Add workflow to publish from CI (#14)

Also adds a changelog to properly document the changes we made. Fixes astral-sh/uv#11222
astral-sh · Feb 5, 2025 · eec116e · eec116e
1 parent 6570685
commit eec116e
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 1 deletion.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -6,6 +6,9 @@ on:
   pull_request:
   workflow_dispatch:
 
+env:
+  CARGO_TERM_COLOR: always
+
 jobs:
   ci:
     runs-on: ${{ matrix.os }}

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -0,0 +1,21 @@
+name: Publish to crates.io
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    environment:
+      name: crates-io
+    steps:
+      - uses: actions/checkout@v4
+      - name: Publish to crates.io
+        run: cargo publish
+        env:
+          CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,11 @@
+# Changelog
+
+## 0.5.0
+
+- Setting `preserve_permissions` to `false` will avoid setting _any_ permissions on extracted files.
+  In [`alexcrichton/tar-rs`](https://github.com/alexcrichton/tar-rs), setting `preserve_permissions`
+  to `false` will still set read, write, and execute permissions on extracted files, but will avoid
+  setting extended permissions (e.g., `setuid`, `setgid`, and `sticky` bits).
+- Avoid creating directories outside the unpack target (see: [`alexcrichton/tar-rs#259`](https://github.com/alexcrichton/tar-rs/pull/259)).
+- Added `unpack_in_raw` which memoizes the set of validated paths (and assumes a pre-canonicalized)
+  unpack target to avoid redundant filesystem operations.
diff --git a/README.md b/README.md
@@ -20,6 +20,8 @@ the following modifications:
   to `false` will still set read, write, and execute permissions on extracted files, but will avoid
   setting extended permissions (e.g., `setuid`, `setgid`, and `sticky` bits).
 
+See the [changelog](CHANGELOG.md) for a more detailed list of changes.
+
 ## License
 
 This project is licensed under either of

diff --git a/src/archive.rs b/src/archive.rs
@@ -84,7 +84,7 @@ impl<R: Read + Unpin> ArchiveBuilder<R> {
         self
     }
 
-    /// Indicate whether extended permissions (like suid on Unix) are preserved
+    /// Indicate whether the permissions on files and directories are preserved
     /// when unpacking this entry.
     ///
     /// This flag is disabled by default and is currently only implemented on