From ce0419d30deee11cb66327316349a09ea502090c Mon Sep 17 00:00:00 2001
From: Lucien Cartier-Tilet <lucien@phundrak.com>
Date: Sat, 6 Jun 2026 15:32:33 +0200
Subject: [PATCH] chore(ci): add linting, formatting check, and auditing

---
 .github/workflows/action.yml | 16 ++++++++++++++--
 justfile                     |  4 ++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/action.yml b/.github/workflows/action.yml
index 913e79b..b1b79af 100644
--- a/.github/workflows/action.yml
+++ b/.github/workflows/action.yml
@@ -40,9 +40,21 @@ jobs:
           authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
           skipPush: ${{ github.event_name == 'pull_request' }}
 
+      - name: Format Check
+        shell: bash -c "nix develop --no-pure-eval --accept-flake-config --command {0}"
+        run: just format-check
+
+      - name: Audit
+        shell: bash -c "nix develop --no-pure-eval --accept-flake-config --command {0}"
+        run: just audit
+
+      - name: Lint
+        shell: bash -c "nix develop --no-pure-eval --accept-flake-config --command {0}"
+        run: just lint-report
+
       - name: Coverage
-        run: |
-            nix develop --no-pure-eval --accept-flake-config --command just coverage
+        shell: bash -c "nix develop --no-pure-eval --accept-flake-config --command {0}"
+        run: just coverage-ci
 
       - name: Sonar analysis
         uses: SonarSource/sonarqube-scan-action@v6
diff --git a/justfile b/justfile
index 3bf3a14..bf0106c 100644
--- a/justfile
+++ b/justfile
@@ -24,6 +24,10 @@ build-release:
 lint:
 	cargo clippy --all-targets
 
+lint-report:
+	mkdir -p coverage
+	cargo clippy --all-targets --features test-utils --message-format=json > coverage/clippy.json 2> /dev/null
+
 release-build:
 	cargo build --release