Skip to content

[taint] Allow taint matching with class annotation, class name regex … #3061

[taint] Allow taint matching with class annotation, class name regex …

[taint] Allow taint matching with class annotation, class name regex … #3061

Workflow file for this run

name: build
on:
- push
- pull_request
jobs:
create-release:
name: Create release
runs-on: ubuntu-latest
outputs:
upload-url: ${{ steps.create-release.outputs.upload_url }}
steps:
- name: Create Release
id: create-release
if: startsWith(github.ref, 'refs/tags/v')
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Infer version ${{ github.ref }}
draft: true
prerelease: false
body: |
BEFORE PUBLISHING CHECKLIST:
1. From the commit tagged on GitHub, create and push a new version of the website with "make new-website-version" (see website/README.md for how to test).
2. Consider deleting the oldest documentation version (see Docusaurus 2 documentation for details).
3. Fill in the changelog below to go on GitHub.
4. Download the release tarballs and test that the binaries works.
5. Fill in the shasums by running the command at the end of the release text.
--- PUBLISH GITHUB RELEASE HERE ---
6. At some point, copy the GitHub changelog to Changelog.md in the repo.
7. Tweet.
--- DELETE EVERYTHING ABOVE THIS LINE ---
This is a binary release of Infer for Linux and MacOS. To use it follow these [instructions](http://fbinfer.com/docs/getting-started).
- new feature 1
- new feature 2
The sha256 checksums of the tarballs are:
```
$ shasum -a 256 infer-*-v<VERSION GOES HERE>.tar.xz
DOWNLOAD BOTH TARBALLS AND PUT RESULT OF THE ABOVE COMMAND HERE BEFORE PUBLISHING
```
build:
name: Build Infer
needs: create-release
strategy:
fail-fast: false
matrix:
os:
- macOS-latest
- ubuntu-latest
ocaml-compiler:
- ocaml-variants.4.14.0+options,ocaml-option-flambda
runs-on: ${{ matrix.os }}
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install Required Apt Packages for Ubuntu
run: |
sudo apt install clang libmpfr-dev libsqlite3-dev ninja-build
sudo apt clean
if: runner.os == 'Linux'
- name: Install Required Brew Packages for MacOS
run: brew install automake jq ninja pkg-config lzlib zlib coreutils
if: runner.os == 'macOS'
- name: Setup Java SDK
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '8'
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: '3.8'
- name: Get OS version
uses: sersoft-gmbh/os-version-action@v1
id: os-version
- name: Force the use of test dependencies
run: cp opam/infer-tests.opam.locked opam/infer.opam.locked
- name: Use OCaml ${{ matrix.ocaml-compiler }}
uses: ocaml/setup-ocaml@v2
with:
ocaml-compiler: ${{ matrix.ocaml-compiler }}
- name: Compute hash of clang installation
id: clang-hash
run: |
echo "::set-output name=value::$(./facebook-clang-plugins/clang/setup.sh --clang-hash)"
- name: Attempt to get clang from the cache
id: cache-clang
uses: actions/cache@v2
with:
path: facebook-clang-plugins/clang/install
key: clang-${{ runner.os }}-${{ steps.clang-hash.outputs.value }}
- name: Record that the clang cache was hit
if: steps.cache-clang.outputs.cache-hit == 'true'
run: ./facebook-clang-plugins/clang/setup.sh --only-record-install
- name: Build clang on cache misses
if: steps.cache-clang.outputs.cache-hit != 'true'
run: |
./facebook-clang-plugins/clang/src/prepare_clang_src.sh
CC=clang CXX=clang++ ./facebook-clang-plugins/clang/setup.sh --ninja --sequential-link
- if: runner.os == 'Linux'
run: ./build-infer.sh --yes --user-opam-switch
- if: runner.os == 'macOS'
run: ./build-infer.sh --yes --user-opam-switch -- --disable-python-analyzers
- run: make install BUILD_MODE=opt
if: runner.os == 'macOS'
- name: Install ocamlformat
run: |
opam pin $(cat opam/ocamlformat) --no-action
opam install --deps-only --locked opam/ocamlformat.opam.locked
opam install ocamlformat
opam exec -- ocamlformat --version
- name: Test infer
run: make test -k NDKBUILD=no
- run: |
sudo make install BUILD_MODE=opt
# restore permissions after root build
sudo chown $USER: -R .
if: runner.os == 'Linux'
- name: Build release tarball
id: build-release
if: startsWith(github.ref, 'refs/tags/v')
run: |
./scripts/create_binary_release.sh "$(echo '${{ github.ref }}' | rev | cut -d / -f 1 | rev)"
- name: Upload Release Asset
if: startsWith(github.ref, 'refs/tags/v')
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.create-release.outputs.upload-url }}
asset_path: ${{ steps.build-release.outputs.tarball-path }}
asset_name: ${{ steps.build-release.outputs.tarball-path }}
asset_content_type: application/x-gtar