Skip to content

miscellaneous maintenance (mostly GHA) #214

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 83 commits into
base: master
Choose a base branch
from
Open

miscellaneous maintenance (mostly GHA) #214

wants to merge 83 commits into from
+548 −448

Conversation

@vszakats
Copy link
Member

@vszakats vszakats commented Oct 23, 2025
edited
Loading

  • add zizmor GHA linter job.
  • add ruff to GHA linter job.
  • set persist-credentials: false.
  • drop permissions where missing.
  • set GHA concurrency where missing.
  • suppress zizmor warning for cancel-in-progress: false.
    Though perhaps it could be set to true?
  • pages: replace hard-coded string with GitHub variable.
  • sync action version numbers in comments.
  • use full version numbers in newly added actions.
  • page: scope extra permissions to the deploy job.
  • silence zizmor warning about unpinned oss-fuzz action.
  • avoid GitHub macros in shell code. Replace by envs.
  • add name to each job to make them easier to read, and
    to silence pedantic zizmor.
  • say why a job needs extra permissions. For zizmor.
  • shell: add missing double quotes, drop unused variables, fix printf
    format string to be constant, fix other misc shellcheck warnings.
  • move 'just_dependencies', 'PythonTests', 'Mainline' (2x) jobs from
    ci to a new local workflow, to not get triggered by curl/curl PR
    and master commits. These jobs either do not use the curl source repo,
    or use its master branch.
    To save 5 minutes CI time per curl/curl PR push.
  • test_corpus_decoder.py: fix to indent consistently.
  • fix issues reported by yamllint. (indent mostly)
  • sync ruff configuration with other curl repos. Fix minor fallouts.
    Credits-to: Dan Fandrich
    curl/curl@57cc523
  • make sure to always use pyproject.toml to install pip packages.
    To have all of them pinned.
  • move pyproject.toml default packages to group to avoid installing
    them when unused.
  • merge two pip invocations by adding a pinned pytest_playwright to the group.
  • drop pip upgrades, use the version preinstalled on the host, for
    determinism.
  • tidy-up python shebangs and exec attributes.
  • tidy-up shell script shebangs and sets.
  • delete copyright years.
  • drop step name from well-known actions like checkout and python,
    to sync with other curl repos and making it more readily apparent
    what they are.
  • pyproject.toml: use a single style to specify dependency versions.
  • cmake: drop redundant DEFINED ENV checks.
  • cmake: drop appending CFLAGS, CXXFLAGS envs manually. CMake uses
    these automatically.
  • cmake: check if empty is non-empty, vs. just defined.
  • cmake: fold long lines.
  • whitespace.

w/o sp https://github.com/curl/curl-fuzzer/pull/214/files?w=1

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 23, 2025
View reviewed changes
@vszakats vszakats force-pushed the ciu branch 2 times, most recently from 8b5a766 to cc7ca1c Compare October 23, 2025 17:26
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 23, 2025
View reviewed changes
@vszakats vszakats force-pushed the ciu branch 4 times, most recently from 49aedb5 to 757d177 Compare October 26, 2025 20:36
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 26, 2025
View reviewed changes
vszakats added 20 commits October 27, 2025 06:56
@vszakats
persist credentials: false
da2f2ae
@vszakats
order/formatting
34c89e5
@vszakats
pages-ci.yml permissions: {}
025a1d0
@vszakats
sync upload-artifacts version with other jobs
f30e866
@vszakats
pages.yml limit permissions to deploy job
54ffb88
@vszakats
silence zizmor about unpinned oss-fuzz action
af44f18
@vszakats
use full version for python install action
90f8921
@vszakats
use full version for deploy-pages action
cf4b5e9
@vszakats
avoid GH macros in shell code
eda6e78
@vszakats
pages.yml permissions: {} by default
85118a5
@vszakats
add name for each job for zizmor pedantic
63b90e4
@vszakats
say why we need write permisions (for zizmor) copied from the action …
b0df63a 
…readme
@vszakats
add zizmor job
f493160
@vszakats
sh: add missing quote, drop no longer used var, fixup printf mask, sh…
678575a 
…ellcheck warnings
@vszakats
sh: add missing quote, drop no longer used var, fixup printf mask, sh…
79608b8 
…ellcheck warnings cleanup
@vszakats
sh: add missing quote, drop no longer used var, fixup printf mask, sh…
a4943f6 
…ellcheck warnings (./scripts/)
@vszakats
sh: add missing quote, drop no longer used var, fixup printf mask, sh…
8efe6d8 
…ellcheck warnings (./scripts/) cont
@vszakats
move jobs from ci to local 1
2a6b733
@vszakats
move jobs from ci to local 2
a2b10ca 
They are building master curl. Seems overkill to run in each curl PR commit.
@vszakats
build.yml cleanup checkout
4772856
vszakats added 20 commits October 27, 2025 06:56
@vszakats
CMakeLists.txt fix indent/spaces
bcc83bc
@vszakats
CMakeLists.txt rename custom macro to begin with curl_
148cf25
@vszakats
CMakeLists.txt rename local vars to begin with _
7797d36
@vszakats
ci.yml format if expression to match rest of project
411d945
@vszakats
pip apply std args
cc2a263
@vszakats
GHA/ci: try suppressing CodeQL warnings
4749f1f
@vszakats
Revert "GHA/ci: try suppressing CodeQL warnings"
46637a1 
This reverts commit d70a5b8.

Doesn't seem to work.
@vszakats
run python in venv, also apply some pip options from curl
068abc0
@vszakats
pyproject.toml: move scapy to dev group (only used by corpus to pcap …
c5a4d7b 
…manual script)
@vszakats
switch back to py action
1e77944
@vszakats
Revert "switch back to py action"
96d0f38 
This reverts commit 52efe1f.
@vszakats
pages-ci.yml installing page-gen pkgs
a01bcd9
@vszakats
Reapply "switch back to py action"
ebe35be 
This reverts commit f366480.
@vszakats
pyproject.toml formatting to prev
619edeb
@vszakats
pyproject.toml tidy up version formats
d55a74d
@vszakats
cmake: drop redundant DEFINED check for envs. enough to check if the …
a5ddc39 
…value is not empty
@vszakats
cmake: check for non-empty env value, to not accept defined but empty…
34c9d1e 
… ones
@vszakats
cmake: use string(APPEND)
2f9c6ae
@vszakats
cmake: do not add CFLAGS/CXXFLAGS manually, they are used by cmake au…
1e58bd7 
…tomatically

https://cmake.org/cmake/help/latest/envvar/CFLAGS.html
https://cmake.org/cmake/help/latest/envvar/CXXFLAGS.html
@vszakats
cmake fold long (>132) lines
94ba626
@vszakats
Revert "debug 2"
d0ad1e9 
This reverts commit 6297e70.
@vszakats vszakats changed the title GHA: misc maintenance miscellaneous maintenance (mostly GHA) Oct 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vszakats