ci: tighten workflow permissions and disable checkout credential persistence #12323

Workflow file for this run

.github/workflows/test262.yml at 0f9cbb8

	name: test262

	on:
	pull_request:
	branches:
	- main
	- releases/**

	permissions:
	contents: read

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
	cancel-in-progress: true

	jobs:
	run_test262:
	name: Run the test262 test suite
	runs-on: ubuntu-latest
	timeout-minutes: 60
	steps:
	- name: Checkout repository
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
	with:
	path: boa
	persist-credentials: false

	- name: Install Rust toolchain
	uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
	with:
	toolchain: stable

	- name: Cache cargo
	uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
	with:
	path: \|
	boa/target
	~/.cargo/git
	~/.cargo/registry
	key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ hashFiles('**/Cargo.lock') }}

	- name: Checkout the data repo
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
	with:
	repository: boa-dev/data
	path: data
	persist-credentials: false

	- name: Run the test262 test suite
	run: \|
	cd boa
	mkdir -p ../results/test262
	cargo run --release --bin boa_tester -- run -v -o ../results/test262
	cd ..

	- name: Compare results
	shell: bash
	run: \|
	cd boa

	base_results="../data/test262/refs/heads/main/latest.json"
	pr_results="../results/test262/pull/latest.json"
	output_dir="../results/outputs"

	test -f "$base_results"
	test -f "$pr_results"

	comment="$(./target/release/boa_tester compare "$base_results" "$pr_results" -m)"
	maincommit="$(jq -r '.c' "$base_results")"

	mkdir -p "$output_dir"
	{
	echo "<!-- test262-compliance-report -->"
	echo "### Test262 conformance changes"
	echo
	echo "$comment"
	echo
	echo "Tested main commit: [\`${maincommit}\`](${{ github.event.pull_request.base.repo.html_url }}/commit/${maincommit})"
	echo "Tested PR commit: [\`${{ github.event.pull_request.head.sha }}\`](${{ github.event.pull_request.head.repo.html_url }}/commit/${{ github.event.pull_request.head.sha }})"
	echo "Compare commits: ${{ github.event.pull_request.base.repo.html_url }}/compare/${maincommit}...${{ github.event.pull_request.head.sha }}"
	} > "$output_dir/comment.md"

	echo "${{ github.event.pull_request.number }}" > "$output_dir/pr_number.txt"

	- name: Upload results
	uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
	with:
	name: test262-results
	path: results/outputs
	retention-days: 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ci: tighten workflow permissions and disable checkout credential persistence #12323

Workflow file

ci: tighten workflow permissions and disable checkout credential persistence #12323

Uh oh!

Workflow file for this run