quickwit-oss · wallies · May 5, 2024 · May 4, 2024 · May 4, 2024 · May 5, 2024
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -4,3 +4,8 @@ updates:
  directory: "/"
  schedule:
  interval: "weekly"
+
+- package-ecosystem: cargo
+ directory: "/"
+ schedule:
+ interval: "weekly"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,6 +8,10 @@ on:
  branches:
  - master
 
+concurrency:
+ group: ${{ github.ref }}
+ cancel-in-progress: true
+
 permissions:
  contents: read
 
@@ -24,13 +28,14 @@ jobs:
  github.com:443
  static.rust-lang.org:443
 
- - name: Checkout
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
+ - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+ with:
+ fetch-depth: 0
 
  - name: Rust toolchain
  uses: dtolnay/rust-toolchain@bb45937a053e097f8591208d8e74c90db1873d07
  with:
- toolchain: 1.73.0
+ toolchain: "1.73.0"
  components: rustfmt
 
  - name: Check Formatting
@@ -52,6 +57,9 @@ jobs:
  - os: ubuntu-latest
  python-version: "3.10"
  allow-prereleases: false
+ - os: ubuntu-latest
+ python-version: 3.9
+ allow-prereleases: false
  - os: ubuntu-latest
  python-version: 3.8
  allow-prereleases: false
@@ -73,15 +81,18 @@ jobs:
  static.rust-lang.org:443
  objects.githubusercontent.com:443
 
- - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
+ - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+ with:
+ fetch-depth: 0
+
  - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # 5.1.0
  with:
  python-version: ${{ matrix.python-version }}
  allow-prereleases: ${{ matrix.allow-prereleases }}
 
  - uses: dtolnay/rust-toolchain@bb45937a053e097f8591208d8e74c90db1873d07
  with:
- toolchain: 1.73.0
+ toolchain: "1.73.0"
 
  - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # 2.7.3
  - run: python3 -m pip install nox

diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -9,9 +9,16 @@ on:
 # branches:
 # - master
 
+permissions:
+ contents: read
+
 jobs:
  linux:
  runs-on: ubuntu-latest
+ permissions:
+ id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation
+ contents: read
+ attestations: write # persist the attestation
  strategy:
  matrix:
  platform: [ 'x86_64-unknown-linux-gnu', 'aarch64-unknown-linux-gnu' ]
@@ -32,13 +39,13 @@ jobs:
  github.com:443
  index.crates.io:443
  objects.githubusercontent.com:443
- uploads.github.com:443
  pkg-containers.githubusercontent.com:443
  pypi.org:443
  quay.io:443
  sh.rustup.rs:443
  static.crates.io:443
  static.rust-lang.org:443
+ uploads.github.com:443
 
  - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
  - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
@@ -53,14 +60,23 @@ jobs:
  command: build
  args: --release --sdist -o dist -i 3.8 3.9 3.10 3.11 3.12
 
+ - name: Generate artifact attestation
+ uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0
+ with:
+ subject-path: 'dist/*'
+
  - name: Upload wheels
  uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
  with:
- name: wheels
+ name: wheels-${{ matrix.platform }}
  path: dist
 
  windows:
  runs-on: windows-latest
+ permissions:
+ id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation
+ contents: read
+ attestations: write # persist the attestation
  strategy:
  matrix:
  target: [x64]
@@ -69,7 +85,7 @@ jobs:
  - name: Harden Runner
  uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
  with:
- egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+ egress-policy: audit
 
  - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
  - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
@@ -83,6 +99,11 @@ jobs:
  command: build
  args: --release -o dist
 
+ - name: Generate artifact attestation
+ uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0
+ with:
+ subject-path: 'dist/*'
+
  - name: Upload wheels
  uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
  with:
@@ -91,6 +112,10 @@ jobs:
 
  macos:
  runs-on: macos-latest
+ permissions:
+ id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation
+ contents: read
+ attestations: write # persist the attestation
  strategy:
  matrix:
  python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
@@ -115,10 +140,15 @@ jobs:
  command: build
  args: --release -o dist
 
+ - name: Generate artifact attestation
+ uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0
+ with:
+ subject-path: 'dist/*'
+
  - name: Upload wheels
  uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
  with:
- name: wheels
+ name: wheels-${{ matrix.platform }}
  path: dist
 
  python-release-github:
@@ -144,7 +174,7 @@ jobs:
 
  - uses: dtolnay/rust-toolchain@bb45937a053e097f8591208d8e74c90db1873d07
  with:
- toolchain: 1.73.0
+ toolchain: "1.73.0"
 
  - name: Set up Python 3.8
  uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
@@ -153,8 +183,9 @@ jobs:
 
  - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
  with:
- name: wheels
  path: wheels
+ pattern: wheels-*
+ merge-multiple: true
 
  - name: Upload release binaries
  uses: alexellis/upload-assets@13926a61cdb2cb35f5fdef1c06b8b591523236d3
@@ -173,12 +204,13 @@ jobs:
  - name: Harden Runner
  uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
  with:
- egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+ egress-policy: audit
 
  - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
  with:
- name: wheels
  path: wheels
+ pattern: wheels-*
+ merge-multiple: true
 
  - name: Publish package distributions to Test PyPI
  uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tantivy"
-version = "0.21.0"
+version = "0.22.0"
 readme = "README.md"
 authors = ["Damir Jelić <poljar@termina.org.uk>"]
 edition = "2021"

diff --git a/src/document.rs b/src/document.rs
@@ -230,7 +230,7 @@ fn value_to_py(py: Python, value: &Value) -> PyResult<PyObject> {
  .into_py(py)
  }
  Value::Facet(f) => Facet { inner: f.clone() }.into_py(py),
- Value::Array(arr) => {
+ Value::Array(_arr) => {
  // TODO implement me
  unimplemented!();
  }