# Syntax reference https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions # Environment reference https://help.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners name: scriptcheck on: push: branches: - 'main' - 'releases/**' - '2.*' tags: - '2.*' pull_request: permissions: contents: read jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 with: persist-credentials: false - name: ccache uses: hendrikmuhs/ccache-action@v1.2 with: key: ${{ github.workflow }}-${{ runner.os }} - name: Cache Cppcheck uses: actions/cache@v4 with: path: cppcheck key: ${{ runner.os }}-scriptcheck-cppcheck-${{ github.sha }} - name: build cppcheck run: | export PATH="/usr/lib/ccache:/usr/local/opt/ccache/libexec:$PATH" make -j$(nproc) CXXOPTS="-Werror" strip -s ./cppcheck scriptcheck: needs: build runs-on: ubuntu-22.04 strategy: matrix: python-version: [3.7, 3.8, 3.9, '3.10', '3.11', '3.12', '3.13', '3.14'] include: - python-version: '3.14' python-latest: true fail-fast: false steps: - uses: actions/checkout@v4 with: persist-credentials: false # TODO: bailout on error - name: Restore Cppcheck uses: actions/cache@v4 with: path: cppcheck key: ${{ runner.os }}-scriptcheck-cppcheck-${{ github.sha }} - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} check-latest: true - name: Install missing software on ubuntu run: | sudo apt-get update sudo apt-get install tidy libxml2-utils - name: Install missing software on ubuntu (Python 3) run: | # shellcheck cannot be installed via pip # ERROR: Could not find a version that satisfies the requirement shellcheck (from versions: none) # ERROR: No matching distribution found for shellcheck sudo apt-get install shellcheck python -m pip install pip --upgrade python -m pip install natsort python -m pip install pexpect python -m pip install 'pylint<4.1.0' python -m pip install unittest2 python -m pip install pytest python -m pip install pytest-xdist python -m pip install pygments python -m pip install requests python -m pip install psutil python -m pip install setuptools - name: run Shellcheck if: matrix.python-latest run: | find . -name "*.sh" | xargs shellcheck --exclude SC2002,SC2013,SC2034,SC2035,SC2043,SC2046,SC2086,SC2089,SC2090,SC2129,SC2211,SC2231 - name: run pylint if: matrix.python-latest run: | shopt -s globstar pylint --jobs $(nproc) --py-version 3.7 addons/**/*.py htmlreport/cppcheck-htmlreport htmlreport/**/*.py test/**/*.py tools/**/*.py - name: check .json files if: matrix.python-latest run: | find . -name '*.json' | xargs -n 1 python -m json.tool > /dev/null - name: Validate if: matrix.python-latest run: | make -j$(nproc) validateCFG validatePlatforms validateRules - name: check python syntax run: | shopt -s globstar python -m py_compile addons/**/*.py python -m py_compile htmlreport/cppcheck-htmlreport python -m py_compile htmlreport/**/*.py python -m py_compile test/**/*.py python -m py_compile tools/**/*.py - name: compile addons run: | python -m compileall ./addons - name: test matchcompiler run: | python test/tools/test_matchcompiler.py env: PYTHONPATH: ./tools # TODO: run with "-n auto" when misra_test.py can be run in parallel # we cannot specify -Werror since xml/etree/ElementTree.py in Python 3.9/3.10 contains an unclosed file - name: test addons if: matrix.python-version == '3.9' || matrix.python-version == '3.10' run: | python -m pytest --strict-markers -vv -n 1 addons/test env: PYTHONPATH: ./addons # TODO: run with "-n auto" when misra_test.py can be run in parallel - name: test addons if: matrix.python-version != '3.9' && matrix.python-version != '3.10' run: | python -m pytest -Werror --strict-markers -vv -n 1 addons/test env: PYTHONPATH: ./addons - name: test htmlreport (standalone) run: | test/tools/htmlreport/test_htmlreport.py test/tools/htmlreport/check.sh - name: test htmlreport (pip) run: | python -m venv venv source venv/bin/activate python -m pip install -U pip pip install ./htmlreport/ which cppcheck-htmlreport PIP_PACKAGE_TEST=1 test/tools/htmlreport/test_htmlreport.py # TODO: does not test the pip binary test/tools/htmlreport/check.sh - name: test reduce run: | python -m pytest -Werror --strict-markers -vv test/tools/reduce_test.py env: PYTHONPATH: ./tools - name: test donate_cpu_lib run: | python -m pytest -Werror --strict-markers -vv test/tools/donate_cpu_lib_test.py env: PYTHONPATH: ./tools - name: test donate_cpu_server run: | python -m pytest -Werror --strict-markers -vv test/tools/donate_cpu_server_test.py # TODO: why is this file generated? also should be in a temporary folder if possible rm -f test/tools/donate-cpu-server.log env: PYTHONPATH: ./tools - name: Show all ignored files if: false # TODO: currently lists all the contents of ignored folders - we only need what actually matched run: | git ls-files --others --ignored --exclude-standard - name: Check for changed and unversioned files run: | # TODO: how to do this with a single command? git status --ignored=no git status --ignored=no | grep -q 'working tree clean' dmake: strategy: matrix: os: [ubuntu-22.04, macos-15, windows-2025] fail-fast: false runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 with: persist-credentials: false - name: run dmake run: | make -j3 CXXOPTS="-Werror" run-dmake - name: check diff run: | git diff --exit-code