diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f8c85ca9..3f8159ca 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,6 +9,8 @@ updates: directory: / schedule: interval: "weekly" + cooldown: + default-days: 7 groups: actions: patterns: @@ -17,6 +19,8 @@ updates: directory: / schedule: interval: "weekly" + cooldown: + default-days: 7 groups: uv-pip: patterns: @@ -25,6 +29,8 @@ updates: directory: / schedule: interval: "weekly" + cooldown: + default-days: 7 ignore: - dependency-name: cpp-linter groups: @@ -35,6 +41,8 @@ updates: directory: "/" schedule: interval: "weekly" + cooldown: + default-days: 7 groups: npm: patterns: diff --git a/.github/install-clang-action/action.yml b/.github/install-clang-action/action.yml index 8c05ba17..92d81d3a 100644 --- a/.github/install-clang-action/action.yml +++ b/.github/install-clang-action/action.yml @@ -12,17 +12,19 @@ runs: - name: Install Linux clang dependencies if: runner.os == 'Linux' shell: bash + env: + CLANG_VERSION: ${{ inputs.version }} # NOTE: sudo apt-get update should be executed at least once before running this action run: | # First try installing from default Ubuntu repositories before trying LLVM script - if ! sudo apt-get install -y clang-format-${{ inputs.version }} clang-tidy-${{ inputs.version }}; then + if ! sudo apt-get install -y clang-format-${CLANG_VERSION} clang-tidy-${CLANG_VERSION}; then if [ ! -f "${{ runner.temp }}/llvm_install.sh" ]; then # This LLVM script will add the relevant LLVM PPA: https://apt.llvm.org/ wget https://apt.llvm.org/llvm.sh -O ${{ runner.temp }}/llvm_install.sh chmod +x ${{ runner.temp }}/llvm_install.sh fi - if sudo "${{ runner.temp }}/llvm_install.sh" "${{ inputs.version }}" ; then - sudo apt-get install -y clang-format-${{ inputs.version }} clang-tidy-${{ inputs.version }} + if sudo "${{ runner.temp }}/llvm_install.sh" "${CLANG_VERSION}" ; then + sudo apt-get install -y clang-format-${CLANG_VERSION} clang-tidy-${CLANG_VERSION} fi # remove the PPA for future reuse of install script (regardless of successful install) sudo rm /etc/apt/sources.list.d/*llvm*.list || true @@ -32,14 +34,17 @@ runs: if: runner.os == 'macOS' shell: bash continue-on-error: true + env: + CLANG_VERSION: ${{ inputs.version }} run: | brew update - brew install llvm@${{ inputs.version }} - ln -s "$(brew --prefix llvm@${{ inputs.version }})/bin/clang-format" "/usr/local/bin/clang-format-${{ inputs.version }}" - ln -s "$(brew --prefix llvm@${{ inputs.version }})/bin/clang-tidy" "/usr/local/bin/clang-tidy-${{ inputs.version }}" - + brew install llvm@${CLANG_VERSION} + ln -s "$(brew --prefix llvm@${CLANG_VERSION})/bin/clang-format" "/usr/local/bin/clang-format-${CLANG_VERSION}" + ln -s "$(brew --prefix llvm@${CLANG_VERSION})/bin/clang-tidy" "/usr/local/bin/clang-tidy-${CLANG_VERSION}" - name: Use clang-tools-pip as fallback shell: bash + env: + CLANG_VERSION: ${{ inputs.version }} run: | python -m pip install clang-tools - clang-tools -i ${{ inputs.version }} -b -f + clang-tools -i ${CLANG_VERSION} -b -f diff --git a/.github/zizmor.yml b/.github/zizmor.yml new file mode 100644 index 00000000..bf8fd1a0 --- /dev/null +++ b/.github/zizmor.yml @@ -0,0 +1,8 @@ +rules: + unpinned-uses: + config: + policies: + actions/*: ref-pin + github/*: ref-pin + dependabot/*: ref-pin + cpp-linter/*: any diff --git a/cspell.config.yml b/cspell.config.yml index 1b1571c3..d3555088 100644 --- a/cspell.config.yml +++ b/cspell.config.yml @@ -15,6 +15,7 @@ words: - codecov - codspeed - consts + - cooldown - cppcoreguidelines - cstdio - cstdlib