misaradmin/synor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4

chore: migrate from GitHub to Forgejo (git.misar.io)
Some checks failed
CI / Check (push) Failing after 2s
Details
CI / Test (push) Failing after 2s
Details
CI / Build (Linux x86_64) (push) Has been skipped
Details
Security Audit / Vulnerability Scan (push) Failing after 2s
Details
Security Audit / License & Security Policy (push) Failing after 2s
Details
Security Audit / Static Analysis (Clippy) (push) Failing after 2s
Details
Security Audit / Secret Detection (push) Failing after 2s
Details
Security Audit / Check Outdated Dependencies (push) Failing after 2s
Details
Security Audit / Unsafe Code Audit (push) Failing after 2s
Details
Security Audit / Property-Based Testing (push) Failing after 2s
Details
Security Audit / WASM Module Security (push) Failing after 2s
Details
CI / Benchmarks (push) Has been skipped
Details
CI / CI Success (push) Failing after 1s
Details

Browse source 
- Move .github/workflows/ to .forgejo/workflows/ (identical YAML, runner labels changed to self-hosted)
- Drop macOS/Windows CI matrix legs (no macOS/Windows runners on self-hosted act_runner)
- Update Cargo.toml repository URL to git.misar.io/misaradmin/synor
- Remove .github/dependabot.yml (not applicable on Forgejo)
This commit is contained in:
Gulshan Yadav 2026-03-30 08:20:39 +05:30
parent 563bfa3909
commit d9fd97bb96
7 changed files with 153 additions and 388 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
.github/workflows/ci.yml → .forgejo/workflows/ci.yml
View file

@ -13,12 +13,8 @@ env:
jobs: jobs:
check: check:
name: Check (${{ matrix.os }}) name: Check
runs-on: ${{ matrix.os }} runs-on: self-hosted
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
steps: steps:
- name: Checkout repository - name: Checkout repository
@ -56,12 +52,8 @@ jobs:
run: cargo clippy --workspace --all-targets --all-features -- -D warnings run: cargo clippy --workspace --all-targets --all-features -- -D warnings
test: test:
name: Test (${{ matrix.os }}) name: Test
runs-on: ${{ matrix.os }} runs-on: self-hosted
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
steps: steps:
- name: Checkout repository - name: Checkout repository
@ -70,8 +62,7 @@ jobs:
- name: Install Rust toolchain - name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable uses: dtolnay/rust-toolchain@stable
- name: Install system dependencies (Linux) - name: Install system dependencies
if: runner.os == 'Linux'
run: | run: |
sudo apt-get update sudo apt-get update
sudo apt-get install -y libclang-dev llvm-dev sudo apt-get install -y libclang-dev llvm-dev
@ -100,18 +91,9 @@ jobs:
run: cargo test --workspace --all-features run: cargo test --workspace --all-features
build: build:
name: Build (${{ matrix.os }}) name: Build (Linux x86_64)
runs-on: ${{ matrix.os }} runs-on: self-hosted
needs: [check, test] needs: [check, test]
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
include:
- os: ubuntu-latest
artifact-name: synor-linux-x86_64
- os: macos-latest
artifact-name: synor-macos-x86_64
steps: steps:
- name: Checkout repository - name: Checkout repository
@ -120,8 +102,7 @@ jobs:
- name: Install Rust toolchain - name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable uses: dtolnay/rust-toolchain@stable
- name: Install system dependencies (Linux) - name: Install system dependencies
if: runner.os == 'Linux'
run: | run: |
sudo apt-get update sudo apt-get update
sudo apt-get install -y libclang-dev llvm-dev sudo apt-get install -y libclang-dev llvm-dev
@ -160,14 +141,14 @@ jobs:
- name: Upload build artifacts - name: Upload build artifacts
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: ${{ matrix.artifact-name }} name: synor-linux-x86_64
path: artifacts/ path: artifacts/
retention-days: 7 retention-days: 7
if-no-files-found: warn if-no-files-found: warn
bench: bench:
name: Benchmarks name: Benchmarks
runs-on: ubuntu-latest runs-on: self-hosted
if: github.ref == 'refs/heads/main' && github.event_name == 'push' if: github.ref == 'refs/heads/main' && github.event_name == 'push'
needs: [check, test] needs: [check, test]
@ -214,10 +195,9 @@ jobs:
retention-days: 30 retention-days: 30
if-no-files-found: ignore if-no-files-found: ignore
# Summary job for branch protection
ci-success: ci-success:
name: CI Success name: CI Success
runs-on: ubuntu-latest runs-on: self-hosted
needs: [check, test, build] needs: [check, test, build]
if: always() if: always()
steps: steps:

109
.forgejo/workflows/release-wallet.yml Normal file
View file

@ -0,0 +1,109 @@
name: Release Desktop Wallet
on:
push:
tags:
- 'wallet-v*'
workflow_dispatch:
inputs:
draft:
description: 'Create as draft release'
required: false
default: true
type: boolean
env:
CARGO_TERM_COLOR: always
permissions:
contents: write
jobs:
# Build Linux AppImage on self-hosted runner
build-linux:
name: Build Wallet (Linux)
runs-on: self-hosted
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- name: Install pnpm
run: npm install -g pnpm
- name: Setup Rust
uses: dtolnay/rust-toolchain@stable
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y \
libgtk-3-dev \
libwebkit2gtk-4.1-dev \
libsoup-3.0-dev \
libjavascriptcoregtk-4.1-dev \
libappindicator3-dev \
librsvg2-dev \
patchelf \
libclang-dev \
llvm-dev
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-cargo-wallet-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-wallet-
- name: Cache pnpm store
uses: actions/cache@v4
with:
path: ~/.pnpm-store
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('apps/desktop-wallet/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install frontend dependencies
working-directory: apps/desktop-wallet
run: pnpm install
- name: Build Tauri app (Linux)
uses: tauri-apps/tauri-action@v0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
projectPath: apps/desktop-wallet
tagName: wallet-v__VERSION__
releaseName: 'Synor Wallet v__VERSION__'
releaseBody: |
## Synor Desktop Wallet
A secure desktop wallet for the Synor blockchain network with post-quantum cryptography support (Dilithium3).
### Installation
**Linux:**
- Download the `.AppImage` file
- Make it executable: `chmod +x Synor*.AppImage`
- Run: `./Synor*.AppImage`
### Features
- 24-word BIP39 mnemonic generation
- Post-quantum Dilithium3 signatures
- OS keychain integration
- System tray support
### Security Note
Always verify the checksums of downloaded files.
releaseDraft: ${{ github.event.inputs.draft || true }}
prerelease: ${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') || contains(github.ref, 'rc') }}

104
.github/workflows/release.yml → .forgejo/workflows/release.yml
View file

@ -15,31 +15,17 @@ permissions:
jobs: jobs:
build-release: build-release:
name: Build Release (${{ matrix.target }}) name: Build Release (${{ matrix.target }})
runs-on: ${{ matrix.os }} runs-on: self-hosted
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
include: include:
- os: ubuntu-latest - target: x86_64-unknown-linux-gnu
target: x86_64-unknown-linux-gnu
artifact-name: synor-linux-x86_64 artifact-name: synor-linux-x86_64
archive-ext: tar.gz archive-ext: tar.gz
- os: ubuntu-24.04-arm - target: aarch64-unknown-linux-gnu
target: aarch64-unknown-linux-gnu
artifact-name: synor-linux-aarch64 artifact-name: synor-linux-aarch64
archive-ext: tar.gz archive-ext: tar.gz
- os: macos-latest
target: x86_64-apple-darwin
artifact-name: synor-macos-x86_64
archive-ext: tar.gz
- os: macos-latest
target: aarch64-apple-darwin
artifact-name: synor-macos-aarch64
archive-ext: tar.gz
- os: windows-latest
target: x86_64-pc-windows-msvc
artifact-name: synor-windows-x86_64
archive-ext: zip
steps: steps:
- name: Checkout repository - name: Checkout repository
@ -52,11 +38,10 @@ jobs:
with: with:
targets: ${{ matrix.target }} targets: ${{ matrix.target }}
- name: Install system dependencies (Linux) - name: Install system dependencies
if: runner.os == 'Linux'
run: | run: |
sudo apt-get update sudo apt-get update
sudo apt-get install -y libclang-dev llvm-dev sudo apt-get install -y libclang-dev llvm-dev gcc-aarch64-linux-gnu
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v4 uses: actions/cache@v4
@ -78,82 +63,37 @@ jobs:
restore-keys: | restore-keys: |
${{ runner.os }}-${{ matrix.target }}-cargo-target-release- ${{ runner.os }}-${{ matrix.target }}-cargo-target-release-
- name: Build release binaries (Unix) - name: Build release binaries
if: runner.os != 'Windows'
env: env:
TARGET: ${{ matrix.target }} TARGET: ${{ matrix.target }}
run: cargo build --release --workspace --target "$TARGET" run: cargo build --release --workspace --target "$TARGET"
- name: Build release binaries (Windows) - name: Prepare release archive
if: runner.os == 'Windows'
env:
TARGET: ${{ matrix.target }}
run: cargo build --release --workspace --target "$env:TARGET"
- name: Prepare release archive (Unix)
if: runner.os != 'Windows'
env: env:
TARGET: ${{ matrix.target }} TARGET: ${{ matrix.target }}
ARTIFACT_NAME: ${{ matrix.artifact-name }} ARTIFACT_NAME: ${{ matrix.artifact-name }}
run: | run: |
mkdir -p release mkdir -p release
# Copy binaries
cp "target/$TARGET/release/synord" release/ 2>/dev/null || true cp "target/$TARGET/release/synord" release/ 2>/dev/null || true
cp "target/$TARGET/release/synor-cli" release/ 2>/dev/null || true cp "target/$TARGET/release/synor-cli" release/ 2>/dev/null || true
cp "target/$TARGET/release/synor-faucet" release/ 2>/dev/null || true cp "target/$TARGET/release/synor-faucet" release/ 2>/dev/null || true
cp "target/$TARGET/release/synor-explorer" release/ 2>/dev/null || true cp "target/$TARGET/release/synor-explorer" release/ 2>/dev/null || true
# Copy documentation
cp README.md release/ 2>/dev/null || true cp README.md release/ 2>/dev/null || true
cp LICENSE* release/ 2>/dev/null || true cp LICENSE* release/ 2>/dev/null || true
cp CHANGELOG.md release/ 2>/dev/null || true cp CHANGELOG.md release/ 2>/dev/null || true
# Create archive
cd release cd release
tar czvf "../$ARTIFACT_NAME.tar.gz" * tar czvf "../$ARTIFACT_NAME.tar.gz" *
- name: Prepare release archive (Windows) - name: Upload release artifact
if: runner.os == 'Windows'
env:
TARGET: ${{ matrix.target }}
ARTIFACT_NAME: ${{ matrix.artifact-name }}
run: |
New-Item -ItemType Directory -Force -Path release
# Copy binaries
Copy-Item "target/$env:TARGET/release/synord.exe" release/ -ErrorAction SilentlyContinue
Copy-Item "target/$env:TARGET/release/synor-cli.exe" release/ -ErrorAction SilentlyContinue
Copy-Item "target/$env:TARGET/release/synor-faucet.exe" release/ -ErrorAction SilentlyContinue
Copy-Item "target/$env:TARGET/release/synor-explorer.exe" release/ -ErrorAction SilentlyContinue
# Copy documentation
Copy-Item README.md release/ -ErrorAction SilentlyContinue
Copy-Item LICENSE* release/ -ErrorAction SilentlyContinue
Copy-Item CHANGELOG.md release/ -ErrorAction SilentlyContinue
# Create archive
Compress-Archive -Path release/* -DestinationPath "$env:ARTIFACT_NAME.zip"
- name: Upload release artifact (Unix)
if: runner.os != 'Windows'
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: ${{ matrix.artifact-name }} name: ${{ matrix.artifact-name }}
path: ${{ matrix.artifact-name }}.tar.gz path: ${{ matrix.artifact-name }}.tar.gz
retention-days: 1 retention-days: 1
- name: Upload release artifact (Windows)
if: runner.os == 'Windows'
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.artifact-name }}
path: ${{ matrix.artifact-name }}.zip
retention-days: 1
create-release: create-release:
name: Create GitHub Release name: Create Forgejo Release
runs-on: ubuntu-latest runs-on: self-hosted
needs: build-release needs: build-release
steps: steps:
@ -172,10 +112,9 @@ jobs:
env: env:
GIT_REF: ${{ github.ref }} GIT_REF: ${{ github.ref }}
run: | run: |
# Get the current tag from the ref (safe - only used after validation)
CURRENT_TAG="${GIT_REF#refs/tags/}" CURRENT_TAG="${GIT_REF#refs/tags/}"
# Validate tag format (only allow v followed by semver-like pattern) # Validate tag format
if [[ ! "$CURRENT_TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$ ]]; then if [[ ! "$CURRENT_TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$ ]]; then
echo "Invalid tag format: $CURRENT_TAG" echo "Invalid tag format: $CURRENT_TAG"
exit 1 exit 1
@ -183,7 +122,6 @@ jobs:
echo "current_tag=$CURRENT_TAG" >> "$GITHUB_OUTPUT" echo "current_tag=$CURRENT_TAG" >> "$GITHUB_OUTPUT"
# Get the previous tag
PREVIOUS_TAG=$(git describe --tags --abbrev=0 "$CURRENT_TAG^" 2>/dev/null || echo "") PREVIOUS_TAG=$(git describe --tags --abbrev=0 "$CURRENT_TAG^" 2>/dev/null || echo "")
echo "## What's Changed" > CHANGELOG_BODY.md echo "## What's Changed" > CHANGELOG_BODY.md
@ -192,8 +130,6 @@ jobs:
if [ -n "$PREVIOUS_TAG" ]; then if [ -n "$PREVIOUS_TAG" ]; then
echo "Changes since $PREVIOUS_TAG:" >> CHANGELOG_BODY.md echo "Changes since $PREVIOUS_TAG:" >> CHANGELOG_BODY.md
echo "" >> CHANGELOG_BODY.md echo "" >> CHANGELOG_BODY.md
# Generate changelog from commits (commit messages are from our own repo)
git log "$PREVIOUS_TAG..$CURRENT_TAG" --pretty=format:"- %s (%h)" --no-merges >> CHANGELOG_BODY.md git log "$PREVIOUS_TAG..$CURRENT_TAG" --pretty=format:"- %s (%h)" --no-merges >> CHANGELOG_BODY.md
else else
echo "Initial release" >> CHANGELOG_BODY.md echo "Initial release" >> CHANGELOG_BODY.md
@ -216,10 +152,10 @@ jobs:
echo "" >> CHANGELOG_BODY.md echo "" >> CHANGELOG_BODY.md
echo '```' >> CHANGELOG_BODY.md echo '```' >> CHANGELOG_BODY.md
cd artifacts cd artifacts
find . \( -name "*.tar.gz" -o -name "*.zip" \) -exec sha256sum {} \; | sed 's|./[^/]*/||' >> ../CHANGELOG_BODY.md find . -name "*.tar.gz" -exec sha256sum {} \; | sed 's|./[^/]*/||' >> ../CHANGELOG_BODY.md
echo '```' >> CHANGELOG_BODY.md echo '```' >> CHANGELOG_BODY.md
- name: Create GitHub Release - name: Create Release
uses: softprops/action-gh-release@v2 uses: softprops/action-gh-release@v2
with: with:
name: Synor ${{ steps.changelog.outputs.current_tag }} name: Synor ${{ steps.changelog.outputs.current_tag }}
@ -228,14 +164,12 @@ jobs:
prerelease: ${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') || contains(github.ref, 'rc') }} prerelease: ${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') || contains(github.ref, 'rc') }}
files: | files: |
artifacts/**/*.tar.gz artifacts/**/*.tar.gz
artifacts/**/*.zip
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Optional: Publish to crates.io
publish-crates: publish-crates:
name: Publish to crates.io name: Publish to crates.io
runs-on: ubuntu-latest runs-on: self-hosted
needs: create-release needs: create-release
if: ${{ !contains(github.ref, 'alpha') && !contains(github.ref, 'beta') && !contains(github.ref, 'rc') }} if: ${{ !contains(github.ref, 'alpha') && !contains(github.ref, 'beta') && !contains(github.ref, 'rc') }}
@ -255,16 +189,12 @@ jobs:
env: env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: | run: |
# Publish crates in dependency order
# Skip if CARGO_REGISTRY_TOKEN is not set
if [ -z "$CARGO_REGISTRY_TOKEN" ]; then if [ -z "$CARGO_REGISTRY_TOKEN" ]; then
echo "CARGO_REGISTRY_TOKEN not set, skipping crates.io publish" echo "CARGO_REGISTRY_TOKEN not set, skipping crates.io publish"
exit 0 exit 0
fi fi
echo "Publishing to crates.io..." echo "Publishing to crates.io..."
# Add --dry-run to test first, remove for actual publish # Uncomment when ready to publish:
# cargo publish -p synor-types --dry-run # cargo publish -p synor-types
# cargo publish -p synor-crypto --dry-run # cargo publish -p synor-crypto
# ... etc
echo "Crate publishing configured but commented out - uncomment when ready" echo "Crate publishing configured but commented out - uncomment when ready"

28
.github/workflows/security.yml → .forgejo/workflows/security.yml
View file

@ -21,12 +21,12 @@ jobs:
# ============================================================================ # ============================================================================
cargo-audit: cargo-audit:
name: Vulnerability Scan name: Vulnerability Scan
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install Rust - name: Install Rust
uses: dtolnay/rust-action@stable uses: dtolnay/rust-toolchain@stable
- name: Install cargo-audit - name: Install cargo-audit
run: cargo install cargo-audit --locked run: cargo install cargo-audit --locked
@ -39,7 +39,7 @@ jobs:
# ============================================================================ # ============================================================================
cargo-deny: cargo-deny:
name: License & Security Policy name: License & Security Policy
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -53,12 +53,12 @@ jobs:
# ============================================================================ # ============================================================================
clippy: clippy:
name: Static Analysis (Clippy) name: Static Analysis (Clippy)
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install Rust - name: Install Rust
uses: dtolnay/rust-action@stable uses: dtolnay/rust-toolchain@stable
with: with:
components: clippy components: clippy
@ -75,7 +75,7 @@ jobs:
# ============================================================================ # ============================================================================
secrets-scan: secrets-scan:
name: Secret Detection name: Secret Detection
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
@ -91,12 +91,12 @@ jobs:
# ============================================================================ # ============================================================================
outdated: outdated:
name: Check Outdated Dependencies name: Check Outdated Dependencies
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install Rust - name: Install Rust
uses: dtolnay/rust-action@stable uses: dtolnay/rust-toolchain@stable
- name: Install cargo-outdated - name: Install cargo-outdated
run: cargo install cargo-outdated --locked run: cargo install cargo-outdated --locked
@ -110,12 +110,12 @@ jobs:
# ============================================================================ # ============================================================================
geiger: geiger:
name: Unsafe Code Audit name: Unsafe Code Audit
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install Rust - name: Install Rust
uses: dtolnay/rust-action@stable uses: dtolnay/rust-toolchain@stable
- name: Install cargo-geiger - name: Install cargo-geiger
run: cargo install cargo-geiger --locked run: cargo install cargo-geiger --locked
@ -129,14 +129,14 @@ jobs:
# ============================================================================ # ============================================================================
property-tests: property-tests:
name: Property-Based Testing name: Property-Based Testing
runs-on: ubuntu-latest runs-on: self-hosted
env: env:
PROPTEST_CASES: "500" PROPTEST_CASES: "500"
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install Rust - name: Install Rust
uses: dtolnay/rust-action@stable uses: dtolnay/rust-toolchain@stable
- name: Run property tests - name: Run property tests
run: cargo test --release proptest -- --test-threads=1 run: cargo test --release proptest -- --test-threads=1
@ -146,12 +146,12 @@ jobs:
# ============================================================================ # ============================================================================
wasm-audit: wasm-audit:
name: WASM Module Security name: WASM Module Security
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install Rust - name: Install Rust
uses: dtolnay/rust-action@stable uses: dtolnay/rust-toolchain@stable
with: with:
targets: wasm32-unknown-unknown targets: wasm32-unknown-unknown

59
.github/dependabot.yml vendored
View file

@ -1,59 +0,0 @@
version: 2
updates:
# Rust/Cargo dependencies
- package-ecosystem: "cargo"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
time: "09:00"
timezone: "UTC"
open-pull-requests-limit: 10
reviewers:
- "synorcc/core-team"
labels:
- "dependencies"
- "rust"
commit-message:
prefix: "deps(cargo)"
groups:
# Group minor and patch updates together
rust-minor-patch:
patterns:
- "*"
update-types:
- "minor"
- "patch"
# Keep major updates separate for careful review
rust-major:
patterns:
- "*"
update-types:
- "major"
ignore:
# Ignore pre-release versions
- dependency-name: "*"
update-types: ["version-update:semver-prerelease"]
# GitHub Actions dependencies
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
time: "09:00"
timezone: "UTC"
open-pull-requests-limit: 5
reviewers:
- "synorcc/core-team"
labels:
- "dependencies"
- "github-actions"
commit-message:
prefix: "ci(actions)"
groups:
# Group all GitHub Actions updates together
github-actions:
patterns:
- "*"

195
.github/workflows/release-wallet.yml vendored
View file

@ -1,195 +0,0 @@
name: Release Desktop Wallet
on:
push:
tags:
- 'wallet-v*'
workflow_dispatch:
inputs:
draft:
description: 'Create as draft release'
required: false
default: true
type: boolean
env:
CARGO_TERM_COLOR: always
permissions:
contents: write
jobs:
build-tauri:
name: Build Wallet (${{ matrix.platform }})
strategy:
fail-fast: false
matrix:
include:
- platform: macos-latest
target: aarch64-apple-darwin
artifact-suffix: macos-aarch64
- platform: macos-latest
target: x86_64-apple-darwin
artifact-suffix: macos-x86_64
- platform: windows-latest
target: x86_64-pc-windows-msvc
artifact-suffix: windows-x86_64
runs-on: ${{ matrix.platform }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- name: Install pnpm
run: npm install -g pnpm
- name: Setup Rust
uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- name: Install dependencies (macOS)
if: matrix.platform == 'macos-latest'
run: |
brew install rocksdb
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-${{ matrix.target }}-cargo-wallet-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-${{ matrix.target }}-cargo-wallet-
- name: Cache pnpm store
uses: actions/cache@v4
with:
path: ~/.pnpm-store
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('apps/desktop-wallet/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install frontend dependencies
working-directory: apps/desktop-wallet
run: pnpm install
- name: Build Tauri app
uses: tauri-apps/tauri-action@v0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Note: Code signing requires Apple Developer certificates configured in GitHub secrets
# Set APPLE_CERTIFICATE, APPLE_CERTIFICATE_PASSWORD, APPLE_SIGNING_IDENTITY,
# APPLE_ID, APPLE_PASSWORD, APPLE_TEAM_ID to enable code signing
with:
projectPath: apps/desktop-wallet
tagName: wallet-v__VERSION__
releaseName: 'Synor Wallet v__VERSION__'
releaseBody: |
## Synor Desktop Wallet
A secure desktop wallet for the Synor blockchain network with post-quantum cryptography support (Dilithium3).
### Installation
**macOS:**
- Download the `.dmg` file for your architecture (Intel or Apple Silicon)
- Open the DMG and drag Synor Wallet to Applications
- First launch: Right-click → Open (to bypass Gatekeeper if not code-signed)
**Windows:**
- Download the `.msi` installer
- Run the installer and follow the prompts
- Or download the `.exe` for portable installation
### Features
- 24-word BIP39 mnemonic generation
- Post-quantum Dilithium3 signatures
- OS keychain integration (macOS Keychain, Windows Credential Manager)
- System tray support
- Auto-updates (when signed)
### Security Note
Always verify the checksums of downloaded files.
releaseDraft: ${{ github.event.inputs.draft || true }}
prerelease: ${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') || contains(github.ref, 'rc') }}
args: --target ${{ matrix.target }}
# Build Linux AppImage separately (needs different runner config)
build-linux:
name: Build Wallet (Linux)
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- name: Install pnpm
run: npm install -g pnpm
- name: Setup Rust
uses: dtolnay/rust-toolchain@stable
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y \
libgtk-3-dev \
libwebkit2gtk-4.1-dev \
libsoup-3.0-dev \
libjavascriptcoregtk-4.1-dev \
libappindicator3-dev \
librsvg2-dev \
patchelf \
libclang-dev \
llvm-dev
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-cargo-wallet-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-wallet-
- name: Cache pnpm store
uses: actions/cache@v4
with:
path: ~/.pnpm-store
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('apps/desktop-wallet/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install frontend dependencies
working-directory: apps/desktop-wallet
run: pnpm install
- name: Build Tauri app
uses: tauri-apps/tauri-action@v0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
projectPath: apps/desktop-wallet
tagName: wallet-v__VERSION__
releaseName: 'Synor Wallet v__VERSION__'
releaseBody: ''
releaseDraft: ${{ github.event.inputs.draft || true }}
prerelease: ${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') || contains(github.ref, 'rc') }}

4
Cargo.toml
View file

@ -4,7 +4,7 @@ version = "0.1.0"
edition = "2021" edition = "2021"
description = "Synor Blockchain - Quantum-secure decentralized cloud computing platform" description = "Synor Blockchain - Quantum-secure decentralized cloud computing platform"
license = "MIT OR Apache-2.0" license = "MIT OR Apache-2.0"
repository = "https://github.com/synorcc/synor" repository = "https://git.misar.io/misaradmin/synor"
[workspace] [workspace]
resolver = "2" resolver = "2"
@ -83,7 +83,7 @@ version = "0.1.0"
edition = "2021" edition = "2021"
authors = ["Synor Team <team@synor.cc>"] authors = ["Synor Team <team@synor.cc>"]
license = "MIT OR Apache-2.0" license = "MIT OR Apache-2.0"
repository = "https://github.com/synorcc/synor" repository = "https://git.misar.io/misaradmin/synor"
homepage = "https://synor.cc" homepage = "https://synor.cc"
description = "Quantum-secure decentralized cloud computing platform" description = "Quantum-secure decentralized cloud computing platform"
rust-version = "1.75" rust-version = "1.75"