chore(ci): Go tests + dart format + YAML lint + permission lockdown#18
Merged
Conversation
…k down permissions The PR-check workflow only ran Flutter analyze + test. Three gaps: * `go/` has 4 test files (api safety, panic recovery, u2fhid dedup) that never ran in CI — a regression in the BLE dedup or panic-recovery logic would land green. Added a `go` job that runs `go vet` and `go test -race`, matching the pattern bitbox-testkit uses. * `dart format` was never enforced. Two source files (the USB plugin glue) had drifted out of the canonical layout; formatted them once and added `dart format --set-exit-if-changed` to the Flutter job so it stays consistent. * No YAML lint on the workflows themselves — a typo in any of the three workflow files would only surface on the next run. Added the same `yaml.safe_load`-on-every-file job that bitbox-testkit ships. Also dropped the workflow to `permissions: contents: read` (default implicit perms were write-on-everything).
`flutter analyze` covers the example app's Dart sources (lib + tests), but the format gate only checked the plugin's own lib + test. Three files in example/ had drifted; reformat them once and widen the format check so the two coverage scopes stay aligned. Also drops the explicit step name on the format command — matches the single-line `- run:` style the rest of the workflow uses.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes three CI gaps the existing PR-check workflow had:
go/api/safety_test.go,go/api/recover_panic_test.go,go/u2fhid/u2fhid_dedup_test.go,go/u2fhid/dedup_logic_test.go— four test files that would have caught a regression in the BLE dedup or panic-recovery logic, none of them ever invoked. Now run in agojob (go vet,go test -race -timeout 60s ./...).dart formatwasn't enforced. Five files acrosslib/usb/andexample/had drifted; reformatted them once and addeddart format --set-exit-if-changedcovering the same scopeflutter analyzealready touches (lib test example/lib example/test).yaml.safe_load-every-file job bitbox-testkit ships, so a typo in any of the three workflows fails fast.Plus
permissions: contents: readto drop default write-on-everything.Local validation
dart format --set-exit-if-changed --output=none lib test example/lib example/testflutter analyze --no-fatal-infosavoid_printinexample/lib/main.dartand USB stubs — unchanged)flutter test(cd go && go vet ./...)(cd go && go test -race -timeout 60s ./...).github/**/*.y*mlWhat this PR does NOT do
--no-fatal-infos→--fatal-infos. The 15avoid_printinfos are in demo / temporary USB-stub code; promoting them to errors would block this PR for a separate concern.github.com/konstantinullrich/bitbox_flutter). That rename is invasive (changes imports) and lands as its own PR (chore: rename Go module path to github.com/DFXswiss/bitbox_flutter #19).