Add strict Clippy policy foundation (MSRV 1.93) and xtask lint-policy gate

[EffortlessSteven]

Motivation

• Establish a governed, workspace-wide Clippy baseline (panic-free, AST/string/indexing-safe, silent-failure prevention, and suppression governance) rather than ad-hoc per-crate settings.
• Move policy from vibes in Cargo.toml into machine-readable, reviewable artifacts so upgrades (1.94/1.95) and exceptions are tracked and auditable.
• Provide a reproducible rollout template that other Rust repos can copy and adapt while preserving narrow, owned debt where immediate fixes are impractical.
• Add an xtask verification gate so CI/local tooling can validate MSRV alignment, lint inheritance, planned flips, and debt/allowlist correctness.

Description

• Bumped workspace MSRV to 1.93 and added a strict workspace lint block under [workspace.lints.rust] and [workspace.lints.clippy] in the root Cargo.toml.
• Added machine-readable policy artifacts: policy/clippy-lints.toml (active + planned ledger), policy/clippy-debt.toml (owned temporary exceptions), policy/no-panic-allowlist.toml (semantic panic-family receipts), and policy/non-rust-allowlist.toml (non-Rust surface receipts).
• Added clippy.toml as the repository-local architecture surface for narrow disallowed methods/types/macros and created reusable templates under templates/rust/clippy and templates/rust/docs.
• Implemented cargo xtask validation: new command check-lint-policy (crates/xtask/src/commands/check_lint_policy.rs) and policy-report wiring into the xtask CLI to verify required files, MSRV parity, workspace lint inheritance, no test carveouts, planned lint tracking, and debt metadata.

Testing

• Ran cargo +1.93.0 fmt --check which passed.
• Ran cargo +1.93.0 check -p xtask which compiled the xtask and supporting crates (fixed required temporary debt entry to permit build) and succeeded.
• Ran cargo +1.93.0 run -p xtask -- policy-report which produced a lint-policy report and returned successfully (report mode).
• Ran cargo +1.93.0 run -p xtask -- check-lint-policy which correctly failed the new blocking gate with expected findings (current rollout reports ~51 workspace members that still need [lints] workspace = true), leaving the failure surface explicit for follow-up staged PRs.

---

Codex Task

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, add credits to your account and enable them for code reviews in your settings.

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 22 minutes and 59 seconds before requesting another review.

To continue reviewing without waiting, purchase usage credits in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: bc6047ba-22e1-456b-90b6-4977253276ec

📥 Commits

Reviewing files that changed from the base of the PR and between 90fd4d1 and a78d85a.

📒 Files selected for processing (17)

• Cargo.toml
• clippy.toml
• crates/testing/Cargo.toml
• crates/xtask/src/commands/check_lint_policy.rs
• crates/xtask/src/commands/mod.rs
• crates/xtask/src/main.rs
• docs/CLIPPY_POLICY.md
• policy/clippy-debt.toml
• policy/clippy-lints.toml
• policy/no-panic-allowlist.toml
• policy/non-rust-allowlist.toml
• templates/rust/clippy/Cargo.lints.strict.toml
• templates/rust/clippy/clippy.toml
• templates/rust/clippy/policy-clippy-lints.toml
• templates/rust/docs/CLIPPY_POLICY.md
• templates/rust/prompts/clippy-rollout.md
• templates/rust/xtask/check_lint_policy.rs

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/implement-standard-clippy-policy-model-5cwxbr

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

❌ Agents Governance Check Failed

Fix the errors reported above. See AGENTS_GOVERNANCE.md for troubleshooting.

[github-actions]

Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit a78d85a.