Add contributor docs and CI#6
Conversation
📝 WalkthroughWalkthroughThis PR establishes project infrastructure by introducing a GitHub Actions CI pipeline, contribution guidelines, and expanded README documentation. It automates code quality checks (formatting, linting, tests) and provides comprehensive guidance for local development, getting started, troubleshooting, and contributing to the iii-code CLI. ChangesProject Setup and Contribution Infrastructure
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/ci.yml:
- Around line 3-16: Add a top-level permissions block to the workflow (at the
same level as on, env, jobs) to restrict the token to least privilege — e.g.,
add permissions: contents: read — so the job (jobs -> rust) only receives read
access; ensure no job-level overrides grant broader rights.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: cb3f1275-d92b-4698-a599-1ef3d04961fd
📒 Files selected for processing (3)
.github/workflows/ci.ymlCONTRIBUTING.mdREADME.md
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
|
|
||
| env: | ||
| CARGO_TERM_COLOR: always | ||
|
|
||
| jobs: | ||
| rust: | ||
| name: Rust | ||
| runs-on: ubuntu-latest | ||
|
|
There was a problem hiding this comment.
Set explicit workflow token permissions (least privilege).
Add top-level permissions so this job only gets read access it needs; this reduces CI token blast radius if an action/step is compromised.
Suggested change
name: CI
on:
push:
branches:
- main
pull_request:
+permissions:
+ contents: read
+
env:
CARGO_TERM_COLOR: always📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| rust: | |
| name: Rust | |
| runs-on: ubuntu-latest | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| permissions: | |
| contents: read | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| rust: | |
| name: Rust | |
| runs-on: ubuntu-latest | |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/workflows/ci.yml around lines 3 - 16, Add a top-level permissions
block to the workflow (at the same level as on, env, jobs) to restrict the token
to least privilege — e.g., add permissions: contents: read — so the job (jobs ->
rust) only receives read access; ensure no job-level overrides grant broader
rights.
1 participant
Summary
Validation
Ignored smoke tests were not run because they require a running iii engine, installed workers, and provider credentials.
Summary by CodeRabbit
Documentation
Chores