Add Unsafe Flags Check

[leogdion]

No description provided.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch unsafe-flags

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 14.29%. Comparing base (fd30d85) to head (99a1dc6).
⚠️ Report is 1 commits behind head on v1.0.0-alpha.4.

Additional details and impacted files

@@                Coverage Diff                 @@
##           v1.0.0-alpha.4     #188      +/-   ##
==================================================
- Coverage           14.33%   14.29%   -0.05%     
==================================================
  Files                  67       67              
  Lines                7179     7179              
==================================================
- Hits                 1029     1026       -3     
- Misses               6150     6153       +3     

Flag	Coverage Δ
spm	14.27% <ø> (-0.05%)	⬇️
swift-6.1-jammy	14.27% <ø> (-0.02%)	⬇️
swift-6.1-noble	14.27% <ø> (ø)
swift-6.2-jammy	14.29% <ø> (-0.03%)	⬇️
swift-6.2-jammynightly	14.27% <ø> (-0.05%)	⬇️
swift-6.2-noble	14.27% <ø> (-0.05%)	⬇️
swift-6.2-noblenightly	14.27% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[claude]

Pull Request Review: Add Unsafe Flags Check

Thank you for adding this workflow! Here is my detailed review:

Strengths

1. Clear Purpose: The workflow validates that unsafeFlags are intentionally used
2. Authoritative Source: Using swift package dump-package is correct
3. Good Error Reporting: Outputs flags found and package dump sample
4. Efficient Implementation: Pipes directly to jq without storing large variables

Critical Issue: Workflow Will Fail

The workflow will immediately fail because Package.swift:64-77 intentionally uses unsafeFlags for enhanced compiler checking including concurrency warnings, actor data race checks, strict concurrency checking, and testing support.

This appears to be a contradiction - the PR adds a check that will fail against the current codebase.

Recommendations

Option 1: Document intent and use branch protection for manual override when unsafeFlags are intentionally added

Option 2: Add an allowlist to approve specific unsafeFlags while blocking unexpected ones

Option 3: Remove unsafeFlags from Package.swift entirely if the goal is elimination

Code Quality

• Bash best practices: Correct use of set -euo pipefail, proper quoting, safe fallbacks
• CI patterns: Consistent with other workflows, proper action versions
• Branch config: Currently targets main but base is v1.0.0-alpha.4

Security

No concerns. Workflow only reads package config, uses official actions, runs in isolated container.

Performance

Minor optimization: swift package dump-package runs twice. Consider caching output.

Verdict

Request Changes - The workflow is well-implemented but will immediately fail. Please clarify intent: prevent additional unsafeFlags, remove existing ones, or validate against approved list?