For safety, the PNG check doesn't run if there's no optipng installed (I
didn't want to break everyone's pre-commit hook with the introdcution of
that check). To make it run on CI, just install optipng which is
available in the standard Ubuntu package repo.
This commit upgrades Github Actions workers to ubuntu-22.04
As part of that change, we (currently) no longer need the backports
nor toolchain-r/test PPAs, because ubuntu-22.04 include
recent-enough version of QEMU and gcc
This shouldn't cause any breaking changes, so a toolchain rebuild is not
required.
As per Hendiadyoin's request, math errno is disabled by default, which
should enable some extra compiler optimizations in LibGL and LibSoftGPU
code that uses math functions heavily.
Co-Authored-By: Ali Mohammad Pur <mpfard@serenityos.org>
The LLVM patch has been broken up into smaller commits and moved to a
separate directory. CI should look at this new location to determine if
the toolchain needs to be rebuilt.
This rule seems to be confused about basic syntax of C++.
It flags with false positives such as:
```
The object was created but it is not being used. If you wish
to call constructor, 'this->set_y::set_y(....)' should be used.
```
Lets suppress it until it can be fixed.
This rule appears to be fundamentally broken for our code base, it
flags `void` functions all over the place, as well as constructors.
Lets suppress it for now.
Now that clang-format-14 ubuntu packages are available, it's time to
finally upgrade our clang-format version. This version brings with it
a bunch of useful features with const-placement being the most notable.
These will be enabled in the following commits.
This rule attempts to flag invisible Unicode characters which would
potentially be used by an attacker to hide code that humans can't see.
https://pvs-studio.com/en/docs/warnings/v1076/
AKA the "Trojan Source" attack: https://arxiv.org/abs/2111.00169
Unfortunately our `LibUnicode` source code contains these hidden
characters as they are part of the Unicode character set that the
library exposes. So we have, and will always have 100s of false
positives.
To include Serenity's LibJS on test262.report, we will need to integrate
with esvu. Create a .tar.gz with js(1) binary and the Lagom libraries it
it needs to run, and upload that package as a build artifact.
Since the build now happens in Build/$SERENITY_ARCH/ and not in Build/,
this updates check-symbols.sh to use the correct directory to check the
LibC symbols in. For some reason, the constant failures did not show
up as errors in CI.
In the last few commits, a second patch was added to the LLVM toolchain,
and it no longer uses our binutils patch. This commit changes the CI
cache keys accordingly, in order to prevent unnecessary rebuilds of both
toolchains when only one is changed.
The Clang toolchain's cache now only takes into account patches that
begin with `llvm`, and the GNU toolchain excludes those from the hash
calculation. We now also hash the two CMake cache files that we use for
building LLVM and its runtime libraries.
We often see PR's opened and then immediately closed because folks think
they did something bad, or don't know how to fix the situation. So lets
try to give them a few pointers.
We didn't initially upgrade because it started to (incorrectly) see
files as strict mode and chokes on things that then would be syntax
errors - but we're starting to fall behind a bit, so I'd rather put
these files on the ignore list instead.
Previously if a commit message contained any carriage returns it would
correctly fail the 'contains CRLF line breaks' test, but it would also
report 'Commit message lines are too long' and 'Commit title ends in a
period', even if neither is true.
This rule appears to produce a lot of noise, most of them look like
false positives (400+). Lets suppress for now to try to move the signal
to noise ratio higher for PVS-Studio.
Reference: https://pvs-studio.com/en/docs/warnings/v1047/
tim-actions/commit-message-checker-with-regex@v0.3.1 only uses the
keys 'sha' and 'commit.message'. Passing more information than that
is unnecessary and can lead to CI failures like this one:
https://github.com/SerenityOS/serenity/runs/4029269017?check_suite_focus=true#step:4:7
Instead of trying to pass data between workflow steps, we can instead
just do it all at once (plus this gives us more control over
formatting, which has also been improved).
'bootmode' now only controls which set of services are started by
SystemServer, so it is more appropriate to rename it to system_mode, and
no longer validate it in the Kernel.
Bootmode used to control framebuffers, panic behavior, and SystemServer.
This patch factors framebuffer control into a separate flag.
Note that the combination 'bootmode=self-test fbdev=on' leads to
unexpected behavior, which can only be fixed in a later commit.
Much like the sonar cloud workflow, this workflow runs pvs-studio
static analysis, and uploads the SARIF results to github. This
is the most "convenient" way to publish results, but unfortunately
users need write access to the repository to reach static analysis
results rendered in github.
As a work around folks can just look at the logs where issues are
printed during analysis, this works reasonably well.
In the future it might make sense to also render the results as HTML
and publish them using github page, much like we do with man pages.
I believe the pvs-studio plog-converter tool supports that as well.
https://pvs-studio.com/en/docs/manual/0036/