Skip to content

Prefer plain scan-build-py command if available #203

Prefer plain scan-build-py command if available

Prefer plain scan-build-py command if available #203

Workflow file for this run

name: Analysis
on:
pull_request:
push:
# don't run on packaging and dependabot branches
branches-ignore:
- 'for-debian'
- 'debian/**'
- 'pristine-tar'
- 'dependabot/**'
paths:
- '**'
- '!doc/**'
- '!**.md'
permissions:
contents: read
security-events: write
jobs:
clang:
runs-on: ubuntu-24.04
container: debian:bookworm
name: clang-analyzer
steps:
- name: install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get -y install meson make git python3-yaml apache2-bin apache2-dev gnutls-bin libapr1-dev libgnutls28-dev pkgconf procps clang clang-tools
- uses: actions/checkout@v4
- name: 'workaround for Meson versions < 1.1'
run: ln -s meson.options meson_options.txt
- name: define CONTAINER_WORKSPACE
run: |
echo "CONTAINER_WORKSPACE=${PWD}" >> ${GITHUB_ENV}
- name: meson setup
run: |
meson setup -Dpdf-doc=false build
- name: ninja scan-build
env:
SCANBUILD: '${{ env.CONTAINER_WORKSPACE }}/support/scan-build-wrapper.sh'
run: |
ninja -C build/ scan-build
- name: find output file
id: sarif-output
run: |
echo "file=$(find build/meson-logs/scanbuild/ -name results-merged.sarif)" >> ${GITHUB_OUTPUT}
- name: upload SARIF results
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.sarif-output.outputs.file }}
checkout_path: ${{ env.CONTAINER_WORKSPACE }}
cppcheck:
runs-on: ubuntu-24.04
container: debian:bookworm
name: cppcheck
steps:
- name: install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get -y install meson make git python3-yaml apache2-bin apache2-dev gnutls-bin libapr1-dev libgnutls28-dev pkgconf procps cppcheck
- uses: actions/checkout@v4
- name: 'workaround for Meson versions < 1.1'
run: ln -s meson.options meson_options.txt
- name: meson setup
run: meson setup -Dpdf-doc=false build
- name: cppcheck
run: |
ninja -C build/ cppcheck-xml
- uses: airtower-luna/[email protected]
with:
tool: 'CppCheck'
input_file: 'build/cppcheck.xml'
sarif_file: 'cppcheck.sarif'
- name: define CONTAINER_WORKSPACE
run: |
echo "CONTAINER_WORKSPACE=${PWD}" >> ${GITHUB_ENV}
- name: upload SARIF results
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'cppcheck.sarif'
checkout_path: ${{ env.CONTAINER_WORKSPACE }}
codeql:
runs-on: ubuntu-24.04
name: CodeQL
steps:
- uses: actions/checkout@v4
- name: install dependencies
run: |
sudo apt-get update
sudo apt-get -y install meson make python3-yaml apache2-bin apache2-dev gnutls-bin libapr1-dev libgnutls28-dev pkgconf procps
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: cpp
- name: meson setup
run: meson setup -Dpdf-doc=false build
- name: meson compile
run: meson compile -C build/
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3