feat: add decode_evasion, detect_scripts, is_mixed_script #15
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_call: | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | |
| with: | |
| enable-cache: true | |
| - name: Install dependencies | |
| run: uv sync --frozen | |
| - name: Ruff check | |
| run: uv run ruff check src/ tests/ | |
| - name: Ruff format | |
| run: uv run ruff format --check src/ tests/ | |
| typecheck: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | |
| with: | |
| enable-cache: true | |
| - name: Install dependencies | |
| run: uv sync --frozen | |
| - name: Mypy | |
| run: uv run mypy --strict src/navi_sanitize/ | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: ["3.12", "3.13"] | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | |
| with: | |
| enable-cache: true | |
| - name: Install dependencies | |
| env: | |
| PYTHON_VERSION: ${{ matrix.python-version }} | |
| run: uv sync --frozen --python "$PYTHON_VERSION" | |
| - name: Run tests with coverage | |
| run: | | |
| uv pip install coverage | |
| uv run coverage run -m pytest tests/ -v --benchmark-disable | |
| uv run coverage xml -o coverage.xml --include='src/navi_sanitize/**' | |
| - name: Upload coverage to Codecov | |
| if: matrix.python-version == '3.12' | |
| uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 | |
| with: | |
| files: coverage.xml | |
| fail_ci_if_error: false | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | |
| with: | |
| enable-cache: true | |
| - name: Install dependencies | |
| run: uv sync --frozen | |
| - name: pip-audit | |
| run: uvx pip-audit==2.9.0 | |
| build: | |
| needs: [lint, typecheck, test, security] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | |
| with: | |
| enable-cache: true | |
| - name: Build wheel | |
| run: uv build | |
| - name: Smoke test | |
| run: | | |
| uv venv .smoke-venv | |
| uv pip install dist/*.whl --python .smoke-venv/bin/python | |
| .smoke-venv/bin/python -c " | |
| from navi_sanitize import clean, walk, jinja2_escaper, path_escaper | |
| assert clean('hello') == 'hello' | |
| assert walk({'k': 'v'}) == {'k': 'v'} | |
| print('Smoke test passed') | |
| " | |
| - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: wheel | |
| path: dist/*.whl |