fj/.forgejo/workflows/ci.yml

name: ci

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  check:
    runs-on: docker
    container:
      image: rust:1.95-bookworm
    steps:
      - name: checkout
        uses: actions/checkout@v4

      - name: cache cargo
        uses: actions/cache@v4
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            target
          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
          restore-keys: |
            ${{ runner.os }}-cargo-

      - name: install components
        run: |
          rustup component add rustfmt clippy

      - name: cargo fmt
        run: cargo fmt --all -- --check

      - name: cargo clippy
        run: cargo clippy --all-targets --all-features -- -D warnings

      - name: cargo test
        run: cargo test --all --locked --no-fail-fast

      - name: cargo build --release
        run: cargo build --release --locked

      - name: smoke-check binary
        run: |
          ./target/release/fj --version
          ./target/release/fj --help >/dev/null
          ./target/release/fj completion zsh >/dev/null
bugs + agent-focused Forgejo gaps + CI + docs Bugs: * Shell injection in `fj auth setup-git`: the hostname is now validated against a strict DNS pattern and `git config` is invoked directly (no `sh -c`). Added 4 unit tests covering shell metacharacters. * Pager won't compile on Windows: the libc-based dup2 redirect lives behind `#[cfg(unix)]`. Non-Unix gets a no-op stub. Agent-focused Forgejo API gaps: * `fj issue edit-comment ID` / `delete-comment ID`. Fix a wrong comment after the fact (an agent's bread-and-butter). * `fj search code "..." [-R owner/name]`. The most-requested missing search dimension for codebase exploration. * `fj pr request-review N user1 user2`, `unrequest-review N user`. Distinct from `pr review` (your own approval/changes/comment). * `fj repo watch / unwatch / star / unstar / starred`. Mark repos for monitoring. * `fj milestone {list,view,create,edit,close,reopen,delete,assign}` with `assign N --milestone ID\|none` to attach an issue/PR. UX + stability: * Global `--json-fields foo,bar` projection on top of any `--json` output, gh-style. Dotted-path support (`--json-fields owner.login`). * 429 / Retry-After honored in the retry loop with a 30 s cap. * Clap `suggestions` feature for typo'd subcommands. * `fj auth token` and `auth status --show-token` refuse to write to a TTY by default (`--force` to override). CI: * `.forgejo/workflows/ci.yml` runs fmt/clippy/test/release-build on every push and PR, mirroring the local pre-push hook. Docs: * `SECURITY.md` with threat model and known sharp edges. * `docs/gh-to-fj.md` full command-by-command mapping. * `docs/faq.md` covering tokens, hosts, debug, scripting, plugins. Tests: 60 → 75 passing (2 ignored: editor and env-mutating tests that fight the cargo test harness on macOS). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-13 21:52:28 +00:00			`name: ci`

			`on:`
			`push:`
			`branches: [main]`
			`pull_request:`
			`branches: [main]`

			`jobs:`
			`check:`
			`runs-on: docker`
			`container:`
			`image: rust:1.95-bookworm`
			`steps:`
			`- name: checkout`
			`uses: actions/checkout@v4`

			`- name: cache cargo`
			`uses: actions/cache@v4`
			`with:`
			`path: \|`
			`~/.cargo/registry`
			`~/.cargo/git`
			`target`
			`key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}`
			`restore-keys: \|`
			`${{ runner.os }}-cargo-`

			`- name: install components`
			`run: \|`
			`rustup component add rustfmt clippy`

			`- name: cargo fmt`
			`run: cargo fmt --all -- --check`

			`- name: cargo clippy`
			`run: cargo clippy --all-targets --all-features -- -D warnings`

			`- name: cargo test`
			`run: cargo test --all --locked --no-fail-fast`

			`- name: cargo build --release`
			`run: cargo build --release --locked`

			`- name: smoke-check binary`
			`run: \|`
			`./target/release/fj --version`
			`./target/release/fj --help >/dev/null`
			`./target/release/fj completion zsh >/dev/null`