diff --git a/.github/workflows/cflite_batch.yml b/.github/workflows/cflite_batch.yml index ed366dc..41ee0be 100644 --- a/.github/workflows/cflite_batch.yml +++ b/.github/workflows/cflite_batch.yml @@ -4,7 +4,9 @@ on: schedule: - cron: '0 3 * * 1' # Weekly on Monday at 03:00 UTC -permissions: read-all +permissions: + contents: read + security-events: write jobs: BatchFuzzing: @@ -17,14 +19,14 @@ jobs: steps: - name: Build Fuzzers (${{ matrix.sanitizer }}) id: build - uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + uses: google/clusterfuzzlite/actions/build_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1 with: language: rust sanitizer: ${{ matrix.sanitizer }} - name: Run Fuzzers (${{ matrix.sanitizer }}) id: run - uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + uses: google/clusterfuzzlite/actions/run_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1 with: github-token: ${{ secrets.GITHUB_TOKEN }} fuzz-seconds: 3600 diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml index 78b99e3..81a6015 100644 --- a/.github/workflows/cflite_pr.yml +++ b/.github/workflows/cflite_pr.yml @@ -5,7 +5,9 @@ on: branches: - main -permissions: read-all +permissions: + contents: read + security-events: write jobs: PR: @@ -21,7 +23,7 @@ jobs: steps: - name: Build Fuzzers (${{ matrix.sanitizer }}) id: build - uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + uses: google/clusterfuzzlite/actions/build_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1 with: language: rust github-token: ${{ secrets.GITHUB_TOKEN }} @@ -29,7 +31,7 @@ jobs: - name: Run Fuzzers (${{ matrix.sanitizer }}) id: run - uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + uses: google/clusterfuzzlite/actions/run_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1 with: github-token: ${{ secrets.GITHUB_TOKEN }} fuzz-seconds: 300 diff --git a/Makefile b/Makefile index 9d5e1d0..ebf6d34 100644 --- a/Makefile +++ b/Makefile @@ -708,23 +708,17 @@ fuzz: @echo "🐛 Running fuzz targets (cargo-fuzz required, nightly Rust required)…" @command -v cargo-fuzz >/dev/null 2>&1 || { \ echo "📦 installing cargo-fuzz …"; \ - cargo install cargo-fuzz; \ + cargo install --locked cargo-fuzz; \ } @rustup toolchain list | grep -q nightly || { \ echo "📦 installing nightly toolchain …"; \ rustup toolchain install nightly; \ } @fuzz_seconds=$${FUZZ_SECONDS:-60}; \ - NIGHTLY_PATH="$$HOME/.rustup/toolchains/nightly-$$(rustc -vV | awk '/^host:/{print $$2}')/bin"; \ - if [ ! -d "$$NIGHTLY_PATH" ]; then \ - echo "❌ Nightly toolchain not found at $$NIGHTLY_PATH"; \ - exit 1; \ - fi; \ - export PATH="$$NIGHTLY_PATH:$$PATH"; \ - echo "Using rustc: $$(which rustc) ($$(rustc --version))"; \ + echo "Using nightly rustc: $$(rustup run nightly rustc --version)"; \ for target in fuzz_entropy fuzz_location fuzz_base64 fuzz_span; do \ echo "▶ fuzzing $$target for $${fuzz_seconds}s …"; \ - cargo fuzz run $$target -- \ + cargo +nightly fuzz run $$target -- \ -max_total_time=$${fuzz_seconds} \ -max_len=4096 || { echo "❌ $$target found a crash"; exit 1; }; \ echo "✅ $$target passed"; \ diff --git a/src/reporter.rs b/src/reporter.rs index b01c6df..18bd506 100644 --- a/src/reporter.rs +++ b/src/reporter.rs @@ -601,7 +601,7 @@ impl DetailsReporter { let atime = cmd .committer_timestamp .format(gix::date::time::format::SHORT.clone()) - .unwrap_or_else(|_| cmd.committer_timestamp.seconds.to_string()); + .unwrap_or_else(|_| "".to_string()); let git_metadata = serde_json::json!({ "repository_url": repository_url,