[PR #114] [MERGED] chore: infer lints from workspace and fix errors #243

New issue

Closed

opened 2026-03-15 11:55:18 +03:00 by kerem · 0 comments

kerem commented

2026-03-15 11:55:18 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/awslabs/iam-policy-autopilot/pull/114
Author: @mschlaipfer
Created: 1/22/2026
Status: ✅ Merged
Merged: 2/3/2026
Merged by: @mschlaipfer

Base: main ← Head: fix-101

📝 Commits (10+)

0e471b7 fix: infer lints from workspace and fix issues
01edd65 fix: make clippy lint failures explicit, fix used_unwrap
f396fb5 fix: allow more lints, fix used-unwrap ones
864a441 Merge remote-tracking branch 'gh-upstream' into fix-101
afa5d45 Merge branch 'main' into fix-101
5bd29a1 Merge branch 'main' into fix-101
3457320 Merge branch 'main' into fix-101
5c14d3f Merge branch 'main' into fix-101
cb90337 Merge branch 'main' into fix-101
0d07856 Merge branch 'main' into fix-101

📊 Changes

17 files changed (+143 additions, -58 deletions)

View changed files

📝 Cargo.toml (+47 -0)
📝 iam-policy-autopilot-access-denied/Cargo.toml (+3 -0)
📝 iam-policy-autopilot-access-denied/src/aws/policy_naming.rs (+5 -2)
📝 iam-policy-autopilot-access-denied/src/parsing/utils.rs (+2 -1)
📝 iam-policy-autopilot-cli/Cargo.toml (+3 -0)
📝 iam-policy-autopilot-mcp-server/Cargo.toml (+3 -0)
📝 iam-policy-autopilot-mcp-server/src/mcp.rs (+5 -1)
📝 iam-policy-autopilot-mcp-server/src/tools/generate_policy.rs (+13 -7)
📝 iam-policy-autopilot-mcp-server/src/tools/mod.rs (+21 -12)
📝 iam-policy-autopilot-policy-generation/Cargo.toml (+3 -0)
📝 iam-policy-autopilot-policy-generation/build.rs (+1 -0)
📝 iam-policy-autopilot-policy-generation/src/embedded_data.rs (+1 -0)
📝 iam-policy-autopilot-policy-generation/src/enrichment/operation_fas_map.rs (+6 -2)
📝 iam-policy-autopilot-policy-generation/src/extraction/engine.rs (+5 -1)
📝 iam-policy-autopilot-policy-generation/src/extraction/javascript/scanner.rs (+20 -31)
📝 iam-policy-autopilot-tools/Cargo.toml (+3 -0)
📝 iam-policy-autopilot-tools/src/lib.rs (+2 -1)

📄 Description

Issue #, if available: #101

Description of changes:

The dead code issue in #101 exhibited a deeper issue: we did not infer the workspace lint configuration in the crates. Fixing that (and adding the dead_code = "deny" setting) exposed the use of unsafe_code in the MCP server crate used for mocking. I refactored the code to get rid of unsafe and keep the unsafe_code = "forbid" rather than using unsafe_code = "deny" and introducing an allow(unsafe_code) override (forbid cannot be overridden).

I'd argue that unsafe code within cfg(test) is okay, but it seems like cargo does not allow to set deny only for cfg(test) modules.

Inferring linter settings in the crates exposed more issues. I have added explicit allow overrides for all failures and fixed the unwrap_used ones, sometimes just via changing the unwrap to an expect. We should step by step fix these clippy warnings.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/awslabs/iam-policy-autopilot/pull/114 **Author:** [@mschlaipfer](https://github.com/mschlaipfer) **Created:** 1/22/2026 **Status:** ✅ Merged **Merged:** 2/3/2026 **Merged by:** [@mschlaipfer](https://github.com/mschlaipfer) **Base:** `main` ← **Head:** `fix-101` --- ### 📝 Commits (10+) - [`0e471b7`](https://github.com/awslabs/iam-policy-autopilot/commit/0e471b7c8ab45974992b8fbcf65758a7a46c2cad) fix: infer lints from workspace and fix issues - [`01edd65`](https://github.com/awslabs/iam-policy-autopilot/commit/01edd6556d93fbe324c344292c13fb9e24b9fc06) fix: make clippy lint failures explicit, fix used_unwrap - [`f396fb5`](https://github.com/awslabs/iam-policy-autopilot/commit/f396fb580cac2bac0dc060b3ec7f320de894947f) fix: allow more lints, fix used-unwrap ones - [`864a441`](https://github.com/awslabs/iam-policy-autopilot/commit/864a4419125292429730e3f6f457029cdfc8598c) Merge remote-tracking branch 'gh-upstream' into fix-101 - [`afa5d45`](https://github.com/awslabs/iam-policy-autopilot/commit/afa5d455d45f32952bdbba715730c116f609df12) Merge branch 'main' into fix-101 - [`5bd29a1`](https://github.com/awslabs/iam-policy-autopilot/commit/5bd29a1944a1ea220c6fa90ca30852ab30f04a03) Merge branch 'main' into fix-101 - [`3457320`](https://github.com/awslabs/iam-policy-autopilot/commit/34573209dd7ebf13a25046c19f1fd7f8946a243f) Merge branch 'main' into fix-101 - [`5c14d3f`](https://github.com/awslabs/iam-policy-autopilot/commit/5c14d3f0b55df3d29fa18f3c027a588cea345b06) Merge branch 'main' into fix-101 - [`cb90337`](https://github.com/awslabs/iam-policy-autopilot/commit/cb903374021e58ad44e798e637f4e12bfb14a180) Merge branch 'main' into fix-101 - [`0d07856`](https://github.com/awslabs/iam-policy-autopilot/commit/0d07856ed5990d42a8fdc6593f80085a05d1c9b4) Merge branch 'main' into fix-101 ### 📊 Changes **17 files changed** (+143 additions, -58 deletions) <details> <summary>View changed files</summary> 📝 `Cargo.toml` (+47 -0) 📝 `iam-policy-autopilot-access-denied/Cargo.toml` (+3 -0) 📝 `iam-policy-autopilot-access-denied/src/aws/policy_naming.rs` (+5 -2) 📝 `iam-policy-autopilot-access-denied/src/parsing/utils.rs` (+2 -1) 📝 `iam-policy-autopilot-cli/Cargo.toml` (+3 -0) 📝 `iam-policy-autopilot-mcp-server/Cargo.toml` (+3 -0) 📝 `iam-policy-autopilot-mcp-server/src/mcp.rs` (+5 -1) 📝 `iam-policy-autopilot-mcp-server/src/tools/generate_policy.rs` (+13 -7) 📝 `iam-policy-autopilot-mcp-server/src/tools/mod.rs` (+21 -12) 📝 `iam-policy-autopilot-policy-generation/Cargo.toml` (+3 -0) 📝 `iam-policy-autopilot-policy-generation/build.rs` (+1 -0) 📝 `iam-policy-autopilot-policy-generation/src/embedded_data.rs` (+1 -0) 📝 `iam-policy-autopilot-policy-generation/src/enrichment/operation_fas_map.rs` (+6 -2) 📝 `iam-policy-autopilot-policy-generation/src/extraction/engine.rs` (+5 -1) 📝 `iam-policy-autopilot-policy-generation/src/extraction/javascript/scanner.rs` (+20 -31) 📝 `iam-policy-autopilot-tools/Cargo.toml` (+3 -0) 📝 `iam-policy-autopilot-tools/src/lib.rs` (+2 -1) </details> ### 📄 Description *Issue #, if available:* #101 *Description of changes:* The dead code issue in #101 exhibited a deeper issue: we did not infer the workspace lint configuration in the crates. Fixing that (and adding the `dead_code = "deny"` setting) exposed the use of `unsafe_code` in the MCP server crate used for mocking. I refactored the code to get rid of `unsafe` and keep the `unsafe_code = "forbid"` rather than using `unsafe_code = "deny"` and introducing an `allow(unsafe_code)` override (`forbid` cannot be overridden). I'd argue that `unsafe` code within `cfg(test)` is okay, but it seems like cargo does not allow to set `deny` only for `cfg(test)` modules. Inferring linter settings in the crates exposed more issues. I have added explicit allow overrides for all failures and fixed the `unwrap_used` ones, sometimes just via changing the `unwrap` to an `expect`. We should step by step fix these `clippy` warnings. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>