Skip to content

maint: avoid clang masquerading as gcc in ManyConfigTests #343

maint: avoid clang masquerading as gcc in ManyConfigTests

maint: avoid clang masquerading as gcc in ManyConfigTests #343

Workflow file for this run

name: Clang Static Analyzer
on:
workflow_dispatch:
push:
branches: [ master, "release/**" ]
pull_request:
branches: [ master ]
permissions:
contents: read
jobs:
Analyze:
runs-on: ubuntu-24.04
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
contents: read
env:
# The @microsoft/sarif-multitool tool actually uses DotnetCore, which in
# turn aborts when it finds that GitHub's CI machine doesn't have ICU.
# Just turn off localisation. A future version of the ubuntu-24.04 or
# ubuntu-latest runners might not need this workaround.
# https://github.com/actions/runner-images/issues/10989
DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1
steps:
- name: Setup
run: |
sudo apt-get -qq update
sudo apt-get -qq install ninja-build clang-tools
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: true
- name: Configure
run: |
mkdir build
cd build
scan-build cmake -G Ninja -DPCRE2_SUPPORT_JIT=ON -DCMAKE_BUILD_TYPE=Debug ..
- name: Build
run: |
# Inefficiently run clang scan twice; once to generate HTML, and secondly
# to generate SARIF files. Ideally we would have some way to scan once and
# generate one of those outputs from the other, but I don't know a good way
# to do that.
cd build
scan-build -o clang-report/ ninja
ninja clean
scan-build -o clang-sarif -sarif ninja
# Work around issue in GitHub's SARIF ingestion - merge all SARIF files into one
npx -y @microsoft/sarif-multitool merge clang-sarif/*/*.sarif --output-file=clang.sarif
# Upload the browsable HTML report as an artifact.
- name: Upload report
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: "Clang Static Analyzer report"
path: './build/clang-report'
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
with:
sarif_file: build/clang.sarif
category: clang-analyzer