lintcheck: run clippy on transitive dependencies

.cargo/config.toml

@@ -11,3 +11,4 @@ target-dir = "target"
 
 [unstable]
 binary-dep-depinfo = true
+bindeps = true

lintcheck/Cargo.toml

@@ -11,15 +11,10 @@ publish = false
 
 [dependencies]
 clap = "2.33"
-flate2 = "1.0"
-fs_extra = "1.2"
-rayon = "1.5.1"
+regex = "1.5.5"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
-tar = "0.4"
 toml = "0.5"
-ureq = "2.2"
-walkdir = "2.3"
 
 [features]
 deny-warnings = []

lintcheck/README.md

@@ -1,8 +1,9 @@
 ## `cargo lintcheck`
 
 Runs clippy on a fixed set of crates read from
-`lintcheck/lintcheck_crates.toml` and saves logs of the lint warnings into the
-repo.  We can then check the diff and spot new or disappearing warnings.
+[`lintcheck/lintcheck_crates/Cargo.toml`] and saves logs of the lint warnings
+into the repo.  We can then check the diff and spot new or disappearing
+warnings.
 
 From the repo root, run:
 
@@ -19,59 +20,19 @@ cargo lintcheck
 By default the logs will be saved into
 `lintcheck-logs/lintcheck_crates_logs.txt`.
 
-You can set a custom sources.toml by adding `--crates-toml custom.toml` or using
-`LINTCHECK_TOML="custom.toml"` where `custom.toml` must be a relative path from
-the repo root.
+You can set a custom sources Cargo.toml by adding
+`--crates-toml custom/Cargo.toml` or using `LINTCHECK_TOML="custom/Cargo.toml"`.
 
 The results will then be saved to `lintcheck-logs/custom_logs.toml`.
 
 ### Configuring the Crate Sources
 
-The sources to check are saved in a `toml` file. There are three types of
-sources.
+The sources to check are saved in a `Cargo.toml` file. Currently only crates.io
+dependencies are linted. Packages can be made optional to support `--package`
+selection, otherwise they will always be checked.
 
-1. Crates-io Source
+A list of crates that clippy should not run on can be provided through
+`package.metadata.lintcheck.ignore`. See 
+[`lintcheck/lintcheck_crates/Cargo.toml`] for an example.
 
-   ```toml
-   bitflags = {name = "bitflags", versions = ['1.2.1']}
-   ```
-   Requires a "name" and one or multiple "versions" to be checked.
-
-2. `git` Source
-   ````toml
-   puffin = {name = "puffin", git_url = "https://github.com/EmbarkStudios/puffin", git_hash = "02dd4a3"}
-   ````
-   Requires a name, the url to the repo and unique identifier of a commit,
-   branch or tag which is checked out before linting.  There is no way to always
-   check `HEAD` because that would lead to changing lint-results as the repo
-   would get updated.  If `git_url` or `git_hash` is missing, an error will be
-   thrown.
-
-3. Local Dependency
-   ```toml
-   clippy = {name = "clippy", path = "/home/user/clippy"}
-   ```
-   For when you want to add a repository that is not published yet.
-
-#### Command Line Options (optional)
-
-```toml
-bitflags = {name = "bitflags", versions = ['1.2.1'], options = ['-Wclippy::pedantic', '-Wclippy::cargo']}
-```
-
-It is possible to specify command line options for each crate. This makes it
-possible to only check a crate for certain lint groups. If no options are
-specified, the lint groups `clippy::all`, `clippy::pedantic`, and
-`clippy::cargo` are checked. If an empty array is specified only `clippy::all`
-is checked.
-
-**Note:** `-Wclippy::all` is always enabled by default, unless `-Aclippy::all`
-is explicitly specified in the options.
-
-### Fix mode
-You can run `./lintcheck/target/debug/lintcheck --fix` which will run Clippy with `--fix` and
-print a warning if Clippys suggestions fail to apply (if the resulting code does not build).  
-This lets us spot bad suggestions or false positives automatically in some cases.  
-
-Please note that the target dir should be cleaned afterwards since clippy will modify
-the downloaded sources which can lead to unexpected results when running lintcheck again afterwards.
+[`lintcheck/lintcheck_crates/Cargo.toml`]: ./lintcheck_crates/Cargo.toml

lintcheck/lintcheck_crates/Cargo.toml

@@ -0,0 +1,49 @@
+[package]
+name = "lintcheck_crates"
+version = "0.0.1"
+edition = "2021"
+publish = false
+
+[dependencies]
+anyhow = { version = "1.0.56", optional = true }
+async-trait = { version = "0.1.53", optional = true }
+bitflags = { version = "1.3.2", optional = true }
+cargo = { version = "0.61.0", optional = true }
+cfg-expr = { version = "0.10.2", optional = true }
+cxx = { version = "1.0.66", optional = true }
+iron = { version = "0.6.1", optional = true }
+libc = { version = "0.2.122", optional = true }
+log = { version = "0.4.16", optional = true }
+proc-macro2 = { version = "1.0.37", optional = true }
+puffin = { version = "0.13.1", optional = true }
+quote = { version = "1.0.18", optional = true }
+rand = { version = "0.8.5", optional = true }
+rand_core = { version = "0.6.3", optional = true }
+rayon = { version = "1.5.1", optional = true }
+regex = { version = "1.5.5", optional = true }
+ripgrep = { version = "13.0.0", optional = true, artifact = "bin" }
+rpmalloc = { version = "0.2.2", optional = true }
+ryu = { version = "1.0.9", optional = true }
+serde = { version = "1.0.136", optional = true }
+serde_yaml = { version = "0.8.23", optional = true }
+syn = { version = "1.0.91", optional = true }
+tame-oidc = { version = "0.4.0", optional = true }
+thiserror = { version = "1.0.30", optional = true }
+unicode-xid = { version = "0.2.2", optional = true }
+xsv = { version = "0.13.0", optional = true, artifact = "bin" }
+
+[package.metadata.lintcheck]
+ignore = [
+    # crates with native build stuff are way slower under clippy for some reason
+    "*-sys",
+    "ring",
+    "winapi",
+    # old dependency with an unnormalized Cargo.toml that contains a `path =` dependency
+    "commoncrypto",
+    # Not many lints but slow under clippy
+    "combine",
+    # 258315 occurrences of clippy::match_same_arms
+    "unicode-normalization",
+    # 8210 occurrences of clippy::unreadable_literal
+    "crc32fast",
+]