Skip to content
scriptcheck

Fix first instance rule being used as rule description for all violations of that rule and other SARIF improvements #19405

Sign in to view logs

Fix first instance rule being used as rule description for all violations of that rule and other SARIF improvements

Fix first instance rule being used as rule description for all violations of that rule and other SARIF improvements #19405

Workflow file for this run

.github/workflows/scriptcheck.yml at fb42232
# Syntax reference https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions
# Environment reference https://help.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners
name: scriptcheck
on:
push:
branches:
- 'main'
- 'releases/**'
- '2.*'
tags:
- '2.*'
pull_request:
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
with:
key: ${{ github.workflow }}-${{ runner.os }}
- name: Cache Cppcheck
uses: actions/cache@v4
with:
path: cppcheck
key: ${{ runner.os }}-scriptcheck-cppcheck-${{ github.sha }}
- name: build cppcheck
run: |
export PATH="/usr/lib/ccache:/usr/local/opt/ccache/libexec:$PATH"
make -j$(nproc) CXXOPTS="-Werror"
strip -s ./cppcheck
scriptcheck:
needs: build
runs-on: ubuntu-22.04
strategy:
matrix:
python-version: [3.7, 3.8, 3.9, '3.10', '3.11', '3.12', '3.13', '3.14']
include:
- python-version: '3.14'
python-latest: true
fail-fast: false
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
# TODO: bailout on error
- name: Restore Cppcheck
uses: actions/cache@v4
with:
path: cppcheck
key: ${{ runner.os }}-scriptcheck-cppcheck-${{ github.sha }}
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
check-latest: true
- name: Install missing software on ubuntu
run: |
sudo apt-get update
sudo apt-get install tidy libxml2-utils
- name: Install missing software on ubuntu (Python 3)
run: |
# shellcheck cannot be installed via pip
# ERROR: Could not find a version that satisfies the requirement shellcheck (from versions: none)
# ERROR: No matching distribution found for shellcheck
sudo apt-get install shellcheck
python -m pip install pip --upgrade
python -m pip install natsort
python -m pip install pexpect
python -m pip install 'pylint<=3.3.0'
python -m pip install unittest2
python -m pip install pytest
python -m pip install pytest-xdist
python -m pip install pygments
python -m pip install requests
python -m pip install psutil
python -m pip install setuptools
- name: run Shellcheck
if: matrix.python-latest
run: |
find . -name "*.sh" | xargs shellcheck --exclude SC2002,SC2013,SC2034,SC2035,SC2043,SC2046,SC2086,SC2089,SC2090,SC2129,SC2211,SC2231
- name: run pylint
if: matrix.python-latest
run: |
shopt -s globstar
pylint --jobs $(nproc) --py-version 3.7 addons/**/*.py htmlreport/cppcheck-htmlreport htmlreport/**/*.py test/**/*.py tools/**/*.py
- name: check .json files
if: matrix.python-latest
run: |
find . -name '*.json' | xargs -n 1 python -m json.tool > /dev/null
- name: Validate
if: matrix.python-latest
run: |
make -j$(nproc) validateCFG validatePlatforms validateRules
- name: check python syntax
run: |
shopt -s globstar
python -m py_compile addons/**/*.py
python -m py_compile htmlreport/cppcheck-htmlreport
python -m py_compile htmlreport/**/*.py
python -m py_compile test/**/*.py
python -m py_compile tools/**/*.py
- name: compile addons
run: |
python -m compileall ./addons
- name: test matchcompiler
run: |
python test/tools/test_matchcompiler.py
env:
PYTHONPATH: ./tools
# TODO: run with "-n auto" when misra_test.py can be run in parallel
# we cannot specify -Werror since xml/etree/ElementTree.py in Python 3.9/3.10 contains an unclosed file
- name: test addons
if: matrix.python-version == '3.9' || matrix.python-version == '3.10'
run: |
python -m pytest --strict-markers -vv -n 1 addons/test
env:
PYTHONPATH: ./addons
# TODO: run with "-n auto" when misra_test.py can be run in parallel
- name: test addons
if: matrix.python-version != '3.9' && matrix.python-version != '3.10'
run: |
python -m pytest -Werror --strict-markers -vv -n 1 addons/test
env:
PYTHONPATH: ./addons
- name: test htmlreport (standalone)
run: |
test/tools/htmlreport/test_htmlreport.py
test/tools/htmlreport/check.sh
- name: test htmlreport (pip)
run: |
python -m venv venv
source venv/bin/activate
python -m pip install -U pip
pip install ./htmlreport/
which cppcheck-htmlreport
PIP_PACKAGE_TEST=1 test/tools/htmlreport/test_htmlreport.py
# TODO: does not test the pip binary
test/tools/htmlreport/check.sh
- name: test reduce
run: |
python -m pytest -Werror --strict-markers -vv test/tools/reduce_test.py
env:
PYTHONPATH: ./tools
- name: test donate_cpu_lib
run: |
python -m pytest -Werror --strict-markers -vv test/tools/donate_cpu_lib_test.py
env:
PYTHONPATH: ./tools
- name: test donate_cpu_server
run: |
python -m pytest -Werror --strict-markers -vv test/tools/donate_cpu_server_test.py
# TODO: why is this file generated? also should be in a temporary folder if possible
rm -f test/tools/donate-cpu-server.log
env:
PYTHONPATH: ./tools
- name: Show all ignored files
if: false # TODO: currently lists all the contents of ignored folders - we only need what actually matched
run: |
git ls-files --others --ignored --exclude-standard
- name: Check for changed and unversioned files
run: |
# TODO: how to do this with a single command?
git status --ignored=no
git status --ignored=no | grep -q 'working tree clean'
dmake:
strategy:
matrix:
os: [ubuntu-22.04, macos-15, windows-2025]
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: run dmake
run: |
make -j3 CXXOPTS="-Werror" run-dmake
- name: check diff
run: |
git diff --exit-code