chore(deps): lock file maintenance

Flake lock file updates:

• Updated input 'advisory-db':
    'github:rustsec/advisory-db/21c622592e8334057d6b56ea7249020ae74affa5?narHash=sha256-b413fI9LPrum1RXnddiQyiNjlIkZ5/Q8jBscMIYeW0Y%3D' (2024-05-21)
  → 'github:rustsec/advisory-db/331c2947e70b94a35b53ab25ed64b1bf25080870?narHash=sha256-%2B9w8QXpiGvPjJUYxlbLCKqpr0bR6b96fF%2BTtjaA2nr4%3D' (2024-06-01)
• Updated input 'crane':
    'github:ipetkov/crane/701dbc191ca003a118ce885db38fae9598908294?narHash=sha256-THm0mm4aKHQhh3pXCj5ms5t0sVPP9xzVsIU9byMjbtI%3D' (2024-05-25)
  → 'github:ipetkov/crane/480dff0be03dac0e51a8dfc26e882b0d123a450e?narHash=sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8%3D' (2024-05-29)
• Updated input 'fenix':
    'github:nix-community/fenix/9a9fafd0c3f796b675acb2e16ae238d4fd2cbdb5?narHash=sha256-eZs7f4izo6t0AmOI1IAU6/ZbbXrxMPGdo%2Bkhe4hP3Rk%3D' (2024-05-25)
  → 'github:nix-community/fenix/9a025daf6799e3af80b677f0af57ef76432c3fcf?narHash=sha256-ih8NPk3Jn5EAILOGQZ%2BKS5NLmu6QmwohJX%2B36MaTAQE%3D' (2024-06-01)
• Updated input 'fenix/rust-analyzer-src':
    'github:rust-lang/rust-analyzer/a55e8bf09cdfc25066b77823cc98976a51af8a8b?narHash=sha256-mVUbarr4PNjERDk%2BuaoitPq7eL7De0ythZehezAzug8%3D' (2024-05-24)
  → 'github:rust-lang/rust-analyzer/d6d735e6f20ef78b16a79886fe28bd69cf059504?narHash=sha256-qBruki5NHrSqIw5ulxtwFmVsb6W/aOKOMjsCJjfalA4%3D' (2024-05-31)
• Updated input 'nixpkgs':
    'github:msfjarvis/nixpkgs/7daa185d9199ca2f0a20820c7fb51f6dec5163cb?narHash=sha256-yneEKWawdgCRGWLp5vpahmpVjdO1vguiT38rv8j7GlQ%3D' (2024-05-25)
  → 'github:msfjarvis/nixpkgs/65c02d49e592e54e975b42257d26d44524c0b9c8?narHash=sha256-w3lJpTEbvyJsQPsp799eqnlcbTg0zrpeX2wo4DWBOnc%3D' (2024-05-31)

.github/renovate.json

@@ -4,5 +4,6 @@
     "config:base",
     "github>msfjarvis/shared-workflows//renovate/rust",
     "github>msfjarvis/shared-workflows//renovate/automerge"
-  ]
+  ],
+  "ignorePaths": [".github/workflows/release.yml", ".github/workflows/web.yml"]
 }

.github/workflows/release.yml

@@ -1,150 +1,307 @@
+# Copyright 2022-2023, axodotdev
+# SPDX-License-Identifier: MIT or Apache-2.0
+#
 # CI that:
 #
-# * checks for a Git Tag that looks like a release ("v1.2.0")
-# * creates a Github Release™️
-# * builds binaries/packages with cargo-dist
-# * uploads those packages to the Github Release™️
+# * checks for a Git Tag that looks like a release
+# * builds artifacts with cargo-dist (archives, installers, hashes)
+# * uploads those artifacts to temporary workflow zip
+# * on success, uploads the artifacts to a Github Release
 #
-# Note that the Github Release™️ will be created before the packages,
-# so there will be a few minutes where the release has no packages
-# and then they will slowly trickle in, possibly failing. To make
-# this more pleasant we mark the release as a "draft" until all
-# artifacts have been successfully uploaded. This allows you to
-# choose what to do with partial successes and avoids spamming
-# anyone with notifications before the release is actually ready.
+# Note that the Github Release will be created with a generated
+# title/body based on your changelogs.
+
 name: Release
 
 permissions:
   contents: write
 
-# This task will run whenever you push a git tag that looks like
-# a version number. We just look for `v` followed by at least one number
-# and then whatever. so `v1`, `v1.0.0`, and `v1.0.0-prerelease` all work.
+# This task will run whenever you push a git tag that looks like a version
+# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc.
+# Various formats will be parsed into a VERSION and an optional PACKAGE_NAME, where
+# PACKAGE_NAME must be the name of a Cargo package in your workspace, and VERSION
+# must be a Cargo-style SemVer Version (must have at least major.minor.patch).
 #
-# If there's a prerelease-style suffix to the version then the Github Release™️
-# will be marked as a prerelease (handled by taiki-e/create-gh-release-action).
+# If PACKAGE_NAME is specified, then the announcement will be for that
+# package (erroring out if it doesn't have the given version or isn't cargo-dist-able).
 #
-# Note that when generating links to uploaded artifacts, cargo-dist will currently
-# assume that your git tag is always v{VERSION} where VERSION is the version in
-# the published package's Cargo.toml (this is the default behaviour of cargo-release).
-# In the future this may be made more robust/configurable.
+# If PACKAGE_NAME isn't specified, then the announcement will be for all
+# (cargo-dist-able) packages in the workspace with that version (this mode is
+# intended for workspaces with only one dist-able package, or with all dist-able
+# packages versioned/released in lockstep).
+#
+# If you push multiple tags at once, separate instances of this workflow will
+# spin up, creating an independent announcement for each one. However Github
+# will hard limit this to 3 tags per commit, as it will assume more tags is a
+# mistake.
+#
+# If there's a prerelease-style suffix to the version, then the release(s)
+# will be marked as a prerelease.
 on:
   push:
     tags:
-      - v[0-9]+.*
-
-env:
-  ALL_CARGO_DIST_TARGET_ARGS: --target=x86_64-unknown-linux-gnu --target=x86_64-apple-darwin --target=x86_64-pc-windows-msvc 
-  ALL_CARGO_DIST_INSTALLER_ARGS: --installer=github-powershell 
+      - '**[0-9]+.[0-9]+.[0-9]+*'
+  pull_request:
 
 jobs:
-  # Create the Github Release™️ so the packages have something to be uploaded to
-  create-release:
+  # Run 'cargo dist plan' (or host) to determine what tasks we need to do
+  plan:
     runs-on: ubuntu-latest
     outputs:
-      tag: ${{ steps.create-gh-release.outputs.computed-prefix }}${{ steps.create-gh-release.outputs.version }}
-    steps:
-      - uses: actions/checkout@v4
-      - id: create-gh-release
-        uses: taiki-e/create-gh-release-action@v1
-        with:
-          draft: true
-          # (required) GitHub token for creating GitHub Releases.
-          token: ${{ secrets.GITHUB_TOKEN }}
-
-
-  # Build and packages all the things
-  upload-artifacts:
-    needs: create-release
-    strategy:
-      matrix:
-        # For these target platforms
-        include:
-        - target: x86_64-unknown-linux-gnu
-          os: ubuntu-20.04
-          install-dist: curl --proto '=https' --tlsv1.2 -L -sSf https://github.com/axodotdev/cargo-dist/releases/download/v0.0.2/installer.sh | sh
-        - target: x86_64-apple-darwin
-          os: macos-11
-          install-dist: curl --proto '=https' --tlsv1.2 -L -sSf https://github.com/axodotdev/cargo-dist/releases/download/v0.0.2/installer.sh | sh
-        - target: x86_64-pc-windows-msvc
-          os: windows-2019
-          install-dist: irm 'https://github.com/axodotdev/cargo-dist/releases/download/v0.0.2/installer.ps1' | iex
-    runs-on: ${{ matrix.os }}
+      val: ${{ steps.plan.outputs.manifest }}
+      tag: ${{ !github.event.pull_request && github.ref_name || '' }}
+      tag-flag: ${{ !github.event.pull_request && format('--tag={0}', github.ref_name) || '' }}
+      publishing: ${{ !github.event.pull_request }}
     env:
       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - uses: actions/checkout@v4
-      - name: Install Rust
-        run: rustup update stable && rustup default stable
+        with:
+          submodules: recursive
       - name: Install cargo-dist
-        run: ${{ matrix.install-dist }}
-      - name: Run cargo-dist
-        # This logic is a bit janky because it's trying to be a polyglot between
-        # powershell and bash since this will run on windows, macos, and linux!
-        # The two platforms don't agree on how to talk about env vars but they
-        # do agree on 'cat' and '$()' so we use that to marshal values between commmands.
+        # we specify bash to get pipefail; it guards against the `curl` command
+        # failing. otherwise `sh` won't catch that `curl` returned non-0
+        shell: bash
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.11.1/cargo-dist-installer.sh | sh"
+      # sure would be cool if github gave us proper conditionals...
+      # so here's a doubly-nested ternary-via-truthiness to try to provide the best possible
+      # functionality based on whether this is a pull_request, and whether it's from a fork.
+      # (PRs run on the *source* but secrets are usually on the *target* -- that's *good*
+      # but also really annoying to build CI around when it needs secrets to work right.)
+      - id: plan
+        run: |
+          cargo dist ${{ (!github.event.pull_request && format('host --steps=create --tag={0}', github.ref_name)) || 'plan' }} --output-format=json > plan-dist-manifest.json
+          echo "cargo dist ran successfully"
+          cat plan-dist-manifest.json
+          echo "manifest=$(jq -c "." plan-dist-manifest.json)" >> "$GITHUB_OUTPUT"
+      - name: "Upload dist-manifest.json"
+        uses: actions/upload-artifact@v4
+        with:
+          name: artifacts-plan-dist-manifest
+          path: plan-dist-manifest.json
+
+  # Build and packages all the platform-specific things
+  build-local-artifacts:
+    name: build-local-artifacts (${{ join(matrix.targets, ', ') }})
+    # Let the initial task tell us to not run (currently very blunt)
+    needs:
+      - plan
+    if: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix.include != null && (needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload') }}
+    strategy:
+      fail-fast: false
+      # Target platforms/runners are computed by cargo-dist in create-release.
+      # Each member of the matrix has the following arguments:
+      #
+      # - runner: the github runner
+      # - dist-args: cli flags to pass to cargo dist
+      # - install-dist: expression to run to install cargo-dist on the runner
+      #
+      # Typically there will be:
+      # - 1 "global" task that builds universal installers
+      # - N "local" tasks that build each platform's binaries and platform-specific installers
+      matrix: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix }}
+    runs-on: ${{ matrix.runner }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      BUILD_MANIFEST_NAME: target/distrib/${{ join(matrix.targets, '-') }}-dist-manifest.json
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - uses: swatinem/rust-cache@v2
+      - name: Install cargo-dist
+        run: ${{ matrix.install_dist }}
+      # Get the dist-manifest
+      - name: Fetch local artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: target/distrib/
+          merge-multiple: true
+      - name: Install dependencies
+        run: |
+          ${{ matrix.packages_install }}
+      - name: Build artifacts
         run: |
           # Actually do builds and make zips and whatnot
-          cargo dist --target=${{ matrix.target }} --output-format=json > dist-manifest.json
-          echo "dist ran successfully"
-          cat dist-manifest.json
-          # Parse out what we just built and upload it to the Github Release™️
-          cat dist-manifest.json | jq --raw-output ".releases[].artifacts[].path" > uploads.txt
-          echo "uploading..."
-          cat uploads.txt
-          gh release upload ${{ needs.create-release.outputs.tag }} $(cat uploads.txt)
-          echo "uploaded!"
+          cargo dist build ${{ needs.plan.outputs.tag-flag }} --print=linkage --output-format=json ${{ matrix.dist_args }} > dist-manifest.json
+          echo "cargo dist ran successfully"
+      - id: cargo-dist
+        name: Post-build
+        # We force bash here just because github makes it really hard to get values up
+        # to "real" actions without writing to env-vars, and writing to env-vars has
+        # inconsistent syntax between shell and powershell.
+        shell: bash
+        run: |
+          # Parse out what we just built and upload it to scratch storage
+          echo "paths<<EOF" >> "$GITHUB_OUTPUT"
+          jq --raw-output ".artifacts[]?.path | select( . != null )" dist-manifest.json >> "$GITHUB_OUTPUT"
+          echo "EOF" >> "$GITHUB_OUTPUT"
 
-  # Compute and upload the manifest for everything
-  upload-manifest:
-    needs: create-release
-    runs-on: ubuntu-latest
+          cp dist-manifest.json "$BUILD_MANIFEST_NAME"
+      - name: "Upload artifacts"
+        uses: actions/upload-artifact@v4
+        with:
+          name: artifacts-build-local-${{ join(matrix.targets, '_') }}
+          path: |
+            ${{ steps.cargo-dist.outputs.paths }}
+            ${{ env.BUILD_MANIFEST_NAME }}
+
+  # Build and package all the platform-agnostic(ish) things
+  build-global-artifacts:
+    needs:
+      - plan
+      - build-local-artifacts
+    runs-on: "ubuntu-20.04"
     env:
       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json
     steps:
       - uses: actions/checkout@v4
-      - name: Install Rust
-        run: rustup update stable && rustup default stable
+        with:
+          submodules: recursive
       - name: Install cargo-dist
-        run: curl --proto '=https' --tlsv1.2 -L -sSf https://github.com/axodotdev/cargo-dist/releases/download/v0.0.2/installer.sh | sh
-      - name: Run cargo-dist manifest
+        shell: bash
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.11.1/cargo-dist-installer.sh | sh"
+      # Get all the local artifacts for the global tasks to use (for e.g. checksums)
+      - name: Fetch local artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: target/distrib/
+          merge-multiple: true
+      - id: cargo-dist
+        shell: bash
         run: |
-          # Generate a manifest describing everything
-          cargo dist manifest --no-local-paths --output-format=json $ALL_CARGO_DIST_TARGET_ARGS $ALL_CARGO_DIST_INSTALLER_ARGS > dist-manifest.json
-          echo "dist manifest ran successfully"
-          cat dist-manifest.json
-          # Upload the manifest to the Github Release™️
-          gh release upload ${{ needs.create-release.outputs.tag }} dist-manifest.json
-          echo "uploaded manifest!"
-          # Edit the Github Release™️ title/body to match what cargo-dist thinks it should be
-          CHANGELOG_TITLE=$(cat dist-manifest.json | jq --raw-output ".releases[].changelog_title")
-          cat dist-manifest.json | jq --raw-output ".releases[].changelog_body" > new_dist_changelog.md
-          gh release edit ${{ needs.create-release.outputs.tag }} --title="$CHANGELOG_TITLE" --notes-file=new_dist_changelog.md
-          echo "updated release notes!"
-      - name: Run cargo-dist --installer=...
-        run: |
-          # Run cargo dist with --no-builds to get agnostic artifacts like installers
-          cargo dist --output-format=json --no-builds $ALL_CARGO_DIST_INSTALLER_ARGS > dist-manifest.json
-          echo "dist ran successfully"
-          cat dist-manifest.json
-          # Grab the installers that were generated and upload them.
-          # This filter is working around the fact that --no-builds is kinds hacky
-          # and still makes/reports malformed zips that we don't want to upload.
-          cat dist-manifest.json | jq --raw-output '.releases[].artifacts[] | select(.kind == "installer") | .path' > uploads.txt
-          echo "uploading..."
-          cat uploads.txt
-          gh release upload ${{ needs.create-release.outputs.tag }} $(cat uploads.txt)
-          echo "uploaded installers!"
+          cargo dist build ${{ needs.plan.outputs.tag-flag }} --output-format=json "--artifacts=global" > dist-manifest.json
+          echo "cargo dist ran successfully"
 
-  # Mark the Github Release™️ as a non-draft now that everything has succeeded!
-  publish-release:
-    needs: [create-release, upload-artifacts, upload-manifest]
-    runs-on: ubuntu-latest
+          # Parse out what we just built and upload it to scratch storage
+          echo "paths<<EOF" >> "$GITHUB_OUTPUT"
+          jq --raw-output ".artifacts[]?.path | select( . != null )" dist-manifest.json >> "$GITHUB_OUTPUT"
+          echo "EOF" >> "$GITHUB_OUTPUT"
+
+          cp dist-manifest.json "$BUILD_MANIFEST_NAME"
+      - name: "Upload artifacts"
+        uses: actions/upload-artifact@v4
+        with:
+          name: artifacts-build-global
+          path: |
+            ${{ steps.cargo-dist.outputs.paths }}
+            ${{ env.BUILD_MANIFEST_NAME }}
+  # Determines if we should publish/announce
+  host:
+    needs:
+      - plan
+      - build-local-artifacts
+      - build-global-artifacts
+    # Only run if we're "publishing", and only if local and global didn't fail (skipped is fine)
+    if: ${{ always() && needs.plan.outputs.publishing == 'true' && (needs.build-global-artifacts.result == 'skipped' || needs.build-global-artifacts.result == 'success') && (needs.build-local-artifacts.result == 'skipped' || needs.build-local-artifacts.result == 'success') }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    runs-on: "ubuntu-20.04"
+    outputs:
+      val: ${{ steps.host.outputs.manifest }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - name: Install cargo-dist
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.11.1/cargo-dist-installer.sh | sh"
+      # Fetch artifacts from scratch-storage
+      - name: Fetch artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: target/distrib/
+          merge-multiple: true
+      # This is a harmless no-op for Github Releases, hosting for that happens in "announce"
+      - id: host
+        shell: bash
+        run: |
+          cargo dist host ${{ needs.plan.outputs.tag-flag }} --steps=upload --steps=release --output-format=json > dist-manifest.json
+          echo "artifacts uploaded and released successfully"
+          cat dist-manifest.json
+          echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT"
+      - name: "Upload dist-manifest.json"
+        uses: actions/upload-artifact@v4
+        with:
+          # Overwrite the previous copy
+          name: artifacts-dist-manifest
+          path: dist-manifest.json
+
+  publish-homebrew-formula:
+    needs:
+      - plan
+      - host
+    runs-on: "ubuntu-20.04"
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      PLAN: ${{ needs.plan.outputs.val }}
+      GITHUB_USER: "axo bot"
+      GITHUB_EMAIL: "admin+bot@axo.dev"
+    if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          repository: "msfjarvis/homebrew-tap"
+          token: ${{ secrets.HOMEBREW_TAP_TOKEN }}
+      # So we have access to the formula
+      - name: Fetch local artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: Formula/
+          merge-multiple: true
+      # This is extra complex because you can make your Formula name not match your app name
+      # so we need to find releases with a *.rb file, and publish with that filename.
+      - name: Commit formula files
+        run: |
+          git config --global user.name "${GITHUB_USER}"
+          git config --global user.email "${GITHUB_EMAIL}"
+
+          for release in $(echo "$PLAN" | jq --compact-output '.releases[] | select([.artifacts[] | endswith(".rb")] | any)'); do
+            filename=$(echo "$release" | jq '.artifacts[] | select(endswith(".rb"))' --raw-output)
+            name=$(echo "$filename" | sed "s/\.rb$//")
+            version=$(echo "$release" | jq .app_version --raw-output)
+
+            git add "Formula/${filename}"
+            git commit -m "${name} ${version}"
+          done
+          git push
+
+  # Create a Github Release while uploading all files to it
+  announce:
+    needs:
+      - plan
+      - host
+      - publish-homebrew-formula
+    # use "always() && ..." to allow us to wait for all publish jobs while
+    # still allowing individual publish jobs to skip themselves (for prereleases).
+    # "host" however must run to completion, no skipping allowed!
+    if: ${{ always() && needs.host.result == 'success' && (needs.publish-homebrew-formula.result == 'skipped' || needs.publish-homebrew-formula.result == 'success') }}
+    runs-on: "ubuntu-20.04"
     env:
       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - uses: actions/checkout@v4
-      - name: mark release as non-draft
+        with:
+          submodules: recursive
+      - name: "Download Github Artifacts"
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: artifacts
+          merge-multiple: true
+      - name: Cleanup
         run: |
-          gh release edit ${{ needs.create-release.outputs.tag }} --draft=false
-
+          # Remove the granular manifests
+          rm -f artifacts/*-dist-manifest.json
+      - name: Create Github Release
+        uses: ncipollo/release-action@v1
+        with:
+          tag: ${{ needs.plan.outputs.tag }}
+          name: ${{ fromJson(needs.host.outputs.val).announcement_title }}
+          body: ${{ fromJson(needs.host.outputs.val).announcement_github_body }}
+          prerelease: ${{ fromJson(needs.host.outputs.val).announcement_is_prerelease }}
+          artifacts: "artifacts/*"

.github/workflows/web.yml

@@ -0,0 +1,88 @@
+# Workflow to build your docs with oranda (and mdbook)
+# and deploy them to Github Pages
+name: Web
+
+# We're going to push to the gh-pages branch, so we need that permission
+permissions:
+  contents: write
+
+# What situations do we want to build docs in?
+# All of these work independently and can be removed / commented out
+# if you don't want oranda/mdbook running in that situation
+on:
+  # Check that a PR didn't break docs!
+  #
+  # Note that the "Deploy to Github Pages" step won't run in this mode,
+  # so this won't have any side-effects. But it will tell you if a PR
+  # completely broke oranda/mdbook. Sadly we don't provide previews (yet)!
+  pull_request:
+
+  # Whenever something gets pushed to main, update the docs!
+  # This is great for getting docs changes live without cutting a full release.
+  #
+  # Note that if you're using cargo-dist, this will "race" the Release workflow
+  # that actually builds the Github Release that oranda tries to read (and
+  # this will almost certainly complete first). As a result you will publish
+  # docs for the latest commit but the oranda landing page won't know about
+  # the latest release. The workflow_run trigger below will properly wait for
+  # cargo-dist, and so this half-published state will only last for ~10 minutes.
+  #
+  # If you only want docs to update with releases, disable this, or change it to
+  # a "release" branch. You can, of course, also manually trigger a workflow run
+  # when you want the docs to update.
+  push:
+    branches:
+      - main
+
+  # Whenever a workflow called "Release" completes, update the docs!
+  #
+  # If you're using cargo-dist, this is recommended, as it will ensure that
+  # oranda always sees the latest release right when it's available. Note
+  # however that Github's UI is wonky when you use workflow_run, and won't
+  # show this workflow as part of any commit. You have to go to the "actions"
+  # tab for your repo to see this one running (the gh-pages deploy will also
+  # only show up there).
+  workflow_run:
+    workflows: [ "Release" ]
+    types:
+      - completed
+
+# Alright, let's do it!
+jobs:
+  web:
+    name: Build and deploy site and docs
+    runs-on: ubuntu-latest
+    steps:
+      # Setup
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: swatinem/rust-cache@v2
+
+      # If you use any mdbook plugins, here's the place to install them!
+
+      # Install and run oranda (and mdbook)
+      # This will write all output to ./public/ (including copying mdbook's output to there)
+      - name: Install and run oranda
+        run: |
+          curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/oranda/releases/download/v0.6.1/oranda-installer.sh | sh
+          oranda build
+      
+      # Deploy to our gh-pages branch (creating it if it doesn't exist)
+      # the "public" dir that oranda made above will become the root dir
+      # of this branch.
+      #
+      # Note that once the gh-pages branch exists, you must
+      # go into repo's settings > pages and set "deploy from branch: gh-pages"
+      # the other defaults work fine.
+      - name: Deploy to Github Pages
+        uses: JamesIves/github-pages-deploy-action@v4.4.1
+        # ONLY if we're on main (so no PRs or feature branches allowed!)
+        if: ${{ github.ref == 'refs/heads/main' }}
+        with:
+          branch: gh-pages
+          # Gotta tell the action where to find oranda's output
+          folder: public
+          token: ${{ secrets.GITHUB_TOKEN }}
+          single-commit: true

.gitignore

@@ -114,3 +114,6 @@ fabric.properties
 .history
 
 # End of https://www.gitignore.io/api/clion,rust,visualstudiocode
+
+# Generated by `oranda generate ci`
+public/

Cargo.toml

@@ -2,6 +2,23 @@
 members = ["adx"]
 resolver = "2"
 
+# Config for 'cargo dist'
+[workspace.metadata.dist]
+# The preferred cargo-dist version to use in CI (Cargo.toml SemVer syntax)
+cargo-dist-version = "0.11.1"
+# CI backends to support
+ci = ["github"]
+# The installers to generate for each app
+installers = ["shell", "powershell", "homebrew"]
+# A GitHub repo to push Homebrew formulas to
+tap = "msfjarvis/homebrew-tap"
+# Target platforms to build apps for (Rust target-triple syntax)
+targets = ["aarch64-apple-darwin", "x86_64-apple-darwin", "x86_64-unknown-linux-gnu", "x86_64-unknown-linux-musl", "x86_64-pc-windows-msvc"]
+# Publish jobs to run in CI
+publish-jobs = ["homebrew"]
+# Publish jobs to run in CI
+pr-run-mode = "plan"
+
 [profile.release]
 codegen-units = 1
 lto = "thin"

HACKING.md

@@ -0,0 +1,8 @@
+# Running tests
+
+To avoid network requests during testing the project uses a somewhat rudimentary hack around conditional compilation to load up a dump of `maven.google.com` from the repository itself. To ensure that all tests are passing, make sure to run them as following:
+
+```bash
+RUSTFLAGS='--cfg nix_check' cargo build
+RUSTFLAGS='--cfg nix_check' cargo nextest run
+```

adx/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "adx"
-version = "4.5.3"
+version = "5.0.0"
 authors = ["Harsh Shandilya <me@msfjarvis.dev>"]
 edition = "2021"
 license = "MIT/Apache-2.0"
@@ -13,16 +13,16 @@ readme = "../README.md"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-clap = { version = "4.5.1", features = ["color", "deprecated", "derive"] }
-color-eyre = { version = "0.6.2", default-features = false }
+clap = { version = "4.5.4", features = ["color", "deprecated", "derive"] }
+color-eyre = { version = "0.6.3", default-features = false }
 futures = "0.3.30"
-reqwest = { version = "0.11.24", default-features = false, features = [
+reqwest = { version = "0.12.4", default-features = false, features = [
   "rustls-tls",
 ] }
-roxmltree = { version = "0.19.0", features = ["std"] }
+roxmltree = { version = "0.20.0", features = ["std"] }
 semver = "1.0.22"
-thiserror = "1.0.57"
-tokio = { version = "1.36.0", features = ["macros", "rt-multi-thread"] }
+thiserror = "1.0.59"
+tokio = { version = "1.37.0", features = ["macros", "rt-multi-thread"] }
 
 [badges]
 maintenance = { status = "actively-developed" }
@@ -31,4 +31,4 @@ maintenance = { status = "actively-developed" }
 measure-alloc = []
 
 [dev-dependencies]
-insta-cmd = "0.5.0"
+insta-cmd = "0.6.0"

adx/src/parse.rs

@@ -52,25 +52,19 @@ async fn get_group_index(group: &str) -> Result<String> {
 
 /// Parses a given master-index.xml and filters the found packages based on
 // `search_term`.
-fn filter_groups(doc: &Document<'_>, search_term: &str) -> Vec<String> {
-    let mut groups = vec![];
-    for node in doc
-        .descendants()
+fn parse_groups<'a>(doc: &'a Document<'_>) -> Vec<&'a str> {
+    doc.descendants()
         // Only keep elements
         .filter(|node| node.node_type() == NodeType::Element)
         // Skip the first one since it is junk
         .skip(1)
-    {
-        let tag = node.tag_name().name();
-        if tag.contains(search_term) {
-            groups.push(tag.to_string());
-        }
-    }
-    groups
+        .map(|node| node.tag_name())
+        .map(|node| node.name())
+        .collect()
 }
 
 /// Given a list of groups, returns a `Vec<MavenPackage>` of all artifacts.
-async fn parse_packages(groups: Vec<String>, channel: Channel) -> Result<Vec<MavenPackage>> {
+async fn parse_packages(groups: Vec<&str>, channel: Channel) -> Result<Vec<MavenPackage>> {
     // Create a Vec<Future<_>>, this will allow us to run all tasks together
     // without requiring us to spawn a new thread
     let group_futures = groups
@@ -149,31 +143,26 @@ async fn parse_group(group_name: &str, channel: Channel) -> Result<Vec<MavenPack
 pub(crate) async fn parse(search_term: &str, channel: Channel) -> Result<Vec<MavenPackage>> {
     let maven_index = get_maven_index().await?;
     let doc = Document::parse(&maven_index)?;
-    let groups = filter_groups(&doc, search_term);
-    parse_packages(groups, channel).await
+    let groups = parse_groups(&doc);
+    let packages = parse_packages(groups, channel).await;
+    packages.map(|packages| {
+        if search_term.is_empty() {
+            packages
+        } else {
+            packages
+                .into_iter()
+                .filter(|pkg| {
+                    pkg.group_id.contains(search_term) || pkg.artifact_id.contains(search_term)
+                })
+                .collect()
+        }
+    })
 }
 
 #[cfg(test)]
 mod test {
-    use color_eyre::eyre::eyre;
-    use futures::executor::block_on;
-
     use super::{parse, Channel};
-
-    #[test]
-    fn check_filter_works() {
-        let res = block_on(parse("appcompat", Channel::Alpha))
-            .map_err(|e| eyre!(e))
-            .unwrap();
-        assert_eq!(res.len(), 2);
-        for pkg in &res {
-            assert_eq!(pkg.group_id, "androidx.appcompat");
-        }
-        assert!(res.iter().any(|pkg| pkg.artifact_id == "appcompat"));
-        assert!(res
-            .iter()
-            .any(|pkg| pkg.artifact_id == "appcompat-resources"));
-    }
+    use futures::executor::block_on;
 
     #[test]
     fn check_all_packages_are_parsed() {

adx/src/snapshots/adx__test__cli_search.snap

@@ -10,5 +10,8 @@ exit_code: 0
 ----- stdout -----
 androidx.appcompat:appcompat:1.4.0-alpha03
 androidx.appcompat:appcompat-resources:1.4.0-alpha03
+androidx.emoji:emoji-appcompat:1.2.0-alpha03
+com.android.support:appcompat-v7:28.0.0
+com.android.support:support-emoji-appcompat:28.0.0
 
 ----- stderr -----

adx/src/snapshots/adx__test__cli_search_stable.snap

@@ -12,5 +12,8 @@ exit_code: 0
 ----- stdout -----
 androidx.appcompat:appcompat:1.3.1
 androidx.appcompat:appcompat-resources:1.3.1
+androidx.emoji:emoji-appcompat:1.1.0
+com.android.support:appcompat-v7:28.0.0
+com.android.support:support-emoji-appcompat:28.0.0
 
 ----- stderr -----

flake.lock

@@ -3,11 +3,11 @@
     "advisory-db": {
       "flake": false,
       "locked": {
-        "lastModified": 1709400162,
-        "narHash": "sha256-kAdP0YEvYb2bEfF92+1UkjsEEcqmmJAsBzplaz4x7Zc=",
+        "lastModified": 1717238897,
+        "narHash": "sha256-+9w8QXpiGvPjJUYxlbLCKqpr0bR6b96fF+TtjaA2nr4=",
         "owner": "rustsec",
         "repo": "advisory-db",
-        "rev": "9ec5743512edfa8aa6a057daf66371b0aff66008",
+        "rev": "331c2947e70b94a35b53ab25ed64b1bf25080870",
         "type": "github"
       },
       "original": {
@@ -23,11 +23,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1709400089,
-        "narHash": "sha256-4A6X9xNWJ0EQhBPjM4JTdxQFDTkSqQchkNfuDWOP068=",
+        "lastModified": 1717025063,
+        "narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=",
         "owner": "ipetkov",
         "repo": "crane",
-        "rev": "766e70fd475cd4d73bd65613d06bbb3dcbb75871",
+        "rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e",
         "type": "github"
       },
       "original": {
@@ -46,11 +46,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1708939976,
-        "narHash": "sha256-O5+nFozxz2Vubpdl1YZtPrilcIXPcRAjqNdNE8oCRoA=",
+        "lastModified": 1713532798,
+        "narHash": "sha256-wtBhsdMJA3Wa32Wtm1eeo84GejtI43pMrFrmwLXrsEc=",
         "owner": "numtide",
         "repo": "devshell",
-        "rev": "5ddecd67edbd568ebe0a55905273e56cc82aabe3",
+        "rev": "12e914740a25ea1891ec619bb53cf5e6ca922e40",
         "type": "github"
       },
       "original": {
@@ -67,11 +67,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1709360582,
-        "narHash": "sha256-fdHoIO3N/NsvyJtRMYDgydduezk0aGBT1/cQSHxy69E=",
+        "lastModified": 1717223092,
+        "narHash": "sha256-ih8NPk3Jn5EAILOGQZ+KS5NLmu6QmwohJX+36MaTAQE=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "f70eee0e38bc2287687c853df9b4ed6f6a028eb0",
+        "rev": "9a025daf6799e3af80b677f0af57ef76432c3fcf",
         "type": "github"
       },
       "original": {
@@ -103,11 +103,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1709126324,
-        "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "d465f4819400de7c8d874d50b982301f28a84605",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
         "type": "github"
       },
       "original": {
@@ -118,15 +118,15 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1709356872,
-        "narHash": "sha256-mvxCirJbtkP0cZ6ABdwcgTk0u3bgLoIoEFIoYBvD6+4=",
-        "owner": "NixOS",
+        "lastModified": 1717157146,
+        "narHash": "sha256-w3lJpTEbvyJsQPsp799eqnlcbTg0zrpeX2wo4DWBOnc=",
+        "owner": "msfjarvis",
         "repo": "nixpkgs",
-        "rev": "458b097d81f90275b3fdf03796f0563844926708",
+        "rev": "65c02d49e592e54e975b42257d26d44524c0b9c8",
         "type": "github"
       },
       "original": {
-        "owner": "NixOS",
+        "owner": "msfjarvis",
         "ref": "nixpkgs-unstable",
         "repo": "nixpkgs",
         "type": "github"
@@ -147,11 +147,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1709318088,
-        "narHash": "sha256-guGsgYj2p2Bzj7GrqdYm5XMrVYVtJ8SUfZZF5OSpXZ0=",
+        "lastModified": 1717169693,
+        "narHash": "sha256-qBruki5NHrSqIw5ulxtwFmVsb6W/aOKOMjsCJjfalA4=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "79e0fee6a30a5f563e9b709cc5959694709e19c4",
+        "rev": "d6d735e6f20ef78b16a79886fe28bd69cf059504",
         "type": "github"
       },
       "original": {

flake.nix

@@ -1,7 +1,7 @@
 {
   description = "adx";
 
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+  inputs.nixpkgs.url = "github:msfjarvis/nixpkgs/nixpkgs-unstable";
 
   inputs.systems.url = "github:msfjarvis/flake-systems";
 
@@ -42,7 +42,7 @@
 
       rustStable = (import fenix {inherit pkgs;}).fromToolchainFile {
         file = ./rust-toolchain.toml;
-        sha256 = "sha256-e4mlaJehWBymYxJGgnbuCObVlqMlQSilZ8FljG9zPHY=";
+        sha256 = "sha256-opUgs6ckUQCyDxcB9Wy51pqhd0MPGHUVbwRKKPGiwZU=";
       };
 
       craneLib = (crane.mkLib pkgs).overrideToolchain rustStable;
@@ -90,9 +90,7 @@
         });
     in {
       checks = {
-        inherit adx adx-clippy adx-fmt adx-nextest;
-        # TODO: Re-enable once https://github.com/NixOS/nixpkgs/issues/288064 is fixed
-        # inherit adx-audit;
+        inherit adx adx-audit adx-clippy adx-fmt adx-nextest;
       };
 
       packages.default = adx;
@@ -110,9 +108,12 @@
         ];
 
         packages = with pkgs; [
+          cargo-dist
           cargo-insta
           cargo-nextest
           cargo-release
+          fenix.packages.${system}.rust-analyzer
+          oranda
           rustStable
           stdenv.cc
         ];

oranda.json

@@ -0,0 +1,23 @@
+{
+  "project": {
+    "name": "adx"
+  },
+  "build": {
+    "path_prefix": "adx"
+  },
+  "components": {
+    "changelog": false,
+    "artifacts": {
+      "auto": true,
+      "package_managers": {
+        "preferred": {
+          "nix flake": "nix profile install github:msfjarvis/adx",
+          "cargo": "cargo install adx --locked --profile=dist"
+        },
+        "additional": {
+          "binstall": "cargo binstall adx"
+        }
+      }
+    }
+  }
+}

rust-toolchain.toml

@@ -1,5 +1,5 @@
 [toolchain]
-channel = "1.76.0"
+channel = "1.78.0"
 components = ["clippy", "rustfmt", "rust-src"]
 targets = ["x86_64-unknown-linux-gnu"]
 profile = "minimal"