czoli1976 · czoli1976 · May 28, 2026 · May 28, 2026 · May 28, 2026 · May 28, 2026
diff --git a/.all_crates.sh b/.all_crates.sh
@@ -1,2 +1,2 @@
 
-ALL_CRATES_PATH="data linalg core nnef nnef/nnef-resources pulse-opl pulse extra transformers hir tflite tensorflow onnx-opl onnx gpu metal cuda libcli api api/rs api/ffi api/proxy/sys api/proxy cli"
+ALL_CRATES_PATH="data linalg core nnef nnef/nnef-resources transformers pulse-opl pulse extra hir tflite tensorflow onnx-opl onnx gpu metal cuda libcli api api/rs api/ffi api/proxy/sys api/proxy cli"
diff --git a/.github/scripts/inject_wheel_sboms.py b/.github/scripts/inject_wheel_sboms.py
@@ -0,0 +1,85 @@
+"""Inject CycloneDX + SPDX SBOMs into a wheel's `.dist-info/sboms/` per PEP 770.
+
+Reads the wheel, generates SBOMs from its unpacked contents via `syft`
+(which understands the `cargo-auditable` section embedded in the
+bundled Rust dylib), drops them into the wheel's metadata directory,
+and re-packs the wheel.  `wheel pack` regenerates RECORD so the new
+files are properly listed and hashed.
+
+Usage:  python inject_wheel_sboms.py wheel-1.whl wheel-2.whl ...
+        (in-place; replaces each input wheel with the SBOM-bearing one)
+
+Requires:  `syft` on PATH, and the `wheel` Python package installed.
+"""
+
+import shutil
+import subprocess
+import sys
+import tempfile
+from pathlib import Path
+
+
+def inject(wheel_path: Path) -> None:
+    wheel_path = wheel_path.resolve()
+    with tempfile.TemporaryDirectory() as tmp:
+        tmp = Path(tmp)
+        unpack_root = tmp / "unpacked"
+        repack_root = tmp / "repacked"
+        unpack_root.mkdir()
+        repack_root.mkdir()
+
+        subprocess.check_call(
+            [sys.executable, "-m", "wheel", "unpack", "-d", str(unpack_root), str(wheel_path)]
+        )
+
+        # `wheel unpack` writes one top-level dir named `<name>-<version>`
+        (unpacked,) = list(unpack_root.iterdir())
+        (dist_info,) = list(unpacked.glob("*.dist-info"))
+
+        sboms_dir = dist_info / "sboms"
+        sboms_dir.mkdir(exist_ok=True)
+
+        # syft scans the unpacked tree.  Its rust-audit-binary cataloger
+        # reads the `.dep-v0` ELF/Mach-O section that `cargo-auditable`
+        # embedded; the Python cataloger picks up METADATA.
+        subprocess.check_call(
+            [
+                "syft",
+                "scan",
+                f"dir:{unpacked}",
+                "--source-name",
+                unpacked.name,
+                "-o",
+                f"cyclonedx-json={sboms_dir / 'sbom.cdx.json'}",
+                "-o",
+                f"spdx-json={sboms_dir / 'sbom.spdx.json'}",
+            ]
+        )
+
+        # `wheel pack` rewrites RECORD with hashes for every file under
+        # `unpacked/`, including the two SBOMs we just added.
+        subprocess.check_call(
+            [sys.executable, "-m", "wheel", "pack", "-d", str(repack_root), str(unpacked)]
+        )
+
+        (repacked_wheel,) = list(repack_root.glob("*.whl"))
+        # Names should match; if `wheel pack` produced a different
+        # filename (e.g. build-tag difference), prefer the new name.
+        target = wheel_path.parent / repacked_wheel.name
+        if target != wheel_path:
+            wheel_path.unlink()
+        shutil.move(str(repacked_wheel), str(target))
+        print(f"injected SBOMs into {target.name}")
+
+
+def main(argv: list[str]) -> int:
+    if not argv:
+        print(__doc__, file=sys.stderr)
+        return 2
+    for w in argv:
+        inject(Path(w))
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv[1:]))
diff --git a/.github/workflows/asan.yml b/.github/workflows/asan.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ${{matrix.os}}
 
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - name: Rustup update

diff --git a/.github/workflows/binaries.yml b/.github/workflows/binaries.yml
@@ -22,6 +22,11 @@ jobs:
     name: Upload Release Binaries
     permissions:
       contents: write
+      # OIDC + attestations: cryptographically sign each released .tgz
+      # against its SBOMs via GitHub's attestation store.  Anyone can
+      # then verify with `gh attestation verify <tgz> --owner sonos`.
+      id-token: write
+      attestations: write
     strategy:
       fail-fast: false
       matrix:
@@ -53,7 +58,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -98,15 +103,59 @@ jobs:
             export CARGO_TARGET_${RUST_TRIPLE_ENV}_LINKER=$TARGET_CC
           fi
 
-          cargo build --target ${target} --release -p tract-cli
+          # cargo-auditable wraps `cargo build` to embed the resolved
+          # dependency graph into the binary so consumers can recover
+          # the SBOM directly from the binary via `cargo audit bin`.
+          cargo install --locked cargo-auditable --version 0.7.0
+          cargo auditable build --target ${target} --release -p tract-cli --locked
           mkdir tract-$name
           cp target/${target}/release/tract tract-${name}
           tar czf tract-${name}.tgz tract-${name}
 
+      - name: Generate CycloneDX SBOM
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
+        with:
+          path: .
+          format: cyclonedx-json
+          artifact-name: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.cdx.json
+          output-file: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.cdx.json
+          upload-artifact: false
+          upload-release-assets: false
+
+      - name: Generate SPDX SBOM
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
+        with:
+          path: .
+          format: spdx-json
+          artifact-name: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.spdx.json
+          output-file: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.spdx.json
+          upload-artifact: false
+          upload-release-assets: false
+
+      - name: Attest build provenance
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
+        with:
+          subject-path: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.tgz
+
+      - name: Attest release tarball with CycloneDX SBOM
+        uses: actions/attest-sbom@c604332985a26aa8cf1bdc465b92731239ec6b9e # v4.1.0
+        with:
+          subject-path: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.tgz
+          sbom-path: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.cdx.json
+
+      - name: Attest release tarball with SPDX SBOM
+        uses: actions/attest-sbom@c604332985a26aa8cf1bdc465b92731239ec6b9e # v4.1.0
+        with:
+          subject-path: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.tgz
+          sbom-path: tract-${{ matrix.target }}-${{ steps.version.outputs.value }}.spdx.json
+
       - name: Upload asset
         uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3
         with:
-          files: tract-${{matrix.target}}-${{ steps.version.outputs.value }}.tgz
+          files: |
+            tract-${{matrix.target}}-${{ steps.version.outputs.value }}.tgz
+            tract-${{matrix.target}}-${{ steps.version.outputs.value }}.cdx.json
+            tract-${{matrix.target}}-${{ steps.version.outputs.value }}.spdx.json
           name: ${{ steps.version.outputs.value }}
           tag_name: v${{ steps.version.outputs.value }}
         env:

diff --git a/.github/workflows/cost_model.yml b/.github/workflows/cost_model.yml
@@ -25,7 +25,7 @@ jobs:
         target: [ "aarch64", "armv7" ]
     steps:
       - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 

diff --git a/.github/workflows/crates.yml b/.github/workflows/crates.yml
@@ -19,20 +19,26 @@ jobs:
     outputs:
       os: ${{steps.set-matrix.outputs.os}}
       rust: ${{steps.set-matrix.outputs.rust}}
+      msrv: ${{steps.set-matrix.outputs.msrv}}
 
     steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
       - id: set-matrix
         env:
           FULL: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' }}
         run: |
+          msrv=$(grep -m1 '^rust-version' Cargo.toml | sed -E 's/.*"([^"]+)".*/\1/')
+          echo "msrv=$msrv" >> $GITHUB_OUTPUT
           if [ "$FULL" == "true" ]
           then
             echo 'os=["ubuntu-latest", "macos-latest"]' >> $GITHUB_OUTPUT
-            echo 'rust=["1.91.0", "stable", "beta", "nightly"]' >> $GITHUB_OUTPUT
+            echo "rust=[\"$msrv\", \"stable\", \"beta\", \"nightly\"]" >> $GITHUB_OUTPUT
           else
             echo ::notice::Skipping macOS checks on PR and commit. Dispatch workflow manually if needed.
             echo 'os=["ubuntu-latest"]' >> $GITHUB_OUTPUT
-            echo 'rust=["1.91.0"]' >> $GITHUB_OUTPUT
+            echo "rust=[\"$msrv\"]" >> $GITHUB_OUTPUT
           fi
 
   crates:
@@ -53,7 +59,7 @@ jobs:
       RUSTUP_TOOLCHAIN: ${{matrix.rust}}
 
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
 
@@ -70,7 +76,7 @@ jobs:
     env:
       RUSTUP_TOOLCHAIN: ${{matrix.rust}}
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
 
@@ -85,9 +91,9 @@ jobs:
     runs-on: cuda-lovelace
     needs: prepare-matrix
     env:
-      RUSTUP_TOOLCHAIN: "1.91.0"
+      RUSTUP_TOOLCHAIN: ${{ needs.prepare-matrix.outputs.msrv }}
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - name: Minimum-BOM GPU smoke
@@ -103,7 +109,7 @@ jobs:
     env:
       RUSTUP_TOOLCHAIN: ${{matrix.rust}}
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
 
@@ -122,12 +128,12 @@ jobs:
     env:
       RUSTUP_TOOLCHAIN: ${{matrix.rust}}
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - run: rustup component add clippy && cargo clippy
     - name: fmt
-      run: rustup component add rustfmt && cargo fmt --check
+      run: rustup component add rustfmt --toolchain stable && cargo +stable fmt --check
     - name: Warnings
       env:
         RUSTFLAGS: -D warnings
@@ -140,7 +146,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - name: Install cargo-deny

diff --git a/.github/workflows/cross-platform.yml b/.github/workflows/cross-platform.yml
@@ -14,7 +14,6 @@ on:
 env:
   CARGO_INCREMENTAL: false
   FORCE_JAVASCRIPT_ACTIONS_TO_NODE20: true
-  RUSTUP_TOOLCHAIN: 1.91.0
 
 permissions:
   contents: read
@@ -83,7 +82,7 @@ jobs:
       contents: read
 
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         ref: ${{ needs.prepare.outputs.test_ref }}
         fetch-depth: 0
@@ -95,7 +94,7 @@ jobs:
 
     - name: Configure AWS Credentials
       continue-on-error: true
-      uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6
+      uses: aws-actions/configure-aws-credentials@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 # v6.1.2
       with:
         role-to-assume: arn:aws:iam::567805100031:role/github-runner-tract-ci
         aws-region: us-east-2
@@ -141,15 +140,15 @@ jobs:
       contents: read
 
     steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         ref: ${{ needs.prepare.outputs.test_ref }}
         fetch-depth: 0
         persist-credentials: false
 
     - name: Configure AWS Credentials
       continue-on-error: true
-      uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6
+      uses: aws-actions/configure-aws-credentials@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 # v6.1.2
       with:
         role-to-assume: arn:aws:iam::567805100031:role/github-runner-tract-ci
         aws-region: us-east-2
Original file line number	Diff line number	Diff line change
		@@ -1,2 +1,2 @@

		ALL_CRATES_PATH="data linalg core nnef nnef/nnef-resources pulse-opl pulse extra transformers hir tflite tensorflow onnx-opl onnx gpu metal cuda libcli api api/rs api/ffi api/proxy/sys api/proxy cli"
		ALL_CRATES_PATH="data linalg core nnef nnef/nnef-resources transformers pulse-opl pulse extra hir tflite tensorflow onnx-opl onnx gpu metal cuda libcli api api/rs api/ffi api/proxy/sys api/proxy cli"