cargo-rail

- feat(cli): add --ignore-bin-crates to affected/test (#10)
- fix(workspace): invalidate metadata cache on member manifest changes
  (#9)
- feat(unify): support -o/--output in --check mode (#1 for the
  cargo-rail-action)
- ci(release): publish SHA256SUMS and SHA256SUMS.json; drop macOS x86_64

Author: loadingalias

.github/actions/setup/action.yaml

@@ -64,7 +64,7 @@ runs:
         # Shared prefix: stable across commits (invalidates on bump)
         shared-key: "cargo-rail-v1"
 
-        # Workflow and platform-specific suffix: commit-ubuntu-latest, commit-macos-latest, etc.
+        # Workflow and platform-specific suffix: commit-ubuntu-latest, commit-macos-14, etc.
         # Ensures each workflow and platform maintains separate cache
         key: ${{ inputs.cache-key }}
 

.github/workflows/release.yaml

@@ -3,6 +3,8 @@
 # Triggered by pushing a version tag (v0.1.0, v1.0.0, etc.)
 #
 # This workflow builds pre-built binaries and uploads them to GitHub Releases.
+# It also publishes `SHA256SUMS` and `SHA256SUMS.json` so downstream packagers can
+# verify assets without downloading everything just to compute hashes.
 # The version bump, changelog, tagging, and crates.io publish are done locally
 # via `cargo rail release run cargo-rail --bump <version>`.
 #
@@ -130,3 +132,72 @@ jobs:
           tar: all
           zip: windows
           token: ${{ secrets.GITHUB_TOKEN }}
+
+  # ==========================================================================
+  # Job 3: Publish SHA256SUMS for release assets
+  # ==========================================================================
+  publish-checksums:
+    name: Publish SHA256SUMS
+    needs: upload-assets
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Download release assets
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          set -euo pipefail
+
+          # Only include platform archives produced by the release workflow.
+          gh release download "$GITHUB_REF_NAME" --repo "$GITHUB_REPOSITORY" --pattern "cargo-rail-*.tar.*"
+          gh release download "$GITHUB_REF_NAME" --repo "$GITHUB_REPOSITORY" --pattern "cargo-rail-*.zip" || true
+
+          shopt -s nullglob
+          files=(cargo-rail-*.tar.* cargo-rail-*.zip)
+          if [ "${#files[@]}" -eq 0 ]; then
+            echo "No matching release assets found to checksum." >&2
+            exit 1
+          fi
+
+      - name: Generate SHA256SUMS and SHA256SUMS.json
+        run: |
+          set -euo pipefail
+          shopt -s nullglob
+
+          files=(cargo-rail-*.tar.* cargo-rail-*.zip)
+          sha256sum "${files[@]}" | sort -k2 > SHA256SUMS
+
+          python3 - <<'PY'
+          import json
+          import os
+          import pathlib
+          import time
+
+          tag = os.environ.get("GITHUB_REF_NAME", "")
+          lines = pathlib.Path("SHA256SUMS").read_text().splitlines()
+          entries = []
+          for line in lines:
+            line = line.strip()
+            if not line:
+              continue
+            # sha256sum format: "<hash>  <filename>"
+            digest, filename = line.split(maxsplit=1)
+            filename = filename.lstrip("*").strip()
+            entries.append({"file": filename, "sha256": digest})
+
+          payload = {
+            "tool": "cargo-rail",
+            "tag": tag,
+            "generated_at_utc": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()),
+            "entries": entries,
+          }
+          pathlib.Path("SHA256SUMS.json").write_text(json.dumps(payload, indent=2, sort_keys=True) + "\n")
+          PY
+
+      - name: Upload checksum assets to GitHub Release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          set -euo pipefail
+          gh release upload "$GITHUB_REF_NAME" --repo "$GITHUB_REPOSITORY" SHA256SUMS SHA256SUMS.json --clobber

.gitignore

@@ -19,3 +19,5 @@ Thumbs.db
 notes/
 **/demo.cast
 distribution/
+todo.md
+AGENTS.md

docs/commands.md

@@ -86,6 +86,9 @@ Options:
   -a, --all
           Show all workspace crates (ignore changes)
 
+      --ignore-bin-crates
+          Ignore binary-only crates (packages with [[bin]] but no lib target)
+
   -o, --output <PATH>
           Write output to file (appends to existing content)
 
@@ -103,6 +106,7 @@ Examples:
   cargo rail affected --merge-base        # Changes since branch point (CI recommended)
   cargo rail affected --since HEAD~5      # Changes in last 5 commits
   cargo rail affected --from abc --to def # Changes between two SHAs
+  cargo rail affected --ignore-bin-crates # Skip binary-only crates (no lib target)
   cargo rail affected --explain           # Show why each crate is affected
   cargo rail affected -f github-matrix    # Output for GitHub Actions matrix
   cargo rail affected -f names-only       # Just crate names, one per line
@@ -140,6 +144,9 @@ Options:
   -a, --all
           Skip change detection and run all tests
 
+      --ignore-bin-crates
+          Ignore binary-only crates (packages with [[bin]] but no lib target)
+
       --config <PATH>
           Path to rail.toml config file (bypass search order)
 
@@ -162,6 +169,7 @@ Examples:
   cargo rail test                         # Test affected crates
   cargo rail test --merge-base            # Test changes since branch point (CI)
   cargo rail test --all                   # Test all crates
+  cargo rail test --ignore-bin-crates     # Skip binary-only crates (no lib target)
   cargo rail test -- --nocapture          # Pass args to test runner
   cargo rail test --explain               # Show why each crate is tested
 ```
@@ -198,11 +206,6 @@ Options:
           Possible values:
           - text:          Human-readable text output (default)
           - json:          Machine-readable JSON output
-          - names-only:    Names only, one per line
-          - cargo-args:    Cargo -p flag format: -p crate1 -p crate2
-          - github:        GitHub Actions output format for $GITHUB_OUTPUT
-          - github-matrix: GitHub Actions matrix format for strategy.matrix
-          - jsonl:         JSON Lines format (one object per line)
           
           [default: text]
 
@@ -218,6 +221,9 @@ Options:
       --report-path <REPORT_PATH>
           Custom path for the unify report (default: target/cargo-rail/unify-report.md)
 
+  -o, --output <PATH>
+          Write output to file (appends to existing content)
+
       --show-diff
           Show diff of changes to each manifest
 
@@ -233,6 +239,7 @@ Options:
 Examples:
   cargo rail unify --check                # Preview changes (CI mode)
   cargo rail unify --check --explain      # Show why each decision was made
+  cargo rail unify --check -f json -o out.json  # Write JSON output to file
   cargo rail unify                        # Apply changes
   cargo rail unify --backup               # Apply with backup
   cargo rail unify --show-diff            # Show manifest changes

src/cargo/unify/unused_finder.rs

@@ -272,7 +272,7 @@ mod tests {
 
   #[test]
   fn test_target_constraint_matches_unix() {
-    let targets = ["x86_64-unknown-linux-gnu", "x86_64-apple-darwin"];
+    let targets = ["x86_64-unknown-linux-gnu", "aarch64-apple-darwin"];
     assert!(target_constraint_matches_any("cfg(unix)", &targets));
     assert!(!target_constraint_matches_any("cfg(windows)", &targets));
   }