Fix naive filtering of uploads directory. #31802
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Coding Standards | |
on: | |
# JSHint was introduced in WordPress 3.8. | |
# PHPCS checking was introduced in WordPress 5.1. | |
push: | |
branches: | |
- trunk | |
- '3.[89]' | |
- '[4-9].[0-9]' | |
tags: | |
- '[0-9]+.[0-9]' | |
- '[0-9]+.[0-9].[0-9]+' | |
- '!3.7.[0-9]+' | |
pull_request: | |
branches: | |
- trunk | |
- '3.[89]' | |
- '[4-9].[0-9]' | |
paths: | |
# Any change to a PHP or JavaScript file should run checks. | |
- '**.js' | |
- '**.php' | |
# These files configure npm. Changes could affect the outcome. | |
- 'package*.json' | |
# These files configure Composer. Changes could affect the outcome. | |
- 'composer.*' | |
# This file configures JSHint. Changes could affect the outcome. | |
- '.jshintrc' | |
# This file configures PHPCS. Changes could affect the outcome. | |
- 'phpcs.xml.dist' | |
# Changes to workflow files should always verify all workflows are successful. | |
- '.github/workflows/*.yml' | |
workflow_dispatch: | |
# Cancels all previous workflow runs for pull requests that have not completed. | |
concurrency: | |
# The concurrency group contains the workflow name and the branch name for pull requests | |
# or the commit hash for any other events. | |
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }} | |
cancel-in-progress: true | |
# Disable permissions for all available scopes by default. | |
# Any needed permissions should be configured at the job level. | |
permissions: {} | |
jobs: | |
# Runs PHP coding standards checks. | |
# | |
# Violations are reported inline with annotations. | |
# | |
# Performs the following steps: | |
# - Checks out the repository. | |
# - Sets up PHP. | |
# - Configures caching for PHPCS scans. | |
# - Installs Composer dependencies. | |
# - Make Composer packages available globally. | |
# - Runs PHPCS on the full codebase with warnings suppressed. | |
# - Generate a report for displaying issues as pull request annotations. | |
# - Runs PHPCS on the `tests` directory without warnings suppressed. | |
# - Generate a report for displaying `test` directory issues as pull request annotations. | |
# - Ensures version-controlled files are not modified or deleted. | |
phpcs: | |
name: PHP coding standards | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
timeout-minutes: 20 | |
if: ${{ github.repository == 'WordPress/wordpress-develop' || github.event_name == 'pull_request' }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
show-progress: ${{ runner.debug == '1' && 'true' || 'false' }} | |
- name: Set up PHP | |
uses: shivammathur/setup-php@a4e22b60bbb9c1021113f2860347b0759f66fe5d # v2.30.0 | |
with: | |
php-version: 'latest' | |
coverage: none | |
tools: cs2pr | |
# This date is used to ensure that the PHPCS cache is cleared at least once every week. | |
# http://man7.org/linux/man-pages/man1/date.1.html | |
- name: "Get last Monday's date" | |
id: get-date | |
run: echo "date=$(/bin/date -u --date='last Mon' "+%F")" >> $GITHUB_OUTPUT | |
- name: Cache PHPCS scan cache | |
uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 | |
with: | |
path: | | |
.cache/phpcs-src.json | |
.cache/phpcs-tests.json | |
key: ${{ runner.os }}-date-${{ steps.get-date.outputs.date }}-phpcs-cache-${{ hashFiles('**/composer.json', 'phpcs.xml.dist') }} | |
# Since Composer dependencies are installed using `composer update` and no lock file is in version control, | |
# passing a custom cache suffix ensures that the cache is flushed at least once per week. | |
- name: Install Composer dependencies | |
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # v3.0.0 | |
with: | |
custom-cache-suffix: ${{ steps.get-date.outputs.date }} | |
- name: Make Composer packages available globally | |
run: echo "${PWD}/vendor/bin" >> $GITHUB_PATH | |
- name: Run PHPCS on all Core files | |
id: phpcs-core | |
run: phpcs -n --report-full --cache=./.cache/phpcs-src.json --report-checkstyle=./.cache/phpcs-report.xml | |
- name: Show PHPCS results in PR | |
if: ${{ always() && steps.phpcs-core.outcome == 'failure' }} | |
run: cs2pr ./.cache/phpcs-report.xml | |
- name: Check test suite files for warnings | |
id: phpcs-tests | |
run: phpcs tests --report-full --cache=./.cache/phpcs-tests.json --report-checkstyle=./.cache/phpcs-tests-report.xml | |
- name: Show test suite scan results in PR | |
if: ${{ always() && steps.phpcs-tests.outcome == 'failure' }} | |
run: cs2pr ./.cache/phpcs-tests-report.xml | |
- name: Ensure version-controlled files are not modified during the tests | |
run: git diff --exit-code | |
# Runs the JavaScript coding standards checks. | |
# | |
# JSHint violations are not currently reported inline with annotations. | |
# | |
# Performs the following steps: | |
# - Checks out the repository. | |
# - Sets up Node.js. | |
# - Logs debug information about the GitHub Action runner. | |
# - Installs npm dependencies. | |
# - Run the WordPress JSHint checks. | |
# - Ensures version-controlled files are not modified or deleted. | |
jshint: | |
name: JavaScript coding standards | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
timeout-minutes: 20 | |
if: ${{ github.repository == 'WordPress/wordpress-develop' || github.event_name == 'pull_request' }} | |
env: | |
PUPPETEER_SKIP_DOWNLOAD: ${{ true }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
show-progress: ${{ runner.debug == '1' && 'true' || 'false' }} | |
- name: Set up Node.js | |
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
with: | |
node-version-file: '.nvmrc' | |
cache: npm | |
- name: Log debug information | |
run: | | |
npm --version | |
node --version | |
git --version | |
- name: Install npm Dependencies | |
run: npm ci | |
- name: Run JSHint | |
run: npm run grunt jshint | |
- name: Ensure version-controlled files are not modified or deleted | |
run: git diff --exit-code | |
slack-notifications: | |
name: Slack Notifications | |
uses: WordPress/wordpress-develop/.github/workflows/slack-notifications.yml@trunk | |
permissions: | |
actions: read | |
contents: read | |
needs: [ phpcs, jshint ] | |
if: ${{ github.repository == 'WordPress/wordpress-develop' && github.event_name != 'pull_request' && always() }} | |
with: | |
calling_status: ${{ contains( needs.*.result, 'cancelled' ) && 'cancelled' || contains( needs.*.result, 'failure' ) && 'failure' || 'success' }} | |
secrets: | |
SLACK_GHA_SUCCESS_WEBHOOK: ${{ secrets.SLACK_GHA_SUCCESS_WEBHOOK }} | |
SLACK_GHA_CANCELLED_WEBHOOK: ${{ secrets.SLACK_GHA_CANCELLED_WEBHOOK }} | |
SLACK_GHA_FIXED_WEBHOOK: ${{ secrets.SLACK_GHA_FIXED_WEBHOOK }} | |
SLACK_GHA_FAILURE_WEBHOOK: ${{ secrets.SLACK_GHA_FAILURE_WEBHOOK }} | |
failed-workflow: | |
name: Failed workflow tasks | |
runs-on: ubuntu-latest | |
permissions: | |
actions: write | |
needs: [ phpcs, jshint, slack-notifications ] | |
if: | | |
always() && | |
github.repository == 'WordPress/wordpress-develop' && | |
github.event_name != 'pull_request' && | |
github.run_attempt < 2 && | |
( | |
contains( needs.*.result, 'cancelled' ) || | |
contains( needs.*.result, 'failure' ) | |
) | |
steps: | |
- name: Dispatch workflow run | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
with: | |
retries: 2 | |
retry-exempt-status-codes: 418 | |
script: | | |
github.rest.actions.createWorkflowDispatch({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
workflow_id: 'failed-workflow.yml', | |
ref: 'trunk', | |
inputs: { | |
run_id: '${{ github.run_id }}' | |
} | |
}); |