fix: Bring claim_v2 branch up to date with main branch

.commitlintrc.yml

@@ -24,6 +24,7 @@ rules:
       - export_schema
       - make_test_images
       - sdk
+      - c2patool
 
   # Scope may be empty
   # (NOTE: Disabled for now while we work around

.github/dependabot.yml

@@ -4,21 +4,7 @@
 version: 2
 updates:
   - package-ecosystem: "cargo"
-    directory: "sdk"
-    schedule:
-      interval: "daily"
-    commit-message:
-      prefix: "update"
-
-  - package-ecosystem: "cargo"
-    directory: "export_schema"
-    schedule:
-      interval: "daily"
-    commit-message:
-      prefix: "update"
-
-  - package-ecosystem: "cargo"
-    directory: "make_test_images"
+    directory: "/"
     schedule:
       interval: "daily"
     commit-message:

.github/workflows/ci.yml

@@ -31,7 +31,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [windows-latest, macos-latest, ubuntu-latest]
-        rust_version: [stable, 1.76.0]
+        rust_version: [stable, 1.81.0]
 
     steps:
       - name: Checkout repository
@@ -52,7 +52,7 @@ jobs:
       - name: Generate code coverage
         env:
           RUST_BACKTRACE: "1"
-        run: cargo llvm-cov --workspace --all-features --lcov --output-path lcov.info
+        run: cargo llvm-cov --lib --all-features --lcov --output-path lcov.info
 
       # Tokens aren't available for PRs originating from forks,
       # so we don't attempt to upload code coverage in that case.
@@ -62,7 +62,59 @@ jobs:
           github.event.pull_request.author_association == 'COLLABORATOR' ||
           github.event.pull_request.author_association == 'MEMBER' ||
           github.event.pull_request.user.login == 'dependabot[bot]'
-        uses: codecov/codecov-action@v4
+        uses: codecov/codecov-action@v5
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          fail_ci_if_error: true
+          verbose: true
+
+  tests-cli:
+    name: Unit tests (c2patool)
+    if: |
+      github.event_name != 'pull_request' ||
+      github.event.pull_request.author_association == 'COLLABORATOR' ||
+      github.event.pull_request.author_association == 'MEMBER' ||
+      github.event.pull_request.user.login == 'dependabot[bot]' ||
+      contains(github.event.pull_request.labels.*.name, 'safe to test')
+
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [windows-latest, macos-latest, ubuntu-latest]
+        rust_version: [stable]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust_version }}
+          components: llvm-tools-preview
+
+      - name: Cache Rust dependencies
+        uses: Swatinem/rust-cache@v2
+
+      - name: Install cargo-llvm-cov
+        uses: taiki-e/install-action@cargo-llvm-cov
+
+      - name: Generate code coverage
+        env:
+          RUST_BACKTRACE: "1"
+        run: cargo llvm-cov --bins --all-features --lcov --output-path lcov.info
+
+      # Tokens aren't available for PRs originating from forks,
+      # so we don't attempt to upload code coverage in that case.
+      - name: Upload code coverage results
+        if: |
+          github.event_name != 'pull_request' ||
+          github.event.pull_request.author_association == 'COLLABORATOR' ||
+          github.event.pull_request.author_association == 'MEMBER' ||
+          github.event.pull_request.user.login == 'dependabot[bot]'
+        uses: codecov/codecov-action@v5
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           fail_ci_if_error: true
@@ -117,12 +169,36 @@ jobs:
           github.event.pull_request.author_association == 'COLLABORATOR' ||
           github.event.pull_request.author_association == 'MEMBER' ||
           github.event.pull_request.user.login == 'dependabot[bot]'
-        uses: codecov/codecov-action@v4
+        uses: codecov/codecov-action@v5
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           fail_ci_if_error: true
           verbose: true
 
+  cargo-check:
+    name: Default features build
+    if: |
+      github.event_name != 'pull_request' ||
+      github.event.pull_request.author_association == 'COLLABORATOR' ||
+      github.event.pull_request.author_association == 'MEMBER' ||
+      github.event.pull_request.user.login == 'dependabot[bot]' ||
+      contains(github.event.pull_request.labels.*.name, 'safe to test')
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Cache Rust dependencies
+        uses: Swatinem/rust-cache@v2
+
+      - name: "`cargo check` with default features"
+        run: cargo check
+
   tests-cross:
     name: Unit tests
     if: |
@@ -138,7 +214,7 @@ jobs:
       fail-fast: false
       matrix:
         target: [aarch64-unknown-linux-gnu]
-        rust_version: [stable, 1.76.0]
+        rust_version: [stable, 1.81.0]
 
     steps:
       - name: Checkout repository
@@ -292,7 +368,7 @@ jobs:
       - name: Install nightly Rust toolchain
         # Nightly is used here because the docs.rs build
         # uses nightly and we use doc_cfg features that are
-        # not in stable Rust as of this writing (Rust 1.76).
+        # not in stable Rust as of this writing (Rust 1.81).
         uses: dtolnay/rust-toolchain@nightly
 
       - name: Run cargo docs

.github/workflows/nightly.yml

@@ -147,9 +147,11 @@ jobs:
         echo Will add nightly suffix $NIGHTLY_SUFFIX
 
         sed -i "s/^version = \"\\(.*\\)\"/version = \"\\1$NIGHTLY_SUFFIX\"/" sdk/Cargo.toml
-
+        sed -i "s/path = \"..\/sdk\", version = \"\\(.*\\)\"/path = \"..\/sdk\", version = \"\\1$NIGHTLY_SUFFIX\"/" cli/Cargo.toml
+
         cargo update -w
-        git add -f Cargo.lock
+        git add Cargo.lock
+        find . -name 'Cargo.toml' | xargs git add
 
         echo
         echo Proposed changes:
@@ -167,3 +169,50 @@ jobs:
         commit_user_name: Adobe CAI Team
         commit_user_email: [email protected]
         create_branch: true
+
+  # ---- TO DO: Figure out how to run this job but only when nightly-snapshot changes the branch. ----
+  # publish-nightly-binaries:
+  #   name: Publish c2patool nightly binaries
+  #   runs-on: ${{ matrix.os }}
+  #   needs: nightly-snapshot
+
+  #   strategy:
+  #     fail-fast: false
+  #     matrix:
+  #       os: [windows-latest, macos-latest, ubuntu-latest]
+  #       include:
+  #       - os: macos-latest
+  #         artifact_name: c2patool_mac_universal.zip
+  #       - os: ubuntu-latest
+  #         artifact_name: c2patool_linux_intel.tar.gz
+  #       - os: windows-latest
+  #         artifact_name: c2patool_win_intel.zip
+
+  #   steps:
+  #   - name: Checkout repository
+  #     uses: actions/checkout@v4
+  #     with:
+  #       ref: nightly
+
+  #   - name: Install Rust toolchain
+  #     uses: dtolnay/rust-toolchain@stable
+
+  #   - name: Cache Rust dependencies
+  #     uses: Swatinem/rust-cache@v2
+
+  #   - name: Run cargo check
+  #     run: cd cli && cargo check
+
+  #   - name: Run cargo test --all
+  #     run: cd cli && cargo test --all
+
+  #   - name: Build nightly release artifacts
+  #     run: cd cli && make release
+
+  #   - name: Upload build as artifact
+  #     uses: actions/upload-artifact@v3
+  #     with:
+  #       path: target/${{ matrix.artifact_name }}
+  #       name: ${{ matrix.artifact_name }}
+  #       retention-days: 15
+  #       if-no-files-found: error

.github/workflows/pr_title.yml

@@ -42,6 +42,7 @@ jobs:
           # these exact names:
           #
           #    * sdk (The primary C2PA Rust SDK)
+          #    * c2patool
           #    * export_schema
           #    * make_test_images
           #
@@ -90,6 +91,16 @@ jobs:
             exit 0;
           fi
 
+          if echo "$PR_TITLE" | grep -E '^update: update '; then
+            echo "Exception / OK: Dependabot update pattern"
+            exit 0;
+          fi
+
+          if echo "$PR_TITLE" | grep -E '^update: bump '; then
+            echo "Exception / OK: Dependabot update pattern"
+            exit 0;
+          fi
+
           echo "Installing commitlint-rs. Please wait 30-40 seconds ..."
           cargo install --quiet commitlint-rs
           set -e

.github/workflows/release.yml

@@ -14,6 +14,9 @@ jobs:
     name: Release-plz
     runs-on: ubuntu-latest
 
+    outputs:
+      c2patool-release-tag: ${{ steps.sniff-c2patool-release-tag.outputs.tag }}
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -25,7 +28,8 @@ jobs:
         uses: dtolnay/rust-toolchain@stable
 
       - name: Run release-plz
-        uses: MarcoIeni/[email protected]
+        id: release-plz
+        uses: MarcoIeni/[email protected]
         env:
           GITHUB_TOKEN: ${{ secrets.RELEASE_PLZ_TOKEN }}
           CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_SECRET }}
@@ -38,3 +42,81 @@ jobs:
             tail -n +2 |\
             sed 's/origin\///' |\
             xargs -I {} git push origin --delete {}
+
+      - name: Identify c2patool release
+        id: sniff-c2patool-release-tag
+        run: |
+          echo tag=`git tag --contains HEAD | grep '^c2patool-'` >> "$GITHUB_OUTPUT" || true
+
+  publish-c2patool-binaries:
+    name: Publish c2patool binaries
+    runs-on: ${{ matrix.os }}
+    needs: release-plz
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ macos-latest, ubuntu-latest, windows-latest ]
+        rust_version: [ stable ]
+        experimental: [ false ]
+        include:
+          - os: macos-latest
+            artifact_name: c2patool_mac_universal.zip
+            uploaded_asset_name: c2patool-${{ needs.release-plz.outputs.c2patool-release-tag }}-universal-apple-darwin.zip
+          - os: ubuntu-latest
+            artifact_name: c2patool_linux_intel.tar.gz
+            uploaded_asset_name: c2patool-${{ needs.release-plz.outputs.c2patool-release-tag }}-x86_64-unknown-linux-gnu.tar.gz
+          - os: windows-latest
+            artifact_name: c2patool_win_intel.zip
+            uploaded_asset_name: c2patool-${{ needs.release-plz.outputs.c2patool-release-tag }}-x86_64-pc-windows-msvc.zip
+
+    steps:
+      - name: Checkout repository
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        uses: actions/checkout@v4
+
+      - name: Install Rust toolchain
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust_version }}
+          components: llvm-tools-preview
+
+      - name: Install cargo-sbom
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        uses: baptiste0928/cargo-install@v3
+        with:
+          crate: cargo-sbom
+          version: '0.9.1'
+
+      - name: Cache Rust dependencies
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        uses: Swatinem/rust-cache@v2
+
+      - name: Run make release
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        run: cd cli && make release
+
+      - name: Upload binary to GitHub
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        uses: svenstaro/upload-release-action@v1-release
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: target/${{ matrix.artifact_name }}
+          asset_name: ${{ matrix.uploaded_asset_name }}
+          tag: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+          overwrite: true
+
+      - name: Generate SBOM
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        run: cd cli && cargo sbom > c2patool.${{ matrix.os }}.sbom.json
+
+      - name: Upload SBOM to Github
+        if: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+        uses: svenstaro/upload-release-action@v1-release
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: cli/c2patool.${{ matrix.os }}.sbom.json
+          asset_name: c2patool-${{ needs.release-plz.outputs.c2patool-release-tag }}-sbom.json
+          tag: ${{ needs.release-plz.outputs.c2patool-release-tag }}
+          overwrite: true

.gitignore

@@ -1,7 +1,5 @@
 /target/
 
-Cargo.lock
-
 **/*.rs.bk
 
 .DS_Store
@@ -11,3 +9,6 @@ Cargo.lock
 .vscode
 
 /semver-checks/target/
+
+# Unit test output lands here. TO DO: Fix
+cli/target