H-6474: remove shared libs .gitignore

[indietyp]

🌟 What is the purpose of this PR?

• Removes the libs/.gitignore

🔍 What does this change?

• Removed the shared libs/.gitignore that was previously excluding Cargo.lock files from version control.
• Added a Cargo.lock for libs/@local/hash-authorization, pinning its full dependency tree including authorization, codec, graph-types, reqwest, tokio, utoipa, and related transitive dependencies.
• Added a Cargo.lock for libs/antsi, pinning its minimal dependency tree.
• Added a Cargo.lock for libs/error-stack, pinning its dependency tree including test and dev dependencies such as insta, trybuild, tracing-subscriber, and related crates.

Pre-Merge Checklist 🚀

🚢 Has this modified a publishable library?

This PR:

• modifies a Cargo-publishable library, but it is not yet ready to publish

📜 Does this require a change to the docs?

The changes in this PR:

• are internal and do not require a docs change

🕸️ Does this require a change to the Turbo Graph?

The changes in this PR:

• do not affect the execution graph

🛡 What tests cover this?

• Existing CI pipelines that build and test each Rust library will now use the pinned lockfiles.

❓ How to test this?

1. Checkout the branch.
2. Run cargo build or cargo test within any of the affected library directories (libs/@local/hash-authorization, libs/antsi, libs/error-stack).
3. Confirm that the build resolves dependencies using the committed Cargo.lock without errors.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
hash	Ready	Preview, Comment	May 18, 2026 8:13am
petrinaut	Ready	Preview	May 18, 2026 8:13am

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
hashdotdesign-tokens	Ignored	Preview	May 18, 2026 8:13am

[cursor]

PR Summary

Low Risk
Low risk change removing a libs/.gitignore entry; the main impact is that previously-ignored files under libs/ (e.g., Cargo.lock) may now be committed/tracked.

Overview
Removes the shared libs/.gitignore, so libs/ no longer ignores Cargo.lock/analysis and related artifacts can be tracked by git.

^{Reviewed by Cursor Bugbot for commit 0e3720c. Bugbot is set up for automated code reviews on this repo. Configure here.}

[indietyp]

• H-6474: remove shared libs .gitignore #8726 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

Dependency Review

The following issues were found:

• ❌ 10 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.
• ⚠️ 18 packages with OpenSSF Scorecard issues.

View full job summary

[augmentcode]

🤖 Augment PR Summary

Summary: This PR removes the shared libs/.gitignore entry that prevented Rust lockfiles from being committed, improving dependency reproducibility for individual libraries.

Changes:

• Removes libs/.gitignore rules that ignored Cargo.lock (and an analysis path) within /libs.
• Adds a committed Cargo.lock for libs/@local/hash-authorization.
• Adds a committed Cargo.lock for libs/antsi.
• Adds a committed Cargo.lock for libs/error-stack.

Technical Notes: With per-library lockfiles tracked, builds/tests run from those library directories should resolve dependencies deterministically using the committed Cargo.lock.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. No suggestions at this time.

Comment augment review to trigger a new review at any time.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit e5c0d04. Configure here.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 62.31%. Comparing base (7b67b01) to head (e5c0d04).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8726   +/-   ##
=======================================
  Coverage   62.31%   62.31%           
=======================================
  Files        1354     1354           
  Lines      137313   137313           
  Branches     5793     5793           
=======================================
+ Hits        85568    85569    +1     
+ Misses      50838    50837    -1     
  Partials      907      907           

Flag	Coverage Δ
apps.hash-ai-worker-ts	1.41% <ø> (ø)
apps.hash-api	0.00% <ø> (ø)
blockprotocol.type-system	40.84% <ø> (ø)
local.harpc-client	51.24% <ø> (ø)
local.hash-backend-utils	2.81% <ø> (ø)
local.hash-graph-sdk	9.63% <ø> (ø)
local.hash-isomorphic-utils	0.00% <ø> (ø)
rust.antsi	0.00% <ø> (ø)
rust.error-stack	90.87% <ø> (ø)
rust.harpc-codec	84.70% <ø> (ø)
rust.harpc-net	96.22% <ø> (+0.01%)	⬆️
rust.harpc-tower	67.03% <ø> (ø)
rust.harpc-wire-protocol	92.23% <ø> (ø)
rust.hash-codec	72.76% <ø> (ø)
rust.hash-graph-api	2.52% <ø> (ø)
rust.hash-graph-authorization	62.34% <ø> (ø)
rust.hash-graph-postgres-store	26.81% <ø> (ø)
rust.hash-graph-store	37.76% <ø> (ø)
rust.hash-graph-temporal-versioning	47.95% <ø> (ø)
rust.hash-graph-types	0.00% <ø> (ø)
rust.hash-graph-validation	83.45% <ø> (ø)
rust.hashql-ast	87.23% <ø> (ø)
rust.hashql-compiletest	29.63% <ø> (ø)
rust.hashql-core	82.44% <ø> (ø)
rust.hashql-eval	62.99% <ø> (ø)
rust.hashql-hir	89.06% <ø> (ø)
rust.hashql-mir	92.08% <ø> (ø)
rust.hashql-syntax-jexpr	94.06% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[codspeed-hq]

Merging this PR will not alter performance

✅ 80 untouched benchmarks

---

_{Comparing bm/h-6474-remove-libs-gitignore-file (10ae7a2) with main (7b67b01)¹}

Footnotes

1. No successful run was found on main (2c1c977) during the generation of this report, so 7b67b01 was used instead as the comparison base. There might be some changes unrelated to this pull request in this report. ↩

[TimDiekmann]

Could you remove the orphaned lock files?

[indietyp]

Could you remove the orphaned lock files?

​fixed, they somehow slipped in from my own state :P