Skip to content

[backport] docs: Add instructions about profiling on macOS (#4202) #4207

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: release/v1.13
Choose a base branch
from
Open

[backport] docs: Add instructions about profiling on macOS (#4202) #4207

wants to merge 1 commit into from
+19 −0

Conversation

simonswine
Copy link
Contributor

Unfortunately SIP gets in the way of profiling system binaries using pyspy.

benfred/py-spy#397 (comment)

@simonswine simonswine changed the title docs: Add instructions about profiling on macOS (#4202) [backport] docs: Add instructions about profiling on macOS (#4202) May 27, 2025
@simonswine simonswine marked this pull request as ready for review May 27, 2025 08:10
@simonswine simonswine requested review from a team as code owners May 27, 2025 08:10
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@simonswine
docs: Add instructions about profiling on macOS (#4202)
4f526ab 
Unfortunately SIP gets in the way of profiling system binaries using pyspy.

benfred/py-spy#397 (comment)
@simonswine simonswine force-pushed the 20250527_backport-4202 branch from b324a62 to 4f526ab Compare May 27, 2025 08:14
@github-actions GitHub Actions
Copy link
Contributor

😢 zizmor failed with exit code 14.

Expand for full output 
error[dangerous-triggers]: use of fundamentally insecure workflow trigger
 --> ./og/.github/workflows/auto-request-review.yml:4:1
  |
4 | / on:
5 | |   pull_request_target:
6 | |     types: [opened, ready_for_review, reopened]
  | |_______________________________________________^ pull_request_target is almost always used insecurely
  |
  = note: audit confidence → Medium

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/auto-request-review.yml:14:9
   |
14 |         uses: necojackarc/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/brew-publish.yml:11:9
   |
11 |         uses: dawidd6/action-homebrew-bump-formula@v3
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/build-docker.yml:14:9
   |
14 |         uses: docker/build-push-action@v3
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/ci-profiling.yaml:15:9
   |
15 |       - uses: svrooij/secret-gate-action@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/ci-profiling.yaml:40:9
   |
40 |         uses: jaxxstorm/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/ci-profiling.yaml:52:9
   |
52 |       - uses: pyroscope-io/flamegraph.com-github-action@main
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/ci-profiling.yaml:81:9
   |
81 |         uses: jaxxstorm/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/ci-profiling.yaml:91:9
   |
91 |       - uses: pyroscope-io/flamegraph.com-github-action@main
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/conflicts.yml:10:9
   |
10 |         uses: mschilde/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/cypress-tests.yml:44:9
   |
44 |         uses: cypress-io/github-action@v4
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/cypress-tests.yml:93:9
   |
93 |         uses: cypress-io/github-action@v4
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
   --> ./og/.github/workflows/cypress-tests.yml:146:9
    |
146 |         uses: cypress-io/github-action@v2
    |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
    |
    = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
   --> ./og/.github/workflows/cypress-tests.yml:200:9
    |
200 |         uses: cypress-io/github-action@v2
    |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
    |
    = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/lint-general.yml:16:9
   |
16 |         uses: fernandrone/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/lint-general.yml:18:9
   |
18 |         uses: ocular-d/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/lint-go.yml:19:9
   |
19 |         uses: korniltsev/revive-action@v6
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/lint-markdown.yml:13:9
   |
13 |       - uses: gaurav-nelson/github-action-markdown-link-check@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/max-size-check.yml:14:9
   |
14 |         uses: actionsdesk/[email protected]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/publish-lib-to-npm.yml:15:9
   |
15 |       - uses: svrooij/secret-gate-action@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/size-limit.yml:18:9
   |
18 |       - uses: andresz1/size-limit-action@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/tests-go.yml:34:9
   |
34 |         uses: codecov/codecov-action@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/tests-js-snapshot.yml:32:9
   |
32 |         uses: codecov/codecov-action@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/tests-js.yml:34:9
   |
34 |         uses: SimenB/github-actions-cpu-cores@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/tests-js.yml:39:9
   |
39 |         uses: codecov/codecov-action@v1
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

error[unpinned-uses]: unpinned action reference
  --> ./og/.github/workflows/update-contributors.yml:25:9
   |
25 |       - uses: stefanzweifel/git-auto-commit-action@v4
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ action is not pinned to a hash (required by blanket policy)
   |
   = note: audit confidence → High

103 findings (53 ignored, 24 suppressed): 0 unknown, 0 informational, 0 low, 0 medium, 26 high

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@simonswine