Add org-wide Clippy policy, policy ledgers, TOML allowlists and xtask checks (MSRV 1.93)

[EffortlessSteven]

Motivation

• Provide a shared, governed Clippy baseline (MSRV 1.93) and turn linting into an infrastructure surface with explicit debt, planned flips, and no test carveouts.
• Replace ad-hoc allowlists with structured TOML receipts for panic-family exceptions and non-Rust files so automation and CI can track/expire exceptions.
• Expose policy verification as xtask gates so CI can enforce MSRV, active/planned lint consistency, suppression style, and allowlist coverage.

Description

• Bumped repository toolchain to 1.93 and injected the strict workspace lint block under [workspace.lints.rust] and [workspace.lints.clippy] in Cargo.toml and generated templates/rust/clippy/Cargo.lints.strict.toml from it.
• Added machine-readable policy artifacts under policy/: clippy-lints.toml (ledger + planned flips), clippy-debt.toml (debt ledger), no-panic-allowlist.toml (semantic panic allowlist), and non-rust-allowlist.toml (non-Rust receipts), plus docs/CLIPPY_POLICY.md and template copies under templates/rust/.
• Implemented xtask policy checks and reporting by adding crates/xtask/src/commands/lint_policy.rs and wiring new commands into crates/xtask (CheckLintPolicy, CheckNoPanicFamily, CheckFilePolicy, PolicyReport), and updated workspace members to inherit lints ([lints] workspace = true).
• Captured existing suppressions as explicit debt entries, annotated necessary unsafe usages with narrow #[expect(..., reason = "...")] where they implement audited safe wrappers, and copied clippy.toml into the templates area for repo-specific disallowed methods.

Testing

• Ran formatting: cargo +1.93.0 fmt --all (succeeded).
• Built and exercised the new xtask gates: cargo +1.93.0 run -p xtask -- check-lint-policy, which initially revealed issues and unsafe/expect formatting but after fixes the lint policy checks passed.
• Ran file policy verification: cargo +1.93.0 run -p xtask -- check-file-policy, which failed because many non-Rust programming files (examples, frontend dist and node_modules artifacts, etc.) are not yet covered by policy/non-rust-allowlist.toml and therefore need explicit receipts (this is expected on first rollout).

---

Codex Task

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, add credits to your account and enable them for code reviews in your settings.

[coderabbitai]

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 22 minutes and 3 seconds before requesting another review.

To continue reviewing without waiting, purchase usage credits in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 580aaf0d-6286-482d-b74d-dd4733a90bb3

📥 Commits

Reviewing files that changed from the base of the PR and between 90fd4d1 and a1751b0.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (70)

• Cargo.toml
• crates/ac-kernel/Cargo.toml
• crates/acceptance/Cargo.toml
• crates/adapters-db-sqlx/Cargo.toml
• crates/adapters-grpc/Cargo.toml
• crates/app-http/Cargo.toml
• crates/business-core/Cargo.toml
• crates/gov-contracts/Cargo.toml
• crates/gov-http-core/Cargo.toml
• crates/gov-http-forks/Cargo.toml
• crates/gov-http-friction/Cargo.toml
• crates/gov-http-issues/Cargo.toml
• crates/gov-http-questions/Cargo.toml
• crates/gov-http-types/Cargo.toml
• crates/gov-http/Cargo.toml
• crates/gov-model/Cargo.toml
• crates/gov-policy/Cargo.toml
• crates/gov-receipts/Cargo.toml
• crates/gov-xtask-core/Cargo.toml
• crates/http-agents/Cargo.toml
• crates/http-auth-mode/Cargo.toml
• crates/http-auth-token/Cargo.toml
• crates/http-auth-verifier/Cargo.toml
• crates/http-auth/Cargo.toml
• crates/http-bearer-token/Cargo.toml
• crates/http-body-format/Cargo.toml
• crates/http-core/Cargo.toml
• crates/http-errors/Cargo.toml
• crates/http-metrics/Cargo.toml
• crates/http-middleware/Cargo.toml
• crates/http-origin-boundary/Cargo.toml
• crates/http-origin-parser/Cargo.toml
• crates/http-origin-policy/Cargo.toml
• crates/http-origin-prefix/Cargo.toml
• crates/http-origin-rule/Cargo.toml
• crates/http-origin-subdomain/Cargo.toml
• crates/http-platform/Cargo.toml
• crates/http-task-status-parser/Cargo.toml
• crates/http-tasks/Cargo.toml
• crates/http-todos/Cargo.toml
• crates/model/Cargo.toml
• crates/receipts-core/Cargo.toml
• crates/rust_iac_config/Cargo.toml
• crates/rust_iac_xtask_core/Cargo.toml
• crates/spec-runtime/Cargo.toml
• crates/telemetry/Cargo.toml
• crates/testing/src/process.rs
• crates/xtask-contracts/Cargo.toml
• crates/xtask-lib/Cargo.toml
• crates/xtask-receipts/Cargo.toml
• crates/xtask-versioning/Cargo.toml
• crates/xtask/Cargo.toml
• crates/xtask/src/commands/fork.rs
• crates/xtask/src/commands/lint_policy.rs
• crates/xtask/src/commands/mod.rs
• crates/xtask/src/commands/pin_actions.rs
• crates/xtask/src/main.rs
• docs/CLIPPY_POLICY.md
• policy/clippy-debt.toml
• policy/clippy-lints.toml
• policy/no-panic-allowlist.toml
• policy/non-rust-allowlist.toml
• rust-toolchain.toml
• templates/rust/clippy/Cargo.lints.strict.toml
• templates/rust/clippy/clippy.toml
• templates/rust/clippy/policy-clippy-debt.toml
• templates/rust/clippy/policy-clippy-lints.toml
• templates/rust/docs/CLIPPY_POLICY.md
• templates/rust/prompts/clippy-rollout.md
• templates/rust/xtask/check_lint_policy.rs

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/implement-standard-clippy-policy-model-tn6m39

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Scope Guard Summary

Metric	Value
Files changed	71
Scope declared	false
Declared type	any
Waived	false

Change distribution:

• Runtime (crates/*.rs): 57
• Documentation: 3
• Specs: 0
• Policy: 4
• CI workflows: 0

⚠️ Danger zone files touched:

policy/clippy-debt.toml
policy/clippy-lints.toml
policy/no-panic-allowlist.toml
policy/non-rust-allowlist.toml

Policy evaluation:

�[33mWARN�[0m - /tmp/scope_input.json - main - Large PR (71 files) without scope declaration. Consider adding ## Scope for reviewers.
�[33mWARN�[0m - /tmp/scope_input.json - main - PR body missing ## Scope block. Consider adding for reviewer clarity.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/clippy-debt.toml' modified without ## Scope declaration. Add scope block to PR body.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/clippy-lints.toml' modified without ## Scope declaration. Add scope block to PR body.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/no-panic-allowlist.toml' modified without ## Scope declaration. Add scope block to PR body.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/non-rust-allowlist.toml' modified without ## Scope declaration. Add scope block to PR body.

�[31m6 tests, 0 passed, 2 warnings, 4 failures, 0 exceptions�[0m

---

💡 Add a ## Scope block to your PR description to silence this advisory.

[github-actions]

✅ Agents Governance Check Passed

All agents in .claude/agents/ pass validation. See AGENTS_GOVERNANCE.md for details.

[github-actions]

Test Results

283 tests   245 ✅  5m 27s ⏱️
 25 suites   38 💤
  1 files      0 ❌

Results for commit a1751b0.