -28,7 +28,7 @@ encoding_rs = "0.8.35"
 rayon = "1.11.0"
 ahash = "0.8.12"
 diffs = "0.5.1"
-libc = "0.2.179"
+libc = "0.2.180"
 async-trait = "0.1.89"
 futures = "0.3.31"
 tokio-stream = "0.1.18"
@@ -40,9 +40,9 @@ sha2 = "0.10.9"
 crc32fast = "1.4"
 zstd-sys = { version = "2.0.16+zstd.1.5.7", features = ["experimental"] }
 sea-orm = { version = "1.1.17", features = ["sqlx-sqlite"] }
-flate2 = { version = "1.1.5", features = ["zlib"] }
+flate2 = { version = "1.1.8", features = ["zlib"] }
 serde = { version = "1.0.228", features = ["derive"] }
-chrono = { version = "0.4.42", features = ["serde"] }
+chrono = { version = "0.4.43", features = ["serde"] }
 uuid = { version = "1.19.0", features = ["v4"] }
 tokio = { version = "1.49.0", features = ["fs", "io-util"] }
 bincode = { version = "2.0.1", features = ["serde"] }

README.md

@@ -151,3 +151,55 @@ A simple approach:
 ### Benchmark
 
 **TODO**
+
+## Contributing
+
+### Pre-submission Checks
+
+Before submitting a Pull Request, please ensure your code passes the following checks:
+
+```bash
+# Run clippy with all warnings treated as errors (warnings will be treated as errors)
+cargo clippy --all-targets --all-features -- -D warnings
+
+# Check code formatting (requires nightly toolchain)
+cargo +nightly fmt --all --check
+```
+
+**Both commands must complete without any warnings.** The clippy check treats all warnings as errors, and the formatter check ensures code follows the project style guide. Only PRs that pass these checks will be accepted for merge.
+
+If the formatting check fails, you can automatically fix formatting issues by running:
+
+```bash
+cargo +nightly fmt --all
+```
+
+### Buck2 Build Requirements
+
+This project builds with Buck2. Please install both Buck2 and `cargo-buckal` before development:
+
+```bash
+# Install buck2: download the latest release tarball from
+# https://github.com/facebook/buck2/releases, extract the binary,
+# and place it in ~/.cargo/bin (ensure ~/.cargo/bin is on PATH).
+# Example (replace <tag> and <platform> with the latest for your OS):
+wget https://github.com/facebook/buck2/releases/download/<tag>/buck2-<platform>.tar.gz
+tar -xzf buck2-<platform>.tar.gz
+mv buck2 ~/.cargo/bin/
+
+# Install cargo-buckal (requires Rust toolchain)
+cargo install --git https://github.com/buck2hub/cargo-buckal.git
+```
+
+Pull Requests must also pass the Buck2 build:
+
+```bash
+cargo buckal build
+```
+
+When you update dependencies in Cargo.toml, regenerate Buck metadata and third-party lockfiles:
+
+```bash
+cargo buckal migrate
+```
+