Add governed Clippy policy baseline, policy ledgers, and xtask checker

[EffortlessSteven]

Motivation

• Establish a single, governed Clippy baseline (MSRV 1.93) across the workspace so linting is an engineering surface with tracked exceptions rather than per-crate vibes.
• Provide machine-readable policy ledgers and allowlists so exceptions are explicit, reviewable, and expiring instead of hidden in local config or comments.
• Add an xtask gate to verify MSRV/lint coherence, deny test carveouts, and fail stale/expired exceptions in CI.

Description

• Bumped workspace rust-version to 1.93 and added the strict workspace lint blocks under [workspace.lints.rust] and [workspace.lints.clippy] in the root Cargo.toml to enforce the panic-free and AST-safe baseline.
• Added machine-readable policy/artifacts: policy/clippy-lints.toml (active + planned lints ledger), policy/clippy-debt.toml (debt ledger), policy/no-panic-allowlist.toml, and policy/non-rust-allowlist.toml to track exceptions and planned flips.
• Implemented an xtask command check-lint-policy at crates/xtask/src/commands/check_lint_policy.rs and wired it into the CLI to validate MSRV alignment, active/planned lint consistency, workspace lints inheritance, absence of clippy test carveouts, and required fields/expiry for policy/debt/allowlists.
• Added repo-local clippy.toml (and templates under templates/rust/clippy/*) as the place for repo-specific disallowed methods/types/macros (including disallowed std::env methods for unsafe process-global state) and added docs/CLIPPY_POLICY.md plus reusable rollout artifacts in templates/rust.
• Updated crate manifests to inherit workspace lints by adding [lints] workspace = true to most member Cargo.toml files and preserved remaining gaps as explicit debt entries in policy/clippy-debt.toml (notably crates/testing and crates/xtask).

Testing

• Ran cargo +1.93.0 fmt --all, which completed successfully. (passed)
• Ran cargo +1.93.0 xtask check-lint-policy, which compiled the xtask binary and reported lint policy is coherent. (passed)
• Ran cargo +1.93.0 check --workspace --exclude acceptance --exclude adapters-grpc, which completed successfully for the included crates. (passed)
• Running cargo +1.93.0 check --workspace --exclude acceptance surfaced an environment/tooling limitation: adapters-grpc build script failed because protoc/protobuf includes (google/protobuf/timestamp.proto) were not available in the environment, which is an external build dependency rather than a lint-policy failure. (observed tooling failure)
• Ran git diff --cached --check to validate whitespace/EOF issues and fixed the template EOF; pre-commit checks passed. (passed)

---

Codex Task

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, add credits to your account and enable them for code reviews in your settings.

[coderabbitai]

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 21 minutes and 3 seconds before requesting another review.

To continue reviewing without waiting, purchase usage credits in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e7770e58-57da-4d02-a4b0-875483173ce6

📥 Commits

Reviewing files that changed from the base of the PR and between 90fd4d1 and d468bc8.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (67)

• Cargo.toml
• clippy.toml
• crates/ac-kernel/Cargo.toml
• crates/acceptance/Cargo.toml
• crates/adapters-db-sqlx/Cargo.toml
• crates/adapters-grpc/Cargo.toml
• crates/app-http/Cargo.toml
• crates/business-core/Cargo.toml
• crates/gov-contracts/Cargo.toml
• crates/gov-http-core/Cargo.toml
• crates/gov-http-forks/Cargo.toml
• crates/gov-http-friction/Cargo.toml
• crates/gov-http-issues/Cargo.toml
• crates/gov-http-questions/Cargo.toml
• crates/gov-http-types/Cargo.toml
• crates/gov-http/Cargo.toml
• crates/gov-model/Cargo.toml
• crates/gov-policy/Cargo.toml
• crates/gov-receipts/Cargo.toml
• crates/gov-xtask-core/Cargo.toml
• crates/http-agents/Cargo.toml
• crates/http-auth-mode/Cargo.toml
• crates/http-auth-token/Cargo.toml
• crates/http-auth-verifier/Cargo.toml
• crates/http-auth/Cargo.toml
• crates/http-bearer-token/Cargo.toml
• crates/http-body-format/Cargo.toml
• crates/http-core/Cargo.toml
• crates/http-errors/Cargo.toml
• crates/http-metrics/Cargo.toml
• crates/http-middleware/Cargo.toml
• crates/http-origin-boundary/Cargo.toml
• crates/http-origin-parser/Cargo.toml
• crates/http-origin-policy/Cargo.toml
• crates/http-origin-prefix/Cargo.toml
• crates/http-origin-rule/Cargo.toml
• crates/http-origin-subdomain/Cargo.toml
• crates/http-platform/Cargo.toml
• crates/http-task-status-parser/Cargo.toml
• crates/http-tasks/Cargo.toml
• crates/http-todos/Cargo.toml
• crates/model/Cargo.toml
• crates/receipts-core/Cargo.toml
• crates/rust_iac_config/Cargo.toml
• crates/rust_iac_xtask_core/Cargo.toml
• crates/spec-runtime/Cargo.toml
• crates/telemetry/Cargo.toml
• crates/testing/Cargo.toml
• crates/xtask-contracts/Cargo.toml
• crates/xtask-lib/Cargo.toml
• crates/xtask-receipts/Cargo.toml
• crates/xtask-versioning/Cargo.toml
• crates/xtask/Cargo.toml
• crates/xtask/src/commands/check_lint_policy.rs
• crates/xtask/src/commands/mod.rs
• crates/xtask/src/main.rs
• docs/CLIPPY_POLICY.md
• policy/clippy-debt.toml
• policy/clippy-lints.toml
• policy/no-panic-allowlist.toml
• policy/non-rust-allowlist.toml
• templates/rust/clippy/Cargo.lints.strict.toml
• templates/rust/clippy/clippy.toml
• templates/rust/clippy/policy-clippy-lints.toml
• templates/rust/docs/CLIPPY_POLICY.md
• templates/rust/prompts/clippy-rollout.md
• templates/rust/xtask/check_lint_policy.rs

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/implement-standard-clippy-policy-model-ch82q3

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Scope Guard Summary

Metric	Value
Files changed	68
Scope declared	false
Declared type	any
Waived	false

Change distribution:

• Runtime (crates/*.rs): 55
• Documentation: 3
• Specs: 0
• Policy: 4
• CI workflows: 0

⚠️ Danger zone files touched:

policy/clippy-debt.toml
policy/clippy-lints.toml
policy/no-panic-allowlist.toml
policy/non-rust-allowlist.toml

Policy evaluation:

�[33mWARN�[0m - /tmp/scope_input.json - main - Large PR (68 files) without scope declaration. Consider adding ## Scope for reviewers.
�[33mWARN�[0m - /tmp/scope_input.json - main - PR body missing ## Scope block. Consider adding for reviewer clarity.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/clippy-debt.toml' modified without ## Scope declaration. Add scope block to PR body.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/clippy-lints.toml' modified without ## Scope declaration. Add scope block to PR body.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/no-panic-allowlist.toml' modified without ## Scope declaration. Add scope block to PR body.
�[31mFAIL�[0m - /tmp/scope_input.json - main - Danger zone file 'policy/non-rust-allowlist.toml' modified without ## Scope declaration. Add scope block to PR body.

�[31m6 tests, 0 passed, 2 warnings, 4 failures, 0 exceptions�[0m

---

💡 Add a ## Scope block to your PR description to silence this advisory.

[github-actions]

❌ Agents Governance Check Failed

Fix the errors reported above. See AGENTS_GOVERNANCE.md for troubleshooting.

[github-actions]

Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit d468bc8.