-
Notifications
You must be signed in to change notification settings - Fork 13
144 lines (119 loc) · 5.46 KB
/
static-analysis.yml
File metadata and controls
144 lines (119 loc) · 5.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# .github/workflows/static-analysis.yml
#
# This workflow was generated by Gemini 2.5 Pro.
#
# GitHub Actions workflow for running static analysis checks on the WordPress plugin.
# This workflow is generated based on the package.json, composer.json, and
# lint-staged.config.js files provided.
name: Static Analysis
# Run this workflow on all pushes and pull requests.
on:
push:
branches:
- main
- develop
- '*.*'
pull_request:
types:
- opened
- reopened
- synchronize
# Cancel previous workflow run groups that have not completed.
concurrency:
# Group workflow runs by workflow name, along with the head branch ref of the pull request
# or otherwise the branch or tag ref.
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
lint:
name: Static Analysis Checks
runs-on: ubuntu-latest
# Stop the job early if a previous step fails.
timeout-minutes: 5
steps:
# 1. Check out the repository code.
- name: Checkout repository
uses: actions/checkout@v6
# 2. Read PHP version from composer.json.
# This avoids duplicating the version number in the workflow file.
- name: Read PHP version
id: php-version
run: echo "version=$(jq -r .config.platform.php composer.json)" >> $GITHUB_OUTPUT
# 3. Set up PHP environment.
# The version is sourced from your composer.json to avoid duplication.
# Caching composer dependencies for faster subsequent runs.
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ steps.php-version.outputs.version }}
extensions: mbstring, dom, fileinfo, xml, curl # Common extensions for WP development
coverage: none # No code coverage needed for linting
tools: composer:v2, cs2pr
# 4. Cache Composer dependencies.
# This step speeds up the build by caching the vendor directory.
- name: Cache Composer dependencies
uses: actions/cache@v5
with:
path: vendor
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-composer-
# 5. Install Composer dependencies.
- name: Install Composer dependencies
run: composer install --prefer-dist --no-progress
# 6. Set up Node.js environment.
# This allows us to run npm scripts.
- name: Setup Node.js
uses: actions/setup-node@v6.3.0
with:
node-version-file: '.nvmrc'
cache: 'npm' # Automatically caches npm dependencies
# 7. Install npm dependencies.
# 'npm ci' is used for CI environments as it's generally faster and safer
# than 'npm install' because it uses the package-lock.json.
- name: Install npm dependencies
run: npm ci
# 8. Validate composer.json.
# This is a quick check to ensure the composer.json file is valid.
- name: Validate composer.json
run: composer validate --strict --no-check-all
# --- Run Linters ---
# Each linter runs in a separate step for clearer error reporting.
- name: Validate package.json
run: npm run lint:pkg-json
- name: Run PHPStan static analysis
run: composer phpstan
- name: Run PHP_CodeSniffer for coding standards
run: composer phpcs -- -q --report=checkstyle --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 | cs2pr --graceful-warnings
# TODO: Re-enable this.
#- name: Run TypeScript compiler check
# run: npx tsc
- name: Detect ESLint coding standard violations
if: >
github.event.pull_request.head.repo.fork == true ||
github.event.pull_request.user.login == 'dependabot[bot]'
run: npm run lint:js
- name: Generate ESLint coding standard violations report
if: >
! ( github.event.pull_request.head.repo.fork == true ||
github.event.pull_request.user.login == 'dependabot[bot]' )
run: npm run lint:js:report
continue-on-error: true
- name: Annotate code linting results
if: >
! ( github.event.pull_request.head.repo.fork == true ||
github.event.pull_request.user.login == 'dependabot[bot]' )
uses: ataylorme/eslint-annotate-action@3.0.0
with:
repo-token: '${{ secrets.GITHUB_TOKEN }}'
report-json: 'lint-js-report.json'
- name: Run CSS linter
run: npm run lint:css
- name: Check Composer configuration format
run: composer normalize --dry-run
- name: Check Markdown format
run: npm run lint:md
- name: Verify version consistency
run: npm run verify-version-consistency
- name: Check README.md format
run: npm run transform-readme