Skip to content

Enumerate tracked Cargo manifests in the Dependabot hygiene test (#413)#414

Draft
leynos wants to merge 1 commit into
mainfrom
fix-mutation-baseline
Draft

Enumerate tracked Cargo manifests in the Dependabot hygiene test (#413)#414
leynos wants to merge 1 commit into
mainfrom
fix-mutation-baseline

Conversation

@leynos

@leynos leynos commented Jul 10, 2026

Copy link
Copy Markdown
Owner

Summary

Closes #413.

The first full mutation run failed its unmutated baseline in every shard because cargo_update_directories_match_manifests walked the file system for Cargo.toml manifests and found the shared mutation workflow's untracked workflow-src/ checkout, which .github/dependabot.yml legitimately does not list.

This branch implements option 1 from the issue: the test now enumerates manifests with git ls-files -z -- '*Cargo.toml', so only tracked manifests participate in the comparison and untracked content (workflow-src, build artefacts, scratch directories) becomes invisible. The test's intent is unchanged: a newly tracked manifest directory missing from .github/dependabot.yml still fails it. When the source tree is not a git checkout — cargo-mutants builds in a scratch copy that omits .git — the test skips the comparison, since tracked-manifest hygiene is meaningless there.

Review walkthrough

  • Start with tracked_cargo_manifest_dirs in tests/dependabot_config_tests.rs: it shells out to git ls-files and maps each tracked manifest's parent directory to Dependabot's POSIX form, returning NotAGitCheckout when the tree has no repository.
  • Then see the call site in tests/dependabot_config_tests.rs, where the non-checkout case skips with a captured notice (wrapped in #[expect(clippy::print_stderr)] with a justification).
  • The directory-walk helpers remain because local_action_manifest_dirs still uses them for the .github/actions scan, which is confined to tracked configuration.

Validation

  • Red check: adding a tracked red_check_crate/Cargo.toml not listed in dependabot.yml makes cargo_update_directories_match_manifests FAIL as intended; reverting restores the pass.
  • Pollution simulation: with an untracked workflow-src/rust-toy-app/Cargo.toml inside the checkout (mirroring the shared workflow's fixtures), the full test file passes.
  • Non-checkout simulation: in a copy of the tree without .git (mirroring the cargo-mutants scratch copy) and with the workflow-src pollution present, the test prints skipping: source tree is not a git checkout and passes.
  • Mutation-baseline verification: cargo test --all-features passes on three consecutive runs (matching the caller's extra-args).
  • Repository gates: make check-fmt, make lint, make typecheck, make test, make test-workflow-contracts, make test-typos-config, make markdownlint, and make nixie all pass locally (the Whitaker Dylint suite is unavailable locally and is exercised in CI).

`cargo_update_directories_match_manifests` walked the file system for
`Cargo.toml` manifests, so untracked content inside the checkout — the
shared mutation workflow's `workflow-src/` fixtures, build artefacts,
scratch directories — leaked into the comparison and failed the
mutation run's unmutated baseline in every shard.

Enumerate manifests with `git ls-files -z -- '*Cargo.toml'` instead:
only tracked manifests count, so untracked pollution is invisible while
a newly tracked manifest missing from `.github/dependabot.yml` still
fails the test. When the source tree is not a git checkout (the scratch
copy cargo-mutants builds in omits `.git`), skip the comparison, as
tracked-manifest hygiene is meaningless there.

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @leynos, you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 813eaa41-2e96-4e94-86b0-c5744300d5f2

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix-mutation-baseline

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Dependabot hygiene test scans untracked files, failing the mutation baseline

1 participant