summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.github/workflows/build.yml161
-rw-r--r--.github/workflows/notify.yml44
-rw-r--r--.github/workflows/pages.yml139
-rw-r--r--.github/workflows/quality.yml95
-rw-r--r--.github/workflows/release.yml117
5 files changed, 556 insertions, 0 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..7d24ac4
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,161 @@
+name: Build and Test
+
+on:
+ push:
+ branches: [ master, main ]
+ tags: [ 'v*' ]
+ pull_request:
+ branches: [ master, main ]
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ distro:
+ - 'debian:testing'
+ - 'fedora:latest'
+ include:
+ - distro: 'debian:testing'
+ distro_name: 'debian'
+ - distro: 'fedora:latest'
+ distro_name: 'fedora'
+
+ container:
+ image: ${{ matrix.distro }}
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Install dependencies (Debian)
+ if: matrix.distro_name == 'debian'
+ run: |
+ apt-get update
+ apt-get install -y \
+ autopoint \
+ clang \
+ clang-tools \
+ cppcheck \
+ gcc \
+ git \
+ libatk1.0-dev \
+ libglib2.0-dev \
+ libgmp-dev \
+ libgtk-3-dev \
+ libmpc-dev \
+ libmpfr-dev \
+ libxml2-dev \
+ make \
+ mate-common \
+ yelp-tools \
+ bison \
+ flex \
+ curl
+
+ - name: Install dependencies (Fedora)
+ if: matrix.distro_name == 'fedora'
+ run: |
+ dnf update -y
+ dnf install -y \
+ autoconf-archive \
+ clang \
+ clang-analyzer \
+ cppcheck-htmlreport \
+ bison \
+ desktop-file-utils \
+ flex \
+ gcc \
+ git \
+ gmp-devel \
+ gtk3 \
+ libmpc-devel \
+ libxml2-devel \
+ make \
+ mate-common \
+ mate-desktop-devel \
+ mpfr-devel \
+ redhat-rpm-config \
+ curl \
+ which
+
+ - name: Set up environment variables
+ run: |
+ export CPU_COUNT=$(nproc)
+ echo "CPU_COUNT=$CPU_COUNT" >> $GITHUB_ENV
+ echo "DISTRO_NAME=${{ matrix.distro_name }}" >> $GITHUB_ENV
+ echo "REPO_NAME=mate-calc" >> $GITHUB_ENV
+ echo "OWNER_NAME=mate-desktop" >> $GITHUB_ENV
+ export CHECKERS="-enable-checker deadcode.DeadStores -enable-checker alpha.deadcode.UnreachableCode -enable-checker alpha.core.CastSize -enable-checker alpha.core.CastToStruct -enable-checker alpha.core.IdenticalExpr -enable-checker alpha.core.SizeofPtr -enable-checker alpha.security.ArrayBoundV2 -enable-checker alpha.security.MallocOverflow -enable-checker alpha.security.ReturnPtrRange -enable-checker alpha.unix.SimpleStream -enable-checker alpha.unix.cstring.BufferOverlap -enable-checker alpha.unix.cstring.NotNullTerminated -enable-checker alpha.unix.cstring.OutOfBounds -enable-checker alpha.core.FixedAddr -enable-checker security.insecureAPI.strcpy"
+ echo "CHECKERS=$CHECKERS" >> $GITHUB_ENV
+
+ - name: Run cppcheck (Debian only)
+ if: matrix.distro_name == 'debian'
+ run: |
+ export CFLAGS+=" -Wsign-compare"
+ cppcheck --enable=warning,style,performance,portability,information,missingInclude .
+
+ - name: Generate build system
+ run: |
+ NOCONFIGURE=1 ./autogen.sh
+
+ - name: Configure with scan-build
+ run: |
+ scan-build $CHECKERS ./configure --enable-compile-warnings=maximum
+
+ - name: Build with scan-build
+ run: |
+ if [ $CPU_COUNT -gt 1 ]; then
+ if [ "$DISTRO_NAME" == "debian" ]; then
+ scan-build $CHECKERS --keep-cc --use-cc=clang --use-c++=clang++ -o html-report make -j $CPU_COUNT
+ make clean
+ fi
+ scan-build $CHECKERS --keep-cc -o html-report make -j $CPU_COUNT
+ else
+ if [ "$DISTRO_NAME" == "debian" ]; then
+ scan-build $CHECKERS --keep-cc --use-cc=clang --use-c++=clang++ -o html-report make
+ make clean
+ fi
+ scan-build $CHECKERS --keep-cc -o html-report make
+ fi
+
+ - name: Run additional checks (Fedora only)
+ if: matrix.distro_name == 'fedora'
+ run: |
+ cppcheck --xml --output-file=cppcheck.xml --enable=warning,style,performance,portability,information,missingInclude .
+ cppcheck-htmlreport --title=$REPO_NAME --file=cppcheck.xml --report-dir=cppcheck-htmlreport
+
+ - name: Generate index (Fedora only)
+ if: matrix.distro_name == 'fedora'
+ run: |
+ curl -Ls -o gen-index https://github.com/mate-desktop/mate-dev-scripts/raw/master/travis/gen-index.sh
+ chmod +x gen-index
+ ./gen-index -l 20 -i https://github.com/${OWNER_NAME}/mate-icon-theme/raw/master/mate/16x16/apps/accessories-calculator.png
+
+ - name: Run distcheck
+ run: |
+ make distcheck
+
+ - name: Upload HTML reports (Fedora only)
+ if: matrix.distro_name == 'fedora'
+ uses: actions/upload-artifact@v4
+ with:
+ name: html-report-${{ matrix.distro_name }}
+ path: html-report/
+ retention-days: 30
+
+ - name: Upload cppcheck reports (Fedora only)
+ if: matrix.distro_name == 'fedora'
+ uses: actions/upload-artifact@v4
+ with:
+ name: cppcheck-report-${{ matrix.distro_name }}
+ path: cppcheck-htmlreport/
+ retention-days: 30
+
+ - name: Upload distribution archives
+ if: matrix.distro_name == 'fedora'
+ uses: actions/upload-artifact@v4
+ with:
+ name: distribution-archives
+ path: mate-calc-*.tar.xz
+ retention-days: 90 \ No newline at end of file
diff --git a/.github/workflows/notify.yml b/.github/workflows/notify.yml
new file mode 100644
index 0000000..12e39ee
--- /dev/null
+++ b/.github/workflows/notify.yml
@@ -0,0 +1,44 @@
+name: Notifications
+
+on:
+ push:
+ branches: [ master, main ]
+ tags: [ 'v*' ]
+ workflow_run:
+ workflows: ["Build and Test"]
+ types:
+ - completed
+
+jobs:
+ irc-notify:
+ runs-on: ubuntu-latest
+ if: >
+ (github.event_name == 'push' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/'))) ||
+ (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'failure')
+
+ steps:
+ - name: Send IRC notification on success
+ if: >
+ (github.event_name == 'push') ||
+ (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success')
+ uses: Gottox/irc-message-action@v2
+ continue-on-error: true
+ with:
+ server: irc.libera.chat
+ channel: '#mate-dev'
+ nickname: mate-github-bot
+ message: |
+ [mate-calc] ${{ github.actor }}: ${{ github.event.head_commit.message || 'Workflow completed successfully' }}
+ [${{ github.ref_name }}] ${{ github.sha }} Success ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+ - name: Send IRC notification on failure
+ if: github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'failure'
+ uses: Gottox/irc-message-action@v2
+ continue-on-error: true
+ with:
+ server: irc.libera.chat
+ channel: '#mate-dev'
+ nickname: mate-github-bot
+ message: |
+ [mate-calc] Build failed: ${{ github.event.workflow_run.head_commit.message }}
+ [${{ github.event.workflow_run.head_branch }}] ${{ github.event.workflow_run.head_sha }} Failure ${{ github.event.workflow_run.html_url }} \ No newline at end of file
diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml
new file mode 100644
index 0000000..c1c1af6
--- /dev/null
+++ b/.github/workflows/pages.yml
@@ -0,0 +1,139 @@
+name: Deploy to GitHub Pages
+
+on:
+ push:
+ branches: [ master, main ]
+ pull_request:
+ branches: [ master, main ]
+
+permissions:
+ contents: read
+ pages: write
+ id-token: write
+ pull-requests: write
+
+concurrency:
+ group: "pages"
+ cancel-in-progress: false
+
+jobs:
+ build-docs:
+ runs-on: ubuntu-latest
+ container:
+ image: 'fedora:latest'
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Install dependencies
+ run: |
+ dnf update -y
+ dnf install -y \
+ autoconf-archive \
+ clang \
+ clang-analyzer \
+ cppcheck-htmlreport \
+ bison \
+ desktop-file-utils \
+ flex \
+ gcc \
+ git \
+ gmp-devel \
+ gtk3 \
+ libmpc-devel \
+ libxml2-devel \
+ make \
+ mate-common \
+ mate-desktop-devel \
+ mpfr-devel \
+ redhat-rpm-config \
+ curl \
+ which
+
+ - name: Set up environment variables
+ run: |
+ export CPU_COUNT=$(nproc)
+ echo "CPU_COUNT=$CPU_COUNT" >> $GITHUB_ENV
+ echo "REPO_NAME=mate-calc" >> $GITHUB_ENV
+ echo "OWNER_NAME=mate-desktop" >> $GITHUB_ENV
+ export CHECKERS="-enable-checker deadcode.DeadStores -enable-checker alpha.deadcode.UnreachableCode -enable-checker alpha.core.CastSize -enable-checker alpha.core.CastToStruct -enable-checker alpha.core.IdenticalExpr -enable-checker alpha.core.SizeofPtr -enable-checker alpha.security.ArrayBoundV2 -enable-checker alpha.security.MallocOverflow -enable-checker alpha.security.ReturnPtrRange -enable-checker alpha.unix.SimpleStream -enable-checker alpha.unix.cstring.BufferOverlap -enable-checker alpha.unix.cstring.NotNullTerminated -enable-checker alpha.unix.cstring.OutOfBounds -enable-checker alpha.core.FixedAddr -enable-checker security.insecureAPI.strcpy"
+ echo "CHECKERS=$CHECKERS" >> $GITHUB_ENV
+
+ - name: Generate build system
+ run: |
+ NOCONFIGURE=1 ./autogen.sh
+
+ - name: Configure with scan-build
+ run: |
+ scan-build $CHECKERS ./configure --enable-compile-warnings=maximum
+
+ - name: Build with scan-build
+ run: |
+ scan-build $CHECKERS --keep-cc -o html-report make -j $CPU_COUNT
+
+ - name: Run cppcheck
+ run: |
+ cppcheck --xml --output-file=cppcheck.xml --enable=warning,style,performance,portability,information,missingInclude .
+ cppcheck-htmlreport --title=$REPO_NAME --file=cppcheck.xml --report-dir=cppcheck-htmlreport
+
+ - name: Generate index page
+ run: |
+ curl -Ls -o gen-index https://github.com/mate-desktop/mate-dev-scripts/raw/master/travis/gen-index.sh
+ chmod +x gen-index
+ ./gen-index -l 20 -i https://github.com/${OWNER_NAME}/mate-icon-theme/raw/master/mate/16x16/apps/accessories-calculator.png
+
+ - name: Setup Pages
+ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main'
+ uses: actions/configure-pages@v5
+
+ - name: Upload artifact
+ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main'
+ uses: actions/upload-pages-artifact@v3
+ with:
+ path: html-report
+
+ - name: Comment on PR with analysis results
+ if: github.event_name == 'pull_request'
+ uses: actions/github-script@v7
+ with:
+ script: |
+ const fs = require('fs');
+ const path = require('path');
+
+ // Check if html-report exists and has content
+ const reportDir = 'html-report';
+ let reportCount = 0;
+
+ if (fs.existsSync(reportDir)) {
+ const files = fs.readdirSync(reportDir);
+ reportCount = files.filter(f => f.endsWith('.html')).length;
+ }
+
+ const comment = `## 🔍 Static Analysis Results
+
+ Code analysis completed for this pull request.
+
+ - **Scan-build reports**: ${reportCount} files generated
+ - **Status**: ${reportCount > 0 ? '⚠️ Issues found' : '✅ No issues found'}
+
+ The detailed reports are available in the workflow artifacts.`;
+
+ github.rest.issues.createComment({
+ issue_number: context.issue.number,
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: comment
+ });
+
+ deploy:
+ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main'
+ environment:
+ name: github-pages
+ url: ${{ steps.deployment.outputs.page_url }}
+ runs-on: ubuntu-latest
+ needs: build-docs
+ steps:
+ - name: Deploy to GitHub Pages
+ id: deployment
+ uses: actions/deploy-pages@v4 \ No newline at end of file
diff --git a/.github/workflows/quality.yml b/.github/workflows/quality.yml
new file mode 100644
index 0000000..82ba076
--- /dev/null
+++ b/.github/workflows/quality.yml
@@ -0,0 +1,95 @@
+name: Code Quality
+
+on:
+ push:
+ branches: [ master, main ]
+ pull_request:
+ branches: [ master, main ]
+
+jobs:
+ lint:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Install dependencies
+ run: |
+ sudo apt-get update
+ sudo apt-get install -y \
+ clang-format \
+ cppcheck \
+ shellcheck \
+ xmllint \
+ desktop-file-utils
+
+ - name: Check C/C++ code formatting
+ run: |
+ # Find all C/C++ files and check formatting
+ find src/ -name "*.c" -o -name "*.h" | while read file; do
+ echo "Checking format of $file"
+ clang-format --dry-run --Werror "$file" || true
+ done
+
+ - name: Run cppcheck
+ run: |
+ cppcheck --error-exitcode=1 \
+ --enable=warning,style,performance,portability,information \
+ --suppress=missingIncludeSystem \
+ --suppress=unusedFunction \
+ --inline-suppr \
+ src/
+
+ - name: Check shell scripts
+ run: |
+ find . -name "*.sh" -type f -exec shellcheck {} \; || true
+
+ - name: Validate desktop files
+ run: |
+ find . -name "*.desktop.in" -type f | while read file; do
+ echo "Validating $file"
+ # Basic validation - desktop-file-validate would need the processed .desktop file
+ xmllint --noout --nonet --quiet "$file" 2>/dev/null || echo "XML validation skipped for $file"
+ done
+
+ - name: Check XML files
+ run: |
+ find . -name "*.xml" -type f -exec xmllint --noout {} \;
+
+ - name: Check for common issues
+ run: |
+ # Check for trailing whitespace
+ if grep -r '[[:space:]]$' src/ --exclude-dir=.git; then
+ echo "Found trailing whitespace"
+ exit 1
+ fi
+
+ # Check for tabs in source files (if project prefers spaces)
+ if grep -r $'\t' src/ --include="*.c" --include="*.h" --exclude-dir=.git; then
+ echo "Found tabs in source files - please use spaces"
+ # Don't fail on this for now, just warn
+ fi
+
+ security:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Run security checks
+ run: |
+ # Check for potential security issues
+ echo "Checking for potential security issues..."
+
+ # Look for dangerous functions
+ if grep -r '\(strcpy\|sprintf\|gets\|strcat\)(' src/ --include="*.c"; then
+ echo "Warning: Found potentially unsafe functions"
+ fi
+
+ # Check for TODO/FIXME comments that might indicate security issues
+ grep -r 'TODO.*\(security\|vulner\|exploit\)' src/ || true
+ grep -r 'FIXME.*\(security\|vulner\|exploit\)' src/ || true
+
+ echo "Security check completed" \ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..a6cfbb4
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,117 @@
+name: Release
+
+on:
+ push:
+ tags:
+ - 'v*'
+
+jobs:
+ release:
+ runs-on: ubuntu-latest
+ container:
+ image: 'fedora:latest'
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+
+ - name: Install dependencies
+ run: |
+ dnf update -y
+ dnf install -y \
+ autoconf-archive \
+ clang \
+ clang-analyzer \
+ bison \
+ desktop-file-utils \
+ flex \
+ gcc \
+ git \
+ gmp-devel \
+ gtk3 \
+ libmpc-devel \
+ libxml2-devel \
+ make \
+ mate-common \
+ mate-desktop-devel \
+ mpfr-devel \
+ redhat-rpm-config \
+ curl \
+ which \
+ sha256sum
+
+ - name: Set up environment variables
+ run: |
+ export CPU_COUNT=$(nproc)
+ echo "CPU_COUNT=$CPU_COUNT" >> $GITHUB_ENV
+ echo "REPO_NAME=mate-calc" >> $GITHUB_ENV
+ echo "OWNER_NAME=mate-desktop" >> $GITHUB_ENV
+
+ - name: Generate build system
+ run: |
+ NOCONFIGURE=1 ./autogen.sh
+
+ - name: Configure
+ run: |
+ ./configure --enable-compile-warnings=maximum
+
+ - name: Build
+ run: |
+ make -j $CPU_COUNT
+
+ - name: Create distribution archive
+ run: |
+ make distcheck
+
+ - name: Generate checksums
+ run: |
+ for file in mate-calc-*.tar.xz; do
+ if [ -f "$file" ]; then
+ sha256sum "$file" > "$file.sha256"
+ fi
+ done
+
+ - name: Notify release servers
+ run: |
+ # Notify MATE release servers (if configured)
+ if [ -n "${{ secrets.RELEASE_NOTIFY_TOKEN }}" ]; then
+ curl -X POST -H "Authorization: token ${{ secrets.RELEASE_NOTIFY_TOKEN }}" \
+ -d '{"tag":"${{ github.ref_name }}","repo":"mate-calc"}' \
+ https://release.mate-desktop.org/release || echo "Release notification failed"
+ fi
+
+ - name: Create GitHub Release
+ uses: softprops/action-gh-release@v2
+ with:
+ draft: false
+ prerelease: false
+ generate_release_notes: true
+ files: |
+ mate-calc-*.tar.xz
+ mate-calc-*.tar.xz.sha256
+ body: |
+ Release ${{ github.ref_name }} of MATE Calculator
+
+ This release includes the source distribution archive and checksums.
+
+ ## Installation
+
+ Download the `mate-calc-*.tar.xz` file and verify it with the corresponding `.sha256` checksum file:
+
+ ```bash
+ sha256sum -c mate-calc-*.tar.xz.sha256
+ ```
+
+ Then extract and build:
+
+ ```bash
+ tar -xf mate-calc-*.tar.xz
+ cd mate-calc-*
+ ./configure
+ make
+ sudo make install
+ ```
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file
generated by cgit v1.2.1 (git 2.18.0) at 2025-08-25 20:49:17 +0000