Skip to content

IOPZ-2913 Address Security Vulnerability with rexml gem #1126

IOPZ-2913 Address Security Vulnerability with rexml gem

IOPZ-2913 Address Security Vulnerability with rexml gem #1126

Workflow file for this run

name: Main
on:
pull_request:
branches:
- main
push:
branches:
- main
jobs:
ci:
name: CI
strategy:
fail-fast: false
matrix:
# Due to https://github.com/actions/runner/issues/849, we have to use
# quotes for '3.0' -- without quotes, CI sees '3' and runs the latest.
ruby: [2.5, 2.6, 2.7, '3.0', 3.1, 3.2, 3.3, jruby, truffleruby-head]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# Conditionally configure bundler via environment variables as advised
# * https://github.com/ruby/setup-ruby#bundle-config
- name: Set bundler environment variables
run: |
echo "BUNDLE_WITH=checks:docs" >> $GITHUB_ENV
if: matrix.ruby == 3.3
- name: Set bundler environment variables
run: |
echo "BUNDLE_WITH=dokaz" >> $GITHUB_ENV
if: matrix.ruby == 3.2
# Use 'bundler-cache: true' instead of actions/cache as advised:
# * https://github.com/actions/cache/blob/main/examples.md#ruby---bundler
- uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true
- run: bundle exec rspec
- uses: codecov/codecov-action@v4
with:
files: ./coverage/coverage.xml
fail_ci_if_error: true # optional (default = false)
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true # optional (default = false)
if: matrix.ruby == 3.3
- run: bundle exec rubocop
if: matrix.ruby == 3.3
- run: bundle exec yard doctest
if: matrix.ruby == 3.3
- run: bundle exec dokaz
if: matrix.ruby == 3.2 # Does not yet work on Ruby 3.3+: https://github.com/zverok/dokaz/issues/3
- name: Run benchmarks on Ruby 2.7 or 3.3
run: |
BUNDLE_GEMFILE=benchmarks/Gemfile bundle install --jobs 4 --retry 3
BUNDLE_GEMFILE=benchmarks/Gemfile bundle exec ruby benchmarks/benchmarks.rb
if: matrix.ruby == '2.7' || matrix.ruby == '3.3'