| Age | Commit message (Collapse) | Author |
|---|
|
It is not overridable via --py-version, astoundingly.
|
|
https://truststore.readthedocs.io/
This library allows patching the stdlib ssl module to respect system
certificates, which is a common source of "broken internet" for Windows
users especially.
Fixes: https://github.com/mesonbuild/meson/issues/15121
|
|
|
|
|
|
|
|
Keep using v3 for Bionic because of https://github.com/mesonbuild/meson/pull/13424
|
|
Version 1.9 removes support for python 3.7, so we either need to pin the
version to 1.8 as long as we're support Python 3.7, or we need to drop
linting for 3.7
|
|
|
|
If an annotation could not be resolved, it's classified as a "missing
import" and our configuration ignored it:
```
Skipping analyzing "mesonbuild.backends": module is installed, but missing library stubs or py.typed marker
```
As far as mypy is concerned, this library may or may not exist, but it
doesn't have any typing information at all (may need to be installed
first).
We ignored this because of our docs/ and tools/ thirdparty dependencies,
but we really should not. It is trivial to install them, and then
enforce that this "just works".
By enforcing it, we also make sure typos get caught.
|
|
Github Actions supports this fine, but is misdetected by flake8/mypy.
Even though pylint defaults to text instead of colorized, we might as
well do the right thing here though.
|
|
This allows verifying that meson is type-safe under older versions of
Python, which it currently is. Different versions of Python sometimes
have different supported types for an API.
Verify this in CI.
(We flush output to ensure CI prints lines in the right order.)
|
|
This is a no-op change, but github complains that nodejs is outdated if
you don't. It's not obvious why this required a major version bump...
|
|
Not much changes, really, other than it now sets PKG_CONFIG_PATH to
point to the python it just installed. This should generally not be a
problem (Meson's python module sets that anyway based on the
executable's introspection data).
|
|
|
|
We should have full coverage now, so make sure we don't regress in the
future.
|
|
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
|
|
Unfortunately, checking for strings without context is exceedingly prone
to false positives, while missing anything that indirectly opens a file.
Python 3.10 has a feature to warn about this though -- and it uses a
runtime check which runs at the same time that the code fails to open
files in the broken Windows locale. Set this up automatically when
running the testsuite.
Sadly, Python's builtin feature to change the warning level, e.g. by
setting EncodingWarning to error at startup, is utterly broken if you
want to limit it to only certain modules. This is tracked in order to be
more efficiently ignored at https://bugs.python.org/issue34624 and
https://github.com/python/cpython/pull/9358
It is also very trigger happy and passing stuff around via environment
variable either messes with the testsuite, or with thirdparty programs
which are implemented in python *such as lots of gnome*, or perhaps
both.
Instead, add runtime code to meson itself, to add a hidden "feature".
In the application source code, running the 'warnings' module, you can
actually get the expected behavior that $PYTHONWARNINGS doesn't have. So
check for a magic testsuite variable every time meson starts up, and if
it does, then go ahead and initialize a warnings filter that makes
EncodingWarning fatal, but *only* when triggered via Meson and not
arbitrary subprocess scripts.
|
|
|
|
For a long time now, this has done 3 different things, only one of which
is mypy. But they are labeled:
- LintMypy / lint
(runs pylint)
- LintMypy / custom_lint
(runs a custom script)
- LintMypy / mypy
(actually runs mypy)
This reduces the usable length of the label which isn't all that long to
begin with, is actively misleading, and even when you know what is going
on, it becomes harder to tell at a glance what failed. Change it to be
more unambiguous.
|
