Release v0.20.0 🎉 (#617)

Release tracker for v0.20.0 of chorus, set to release on the 15th of May
2025

Major changes in this version include:
- An overhaul of how errors are handled and error cases, including JSON
error support (#607)
- A new API for ignoring users + updates to the `Relationship` struct
(#606)
- Several internal changes and fixes

## Public API changes

- changes to `ChorusError`: 
- `ReceivedErrorCode` is now `ReceivedError`, which contains a more
specific error object
     - `InvalidFormBody` has been removed
     - `InvalidResponse` now contains the response's HTTP status
- due to the ratelimiter changes, `Instance` methods that send API
requests now need an `&mut self` reference
- to avoid cloning `Instance`s, auth routes (login, register and mfa)
now take a cloned `Shared<Instance>`. The best practice way to handle
`Instance`s is now to call `into_shared()`, store `Shared<Instance>`
instead of `Instance` and call `.clone()` on the `Arc` when creating new
`ChorusUser`s
- new fields in the `Relationship` struct: 
     - `is_spam_request`, 
     - `stranger_request`, 
     - `origin_application_id` and 
     - `user_ignored`

## Additions
- `ChorusUser::bulk_remove_relationships`
- `ChorusUser::ignore_user`
- `ChorusUser::unignore_user`
- JSON Error and Api error types

## Bugfixes
- #616 - `Instance`s are no longer cloned when logging into or
registering accounts

## Internal changes
- #607 (refactoring the internal ratelimiter and request logic, making
it support requests without a `ChorusUser`)
- #608 by @zicklag (updating internal self-updating struct logic,
removing an unsafe block for safer code)
- #612 and #613 by @bitfl0wer (improving CI, more checks for security)
- #614 (updating the url of discord userdoccers links in documentation)
- several dependency bumps

Author: kozabrada123

.github/workflows/build_and_test.yml .github/workflows/build-test-coverage.yml.github/workflows/build_and_test.yml renamed to .github/workflows/build-test-coverage.yml

@@ -1,4 +1,4 @@
-name: Build and Test
+name: "Rust: Build, Test, Publish Coverage"
 
 on:
   push:
@@ -108,7 +108,7 @@ jobs:
         run: |
           rustup target add wasm32-unknown-unknown
           curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
-          cargo binstall --no-confirm wasm-bindgen-cli --version "0.2.95" --force
+          cargo binstall --no-confirm wasm-bindgen-cli --version "0.2.100" --force
           GECKODRIVER=$(which geckodriver) cargo test --target wasm32-unknown-unknown --no-default-features --features="client, rt, voice_gateway"
   wasm-chrome:
     runs-on: ubuntu-latest
@@ -144,5 +144,5 @@ jobs:
         run: |
           rustup target add wasm32-unknown-unknown
           curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
-          cargo binstall --no-confirm wasm-bindgen-cli --version "0.2.95" --force
+          cargo binstall --no-confirm wasm-bindgen-cli --version "0.2.100" --force
           CHROMEDRIVER=$(which chromedriver) cargo test --target wasm32-unknown-unknown --no-default-features --features="client, rt, voice_gateway"

.github/workflows/cargo-doc.yml

@@ -2,9 +2,9 @@ name: cargo doc lints
 
 on:
   push:
-    branches: [ "main", "preserve/*" ]
+    branches: ["main", "preserve/*"]
   pull_request:
-    branches: [ "main", "dev" ]
+    branches: ["main", "dev"]
 
 jobs:
   cargo-doc-lints:

.github/workflows/license-header.yml

@@ -0,0 +1,23 @@
+name: "General: License headers and identifiers"
+
+on:
+  push:
+    branches: ["main"]
+    tags: ["*"]
+  pull_request:
+    branches: ["*"]
+  workflow_dispatch:
+
+jobs:
+  license-headers:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Check license headers
+        uses: viperproject/check-license-header@e06c65614fa9f32e099838df4dd25440c5344b32
+        with:
+          path: .
+          config: ./.github/license-check/config.json
+          strict: true

.github/workflows/license-headers.yml

@@ -0,0 +1,67 @@
+name: "Rust: Compliance"
+
+on:
+  push:
+    branches: ["main"]
+    tags: ["*"]
+  pull_request:
+    branches: ["*"]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  rust-clippy-analyze:
+    name: Run rust-clippy analyzing
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: clippy
+
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6
+
+      - name: Install cargo-binstall
+        uses: taiki-e/install-action@7cb2cdb5024b2b45585f150af1ee02e24b87edd7
+        with:
+          tool: cargo-binstall
+
+      - name: Install additionally required components
+        run: cargo binstall cargo-udeps clippy-sarif sarif-fmt cargo-deny --only-signed --force -y
+
+      - name: Run rust-clippy
+        run: cargo clippy
+          --all-features
+          --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
+        continue-on-error: true
+
+      - name: Upload clippy analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: rust-clippy-results.sarif
+          wait-for-processing: true
+
+      - name: Analyze crate dependency licenses with cargo-deny
+        uses: EmbarkStudios/cargo-deny-action@34899fc7ba81ca6268d5947a7a16b4649013fea1
+        with:
+          command: check licenses
+
+      - name: Install Rust nightly toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          components: clippy
+          toolchain: nightly
+
+      - name: Activate nightly Rust toolchain
+        run: rustup default nightly
+
+      - name: cargo-udeps
+        run: cargo +nightly udeps --all-targets --all-features

.github/workflows/rust-clippy.yml

@@ -0,0 +1,26 @@
+name: "Rust: Security: Automated dependency analysis"
+
+on:
+  push:
+    branches: ["main", "preserve/*"]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ["main", "dev"]
+  workflow_dispatch:
+  schedule:
+    - cron: "0 7 * * 1"
+
+jobs:
+  cargo-deny:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install latest, stable Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6
+      - name: Analyze crate dependencies for advisories with cargo-deny
+        uses: EmbarkStudios/cargo-deny-action@34899fc7ba81ca6268d5947a7a16b4649013fea1
+        with:
+          command: check advisories sources bans

.github/workflows/rust-compliance.yml

@@ -0,0 +1,18 @@
+name: "Rust: Semver release checks"
+
+on:
+  pull_request:
+    branches: ["main"]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  semver-checks:
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6
+      - uses: obi1kenobi/cargo-semver-checks-action@7272cc2caa468d3e009a2b0a9cc366839348237b