Merge pull request #34 from ignorant05/feature/Add-cargo-audit-to-CI-for-security-checks

Enhacement: Added cargo audit to CI for security checks

Author: aviralgarg05

.github/workflows/ci.yml

@@ -34,10 +34,14 @@ jobs:
           path: |
             ~/.cargo/registry
             ~/.cargo/git
+            ~/.cargo/bin
             target
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
           restore-keys: ${{ runner.os }}-cargo-
 
+      - name: Install cargo-audit
+        run: cargo install cargo-audit --locked
+
       - name: fmt
         run: cargo fmt --all -- --check
 
@@ -47,6 +51,9 @@ jobs:
       - name: tests
         run: cargo test --workspace -- --test-threads=1
 
+      - name: Security audit
+        run: cargo audit
+
   python:
     name: Python syntax check
     runs-on: ubuntu-latest
@@ -57,7 +64,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: '3.10'
+          python-version: "3.10"
 
       - name: Byte-compile nexum_ai
         run: python -m compileall nexum_ai

Cargo.toml

@@ -5,7 +5,7 @@ resolver = "2"
 [workspace.dependencies]
 sled = "0.34"
 sqlparser = "0.39"
-pyo3 = { version = "0.22", features = ["auto-initialize"] }
+pyo3 = { version = "0.24", features = ["auto-initialize"] }
 anyhow = "1.0"
 thiserror = "1.0"
 tokio = { version = "1.35", features = ["full"] }

nexum_core/src/bridge/mod.rs

@@ -13,7 +13,7 @@ impl PythonBridge {
 
     pub fn initialize(&mut self) -> Result<()> {
         Python::with_gil(|py| {
-            let sys = py.import_bound("sys")?;
+            let sys = py.import("sys")?;
             let path_attr = sys.getattr("path")?;
             let path = path_attr.downcast::<PyList>()?;
 
@@ -36,7 +36,7 @@ impl PythonBridge {
         }
 
         Python::with_gil(|py| {
-            let nexum_ai = PyModule::import_bound(py, "nexum_ai.optimizer")?;
+            let nexum_ai = PyModule::import(py, "nexum_ai.optimizer")?;
             let semantic_cache = nexum_ai.getattr("SemanticCache")?;
             let cache_instance = semantic_cache.call0()?;
 
@@ -51,7 +51,7 @@ impl PythonBridge {
 
     pub fn test_integration(&self) -> Result<String> {
         Python::with_gil(|py| {
-            let nexum_ai = PyModule::import_bound(py, "nexum_ai.optimizer")?;
+            let nexum_ai = PyModule::import(py, "nexum_ai.optimizer")?;
             let test_func = nexum_ai.getattr("test_vectorization")?;
             let result = test_func.call0()?;
             let result_str: String = result.str()?.extract()?;
@@ -72,7 +72,7 @@ impl SemanticCache {
         bridge.initialize()?;
 
         let cache = Python::with_gil(|py| {
-            let nexum_ai = PyModule::import_bound(py, "nexum_ai.optimizer")?;
+            let nexum_ai = PyModule::import(py, "nexum_ai.optimizer")?;
             let semantic_cache_class = nexum_ai.getattr("SemanticCache")?;
             let cache_instance = semantic_cache_class.call0()?;
             Ok::<PyObject, PyErr>(cache_instance.unbind())
@@ -121,7 +121,7 @@ impl NLTranslator {
         bridge.initialize()?;
 
         let translator = Python::with_gil(|py| {
-            let nexum_ai = PyModule::import_bound(py, "nexum_ai.translator")?;
+            let nexum_ai = PyModule::import(py, "nexum_ai.translator")?;
             let translator_class = nexum_ai.getattr("NLTranslator")?;
             let translator_instance = translator_class.call0()?;
             Ok::<PyObject, PyErr>(translator_instance.unbind())
@@ -152,7 +152,7 @@ mod tests {
     fn check_python_available() -> bool {
         let mut bridge = PythonBridge::new().unwrap();
         bridge.initialize().is_ok()
-            && Python::with_gil(|py| PyModule::import_bound(py, "nexum_ai.optimizer").is_ok())
+            && Python::with_gil(|py| PyModule::import(py, "nexum_ai.optimizer").is_ok())
     }
 
     #[test]