diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index 3ed6a7a..3ffd29f 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -2,3 +2,6 @@ # Add pre-commit hooks 9c1fb5bd9b946c2eaaf1ea882e789efcccf66b53 + +# Add additional pre-commit hooks +29de56032f5a5bb031eb1145d970c92b53319930 diff --git a/.github/workflows/build-with-clang.yml b/.github/workflows/build-with-clang.yml index cbed8f4..e7f7d1c 100644 --- a/.github/workflows/build-with-clang.yml +++ b/.github/workflows/build-with-clang.yml @@ -68,8 +68,8 @@ jobs: - name: Build mkl-service run: | source ${{ env.ONEAPI_ROOT }}/setvars.sh - echo $CMPLR_ROOT - export CC=$CMPLR_ROOT/bin/icx + echo "$CMPLR_ROOT" + export CC="$CMPLR_ROOT/bin/icx" export CFLAGS="${CFLAGS} -fno-fast-math" python setup.py develop diff --git a/.github/workflows/conda-package.yml b/.github/workflows/conda-package.yml index 3e223ae..cc03bfd 100644 --- a/.github/workflows/conda-package.yml +++ b/.github/workflows/conda-package.yml @@ -50,7 +50,7 @@ jobs: ${{ runner.os }}-conda-${{ env.CACHE_NUMBER }}- - name: Add conda to system path - run: echo $CONDA/bin >> $GITHUB_PATH + run: echo "$CONDA/bin" >> "$GITHUB_PATH" - name: Install conda-build run: conda install conda-build @@ -58,19 +58,19 @@ jobs: - name: Store conda paths as envs shell: bash -el {0} run: | - echo "CONDA_BLD=/usr/share/miniconda/conda-bld/linux-64/" >> $GITHUB_ENV - echo "WHEELS_OUTPUT_FOLDER=$GITHUB_WORKSPACE/" >> $GITHUB_ENV + echo "CONDA_BLD=/usr/share/miniconda/conda-bld/linux-64/" >> "$GITHUB_ENV" + echo "WHEELS_OUTPUT_FOLDER=$GITHUB_WORKSPACE/" >> "$GITHUB_ENV" - name: Build conda package run: | - CHANNELS="-c conda-forge -c conda-forge/label/python_rc -c https://software.repos.intel.com/python/conda --override-channels" - VERSIONS="--python ${{ matrix.python }}" - TEST="--no-test" + CHANNELS=(-c conda-forge -c conda-forge/label/python_rc -c https://software.repos.intel.com/python/conda --override-channels) + VERSIONS=(--python "${{ matrix.python }}") + TEST=(--no-test) conda build \ - $TEST \ - $VERSIONS \ - $CHANNELS \ + "${TEST[@]}" \ + "${VERSIONS[@]}" \ + "${CHANNELS[@]}" \ conda-recipe - name: Upload artifact @@ -127,8 +127,8 @@ jobs: - name: Store conda paths as envs shell: bash -el {0} run: | - echo "CONDA_BLD=$CONDA_PREFIX\\conda-bld\\win-64\\" >> $GITHUB_ENV - echo "WHEELS_OUTPUT_FOLDER=$GITHUB_WORKSPACE\\" >> $GITHUB_ENV + echo "CONDA_BLD=$CONDA_PREFIX\\conda-bld\\win-64\\" >> "$GITHUB_ENV" + echo "WHEELS_OUTPUT_FOLDER=$GITHUB_WORKSPACE\\" >> "$GITHUB_ENV" - name: Build conda package run: conda build --no-test --python ${{ matrix.python }} -c https://software.repos.intel.com/python/conda -c conda-forge -c conda-forge/label/python_rc --override-channels conda-recipe @@ -165,27 +165,28 @@ jobs: name: ${{ env.PACKAGE_NAME }} ${{ runner.os }} Python ${{ matrix.python }} - name: Add conda to system path - run: echo $CONDA/bin >> $GITHUB_PATH + run: echo "$CONDA/bin" >> "$GITHUB_PATH" - name: Install conda-build run: conda install conda-build - name: Create conda channel run: | - mkdir -p $GITHUB_WORKSPACE/channel/linux-64 - conda index $GITHUB_WORKSPACE/channel || exit 1 - mv ${PACKAGE_NAME}-*.conda $GITHUB_WORKSPACE/channel/linux-64 || exit 1 - conda index $GITHUB_WORKSPACE/channel || exit 1 + mkdir -p "$GITHUB_WORKSPACE/channel/linux-64" + conda index "$GITHUB_WORKSPACE/channel" || exit 1 + mv "${PACKAGE_NAME}"-*.conda "$GITHUB_WORKSPACE/channel/linux-64" || exit 1 + conda index "$GITHUB_WORKSPACE/channel" || exit 1 # Test channel - conda search $PACKAGE_NAME -c $GITHUB_WORKSPACE/channel --override-channels --info --json > $GITHUB_WORKSPACE/ver.json + conda search "$PACKAGE_NAME" -c "$GITHUB_WORKSPACE/channel" --override-channels --info --json > "$GITHUB_WORKSPACE/ver.json" cat ver.json - name: Collect dependencies run: | - . $CONDA/etc/profile.d/conda.sh - CHANNELS="-c $GITHUB_WORKSPACE/channel ${{ env.CHANNELS }}" - export PACKAGE_VERSION=$(python -c "${VER_SCRIPT1} ${VER_SCRIPT2}") - conda create -n ${{ env.TEST_ENV_NAME }} $PACKAGE_NAME=${PACKAGE_VERSION} python=${{ matrix.python }} $CHANNELS --only-deps --dry-run > lockfile + . "$CONDA/etc/profile.d/conda.sh" + CHANNELS=(-c "$GITHUB_WORKSPACE/channel" -c conda-forge -c conda-forge/label/python_rc -c https://software.repos.intel.com/python/conda --override-channels) + PACKAGE_VERSION="$(python -c "${VER_SCRIPT1} ${VER_SCRIPT2}")" + export PACKAGE_VERSION + conda create -n "${{ env.TEST_ENV_NAME }}" "$PACKAGE_NAME=$PACKAGE_VERSION" "python=${{ matrix.python }}" "${CHANNELS[@]}" --only-deps --dry-run > lockfile cat lockfile - name: Set pkgs_dirs @@ -206,16 +207,17 @@ jobs: - name: Install mkl-service run: | - . $CONDA/etc/profile.d/conda.sh - CHANNELS="-c $GITHUB_WORKSPACE/channel ${{ env.CHANNELS }}" - export PACKAGE_VERSION=$(python -c "${VER_SCRIPT1} ${VER_SCRIPT2}") - conda create -n ${{ env.TEST_ENV_NAME }} $PACKAGE_NAME=${PACKAGE_VERSION} pytest python=${{ matrix.python }} $CHANNELS + . "$CONDA/etc/profile.d/conda.sh" + CHANNELS=(-c "$GITHUB_WORKSPACE/channel" -c conda-forge -c conda-forge/label/python_rc -c https://software.repos.intel.com/python/conda --override-channels) + PACKAGE_VERSION="$(python -c "${VER_SCRIPT1} ${VER_SCRIPT2}")" + export PACKAGE_VERSION + conda create -n "${{ env.TEST_ENV_NAME }}" "$PACKAGE_NAME=$PACKAGE_VERSION" pytest "python=${{ matrix.python }}" "${CHANNELS[@]}" # Test installed packages conda list - name: Run tests run: | - . $CONDA/etc/profile.d/conda.sh + . "$CONDA/etc/profile.d/conda.sh" conda activate ${{ env.TEST_ENV_NAME }} pytest -vv --pyargs ${{ env.MODULE_NAME }} @@ -250,13 +252,13 @@ jobs: - name: Create conda channel run: | - mkdir ${{ env.GITHUB_WORKSPACE }}\channel\win-64 - move ${{ env.PACKAGE_NAME }}-*.conda ${{ env.GITHUB_WORKSPACE }}\channel\win-64 - python -m conda_index ${{ env.GITHUB_WORKSPACE }}/channel + mkdir ${{ env.GITHUB_WORKSPACE }}/channel/win-64 + move ${{ env.PACKAGE_NAME }}-*.conda ${{ env.GITHUB_WORKSPACE }}/channel/win-64 + python -m conda_index "${{ env.GITHUB_WORKSPACE }}/channel" # Test channel - conda search ${{ env.PACKAGE_NAME }} -c ${{ env.GITHUB_WORKSPACE }}/channel --override-channels --info --json > ${{ env.GITHUB_WORKSPACE }}\ver.json - more ${{ env.GITHUB_WORKSPACE }}\ver.json + conda search ${{ env.PACKAGE_NAME }} -c ${{ env.GITHUB_WORKSPACE }}/channel --override-channels --info --json > ${{ env.GITHUB_WORKSPACE }}/ver.json + more ${{ env.GITHUB_WORKSPACE }}/ver.json - name: Collect dependencies shell: cmd diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 09fdb4c..9b1a369 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -14,6 +14,9 @@ jobs: steps: - name: Checkout repo uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + # use commit hash to make "no-commit-to-branch" check passing + ref: ${{ github.sha }} - name: Set up python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 @@ -29,9 +32,9 @@ jobs: - name: Set up clang-format run: | - sudo apt-get install -y clang-format-14 + sudo apt-get install -y clang-format-18 sudo unlink /usr/bin/clang-format - sudo ln -s /usr/bin/clang-format-14 /usr/bin/clang-format + sudo ln -s /usr/bin/clang-format-18 /usr/bin/clang-format clang-format --version - name: Run pre-commit checks diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1e019b5..8801742 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,6 +2,13 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: + # Git + - id: check-added-large-files + - id: no-commit-to-branch + name: "ensure no direct commit to master/maintenance branches" + args: [--branch, "master", --pattern, "maintenance/.*"] + - id: check-illegal-windows-names + # Contents - id: check-ast - id: check-builtin-literals - id: check-case-conflict @@ -101,3 +108,13 @@ repos: rev: 3.0.0 hooks: - id: shellcheck + +- repo: https://github.com/gitleaks/gitleaks + rev: v8.30.0 + hooks: + - id: gitleaks + +- repo: https://github.com/rhysd/actionlint + rev: v1.7.11 + hooks: + - id: actionlint