vinzenz/hyperhive
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

clippy: zero pedantic warnings across the tree

Browse source
This commit is contained in:
damocles 2026-05-18 22:09:34 +02:00
parent 690cb5ab5b
commit f9f1346eae
20 changed files with 71 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hive-c0re/src/actions.rs
View file

@ -324,7 +324,7 @@ pub async fn destroy(coord: &Arc<Coordinator>, name: &str, purge: bool) -> Resul
tracing::info!(%name, purge, "destroy");
// Guard auto-clears on the success path's final scope exit and on
// every early-return / cancellation along the way.
let _guard = coord.transient_guard(name, TransientKind::Destroying);
let guard = coord.transient_guard(name, TransientKind::Destroying);
lifecycle::destroy(name).await?;
coord.unregister_agent(name);
let runtime = Coordinator::agent_dir(name);
@ -359,7 +359,7 @@ pub async fn destroy(coord: &Arc<Coordinator>, name: &str, purge: bool) -> Resul
"agent destroyed"
},
);
drop(_guard);
drop(guard);
coord.notify_manager(&HelperEvent::Destroyed {
agent: name.to_owned(),
});

6
hive-c0re/src/agent_server.rs
View file

@ -376,7 +376,11 @@ mod tests {
fn auto_reminder_path_format() {
let p = auto_reminder_path("damocles");
assert!(p.starts_with("/agents/damocles/state/reminders/auto-"));
assert!(p.ends_with(".md"));
assert!(
std::path::Path::new(&p)
.extension()
.is_some_and(|ext| ext.eq_ignore_ascii_case("md"))
);
}
#[test]

3
hive-c0re/src/approvals.rs
View file

@ -168,8 +168,11 @@ impl Approvals {
/// Mark pending -> approved (or fail if not pending). Returns the (now-updated)
/// approval so the caller can run the action and pass the agent name.
#[allow(clippy::type_complexity)]
pub fn mark_approved(&self, id: i64) -> Result<Approval> {
let conn = self.conn.lock().unwrap();
// Row shape: (agent, kind, commit_ref, requested_at, status,
// fetched_sha, description).
let current: Option<(
String,
String,

4
hive-c0re/src/auto_update.rs
View file

@ -63,7 +63,7 @@ pub async fn rebuild_agent(coord: &Arc<Coordinator>, name: &str, current_rev: &s
// lifecycle::rebuild. Dashboard rebuilds already do this via
// lifecycle_action; this catches the auto-update scan + any
// other direct caller.
let _guard = coord.transient_guard(name, crate::coordinator::TransientKind::Rebuilding);
let guard = coord.transient_guard(name, crate::coordinator::TransientKind::Rebuilding);
let result = lifecycle::rebuild(
name,
&coord.hyperhive_flake,
@ -75,7 +75,7 @@ pub async fn rebuild_agent(coord: &Arc<Coordinator>, name: &str, current_rev: &s
&coord.operator_pronouns,
)
.await;
drop(_guard);
drop(guard);
match &result {
Ok(()) => {
if let Err(e) = std::fs::write(rev_marker_path(name), current_rev) {

2
hive-c0re/src/broker.rs
View file

@ -512,7 +512,7 @@ impl Broker {
/// Clear the failure state on a pending reminder so the
/// scheduler picks it up again. No-op when the row is already
/// fresh (attempt_count == 0). Returns the number of rows
/// fresh (`attempt_count == 0`). Returns the number of rows
/// affected so callers can distinguish "retried" from "no
/// such pending reminder" (already delivered, or wrong id).
pub fn reset_reminder_failure(&self, id: i64) -> Result<usize> {

4
hive-c0re/src/coordinator.rs
View file

@ -215,6 +215,7 @@ impl Coordinator {
/// already have an authoritative timestamp from the db update,
/// the tiny skew between "row updated" and "event emitted" is
/// presentation-only and doesn't matter to clients.
#[allow(clippy::too_many_arguments)]
pub fn emit_approval_resolved(
&self,
id: i64,
@ -247,6 +248,7 @@ impl Coordinator {
/// both operator-targeted (`target = None`) and peer-to-peer
/// (`target = Some(agent)`) threads — the dashboard surfaces
/// both, distinguishing visually + offering operator override.
#[allow(clippy::too_many_arguments)]
pub fn emit_question_added(
&self,
id: i64,
@ -318,7 +320,7 @@ impl Coordinator {
/// resolves to — lifecycle ops, destroy, approve (post-spawn),
/// rebuild, meta-update, and the crash-watcher's periodic poll.
/// Cheap when nothing changed (one `nixos-container list` + a
/// HashMap diff + zero emits).
/// `HashMap` diff + zero emits).
pub async fn rescan_containers_and_emit(self: &Arc<Self>) {
let fresh = container_view::build_all(self).await;
let mut last = self.last_containers.lock().await;

15
hive-c0re/src/dashboard.rs
View file

@ -187,7 +187,7 @@ struct StateSnapshot {
meta_inputs: Vec<MetaInputView>,
}
/// OpQuestion + computed `question_refs` / `answer_refs`. Built
/// `OpQuestion` + computed `question_refs` / `answer_refs`. Built
/// from the snapshot read; the live channel attaches the same
/// fields directly on `QuestionAdded` / `QuestionResolved`.
#[derive(Serialize)]
@ -1207,7 +1207,7 @@ pub(crate) fn emit_meta_inputs_snapshot(coord: &Coordinator) {
/// natural-language text but aren't part of the path itself. Any
/// token starting with `/agents/`, `/shared/`, or
/// `/var/lib/hyperhive/{agents,shared}/` is a candidate. The
/// allow-list + is_file check happens via the same
/// allow-list + `is_file` check happens via the same
/// `resolve_state_path` helper the read endpoint uses, so the
/// security rules can't drift.
pub(crate) fn scan_validated_paths(body: &str) -> Vec<String> {
@ -1222,7 +1222,7 @@ pub(crate) fn scan_validated_paths(body: &str) -> Vec<String> {
// Trim trailing natural-language punctuation that wouldn't
// be part of any real path. Inline rather than via a regex
// dep — the set is small and the call is hot.
let token = raw.trim_end_matches(|c: char| matches!(c, ',' | ';' | ':' | ')' | ']' | '}' | '.' | '\'' | '"'));
let token = raw.trim_end_matches([',', ';', ':', ')', ']', '}', '.', '\'', '"']);
if token.is_empty() {
continue;
}
@ -1265,9 +1265,8 @@ async fn get_state_file(
let body_bytes = if truncated { &bytes[..MAX_BYTES] } else { &bytes[..] };
let mut body = String::from_utf8_lossy(body_bytes).into_owned();
if truncated {
body.push_str(&format!(
"\n\n--- truncated at {MAX_BYTES} of {size} bytes ---\n"
));
use std::fmt::Write as _;
let _ = write!(body, "\n\n--- truncated at {MAX_BYTES} of {size} bytes ---\n");
}
([("content-type", "text/plain; charset=utf-8")], body).into_response()
}
@ -1575,9 +1574,9 @@ where
Fut: std::future::Future<Output = anyhow::Result<()>>,
{
let logical = strip_container_prefix(name);
let _guard = state.coord.transient_guard(&logical, kind);
let guard = state.coord.transient_guard(&logical, kind);
let result = body(logical.clone()).await;
drop(_guard);
drop(guard);
match result {
Ok(()) => {
extra(state, &logical);

8
hive-c0re/src/dashboard_events.rs
View file

@ -146,15 +146,15 @@ pub enum DashboardEvent {
/// Clients drop the spinner row.
TransientCleared { seq: u64, name: String },
/// One container row changed — new container appeared (post-spawn
/// finalise), an existing one flipped running/needs_update/sha,
/// etc. Clients upsert by `container.name`. Payload carries the
/// full row so cold-loaded clients and event-driven clients
/// finalise), an existing one flipped `running` / `needs_update` /
/// `sha`, etc. Clients upsert by `container.name`. Payload carries
/// the full row so cold-loaded clients and event-driven clients
/// converge on the same render.
///
/// Fired by `Coordinator::rescan_containers_and_emit`, which diffs
/// a fresh `nixos-container list`derived snapshot against the
/// last one cached on the coordinator. Mutation sites (lifecycle
/// endpoints, actions::destroy / approve, crash_watch's poll loop)
/// endpoints, `actions::destroy` / approve, `crash_watch`'s poll loop)
/// call the rescan after their work lands.
ContainerStateChanged {
seq: u64,

2
hive-c0re/src/forge.rs
View file

@ -165,6 +165,7 @@ async fn ensure_user_exists(name: &str, admin: bool) -> Result<()> {
/// monotonic clock so re-issuing doesn't collide with an existing
/// token of the same name in the DB.
async fn mint_and_persist_token(name: &str, path: &Path) -> Result<()> {
use std::os::unix::fs::PermissionsExt;
let token_name = format!(
"{TOKEN_NAME_PREFIX}-{}",
std::time::SystemTime::now()
@ -190,7 +191,6 @@ async fn mint_and_persist_token(name: &str, path: &Path) -> Result<()> {
}
std::fs::write(path, format!("{token}\n"))
.with_context(|| format!("write token to {}", path.display()))?;
use std::os::unix::fs::PermissionsExt;
let _ = std::fs::set_permissions(path, std::fs::Permissions::from_mode(0o600));
tracing::info!(%name, path = %path.display(), %token_name, "forge: persisted access token");
Ok(())

4
hive-c0re/src/manager_server.rs
View file

@ -234,9 +234,9 @@ async fn dispatch(req: &ManagerRequest, coord: &Arc<Coordinator>) -> ManagerResp
message: "update: hyperhive_flake has no canonical path".into(),
};
};
let _guard = coord.transient_guard(name, crate::coordinator::TransientKind::Rebuilding);
let guard = coord.transient_guard(name, crate::coordinator::TransientKind::Rebuilding);
let result = crate::auto_update::rebuild_agent(coord, name, &current_rev).await;
drop(_guard);
drop(guard);
match result {
Ok(()) => {
coord.kick_agent(name, "container rebuilt");

4
hive-c0re/src/migrate.rs
View file

@ -102,9 +102,9 @@ pub async fn run(coord: &Arc<Coordinator>) -> Result<()> {
// update activation triggers. Without this, crash_watch
// would fire ContainerCrash for every agent here and the
// manager would spuriously try to recover them.
let _guard = coord.transient_guard(name, crate::coordinator::TransientKind::Rebuilding);
let guard = coord.transient_guard(name, crate::coordinator::TransientKind::Rebuilding);
let result = repoint_container(name).await;
drop(_guard);
drop(guard);
if let Err(e) = result {
tracing::warn!(%name, error = ?e, "migration: container repoint failed");
all_ok = false;

3
hive-c0re/src/operator_questions.rs
View file

@ -284,7 +284,8 @@ impl OperatorQuestions {
ORDER BY answered_at DESC
LIMIT ?1",
)?;
let rows = stmt.query_map(params![limit as i64], row_to_question)?;
let limit_i = i64::try_from(limit).unwrap_or(i64::MAX);
let rows = stmt.query_map(params![limit_i], row_to_question)?;
rows.collect::<rusqlite::Result<Vec<_>>>()
.map_err(Into::into)
}