mirror of
https://github.com/curl/curl.git
synced 2026-04-13 00:31:41 +08:00
9e6f1c5efb
Usage:
- autotools: `--disable-typecheck` (or `--enable-typecheck` (default))
- cmake: `-DCURL_DISABLE_TYPECHECK=ON`.
To disable `curl_easy_setopt()`/`curl_easy_getinfo()` type checking with
supported (new) gcc and clang compilers. It is useful to improve build
performance for the `tests/libtest` target. In particular the CodeQL
analyzer may take above an hour to compile with type checking enabled,
and disabling it brings it down to seconds. On local machines it may
also cut build times in half when build testdeps, depending on platform
and compiler.
Other than these cases, we recommend leaving type checking enabled.
Ref: fdacf34aae #19632
Also:
- GHA/codeql: use it.
- test1165: check in `include/curl`.
- lib1912: delete stray todo comment.
- spelling and comment nits.
Closes #19637
135 lines
4.9 KiB
YAML
135 lines
4.9 KiB
YAML
# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
#
|
|
# SPDX-License-Identifier: curl
|
|
|
|
name: 'CodeQL'
|
|
|
|
'on':
|
|
push:
|
|
branches:
|
|
- master
|
|
- '*/ci'
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
- 'tests/data/**'
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
- 'tests/data/**'
|
|
schedule:
|
|
- cron: '0 0 * * 4'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
|
|
cancel-in-progress: true
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
gha_python:
|
|
if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
|
|
name: 'GHA and Python'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
security-events: write # To create/update security events
|
|
steps:
|
|
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: 'initialize'
|
|
uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
|
|
with:
|
|
languages: actions, python
|
|
queries: security-extended
|
|
|
|
- name: 'perform analysis'
|
|
uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
|
|
|
|
c:
|
|
if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
|
|
name: 'C'
|
|
runs-on: ${{ matrix.platform == 'Linux' && 'ubuntu-latest' || 'windows-2022' }}
|
|
permissions:
|
|
security-events: write # To create/update security events
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform: [Linux, Windows]
|
|
env:
|
|
MATRIX_PLATFORM: '${{ matrix.platform }}'
|
|
steps:
|
|
- name: 'install prereqs'
|
|
if: ${{ matrix.platform == 'Linux' }}
|
|
timeout-minutes: 5
|
|
run: |
|
|
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
|
|
sudo apt-get -o Dpkg::Use-Pty=0 update
|
|
sudo rm -f /var/lib/man-db/auto-update
|
|
sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libssh-dev \
|
|
libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev libwolfssl-dev
|
|
HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi
|
|
|
|
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: 'initialize'
|
|
uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
|
|
with:
|
|
languages: cpp
|
|
build-mode: manual
|
|
trap-caching: false
|
|
|
|
- name: 'build'
|
|
timeout-minutes: 10
|
|
shell: bash
|
|
run: |
|
|
if [ "${MATRIX_PLATFORM}" = 'Windows' ]; then
|
|
cmake -B . -DBUILD_SHARED_LIBS=OFF \
|
|
-DCMAKE_VS_GLOBALS=TrackFileAccess=false \
|
|
-DCURL_USE_SCHANNEL=ON -DCURL_USE_LIBPSL=OFF -DUSE_WIN32_IDN=ON
|
|
cmake --build . --verbose
|
|
src/Debug/curl.exe --disable --version
|
|
else
|
|
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
|
|
|
|
# MultiSSL
|
|
export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix c-ares)/lib/pkgconfig:$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
|
|
cmake -B _bld1 -G Ninja -DCURL_DISABLE_TYPECHECK=ON -DENABLE_DEBUG=ON \
|
|
-DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \
|
|
-DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON \
|
|
-DCURL_DISABLE_VERBOSE_STRINGS=ON
|
|
cmake --build _bld1
|
|
cmake --build _bld1 --target testdeps
|
|
cmake --build _bld1 --target curl-examples-build
|
|
|
|
# HTTP/3
|
|
export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
|
|
cmake -B _bld2 -G Ninja -DCURL_DISABLE_TYPECHECK=ON \
|
|
-DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \
|
|
-DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON \
|
|
-DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON
|
|
cmake --build _bld2
|
|
cmake --build _bld2 --target testdeps
|
|
cmake --build _bld2 --target curl-examples-build
|
|
|
|
_bld1/src/curl --disable --version
|
|
_bld2/src/curl --disable --version
|
|
fi
|
|
|
|
- name: 'perform analysis'
|
|
uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
|