Skip to content

Commit f9cc048

Browse files
authored
Fix SonarCloud violations (#136)
1 parent 31f4f29 commit f9cc048

File tree

9 files changed

+153
-125
lines changed

9 files changed

+153
-125
lines changed

.github/workflows/draft_release.yml

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,16 @@ jobs:
1313
new-release:
1414
name: "Draft a new release"
1515
runs-on: ubuntu-latest
16+
env:
17+
RELEASE_TAG: ${{ github.event.inputs.tag }}
1618
steps:
19+
- name: Validate release tag format
20+
run: |
21+
if ! echo "$RELEASE_TAG" | grep -qE '^v[0-9]+\.[0-9]+\.[0-9]+$'; then
22+
echo "Error: Tag must be in format vXX.YY.ZZ"
23+
exit 1
24+
fi
25+
1726
- uses: actions/checkout@v4
1827

1928
- name: Setup Python
@@ -26,7 +35,7 @@ jobs:
2635
- name: Update CHANGELOG
2736
run: |
2837
python3 -m pip install mdformat-gfm 'git+https://github.com/Takishima/keepachangelog@v1.0.1'
29-
python3 -m keepachangelog release "${{ github.event.inputs.tag }}"
38+
python3 -m keepachangelog release "$RELEASE_TAG"
3039
python3 -m mdformat CHANGELOG.md
3140
3241
- name: Commit changes

.github/workflows/format.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -28,16 +28,18 @@ jobs:
2828
curl -LsSf "${source_url}/${parse_changelog_tag}/parse-changelog-${target}.tar.gz" | tar xzf -
2929
- name: Extract version from branch name (for release branches)
3030
if: github.event_name == 'pull_request' && startsWith(github.event.pull_request.head.ref, 'release/')
31+
env:
32+
BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
3133
run: |
32-
BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
3334
VERSION=${BRANCH_NAME#release/v}
3435
echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV
3536
git tag v${RELEASE_VERSION}
3637
3738
- name: Extract version from branch name (for hotfix branches)
3839
if: github.event_name == 'pull_request' && startsWith(github.event.pull_request.head.ref, 'hotfix/')
40+
env:
41+
BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
3942
run: |
40-
BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
4143
VERSION=${BRANCH_NAME#hotfix/v}
4244
echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV
4345
git tag v${RELEASE_VERSION}

.github/workflows/publish_release.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,16 +39,18 @@ jobs:
3939
4040
- name: Extract version from branch name (for release branches)
4141
if: github.event_name == 'pull_request' && startsWith(github.event.pull_request.head.ref, 'release/')
42+
env:
43+
BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
4244
run: |
43-
BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
4445
VERSION=${BRANCH_NAME#release/}
4546
VERSION=${VERSION#v}
4647
echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV
4748
4849
- name: Extract version from branch name (for hotfix branches)
4950
if: github.event_name == 'pull_request' && startsWith(github.event.pull_request.head.ref, 'hotfix/')
51+
env:
52+
BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
5053
run: |
51-
BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
5254
VERSION=${BRANCH_NAME#hotfix/}
5355
VERSION=${VERSION#v}
5456
echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV

.github/workflows/pull_request.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,10 @@ jobs:
3131
python3 -m pip install 'git+https://github.com/Takishima/pre-commit-changelog-auto-update@v1.0.0'
3232
3333
- name: Run Python script
34+
env:
35+
PR_BODY: ${{ github.event.pull_request.body }}
3436
run: |
35-
python3 -m update_changelog --pr-body "${{ github.event.pull_request.body }}"
37+
python3 -m update_changelog --pr-body "$PR_BODY"
3638
3739
- name: Commit changes
3840
id: commit

CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
1919

2020
### Repository
2121

22+
- Fix SonarCloud violations:
23+
- Fix return type annotation for `_load_from_toml` method in `_argparse.py`
24+
- Reduce cognitive complexity in `_cmake.py` by extracting helper methods
25+
- Reduce cognitive complexity in `_cmake_test.py` by extracting test helpers
26+
- Fix variable naming conventions in test files
27+
- Fix GitHub Actions security issues by using environment variables for user-controlled data
28+
- Add input validation for workflow_dispatch parameters
29+
- Fix shell script issues in `run_tests.sh` (use `[[` instead of `[`, add return statements)
2230
- Fixed Windows CI by using pip to install cppcheck (Chocolatey package is broken)
2331
- Modernize ruff configuration to follow latest guidelines
2432
- Remove deprecated settings (`target-version`, `ANN101`, `ASYNC1`, etc.)

cmake_pc_hooks/_argparse.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -293,7 +293,7 @@ def _load_from_toml( # noqa: PLR0913
293293
path_must_exist: bool = True,
294294
section_must_exist: bool = True,
295295
overridable_keys: set | None = None,
296-
) -> None:
296+
) -> argparse.Namespace:
297297
"""
298298
Load a TOML file and set the attributes within the argparse namespace object.
299299

cmake_pc_hooks/_cmake.py

Lines changed: 49 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -298,40 +298,8 @@ def resolve_build_directory(self, build_dir_list=None, *, automatic_discovery=Tr
298298
self.build_dir,
299299
)
300300

301-
def setup_cmake_args(self, cmake_args): # noqa: C901
302-
"""
303-
Setup CMake arguments.
304-
305-
Args:
306-
cmake_args: Dictionary-like data structure with following keys:
307-
- 'defines': list[str]
308-
- 'undefined': list[str]
309-
- 'errors': list[str]
310-
- 'no_errors': list[str]
311-
- 'generator': str
312-
- 'toolset': str
313-
- 'platform': str
314-
- 'preset': str
315-
- 'cmake': str
316-
- 'dev_warnings': bool
317-
- 'no_dev_warnings': bool
318-
- 'linux': list[str]
319-
- 'mac': list[str]
320-
- 'win': list[str]
321-
"""
322-
self.source_dir = Path(cmake_args.source_dir).resolve()
323-
if cmake_args.cmake:
324-
self.command = [Path(cmake_args.cmake).resolve()]
325-
self.no_cmake_configure = cmake_args.no_cmake_configure
326-
327-
self.resolve_build_directory(
328-
build_dir_list=cmake_args.build_dir,
329-
automatic_discovery=cmake_args.automatic_discovery,
330-
)
331-
332-
if cmake_args.detect_configured_files and self.build_dir:
333-
self.cmake_trace_log = self.build_dir / self.DEFAULT_TRACE_LOG
334-
301+
def _process_keyword_cmake_args(self, cmake_args):
302+
"""Process keyword-style CMake arguments."""
335303
keyword_args = {
336304
'defines': ([], '-D{}'),
337305
'undefines': ([], '-U{}'),
@@ -352,6 +320,8 @@ def setup_cmake_args(self, cmake_args): # noqa: C901
352320
for element in value:
353321
self.cmake_args.append(format_str.format(element))
354322

323+
def _process_flag_cmake_args(self, cmake_args):
324+
"""Process flag-style CMake arguments."""
355325
flag_args = {
356326
'dev_warnings': (False, '-Wdev'),
357327
'no_dev_warnings': (False, '-Wno_dev'),
@@ -360,18 +330,58 @@ def setup_cmake_args(self, cmake_args): # noqa: C901
360330
if getattr(cmake_args, key, default):
361331
self.cmake_args.append(flag_str)
362332

363-
platform_args = {
333+
def _process_platform_cmake_args(self, cmake_args):
334+
"""Process platform-specific CMake arguments."""
335+
platform_args_config = {
364336
'linux': ([], 'Linux'),
365337
'mac': ([], 'Darwin'),
366338
'win': ([], 'Windows'),
367339
}
368340

369-
for key, (default, platform_name) in platform_args.items():
370-
platform_args = getattr(cmake_args, key, default)
371-
if platform.system() == platform_name and platform_args:
372-
for arg in platform_args:
341+
for key, (default, platform_name) in platform_args_config.items():
342+
platform_arg_values = getattr(cmake_args, key, default)
343+
if platform.system() == platform_name and platform_arg_values:
344+
for arg in platform_arg_values:
373345
self.cmake_args.append(arg.strip('"\''))
374346

347+
def setup_cmake_args(self, cmake_args):
348+
"""
349+
Setup CMake arguments.
350+
351+
Args:
352+
cmake_args: Dictionary-like data structure with following keys:
353+
- 'defines': list[str]
354+
- 'undefined': list[str]
355+
- 'errors': list[str]
356+
- 'no_errors': list[str]
357+
- 'generator': str
358+
- 'toolset': str
359+
- 'platform': str
360+
- 'preset': str
361+
- 'cmake': str
362+
- 'dev_warnings': bool
363+
- 'no_dev_warnings': bool
364+
- 'linux': list[str]
365+
- 'mac': list[str]
366+
- 'win': list[str]
367+
"""
368+
self.source_dir = Path(cmake_args.source_dir).resolve()
369+
if cmake_args.cmake:
370+
self.command = [Path(cmake_args.cmake).resolve()]
371+
self.no_cmake_configure = cmake_args.no_cmake_configure
372+
373+
self.resolve_build_directory(
374+
build_dir_list=cmake_args.build_dir,
375+
automatic_discovery=cmake_args.automatic_discovery,
376+
)
377+
378+
if cmake_args.detect_configured_files and self.build_dir:
379+
self.cmake_trace_log = self.build_dir / self.DEFAULT_TRACE_LOG
380+
381+
self._process_keyword_cmake_args(cmake_args)
382+
self._process_flag_cmake_args(cmake_args)
383+
self._process_platform_cmake_args(cmake_args)
384+
375385
def configure(self, command, *, clean_build=False):
376386
"""
377387
Run a CMake configure step (multi-process safe).

0 commit comments

Comments
 (0)