fix(ci): add reusable/cargo-deny.yml at expected subdir path#97
Conversation
Consumers reference `uses: KooshaPari/phenotype-tooling/.github/workflows/reusable/cargo-deny.yml@main` but the file only existed at the flat path `reusable-cargo-deny.yml`. Creating the subdir path fixes workflow-parse failures in: - phenoRouterMonitor - phenotype-bus - phenotype-journeys - Authvault - PhenoObservability
|
CodeAnt AI is reviewing your PR. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
|
Note Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported. |
|
Warning Review limit reached
More reviews will be available in 25 minutes and 2 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
✨ Simplify code
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
codeant-ai
Bot
added
the
size:S
|
|
CodeAnt AI finished reviewing your PR. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is ON, but it could not run because the branch was deleted or merged before autofix could start.
Reviewed by Cursor Bugbot for commit 4ab44a5. Configure here.
| - name: Run cargo-deny | ||
| uses: EmbarkStudios/cargo-deny-action@91bf2b620e09e18d6eb78b92e7861937469acedb # v6 | ||
| with: | ||
| rust-version: stable |
There was a problem hiding this comment.
Duplicate reusable workflow without removing original
Low Severity
This new file is a full duplicate of reusable-cargo-deny.yml (only the comment path differs). The internal caller .github/workflows/cargo-deny.yml still references the old flat path, so both copies will coexist. Future updates to one (e.g., bumping action pins or changing the runner) risk not being applied to the other, leading to drift between the two identical workflows.
Reviewed by Cursor Bugbot for commit 4ab44a5. Configure here.
Code Review SummaryStatus: 1 Issue Found (Already Noted) | Recommendation: Note Overview
Issue Details (click to expand)
ObservationThe PR description confirms the duplicate is intentional: both files will be kept to support consumers using either path ( Files Reviewed (1 file)
Reviewed by step-3.7-flash-20260528 · 568,386 tokens |
1 participant
User description
Summary
.github/workflows/reusable/cargo-deny.ymlat the path consumers expectreusable-cargo-deny.ymluses: KooshaPari/phenotype-tooling/.github/workflows/reusable/cargo-deny.yml@main:Test plan
Note
Low Risk
CI-only addition duplicating an existing reusable workflow; no application or security logic changes.
Overview
Adds
.github/workflows/reusable/cargo-deny.ymlso downstream repos canworkflow_callthe path they already reference (…/reusable/cargo-deny.yml@main). The workflow is the same reusable cargo-deny job as the flatreusable-cargo-deny.yml: checkout, stable Rust toolchain, andEmbarkStudios/cargo-deny-action.This unblocks CI in repos that were failing at workflow parse time because the nested path did not exist, without changing the deny steps or permissions (
contents: read).Reviewed by Cursor Bugbot for commit 4ab44a5. Bugbot is set up for automated code reviews on this repo. Configure here.
CodeAnt-AI Description
Make the reusable cargo-deny workflow available at the path downstream repos already use
What Changed
.github/workflows/reusable/cargo-deny.ymlImpact
✅ Fewer CI failures in dependent repos✅ Working cargo-deny runs from the expected workflow path✅ Faster unblock for repos using the shared security check💡 Usage Guide
Checking Your Pull Request
Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.
Talking to CodeAnt AI
Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:
This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.
Example
Preserve Org Learnings with CodeAnt
You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:
This helps CodeAnt AI learn and adapt to your team's coding style and standards.
Example
Retrigger review
Ask CodeAnt AI to review the PR again, by typing:
Check Your Repository Health
To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.