icalendar/.github/workflows/cifuzz.yml

name: CIFuzz
on: [pull_request]
permissions: {}
jobs:
  Fuzzing:
    runs-on: ubuntu-latest
    permissions:
      security-events: write
    steps:
    - name: Build Fuzzers
      id: build
      uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
      with:
        oss-fuzz-project-name: 'icalendar'
        language: python
    - name: Run Fuzzers
      uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
      with:
        oss-fuzz-project-name: 'icalendar'
        language: python
        fuzz-seconds: 600
        output-sarif: true
    - name: Upload Crash
      uses: actions/upload-artifact@v4
      if: failure() && steps.build.outcome == 'success'
      with:
        name: artifacts
        path: ./out/artifacts
    - name: Upload Sarif
      if: always() && steps.build.outcome == 'success'
      uses: github/codeql-action/upload-sarif@v3
      with:
        # Path to SARIF file relative to the root of the repository
        sarif_file: cifuzz-sarif/results.sarif
        checkout_path: cifuzz-sarif

  check-distribution:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - name: Do not include Apache files in the distribution.
      run: |
        src/icalendar/tests/test_create_release.sh
cifuzz integration 2023-10-09 15:53:44 +00:00			`name: CIFuzz`
			`on: [pull_request]`
			`permissions: {}`
			`jobs:`
FIx syntax error in fuzzing CI file 2023-10-25 11:32:39 +00:00			`Fuzzing:`
			`runs-on: ubuntu-latest`
			`permissions:`
			`security-events: write`
			`steps:`
			`- name: Build Fuzzers`
			`id: build`
			`uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master`
			`with:`
			`oss-fuzz-project-name: 'icalendar'`
			`language: python`
			`- name: Run Fuzzers`
			`uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master`
			`with:`
			`oss-fuzz-project-name: 'icalendar'`
			`language: python`
			`fuzz-seconds: 600`
			`output-sarif: true`
			`- name: Upload Crash`
Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `3` \| `4` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `2` \| `3` \| \| [actions/checkout](https://github.com/actions/checkout) \| `3` \| `4` \| \| [actions/setup-python](https://github.com/actions/setup-python) \| `4` \| `5` \| \| [elgohr/Github-Release-Action](https://github.com/elgohr/github-release-action) \| `4` \| `5` \| Updates `actions/upload-artifact` from 3 to 4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `actions/setup-python` from 4 to 5 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v5) Updates `elgohr/Github-Release-Action` from 4 to 5 - [Release notes](https://github.com/elgohr/github-release-action/releases) - [Commits](https://github.com/elgohr/github-release-action/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: elgohr/Github-Release-Action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 2024-01-29 14:38:35 +00:00			`uses: actions/upload-artifact@v4`
FIx syntax error in fuzzing CI file 2023-10-25 11:32:39 +00:00			`if: failure() && steps.build.outcome == 'success'`
			`with:`
			`name: artifacts`
			`path: ./out/artifacts`
			`- name: Upload Sarif`
			`if: always() && steps.build.outcome == 'success'`
Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `3` \| `4` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `2` \| `3` \| \| [actions/checkout](https://github.com/actions/checkout) \| `3` \| `4` \| \| [actions/setup-python](https://github.com/actions/setup-python) \| `4` \| `5` \| \| [elgohr/Github-Release-Action](https://github.com/elgohr/github-release-action) \| `4` \| `5` \| Updates `actions/upload-artifact` from 3 to 4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `actions/setup-python` from 4 to 5 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v5) Updates `elgohr/Github-Release-Action` from 4 to 5 - [Release notes](https://github.com/elgohr/github-release-action/releases) - [Commits](https://github.com/elgohr/github-release-action/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: elgohr/Github-Release-Action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 2024-01-29 14:38:35 +00:00			`uses: github/codeql-action/upload-sarif@v3`
FIx syntax error in fuzzing CI file 2023-10-25 11:32:39 +00:00			`with:`
			`# Path to SARIF file relative to the root of the repository`
			`sarif_file: cifuzz-sarif/results.sarif`
			`checkout_path: cifuzz-sarif`
cifuzz integration 2023-10-09 15:53:44 +00:00
Check that fuzzing files are not included in the release 2023-10-25 11:17:51 +00:00			`check-distribution:`
			`runs-on: ubuntu-latest`
			`steps:`
Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `3` \| `4` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `2` \| `3` \| \| [actions/checkout](https://github.com/actions/checkout) \| `3` \| `4` \| \| [actions/setup-python](https://github.com/actions/setup-python) \| `4` \| `5` \| \| [elgohr/Github-Release-Action](https://github.com/elgohr/github-release-action) \| `4` \| `5` \| Updates `actions/upload-artifact` from 3 to 4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `actions/setup-python` from 4 to 5 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v5) Updates `elgohr/Github-Release-Action` from 4 to 5 - [Release notes](https://github.com/elgohr/github-release-action/releases) - [Commits](https://github.com/elgohr/github-release-action/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: elgohr/Github-Release-Action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 2024-01-29 14:38:35 +00:00			`- uses: actions/checkout@v4`
Check that fuzzing files are not included in the release 2023-10-25 11:17:51 +00:00			`- name: Do not include Apache files in the distribution.`
			`run: \|`
			`src/icalendar/tests/test_create_release.sh`