b7966a8538
As someone who has personal projects that take untrusted zips as input, it is important to me to be able to fuzz the zip project to simulate possible inputs and to ensure the projects are not vulnerable. This commit adds a cargo fuzz module for reading and extracting input. The `fuzz` directory was scaffolded with a `cargo fuzz init` I added a CI step to guard against the fuzz module decaying over time.
92 lines
1.8 KiB
YAML
92 lines
1.8 KiB
YAML
name: CI
|
|
|
|
on:
|
|
pull_request:
|
|
push:
|
|
branches:
|
|
- master
|
|
|
|
env:
|
|
RUSTFLAGS: -Dwarnings
|
|
|
|
jobs:
|
|
build_and_test:
|
|
name: Build and test
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macOS-latest, windows-latest]
|
|
rust: [stable, 1.54.0]
|
|
|
|
steps:
|
|
- uses: actions/checkout@master
|
|
|
|
- name: Install ${{ matrix.rust }}
|
|
uses: actions-rs/toolchain@v1
|
|
with:
|
|
toolchain: ${{ matrix.rust }}
|
|
override: true
|
|
|
|
- name: check
|
|
uses: actions-rs/cargo@v1
|
|
with:
|
|
command: check
|
|
args: --all --bins --examples
|
|
|
|
- name: tests
|
|
uses: actions-rs/cargo@v1
|
|
with:
|
|
command: test
|
|
args: --all
|
|
|
|
clippy:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
- uses: actions-rs/toolchain@v1
|
|
with:
|
|
profile: minimal
|
|
toolchain: nightly
|
|
override: true
|
|
components: clippy
|
|
|
|
- name: clippy
|
|
uses: actions-rs/cargo@v1
|
|
with:
|
|
command: clippy
|
|
args: --all-targets --all-features -- -D warnings
|
|
|
|
check_fmt_and_docs:
|
|
name: Checking fmt and docs
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@master
|
|
- uses: actions-rs/toolchain@v1
|
|
with:
|
|
toolchain: nightly
|
|
components: rustfmt, clippy
|
|
override: true
|
|
|
|
- name: fmt
|
|
run: cargo fmt --all -- --check
|
|
|
|
- name: Docs
|
|
run: cargo doc
|
|
|
|
fuzz:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- uses: actions-rs/toolchain@v1
|
|
with:
|
|
profile: minimal
|
|
toolchain: nightly
|
|
override: true
|
|
|
|
- run: cargo install cargo-fuzz
|
|
- name: compile fuzz
|
|
run: |
|
|
cargo fuzz build fuzz_read
|