From a91b40490dff06107177dcac219cc764cb66b250 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:30:31 +0200 Subject: [PATCH 01/41] Slight changes to CI --- .github/workflows/ci.yml | 50 ++++++++++++++++++++++------------------ CHANGELOG.md | 2 +- Cargo.toml | 19 ++++++++++----- README.md | 2 +- 4 files changed, 43 insertions(+), 30 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 98e8be0..142e37c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,6 +18,31 @@ permissions: # Each job runs in a runner environment specified by `runs-on`. jobs: + clippy: + name: Clippy + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: ilammy/setup-nasm@v1 + - uses: dtolnay/rust-toolchain@stable + with: + components: clippy + toolchain: 1.89.0 # MSRV check + - uses: Swatinem/rust-cache@v2 + - name: Linting + run: cargo clippy --all-targets --all-features -- -D warnings + + fmt: + name: Format + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt + - name: Enforce formatting + run: cargo fmt -- --check --color always + test: name: Test runs-on: ubuntu-latest @@ -39,26 +64,7 @@ jobs: - name: Run tests run: cargo test - fmt: - name: Format + cli_success: + name: Success runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v5 - - uses: dtolnay/rust-toolchain@stable - with: - components: rustfmt - - name: Enforce formatting - run: cargo fmt --check - - clippy: - name: Clippy - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v5 - - uses: ilammy/setup-nasm@v1 - - uses: dtolnay/rust-toolchain@stable - with: - components: clippy - - uses: Swatinem/rust-cache@v2 - - name: Linting - run: cargo clippy -- -D warnings + needs: [clippy, fmt, test] diff --git a/CHANGELOG.md b/CHANGELOG.md index fbb1e28..5b33ca7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Some form of concurrent execution, but this might not be necessary as some dependencies already use `rayon` and `crossbeam`. -## [0.2.4] - 2025-09-08 +## [0.2.4] - 2025-09-28 ### Changed - Updated several dependencies to newer versions. diff --git a/Cargo.toml b/Cargo.toml index 65a238e..627115a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,16 +1,15 @@ [package] name = "reduce_image_size" +description = "Reduces size of images in a folder (and optionally sub-folders, recursively)." version = "0.2.4" -edition = "2024" authors = ["Ivan Lazarević"] -description = "Reduces size of images in a folder (and optionally sub-folders, recursively)." repository = "https://github.com/ivanbgd/reduce-image-size-rust" license = "MIT" -keywords = ["image", "images", "photo", "jpeg", "png"] +readme = "README.md" categories = ["computer-vision", "multimedia", "multimedia::images", "command-line-utilities"] - -[profile.release] -strip = "symbols" +keywords = ["image", "images", "photo", "jpeg", "png"] +edition = "2024" +rust-version = "1.89.0" [lib] path = "src/lib.rs" @@ -27,3 +26,11 @@ oxipng = { version = "9.1.1", default-features = false, features = ["parallel"] pathdiff = { version = "0.2.1" } turbojpeg = { version = "1.1.0", features = ["image"] } walkdir = "2.5.0" + +[profile.dev.package.oxipng] +opt-level = 3 + +[profile.release] +strip = "symbols" +#lto = "fat" +#codegen-units = 1 diff --git a/README.md b/README.md index ea82f1e..1c434ae 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ The file paths in the examples are for Windows. - `reduce_image_size D:\img_src D:\img_dst --recursive --resize --quality 60 --size L` ## Notes -- Updated and tested in Rust 1.89.0 on Apple silicon with macOS Sequoia 15.3. +- Updated and tested in Rust 1.89.0 and 1.90.0 on Apple silicon with macOS Sequoia 15.3.2. - First developed in Rust 1.74.1, but also tested later with Rust 1.79.0. - Tested on x86-64 CPUs on Windows 10 and Windows 11. - Tested on Apple silicon, M2 Pro, on macOS Sonoma 14.5. From 10d9e0d4bfc821f3423e1e737369186fe04391f6 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:34:03 +0200 Subject: [PATCH 02/41] Slight changes to CI --- .github/workflows/ci.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 142e37c..95de1c0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -64,7 +64,9 @@ jobs: - name: Run tests run: cargo test - cli_success: - name: Success + ci_success: + name: CI success runs-on: ubuntu-latest needs: [clippy, fmt, test] + steps: + - run: echo "All CI jobs successfully finished." From d82c144c2303a5551ed2590cb77e3cbc122e9874 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:59:49 +0200 Subject: [PATCH 03/41] Add audit.yml GitHub action --- .github/workflows/audit.yml | 16 ++++++++++++++++ Cargo.lock | 8 ++++---- Cargo.toml | 8 ++++---- 3 files changed, 24 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/audit.yml diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml new file mode 100644 index 0000000..528a25d --- /dev/null +++ b/.github/workflows/audit.yml @@ -0,0 +1,16 @@ +name: Security audit + +on: + push: + paths: + - "**/Cargo.toml" + - "**/Cargo.lock" + +jobs: + security_audit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: rustsec/audit-check@v2.0.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/Cargo.lock b/Cargo.lock index 16c56a6..e735216 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -209,9 +209,9 @@ checksum = "2fd1289c04a9ea8cb22300a459a72a385d7c73d3259e2ed7dcb2af674838cfa9" [[package]] name = "clap" -version = "4.5.47" +version = "4.5.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7eac00902d9d136acd712710d71823fb8ac8004ca445a89e73a41d45aa712931" +checksum = "e2134bb3ea021b78629caa971416385309e0131b351b25e01dc16fb54e1b5fae" dependencies = [ "clap_builder", "clap_derive", @@ -219,9 +219,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.47" +version = "4.5.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2ad9bbf750e73b5884fb8a211a9424a1906c1e156724260fdae972f31d70e1d6" +checksum = "c2ba64afa3c0a6df7fa517765e31314e983f51dda798ffba27b988194fb65dc9" dependencies = [ "anstream", "anstyle", diff --git a/Cargo.toml b/Cargo.toml index 627115a..276d773 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,12 +19,12 @@ name = "reduce_image_size" path = "src/main.rs" [dependencies] -clap = { version = "4.5.9", features = ["derive"] } +clap = { version = "4.5.48", features = ["derive"] } fast_image_resize = { version = "5.3.0" } image = "0.25.8" -oxipng = { version = "9.1.1", default-features = false, features = ["parallel"] } -pathdiff = { version = "0.2.1" } -turbojpeg = { version = "1.1.0", features = ["image"] } +oxipng = { version = "9.1.5", default-features = false, features = ["parallel"] } +pathdiff = { version = "0.2.3" } +turbojpeg = { version = "1.3.3", features = ["image"] } walkdir = "2.5.0" [profile.dev.package.oxipng] From fe7424a635f175b505f94fce243ea9bdfa7fcbf2 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:13:05 +0200 Subject: [PATCH 04/41] Modify audit.yml - give it read permission --- .github/workflows/audit.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 528a25d..e800ebb 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -7,8 +7,12 @@ on: - "**/Cargo.lock" jobs: - security_audit: + + security-audit: + name: Security audit runs-on: ubuntu-latest + permissions: + contents: read steps: - uses: actions/checkout@v5 - uses: rustsec/audit-check@v2.0.0 From b5d1966f97b0c2147c602e66f0d74e082a42b5d5 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:14:37 +0200 Subject: [PATCH 05/41] Modify audit.yml - give it only write permission --- .github/workflows/audit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index e800ebb..1b9cdec 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -12,7 +12,7 @@ jobs: name: Security audit runs-on: ubuntu-latest permissions: - contents: read + contents: write steps: - uses: actions/checkout@v5 - uses: rustsec/audit-check@v2.0.0 From df41ad4c34d2ee8098dcb73ff8341dcbc5f87351 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:16:03 +0200 Subject: [PATCH 06/41] Modify audit.yml - give it only read permission --- .github/workflows/audit.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 1b9cdec..f5721ed 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -2,9 +2,9 @@ name: Security audit on: push: - paths: - - "**/Cargo.toml" - - "**/Cargo.lock" +# paths: +# - "**/Cargo.toml" +# - "**/Cargo.lock" jobs: @@ -12,7 +12,7 @@ jobs: name: Security audit runs-on: ubuntu-latest permissions: - contents: write + contents: read steps: - uses: actions/checkout@v5 - uses: rustsec/audit-check@v2.0.0 From 01631fe94a1add2b2dadad3a0f58b43c1bcdf2a6 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:20:15 +0200 Subject: [PATCH 07/41] Modify audit.yml - give it only write permission --- .github/workflows/audit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index f5721ed..bd6d7d1 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -12,7 +12,7 @@ jobs: name: Security audit runs-on: ubuntu-latest permissions: - contents: read + contents: write steps: - uses: actions/checkout@v5 - uses: rustsec/audit-check@v2.0.0 From ffe22ccdf246c655a1abad0d855b3a00cf67f334 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:24:53 +0200 Subject: [PATCH 08/41] Modify audit.yml --- .github/workflows/audit.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index bd6d7d1..079a710 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -12,6 +12,8 @@ jobs: name: Security audit runs-on: ubuntu-latest permissions: + issues: write + checks: write contents: write steps: - uses: actions/checkout@v5 From 548568c86014895db5f17d90a7655eaa24c82f34 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:29:55 +0200 Subject: [PATCH 09/41] Modify audit.yml --- .github/workflows/audit.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 079a710..53bae9e 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -6,6 +6,17 @@ on: # - "**/Cargo.toml" # - "**/Cargo.lock" + +github-token: + action-input: + input: token + is-default: false + permissions: + issues: write + issues-reason: to create issues + checks: write + checks-reason: to create check + jobs: security-audit: From a174b8605c93dca74b7710fd20e34d54f2b2d920 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:31:11 +0200 Subject: [PATCH 10/41] Modify audit.yml --- .github/workflows/audit.yml | 18 ++++-------------- .github/workflows/ci.yml | 2 ++ 2 files changed, 6 insertions(+), 14 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 53bae9e..491ea52 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -6,26 +6,16 @@ on: # - "**/Cargo.toml" # - "**/Cargo.lock" - -github-token: - action-input: - input: token - is-default: false - permissions: - issues: write - issues-reason: to create issues - checks: write - checks-reason: to create check +permissions: + issues: write + checks: write + contents: write jobs: security-audit: name: Security audit runs-on: ubuntu-latest - permissions: - issues: write - checks: write - contents: write steps: - uses: actions/checkout@v5 - uses: rustsec/audit-check@v2.0.0 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 95de1c0..7a30256 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,6 +2,8 @@ name: CI on: push: + branches: + - main pull_request: types: [ opened, reopened, synchronize ] branches: From a4d9bac257e928227344d00f0ee671ee261886f4 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:35:20 +0200 Subject: [PATCH 11/41] Modify audit.yml --- .github/workflows/audit.yml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 491ea52..827d4ac 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -1,18 +1,16 @@ name: Security audit - on: + # schedule: + # - cron: "0 0 * * *" push: # paths: # - "**/Cargo.toml" # - "**/Cargo.lock" - permissions: - issues: write - checks: write - contents: write - + issues: read + checks: read + contents: read jobs: - security-audit: name: Security audit runs-on: ubuntu-latest From 686a26b333a07baa6f60f941cda96190489573d8 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:39:35 +0200 Subject: [PATCH 12/41] Modify audit.yml --- .github/workflows/audit.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 827d4ac..94a4a2e 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -7,9 +7,8 @@ on: # - "**/Cargo.toml" # - "**/Cargo.lock" permissions: - issues: read - checks: read - contents: read + issues: write + checks: write jobs: security-audit: name: Security audit From 77e7574bde888c777922d1fc00775d8d68505fb2 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:45:14 +0200 Subject: [PATCH 13/41] Modify audit.yml --- .github/workflows/audit.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 94a4a2e..97d2e32 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -1,4 +1,5 @@ name: Security audit + on: # schedule: # - cron: "0 0 * * *" @@ -6,13 +7,15 @@ on: # paths: # - "**/Cargo.toml" # - "**/Cargo.lock" -permissions: - issues: write - checks: write + jobs: - security-audit: - name: Security audit + + audit-check: + name: Audit check runs-on: ubuntu-latest + permissions: + issues: write + checks: write steps: - uses: actions/checkout@v5 - uses: rustsec/audit-check@v2.0.0 From c0e42288a7be4ce82000f6664f51e4b735c1735b Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:57:48 +0200 Subject: [PATCH 14/41] Modify audit.yml --- .github/workflows/audit.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 97d2e32..9b252f8 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -21,3 +21,12 @@ jobs: - uses: rustsec/audit-check@v2.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} + + cargo-deny: + name: Cargo deny + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: EmbarkStudios/cargo-deny-action@v2 +# with: +# rust-version: "1.89.0" From be26d13f5b1297bd5e930dfb8e43450e80129d72 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:00:10 +0200 Subject: [PATCH 15/41] Modify audit.yml --- .github/workflows/audit.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 9b252f8..f892236 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -10,17 +10,17 @@ on: jobs: - audit-check: - name: Audit check - runs-on: ubuntu-latest - permissions: - issues: write - checks: write - steps: - - uses: actions/checkout@v5 - - uses: rustsec/audit-check@v2.0.0 - with: - token: ${{ secrets.GITHUB_TOKEN }} +# audit-check: +# name: Audit check +# runs-on: ubuntu-latest +# permissions: +# issues: write +# checks: write +# steps: +# - uses: actions/checkout@v5 +# - uses: rustsec/audit-check@v2.0.0 +# with: +# token: ${{ secrets.GITHUB_TOKEN }} cargo-deny: name: Cargo deny @@ -28,5 +28,5 @@ jobs: steps: - uses: actions/checkout@v5 - uses: EmbarkStudios/cargo-deny-action@v2 -# with: -# rust-version: "1.89.0" + with: + rust-version: "1.89.0" From d3342406db7a0c29fb6f19ec2f645a71aadbc4f3 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:02:43 +0200 Subject: [PATCH 16/41] Include deny.toml --- deny.toml | 249 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 249 insertions(+) create mode 100644 deny.toml diff --git a/deny.toml b/deny.toml new file mode 100644 index 0000000..52ce9f2 --- /dev/null +++ b/deny.toml @@ -0,0 +1,249 @@ +# This template contains all of the possible sections and their default values + +# Note that all fields that take a lint level have these possible values: +# * deny - An error will be produced and the check will fail +# * warn - A warning will be produced, but the check will not fail +# * allow - No warning or error will be produced, though in some cases a note +# will be + +# The values provided in this template are the default values that will be used +# when any section or field is not specified in your own configuration + +# Root options + +# The graph table configures how the dependency graph is constructed and thus +# which crates the checks are performed against +[graph] +# If 1 or more target triples (and optionally, target_features) are specified, +# only the specified targets will be checked when running `cargo deny check`. +# This means, if a particular package is only ever used as a target specific +# dependency, such as, for example, the `nix` crate only being used via the +# `target_family = "unix"` configuration, that only having windows targets in +# this list would mean the nix crate, as well as any of its exclusive +# dependencies not shared by any other crates, would be ignored, as the target +# list here is effectively saying which targets you are building for. +targets = [ + # The triple can be any string, but only the target triples built in to + # rustc (as of 1.40) can be checked against actual config expressions + #"x86_64-unknown-linux-musl", + # You can also specify which target_features you promise are enabled for a + # particular target. target_features are currently not validated against + # the actual valid features supported by the target architecture. + #{ triple = "wasm32-unknown-unknown", features = ["atomics"] }, + "aarch64-unknown-linux-gnu", + "x86_64-unknown-linux-gnu", + "aarch64-apple-darwin", + "x86_64-apple-darwin", + "universal-apple-darwin", + "x86_64-pc-windows-msvc", +] +# When creating the dependency graph used as the source of truth when checks are +# executed, this field can be used to prune crates from the graph, removing them +# from the view of cargo-deny. This is an extremely heavy hammer, as if a crate +# is pruned from the graph, all of its dependencies will also be pruned unless +# they are connected to another crate in the graph that hasn't been pruned, +# so it should be used with care. The identifiers are [Package ID Specifications] +# (https://doc.rust-lang.org/cargo/reference/pkgid-spec.html) +#exclude = [] +# If true, metadata will be collected with `--all-features`. Note that this can't +# be toggled off if true, if you want to conditionally enable `--all-features` it +# is recommended to pass `--all-features` on the cmd line instead +all-features = false +# If true, metadata will be collected with `--no-default-features`. The same +# caveat with `all-features` applies +no-default-features = false +# If set, these feature will be enabled when collecting metadata. If `--features` +# is specified on the cmd line they will take precedence over this option. +#features = [] + +# The output table provides options for how/if diagnostics are outputted +[output] +# When outputting inclusion graphs in diagnostics that include features, this +# option can be used to specify the depth at which feature edges will be added. +# This option is included since the graphs can be quite large and the addition +# of features from the crate(s) to all of the graph roots can be far too verbose. +# This option can be overridden via `--feature-depth` on the cmd line +feature-depth = 1 + +# This section is considered when running `cargo deny check advisories` +# More documentation for the advisories section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html +[advisories] +unmaintained = "workspace" +# The path where the advisory databases are cloned/fetched into +#db-path = "$CARGO_HOME/advisory-dbs" +# The url(s) of the advisory databases to use +#db-urls = ["https://github.com/rustsec/advisory-db"] +# A list of advisory IDs to ignore. Note that ignored advisories will still +# output a note when they are encountered. +ignore = [ + #"RUSTSEC-0000-0000", + #{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" }, + #"a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish + #{ crate = "a-crate-that-is-yanked@0.1.1", reason = "you can specify why you are ignoring the yanked crate" }, +] +# If this is true, then cargo deny will use the git executable to fetch advisory database. +# If this is false, then it uses a built-in git library. +# Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support. +# See Git Authentication for more information about setting up git authentication. +#git-fetch-with-cli = true + +# This section is considered when running `cargo deny check licenses` +# More documentation for the licenses section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html +[licenses] +# List of explicitly allowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. +allow = [ + "MIT", + "Apache-2.0", + #"Apache-2.0 WITH LLVM-exception", + #"BSD-2-Clause", + "BSD-3-Clause", + "Unicode-3.0", +] +# The confidence threshold for detecting a license from license text. +# The higher the value, the more closely the license text must be to the +# canonical license text of a valid SPDX license file. +# [possible values: any between 0.0 and 1.0]. +confidence-threshold = 0.93 +# Allow 1 or more licenses on a per-crate basis, so that particular licenses +# aren't accepted for every possible crate as with the normal allow list +exceptions = [ + # Each entry is the crate and version constraint, and its specific allow + # list + #{ allow = ["Zlib"], crate = "adler32" }, + { allow = ["BSD-2-Clause"], crate = "av1-grain" }, + { allow = ["BSD-2-Clause"], crate = "rav1e" }, + { allow = ["BSD-2-Clause"], crate = "v_frame" }, +] + +# Some crates don't have (easily) machine readable licensing information, +# adding a clarification entry for it allows you to manually specify the +# licensing information +#[[licenses.clarify]] +# The package spec the clarification applies to +#crate = "ring" +# The SPDX expression for the license requirements of the crate +#expression = "MIT AND ISC AND OpenSSL" +# One or more files in the crate's source used as the "source of truth" for +# the license expression. If the contents match, the clarification will be used +# when running the license check, otherwise the clarification will be ignored +# and the crate will be checked normally, which may produce warnings or errors +# depending on the rest of your configuration +#license-files = [ +# Each entry is a crate relative path, and the (opaque) hash of its contents +#{ path = "LICENSE", hash = 0xbd0eed23 } +#] + +[licenses.private] +# If true, ignores workspace crates that aren't published, or are only +# published to private registries. +# To see how to mark a crate as unpublished (to the official registry), +# visit https://doc.rust-lang.org/cargo/reference/manifest.html#the-publish-field. +ignore = false +# One or more private registries that you might publish crates to, if a crate +# is only published to private registries, and ignore is true, the crate will +# not have its license(s) checked +registries = [ + #"https://sekretz.com/registry +] + +# This section is considered when running `cargo deny check bans`. +# More documentation about the 'bans' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html +[bans] +# Lint level for when multiple versions of the same crate are detected +multiple-versions = "warn" +# Lint level for when a crate version requirement is `*` +wildcards = "allow" +# The graph highlighting used when creating dotgraphs for crates +# with multiple versions +# * lowest-version - The path to the lowest versioned duplicate is highlighted +# * simplest-path - The path to the version with the fewest edges is highlighted +# * all - Both lowest-version and simplest-path are used +highlight = "all" +# The default lint level for `default` features for crates that are members of +# the workspace that is being checked. This can be overridden by allowing/denying +# `default` on a crate-by-crate basis if desired. +workspace-default-features = "allow" +# The default lint level for `default` features for external crates that are not +# members of the workspace. This can be overridden by allowing/denying `default` +# on a crate-by-crate basis if desired. +external-default-features = "allow" +# List of crates that are allowed. Use with care! +allow = [ + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is allowed" }, +] +# List of crates to deny +deny = [ + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is banned" }, + # Wrapper crates can optionally be specified to allow the crate when it + # is a direct dependency of the otherwise banned crate + #{ crate = "ansi_term@0.11.0", wrappers = ["this-crate-directly-depends-on-ansi_term"] }, + { crate = "openssl", use-instead = "rustls"}, +] + +# List of features to allow/deny +# Each entry the name of a crate and a version range. If version is +# not specified, all versions will be matched. +#[[bans.features]] +#crate = "reqwest" +# Features to not allow +#deny = ["json"] +# Features to allow +#allow = [ +# "rustls", +# "__rustls", +# "__tls", +# "hyper-rustls", +# "rustls", +# "rustls-pemfile", +# "rustls-tls-webpki-roots", +# "tokio-rustls", +# "webpki-roots", +#] +# If true, the allowed features must exactly match the enabled feature set. If +# this is set there is no point setting `deny` +#exact = true + +# Certain crates/versions that will be skipped when doing duplicate detection. +skip = [ + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason why it can't be updated/removed" }, +] +# Similarly to `skip` allows you to skip certain crates during duplicate +# detection. Unlike skip, it also includes the entire tree of transitive +# dependencies starting at the specified crate, up to a certain depth, which is +# by default infinite. +skip-tree = [ + #"ansi_term@0.11.0", # will be skipped along with _all_ of its direct and transitive dependencies + #{ crate = "ansi_term@0.11.0", depth = 20 }, +] + +# This section is considered when running `cargo deny check sources`. +# More documentation about the 'sources' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html +[sources] +# Lint level for what to happen when a crate from a crate registry that is not +# in the allow list is encountered +unknown-registry = "warn" +# Lint level for what to happen when a crate from a git repository that is not +# in the allow list is encountered +unknown-git = "warn" +# List of URLs for allowed crate registries. Defaults to the crates.io index +# if not specified. If it is specified but empty, no registries are allowed. +allow-registry = ["https://github.com/rust-lang/crates.io-index"] +# List of URLs for allowed Git repositories +allow-git = [] + +[sources.allow-org] +# github.com organizations to allow git sources for +github = [] +# gitlab.com organizations to allow git sources for +gitlab = [] +# bitbucket.org organizations to allow git sources for +bitbucket = [] From 3a10c59ee2e47d7455017bea0b1ce2ad1f2f774b Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:05:18 +0200 Subject: [PATCH 17/41] Modify audit.yml --- .github/workflows/audit.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index f892236..ceefcd0 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -5,8 +5,9 @@ on: # - cron: "0 0 * * *" push: # paths: -# - "**/Cargo.toml" # - "**/Cargo.lock" +# - "**/Cargo.toml" +# - "**/deny.toml" jobs: @@ -30,3 +31,6 @@ jobs: - uses: EmbarkStudios/cargo-deny-action@v2 with: rust-version: "1.89.0" + log-level: warn + command: check + arguments: --all-features From 3fbfc327f36132a5f46a9b5b4a9a526e9562631a Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:09:37 +0200 Subject: [PATCH 18/41] Modify audit.yml --- .github/workflows/audit.yml | 15 +++++++++++++++ .github/workflows/ci.yml | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index ceefcd0..50931d0 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -34,3 +34,18 @@ jobs: log-level: warn command: check arguments: --all-features + + cargo-deny-taiki: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: taiki-e/install-action@cargo-deny + - name: Scan for vulnerabilities + run: cargo deny check advisories + + audit-success: + name: Audit success + runs-on: ubuntu-latest + needs: [cargo-deny, cargo-deny-taiki] + steps: + - run: echo "All audit jobs successfully finished." diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7a30256..1a6052a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -66,7 +66,7 @@ jobs: - name: Run tests run: cargo test - ci_success: + ci-success: name: CI success runs-on: ubuntu-latest needs: [clippy, fmt, test] From cac2d11141c57aab2d93976a6c9f460506b00e35 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:15:53 +0200 Subject: [PATCH 19/41] Modify audit.yml --- .github/workflows/audit.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 50931d0..ae26d2a 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -11,17 +11,17 @@ on: jobs: -# audit-check: -# name: Audit check -# runs-on: ubuntu-latest -# permissions: -# issues: write -# checks: write -# steps: -# - uses: actions/checkout@v5 -# - uses: rustsec/audit-check@v2.0.0 -# with: -# token: ${{ secrets.GITHUB_TOKEN }} + audit-check: + name: Audit check + runs-on: ubuntu-latest + permissions: + issues: write + checks: write + steps: + - uses: actions/checkout@v5 + - uses: rustsec/audit-check@v2.0.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} cargo-deny: name: Cargo deny @@ -46,6 +46,6 @@ jobs: audit-success: name: Audit success runs-on: ubuntu-latest - needs: [cargo-deny, cargo-deny-taiki] + needs: [audit-check, cargo-deny, cargo-deny-taiki] steps: - run: echo "All audit jobs successfully finished." From d0ac04bbba4fc149186a7928c141cad858a29d7a Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:32:32 +0200 Subject: [PATCH 20/41] Modify audit.yml --- .github/workflows/audit.yml | 18 +++++------------- README.md | 3 ++- 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index ae26d2a..f118274 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -4,10 +4,10 @@ on: # schedule: # - cron: "0 0 * * *" push: -# paths: -# - "**/Cargo.lock" -# - "**/Cargo.toml" -# - "**/deny.toml" + paths: + - "**/Cargo.lock" + - "**/Cargo.toml" + - "**/deny.toml" jobs: @@ -35,17 +35,9 @@ jobs: command: check arguments: --all-features - cargo-deny-taiki: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v5 - - uses: taiki-e/install-action@cargo-deny - - name: Scan for vulnerabilities - run: cargo deny check advisories - audit-success: name: Audit success runs-on: ubuntu-latest - needs: [audit-check, cargo-deny, cargo-deny-taiki] + needs: [audit-check, cargo-deny] steps: - run: echo "All audit jobs successfully finished." diff --git a/README.md b/README.md index 1c434ae..467096b 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,9 @@ # Reduce Image Size -[![CI](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml/badge.svg)](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml) [![Crates.io](https://img.shields.io/crates/v/reduce_image_size.svg)](https://crates.io/crates/reduce_image_size) [![docs.rs](https://docs.rs/reduce_image_size/badge.svg)](https://docs.rs/reduce_image_size/) +[![CI](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml/badge.svg)](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml) +[![Security audit](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/audit.yml/badge.svg)](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/audit.yml) ## Description Reduces size of images in a folder (and optionally sub-folders, recursively). From d8adf6ae9d1239d77d16814937d18e87c7c32e74 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:38:27 +0200 Subject: [PATCH 21/41] Modify ci.yml --- .github/workflows/ci.yml | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1a6052a..e56e3b2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,8 @@ name: CI on: push: - branches: - - main +# branches: +# - main pull_request: types: [ opened, reopened, synchronize ] branches: @@ -42,9 +42,21 @@ jobs: - uses: dtolnay/rust-toolchain@stable with: components: rustfmt + - uses: Swatinem/rust-cache@v2 - name: Enforce formatting run: cargo fmt -- --check --color always + publish-check: + name: Publish check + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: dtolnay/rust-toolchain@stable + - uses: Swatinem/rust-cache@v2 + - run: cargo fetch + - name: cargo publish + run: cargo publish --dry-run + test: name: Test runs-on: ubuntu-latest @@ -69,6 +81,6 @@ jobs: ci-success: name: CI success runs-on: ubuntu-latest - needs: [clippy, fmt, test] + needs: [clippy, fmt, publish-check, test] steps: - run: echo "All CI jobs successfully finished." From f44f446ca40448364e315440105a0f376814b64a Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 17:42:51 +0200 Subject: [PATCH 22/41] Modify ci.yml --- .github/workflows/ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e56e3b2..16e3627 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,11 +25,11 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: ilammy/setup-nasm@v1 - uses: dtolnay/rust-toolchain@stable with: components: clippy toolchain: 1.89.0 # MSRV check + - uses: ilammy/setup-nasm@v1 - uses: Swatinem/rust-cache@v2 - name: Linting run: cargo clippy --all-targets --all-features -- -D warnings @@ -52,6 +52,9 @@ jobs: steps: - uses: actions/checkout@v5 - uses: dtolnay/rust-toolchain@stable + with: + toolchain: 1.89.0 # MSRV check + - uses: ilammy/setup-nasm@v1 - uses: Swatinem/rust-cache@v2 - run: cargo fetch - name: cargo publish From cb370c26a5ba9931db708cd6203c44fbba1537dd Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 19:00:52 +0200 Subject: [PATCH 23/41] Add audit.toml --- .cargo/audit.toml | 10 ++++++++++ .github/workflows/ci.yml | 4 ++-- README.md | 1 + 3 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 .cargo/audit.toml diff --git a/.cargo/audit.toml b/.cargo/audit.toml new file mode 100644 index 0000000..0c7f7dc --- /dev/null +++ b/.cargo/audit.toml @@ -0,0 +1,10 @@ +[advisories] +ignore = [ + # Warning: unmaintained + # Title: paste - no longer maintained + "RUSTSEC-2024-0436", +] + +[output] +quiet = false +deny = ["warnings", "unmaintained"] diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 16e3627..b6568bc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,8 @@ name: CI on: push: -# branches: -# - main + branches: + - main pull_request: types: [ opened, reopened, synchronize ] branches: diff --git a/README.md b/README.md index 467096b..2935da3 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Reduce Image Size +[![license](https://img.shields.io/badge/License-MIT-blue.svg?style=flat)](LICENSE) [![Crates.io](https://img.shields.io/crates/v/reduce_image_size.svg)](https://crates.io/crates/reduce_image_size) [![docs.rs](https://docs.rs/reduce_image_size/badge.svg)](https://docs.rs/reduce_image_size/) [![CI](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml/badge.svg)](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml) From baa321839360f043a2830a9d853e1fae0c919a17 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 19:19:48 +0200 Subject: [PATCH 24/41] Edit ci --- .github/workflows/ci.yml | 2 +- deny.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b6568bc..358c5c4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -57,7 +57,7 @@ jobs: - uses: ilammy/setup-nasm@v1 - uses: Swatinem/rust-cache@v2 - run: cargo fetch - - name: cargo publish + - name: cargo publish dry run run: cargo publish --dry-run test: diff --git a/deny.toml b/deny.toml index 52ce9f2..78bfc64 100644 --- a/deny.toml +++ b/deny.toml @@ -48,7 +48,7 @@ targets = [ # If true, metadata will be collected with `--all-features`. Note that this can't # be toggled off if true, if you want to conditionally enable `--all-features` it # is recommended to pass `--all-features` on the cmd line instead -all-features = false +all-features = true # Was false by default. # If true, metadata will be collected with `--no-default-features`. The same # caveat with `all-features` applies no-default-features = false From 1995a317f6b94ba628a7db0dbd3dc5ec0789a0d7 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 19:51:05 +0200 Subject: [PATCH 25/41] Edit ci --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 358c5c4..32ee015 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -55,8 +55,8 @@ jobs: with: toolchain: 1.89.0 # MSRV check - uses: ilammy/setup-nasm@v1 - - uses: Swatinem/rust-cache@v2 - run: cargo fetch + - uses: Swatinem/rust-cache@v2 - name: cargo publish dry run run: cargo publish --dry-run @@ -64,11 +64,11 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - uses: ilammy/setup-nasm@v1 - - name: Check out repository code uses: actions/checkout@v5 + - uses: ilammy/setup-nasm@v1 + # This GitHub Action installs a Rust toolchain using "rustup". # It is designed for one-line concise usage and good defaults. - name: Install the Rust toolchain @@ -79,7 +79,7 @@ jobs: uses: Swatinem/rust-cache@v2 - name: Run tests - run: cargo test + run: cargo test --all --all-targets ci-success: name: CI success From 4d0d217c5a5b5334d464972272d29e81eae2d458 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 20:10:56 +0200 Subject: [PATCH 26/41] Edit ci --- .github/workflows/ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 32ee015..82a6e2c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,8 @@ name: CI on: push: - branches: - - main +# branches: +# - main pull_request: types: [ opened, reopened, synchronize ] branches: @@ -25,12 +25,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + - uses: Swatinem/rust-cache@v2 - uses: dtolnay/rust-toolchain@stable with: components: clippy toolchain: 1.89.0 # MSRV check - uses: ilammy/setup-nasm@v1 - - uses: Swatinem/rust-cache@v2 - name: Linting run: cargo clippy --all-targets --all-features -- -D warnings @@ -39,10 +39,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + - uses: Swatinem/rust-cache@v2 - uses: dtolnay/rust-toolchain@stable with: components: rustfmt - - uses: Swatinem/rust-cache@v2 - name: Enforce formatting run: cargo fmt -- --check --color always @@ -51,12 +51,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + - uses: Swatinem/rust-cache@v2 - uses: dtolnay/rust-toolchain@stable with: toolchain: 1.89.0 # MSRV check - uses: ilammy/setup-nasm@v1 - run: cargo fetch - - uses: Swatinem/rust-cache@v2 - name: cargo publish dry run run: cargo publish --dry-run From b720122e8cfe2263e047aa1844ac37b26c496245 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 20:15:32 +0200 Subject: [PATCH 27/41] Edit ci --- .github/workflows/ci.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 82a6e2c..f4623fc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,12 +25,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: Swatinem/rust-cache@v2 + - uses: ilammy/setup-nasm@v1 - uses: dtolnay/rust-toolchain@stable with: components: clippy toolchain: 1.89.0 # MSRV check - - uses: ilammy/setup-nasm@v1 + - uses: Swatinem/rust-cache@v2 - name: Linting run: cargo clippy --all-targets --all-features -- -D warnings @@ -39,10 +39,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: Swatinem/rust-cache@v2 - uses: dtolnay/rust-toolchain@stable with: components: rustfmt + - uses: Swatinem/rust-cache@v2 - name: Enforce formatting run: cargo fmt -- --check --color always @@ -51,12 +51,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: Swatinem/rust-cache@v2 + - uses: ilammy/setup-nasm@v1 - uses: dtolnay/rust-toolchain@stable with: toolchain: 1.89.0 # MSRV check - - uses: ilammy/setup-nasm@v1 - - run: cargo fetch +# - run: cargo fetch + - uses: Swatinem/rust-cache@v2 - name: cargo publish dry run run: cargo publish --dry-run From b3a7190ad32d4b4853498f2b4d8cd08ab9ab68d2 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 20:39:42 +0200 Subject: [PATCH 28/41] Edit ci --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f4623fc..7633653 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,8 @@ name: CI on: push: -# branches: -# - main + branches: + - audit pull_request: types: [ opened, reopened, synchronize ] branches: From bcd2602b35abd64bfbd2d4a50c171a3c7045bb5f Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 20:49:16 +0200 Subject: [PATCH 29/41] Edit ci --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7633653..5745a57 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -55,7 +55,7 @@ jobs: - uses: dtolnay/rust-toolchain@stable with: toolchain: 1.89.0 # MSRV check -# - run: cargo fetch + - run: cargo fetch - uses: Swatinem/rust-cache@v2 - name: cargo publish dry run run: cargo publish --dry-run From 7872b393e952a66fadcd801cb69dd7f4064a8514 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 21:04:22 +0200 Subject: [PATCH 30/41] Edit ci --- .github/workflows/ci.yml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5745a57..76b490b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,7 +29,6 @@ jobs: - uses: dtolnay/rust-toolchain@stable with: components: clippy - toolchain: 1.89.0 # MSRV check - uses: Swatinem/rust-cache@v2 - name: Linting run: cargo clippy --all-targets --all-features -- -D warnings @@ -46,6 +45,20 @@ jobs: - name: Enforce formatting run: cargo fmt -- --check --color always + msrv: + name: MSRV check + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: ilammy/setup-nasm@v1 + - uses: dtolnay/rust-toolchain@master + with: + toolchain: 1.89.0 + components: clippy + - run: cargo fetch + - name: MSRV check with cargo clippy + run: cargo clippy --all-targets --all-features -- -D warnings + publish-check: name: Publish check runs-on: ubuntu-latest @@ -53,10 +66,8 @@ jobs: - uses: actions/checkout@v5 - uses: ilammy/setup-nasm@v1 - uses: dtolnay/rust-toolchain@stable - with: - toolchain: 1.89.0 # MSRV check - - run: cargo fetch - uses: Swatinem/rust-cache@v2 + - run: cargo fetch - name: cargo publish dry run run: cargo publish --dry-run From ea395f279d1689d5c360cd2bc00fb92581ece745 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 21:08:36 +0200 Subject: [PATCH 31/41] Edit ci --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 76b490b..a63d812 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -95,6 +95,6 @@ jobs: ci-success: name: CI success runs-on: ubuntu-latest - needs: [clippy, fmt, publish-check, test] + needs: [clippy, fmt, msrv, publish-check, test] steps: - run: echo "All CI jobs successfully finished." From af8daaab3cdc9ceb8251dca186ed4331b8689bca Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 21:15:57 +0200 Subject: [PATCH 32/41] Edit ci --- .github/workflows/ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a63d812..0d2b3cc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,7 +3,9 @@ name: CI on: push: branches: - - audit + - * + tags: + - * pull_request: types: [ opened, reopened, synchronize ] branches: From 5257d2d3e32eff6a520ef85864a7fb6718a8cab1 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 21:16:47 +0200 Subject: [PATCH 33/41] Edit ci --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0d2b3cc..3364d12 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,9 +3,9 @@ name: CI on: push: branches: - - * + - "*" tags: - - * + - "*" pull_request: types: [ opened, reopened, synchronize ] branches: From b92d8558231c89e7edb6b9e713891d41bb043f1b Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 21:48:29 +0200 Subject: [PATCH 34/41] Add .pre-commit-config.yaml --- .github/workflows/ci.yml | 2 +- .pre-commit-config.yaml | 48 ++++++++++++++++++++++++++++++++++++++++ deny.toml | 1 + 3 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 .pre-commit-config.yaml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3364d12..2d0602f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -45,7 +45,7 @@ jobs: components: rustfmt - uses: Swatinem/rust-cache@v2 - name: Enforce formatting - run: cargo fmt -- --check --color always + run: cargo fmt --all -- --check --color always msrv: name: MSRV check diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..a63b10d --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,48 @@ +repos: + + - repo: local + hooks: + - id: check + name: check + description: Standard check + entry: cargo check + language: system + types: [ rust ] + pass_filenames: false + + - id: clippy + name: clippy + description: More rigorous check + entry: cargo clippy --all-targets --all-features -- -D warnings + language: rust + pass_filenames: false + + - id: rustfmt + name: rustfmt + description: Check if all files follow the rustfmt style + entry: cargo fmt --all -- --check --color always + language: rust + types: [ rust ] + pass_filenames: false + + - id: test + name: test + description: Run tests + entry: cargo test --all --all-targets + language: rust + types: [ rust ] + pass_filenames: false + + - repo: https://github.com/EmbarkStudios/cargo-deny + rev: 0.18.5 + hooks: + - id: cargo-deny + args: ["--all-features", "check"] + + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v3.2.0 + hooks: + - id: check-added-large-files + - id: check-yaml + - id: end-of-file-fixer + - id: trailing-whitespace diff --git a/deny.toml b/deny.toml index 78bfc64..8748802 100644 --- a/deny.toml +++ b/deny.toml @@ -36,6 +36,7 @@ targets = [ "x86_64-apple-darwin", "universal-apple-darwin", "x86_64-pc-windows-msvc", + "x86_64-unknown-linux-musl", ] # When creating the dependency graph used as the source of truth when checks are # executed, this field can be used to prune crates from the graph, removing them From 53eb1fa6e86fb358141a37148291cc04fd7774f8 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 21:56:26 +0200 Subject: [PATCH 35/41] Edit .pre-commit-config.yaml --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a63b10d..51ee27d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -45,4 +45,4 @@ repos: - id: check-added-large-files - id: check-yaml - id: end-of-file-fixer - - id: trailing-whitespace + # - id: trailing-whitespace From dd6a57c03e015a0ddda0e4a4f3cf41da6448b489 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Sun, 28 Sep 2025 22:50:15 +0200 Subject: [PATCH 36/41] Update CHANGELOG.md & README.md --- CHANGELOG.md | 7 +++++++ README.md | 22 ++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b33ca7..d922077 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [0.2.4] - 2025-09-28 +### Added + +- GitHub action `audit.yml`, with `audit-check` and `cargo-deny-action` actions + - `audit.toml` for local and CI `cargo audit` configuration + - `deny.toml` for local and CI `cargo deny` configuration +- Pre-commit hook, `.pre-commit-config.yaml` + ### Changed - Updated several dependencies to newer versions. - `cargo audit` found a security vulnerability in a dependency (that version has been yanked). diff --git a/README.md b/README.md index 2935da3..5322268 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,28 @@ The file paths in the examples are for Windows. - Also tested on WSL - Ubuntu 22.04.2 LTS (GNU/Linux 5.15.133.1-microsoft-standard-WSL2 x86_64) on Windows 11 @ x86-64. - Linux wasn't tested directly, but should work, at least on x86-64 CPUs. +## Security + +- [cargo audit](https://github.com/rustsec/rustsec/blob/main/cargo-audit/README.md) is supported, + as well as its GitHub action, [audit-check](https://github.com/rustsec/audit-check). +- [cargo deny](https://embarkstudios.github.io/cargo-deny/) is supported, + as well as its GitHub action, [cargo-deny-action](https://github.com/EmbarkStudios/cargo-deny-action). + +## Development + +### Pre-commit + +[pre-commit](https://pre-commit.com/) hooks are supported. + +```shell +$ pip install pre-commit +$ pre-commit install +$ pre-commit run # For manual running; considers only modified files +$ pre-commit run --all-files # For manual running; considers all files +``` + +After installing it, the provided [pre-commit hook](.pre-commit-config.yaml) will run automatically on `git commit`. + ## Running the Application Executable files for Windows, macOS and Linux can be downloaded from the [Releases](https://github.com/ivanbgd/reduce-image-size-rust/releases) page of the repository. From 0a84897447a0c47a4233314cf72eff7296aa0657 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Mon, 29 Sep 2025 00:14:28 +0200 Subject: [PATCH 37/41] Update README.md --- README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 5322268..e92f907 100644 --- a/README.md +++ b/README.md @@ -80,13 +80,14 @@ The file paths in the examples are for Windows. [pre-commit](https://pre-commit.com/) hooks are supported. ```shell -$ pip install pre-commit -$ pre-commit install -$ pre-commit run # For manual running; considers only modified files -$ pre-commit run --all-files # For manual running; considers all files +$ pip install pre-commit # If you don't already have pre-commit installed on your machine. Run once. +$ pre-commit install # Sets up the pre-commit git hook script for the repository. Run once. +$ pre-commit install --hook-type pre-push # Sets up the pre-push git hook script for the repository. Run once. +$ pre-commit run # For manual running; considers only modified files. +$ pre-commit run --all-files # For manual running; considers all files. ``` -After installing it, the provided [pre-commit hook](.pre-commit-config.yaml) will run automatically on `git commit`. +After installing it, the provided [pre-commit hook(s)](.pre-commit-config.yaml) will run automatically on `git commit`. ## Running the Application Executable files for Windows, macOS and Linux can be downloaded from From 72689d63d58c7fce57c1e42967140cd3cba30a09 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Mon, 29 Sep 2025 00:58:29 +0200 Subject: [PATCH 38/41] Update README.md --- CHANGELOG.md | 2 +- README.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d922077..f81c59d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,7 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - GitHub action `audit.yml`, with `audit-check` and `cargo-deny-action` actions - `audit.toml` for local and CI `cargo audit` configuration - `deny.toml` for local and CI `cargo deny` configuration -- Pre-commit hook, `.pre-commit-config.yaml` +- Pre-commit hooks, `.pre-commit-config.yaml` ### Changed - Updated several dependencies to newer versions. diff --git a/README.md b/README.md index e92f907..57280fb 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ [![docs.rs](https://docs.rs/reduce_image_size/badge.svg)](https://docs.rs/reduce_image_size/) [![CI](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml/badge.svg)](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/ci.yml) [![Security audit](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/audit.yml/badge.svg)](https://github.com/ivanbgd/reduce-image-size-rust/actions/workflows/audit.yml) +[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit)](https://github.com/pre-commit/pre-commit) ## Description Reduces size of images in a folder (and optionally sub-folders, recursively). From 115eeea736934faeea660548461d4c8c41a878b4 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Mon, 29 Sep 2025 01:13:04 +0200 Subject: [PATCH 39/41] Update README.md & hooks --- .pre-commit-config.yaml | 2 +- README.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 51ee27d..93aec91 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -40,7 +40,7 @@ repos: args: ["--all-features", "check"] - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.2.0 + rev: v6.0.0 hooks: - id: check-added-large-files - id: check-yaml diff --git a/README.md b/README.md index 57280fb..4f7ac30 100644 --- a/README.md +++ b/README.md @@ -82,6 +82,7 @@ The file paths in the examples are for Windows. ```shell $ pip install pre-commit # If you don't already have pre-commit installed on your machine. Run once. +$ pre-commit autoupdate # Update hook repositories to the latest versions. $ pre-commit install # Sets up the pre-commit git hook script for the repository. Run once. $ pre-commit install --hook-type pre-push # Sets up the pre-push git hook script for the repository. Run once. $ pre-commit run # For manual running; considers only modified files. From 2a4cfa7c650b7e84c1f41d11fed0f7a2a1e42921 Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Tue, 30 Sep 2025 21:16:47 +0200 Subject: [PATCH 40/41] Add `audit.yml` GitHub action, modify `ci.yml`, add `.pre-commit-config.yaml` --- .github/workflows/audit.yml | 8 ++++++-- .github/workflows/ci.yml | 4 +--- .pre-commit-config.yaml | 1 - CHANGELOG.md | 3 ++- Cargo.toml | 4 ++-- 5 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index f118274..bed6659 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -1,13 +1,17 @@ name: Security audit on: - # schedule: - # - cron: "0 0 * * *" push: paths: - "**/Cargo.lock" - "**/Cargo.toml" - "**/deny.toml" + pull_request: + types: [ opened, reopened, synchronize ] + branches: + - main + # schedule: + # - cron: "0 0 * * *" jobs: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2d0602f..7083a28 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,9 +3,7 @@ name: CI on: push: branches: - - "*" - tags: - - "*" + - main pull_request: types: [ opened, reopened, synchronize ] branches: diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 93aec91..f8e306e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -45,4 +45,3 @@ repos: - id: check-added-large-files - id: check-yaml - id: end-of-file-fixer - # - id: trailing-whitespace diff --git a/CHANGELOG.md b/CHANGELOG.md index f81c59d..18e46d6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Some form of concurrent execution, but this might not be necessary as some dependencies already use `rayon` and `crossbeam`. -## [0.2.4] - 2025-09-28 +## [0.2.4] - 2025-09-30 ### Added @@ -22,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed - Updated several dependencies to newer versions. - `cargo audit` found a security vulnerability in a dependency (that version has been yanked). +- The build process for the release profile now uses the LTO optimization. ## [0.2.3] - 2024-07-10 diff --git a/Cargo.toml b/Cargo.toml index 276d773..698336c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -32,5 +32,5 @@ opt-level = 3 [profile.release] strip = "symbols" -#lto = "fat" -#codegen-units = 1 +lto = "fat" +codegen-units = 1 From 6517e8cf273dda7b889647d9ebd32a4e2769723d Mon Sep 17 00:00:00 2001 From: Ivan Lazarevic <24551171+ivanbgd@users.noreply.github.com> Date: Tue, 30 Sep 2025 21:21:04 +0200 Subject: [PATCH 41/41] Add `audit.yml` GitHub action, modify `ci.yml`, add `.pre-commit-config.yaml` --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7083a28..f54723f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,7 +3,7 @@ name: CI on: push: branches: - - main + - "*" pull_request: types: [ opened, reopened, synchronize ] branches: