Run the unicop tool on this repository

2 files changed, 45 insertions, 0 deletions

diff --git a/.github/workflows/unicop.yml b/.github/workflows/unicop.yml
new file mode 100644
index 0000000000..868b3d7bbf
--- /dev/null
+++ b/.github/workflows/unicop.yml
@@ -0,0 +1,44 @@
+---
+name: Unicop - find evil unicode
+on:
+  pull_request:
+    paths:
+      - .github/workflows/unicop.yml
+      - '**/*.rs'
+      - '**/*.swift'
+      - '**/*.go'
+      - '**/*.py'
+      # Javascript/Typescript
+      - '**/*.ts'
+      - '**/*.js'
+      # Kotlin
+      - '**/*.kt'
+      - '**/*.kts'
+      # C/C++
+      - '**/*.cpp'
+      - '**/*.h'
+  workflow_dispatch:
+
+permissions: {}
+
+jobs:
+  unicop:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Checkout submodules
+        run: |
+          git config --global --add safe.directory '*'
+          git submodule update --init --depth=1 dist-assets/binaries
+          git submodule update --init --depth=1 windows
+          git submodule update --init --depth=1 wireguard-go-rs/libwg/wireguard-go
+
+      - name: Install Rust toolchain
+        run: rustup override set stable
+
+      - name: Install unicop
+        run: cargo install --locked unicop
+
+      - name: Check for unwanted unicode
+        run: unicop --verbose .
diff --git a/.github/workflows/verify-locked-down-signatures.yml b/.github/workflows/verify-locked-down-signatures.yml
index 9453cb789d..7a345c496e 100644
--- a/.github/workflows/verify-locked-down-signatures.yml
+++ b/.github/workflows/verify-locked-down-signatures.yml
@@ -4,6 +4,7 @@ on:
   pull_request:
     paths:
       - .github/workflows/verify-locked-down-signatures.yml
+      - .github/workflows/unicop.yml
       - .github/CODEOWNERS
       - Cargo.toml
       - test/Cargo.toml