From b758931fafbf17664bdb8bec52419b84cb6d7e96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 25 Oct 2024 04:51:09 +0000 Subject: [PATCH 1/5] build(deps): Bump the github-actions group with 3 updates Bumps the github-actions group with 3 updates: [actions/setup-node](https://github.com/actions/setup-node), [actions/setup-python](https://github.com/actions/setup-python) and [actions/setup-go](https://github.com/actions/setup-go). Updates `actions/setup-node` from 4.0.4 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/0a44ba7841725637a19e28fa30b79a866c81b0a6...39370e3970a6d050c480ffad4ff0ed4d3fdee5af) Updates `actions/setup-python` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/f677139bbe7f9c59b41e40162b753c062f5d49a3...0b93645e9fea7318ecaed2b359559ac225c90a2b) Updates `actions/setup-go` from 5.0.2 to 5.1.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32...41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/multibuild.yaml | 2 +- .github/workflows/python-sshnpd-build-publish.yml | 2 +- .github/workflows/unit_tests.yaml | 2 +- .github/workflows/update_python_requirements.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml index 17ce0f160..bef9848f7 100644 --- a/.github/workflows/multibuild.yaml +++ b/.github/workflows/multibuild.yaml @@ -74,7 +74,7 @@ jobs: with: ref: multibuild-${{github.run_number}} - uses: dart-lang/setup-dart@0a8a0fc875eb934c15d08629302413c671d3f672 # v1.6.5 - - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: '20.17.0' # create directories need for build diff --git a/.github/workflows/python-sshnpd-build-publish.yml b/.github/workflows/python-sshnpd-build-publish.yml index b2ca83ccd..5bbe90ae9 100644 --- a/.github/workflows/python-sshnpd-build-publish.yml +++ b/.github/workflows/python-sshnpd-build-publish.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: '3.11' diff --git a/.github/workflows/unit_tests.yaml b/.github/workflows/unit_tests.yaml index 10d877b63..ef14b5e56 100644 --- a/.github/workflows/unit_tests.yaml +++ b/.github/workflows/unit_tests.yaml @@ -31,7 +31,7 @@ jobs: - uses: dart-lang/setup-dart@0a8a0fc875eb934c15d08629302413c671d3f672 # v1.6.5 with: sdk: ${{ matrix.dart-channel}} - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: "stable" cache-dependency-path: tools/osv-scanner/go.sum diff --git a/.github/workflows/update_python_requirements.yml b/.github/workflows/update_python_requirements.yml index 7266e567d..50a7d3368 100644 --- a/.github/workflows/update_python_requirements.yml +++ b/.github/workflows/update_python_requirements.yml @@ -26,7 +26,7 @@ jobs: - name: Set up Python if: ${{ github.actor == 'dependabot[bot]' }} - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: '3.11' From a0d72b1fb5a61c28d388f48d65c89188df9be4c2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 05:05:29 +0000 Subject: [PATCH 2/5] build(deps): Bump abatilo/actions-poetry in the github-actions group Bumps the github-actions group with 1 update: [abatilo/actions-poetry](https://github.com/abatilo/actions-poetry). Updates `abatilo/actions-poetry` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/abatilo/actions-poetry/releases) - [Changelog](https://github.com/abatilo/actions-poetry/blob/master/.releaserc) - [Commits](https://github.com/abatilo/actions-poetry/compare/7b6d33e44b4f08d7021a1dee3c044e9c253d6439...e78f54a89cb052fff327414dd9ff010b5d2b4dbd) --- updated-dependencies: - dependency-name: abatilo/actions-poetry dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/python-sshnpd-build-publish.yml | 2 +- .github/workflows/update_python_requirements.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/python-sshnpd-build-publish.yml b/.github/workflows/python-sshnpd-build-publish.yml index 5bbe90ae9..6da8724bb 100644 --- a/.github/workflows/python-sshnpd-build-publish.yml +++ b/.github/workflows/python-sshnpd-build-publish.yml @@ -27,7 +27,7 @@ jobs: python-version: '3.11' - name: Install Poetry - uses: abatilo/actions-poetry@7b6d33e44b4f08d7021a1dee3c044e9c253d6439 # v3.0.0 + uses: abatilo/actions-poetry@e78f54a89cb052fff327414dd9ff010b5d2b4dbd # v3.0.1 with: poetry-version: '1.8.3' diff --git a/.github/workflows/update_python_requirements.yml b/.github/workflows/update_python_requirements.yml index 50a7d3368..e38b3eb07 100644 --- a/.github/workflows/update_python_requirements.yml +++ b/.github/workflows/update_python_requirements.yml @@ -32,7 +32,7 @@ jobs: - name: Install Poetry if: ${{ github.actor == 'dependabot[bot]' }} - uses: abatilo/actions-poetry@7b6d33e44b4f08d7021a1dee3c044e9c253d6439 # v3.0.0 + uses: abatilo/actions-poetry@e78f54a89cb052fff327414dd9ff010b5d2b4dbd # v3.0.1 with: poetry-version: '1.8.3' From f94ecd829c5709220e5a32cd851730fd11c0dfeb Mon Sep 17 00:00:00 2001 From: xavierchanth Date: Mon, 28 Oct 2024 15:17:36 -0400 Subject: [PATCH 3/5] chore: add clang-tidy and clangd config --- packages/c/.clang-tidy | 41 +++++++++++++++++++++++++++++++++++++++++ packages/c/.clangd | 18 ++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 packages/c/.clang-tidy create mode 100644 packages/c/.clangd diff --git a/packages/c/.clang-tidy b/packages/c/.clang-tidy new file mode 100644 index 000000000..50c117c4a --- /dev/null +++ b/packages/c/.clang-tidy @@ -0,0 +1,41 @@ +# Basic options +Checks: "clang-diagnostic-*,clang-analyzer-*" # base checks +WarningsAsErrors: "" # warnings which should be considered errors +CheckOptions: + # enforce uppercase suffixes on integer types (e.g. use 1L not 1l) + cert-dcl16-c.NewSuffixes: "L;LL;LU;LLU" + # Warns that you should check for errors on these functions + # & Allow suppressing the warning type by casting to void + cert-err33-c.CheckedFunctions: "^::aligned_alloc;^::asctime_s;^::at_quick_exit;^::atexit;^::bsearch;^::bsearch_s;^::btowc;^::c16rtomb;^::c32rtomb;^::calloc;^::clock;^::cnd_broadcast;^::cnd_init;^::cnd_signal;^::cnd_timedwait;^::cnd_wait;^::ctime_s;^::fclose;^::fflush;^::fgetc;^::fgetpos;^::fgets;^::fgetwc;^::fopen;^::fopen_s;^::fprintf;^::fprintf_s;^::fputc;^::fputs;^::fputwc;^::fputws;^::fread;^::freopen;^::freopen_s;^::fscanf;^::fscanf_s;^::fseek;^::fsetpos;^::ftell;^::fwprintf;^::fwprintf_s;^::fwrite;^::fwscanf;^::fwscanf_s;^::getc;^::getchar;^::getenv;^::getenv_s;^::gets_s;^::getwc;^::getwchar;^::gmtime;^::gmtime_s;^::localtime;^::localtime_s;^::malloc;^::mbrtoc16;^::mbrtoc32;^::mbsrtowcs;^::mbsrtowcs_s;^::mbstowcs;^::mbstowcs_s;^::memchr;^::mktime;^::mtx_init;^::mtx_lock;^::mtx_timedlock;^::mtx_trylock;^::mtx_unlock;^::printf_s;^::putc;^::putwc;^::raise;^::realloc;^::remove;^::rename;^::scanf;^::scanf_s;^::setlocale;^::setvbuf;^::signal;^::snprintf;^::snprintf_s;^::sprintf;^::sprintf_s;^::sscanf;^::sscanf_s;^::strchr;^::strerror_s;^::strftime;^::strpbrk;^::strrchr;^::strstr;^::strtod;^::strtof;^::strtoimax;^::strtok;^::strtok_s;^::strtol;^::strtold;^::strtoll;^::strtoul;^::strtoull;^::strtoumax;^::strxfrm;^::swprintf;^::swprintf_s;^::swscanf;^::swscanf_s;^::thrd_create;^::thrd_detach;^::thrd_join;^::thrd_sleep;^::time;^::timespec_get;^::tmpfile;^::tmpfile_s;^::tmpnam;^::tmpnam_s;^::tss_create;^::tss_get;^::tss_set;^::ungetc;^::ungetwc;^::vfprintf;^::vfprintf_s;^::vfscanf;^::vfscanf_s;^::vfwprintf;^::vfwprintf_s;^::vfwscanf;^::vfwscanf_s;^::vprintf_s;^::vscanf;^::vscanf_s;^::vsnprintf;^::vsnprintf_s;^::vsprintf;^::vsprintf_s;^::vsscanf;^::vsscanf_s;^::vswprintf;^::vswprintf_s;^::vswscanf;^::vswscanf_s;^::vwprintf_s;^::vwscanf;^::vwscanf_s;^::wcrtomb;^::wcschr;^::wcsftime;^::wcspbrk;^::wcsrchr;^::wcsrtombs;^::wcsrtombs_s;^::wcsstr;^::wcstod;^::wcstof;^::wcstoimax;^::wcstok;^::wcstok_s;^::wcstol;^::wcstold;^::wcstoll;^::wcstombs;^::wcstombs_s;^::wcstoul;^::wcstoull;^::wcstoumax;^::wcsxfrm;^::wctob;^::wctrans;^::wctype;^::wmemchr;^::wprintf_s;^::wscanf;^::wscanf_s;" + cert-err33-c.AllowCastToVoid: "true" + # Warns on implicit char casts in type comparisions + cert-str34-c.DiagnoseSignedUnsignedCharComparisons: "true" + # Enforce the use of braces in short statements for readability + google-readability-braces-around-statements.ShortStatementLines: "1" + # Warn when functions exceed 800 statements + google-readability-function-size.StatementThreshold: "800" + # Attempt to remove pointless else statements on guard clauses + # & Warn if it's not possible for this be automatically fixed + readability-else-after-return.WarnOnConditionVariables: "true" + readability-else-after-return.WarnOnUnfixable: "true" + +# Formatting +FormatStyle: file # use .clang-format file for formatting + +# File types +HeaderFileExtensions: + - "" + - h + - hh + - hpp + - hxx +ImplementationFileExtensions: + - c + - cc + - cpp + - cxx + +# Header configurations +HeaderFilterRegex: "" +ExcludeHeaderFilterRegex: "" +SystemHeaders: false # Hide errors in system headers diff --git a/packages/c/.clangd b/packages/c/.clangd new file mode 100644 index 000000000..f6cb59a46 --- /dev/null +++ b/packages/c/.clangd @@ -0,0 +1,18 @@ +CompileFlags: + # Use gcc in development for better diagnostics + # & Ensure that compilation doesn't fail due to warnings + Compiler: gcc + Add: [-Wno-error] + +Index: + # Enable background indexing for better symbol information + Background: Build + +Diagnostics: + # IWYU for header files + UnusedIncludes: Strict + MissingIncludes: Strict + # Avoid running slow clang-tidy checks + ClangTidy: + FastCheckFilter: Loose + From de8457aafc1448c932854e1faa790a75c733c9de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 04:46:44 +0000 Subject: [PATCH 4/5] build(deps): Bump actions/dependency-review-action Bumps the github-actions group with 1 update: [actions/dependency-review-action](https://github.com/actions/dependency-review-action). Updates `actions/dependency-review-action` from 4.3.5 to 4.4.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/a6993e2c61fd5dc440b409aa1d6904921c5e1894...4081bf99e2866ebe428fc0477b69eb4fcda7220a) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 08871d943..955b3b3fb 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Dependency Review' - uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5 + uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0 From 34a86c4dca037e310710f62a2f372a7e53dcc76e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 30 Oct 2024 04:22:34 +0000 Subject: [PATCH 5/5] build(deps): Bump the github-actions group with 2 updates Bumps the github-actions group with 2 updates: [anchore/sbom-action](https://github.com/anchore/sbom-action) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish). Updates `anchore/sbom-action` from 0.17.5 to 0.17.6 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/1ca97d9028b51809cf6d3c934c3e160716e1b605...251a468eed47e5082b105c3ba6ee500c0e65a764) Updates `pypa/gh-action-pypi-publish` from 1.10.3 to 1.11.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/f7600683efdcb7656dec5b29656edb7bc586e597...fb13cb306901256ace3dab689990e13a5550ffaa) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/multibuild.yaml | 2 +- .github/workflows/python-sshnpd-build-publish.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml index bef9848f7..346dd8d3e 100644 --- a/.github/workflows/multibuild.yaml +++ b/.github/workflows/multibuild.yaml @@ -272,7 +272,7 @@ jobs: sparse-checkout: packages/dart/sshnoports/pubspec.lock sparse-checkout-cone-mode: false - name: Install Syft - uses: anchore/sbom-action/download-syft@1ca97d9028b51809cf6d3c934c3e160716e1b605 # v0.17.5 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - name: Download all the tarballs uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: diff --git a/.github/workflows/python-sshnpd-build-publish.yml b/.github/workflows/python-sshnpd-build-publish.yml index 6da8724bb..e5639315b 100644 --- a/.github/workflows/python-sshnpd-build-publish.yml +++ b/.github/workflows/python-sshnpd-build-publish.yml @@ -74,7 +74,7 @@ jobs: name: sshnpd-python-package path: dist/ - name: Publish distribution to TestPyPI - uses: pypa/gh-action-pypi-publish@f7600683efdcb7656dec5b29656edb7bc586e597 # v1.10.3 + uses: pypa/gh-action-pypi-publish@fb13cb306901256ace3dab689990e13a5550ffaa # v1.11.0 with: skip-existing: true attestations: true @@ -99,7 +99,7 @@ jobs: name: sshnpd-python-package path: dist/ - name: Publish distribution to PyPI - uses: pypa/gh-action-pypi-publish@f7600683efdcb7656dec5b29656edb7bc586e597 # v1.10.3 + uses: pypa/gh-action-pypi-publish@fb13cb306901256ace3dab689990e13a5550ffaa # v1.11.0 with: attestations: true @@ -126,7 +126,7 @@ jobs: name: sshnpd-python-package path: dist/ - name: Install Syft - uses: anchore/sbom-action/download-syft@1ca97d9028b51809cf6d3c934c3e160716e1b605 # v0.17.5 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - name: Generate SBOMs run: | syft scan file:./packages/python/sshnpd/requirements.txt \