9 Commits

  • Disable empty Cargo test targets (#21584)
    ## Summary
    
    `cargo test` has entails both running standard Rust tests and doctests.
    It turns out that the doctest discovery is fairly slow, and it's a cost
    you pay even for crates that don't include any doctests.
    
    This PR disables doctests with `doctest = false` for crates that lack
    any doctests.
    
    For the collection of crates below, this speeds up test execution by
    >4x.
    
    E.g., before this PR:
    
    ```
    Benchmark 1: cargo test     -p codex-utils-absolute-path     -p codex-utils-cache     -p codex-utils-cli     -p codex-utils-home-dir     -p codex-utils-output-truncation     -p codex-utils-path     -p codex-utils-string     -p codex-utils-template     -p codex-utils-elapsed     -p codex-utils-json-to-toml
      Time (mean ± σ):      1.849 s ±  4.455 s    [User: 0.752 s, System: 1.367 s]
      Range (min … max):    0.418 s … 14.529 s    10 runs
    ```
    
    And after:
    
    ```
    Benchmark 1: cargo test     -p codex-utils-absolute-path     -p codex-utils-cache     -p codex-utils-cli     -p codex-utils-home-dir     -p codex-utils-output-truncation     -p codex-utils-path     -p codex-utils-string     -p codex-utils-template     -p codex-utils-elapsed     -p codex-utils-json-to-toml
      Time (mean ± σ):     428.6 ms ±   6.9 ms    [User: 187.7 ms, System: 219.7 ms]
      Range (min … max):   418.0 ms … 436.8 ms    10 runs
    ```
    
    For a single crate, with >2x speedup, before:
    
    ```
    Benchmark 1: cargo test -p codex-utils-string
      Time (mean ± σ):     491.1 ms ±   9.0 ms    [User: 229.8 ms, System: 234.9 ms]
      Range (min … max):   480.9 ms … 512.0 ms    10 runs
    ```
    
    And after:
    
    ```
    Benchmark 1: cargo test -p codex-utils-string
      Time (mean ± σ):     213.9 ms ±   4.3 ms    [User: 112.8 ms, System: 84.0 ms]
      Range (min … max):   206.8 ms … 221.0 ms    13 runs
    ```
    
    Co-authored-by: Codex <noreply@openai.com>
  • extract models manager and related ownership from core (#16508)
    ## Summary
    - split `models-manager` out of `core` and add `ModelsManagerConfig`
    plus `Config::to_models_manager_config()` so model metadata paths stop
    depending on `core::Config`
    - move login-owned/auth-owned code out of `core` into `codex-login`,
    move model provider config into `codex-model-provider-info`, move API
    bridge mapping into `codex-api`, move protocol-owned types/impls into
    `codex-protocol`, and move response debug helpers into a dedicated
    `response-debug-context` crate
    - move feedback tag emission into `codex-feedback`, relocate tests to
    the crates that now own the code, and keep broad temporary re-exports so
    this PR avoids a giant import-only rewrite
    
    ## Major moves and decisions
    - created `codex-models-manager` as the owner for model
    cache/catalog/config/model info logic, including the new
    `ModelsManagerConfig` struct
    - created `codex-model-provider-info` as the owner for provider config
    parsing/defaults and kept temporary `codex-login`/`codex-core`
    re-exports for old import paths
    - moved `api_bridge` error mapping + `CoreAuthProvider` into
    `codex-api`, while `codex-login::api_bridge` temporarily re-exports
    those symbols and keeps the `auth_provider_from_auth` wrapper
    - moved `auth_env_telemetry` and `provider_auth` ownership to
    `codex-login`
    - moved `CodexErr` ownership to `codex-protocol::error`, plus
    `StreamOutput`, `bytes_to_string_smart`, and network policy helpers to
    protocol-owned modules
    - created `codex-response-debug-context` for
    `extract_response_debug_context`, `telemetry_transport_error_message`,
    and related response-debug plumbing instead of leaving that behavior in
    `core`
    - moved `FeedbackRequestTags`, `emit_feedback_request_tags`, and
    `emit_feedback_request_tags_with_auth_env` to `codex-feedback`
    - deferred removal of temporary re-exports and the mechanical import
    rewrites to a stacked follow-up PR so this PR stays reviewable
    
    ## Test moves
    - moved auth refresh coverage from `core/tests/suite/auth_refresh.rs` to
    `login/tests/suite/auth_refresh.rs`
    - moved text encoding coverage from
    `core/tests/suite/text_encoding_fix.rs` to
    `protocol/src/exec_output_tests.rs`
    - moved model info override coverage from
    `core/tests/suite/model_info_overrides.rs` to
    `models-manager/src/model_info_overrides_tests.rs`
    
    ---------
    
    Co-authored-by: Codex <noreply@openai.com>
  • ci: verify codex-rs Cargo manifests inherit workspace settings (#16353)
    ## Why
    
    Bazel clippy now catches lints that `cargo clippy` can still miss when a
    crate under `codex-rs` forgets to opt into workspace lints. The concrete
    example here was `codex-rs/app-server/tests/common/Cargo.toml`: Bazel
    flagged a clippy violation in `models_cache.rs`, but Cargo did not
    because that crate inherited workspace package metadata without
    declaring `[lints] workspace = true`.
    
    We already mirror the workspace clippy deny list into Bazel after
    [#15955](https://github.com/openai/codex/pull/15955), so we also need a
    repo-side check that keeps every `codex-rs` manifest opted into the same
    workspace settings.
    
    ## What changed
    
    - add `.github/scripts/verify_cargo_workspace_manifests.py`, which
    parses every `codex-rs/**/Cargo.toml` with `tomllib` and verifies:
      - `version.workspace = true`
      - `edition.workspace = true`
      - `license.workspace = true`
      - `[lints] workspace = true`
    - top-level crate names follow the `codex-*` / `codex-utils-*`
    conventions, with explicit exceptions for `windows-sandbox-rs` and
    `utils/path-utils`
    - run that script in `.github/workflows/ci.yml`
    - update the current outlier manifests so the check is enforceable
    immediately
    - fix the newly exposed clippy violations in the affected crates
    (`app-server/tests/common`, `file-search`, `feedback`,
    `shell-escalation`, and `debug-client`)
    
    
    
    
    
    
    ---
    [//]: # (BEGIN SAPLING FOOTER)
    Stack created with [Sapling](https://sapling-scm.com). Best reviewed
    with [ReviewStack](https://reviewstack.dev/openai/codex/pull/16353).
    * #16351
    * __->__ #16353
  • [diagnostics] show diagnostics earlier in workflow (#13604)
    <img width="591" height="243" alt="Screenshot 2026-03-05 at 10 17 06 AM"
    src="https://github.com/user-attachments/assets/84a6658b-6017-4602-b1f8-2098b9b5eff9"
    />
    
    - show feedback earlier
    - preserve raw literal env vars (no trimming, sanitizing, etc.)
  • [feedback] diagnostics (#13292)
    - added header logic to display diagnostics on cli
    - added logic for collecting env vars
    
    <img width="606" height="327" alt="Screenshot 2026-03-03 at 3 49 31 PM"
    src="https://github.com/user-attachments/assets/05e78c56-8cb3-47fa-abaf-3e57f1fdd8e2"
    />
    
    <img width="690" height="353" alt="Screenshot 2026-03-02 at 6 47 54 PM"
    src="https://github.com/user-attachments/assets/e470b559-13f4-44d9-897f-bc398943c6d1"
    />
  • Attach more tags to feedback submissions (#8688)
    Attach more tags to sentry feedback so it's easier to classify and debug
    without having to scan through logs.
    
    Formatting isn't amazing but it's a start.
    <img width="1234" height="276" alt="image"
    src="https://github.com/user-attachments/assets/521a349d-f627-4051-b511-9811cd5cd933"
    />
  • chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043)
    Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to
    0.46.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    href="https://github.com/getsentry/sentry-rust/releases">sentry's
    releases</a>.</em></p>
    <blockquote>
    <h2>0.46.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>Removed the <code>ClientOptions</code> struct's
    <code>trim_backtraces</code> and <code>extra_border_frames</code> fields
    (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>).
    <ul>
    <li>These fields configured backtrace trimming, which is being removed
    in this release.</li>
    </ul>
    </li>
    </ul>
    <h3>Improvements</h3>
    <ul>
    <li>Removed backtrace trimming to align the Rust SDK with the general
    principle that Sentry SDKs should only truncate telemetry data when
    needed to comply with <a
    href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented
    size limits</a> (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>).
    This change ensures that as much data as possible remains available for
    debugging.
    <ul>
    <li>If you notice any new issues being created for existing errors after
    this change, please open an issue on <a
    href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li>
    </ul>
    </li>
    </ul>
    <h3>Fixes</h3>
    <ul>
    <li>fix: adjust sentry.origin for log integration (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a></li>
    </ul>
    <h2>0.45.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>Add custom variant to <code>AttachmentType</code> that holds an
    arbitrary String. (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li>
    </ul>
    <h2>0.44.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>feat(log): support combined LogFilters and RecordMappings (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>Breaking change: <code>sentry::integrations::log::LogFilter</code>
    has been changed to a <code>bitflags</code> struct.</li>
    <li>It's now possible to map a <code>log</code> record to multiple items
    in Sentry by combining multiple log filters in the filter, e.g.
    <code>log::Level::ERROR =&gt; LogFilter::Event |
    LogFilter::Log</code>.</li>
    <li>If using a custom <code>mapper</code> instead, it's possible to
    return a
    <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map
    a <code>log</code> record to multiple items in Sentry.</li>
    </ul>
    </li>
    </ul>
    <h3>Behavioral changes</h3>
    <ul>
    <li>ref(log): send logs by default when logs feature flag is enabled (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>If the <code>logs</code> feature flag is enabled, the default Sentry
    <code>log</code> logger now sends logs for all events at or above
    INFO.</li>
    </ul>
    </li>
    <li>ref(logs): enable logs by default if logs feature flag is used (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>This changes the default value of
    <code>sentry::ClientOptions::enable_logs</code> to
    <code>true</code>.</li>
    <li>This simplifies the setup of Sentry structured logs by requiring
    users to just add the <code>log</code> feature flag to the
    <code>sentry</code> dependency to opt-in to sending logs.</li>
    <li>When the <code>log</code> feature flag is enabled, the
    <code>tracing</code> and <code>log</code> integrations will send
    structured logs to Sentry for all logs/events at or above INFO level by
    default.</li>
    </ul>
    </li>
    </ul>
    <h2>0.43.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>The <code>tracing</code> integration now uses the tracing span name
    as the Sentry span name by default.</li>
    <li>Before this change, the span name would be set based on the
    <code>tracing</code> span target
    (<code>&lt;module&gt;::&lt;function&gt;</code> when using the
    <code>tracing::instrument</code> macro).</li>
    <li>The <code>tracing</code> integration now uses <code>&lt;span
    target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e.
    <code>&lt;module&gt;::&lt;function&gt;</code> when using
    <code>tracing::instrument</code>).</li>
    <li>Before this change, the span op would be set based on the
    <code>tracing</code> span name.</li>
    <li>Read below to learn how to customize the span name and op.</li>
    <li>When upgrading, please ensure to adapt any queries, metrics or
    dashboards to use the new span names/ops.</li>
    </ul>
    </li>
    <li>ref(tracing): use standard code attributes (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>Logs now carry the attributes <code>code.module.name</code>,
    <code>code.file.path</code> and <code>code.line.number</code>
    standardized in OTEL to surface the respective information, in contrast
    with the previously sent <code>tracing.module_path</code>,
    <code>tracing.file</code> and <code>tracing.line</code>.</li>
    </ul>
    </li>
    <li>fix(actix): capture only server errors (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a></li>
    </ul>
    <!-- raw HTML omitted -->
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a
    href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's
    changelog</a>.</em></p>
    <blockquote>
    <h2>0.46.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>Removed the <code>ClientOptions</code> struct's
    <code>trim_backtraces</code> and <code>extra_border_frames</code> fields
    (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>).
    <ul>
    <li>These fields configured backtrace trimming, which is being removed
    in this release.</li>
    </ul>
    </li>
    </ul>
    <h3>Improvements</h3>
    <ul>
    <li>Removed backtrace trimming to align the Rust SDK with the general
    principle that Sentry SDKs should only truncate telemetry data when
    needed to comply with <a
    href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented
    size limits</a> (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>).
    This change ensures that as much data as possible remains available for
    debugging.
    <ul>
    <li>If you notice any new issues being created for existing errors after
    this change, please open an issue on <a
    href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li>
    </ul>
    </li>
    </ul>
    <h3>Fixes</h3>
    <ul>
    <li>fix: adjust sentry.origin for log integration (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a></li>
    </ul>
    <h2>0.45.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>Add custom variant to <code>AttachmentType</code> that holds an
    arbitrary String. (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li>
    </ul>
    <h2>0.44.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>feat(log): support combined LogFilters and RecordMappings (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>Breaking change: <code>sentry::integrations::log::LogFilter</code>
    has been changed to a <code>bitflags</code> struct.</li>
    <li>It's now possible to map a <code>log</code> record to multiple items
    in Sentry by combining multiple log filters in the filter, e.g.
    <code>log::Level::ERROR =&gt; LogFilter::Event |
    LogFilter::Log</code>.</li>
    <li>If using a custom <code>mapper</code> instead, it's possible to
    return a
    <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map
    a <code>log</code> record to multiple items in Sentry.</li>
    </ul>
    </li>
    </ul>
    <h3>Behavioral changes</h3>
    <ul>
    <li>ref(log): send logs by default when logs feature flag is enabled (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>If the <code>logs</code> feature flag is enabled, the default Sentry
    <code>log</code> logger now sends logs for all events at or above
    INFO.</li>
    </ul>
    </li>
    <li>ref(logs): enable logs by default if logs feature flag is used (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>This changes the default value of
    <code>sentry::ClientOptions::enable_logs</code> to
    <code>true</code>.</li>
    <li>This simplifies the setup of Sentry structured logs by requiring
    users to just add the <code>log</code> feature flag to the
    <code>sentry</code> dependency to opt-in to sending logs.</li>
    <li>When the <code>log</code> feature flag is enabled, the
    <code>tracing</code> and <code>log</code> integrations will send
    structured logs to Sentry for all logs/events at or above INFO level by
    default.</li>
    </ul>
    </li>
    </ul>
    <h2>0.43.0</h2>
    <h3>Breaking changes</h3>
    <ul>
    <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a
    href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>)
    by <a href="https://github.com/lcian"><code>@​lcian</code></a>
    <ul>
    <li>The <code>tracing</code> integration now uses the tracing span name
    as the Sentry span name by default.</li>
    <li>Before this change, the span name would be set based on the
    <code>tracing</code> span target
    (<code>&lt;module&gt;::&lt;function&gt;</code> when using the
    <code>tracing::instrument</code> macro).</li>
    <li>The <code>tracing</code> integration now uses <code>&lt;span
    target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e.
    <code>&lt;module&gt;::&lt;function&gt;</code> when using
    <code>tracing::instrument</code>).</li>
    <li>Before this change, the span op would be set based on the
    <code>tracing</code> span name.</li>
    <li>Read below to learn how to customize the span name and op.</li>
    </ul>
    </li>
    </ul>
    <!-- raw HTML omitted -->
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a>
    release: 0.46.0</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a>
    feat(backtrace): Stop truncating backtraces (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a>
    ref: Fix new Clippy lints (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a>
    meta: Update cargo metadata (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a>
    chore: X handle update (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a>
    chore(ci): Migrate danger workflow from v2 to v3 (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a>
    fix: adjust sentry.origin for log integration (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a>
    Merge branch 'release/0.45.0'</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a>
    release: 0.45.0</li>
    <li><a
    href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a>
    feat(types): Add custom variant to <code>AttachmentType</code> (<a
    href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li>
    <li>Additional commits viewable in <a
    href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after
    your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge
    and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating
    it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    
    
    </details>
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • chore: add cargo-deny configuration (#7119)
    - add GitHub workflow running cargo-deny on push/PR
    - document cargo-deny allowlist with workspace-dep notes and advisory
    ignores
    - align workspace crates to inherit version/edition/license for
    consistent checks