xhiveframework
/
xhiveframework15
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
1 Commit
1 Branche
16 MiB
 
 
 
 
 
 
Aborescence: 731cd60916
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '731cd60916'
${ noResults }
xhiveframework15/.github/workflows/linters.yml

98 lignes
2.5 KiB
Brut Annotations Historique 

  1. name: Linters

  2. 

  3. on:

  4.   pull_request:

  5.   workflow_dispatch:

  6. 

  7. permissions:

  8.   contents: read

  9. 

  10. concurrency:

  11.   group: commitcheck-xhiveframework-${{ github.event_name }}-${{ github.event.number }}

  12.   cancel-in-progress: true

  13. 

  14. jobs:

  15.   commit-lint:

  16.     name: 'Semantic Commits'

  17.     runs-on: ubuntu-latest

  18.     if: github.event_name == 'pull_request'

  19. 

  20.     steps:

  21.       - uses: actions/checkout@v4

  22.         with:

  23.           fetch-depth: 200

  24.       - uses: actions/setup-node@v3

  25.         with:

  26.           node-version: 18

  27.           check-latest: true

  28. 

  29.       - name: Check commit titles

  30.         run: |

  31.           npm install @commitlint/cli @commitlint/config-conventional

  32.           npx commitlint --verbose --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }}

  33. 

  34.   docs-required:

  35.     name: 'Documentation Required'

  36.     runs-on: ubuntu-latest

  37.     if: github.event_name == 'pull_request'

  38. 

  39.     steps:

  40.       - name: 'Setup Environment'

  41.         uses: actions/setup-python@v4

  42.         with:

  43.           python-version: '3.10'

  44.       - uses: actions/checkout@v4

  45. 

  46.       - name: Validate Docs

  47.         env:

  48.           PR_NUMBER: ${{ github.event.number }}

  49.         run: |

  50.           pip install requests --quiet

  51.           python $GITHUB_WORKSPACE/.github/helper/documentation.py $PR_NUMBER

  52. 

  53.   linter:

  54.     name: 'Semgrep Rules'

  55.     runs-on: ubuntu-latest

  56.     if: github.event_name == 'pull_request'

  57. 

  58.     steps:

  59.       - uses: actions/checkout@v4

  60.       - uses: actions/setup-python@v4

  61.         with:

  62.           python-version: '3.10'

  63.           cache: pip

  64. 

  65.       - name: Download Semgrep rules

  66.         run: git clone --depth 1 https://lab.membtech.com/xhiveframework/semgrep-rules.git xhiveframework-semgrep-rules

  67. 

  68.       - name: Run Semgrep rules

  69.         run: |

  70.           pip install semgrep

  71.           semgrep ci --config ./xhiveframework-semgrep-rules/rules --config r/python.lang.correctness

  72. 

  73.   deps-vulnerable-check:

  74.     name: 'Vulnerable Dependency Check'

  75.     runs-on: ubuntu-latest

  76. 

  77.     steps:

  78.       - uses: actions/setup-python@v4

  79.         with:

  80.           python-version: '3.10'

  81. 

  82.       - uses: actions/checkout@v4

  83. 

  84.       - name: Cache pip

  85.         uses: actions/cache@v3

  86.         with:

  87.           path: ~/.cache/pip

  88.           key: ${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt', '**/pyproject.toml', '**/setup.py') }}

  89.           restore-keys: |

  90.             ${{ runner.os }}-pip-

  91.             ${{ runner.os }}-

  92. 

  93.       - name: Install and run pip-audit

  94.         run: |

  95.           pip install pip-audit

  96.           cd ${GITHUB_WORKSPACE}

  97.           pip-audit --desc on --ignore-vuln GHSA-4xqq-73wg-5mjp .