build: enforce stricter Clippy lint rules; optimize release profile

Signed-off-by: NotAShelf <raf@notashelf.dev>
Change-Id: I9077be96783370a26902f46f62afa2826a6a6964

Cargo.toml

@@ -43,6 +43,44 @@ zip         = "8.5.1"
 mockito  = "1.7.2"
 tempfile = "3.27.0"
 
+[lints.clippy]
+cargo      = { level = "warn", priority = -1 }
+complexity = { level = "warn", priority = -1 }
+nursery    = { level = "warn", priority = -1 }
+pedantic   = { level = "warn", priority = -1 }
+perf       = { level = "warn", priority = -1 }
+style      = { level = "warn", priority = -1 }
+
+# The lint groups above enable some less-than-desirable rules, we should manually
+# enable those to keep our sanity.
+absolute_paths                 = "allow"
+arbitrary_source_item_ordering = "allow"
+enum_variant_names             = "allow"
+implicit_return                = "allow"
+missing_docs_in_private_items  = "allow"
+non_ascii_literal              = "allow"
+pattern_type_mismatch          = "allow"
+print_stdout                   = "allow"
+question_mark_used             = "allow"
+similar_names                  = "allow"
+single_call_fn                 = "allow"
+std_instead_of_core            = "allow"
+struct_excessive_bools         = "allow"
+too_long_first_doc_paragraph   = "allow"
+too_many_lines                 = "allow"
+unused_trait_names             = "allow"
+
+# In the honor of a recent Cloudflare regression
+# Let's get rid of them, what the hell
+panic       = "deny"
+unwrap_used = "deny"
+
+# Less dangerous, but we'd like to know
+expect_used   = "warn"
+todo          = "warn"
+unimplemented = "warn"
+unreachable   = "warn"
+
 # Optimize crypto stuff. Building them with optimizations makes that build script
 # run ~5x faster, more than offsetting the additional build time added to the
 # libraries themselves.
@@ -54,3 +92,8 @@ opt-level = 3
 
 [profile.dev.package.md-5]
 opt-level = 3
+
+[profile.release]
+lto       = true
+opt-level = 3
+strip     = true