Add ./harness quality contract + CI coverage gate#92
Open
juangaitanv wants to merge 5 commits into
Open
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Zero-dep bash runner (check/fix/lint/test/audit/coverage/pre-commit/ci/ post-edit/setup-hooks/suppressions/install) wrapping cargo + git. ./harness ci is the single source of truth for the strict gate: clippy -D warnings, fmt check, cargo audit, and cargo-llvm-cov tests with a --fail-under-lines floor (13% baseline, will ratchet up as more code ships with tests). GitHub Actions test.yml runs the same gate so cloud CI matches local. AGENTS.md documents the commands. CLAUDE.md and .claude/ are gitignored so personal agent configs stay local.
Reformats per rustfmt and applies clippy lints (needless_return,
collapsible_if, eq_ignore_ascii_case, double_ended_iterator_last,
print_with_newline, contains_key, needless_late_init,
useless_format/vec, borrowed_box, etc.) so ./harness ci's strict
clippy gate passes.
Adds unit tests for utils::api::{is_jwt, auth_headers,
check_for_warnings} so the coverage gate isn't sitting on 0%.
Pure refactor + tests: no behavior change.
juangaitanv
force-pushed
the
chunk1/harness
branch
from
20962bd to
915dce2
Compare
…able Pre-commit now mirrors CI (strict clippy + fmt --check + tests) instead of running autofix, which could rewrite the working tree behind the commit. Drops the unimplemented `install` from harness docs. Extracts `should_warn_deprecated` from `check_for_warnings` so the 299 deprecation contract is covered by tests; deleting the branch now fails the suite.
4 tasks
leenk7991
approved these changes
Jun 3, 2026
Resolve conflicts from #94 (network-error retry) vs the harness branch: - src/scan.rs: keep main's retry_on_network_error wrapping around all four uploads (file/scan-chunk/scan/git-config); apply branch rustfmt. - src/utils/api.rs: union merge — keep both should_warn_deprecated + JWT/auth/deprecation tests (branch) and retry_on_network_error + backoff consts + retry tests (main). - src/authorize.rs: .err().expect() -> .expect_err() so main's new bind-error test passes the branch's strict clippy gate (-D warnings). Validated: cargo build, clippy -D warnings, fmt --check, 21 tests pass.
Replace all eprintln! diagnostics with log macros routed through env_logger, and reroute the homegrown debug() wrapper to log::debug!. User-facing stdout (println!/print!) and the terminal TUI are left untouched. - Add log + env_logger; init logger in main(), bridging CORGEA_DEBUG (env/config) and RUST_LOG to the level, message-only format so CLI errors/warnings read exactly as before. - Map eprintln! by severity: error! for genuine failures, warn! for recoverable/advisory paths (retries, fallbacks, best-effort uploads, deprecation notices), info! for the "no issues found" completion. - debug() now delegates to log::debug!, dropping the per-call Config::load() (filesystem read + TOML parse) it ran on every call. Tally: 82 error!, 18 warn!, 1 info!; 109 print(ln)! preserved.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
First slice of the large dependency-freshness branch. Lands the project's quality tooling so chunks 2 (deps offline) and 3 (deps online/CVE) inherit a working gate.
./harnessscript (check/fix/lint/test/audit/coverage/pre-commit/ci/post-edit/setup-hooks/suppressions/install) — zero-dep bash wrapper over cargo + git../harness cistrict gate: clippy-D warnings, fmt check,cargo audit, tests +cargo-llvm-covline-coverage gate.test.ymlrouted through./harness ciso cloud CI and local CI run the same gate.AGENTS.mddocuments the commands.CLAUDE.mdand.claude/are gitignored — agent-specific configs stay local.utils/api.rsunit tests (is_jwt,auth_headers,check_for_warnings) — additions to existing code so the coverage floor isn't sitting on 0%.cargo fmt+ clippy auto-fix sweep across existingsrc/so the strict clippy gate holds.Coverage floor
The original branch calibrated 41% against a much larger codebase (deps + CVE). On main + harness alone the baseline is 13.83% lines, so the floor is set to 13%. It will ratchet up as chunks 2/3 land with their tests.
Out of scope (in later chunks)
corgea depssubcommand (inventory + freshness + precheck) → chunk 2corgea deps verify --check-cve+ vuln-api client + dogfood workflow → chunk 3Test plan
Testworkflow green on the PR (clippy strict, fmt, audit, tests + 13% coverage)./harness cipasses on a fresh clone./harness coveragereports HTML undertarget/llvm-cov/html/claudereferences in tracked files (git grep -i claudereturns only.gitignoreentries)