IOPZ-2913 Address Security Vulnerability with rexml gem #1126
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
jobs: | |
ci: | |
name: CI | |
strategy: | |
fail-fast: false | |
matrix: | |
# Due to https://github.com/actions/runner/issues/849, we have to use | |
# quotes for '3.0' -- without quotes, CI sees '3' and runs the latest. | |
ruby: [2.5, 2.6, 2.7, '3.0', 3.1, 3.2, 3.3, jruby, truffleruby-head] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
# Conditionally configure bundler via environment variables as advised | |
# * https://github.com/ruby/setup-ruby#bundle-config | |
- name: Set bundler environment variables | |
run: | | |
echo "BUNDLE_WITH=checks:docs" >> $GITHUB_ENV | |
if: matrix.ruby == 3.3 | |
- name: Set bundler environment variables | |
run: | | |
echo "BUNDLE_WITH=dokaz" >> $GITHUB_ENV | |
if: matrix.ruby == 3.2 | |
# Use 'bundler-cache: true' instead of actions/cache as advised: | |
# * https://github.com/actions/cache/blob/main/examples.md#ruby---bundler | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ matrix.ruby }} | |
bundler-cache: true | |
- run: bundle exec rspec | |
- uses: codecov/codecov-action@v4 | |
with: | |
files: ./coverage/coverage.xml | |
fail_ci_if_error: true # optional (default = false) | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true # optional (default = false) | |
if: matrix.ruby == 3.3 | |
- run: bundle exec rubocop | |
if: matrix.ruby == 3.3 | |
- run: bundle exec yard doctest | |
if: matrix.ruby == 3.3 | |
- run: bundle exec dokaz | |
if: matrix.ruby == 3.2 # Does not yet work on Ruby 3.3+: https://github.com/zverok/dokaz/issues/3 | |
- name: Run benchmarks on Ruby 2.7 or 3.3 | |
run: | | |
BUNDLE_GEMFILE=benchmarks/Gemfile bundle install --jobs 4 --retry 3 | |
BUNDLE_GEMFILE=benchmarks/Gemfile bundle exec ruby benchmarks/benchmarks.rb | |
if: matrix.ruby == '2.7' || matrix.ruby == '3.3' |