chore(clippy): enforce production denies under the virt feature

The denies (panic, unwrap, expect, indexing_slicing, and others) were
gated on not(any(test, feature = "virt")). Every CI job builds with
--all-features, so the virt feature was always on and the denies never
ran in CI. Violations could then land unnoticed.

Gate the denies on not(test) instead, so they cover production code even
when virt is enabled. The few virt test-utility match arms that panic on
a poisoned lock or mark an unreachable path keep a local allow. The
now-redundant module-level deny in psl is dropped.

Author: AlfioEmanueleFresta

libwebauthn/src/lib.rs

@@ -1,11 +1,12 @@
-// Tests and the virt test-utility feature are allowed to use unwrap/expect/panic for convenience.
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::unwrap_used))]
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::expect_used))]
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::panic))]
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::todo))]
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::unreachable))]
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::indexing_slicing))]
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::unwrap_in_result))]
+// Production code must not panic. Tests keep unwrap/expect/panic latitude
+// through `not(test)`, and the virt test-utility code through local allows.
+#![cfg_attr(not(test), deny(clippy::unwrap_used))]
+#![cfg_attr(not(test), deny(clippy::expect_used))]
+#![cfg_attr(not(test), deny(clippy::panic))]
+#![cfg_attr(not(test), deny(clippy::todo))]
+#![cfg_attr(not(test), deny(clippy::unreachable))]
+#![cfg_attr(not(test), deny(clippy::indexing_slicing))]
+#![cfg_attr(not(test), deny(clippy::unwrap_in_result))]
 
 #[cfg(all(
     feature = "nfc",

libwebauthn/src/ops/webauthn/psl/mod.rs

@@ -20,9 +20,6 @@
 //! Most callers should use [`SystemPublicSuffixList::auto`], which probes
 //! the standard system paths for whichever format is available.
 
-// Module-scoped until the crate-wide indexing_slicing deny lands.
-#![cfg_attr(not(any(test, feature = "virt")), deny(clippy::indexing_slicing))]
-
 pub mod dafsa;
 pub mod dat;
 mod system;

libwebauthn/src/transport/hid/channel.rs

@@ -244,6 +244,8 @@ impl<'d> HidChannel<'d> {
                 .open_device(&hidapi)
                 .or(Err(Error::Transport(TransportError::ConnectionFailed)))?),
             #[cfg(feature = "virt")]
+            #[allow(clippy::unreachable)]
+            // virtual devices never go through hid_open
             HidBackendDevice::VirtualDevice(_) => unreachable!(),
         }
     }
@@ -317,6 +319,8 @@ impl<'d> HidChannel<'d> {
                 response
             }
             #[cfg(feature = "virt")]
+            #[allow(clippy::panic)]
+            // virt test-utility: a poisoned lock is unrecoverable
             OpenHidDevice::VirtualDevice(backend) => {
                 let Ok(mut guard) = backend.lock() else {
                     panic!("Poisoned lock on Virtual HID device");
@@ -378,6 +382,8 @@ impl<'d> HidChannel<'d> {
                     })?
                 }
                 #[cfg(feature = "virt")]
+                #[allow(clippy::panic)]
+                // virt test-utility: a poisoned lock is unrecoverable
                 OpenHidDevice::VirtualDevice(backend) => {
                     let Ok(mut guard) = backend.lock() else {
                         panic!("Poisoned lock on Virtual HID device");