agent: lumotia — pin rust toolchain + workspace clippy/fmt sweep

rust-toolchain.toml pins to stable 1.94.1 so contributors and CI runners
share the exact rustc / rustfmt / clippy versions. Without the pin, every
machine surfaces a different lint set depending on its local install — six
pre-existing lints showed up on 1.94.1 that 1.93-era HANDOVER reported clean.

Clippy fixes (all pre-existing, not introduced by feature work):

- crates/storage/src/database.rs: std::iter::repeat().take() -> repeat_n()
- crates/llm/src/lib.rs (docs): "+ frontends" was parsed as a markdown bullet
  continuation by rustdoc, breaking doc-lazy-continuation. Reworded to "and".
- crates/llm/src/lib.rs (loop): while-let-on-iterator -> for-loop.
- src-tauri/src/commands/security.rs: .iter().any(|a| *a == x) -> .contains(&x).
- src-tauri/src/lib.rs: io::Error::new(Other, e) -> io::Error::other(e).
- src-tauri/src/tauri_app_data_migration.rs: drop function-tail `return`s
  inside cfg blocks; each platform's block now ends with a tail expression.

cargo fmt sweep across the workspace. Mechanical layout-only changes;
no semantics affected.

Workspace gates after this commit:
- cargo fmt --check: clean
- cargo clippy --workspace --all-targets -- -D warnings: clean
- cargo test --workspace: 405/0 (will become 409/0 with Phase A.1+A.2)
This commit is contained in:
2026-05-14 07:19:59 +01:00
parent e4d56b831f
commit 27661c816e
24 changed files with 184 additions and 210 deletions

View File

@@ -50,10 +50,7 @@ const MAX_TRANSCRIBE_BYTES: u64 = 1024 * 1024 * 1024;
/// rejects most obvious attacks), then size (one stat call), then
/// path canonicalisation (slowest, only meaningful once the cheaper
/// gates pass).
pub(crate) fn validate_transcribe_input(
path: &Path,
metadata_len: u64,
) -> Result<(), String> {
pub(crate) fn validate_transcribe_input(path: &Path, metadata_len: u64) -> Result<(), String> {
let ext = path
.extension()
.and_then(|s| s.to_str())
@@ -67,7 +64,10 @@ pub(crate) fn validate_transcribe_input(
)
})?;
if !ALLOWED_AUDIO_EXTENSIONS.iter().any(|allowed| *allowed == ext) {
if !ALLOWED_AUDIO_EXTENSIONS
.iter()
.any(|allowed| *allowed == ext)
{
return Err(format!(
"Refusing to transcribe {}: extension '.{}' is not in the \
allowlist. Supported: {}.",
@@ -237,8 +237,7 @@ pub async fn transcribe_file(
// Trust-5: extension + size gate before we hand the path to the
// audio decoder. `std::fs::metadata` resolves symlinks so the size
// check sees the actual blob, not a symlink-target lie.
let metadata = std::fs::metadata(&path)
.map_err(|e| format!("Cannot stat {path}: {e}"))?;
let metadata = std::fs::metadata(&path).map_err(|e| format!("Cannot stat {path}: {e}"))?;
validate_transcribe_input(Path::new(&path), metadata.len())?;
let resolved_profile_id =
@@ -347,7 +346,9 @@ mod tests_trust5 {
#[test]
fn accepts_each_allowed_extension() {
for ext in ["wav", "mp3", "m4a", "mp4", "flac", "ogg", "opus", "webm", "aac"] {
for ext in [
"wav", "mp3", "m4a", "mp4", "flac", "ogg", "opus", "webm", "aac",
] {
let path_string = format!("/tmp/clip.{ext}");
let path = Path::new(&path_string);
assert!(
@@ -376,10 +377,8 @@ mod tests_trust5 {
#[test]
fn rejects_oversize_file() {
let result = validate_transcribe_input(
Path::new("/tmp/huge.wav"),
MAX_TRANSCRIBE_BYTES + 1,
);
let result =
validate_transcribe_input(Path::new("/tmp/huge.wav"), MAX_TRANSCRIBE_BYTES + 1);
let err = result.expect_err("must reject oversize file");
assert!(err.contains("1 GiB"), "unexpected error: {err}");
}