ci(fix): bring CI up to date

.github/dependabot.yml

@@ -0,0 +1,8 @@
+---
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/audit.yml

@@ -1,13 +1,27 @@
-# Runs daily
-name: Security audit
-on:
+---
+name: Security audit - daily
+
+'on':
+  push:
+    paths:
+      # Run if workflow changes
+      - '.github/workflows/audit.yml'
+      # Run on changed dependencies
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+      # Run if the configuration file changes
+      - '**/audit.toml'
+  # Rerun periodicly to pick up new advisories
   schedule:
-    - cron: "15 04 * * *"
+    - cron: '43 05 * * *'
+  # Run manually
+  workflow_dispatch:
+
 jobs:
   security_audit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions-rs/audit-check@v1
+      - uses: actions/checkout@v4
+      - uses: rustsec/audit-check@v1.4.1
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/ci.yml

@@ -1,11 +1,19 @@
-on:
+---
+name: CI
+
+'on':
   push:
     branches:
       - main
+      - "ci-*"
   pull_request:
-    types: [opened, synchronize, reopened]
-
-name: CI
+    types:
+    types:
+      - opened
+      - reopened
+      - synchronize
+  merge_group:
+  workflow_dispatch:
 
 env:
   CARGO_HTTP_MULTIPLEXING: false
@@ -14,24 +22,17 @@ env:
 jobs:
   clippy:
     name: clippy
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-latest
     steps:
-      - name: ubuntu dependencies
-        run: |
-          sudo apt-get update && \
-          sudo apt-get -y install \
-            libssl-dev \
-            openssl \
-            pkg-config \
-            git
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
+
       - name: toolchain
-        uses: actions-rs/toolchain@v1
+        uses: dtolnay/rust-toolchain@master
         with:
           toolchain: ${{ env.toolchain }}
           components: clippy, rustfmt
-          override: true
+
       - name: Caching
         uses: actions/cache@v2
         with:
@@ -40,22 +41,42 @@ jobs:
             ~/.cargo/git
             target
           key: ${{ runner.os }}-${{ runner.cpu-model }}-${{ env.toolchain }}-${{ hashFiles('**/Cargo.lock') }}
-      - name: cargo fmt
-        uses: actions-rs/cargo@v1
-        with:
-          command: fmt
-          args: --all -- --check
-      - name: Clippy check
-        uses: actions-rs/cargo@v1
-        with:
-          command: clippy
-          args: --all-targets -- -D warnings
+
+      - name: ubuntu dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get -y install \
+            libssl-dev \
+            openssl \
+            pkg-config \
+            git
+
+      - name: cargo format
+        run: cargo fmt --all -- --check
+
+      - name: Install cargo-lints
+        run: cargo install cargo-lints
+
+      - name: Clippy check (with lints)
+        run: cargo lints clippy --all-targets -- -D warnings
+
+      - name: cargo machete
+        run: |
+          cargo install cargo-machete
+          cargo machete
+
   test:
     name: test
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-latest
     steps:
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
+
+      - name: toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ env.toolchain }}
+
       - name: Caching
         uses: actions/cache@v2
         with:
@@ -64,30 +85,19 @@ jobs:
             ~/.cargo/git
             target
           key: ${{ runner.os }}-${{ runner.cpu-model }}-${{ env.toolchain }}-${{ hashFiles('**/Cargo.lock') }}
+
       - name: ubuntu dependencies
         run: |
-          sudo apt-get update && \
+          sudo apt-get update
           sudo apt-get -y install \
             libssl-dev \
             openssl \
             git \
             cmake \
             zip
-      - name: toolchain
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: ${{ env.toolchain }}
-          components: clippy, rustfmt
-          override: true
 
       - name: cargo test
-        uses: actions-rs/cargo@v1
-        with:
-          command: test
-          # args: --release
+        run: cargo test
 
       - name: cargo test release
-        uses: actions-rs/cargo@v1
-        with:
-          command: test
-          args: --release
+        run: cargo test --release

.github/workflows/pr_signed_commits_check.yml

@@ -0,0 +1,24 @@
+---
+# Checks if the comments are signed or not
+name: PR - Signed commits check
+
+'on':
+  pull_request_target
+
+concurrency:
+  # https://docs.github.com/en/actions/examples/using-concurrency-expressions-and-a-test-matrix
+  group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
+  cancel-in-progress: ${{ !startsWith(github.ref, 'refs/tags/v') || github.ref != 'refs/heads/development' || github.ref != 'refs/heads/nextnet' || github.ref != 'refs/heads/stagenet' }}
+
+permissions: {}
+
+jobs:
+  check-signed-commits:
+    name: Check signed commits in PR
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - name: Check signed commits in PR
+        uses: 1Password/check-signed-commits-action@v1

.gitignore

@@ -3,4 +3,7 @@ Cargo.lock
 
 *.profraw
 coverage_report
-cov_raw
+cov_raw
+
+# Ignore OS files
+.DS_Store