From 3c57aec9327d7e13fe8553f3dfb493ee0253ceb7 Mon Sep 17 00:00:00 2001
From: ursisterbtw <ursisterbtw@gmail.com>
Date: Mon, 9 Dec 2024 02:43:09 +0000
Subject: [PATCH] Refactor GitHub Actions workflows for improved readability
 and maintainability

---
 .github/workflows/python.yml      |  7 +++++--
 .github/workflows/rust-clippy.yml | 10 +++++-----
 .github/workflows/rust.yml        |  8 +++++---
 .gitignore                        |  1 +
 4 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml
index ce24213..35a9ea4 100644
--- a/.github/workflows/python.yml
+++ b/.github/workflows/python.yml
@@ -1,10 +1,13 @@
 name: Python CI
 
+permissions:
+  contents: read
+
 on:
   push:
-    branches: ["master"]
+    branches: [master]
   pull_request:
-    branches: ["master"]
+    branches: [master]
 
 jobs:
   test:
diff --git a/.github/workflows/rust-clippy.yml b/.github/workflows/rust-clippy.yml
index 9cef187..75f7409 100644
--- a/.github/workflows/rust-clippy.yml
+++ b/.github/workflows/rust-clippy.yml
@@ -2,21 +2,21 @@ name: rust-clippy analyze
 
 on:
   push:
-    branches: ["master"]
+    branches: [master]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: ["master"]
+    branches: [master]
   schedule:
-    - cron: "39 12 * * 4"
+    - cron: 39 12 * * 4
+
+permissions: read-all
 
 jobs:
   rust-clippy-analyze:
     name: Run rust-clippy analyzing
     runs-on: ubuntu-latest
     permissions:
-      contents: read
       security-events: write
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index 6e22821..24336db 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -1,10 +1,12 @@
 name: Rust CI
 
+permissions: read-all
+
 on:
   push:
-    branches: ["master"]
+    branches: [master]
   pull_request:
-    branches: ["master"]
+    branches: [master]
 
 env:
   CARGO_TERM_COLOR: always
@@ -15,7 +17,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Cache Cargo registry
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ~/.cargo/registry
           key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
diff --git a/.gitignore b/.gitignore
index 818d332..ffc1174 100644
--- a/.gitignore
+++ b/.gitignore
@@ -32,5 +32,6 @@ secrets
 *.log
 **/gen/*.json
 .build-metrics.db
+.trunk
 # Temp Ignore