From ac28d1cb9b07d044bdb4d99f1a8783bcc45187f8 Mon Sep 17 00:00:00 2001
From: Stefan Steiner <ssteiner@tableau.com>
Date: Sun, 28 Jun 2026 22:44:04 -0700
Subject: [PATCH] ci: silence cargo-deny toolchain-override stack trace (#81)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The EmbarkStudios/cargo-deny-action@v2 image ships a pre-installed
`stable` toolchain, but its `rustup show` step evaluates
rust-toolchain.toml's override before that toolchain is registered,
emitting a non-fatal but alarming 'override toolchain ... is not
installed' stack trace on every CI run. Pinning RUSTUP_TOOLCHAIN=stable
on the deny job bypasses the override probe so the log stays clean.

Enforcement is unchanged: `cargo deny check --all-features --workspace`
still runs against the full workspace (verified locally: advisories /
bans / licenses / sources all ok). The bitflags duplicate-version
warning (Finding 2) is left as-is — it's an upstream-blocked `warn`,
not a failure.
---
 .github/workflows/ci.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b8e7798..164dd88 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -254,6 +254,14 @@ jobs:
     name: cargo-deny
     runs-on: ubuntu-latest
     timeout-minutes: 10
+    # The cargo-deny-action image ships a pre-installed `stable` toolchain,
+    # but its `rustup show` step honors `rust-toolchain.toml`'s override
+    # before that toolchain is registered, emitting an alarming (but
+    # non-fatal) "override toolchain ... is not installed" stack trace.
+    # Pinning RUSTUP_TOOLCHAIN bypasses the override probe so the log is
+    # clean. See issue #81.
+    env:
+      RUSTUP_TOOLCHAIN: stable
     steps:
       - uses: actions/checkout@v7
       - uses: EmbarkStudios/cargo-deny-action@v2