diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index ac38313..58ef13a 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,2 +1,2 @@ * @init4tech/engineering -.github/workflows @rswanson \ No newline at end of file +.github/workflows @init4tech/devops diff --git a/.github/workflows/rust-audit-security.yml b/.github/workflows/rust-audit-security.yml new file mode 100644 index 0000000..9730513 --- /dev/null +++ b/.github/workflows/rust-audit-security.yml @@ -0,0 +1,19 @@ +name: Security Audit +# This workflow uses rustsec/audit-check to check for security vulnerabilities +# On scheduled runs: automatically creates GitHub issues for findings +# On push/PR: creates status checks that fail when vulnerabilities are found + +on: + schedule: + # Run daily at 09:00 UTC + - cron: '0 9 * * *' + workflow_dispatch: # Allow manual runs + +permissions: # these permissions are required for the workflow to run + contents: read # Required to checkout the repository + issues: write # Required to create issues (scheduled runs) + checks: write # Required to create status checks (push/PR) + +jobs: + security-audit: + uses: init4tech/actions/.github/workflows/rust-audit-security.yml@main diff --git a/src/sys/txn_manager.rs b/src/sys/txn_manager.rs index 9da4533..d9b120b 100644 --- a/src/sys/txn_manager.rs +++ b/src/sys/txn_manager.rs @@ -42,7 +42,7 @@ pub(crate) struct Commit { pub(crate) span: tracing::Span, } -/// Messages sent to the [`TxnManager`]. +/// Messages sent to the [`LifecycleHandle`]. pub(crate) enum LifecycleEvent { Begin(Begin), Abort(Abort), @@ -99,7 +99,7 @@ pub(crate) struct RwSyncLifecycle { } impl RwSyncLifecycle { - /// Creates a new [`TxnManager`], spawns a background task, returns + /// Creates a new [`LifecycleHandle`], spawns a background task, returns /// a sender to communicate with it. pub(crate) fn spawn(env: EnvPtr) -> LifecycleHandle { let (tx, rx) = sync_channel(0); @@ -133,12 +133,12 @@ impl RwSyncLifecycle { sender.send(mdbx_result(unsafe { ffi::mdbx_txn_commit_ex(tx.0, latency.0) })).unwrap(); } - /// Spawns a new [`std::thread`] that listens to incoming [`RwSyncLifecycle::Message`] messages, + /// Spawns a new [`std::thread`] that listens to incoming [`LifecycleEvent`] messages, /// executes an FFI function, and returns the result on the provided channel. /// - /// - [`RwSyncLifecycle::Message::Begin`] opens a new transaction with [`ffi::mdbx_txn_begin_ex`] - /// - [`RwSyncLifecycle::Message::Abort`] aborts a transaction with [`ffi::mdbx_txn_abort`] - /// - [`RwSyncLifecycle::Message::Commit`] commits a transaction with [`ffi::mdbx_txn_commit_ex`] + /// - [`LifecycleEvent::Begin`] opens a new transaction with [`ffi::mdbx_txn_begin_ex`] + /// - [`LifecycleEvent::Abort`] aborts a transaction with [`ffi::mdbx_txn_abort`] + /// - [`LifecycleEvent::Commit`] commits a transaction with [`ffi::mdbx_txn_commit_ex`] fn start_message_listener(self) { let task = move || { loop { diff --git a/src/tx/iter/dupfixed_key.rs b/src/tx/iter/dupfixed_key.rs index cf48e5b..92149bb 100644 --- a/src/tx/iter/dupfixed_key.rs +++ b/src/tx/iter/dupfixed_key.rs @@ -135,7 +135,7 @@ where /// Fetch the next page of values for the current key. /// /// Unlike - /// [`IterDupFixed::fetch_next_page`](crate::tx::aliases::IterDupFixed), + /// [`IterDupFixed::fetch_next_page`](super::IterDupFixed), /// this does NOT move to the next key when pages are exhausted. It simply /// returns `Ok(false)` to signal exhaustion. ///