mirror of
https://github.com/ZDoom/zdoom-macos-deps.git
synced 2024-11-14 00:11:16 +00:00
45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
---
|
|
name: Lint Code
|
|
|
|
on:
|
|
push:
|
|
paths-ignore:
|
|
- '**.md'
|
|
- '.gitignore'
|
|
pull_request:
|
|
paths-ignore:
|
|
- '**.md'
|
|
- '.gitignore'
|
|
|
|
jobs:
|
|
lint:
|
|
if: "!contains(github.event.head_commit.message, '[skip lint]')"
|
|
runs-on: ubuntu-22.04
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Super-Linter
|
|
uses: super-linter/super-linter/slim@v5
|
|
env:
|
|
FILTER_REGEX_INCLUDE: .*(\.py|\.md|\.yml)$
|
|
FILTER_REGEX_EXCLUDE: .*/deps/.*
|
|
VALIDATE_NATURAL_LANGUAGE: false
|
|
VALIDATE_PYTHON_BLACK: false
|
|
|
|
- name: Bandit
|
|
run: |
|
|
pip3 install bandit
|
|
# [B101:assert_used] Use of assert detected. The enclosed code will be
|
|
# removed when compiling to optimised byte code.
|
|
# [B310:blacklist] Audit url open for permitted schemes. Allowing use
|
|
# of file:/ or custom schemes is often unexpected.
|
|
# [B404:blacklist] Consider possible security implications associated
|
|
# with subprocess module.
|
|
# [B603:subprocess_without_shell_equals_true] subprocess call - check
|
|
# for execution of untrusted input.
|
|
# [B607:start_process_with_partial_path] Starting a process with a
|
|
# partial executable path
|
|
bandit --skip B101,B310,B404,B603,B607 --recursive . --exclude \
|
|
./deps/vulkan-headers/share/vulkan/registry
|
|
...
|