diff options
Diffstat (limited to 'json4cpp/.github/workflows')
| -rw-r--r-- | json4cpp/.github/workflows/check_amalgamation.yml | 76 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/cifuzz.yml | 35 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/codeql-analysis.yml | 49 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/comment_check_amalgamation.yml | 81 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/dependency-review.yml | 27 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/flawfinder.yml | 46 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/labeler.yml | 26 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/macos.yml | 121 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/publish_documentation.yml | 46 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/scorecards.yml | 81 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/semgrep.yml | 54 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/stale.yml | 34 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/ubuntu.yml | 283 | ||||
| -rw-r--r-- | json4cpp/.github/workflows/windows.yml | 124 |
14 files changed, 0 insertions, 1083 deletions
diff --git a/json4cpp/.github/workflows/check_amalgamation.yml b/json4cpp/.github/workflows/check_amalgamation.yml deleted file mode 100644 index ed86f9a3ee..0000000000 --- a/json4cpp/.github/workflows/check_amalgamation.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: "Check amalgamation" - -on: - pull_request: - -permissions: - contents: read - -jobs: - save: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Save PR number - run: | - mkdir -p ./pr - echo ${{ github.event.number }} > ./pr/number - echo ${{ github.event.pull_request.user.login }} > ./pr/author - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: pr - path: pr/ - - check: - runs-on: ubuntu-latest - env: - MAIN_DIR: ${{ github.workspace }}/main - INCLUDE_DIR: ${{ github.workspace }}/main/single_include/nlohmann - TOOL_DIR: ${{ github.workspace }}/tools/tools/amalgamate - - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Checkout pull request - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - path: main - ref: ${{ github.event.pull_request.head.sha }} - - - name: Checkout tools - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - path: tools - ref: develop - - - name: Install astyle - run: | - python3 -mvenv venv - venv/bin/pip3 install -r $MAIN_DIR/tools/astyle/requirements.txt - - - name: Check amalgamation - run: | - cd $MAIN_DIR - - rm -fr $INCLUDE_DIR/json.hpp~ $INCLUDE_DIR/json_fwd.hpp~ - cp $INCLUDE_DIR/json.hpp $INCLUDE_DIR/json.hpp~ - cp $INCLUDE_DIR/json_fwd.hpp $INCLUDE_DIR/json_fwd.hpp~ - - python3 $TOOL_DIR/amalgamate.py -c $TOOL_DIR/config_json.json -s . - python3 $TOOL_DIR/amalgamate.py -c $TOOL_DIR/config_json_fwd.json -s . - echo "Format (1)" - ${{ github.workspace }}/venv/bin/astyle --project=tools/astyle/.astylerc --suffix=none --quiet $INCLUDE_DIR/json.hpp $INCLUDE_DIR/json_fwd.hpp - - diff $INCLUDE_DIR/json.hpp~ $INCLUDE_DIR/json.hpp - diff $INCLUDE_DIR/json_fwd.hpp~ $INCLUDE_DIR/json_fwd.hpp - - ${{ github.workspace }}/venv/bin/astyle --project=tools/astyle/.astylerc --suffix=orig $(find docs/examples include tests -type f \( -name '*.hpp' -o -name '*.cpp' -o -name '*.cu' \) -not -path 'tests/thirdparty/*' -not -path 'tests/abi/include/nlohmann/*' | sort) - echo Check - find $MAIN_DIR -name '*.orig' -exec false {} \+ diff --git a/json4cpp/.github/workflows/cifuzz.yml b/json4cpp/.github/workflows/cifuzz.yml deleted file mode 100644 index 1c25a70d74..0000000000 --- a/json4cpp/.github/workflows/cifuzz.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: CIFuzz -on: [pull_request] - -permissions: - contents: read - -jobs: - Fuzzing: - runs-on: ubuntu-22.04 - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Build Fuzzers - id: build - uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master - with: - oss-fuzz-project-name: 'json' - dry-run: false - language: c++ - - name: Run Fuzzers - uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master - with: - oss-fuzz-project-name: 'json' - fuzz-seconds: 300 - dry-run: false - language: c++ - - name: Upload Crash - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - if: failure() && steps.build.outcome == 'success' - with: - name: artifacts - path: ./out/artifacts diff --git a/json4cpp/.github/workflows/codeql-analysis.yml b/json4cpp/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 26e6465e08..0000000000 --- a/json4cpp/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: "Code scanning - action" - -on: - push: - branches: - - develop - - master - - release/* - pull_request: - schedule: - - cron: '0 19 * * 1' - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }} - cancel-in-progress: true - -permissions: - contents: read - -jobs: - CodeQL-Build: - - runs-on: ubuntu-latest - permissions: - security-events: write - - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 - with: - languages: c-cpp - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 diff --git a/json4cpp/.github/workflows/comment_check_amalgamation.yml b/json4cpp/.github/workflows/comment_check_amalgamation.yml deleted file mode 100644 index df22c2dc07..0000000000 --- a/json4cpp/.github/workflows/comment_check_amalgamation.yml +++ /dev/null @@ -1,81 +0,0 @@ -name: Comment Check Amalgamation -on: - workflow_run: - workflows: ["Check amalgamation"] - types: - - completed - -permissions: - contents: read - -jobs: - comment: - if: ${{ github.event.workflow_run.conclusion == 'failure' }} - runs-on: ubuntu-latest - permissions: - contents: read - actions: read - issues: read - pull-requests: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: 'Download artifact' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 - with: - script: | - var artifacts = await github.rest.actions.listWorkflowRunArtifacts({ - owner: context.repo.owner, - repo: context.repo.repo, - run_id: ${{github.event.workflow_run.id }}, - }); - var matchArtifact = artifacts.data.artifacts.filter((artifact) => { - return artifact.name == "pr" - })[0]; - var download = await github.rest.actions.downloadArtifact({ - owner: context.repo.owner, - repo: context.repo.repo, - artifact_id: matchArtifact.id, - archive_format: 'zip', - }); - var fs = require('fs'); - fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data)); - - run: unzip pr.zip - - - name: 'Comment on PR' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - var fs = require('fs'); - const author = fs.readFileSync('./author') - const issue_number = Number(fs.readFileSync('./number')); - const opts = github.rest.issues.listForRepo.endpoint.merge({ - owner: context.repo.owner, - repo: context.repo.repo, - creator: author, - state: 'all' - }) - let first = true - const issues = await github.paginate(opts) - for (const issue of issues) { - if (issue.number === issue_number) { - continue - } - if (issue.pull_request) { - first = false - break - } - } - await github.rest.issues.createComment({ - issue_number: issue_number, - owner: context.repo.owner, - repo: context.repo.repo, - body: '## 🔴 Amalgamation check failed! 🔴\nThe source code has not been amalgamated.' - + (first ? ' @' + author + ' Please read and follow the [Contribution Guidelines]' - + '(https://github.com/nlohmann/json/blob/develop/.github/CONTRIBUTING.md#files-to-change).' - : '') - }) diff --git a/json4cpp/.github/workflows/dependency-review.yml b/json4cpp/.github/workflows/dependency-review.yml deleted file mode 100644 index 1d8a2052c0..0000000000 --- a/json4cpp/.github/workflows/dependency-review.yml +++ /dev/null @@ -1,27 +0,0 @@ -# Dependency Review Action -# -# This Action will scan dependency manifest files that change as part of a Pull Request, -# surfacing known-vulnerable versions of the packages declared or updated in the PR. -# Once installed, if the workflow run is marked as required, -# PRs introducing known-vulnerable packages will be blocked from merging. -# -# Source repository: https://github.com/actions/dependency-review-action -name: 'Dependency Review' -on: [pull_request] - -permissions: - contents: read - -jobs: - dependency-review: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: 'Checkout Repository' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: 'Dependency Review' - uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0 diff --git a/json4cpp/.github/workflows/flawfinder.yml b/json4cpp/.github/workflows/flawfinder.yml deleted file mode 100644 index 50ea70356d..0000000000 --- a/json4cpp/.github/workflows/flawfinder.yml +++ /dev/null @@ -1,46 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -name: flawfinder - -permissions: - contents: read - -on: - push: - branches: [ "develop" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "develop" ] - schedule: - - cron: '41 14 * * 3' - -jobs: - flawfinder: - name: Flawfinder - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - name: flawfinder_scan - uses: david-a-wheeler/flawfinder@c57197cd6061453f10a496f30a732bc1905918d1 # v2.0.19 - with: - arguments: '--sarif ./' - output: 'flawfinder_results.sarif' - - - name: Upload analysis results to GitHub Security tab - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4 - with: - sarif_file: ${{github.workspace}}/flawfinder_results.sarif diff --git a/json4cpp/.github/workflows/labeler.yml b/json4cpp/.github/workflows/labeler.yml deleted file mode 100644 index 5f823a711f..0000000000 --- a/json4cpp/.github/workflows/labeler.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: "Pull Request Labeler" - -on: - pull_request_target: - types: [opened, synchronize] - -permissions: - contents: read - -jobs: - label: - permissions: - contents: read - pull-requests: write - - runs-on: ubuntu-latest - - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - uses: srvaroa/labeler@e8fbb2561481ef6e711a770f0234e9379dc76892 # master - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/json4cpp/.github/workflows/macos.yml b/json4cpp/.github/workflows/macos.yml deleted file mode 100644 index 5217874d7e..0000000000 --- a/json4cpp/.github/workflows/macos.yml +++ /dev/null @@ -1,121 +0,0 @@ -name: macOS - -on: - push: - branches: - - develop - - master - - release/* - pull_request: - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }} - cancel-in-progress: true - -permissions: - contents: read - -jobs: -# macos-11 is deprecated -# macos-11: -# runs-on: macos-11 -# strategy: -# matrix: -# xcode: ['11.7', '12.4', '12.5.1', '13.0'] -# env: -# DEVELOPER_DIR: /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer -# -# steps: -# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 -# - name: Run CMake -# run: cmake -S . -B build -D CMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On -DJSON_FastTests=ON -# - name: Build -# run: cmake --build build --parallel 10 -# - name: Test -# run: cd build ; ctest -j 10 --output-on-failure - -# macos-12 is deprecated (https://github.com/actions/runner-images/issues/10721) -# macos-12: -# runs-on: macos-12 # https://github.com/actions/runner-images/blob/main/images/macos/macos-12-Readme.md -# strategy: -# matrix: -# xcode: ['13.1', '13.2.1', '13.3.1', '13.4.1', '14.0', '14.0.1', '14.1'] -# env: -# DEVELOPER_DIR: /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer -# -# steps: -# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 -# - name: Run CMake -# run: cmake -S . -B build -D CMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On -DJSON_FastTests=ON -# - name: Build -# run: cmake --build build --parallel 10 -# - name: Test -# run: cd build ; ctest -j 10 --output-on-failure - -# macos-13 is deprecated (https://github.com/actions/runner-images/issues/13046) -# macos-13: -# runs-on: macos-13 # https://github.com/actions/runner-images/blob/main/images/macos/macos-13-Readme.md -# strategy: -# matrix: -# xcode: ['14.1', '14.2', '14.3', '14.3.1', '15.0.1', '15.1', '15.2'] -# env: -# DEVELOPER_DIR: /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer -# -# steps: -# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 -# - name: Run CMake -# run: cmake -S . -B build -D CMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On -DJSON_FastTests=ON -# - name: Build -# run: cmake --build build --parallel 10 -# - name: Test -# run: cd build ; ctest -j 10 --output-on-failure - - macos-14: - runs-on: macos-14 # https://github.com/actions/runner-images/blob/main/images/macos/macos-14-Readme.md - strategy: - matrix: - xcode: ['15.0.1', '15.1', '15.2', '15.3', '15.4'] - env: - DEVELOPER_DIR: /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -D CMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On -DJSON_FastTests=ON - - name: Build - run: cmake --build build --parallel 10 - - name: Test - run: cd build ; ctest -j 10 --output-on-failure - - macos-15: - runs-on: macos-15 # https://github.com/actions/runner-images/blob/main/images/macos/macos-15-Readme.md - strategy: - matrix: - xcode: ['16.0', '16.1', '16.2', '16.3', '16.4', '26.0.1'] - env: - DEVELOPER_DIR: /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -D CMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On -DJSON_FastTests=ON - - name: Build - run: cmake --build build --parallel 10 - - name: Test - run: cd build ; ctest -j 10 --output-on-failure - - xcode_standards: - runs-on: macos-latest - strategy: - matrix: - standard: [11, 14, 17, 20, 23, 26] - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -D CMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On -DJSON_TestStandards=${{ matrix.standard }} - - name: Build - run: cmake --build build --parallel 10 - - name: Test - run: cd build ; ctest -j 10 --output-on-failure diff --git a/json4cpp/.github/workflows/publish_documentation.yml b/json4cpp/.github/workflows/publish_documentation.yml deleted file mode 100644 index 1703726be6..0000000000 --- a/json4cpp/.github/workflows/publish_documentation.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: Publish documentation - -# publish the documentation on every merge to develop branch -on: - push: - branches: - - develop - paths: - - docs/mkdocs/** - - docs/examples/** - workflow_dispatch: - -# we don't want to have concurrent jobs, and we don't want to cancel running jobs to avoid broken publications -concurrency: - group: documentation - cancel-in-progress: false - -permissions: - contents: read - -jobs: - publish_documentation: - permissions: - contents: write - - if: github.repository == 'nlohmann/json' - runs-on: ubuntu-22.04 - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - name: Install virtual environment - run: make install_venv -C docs/mkdocs - - - name: Build documentation - run: make build -C docs/mkdocs - - - name: Deploy documentation - uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - publish_dir: ./docs/mkdocs/site diff --git a/json4cpp/.github/workflows/scorecards.yml b/json4cpp/.github/workflows/scorecards.yml deleted file mode 100644 index affe15ffee..0000000000 --- a/json4cpp/.github/workflows/scorecards.yml +++ /dev/null @@ -1,81 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. They are provided -# by a third-party and are governed by separate terms of service, privacy -# policy, and support documentation. - -name: Scorecard supply-chain security -on: - # For Branch-Protection check. Only the default branch is supported. See - # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection - branch_protection_rule: - # To guarantee Maintained check is occasionally updated. See - # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained - schedule: - - cron: '20 7 * * 2' - push: - branches: ["develop"] - -permissions: - contents: read - -jobs: - analysis: - name: Scorecard analysis - runs-on: ubuntu-latest - permissions: - # Needed to upload the results to code-scanning dashboard. - security-events: write - # Needed to publish results and get a badge (see publish_results below). - id-token: write - contents: read - actions: read - # To allow GraphQL ListCommits to work - issues: read - pull-requests: read - # To detect SAST tools - checks: read - - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: "Run analysis" - uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 - with: - results_file: results.sarif - results_format: sarif - # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: - # - you want to enable the Branch-Protection check on a *public* repository, or - # - you are installing Scorecards on a *private* repository - # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. - # repo_token: ${{ secrets.SCORECARD_TOKEN }} - - # Public repositories: - # - Publish results to OpenSSF REST API for easy access by consumers - # - Allows the repository to include the Scorecard badge. - # - See https://github.com/ossf/scorecard-action#publishing-results. - # For private repositories: - # - `publish_results` will always be set to `false`, regardless - # of the value entered here. - publish_results: true - - # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF - # format to the repository Actions tab. - - name: "Upload artifact" - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: SARIF file - path: results.sarif - retention-days: 5 - - # Upload the results to GitHub's code scanning dashboard. - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 - with: - sarif_file: results.sarif diff --git a/json4cpp/.github/workflows/semgrep.yml b/json4cpp/.github/workflows/semgrep.yml deleted file mode 100644 index 88e722c22d..0000000000 --- a/json4cpp/.github/workflows/semgrep.yml +++ /dev/null @@ -1,54 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# This workflow file requires a free account on Semgrep.dev to -# manage rules, file ignores, notifications, and more. -# -# See https://semgrep.dev/docs - -name: Semgrep - -on: - push: - branches: [ "develop" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "develop" ] - schedule: - - cron: '23 2 * * 4' - -permissions: - contents: read - -jobs: - semgrep: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - name: Scan - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - # Checkout project source - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - # Scan code using project's configuration on https://semgrep.dev/manage - - uses: returntocorp/semgrep-action@713efdd345f3035192eaa63f56867b88e63e4e5d - with: - publishToken: ${{ secrets.SEMGREP_APP_TOKEN }} - publishDeployment: ${{ secrets.SEMGREP_DEPLOYMENT_ID }} - generateSarif: "1" - - # Upload SARIF file generated in previous step - - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4 - with: - sarif_file: semgrep.sarif - if: always() diff --git a/json4cpp/.github/workflows/stale.yml b/json4cpp/.github/workflows/stale.yml deleted file mode 100644 index 3161ebb756..0000000000 --- a/json4cpp/.github/workflows/stale.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: 'Comment and close stale issues and PR' -on: - schedule: - - cron: '0 0 * * *' - -permissions: - contents: read - -jobs: - stale: - runs-on: ubuntu-latest - - permissions: - issues: write - pull-requests: write - - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0 - with: - stale-issue-label: 'state: stale' - stale-pr-label: 'state: stale' - exempt-issue-labels: 'pinned,security' - stale-issue-message: 'This issue has been marked as stale because it has been open for 90 days without activity. If this issue is still relevant, please add a comment or remove the "stale" label. Otherwise, it will be closed in 10 days. Thank you for helping us prioritize our work!' - stale-pr-message: 'This pull request has been marked as stale because it has had no activity for 30 days. While we won’t close it automatically, we encourage you to update or comment if it is still relevant. Keeping pull requests active and up-to-date helps us review and merge changes more efficiently. Thank you for your contributions!' - close-issue-message: 'This issue has been closed after being marked as stale for 10 days without any further activity. If this was done in error or the issue is still relevant, please feel free to reopen it or create a new issue. We appreciate your understanding and contributions.' - days-before-stale: 90 - days-before-pr-stale: 30 - days-before-close: 10 - days-before-pr-close: -1 diff --git a/json4cpp/.github/workflows/ubuntu.yml b/json4cpp/.github/workflows/ubuntu.yml deleted file mode 100644 index 87b09ae4c2..0000000000 --- a/json4cpp/.github/workflows/ubuntu.yml +++ /dev/null @@ -1,283 +0,0 @@ -name: Ubuntu - -on: - push: - branches: - - develop - - master - - release/* - pull_request: - workflow_dispatch: - -permissions: - contents: read - -concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }} - cancel-in-progress: true - -jobs: - ci_test_gcc: - runs-on: ubuntu-latest - container: gcc:latest - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_test_gcc - - ci_infer: - runs-on: ubuntu-latest - container: ghcr.io/nlohmann/json-ci:v2.4.0 - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_infer - - ci_static_analysis_ubuntu: - runs-on: ubuntu-latest - strategy: - matrix: - target: [ci_test_amalgamation, ci_test_single_header, ci_cppcheck, ci_cpplint, ci_reproducible_tests, ci_non_git_tests, ci_offline_testdata, ci_reuse_compliance, ci_test_valgrind] - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Install Valgrind - run: sudo apt-get update ; sudo apt-get install -y valgrind - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ${{ matrix.target }} - - ci_static_analysis_clang: - runs-on: ubuntu-latest - container: silkeh/clang:dev - strategy: - matrix: - target: [ci_test_clang, ci_clang_tidy, ci_test_clang_sanitizer, ci_clang_analyze, ci_single_binaries] - steps: - - name: Install git, clang-tools, iwyu (ci_single_binaries), and unzip - run: apt-get update ; apt-get install -y git clang-tools iwyu unzip - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ${{ matrix.target }} - - ci_cmake_options: - runs-on: ubuntu-latest - container: ubuntu:focal - strategy: - matrix: - target: [ci_cmake_flags, ci_test_diagnostics, ci_test_diagnostic_positions, ci_test_noexceptions, ci_test_noimplicitconversions, ci_test_legacycomparison, ci_test_noglobaludls] - steps: - - name: Install build-essential - run: apt-get update ; apt-get install -y build-essential unzip wget git libssl-dev - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ${{ matrix.target }} - - ci_test_coverage: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Install dependencies and de_DE locale - run: | - sudo apt-get clean - sudo apt-get update - sudo apt-get install -y build-essential cmake lcov ninja-build make locales gcc-multilib g++-multilib - sudo locale-gen de_DE - sudo update-locale - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_test_coverage - - name: Archive coverage report - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: code-coverage-report - path: ${{ github.workspace }}/build/html - - name: Publish report to Coveralls - uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - path-to-lcov: ${{ github.workspace }}/build/json.info.filtered.noexcept - fail-on-error: false - - ci_test_compilers_gcc_old: - runs-on: ubuntu-latest - strategy: - matrix: - compiler: ['4.8', '4.9', '5', '6'] - container: ghcr.io/nlohmann/json-ci:v2.4.0 - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: CXX=g++-${{ matrix.compiler }} cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_test_compiler_g++-${{ matrix.compiler }} - - ci_test_compilers_gcc: - runs-on: ubuntu-latest - strategy: - matrix: - # older GCC docker images (4, 5, 6) fail to check out code - compiler: ['7', '8', '9', '10', '11', '12', '13', '14', '15', 'latest'] - container: gcc:${{ matrix.compiler }} - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_test_compiler_default - - ci_test_compilers_clang: - runs-on: ubuntu-latest - strategy: - matrix: - compiler: ['3.4', '3.5', '3.6', '3.7', '3.8', '3.9', '4', '5', '6', '7', '8', '9', '10', '11', '12', '13', '14', '15-bullseye', '16', '17', '18', '19', '20', 'latest'] - container: silkeh/clang:${{ matrix.compiler }} - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Set env FORCE_STDCPPFS_FLAG for clang 7 / 8 / 9 / 10 - run: echo "JSON_FORCED_GLOBAL_COMPILE_OPTIONS=-DJSON_HAS_FILESYSTEM=0;-DJSON_HAS_EXPERIMENTAL_FILESYSTEM=0" >> "$GITHUB_ENV" - if: ${{ matrix.compiler == '7' || matrix.compiler == '8' || matrix.compiler == '9' || matrix.compiler == '10' }} - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_test_compiler_default - - ci_test_standards_gcc: - runs-on: ubuntu-latest - container: gcc:latest - strategy: - matrix: - standard: [11, 14, 17, 20, 23, 26] - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_test_gcc_cxx${{ matrix.standard }} - - ci_test_standards_clang: - runs-on: ubuntu-latest - container: silkeh/clang:latest - strategy: - matrix: - standard: [11, 14, 17, 20, 23, 26] - stdlib: [libcxx, libstdcxx] - steps: - - name: Install git and unzip - run: apt-get update ; apt-get install -y git unzip - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build with libc++ - run: cmake --build build --target ci_test_clang_libcxx_cxx${{ matrix.standard }} - if: ${{ matrix.stdlib == 'libcxx' }} - - name: Build with libstdc++ - run: cmake --build build --target ci_test_clang_cxx${{ matrix.standard }} - if: ${{ matrix.stdlib == 'libstdcxx' }} - - ci_cuda_example: - runs-on: ubuntu-latest - container: ghcr.io/nlohmann/json-ci:v2.4.0 - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_cuda_example - - ci_module_cpp20: - strategy: - matrix: - container: ['gcc:latest', 'silkeh/clang:latest'] - runs-on: ubuntu-latest - container: ${{ matrix.container }} - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ci_module_cpp20 - - ci_icpc: - runs-on: ubuntu-latest - container: ghcr.io/nlohmann/json-ci:v2.2.0 - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: | - . /opt/intel/oneapi/setvars.sh - cmake --build build --target ci_icpc - - ci_emscripten: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - name: Install emscripten - uses: mymindstorm/setup-emsdk@6ab9eb1bda2574c4ddb79809fc9247783eaf9021 # v14 - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Get latest CMake and ninja - uses: lukka/get-cmake@f176ccd3f28bda569c43aae4894f06b2435a3375 # v4.2.3 - - name: Run CMake - run: cmake -S . -B build -DCMAKE_TOOLCHAIN_FILE=$EMSDK/upstream/emscripten/cmake/Modules/Platform/Emscripten.cmake -GNinja - - name: Build - run: cmake --build build - - ci_test_documentation: - runs-on: ubuntu-latest - strategy: - matrix: - target: [ci_test_examples, ci_test_build_documentation] - steps: - - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 - with: - egress-policy: audit - - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -DJSON_CI=On - - name: Build - run: cmake --build build --target ${{ matrix.target }} diff --git a/json4cpp/.github/workflows/windows.yml b/json4cpp/.github/workflows/windows.yml deleted file mode 100644 index 6475bca0fc..0000000000 --- a/json4cpp/.github/workflows/windows.yml +++ /dev/null @@ -1,124 +0,0 @@ -name: Windows - -on: - push: - branches: - - develop - - master - - release/* - pull_request: - workflow_dispatch: - -permissions: - contents: read - -concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }} - cancel-in-progress: true - -jobs: - mingw: - runs-on: windows-2022 - strategy: - matrix: - architecture: [x64, x86] - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Set up MinGW - uses: egor-tensin/setup-mingw@41b837e47d7f85214629d255b9c4bc3fcbe9fd63 # v3.0 - with: - platform: ${{ matrix.architecture }} - version: 12.2.0 # https://github.com/egor-tensin/setup-mingw/issues/14 - - name: Run CMake - run: cmake -S . -B build -G "MinGW Makefiles" -DCMAKE_BUILD_TYPE=Debug -DJSON_BuildTests=On - - name: Build - run: cmake --build build --parallel 10 - - name: Test - run: cd build ; ctest -j 10 -C Debug --output-on-failure - - msvc: - strategy: - matrix: - build_type: [Debug, Release] - architecture: [Win32, x64] - std_version: [default, latest] - - runs-on: windows-2022 - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Set extra CXX_FLAGS for latest std_version - id: cxxflags - run: | - if [ "${{ matrix.std_version }}" = "latest" ]; then - echo "flags=/permissive- /std:c++latest /utf-8 /W4 /WX" >> $GITHUB_ENV - else - echo "flags=/W4 /WX" >> $GITHUB_ENV - fi - shell: bash - - name: Run CMake (Release) - run: cmake -S . -B build -G "Visual Studio 17 2022" -A ${{ matrix.architecture }} -DJSON_BuildTests=On -DCMAKE_CXX_FLAGS="$env:flags" - if: matrix.build_type == 'Release' - shell: pwsh - - name: Run CMake (Debug) - run: cmake -S . -B build -G "Visual Studio 17 2022" -A ${{ matrix.architecture }} -DJSON_BuildTests=On -DJSON_FastTests=ON -DCMAKE_CXX_FLAGS="$env:flags" - if: matrix.build_type == 'Debug' - shell: pwsh - - name: Build - run: cmake --build build --config ${{ matrix.build_type }} --parallel 10 - - name: Test - run: cd build ; ctest -j 10 -C ${{ matrix.build_type }} --output-on-failure - - clang: - runs-on: windows-2022 - strategy: - matrix: - version: [11.0.1, 12.0.1, 13.0.1, 14.0.6, 15.0.7, 16.0.6, 18.1.8, 19.1.7, 20.1.8] - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Install Clang - run: curl -fsSL -o LLVM${{ matrix.version }}.exe https://github.com/llvm/llvm-project/releases/download/llvmorg-${{ matrix.version }}/LLVM-${{ matrix.version }}-win64.exe ; 7z x LLVM${{ matrix.version }}.exe -y -o"C:/Program Files/LLVM" - - name: Set up MinGW - uses: egor-tensin/setup-mingw@41b837e47d7f85214629d255b9c4bc3fcbe9fd63 # v3.0 - with: - platform: x64 - version: 12.2.0 # https://github.com/egor-tensin/setup-mingw/issues/14 - - name: Run CMake - run: cmake -S . -B build ^ - -DCMAKE_CXX_COMPILER="C:/Program Files/LLVM/bin/clang++.exe" ^ - -DCMAKE_CXX_FLAGS="--target=x86_64-w64-mingw32 -stdlib=libstdc++ -pthread" ^ - -DCMAKE_EXE_LINKER_FLAGS="-lwinpthread" ^ - -G"MinGW Makefiles" ^ - -DCMAKE_BUILD_TYPE=Debug ^ - -DJSON_BuildTests=On - - name: Build - run: cmake --build build --parallel 10 - - name: Test - run: cd build ; ctest -j 10 -C Debug --exclude-regex "test-unicode" --output-on-failure - - clang-cl-12: - runs-on: windows-2022 - strategy: - matrix: - architecture: [Win32, x64] - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake - run: cmake -S . -B build -G "Visual Studio 17 2022" -A ${{ matrix.architecture }} -T ClangCL -DJSON_BuildTests=On - - name: Build - run: cmake --build build --config Debug --parallel 10 - - name: Test - run: cd build ; ctest -j 10 -C Debug --exclude-regex "test-unicode" --output-on-failure - - ci_module_cpp20: - runs-on: windows-latest - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Run CMake (Debug) - run: cmake -S . -B build -G "Visual Studio 17 2022" -DJSON_CI=ON -DCMAKE_CXX_FLAGS="/permissive- /std:c++latest /utf-8 /W4 /WX" - - name: Build - run: cmake --build build --config Debug --target ci_module_cpp20 -
\ No newline at end of file |