diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 81ec62e..3b3909e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,7 @@ name: ci +# CI workflow for heidi-kernel build, test, and governance validation + on: push: branches: @@ -23,34 +25,53 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: - - name: Check PR title/body for emojis - run: | - TITLE="${{ github.event.pull_request.title }}" - BODY="${{ github.event.pull_request.body }}" - if echo "$TITLE" | grep -qE $'[\xf0\x9f\x98\x80-\xf0\x9f\xbf\xbf]' 2>/dev/null; then - echo "FAIL: Emoji found in PR title" - exit 1 - fi - if echo "$BODY" | grep -qE $'[\xf0\x9f\x98\x80-\xf0\x9f\xbf\xbf]' 2>/dev/null; then - echo "FAIL: Emoji found in PR body" - exit 1 - fi - echo "PASS: No emojis in PR title/body" + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Check for bidi control characters + - name: Check PR title/body for emojis and bidi + env: + TITLE: ${{ github.event.pull_request.title }} + BODY: ${{ github.event.pull_request.body }} run: | - TITLE="${{ github.event.pull_request.title }}" - BODY="${{ github.event.pull_request.body }}" - CONTENT="$TITLE $BODY" - # Check for bidi control characters using UTF-8 byte sequences: - # U+202A-LRE: \xE2\x80\xAA, U+202B-RLE: \xE2\x80\xAB, U+202C-PDF: \xE2\x80\xAC - # U+202D-LRO: \xE2\x80\xAD, U+202E-RLO: \xE2\x80\xAE, U+2066-LRI: \xE2\x81\xA6 - # U+2067-RLI: \xE2\x81\xA7, U+2068-FSI: \xE2\x81\xA8, U+2069-PDI: \xE2\x81\xA9 - if echo "$CONTENT" | grep -qE $'(\xe2\x80[\xaa-\xae]|\xe2\x81[\xa6-\xa9])' 2>/dev/null; then - echo "FAIL: Bidi control characters found in PR" - exit 1 - fi - echo "PASS: No bidi control chars" + python3 << 'PYEOF' + import os + import re + import sys + + title = os.environ.get('TITLE', '') + body = os.environ.get('BODY', '') + + # Emoji pattern: U+1F300 - U+1F6FF (Misc Symbols and Pictographs) + # U+1F700 - U+1F77F (Alchemical Symbols) + emoji_pattern = re.compile( + '[\U0001F300-\U0001F6FF\U0001F700-\U0001F77F' + '\U0001F780-\U0001F7FF\U0001F800-\U0001F8FF' + '\U0001F900-\U0001F9FF\U0001FA00-\U0001FA6F' + '\U0001FA70-\U0001FAFF\U0001FB00-\U0001FBFF]' + ) + + # Bidi control characters + bidi_pattern = re.compile( + '[\u202A-\u202E\u2066-\u2069]' + ) + + errors = [] + if emoji_pattern.search(title): + errors.append("Emoji found in PR title") + if emoji_pattern.search(body): + errors.append("Emoji found in PR body") + if bidi_pattern.search(title + body): + errors.append("Bidi control characters found in PR") + + if errors: + for e in errors: + print(f"FAIL: {e}") + sys.exit(1) + else: + print("PASS: No emojis or bidi control characters in PR title/body") + PYEOF - name: Check for build artifacts run: | @@ -64,6 +85,7 @@ jobs: build-test: strategy: + fail-fast: false matrix: os: [ubuntu-latest, macos-latest, windows-latest] runs-on: ${{ matrix.os }} @@ -78,12 +100,6 @@ jobs: submodules: false persist-credentials: false - - name: Initialize submodules - shell: bash - run: | - git submodule sync --recursive - git submodule update --init --recursive - - name: Validate .local is a gitlink (submodule) run: | MODE=$(git ls-tree -r HEAD | grep '.local$' | awk '{print $1}') @@ -152,7 +168,8 @@ jobs: - name: Install dependencies (macOS) if: runner.os == 'macOS' run: | - brew install cmake ninja + brew install cmake ninja llvm + echo "/opt/homebrew/opt/llvm/bin" >> $GITHUB_PATH - name: Install dependencies (Windows) if: runner.os == 'Windows' @@ -162,15 +179,17 @@ jobs: - name: Configure + Build (Debug) if: hashFiles('CMakeLists.txt') != '' run: | - cmake --preset debug || true - cmake --build --preset debug || true + cmake --preset debug + cmake --build --preset debug - - name: Lint (format + tidy where available) + - name: Lint (format check on changed files) run: | - find . -name '*.cpp' -o -name '*.h' | grep -v '^./build' | head -20 | xargs -I{} clang-format --style=file --dry-run -Werror {} || true + # Lint disabled pending formatting pass on codebase + # Re-enable once files are formatted + echo "Lint step temporarily disabled" - name: Tests if: hashFiles('CMakeLists.txt') != '' run: | chmod +x scripts/test.sh - ./scripts/test.sh || true + ./scripts/test.sh diff --git a/src/dashd/main.cpp b/src/dashd/main.cpp index 42197c0..72fbeec 100644 --- a/src/dashd/main.cpp +++ b/src/dashd/main.cpp @@ -1,13 +1,14 @@ #include +#include #include #include #include -#include #include +#include #include #include #include -#include +#include #include "heidi-kernel/http.h" diff --git a/src/job/job.cpp b/src/job/job.cpp index 34581ca..34c14cf 100644 --- a/src/job/job.cpp +++ b/src/job/job.cpp @@ -1,21 +1,22 @@ #include "heidi-kernel/job.h" +#include +#include +#include +#include +#include +#include #include +#include +#include +#include #include -#include #include -#include #include -#include #include -#include -#include -#include -#include -#include -#include -#include #include +#include +#include namespace heidi {