Commit graph

108 commits

Author SHA1 Message Date
Boxy
28ba87e6c8 CI runs cargo miri test -p bevy_ecs (#4310)
# Objective

Fixes #1529
Run bevy_ecs in miri

## Solution

- Don't set thread names when running in miri rust-lang/miri/issues/1717
- Update `event-listener` to `2.5.2` as previous versions have UB that is detected by miri: [event-listener commit](1fa31c553e)
- Ignore memory leaks when running in miri as they are impossible to track down rust-lang/miri/issues/1481
- Make `table_add_remove_many` test less "many" because miri is really quite slow :)
- Make CI run `RUSTFLAGS="-Zrandomize-layout" MIRIFLAGS="-Zmiri-ignore-leaks -Zmiri-tag-raw-pointers -Zmiri-disable-isolation" cargo +nightly miri test -p bevy_ecs`
2022-03-25 00:26:07 +00:00
MrGVSV
c1a2378790 Add "Changelog" and "Migration Guide" to PR template (#4143)
# Objective

Context: [Discord Discussion](https://discord.com/channels/691052431525675048/745355529777315850/950532143325519902)

Improve the PR template by adding "Changelog" and "Migration Guide" sections. These sections should hopefully help speed up the review/merge process, as well as help make release notes and migration guides.

## Solution

Added the "Changelog" section template which suggests listing out the changes of the PR. This also acts as a sort of tl;dr for reviewers (especially for larger PRs).

Added the "Migration Guide" section template which suggests describing how a user might need to migrate their codebase to account for the changes by the PR. This also helps authors/contributors keep the end-user in mind when adding or changing the API.

Both sections are optional— an author does not _need_ to fill these out. Hopefully they will, though, as it provides a handful of really great benefits.

Co-authored-by: MrGVSV <49806985+MrGVSV@users.noreply.github.com>
2022-03-16 20:48:42 +00:00
François
026563cb1e Deploy dev docs - install dependencies (#4222)
# Objective

- #3535 introduced deploying docs without installing dependencies
- https://github.com/bevyengine/bevy/runs/5562769081?check_suite_focus=true

## Solution

- copied 6ff17eaab8/.github/workflows/ci.yml (L270-L271)
2022-03-16 02:08:25 +00:00
François
6ff17eaab8 Deploy dev docs - fix sed command (#4221)
# Objective

- #3535 introduced deploying docs with an error in sed command

## Solution

- fix sed command
- make the command cross platform
2022-03-15 23:52:44 +00:00
James Liu
e020c57211 Add automatic docs deployment to GitHub Pages (#3535)
# Objective

Partially address #407 by setting up automated deployments of `bevy`'s API reference to GitHub Pages.

## Solution

Set up a GitHub Actions workflow that builds the docs on every push to `main` and pushes a new commit to a `gh-pages` (or `docs` branch).

A few smaller additions to better address #407:

 - A top level redirect was added to take "docs.bevyengine.org" directly to the `bevy` crate docs.
 - A GitHub Pages CNAME file for supporting a publicly viewable domain instead of `github.io`
 - A robots.txt file is added to disable all search engine crawlers that respect it from crawling it (avoid having conflicting Google search results)
 - A .nojekyl file to speed up deployments since there is no Jekyll templating in the output.

This may require configuration of the  `GITHUB_TOKEN` of the CI to successfully run this.

## Followup

For this to completely resolve #407, a subdomain of https://bevyengine.org/ needs to be set up to point to the CNAME location. This is initially set to "dev-docs.bevyengine.org".

Co-authored-by: Carter Anderson <mcanders1@gmail.com>
2022-03-15 23:00:49 +00:00
dependabot[bot]
fb02b84224 Bump actions/checkout from 2 to 3 (#4136)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Update default runtime to node16</li>
</ul>
<h2>v2.4.0</h2>
<ul>
<li>Convert SSH URLs like <code>org-&lt;ORG_ID&gt;@github.com:</code> to <code>https://github.com/</code> - <a href="https://github-redirect.dependabot.com/actions/checkout/pull/621">pr</a></li>
</ul>
<h2>v2.3.5</h2>
<p>Update dependencies</p>
<h2>v2.3.4</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/379">Add missing <code>await</code>s</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/360">Swap to Environment Files</a></li>
</ul>
<h2>v2.3.3</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/345">Remove Unneeded commit information from build logs</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/326">Add Licensed to verify third party dependencies</a></li>
</ul>
<h2>v2.3.2</h2>
<p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/320">Add Third Party License Information to Dist Files</a></p>
<h2>v2.3.1</h2>
<p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></p>
<h2>v2.3.0</h2>
<p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></p>
<h2>v2.2.0</h2>
<p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></p>
<h2>v2.1.1</h2>
<p>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</p>
<h2>v2.1.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/191">Group output</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/199">Changes to support GHES alpha release</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/184">Persist core.sshCommand for submodules</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/163">Add support ssh</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/179">Convert submodule SSH URL to HTTPS, when not using SSH</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/157">Add submodule support</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/144">Follow proxy settings</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/141">Fix ref for pr closed event when a pr is merged</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/128">Fix issue checking detached when git less than 2.22</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v2.3.1</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li>
</ul>
<h2>v2.3.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</li>
</ul>
<h2>v2.1.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/191">Group output</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/199">Changes to support GHES alpha release</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/184">Persist core.sshCommand for submodules</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/163">Add support ssh</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/179">Convert submodule SSH URL to HTTPS, when not using SSH</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/157">Add submodule support</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/144">Follow proxy settings</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/141">Fix ref for pr closed event when a pr is merged</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/128">Fix issue checking detached when git less than 2.22</a></li>
</ul>
<h2>v2.0.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/108">Do not pass cred on command line</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/107">Add input persist-credentials</a></li>
<li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/104">Fallback to REST API to download repo</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a12a3943b4"><code>a12a394</code></a> update readme for v3 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/708">#708</a>)</li>
<li><a href="8f9e05e482"><code>8f9e05e</code></a> Update to node 16 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/689">#689</a>)</li>
<li><a href="230611dbd0"><code>230611d</code></a> Change secret name for PAT to not start with GITHUB_ (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/623">#623</a>)</li>
<li>See full diff in <a href="https://github.com/actions/checkout/compare/v2...v3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2022-03-08 00:46:07 +00:00
dependabot[bot]
a88a59c9e1 Bump actions/upload-artifact from 1 to 3 (#4135)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update default runtime to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li>
<li>Update package-lock.json file version to 2 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li>
</ul>
<h3>Breaking Changes</h3>
<p>With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.</p>
<h2>v2.3.1</h2>
<p>Fix for empty fails on Windows failing on upload <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/281">#281</a></p>
<h2>v2.3.0 Upload Artifact</h2>
<ul>
<li>Optimizations for faster uploads of larger files that are already compressed</li>
<li>Significantly improved logging when there are chunked uploads</li>
<li>Clarifications in logs around the upload size and prohibited characters that aren't allowed in the artifact name or any uploaded files</li>
<li>Various other small bugfixes &amp; optimizations</li>
</ul>
<h2>v2.2.4</h2>
<ul>
<li>Retry on HTTP 500 responses from the service</li>
</ul>
<h2>v2.2.3</h2>
<ul>
<li>Fixes for proxy related issues</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Improved retryability and error handling</li>
</ul>
<h2>v2.2.1</h2>
<ul>
<li>Update used actions/core package to the latest version</li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li>Support for artifact retention</li>
</ul>
<h2>v2.1.4</h2>
<ul>
<li>Add Third Party License Information</li>
</ul>
<h2>v2.1.3</h2>
<ul>
<li>Use updated version of the <code>@action/artifact</code> NPM package</li>
</ul>
<h2>v2.1.2</h2>
<ul>
<li>Increase upload chunk size from 4MB to 8MB</li>
<li>Detect case insensitive file uploads</li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Fix for certain symlinks not correctly being identified as directories before starting uploads</li>
</ul>
<h2>v2.1.0</h2>
<ul>
<li>Support for uploading artifacts with multiple paths</li>
<li>Support for using exclude paths</li>
<li>Updates to dependencies</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6673cd052c"><code>6673cd0</code></a> Update <code>lockfileVersion</code> in <code>package-lock.json</code> (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li>
<li><a href="2244c82003"><code>2244c82</code></a> Update to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li>
<li><a href="87348cee5f"><code>87348ce</code></a> Add 503 warning when uploading to the same artifact</li>
<li><a href="82c141cc51"><code>82c141c</code></a> Bump <code>@​actions/artifact</code> to version 0.6.1 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/286">#286</a>)</li>
<li><a href="da838ae959"><code>da838ae</code></a> Bump <code>@​actions/artifact</code> to version 0.6.0 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/280">#280</a>)</li>
<li><a href="f4ac36d205"><code>f4ac36d</code></a> Improve readme (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/278">#278</a>)</li>
<li><a href="5f375cca4b"><code>5f375cc</code></a> Document how to correctly use environment variables for path input (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/274">#274</a>)</li>
<li><a href="a009a66585"><code>a009a66</code></a> Create release-new-action-version.yml (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/277">#277</a>)</li>
<li><a href="b9bb65708e"><code>b9bb657</code></a> Bump tmpl from 1.0.4 to 1.0.5 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/250">#250</a>)</li>
<li><a href="0b3de3e43b"><code>0b3de3e</code></a> Fix <code>README.md</code> links and some formatting updates (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/273">#273</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v1...v3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=1&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2022-03-08 00:46:06 +00:00
dependabot[bot]
ce871d16fa Bump actions/labeler from 3 to 4 (#4134)
Bumps [actions/labeler](https://github.com/actions/labeler) from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/labeler/releases">actions/labeler's releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/labeler/pull/319"> Update to node 16 runtime</a></li>
</ul>
<h2>v3.1.0</h2>
<p>Dependency upgrades, docs updates, and behind-the-scenes maintenance.</p>
<p>See the full list of changes since 3.0.2 here: <a href="https://github.com/actions/labeler/compare/v3.0.2...v3.1.0">https://github.com/actions/labeler/compare/v3.0.2...v3.1.0</a></p>
<p>Thanks to <a href="https://github.com/GisoBartels"><code>@​GisoBartels</code></a> and <a href="https://github.com/Muhammed-Rahif"><code>@​Muhammed-Rahif</code></a> for their contributions!</p>
<h2>v3.0.2</h2>
<p>No API changes, but lots of behind-the-scenes upgrades, mostly to internal dependencies, tooling, and surrounding infrastructure.</p>
<h2>v3.0.1</h2>
<p>No user-facing changes.</p>
<p>That said, there were more than enough behind-the-scenes changes to warrant a new release: <a href="https://github.com/actions/labeler/compare/v3.0.0...v3.0.1">https://github.com/actions/labeler/compare/v3.0.0...v3.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9fd24f1f9d"><code>9fd24f1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/labeler/issues/334">#334</a> from actions/thboop/updatetov4</li>
<li><a href="abae52fa24"><code>abae52f</code></a> Update to new v4 release</li>
<li><a href="e1132f5ed5"><code>e1132f5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/labeler/issues/319">#319</a> from actions/thboop/node16update</li>
<li><a href="b0cc574b25"><code>b0cc574</code></a> Update build_test.yml</li>
<li><a href="c48e531900"><code>c48e531</code></a> Update default runtime to node16</li>
<li>See full diff in <a href="https://github.com/actions/labeler/compare/v3...v4">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/labeler&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2022-03-08 00:46:05 +00:00
Alice Cecile
c44f8b2b68 Run tests (including doc tests) in cargo run -p ci command (#3849)
# Objective

- Using the `cargo run -p ci` command locally is unreliable, as it does not run tests.
- This is particularly unreliable for doc tests, as they are not run as part of `cargo test`.

## Solution

- add more steps to the appropriate Rust file.

## Known Problems

This duplicates work done to run tests when run on Github. @mockersf, suggestions on if we care / how we can mitigate it?
2022-02-03 04:25:45 +00:00
KDecay
506642744c docs: Fix private doc links and enable CI test (#3743)
# Objective

Fixes #3566

## Solution

- [x] Fix broken links in private docs.
- [x] Add the `--document-private-items` flag to the CI.

## Note

The following was said by @killercup in #3566:

> I don't have time to confirm this but I assume that linking to private items throws an error/warning when just running cargo doc, and --document-private-item might actually hide that warning. So to test this, you'd have to run it twice.

I tested this and this is thankfully not the case. If you are linking to a private item you will get a warning no matter if you run `cargo doc` or `cargo doc --document-private-items`.

### Example

I added `struct Test;` to `bevy_core/src/name.rs` and linked to it inside of a doc comment using ``[`Test`]``. After that I ran `cargo doc -p bevy_core --document-private-items` using `RUSTDOCFLAGS="-D warnings"` and got the following output (note the last sentence):

```rust
error: public documentation for `Name` links to private item `Test`
  --> crates/bevy_core/src/name.rs:11:82
   |
11 | /// Component used to identify an entity. Stores a hash for faster comparisons [`Test`]
   |                                                                                  ^^^^ this item is private
   |
   = note: `-D rustdoc::private-intra-doc-links` implied by `-D warnings`
   = note: this link resolves only because you passed `--document-private-items`, but will break without
```
2022-02-02 21:47:29 +00:00
Igor Shaposhnik
a3e43b6abe Remove cargo-lipo from iOS ci job (#3671)
# Objective

`cargo-lipo` no more required since #3109 merged. Also remove unused `x11` feature from example.
2022-01-17 21:43:44 +00:00
KDecay
71814ca91b Added API guidelines to CONTRIBUTING.md (#3646)
Closes #3497.

I added the rust API guidelines (https://rust-lang.github.io/api-guidelines/about.html) to the `CONTRIBUTING.md` file. 

## Note
As noted in #3497 we should note any areas where we deliberately disagree as they arise. If we start adding these areas it might be a good idea to remove the mention of the `API guidelines` in the `CONTRIBUTING.md` file and move it to the `engine_style_guide.md`. That way we still have the connection between the `CONTRIBUTING.md` and the `API guidelines`, but we have more "space" to work with and can go into more detail about what we agree and disagree on. 

For now I would leave it this way, because it's one less click to get to the guidelines.

Co-authored-by: KDecay <KDecayMusic@protonmail.com>
2022-01-16 02:40:25 +00:00
Alice Cecile
6bc5c60986 Remove tests from example style guide (#3582)
# Objective

- Consensus has emerged that examples shouldn't have tests.

## Solution

- Discourage tests in examples.
2022-01-10 00:00:19 +00:00
François
363bdf78dc Re-enable nightly checks and add new dependency duplicate (#3525)
# Objective

- Nightly checks where disabled because of a bug in Rust
- Dependency checks are failing because of a new duplicate

## Solution

- Now that https://github.com/rust-lang/rust/pull/92175 has been merged, re-enable nightly checks
- Add the new duplicate dependency to the known list
- Removed `Inflector` dependency as it's not used anymore


Co-authored-by: François <8672791+mockersf@users.noreply.github.com>
2022-01-02 20:18:53 +00:00
Carter Anderson
08b5234582 Disable nightly rust checks for bors (#3427)
This is a temporary measure while we wait for https://github.com/rust-lang/rust/issues/92163 to be resolved.
2021-12-24 01:11:51 +00:00
François
6a0008f3d3 Fix doc warnings (#3339)
# Objective

- There are a few warnings when building Bevy docs for dead links
- CI seems to not catch those warnings when it should

## Solution

- Enable doc CI on all Bevy workspace
- Fix warnings
- Also noticed plugin GilrsPlugin was not added anymore when feature was enabled


First commit to check that CI would actually fail with it: https://github.com/bevyengine/bevy/runs/4532652688?check_suite_focus=true

Co-authored-by: François <8672791+mockersf@users.noreply.github.com>
2021-12-18 00:09:23 +00:00
François
e677755c5e CI: use lavapipe instead of swiftshader when running examples (#3358)
# Objective

- fixes #3344
- have example run faster

## Solution

- thanks to the nice folks at wgpu, I was able to switch from swift shader to lavapipe which is faster
- I also reduced the runtime for some of the examples
- I enabled the trace_chrome feature on the examples, and stored the results as an artefact. it can be useful to debug
- runtime is back to around 10 minutes


Co-authored-by: François <8672791+mockersf@users.noreply.github.com>
2021-12-17 23:58:09 +00:00
Carter Anderson
ffecb05a0a Replace old renderer with new renderer (#3312)
This makes the [New Bevy Renderer](#2535) the default (and only) renderer. The new renderer isn't _quite_ ready for the final release yet, but I want as many people as possible to start testing it so we can identify bugs and address feedback prior to release.

The examples are all ported over and operational with a few exceptions:

* I removed a good portion of the examples in the `shader` folder. We still have some work to do in order to make these examples possible / ergonomic / worthwhile: #3120 and "high level shader material plugins" are the big ones. This is a temporary measure.
* Temporarily removed the multiple_windows example: doing this properly in the new renderer will require the upcoming "render targets" changes. Same goes for the render_to_texture example.
* Removed z_sort_debug: entity visibility sort info is no longer available in app logic. we could do this on the "render app" side, but i dont consider it a priority.
2021-12-14 03:58:23 +00:00
François
92a7e16aed Update dependencies ron winit& fix cargo-deny lists (#3244)
# Objective

- there are a few new versions for `ron`, `winit`, `ndk`, `raw-window-handle`
- `cargo-deny` is failing due to new security issues / duplicated dependencies

## Solution

- Update our dependencies
- Note all new security issues, with which of Bevy direct dependency it comes from
- Update duplicate crate list, with which of Bevy direct dependency it comes from

`notify` is not updated here as it's in #2993
2021-12-09 20:14:00 +00:00
Carter Anderson
32c14d8c6b Ignore reddit when checking markdown links (#3223)
Reddit regularly blocks CI requests (ex: 403s), causing disruptions. It is better to just not check.
2021-11-29 20:55:12 +00:00
Yoh Deadfall
ffde86efa0 Update to edition 2021 on master (#3028)
Objective
During work on #3009 I've found that not all jobs use actions-rs, and therefore, an previous version of Rust is used for them. So while compilation and other stuff can pass, checking markup and Android build may fail with compilation errors.

Solution
This PR adds `action-rs` for any job running cargo, and updates the edition to 2021.
2021-10-27 00:12:14 +00:00
Niklas Eicker
391d6c6cb2 Label PRs for all target branches (#2701)
# Objective

- All new PRs should get the "S-Needs-Triage" label. But at the moment we for example are getting quite a few PRs to the new renderer branch that do not get the label.

## Solution

- Remove the required target "main" from the workflow
- Also removed configuration for not needed functionality of the labeler action (see [docs](https://github.com/actions/labeler#inputs))
2021-09-04 19:05:23 +00:00
François
f6b42b8669 check that benches build (#2675)
# Objective

- Fixes #2674 
- Check that benches build

## Solution

- Adds a job that runs `cargo check --benches`


Co-authored-by: Carter Anderson <mcanders1@gmail.com>
2021-08-26 00:40:56 +00:00
Alice Cecile
d59fc076e8 Comprehensive CONTRIBUTING.md (#2040)
[**RENDERED**](https://github.com/alice-i-cecile/bevy/blob/better-contributing/CONTRIBUTING.md)

Improves #910. As discussed in #1309, we'll need to synchronize content between this and the Bevy website in some way (and clean up the .github file perhaps?).

I think doing it as a root-directory file is nicer for discovery, but that's a conversation I'm interested in having.

This document is intended to be helpful to beginners to open source and Bevy, and captures what I've learned about our informal practices and values.

Reviewers: I'm particularly interested in:
- opinions on the items **What we're trying to build**, where I discuss some of the project's high-level values and goals
- more relevant details on the `bevy` subcrates for **Getting oriented**
- useful tricks and best practices that I missed
- better guidance on how to contribute to the Bevy book from @cart <3
2021-08-14 19:21:36 +00:00
MinerSebas
90586a4c46 Add "ci" job to the bors.toml (#2612)
# Objective

- #2551 revamped our CI setup which included running clippy and rustfmt in another Job.
- This new Job wasn't added to the bors.toml, which means that PRs would be accepted that didn't run them.

## Solution

- Add the "ci" job to the bors.toml
2021-08-06 22:00:16 +00:00
François
d3ae816e3e Ci stability and speed improvements (#2551)
# Objective

- There are a few random failures in CI, mostly due to contacting crates.io or checking for deadlinks
- CI can take some time, more than 20 minutes for a full status
- A clippy/format issue stops running tests on other platforms


## Solution

- Use GitHub cache for cargo artefacts
  - This speeds up builds and reduce dependencies on outside world
- Reorder and add dependencies between short jobs. They are still setup to run even if one of the dependency failed
  - This reduce the number of parallel jobs that are running for one PR. On GitHub free tier, we're limited to 20.
- Split CI checks (format & clippy) in its own job
  - This speeds up test jobs, and allow us to not kill all platform tests for a format issue
- Retry in case of dead links check failure
  - Internet is just that kind of place where things may seem dead at some point but back alive 5 seconds later

## Before

<img width="1062" alt="Screenshot 2021-07-27 at 01 18 52" src="https://user-images.githubusercontent.com/8672791/127071973-9a2c5ce8-c871-4f8d-9b17-08871824b6c4.png">

## After (with all cache live)

<img width="1063" alt="Screenshot 2021-07-27 at 01 18 28" src="https://user-images.githubusercontent.com/8672791/127071986-767a7e65-53ed-45fd-8d75-51a571f0b851.png">
2021-07-27 02:01:11 +00:00
François
5583f9a3bc Android uninstall 31 (#2533)
# Objective

- Related to #2514 - not sure if it's a proper fix long term
- CI was complaining Error: Path `"/usr/local/lib/android/sdk/ndk-bundle/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android31-clang"` was not found
- A lot of questions started popping up 10 days ago about ["android build tools 31 corrupted"](https://www.google.com/search?q=android+build+tools+31+corrupted)
  - https://stackoverflow.com/questions/68387270/android-studio-error-installed-build-tools-revision-31-0-0-is-corrupted
- Uninstalling `"build-tools;31.0.0"` doesn't seem to work, as it removes other components even though `"build-tools;30.0.3"` are available


## Solution

- Uninstalling `"platforms;android-31"` seems to do the trick and `cargo-apk` stops trying to target `...31`

Android is not my thing, this solution was found with a lot of trials and errors. I am not sure how long term it is, I don't know the release schedule of android build tools, or if we need to target this 31 thing. I just wanted to stop all those failed ci everywhere...
2021-07-26 00:22:42 +00:00
Carter Anderson
e167a1d9cf Relicense Bevy under the dual MIT or Apache-2.0 license (#2509)
This relicenses Bevy under the dual MIT or Apache-2.0 license. For rationale, see #2373.

* Changes the LICENSE file to describe the dual license. Moved the MIT license to docs/LICENSE-MIT. Added the Apache-2.0 license to docs/LICENSE-APACHE. I opted for this approach over dumping both license files at the root (the more common approach) for a number of reasons:
  * Github links to the "first" license file (LICENSE-APACHE) in its license links (you can see this in the wgpu and rust-analyzer repos). People clicking these links might erroneously think that the apache license is the only option. Rust and Amethyst both use COPYRIGHT or COPYING files to solve this problem, but this creates more file noise (if you do everything at the root) and the naming feels way less intuitive. 
  * People have a reflex to look for a LICENSE file. By providing a single license file at the root, we make it easy for them to understand our licensing approach. 
  * I like keeping the root clean and noise free
  * There is precedent for putting the apache and mit license text in sub folders (amethyst) 
* Removed the `Copyright (c) 2020 Carter Anderson` copyright notice from the MIT license. I don't care about this attribution, it might make license compliance more difficult in some cases, and it didn't properly attribute other contributors. We shoudn't replace it with something like "Copyright (c) 2021 Bevy Contributors" because "Bevy Contributors" is not a legal entity. Instead, we just won't include the copyright line (which has precedent ... Rust also uses this approach).
* Updates crates to use the new "MIT OR Apache-2.0" license value
* Removes the old legion-transform license file from bevy_transform. bevy_transform has been its own, fully custom implementation for a long time and that license no longer applies.
* Added a License section to the main readme
* Updated our Bevy Plugin licensing guidelines.

As a follow-up we should update the website to properly describe the new license.

Closes #2373
2021-07-23 21:11:51 +00:00
François
2c28331297 disable bors check on android (#2513)
# Objective

- CI is failing because of an android issue
- This is blocking bors

## Solution

- Bors can ignore android failures
- Keep android job in CI to check its status

I'm not android enough to debug this one, this is a temp fix until someone knows how to fix it or it get fixed by itself with updates?
2021-07-21 20:31:46 +00:00
Daniel McNab
c9c322e820 Relicense bors checks (#2493)
# Objective

Currently we can sometimes allow PRs by people who haven't agreed to the relicense to get merged into main.

E.g. https://github.com/bevyengine/bevy/pull/2445

## Solution

This adds a check to ensure that this doesn't happen, by ensuring that bors doesn't relicense said PRs.

As a bonus, it also adds config to automatically label new PRs as needing checking, to ensure that we do the verification until we merge the new license.
2021-07-17 18:56:56 +00:00
François
de0d459618 add check for unused dependencies (#2461)
# Objective

- Unused dependencies are bad

## Solution

- Add check for unused dependencies with https://github.com/est31/cargo-udeps - #2455
2021-07-16 01:38:41 +00:00
dependabot[bot]
98f5fafb4e Bump gaurav-nelson/github-action-markdown-link-check from 1.0.12 to 1.0.13 (#2452)
Bumps [gaurav-nelson/github-action-markdown-link-check](https://github.com/gaurav-nelson/github-action-markdown-link-check) from 1.0.12 to 1.0.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/gaurav-nelson/github-action-markdown-link-check/releases">gaurav-nelson/github-action-markdown-link-check's releases</a>.</em></p>
<blockquote>
<h2>1.0.13</h2>
<p>Main changes:</p>
<ul>
<li>Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/111">#111</a> from gaurav-nelson/mlc@3.8.7 (9710f0f)</li>
<li>Update to markdown-link-check version 3.8.7 (7a77bd1)</li>
</ul>
<p>Other minor updates:</p>
<ul>
<li>Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/107">#107</a> from petethepig/patch-1 (95ffb9c)</li>
<li>Adds pyroscope to the list of happy users (2df45f2)</li>
<li>Fixed usage examples (cc3343e)</li>
<li>Buy me a coffee (24cd99c)</li>
<li>Remove treeware badge (f0656de)</li>
<li>Add netdata sample (2579500)</li>
<li>Update README, fixed LICENSE (4d5a901)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9710f0fec8"><code>9710f0f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/111">#111</a> from gaurav-nelson/mlc@3.8.7</li>
<li><a href="7a77bd14cc"><code>7a77bd1</code></a> Update to markdown-link-check version 3.8.7</li>
<li><a href="95ffb9cc0e"><code>95ffb9c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/107">#107</a> from petethepig/patch-1</li>
<li><a href="2df45f2890"><code>2df45f2</code></a> Adds pyroscope to the list of happy users</li>
<li><a href="cc3343e7a6"><code>cc3343e</code></a> Fixed usage examples</li>
<li><a href="24cd99c2f8"><code>24cd99c</code></a> Buy me a coffee</li>
<li><a href="f0656de48f"><code>f0656de</code></a> Remove treeware badge</li>
<li><a href="2579500287"><code>2579500</code></a> Add netdata sample</li>
<li><a href="4d5a901466"><code>4d5a901</code></a> Update README, fixed LICENSE</li>
<li>See full diff in <a href="0fe4911067...9710f0fec8">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gaurav-nelson/github-action-markdown-link-check&package-manager=github_actions&previous-version=1.0.12&new-version=1.0.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2021-07-13 22:12:22 +00:00
Carter Anderson
927a2574fa
new labels: feature request 2021-07-13 13:29:05 -07:00
Carter Anderson
59042a9024
Update docs_improvement.md 2021-07-13 13:28:28 -07:00
Carter Anderson
db50a8db1c
new labels: bug report 2021-07-13 13:28:05 -07:00
Carter Anderson
71d5702fe4
label config: change needs-triage to S-Needs-Triage 2021-07-13 13:27:14 -07:00
Carter Anderson
8c8bd3b41f
dependabot: use new C-Dependencies label 2021-07-13 12:51:48 -07:00
François
7854be7c10 update to major version 3 of action labeler (#2340)
# Objective

- update action labeler

## Solution

- Update to major version to not get notification update of every patch.
- Replace #2338.
2021-06-26 01:53:10 +00:00
MinerSebas
39271f24d2 Exclude some Branches from running CI (#2344)
# Objective

#2230 allowed the CI to run on every Branch of this Repo.
But some Branches should not actually run the CI, which wastes the available capacity of CI runners.

### staging-squash-merge.tmp

This Branch is used by Bors when squashing a PR. 
CI shouldn't need to run here, as the actual verification happens in the staging branch

![ci](https://user-images.githubusercontent.com/66798382/122072006-82ccad00-cdf7-11eb-84c8-29356594180d.PNG)
![ci2](https://user-images.githubusercontent.com/66798382/122072030-85c79d80-cdf7-11eb-8c30-2e3088d47285.png)

### dependabot/**

Dependabot creates its branches in this Repo, which causes the CI to run twice on the same commit
![ci3](https://user-images.githubusercontent.com/66798382/122072345-c6bfb200-cdf7-11eb-8de6-3ffcbf641631.PNG)


## Solution

Exclude those branches from running CI.
2021-06-22 07:59:37 +00:00
Nathan Ward
21330a7217 fix automated pr labeling (#2316)
# Objective

- the PR labeler workflow will always add the `needs-traige` label to every pull request event

## Solution

- Limit this workflow to only be on the `opened` event
2021-06-07 22:37:12 +00:00
Nathan Ward
17877e8aaa Automated PR labeling (#2301)
# Objective

- Currently only issues automatically have labels assigned to them on creation.
- The enables pull requests to have the same functionality and currently only adds the `needs-triage` label to all PRs.

## Solution

- Integrate `actions/labeler@v2` into the github workflows to automatically tag PRs.
- Add a `label-config.yml` file that specifies how PRs should be labeled.
2021-06-07 20:53:27 +00:00
Nathan Ward
c4b8210a7c Add PR Template (#2272)
This is a first step at addressing #2256 via adding a pr template.
2021-06-02 21:07:56 +00:00
dependabot[bot]
fd9e487026 Bump actions/cache from 2.1.5 to 2.1.6 (#2284)
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.5 to 2.1.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p>
<blockquote>
<h2>v2.1.6</h2>
<ul>
<li>Catch unhandled &quot;bad file descriptor&quot; errors that sometimes occurs when the cache server returns non-successful response (<a href="https://github-redirect.dependabot.com/actions/cache/pull/596">actions/cache#596</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c64c572235"><code>c64c572</code></a> Catch and log unhandled exceptions stemming from closed file descriptor (<a href="https://github-redirect.dependabot.com/actions/cache/issues/596">#596</a>)</li>
<li><a href="cc2d767a72"><code>cc2d767</code></a> Update Rust directories recommended for caching (<a href="https://github-redirect.dependabot.com/actions/cache/issues/433">#433</a>)</li>
<li><a href="2fa955d825"><code>2fa955d</code></a> Update examples.md (<a href="https://github-redirect.dependabot.com/actions/cache/issues/588">#588</a>)</li>
<li><a href="3a696372f2"><code>3a69637</code></a> elixir typo - stray parenthesis (<a href="https://github-redirect.dependabot.com/actions/cache/issues/569">#569</a>)</li>
<li><a href="366e5ba022"><code>366e5ba</code></a> Update cache key for Elixir (<a href="https://github-redirect.dependabot.com/actions/cache/issues/568">#568</a>)</li>
<li><a href="8d3f2fc3ce"><code>8d3f2fc</code></a> Update dependencies (<a href="https://github-redirect.dependabot.com/actions/cache/issues/565">#565</a>)</li>
<li>See full diff in <a href="https://github.com/actions/cache/compare/v2.1.5...v2.1.6">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=2.1.5&new-version=2.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2021-06-01 20:06:33 +00:00
François
22eddfcc55 update super-linter to v4 (#2286)
replaces #2285 

* bump to major release v4 instead of specifying patch
* use slim image (https://github.com/github/super-linter#slim-image) - doesn't have rust linters but we don't use them anyway
2021-06-01 01:01:20 +00:00
Andreas Weibye
44f64a32f4 CI - Check that examples are listed in README and Cargo (#1650)
Closes #1581 

# Internal File/Link Consistency checker Action

This pull request adds an action to the CI that parses the [`./examples`](https://github.com/bevyengine/bevy/tree/main/examples) folder for files and cross references that with the links listed in [`README.md`](https://github.com/bevyengine/bevy/blob/main/examples/README.md) and [`Cargo.toml`](https://github.com/bevyengine/bevy/blob/main/Cargo.toml) to ensure the documentation actually reflects the examples currently in the repo. 

The primary reason for why we want this, is to prevent people from adding new examples but forgetting to also list them in the docs, or accidentally entering broken links (typos in docs).

For details on how the action is working: [Check out the README here](https://github.com/Weibye/action-internal-link-consistency/blob/main/README.md)

Co-authored-by: Andreas Weibye <13300393+Weibye@users.noreply.github.com>
2021-05-30 18:14:58 +00:00
François
bec323e2e2 remove branch constraints in CI (#2230)
Remove branch constraints from CI

This will let CI run on:
- fork branches before a PR is opened
- this repo branches if we start using them (😉 relations 😉 )
2021-05-23 19:51:34 +00:00
François
177f2fbf9a enable cargo deny (#2101)
https://github.com/EmbarkStudios/cargo-deny
cargo-deny is a tool that can issue errors for dependency issues, among other:
* security issues in a crate
* duplicated dependencies with different versions
* unauthorised license

Added cargo-deny with an opinionated configuration:
* No middle ground with warnings, either allow or deny
* Not added to Bors, we probably don't want to block a PR on something that may happen from outside
* Different github workflow than CI to run only when Cargo.toml files are changed, or on a schedule
* Each check in its own job to help readability
* Initial config makes Bevy pass all check

Pushing a first commit with commented config to show errors
2021-05-17 23:07:18 +00:00
Carter Anderson
0c096d30ee remove minor and patch version from superlinter (#2203)
Removes the superlinter patch version to prevent large amounts of dependabot pull request noise.
2021-05-17 20:52:17 +00:00
dependabot[bot]
b23b23aab4 Bump github/super-linter from v3.16.2 to v3.17.0 (#2136)
Bumps [github/super-linter](https://github.com/github/super-linter) from v3.16.2 to v3.17.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="28cfebb84f"><code>28cfebb</code></a> Updating action.yml with new release version</li>
<li><a href="5d2ea81f00"><code>5d2ea81</code></a> Cpp (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1492">#1492</a>)</li>
<li><a href="1a00fc3790"><code>1a00fc3</code></a> adding fixes (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1516">#1516</a>)</li>
<li><a href="d7894a51ec"><code>d7894a5</code></a> Bump <code>@​coffeelint/cli</code> from 4.1.4 to 4.1.5 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1514">#1514</a>)</li>
<li><a href="e0b8b12556"><code>e0b8b12</code></a> Bump ansible-lint from 5.0.7 to 5.0.8 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1515">#1515</a>)</li>
<li><a href="ddd818393f"><code>ddd8183</code></a> Updating action.yml with new release version (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1512">#1512</a>)</li>
<li><a href="72cbbfc4e5"><code>72cbbfc</code></a> Inspec additional Tests (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1497">#1497</a>)</li>
<li><a href="1482ca9ffc"><code>1482ca9</code></a> Bump stylelint from 13.13.0 to 13.13.1 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1506">#1506</a>)</li>
<li><a href="d838a98736"><code>d838a98</code></a> Bump accurics/terrascan from 1.4.0 to 1.5.1 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1505">#1505</a>)</li>
<li><a href="2607e40749"><code>2607e40</code></a> Bump typing-extensions from 3.7.4.3 to 3.10.0.0 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1507">#1507</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/github/super-linter/compare/v3.16.2...28cfebb84fd6dd9e8773b5efe5ac0f8f3714f228">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2021-05-14 18:45:30 +00:00
dependabot[bot]
5c0117f495 Bump github/super-linter from v3.15.5 to v3.16.2 (#2085)
Bumps [github/super-linter](https://github.com/github/super-linter) from v3.15.5 to v3.16.2.
<details>
<summary>Commits</summary>
<ul>
<li><a href="9af8775d57"><code>9af8775</code></a> Updating action.yml with new release version</li>
<li><a href="903d730a21"><code>903d730</code></a> Bump Actions-R-Us/actions-tagger from v2.0.1 to v2.0.2 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1419">#1419</a>)</li>
<li><a href="58bdaecbcc"><code>58bdaec</code></a> update Terrascan to version 1.4.0 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1422">#1422</a>)</li>
<li><a href="e63d4fddae"><code>e63d4fd</code></a> Bump typescript from 4.2.3 to 4.2.4 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1435">#1435</a>)</li>
<li><a href="cb5739adde"><code>cb5739a</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1449">#1449</a>)</li>
<li><a href="d1e7a0c06b"><code>d1e7a0c</code></a> Bump koalaman/shellcheck from v0.7.1 to v0.7.2 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1462">#1462</a>)</li>
<li><a href="6470e178cd"><code>6470e17</code></a> Bump alpine/terragrunt from 0.14.7 to 0.15.0 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1501">#1501</a>)</li>
<li><a href="acc6e9a583"><code>acc6e9a</code></a> Bump <code>@​typescript-eslint/parser</code> from 4.19.0 to 4.22.0 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1450">#1450</a>)</li>
<li><a href="09c5be9abe"><code>09c5be9</code></a> Bump cljkondo/clj-kondo from 2021.03.22-alpine to 2021.04.23-alpine (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1474">#1474</a>)</li>
<li><a href="8e6a4e4a59"><code>8e6a4e4</code></a> Bump immer from 9.0.1 to 9.0.2 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1498">#1498</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/github/super-linter/compare/v3.15.5...9af8775d57172a12690483045b6b261d3520b7f1">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2021-05-03 20:56:57 +00:00