Skip to content

Fix GHAS Security alerts #40

Fix GHAS Security alerts

Fix GHAS Security alerts #40

Workflow file for this run

name: CI
on:
push:
branches: [master]
pull_request:
branches: [master]
jobs:
test:
runs-on: ${{ matrix.os.host }}
strategy:
matrix:
node: [14, 16, 18]
build_type: ["debug", "release"]
os:
- name: darwin
architecture: x86-64
host: macos-12
- name: linux
architecture: x86-64
host: ubuntu-20.04
name: ${{ matrix.os.name }}-${{ matrix.os.architecture }}-node${{ matrix.node }}-${{ matrix.build_type }} test
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node }}
- name: Test
run: |
npm ci
./scripts/setup.sh --config local.env
source local.env
make ${{ matrix.build_type }}
npm test
asan-build-test:
runs-on: ubuntu-20.04
name: ASAN toolset test
env:
BUILDTYPE: debug
TOOLSET: asan
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "14"
- name: Test
run: |
npm ci
./scripts/setup.sh --config local.env
source local.env
export CXXFLAGS="${MASON_SANITIZE_CXXFLAGS} -fno-sanitize-recover=all"
export LDFLAGS="${MASON_SANITIZE_LDFLAGS}"
make ${BUILDTYPE}
export LD_PRELOAD=${MASON_LLVM_RT_PRELOAD}
export ASAN_OPTIONS=fast_unwind_on_malloc=0:${ASAN_OPTIONS}
npm test
unset LD_PRELOAD
g-build-test:
runs-on: ubuntu-20.04
name: G++ build test
env:
BUILDTYPE: debug
CXX: g++-9
CC: gcc-9
CXXFLAGS: -fext-numeric-literals
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "14"
- name: Test
run: |
npm ci
./scripts/setup.sh --config local.env
source local.env
make ${BUILDTYPE}
npm test
build:
needs: [test, asan-build-test, g-build-test]
runs-on: ${{ matrix.os.host }}
strategy:
matrix:
os:
- name: darwin
architecture: x86-64
host: macos-12
- name: linux
architecture: x86-64
host: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "16"
- name: Build
run: |
./scripts/setup.sh --config local.env
source local.env
make release
- name: Prebuildify ${{ matrix.os.name }}-${{ matrix.os.architecture }}
run: npm run prebuildify -- --platform=${{ matrix.os.name }} --arch=x64
# Upload the end-user binary artifact
- uses: actions/upload-artifact@v3
with:
name: prebuilds
path: prebuilds
retention-days: 14