diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index f80092b7..0636112f 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -1,12 +1,19 @@ --- name: CI +permissions: + contents: read on: pull_request: - branches: [master] - types: [opened, synchronize, reopened] + branches: + - master + types: + - opened + - synchronize + - reopened push: - branches: [master] + branches: + - master workflow_dispatch: concurrency: @@ -17,7 +24,6 @@ jobs: github_env: name: GitHub Env Debug runs-on: ubuntu-latest - steps: - name: Dump github context run: echo "$GITHUB_CONTEXT" @@ -46,12 +52,12 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} build_linux_flatpak: + name: Linux Flatpak env: APP_ID: dev.lizardbyte.app.Sunshine NODE_VERSION: "20" PLATFORM_VERSION: "23.08" - name: Linux Flatpak - needs: [setup_release] + needs: setup_release runs-on: ${{ matrix.runner }} strategy: fail-fast: false # false to test all, true to fail entire job if any fail @@ -61,7 +67,6 @@ jobs: runner: ubuntu-22.04 - arch: aarch64 runner: ubuntu-22.04-arm - steps: - name: Maximize build space uses: easimon/maximize-build-space@v10 @@ -85,12 +90,10 @@ jobs: node-version: ${{ env.NODE_VERSION }} - name: Install npm dependencies - run: | - npm install --package-lock-only + run: npm install --package-lock-only - name: Debug package-lock.json - run: | - cat package-lock.json + run: cat package-lock.json - name: Setup python id: python @@ -121,12 +124,10 @@ jobs: - name: flatpak node generator # https://github.com/flatpak/flatpak-builder-tools/blob/master/node/README.md - run: | - flatpak-node-generator npm package-lock.json + run: flatpak-node-generator npm package-lock.json - name: Debug generated-sources.json - run: | - cat generated-sources.json + run: cat generated-sources.json - name: Cache Flatpak build uses: actions/cache@v4 @@ -171,8 +172,7 @@ jobs: - name: Debug Manifest working-directory: build - run: | - cat ${APP_ID}.yml + run: cat ${APP_ID}.yml - name: Build Linux Flatpak working-directory: build @@ -225,7 +225,7 @@ jobs: - name: Package Flathub repo archive # copy files required to generate the Flathub repo - if: ${{ matrix.arch == 'x86_64' }} + if: matrix.arch == 'x86_64' run: | mkdir -p flathub/modules cp ./build/generated-sources.json ./flathub/ @@ -245,9 +245,10 @@ jobs: with: name: sunshine-linux-flatpak-${{ matrix.arch }} path: artifacts/ + if-no-files-found: error - name: Create/Update GitHub Release - if: ${{ needs.setup_release.outputs.publish_release == 'true' }} + if: needs.setup_release.outputs.publish_release == 'true' uses: LizardByte/create-release-action@v2025.102.13208 with: allowUpdates: true @@ -261,7 +262,7 @@ jobs: build_linux: name: Linux ${{ matrix.type }} runs-on: ubuntu-${{ matrix.dist }} - needs: [setup_release] + needs: setup_release strategy: fail-fast: false # false to test all, true to fail entire job if any fail matrix: @@ -269,7 +270,6 @@ jobs: - type: AppImage EXTRA_ARGS: '--appimage-build' dist: 22.04 - steps: - name: Maximize build space uses: easimon/maximize-build-space@v10 @@ -344,14 +344,13 @@ jobs: --ubuntu-test-repo ${{ matrix.EXTRA_ARGS }} - name: Set AppImage Version - if: | - matrix.type == 'AppImage' + if: matrix.type == 'AppImage' run: | version=${{ needs.setup_release.outputs.release_tag }} echo "VERSION=${version}" >> $GITHUB_ENV - name: Package Linux - AppImage - if: ${{ matrix.type == 'AppImage' }} + if: matrix.type == 'AppImage' working-directory: build run: | # install sunshine to the DESTDIR @@ -396,7 +395,7 @@ jobs: rm -rf ./build/cuda - name: Verify AppImage - if: ${{ matrix.type == 'AppImage' }} + if: matrix.type == 'AppImage' run: | wget https://github.com/TheAssassin/appimagelint/releases/download/continuous/appimagelint-x86_64.AppImage chmod +x appimagelint-x86_64.AppImage @@ -408,6 +407,7 @@ jobs: with: name: sunshine-linux-${{ matrix.type }}-${{ matrix.dist }} path: artifacts/ + if-no-files-found: error - name: Install test deps run: | @@ -431,9 +431,9 @@ jobs: ./test_sunshine --gtest_color=yes - name: Generate gcov report + id: test_report # any except canceled or skipped if: always() && (steps.test.outcome == 'success' || steps.test.outcome == 'failure') - id: test_report working-directory: build run: | ${{ steps.python.outputs.python-path }} -m pip install gcovr @@ -461,7 +461,7 @@ jobs: verbose: true - name: Create/Update GitHub Release - if: ${{ needs.setup_release.outputs.publish_release == 'true' }} + if: needs.setup_release.outputs.publish_release == 'true' uses: LizardByte/create-release-action@v2025.102.13208 with: allowUpdates: true @@ -473,7 +473,8 @@ jobs: token: ${{ secrets.GH_BOT_TOKEN }} build_homebrew: - needs: [setup_release] + name: Homebrew (${{ matrix.os_name }}-${{ matrix.os_version }}${{ matrix.release == true && ' (Release)' || '' }}) + needs: setup_release strategy: fail-fast: false # false to test all, true to fail entire job if any fail matrix: @@ -489,9 +490,7 @@ jobs: - os_version: "latest" # this job will only configure the formula for release, no validation os_name: "ubuntu" release: true - name: Homebrew (${{ matrix.os_name }}-${{ matrix.os_version }}${{ matrix.release == true && ' (Release)' || '' }}) runs-on: ${{ matrix.os_name }}-${{ matrix.os_version }} - steps: - name: Checkout uses: actions/checkout@v4 @@ -579,16 +578,15 @@ jobs: cat ./homebrew/sunshine.rb - name: Upload Artifacts - if: ${{ matrix.release }} + if: matrix.release uses: actions/upload-artifact@v4 with: name: sunshine-homebrew path: homebrew/ + if-no-files-found: error - name: Setup Xvfb - if: | - matrix.release != true && - runner.os == 'Linux' + if: matrix.release != true && runner.os == 'Linux' run: | sudo apt-get update -y sudo apt-get install -y \ @@ -601,8 +599,7 @@ jobs: - name: Validate Homebrew Formula id: test - if: | - matrix.release != true + if: matrix.release != true uses: LizardByte/homebrew-release-action@v2024.1115.14934 with: formula_file: ${{ github.workspace }}/homebrew/sunshine.rb @@ -613,6 +610,7 @@ jobs: validate: true - name: Generate gcov report + id: test_report # any except canceled or skipped # TODO: fix coverage, no .gcno files are being created # TODO: .gcno files are supposed to be created next to .o files @@ -621,7 +619,6 @@ jobs: # always() && # matrix.release != true && # (steps.test.outcome == 'success' || steps.test.outcome == 'failure') - id: test_report run: | # if linux if [ "${{ runner.os }}" == "Linux" ]; then @@ -680,8 +677,7 @@ jobs: - name: Patch homebrew formula # create beta version of the formula # don't run this on macOS, as the sed command fails - if: >- - matrix.release + if: matrix.release run: | # variables formula_file="homebrew/sunshine-beta.rb" @@ -713,9 +709,8 @@ jobs: build_win: name: Windows + needs: setup_release runs-on: windows-2019 - needs: [setup_release] - steps: - name: Checkout uses: actions/checkout@v4 @@ -931,9 +926,9 @@ jobs: ./test_sunshine.exe --gtest_color=yes - name: Generate gcov report + id: test_report # any except canceled or skipped if: always() && (steps.test.outcome == 'success' || steps.test.outcome == 'failure') - id: test_report shell: msys2 {0} working-directory: build run: | @@ -979,9 +974,10 @@ jobs: with: name: sunshine-windows path: artifacts/ + if-no-files-found: error - name: Create/Update GitHub Release - if: ${{ needs.setup_release.outputs.publish_release == 'true' }} + if: needs.setup_release.outputs.publish_release == 'true' uses: LizardByte/create-release-action@v2025.102.13208 with: allowUpdates: true diff --git a/.github/workflows/ci-copr.yml b/.github/workflows/ci-copr.yml index 7820d756..d30e4d41 100644 --- a/.github/workflows/ci-copr.yml +++ b/.github/workflows/ci-copr.yml @@ -1,5 +1,7 @@ --- name: CI Copr +permissions: + contents: read on: pull_request: diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml index e66a3377..a058d646 100644 --- a/.github/workflows/ci-docker.yml +++ b/.github/workflows/ci-docker.yml @@ -1,5 +1,5 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. @@ -19,13 +19,20 @@ # GitHub runner. name: CI Docker +permissions: + contents: read on: pull_request: - branches: [master] - types: [opened, synchronize, reopened] + branches: + - master + types: + - opened + - synchronize + - reopened push: - branches: [master] + branches: + - master workflow_dispatch: concurrency: @@ -97,10 +104,9 @@ jobs: solution: ${{ steps.find_dotnet.outputs.solution }} setup_release: - if: ${{ needs.check_dockerfiles.outputs.dockerfiles }} name: Setup Release - needs: - - check_dockerfiles + if: needs.check_dockerfiles.outputs.dockerfiles + needs: check_dockerfiles outputs: publish_release: ${{ steps.setup_release.outputs.publish_release }} release_body: ${{ steps.setup_release.outputs.release_body }} @@ -121,17 +127,18 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} docker: - needs: [check_dockerfiles, setup_release] - if: ${{ needs.check_dockerfiles.outputs.dockerfiles }} - runs-on: ubuntu-22.04 + name: Docker${{ matrix.tag }} + if: needs.check_dockerfiles.outputs.dockerfiles + needs: + - check_dockerfiles + - setup_release permissions: packages: write contents: write + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: ${{ fromJson(needs.check_dockerfiles.outputs.matrix) }} - name: Docker${{ matrix.tag }} - steps: - name: Maximize build space uses: easimon/maximize-build-space@v10 @@ -256,14 +263,14 @@ jobs: Docker-buildx${{ matrix.tag }}- - name: Log in to Docker Hub - if: ${{ needs.setup_release.outputs.publish_release == 'true' }} # PRs do not have access to secrets + if: needs.setup_release.outputs.publish_release == 'true' # PRs do not have access to secrets uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Log in to the Container registry - if: ${{ needs.setup_release.outputs.publish_release == 'true' }} # PRs do not have access to secrets + if: needs.setup_release.outputs.publish_release == 'true' # PRs do not have access to secrets uses: docker/login-action@v3 with: registry: ghcr.io @@ -271,7 +278,7 @@ jobs: password: ${{ secrets.GH_BOT_TOKEN }} - name: Build artifacts - if: ${{ steps.prepare.outputs.artifacts == 'true' }} + if: steps.prepare.outputs.artifacts == 'true' id: build_artifacts uses: docker/build-push-action@v6 with: @@ -314,7 +321,7 @@ jobs: no-cache-filters: ${{ steps.prepare.outputs.no_cache_filters }} - name: Arrange Artifacts - if: ${{ steps.prepare.outputs.artifacts == 'true' }} + if: steps.prepare.outputs.artifacts == 'true' working-directory: artifacts run: | # debug directory @@ -336,14 +343,17 @@ jobs: rm -f ./provenance.json - name: Upload Artifacts - if: ${{ steps.prepare.outputs.artifacts == 'true' }} + if: steps.prepare.outputs.artifacts == 'true' uses: actions/upload-artifact@v4 with: name: Docker${{ matrix.tag }} path: artifacts/ + if-no-files-found: error - name: Create/Update GitHub Release - if: ${{ needs.setup_release.outputs.publish_release == 'true' && steps.prepare.outputs.artifacts == 'true' }} + if: > + needs.setup_release.outputs.publish_release == 'true' && + steps.prepare.outputs.artifacts == 'true' uses: LizardByte/create-release-action@v2025.102.13208 with: allowUpdates: true @@ -356,7 +366,9 @@ jobs: token: ${{ secrets.GH_BOT_TOKEN }} - name: Update Docker Hub Description - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }} + if: > + github.event_name == 'push' && + github.ref == 'refs/heads/master' uses: peter-evans/dockerhub-description@v4 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4fd5fa25..c9949dd3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,17 +1,21 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. # This workflow will analyze all supported languages in the repository using CodeQL Analysis. name: "CodeQL" +permissions: + contents: read on: push: - branches: ["master"] + branches: + - master pull_request: - branches: ["master"] + branches: + - master schedule: - cron: '00 12 * * 0' # every Sunday at 12:00 UTC @@ -22,14 +26,17 @@ concurrency: jobs: languages: name: Get language matrix - runs-on: ubuntu-latest outputs: matrix: ${{ steps.lang.outputs.result }} continue: ${{ steps.continue.outputs.result }} + runs-on: ubuntu-latest steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Get repo languages - uses: actions/github-script@v7 id: lang + uses: actions/github-script@v7 with: script: | // CodeQL supports ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'] @@ -54,6 +61,22 @@ jobs: // Track languages we've already added to avoid duplicates const addedLanguages = new Set() + // Check if workflow files exist to determine if we should add actions language + const fs = require('fs'); + const hasYmlFiles = fs.existsSync('.github/workflows') && + fs.readdirSync('.github/workflows').some(file => file.endsWith('.yml') || file.endsWith('.yaml')); + + // Add actions language if workflow files exist + if (hasYmlFiles) { + console.log('Found GitHub Actions workflow files. Adding actions to the matrix.'); + matrix['include'].push({ + "category": "/language:actions", + "language": "actions", + "name": "actions", + "os": "ubuntu-latest" + }); + } + for (let [key, value] of Object.entries(response.data)) { // remap language if (remap_languages[key.toLowerCase()]) { @@ -78,11 +101,18 @@ jobs: // set name for matrix let name = osList.length === 1 ? normalizedKey : `${normalizedKey}, ${os}` + // set category for matrix + let category = `/language:${normalizedKey}` + if (normalizedKey === 'cpp') { + category = `/language:cpp-${os.split('-')[0]}` + } + // add to matrix matrix['include'].push({ + "category": category, "language": normalizedKey, - "os": os, - "name": name + "name": name, + "os": os }) } } @@ -94,8 +124,8 @@ jobs: return matrix - name: Continue - uses: actions/github-script@v7 id: continue + uses: actions/github-script@v7 with: script: | // if matrix['include'] is an empty list return false, otherwise true @@ -109,24 +139,22 @@ jobs: analyze: name: Analyze (${{ matrix.name }}) - if: ${{ needs.languages.outputs.continue == 'true' }} + if: needs.languages.outputs.continue == 'true' defaults: run: shell: ${{ matrix.os == 'windows-latest' && 'msys2 {0}' || 'bash' }} env: GITHUB_CODEQL_BUILD: true - needs: [languages] - runs-on: ${{ matrix.os || 'ubuntu-latest' }} - timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} + needs: languages permissions: actions: read contents: read security-events: write - + runs-on: ${{ matrix.os || 'ubuntu-latest' }} strategy: fail-fast: false matrix: ${{ fromJson(needs.languages.outputs.matrix) }} - + timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} steps: - name: Maximize build space if: >- @@ -174,8 +202,7 @@ jobs: - third-party # Pre autobuild - # create a file named .codeql-prebuild-${{ matrix.language }}.sh in the root of your repository - # create a file named .codeql-build-${{ matrix.language }}.sh in the root of your repository + # create a file named .codeql-prebuild-${{ matrix.language }}-${{ runner.os }}.sh in the root of your repository - name: Prebuild id: prebuild run: | @@ -194,7 +221,7 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: - category: "/language:${{matrix.language}}" + category: "${{ matrix.category }}" output: sarif-results upload: failure-only @@ -211,6 +238,7 @@ jobs: - name: Upload SARIF uses: github/codeql-action/upload-sarif@v3 with: + category: "${{ matrix.category }}" sarif_file: sarif-results/${{ matrix.language }}.sarif - name: Upload loc as a Build Artifact @@ -218,4 +246,5 @@ jobs: with: name: sarif-results-${{ matrix.language }}-${{ runner.os }} path: sarif-results + if-no-files-found: error retention-days: 1 diff --git a/.github/workflows/common-lint.yml b/.github/workflows/common-lint.yml index 10692ad9..524be6ff 100644 --- a/.github/workflows/common-lint.yml +++ b/.github/workflows/common-lint.yml @@ -1,16 +1,22 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. # Common linting. name: common lint +permissions: + contents: read on: pull_request: - branches: [master] - types: [opened, synchronize, reopened] + branches: + - master + types: + - opened + - synchronize + - reopened concurrency: group: "${{ github.workflow }}-${{ github.ref }}" @@ -77,9 +83,10 @@ jobs: - name: C++ - Clang format lint if: always() && steps.cpp_files.outputs.found_files - uses: DoozyX/clang-format-lint-action@v0.18 + uses: DoozyX/clang-format-lint-action@v0.20 with: source: ${{ steps.cpp_files.outputs.found_files }} + clangFormatVersion: '20' extensions: 'c,cpp,h,hpp,m,mm' style: file inplace: false @@ -263,5 +270,4 @@ jobs: - name: YAML - log if: always() && steps.yamllint.outcome == 'failure' - run: | - cat "${{ steps.yamllint.outputs.logfile }}" >> $GITHUB_STEP_SUMMARY + run: cat "${{ steps.yamllint.outputs.logfile }}" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/issues.yml b/.github/workflows/issues.yml index aec6006c..5bd4e881 100644 --- a/.github/workflows/issues.yml +++ b/.github/workflows/issues.yml @@ -1,17 +1,22 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. # Label and un-label actions using `../label-actions.yml`. name: Issues +permissions: {} on: issues: - types: [labeled, unlabeled] + types: + - labeled + - unlabeled discussion: - types: [labeled, unlabeled] + types: + - labeled + - unlabeled jobs: label: diff --git a/.github/workflows/localize.yml b/.github/workflows/localize.yml index f31a3aa5..476f2f2c 100644 --- a/.github/workflows/localize.yml +++ b/.github/workflows/localize.yml @@ -1,10 +1,13 @@ --- name: localize +permissions: + contents: read on: push: - branches: [master] - paths: # prevents workflow from running unless these files change + branches: + - master + paths: - '.github/workflows/localize.yml' - 'src/**' - 'locale/sunshine.po' @@ -54,7 +57,7 @@ jobs: python ./scripts/_locale.py --extract - name: git diff - if: ${{ env.new_file == 'false' }} + if: env.new_file == 'false' run: | # disable the pager git config --global pager.diff false @@ -68,7 +71,9 @@ jobs: - name: git reset # only run if a single line changed (date/time) and file already existed - if: ${{ env.git_diff == '1 1 locale/sunshine.po' && env.new_file == 'false' }} + if: >- + env.git_diff == '1 1 locale/sunshine.po' && + env.new_file == 'false' run: | git reset --hard diff --git a/.github/workflows/release-notifier-moonlight.yml b/.github/workflows/release-notifier-moonlight.yml index 3cf18a37..1e1f6cf4 100644 --- a/.github/workflows/release-notifier-moonlight.yml +++ b/.github/workflows/release-notifier-moonlight.yml @@ -1,5 +1,6 @@ --- name: Release Notifications (Moonlight) +permissions: {} on: release: @@ -8,13 +9,23 @@ on: jobs: discord: - if: >- - startsWith(github.repository, 'LizardByte/') && - !github.event.release.prerelease && - !github.event.release.draft + if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: + - name: Check if latest GitHub release + id: check-release + uses: actions/github-script@v7 + with: + script: | + const latestRelease = await github.rest.repos.getLatestRelease({ + owner: context.repo.owner, + repo: context.repo.repo + }); + + core.setOutput('isLatestRelease', latestRelease.data.tag_name === context.payload.release.tag_name); + - name: discord + if: steps.check-release.outputs.isLatestRelease == 'true' uses: sarisia/actions-status-discord@v1 with: avatar_url: ${{ vars.ORG_LOGO_URL }}256 diff --git a/.github/workflows/release-notifier.yml b/.github/workflows/release-notifier.yml index 71ac344e..d724abf3 100644 --- a/.github/workflows/release-notifier.yml +++ b/.github/workflows/release-notifier.yml @@ -1,11 +1,13 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. # Create a blog post for a new release and open a PR to the blog repo name: Release Notifications +permissions: + contents: read on: release: @@ -14,8 +16,8 @@ on: jobs: update-blog: - if: >- - github.repository_owner == 'LizardByte' + name: Update blog + if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - name: Check topics @@ -41,8 +43,7 @@ jobs: - name: Check if latest GitHub release id: check-release - if: >- - steps.check-label.outputs.hasTopic == 'true' + if: steps.check-label.outputs.hasTopic == 'true' uses: actions/github-script@v7 with: script: | @@ -128,9 +129,7 @@ jobs: steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' run: | - gh \ - pr \ - merge \ + gh pr merge \ --auto \ --delete-branch \ --repo "LizardByte/LizardByte.github.io" \ diff --git a/.github/workflows/update-changelog.yml b/.github/workflows/update-changelog.yml index 3c095fcf..394a2432 100644 --- a/.github/workflows/update-changelog.yml +++ b/.github/workflows/update-changelog.yml @@ -1,15 +1,20 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. # Update changelog on release events. name: Update changelog +permissions: + contents: read on: release: - types: [created, edited, deleted] + types: + - created + - edited + - deleted workflow_dispatch: concurrency: @@ -18,6 +23,7 @@ concurrency: jobs: update-changelog: + name: Update Changelog if: >- github.event_name == 'workflow_dispatch' || (!github.event.release.prerelease && !github.event.release.draft) diff --git a/.github/workflows/update-docs.yml b/.github/workflows/update-docs.yml index ba84de86..04e1e903 100644 --- a/.github/workflows/update-docs.yml +++ b/.github/workflows/update-docs.yml @@ -1,19 +1,23 @@ --- -# This action is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com//.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. -# Use the `rtd` repository label to identify repositories that should trigger have this workflow. +# To use, add the `rtd` repository label to identify repositories that should trigger this workflow. # If the project slug is not the repository name, add a repository variable named `READTHEDOCS_SLUG` with the value of # the ReadTheDocs project slug. # Update readthedocs on release events. name: Update docs +permissions: {} on: release: - types: [created, edited, deleted] + types: + - created + - edited + - deleted concurrency: group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" @@ -73,8 +77,7 @@ jobs: - name: Update RTD project # changing the default branch in readthedocs makes "latest" point to that branch/tag # we can also update other properties like description, etc. - if: >- - steps.check.outputs.isLatestRelease == 'true' + if: steps.check.outputs.isLatestRelease == 'true' run: | json_body=$(jq -n \ --arg default_branch "${TAG}" \ diff --git a/.github/workflows/update-flathub-repo.yml b/.github/workflows/update-flathub-repo.yml index effbc07b..524a8a41 100644 --- a/.github/workflows/update-flathub-repo.yml +++ b/.github/workflows/update-flathub-repo.yml @@ -1,11 +1,15 @@ --- -# This action is a candidate to centrally manage in https://github.com//.github/ -# If more Flathub applications are developed, consider moving this action to the organization's .github repository, -# using the `flathub-pkg` repository label to identify repositories that should trigger this workflow. +# This workflow is centrally managed in https://github.com//.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `flathub-pkg` repository label to identify repositories that should trigger this workflow. # Update Flathub on release events. name: Update flathub repo +permissions: + contents: read on: release: @@ -20,14 +24,13 @@ jobs: update-flathub-repo: env: FLATHUB_PKG: dev.lizardbyte.app.${{ github.event.repository.name }} - if: >- - github.repository_owner == 'LizardByte' + if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - name: Check if flathub repo + id: check-label env: TOPIC: flathub-pkg - id: check-label uses: actions/github-script@v7 with: script: | @@ -47,8 +50,7 @@ jobs: - name: Check if latest GitHub release id: check-release - if: >- - steps.check-label.outputs.hasTopic == 'true' + if: steps.check-label.outputs.hasTopic == 'true' uses: actions/github-script@v7 with: script: | @@ -196,9 +198,7 @@ jobs: steps.check-release.outputs.isLatestRelease == 'true' && fromJson(steps.download.outputs.downloaded_files)[0] run: | - gh \ - pr \ - merge \ + gh pr merge \ --auto \ --delete-branch \ --repo "flathub/${{ env.FLATHUB_PKG }}" \ diff --git a/.github/workflows/update-homebrew-release.yml b/.github/workflows/update-homebrew-release.yml index 068e3d55..cc442e8d 100644 --- a/.github/workflows/update-homebrew-release.yml +++ b/.github/workflows/update-homebrew-release.yml @@ -1,15 +1,20 @@ --- -# This action is a candidate to centrally manage in https://github.com//.github/ -# If more Homebrew applications are developed, consider moving this action to the organization's .github repository, -# using the `homebrew-pkg` repository label to identify repositories that should trigger this workflow. +# This workflow is centrally managed in https://github.com//.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `homebrew-pkg` repository label to identify repositories that should trigger this workflow. # Update Homebrew on release events. name: Update Homebrew release +permissions: + contents: read on: release: - types: [released] + types: + - released concurrency: group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" @@ -17,14 +22,13 @@ concurrency: jobs: update-homebrew-release: - if: >- - github.repository_owner == 'LizardByte' + if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - name: Check if Homebrew repo + id: check-label env: TOPIC: homebrew-pkg - id: check-label uses: actions/github-script@v7 with: script: | @@ -44,8 +48,7 @@ jobs: - name: Download release asset id: download - if: >- - steps.check-label.outputs.hasTopic == 'true' + if: steps.check-label.outputs.hasTopic == 'true' uses: robinraju/release-downloader@v1.12 with: repository: "${{ github.repository }}" diff --git a/.github/workflows/update-pacman-repo.yml b/.github/workflows/update-pacman-repo.yml index 0307b285..a0fd8183 100644 --- a/.github/workflows/update-pacman-repo.yml +++ b/.github/workflows/update-pacman-repo.yml @@ -1,15 +1,20 @@ --- -# This action is a candidate to centrally manage in https://github.com//.github/ -# If more pacman packages are developed, consider moving this action to the organization's .github repository, -# using the `pacman-pkg` repository label to identify repositories that should trigger have this workflow. +# This workflow is centrally managed in https://github.com//.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `pacman-pkg` repository label to identify repositories that should trigger this workflow. # Update pacman repo on release events. name: Update pacman repo +permissions: + contents: read on: release: - types: [released] + types: + - released concurrency: group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" @@ -17,14 +22,13 @@ concurrency: jobs: update-homebrew-release: - if: >- - github.repository_owner == 'LizardByte' + if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - name: Check if pacman repo + id: check-label env: TOPIC: pacman-pkg - id: check-label uses: actions/github-script@v7 with: script: | @@ -123,9 +127,7 @@ jobs: steps.check-release.outputs.isLatestRelease == 'true' && fromJson(steps.download.outputs.downloaded_files)[0] run: | - gh \ - pr \ - merge \ + gh pr merge \ --auto \ --delete-branch \ --squash \ diff --git a/.github/workflows/update-pages.yml b/.github/workflows/update-pages.yml index 3c3219b3..06b1532f 100644 --- a/.github/workflows/update-pages.yml +++ b/.github/workflows/update-pages.yml @@ -1,5 +1,7 @@ --- name: Build GH-Pages +permissions: + contents: read on: pull_request: @@ -37,11 +39,11 @@ jobs: call-jekyll-build: needs: prep uses: LizardByte/LizardByte.github.io/.github/workflows/jekyll-build.yml@master - with: - site_artifact: 'prep' - target_branch: 'gh-pages' - clean_gh_pages: true secrets: GH_BOT_EMAIL: ${{ secrets.GH_BOT_EMAIL }} GH_BOT_NAME: ${{ secrets.GH_BOT_NAME }} GH_BOT_TOKEN: ${{ secrets.GH_BOT_TOKEN }} + with: + clean_gh_pages: true + site_artifact: 'prep' + target_branch: 'gh-pages' diff --git a/.github/workflows/update-winget-release.yml b/.github/workflows/update-winget-release.yml index 03b600a3..860f086f 100644 --- a/.github/workflows/update-winget-release.yml +++ b/.github/workflows/update-winget-release.yml @@ -1,15 +1,20 @@ --- -# This action is a candidate to centrally manage in https://github.com//.github/ -# If more Winget applications are developed, consider moving this action to the organization's .github repository, -# using the `winget-pkg` repository label to identify repositories that should trigger this workflow. +# This workflow is centrally managed in https://github.com//.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `winget-pkg` repository label to identify repositories that should trigger this workflow. # Update Winget on release events. name: Update Winget release +permissions: + contents: read on: release: - types: [released] + types: + - released concurrency: group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" @@ -17,14 +22,13 @@ concurrency: jobs: update-winget-release: - if: >- - github.repository_owner == 'LizardByte' + if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - name: Check if Winget repo + id: check-label env: TOPIC: winget-pkg - id: check-label uses: actions/github-script@v7 with: script: | @@ -44,8 +48,7 @@ jobs: - name: Download release asset id: download - if: >- - steps.check-label.outputs.hasTopic == 'true' + if: steps.check-label.outputs.hasTopic == 'true' uses: robinraju/release-downloader@v1.12 with: repository: "${{ github.repository }}" diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 7cfbae48..b2c50014 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -1,2 +1,2 @@ Babel==2.17.0 -clang-format +clang-format==20.* diff --git a/src/config.cpp b/src/config.cpp index 693f4f92..167b244a 100644 --- a/src/config.cpp +++ b/src/config.cpp @@ -414,12 +414,7 @@ namespace config { auto final_resolution = entry.template get_optional("final_resolution"s); auto final_refresh_rate = entry.template get_optional("final_refresh_rate"s); - output_field.push_back(video_t::dd_t::mode_remapping_entry_t { - requested_resolution.value_or(""), - requested_fps.value_or(""), - final_resolution.value_or(""), - final_refresh_rate.value_or("") - }); + output_field.push_back(video_t::dd_t::mode_remapping_entry_t {requested_resolution.value_or(""), requested_fps.value_or(""), final_resolution.value_or(""), final_refresh_rate.value_or("")}); } }}; diff --git a/src/network.cpp b/src/network.cpp index 338afca5..fedee2b8 100644 --- a/src/network.cpp +++ b/src/network.cpp @@ -186,7 +186,7 @@ namespace net { std::uint16_t map_port(int port) { // calculate the port from the config port - auto mapped_port = (std::uint16_t)((int) config::sunshine.port + port); + auto mapped_port = (std::uint16_t) ((int) config::sunshine.port + port); // Ensure port is in the range of 1024-65535 if (mapped_port < 1024 || mapped_port > 65535) { diff --git a/src/platform/linux/graphics.cpp b/src/platform/linux/graphics.cpp index 568067f3..245addb6 100644 --- a/src/platform/linux/graphics.cpp +++ b/src/platform/linux/graphics.cpp @@ -19,7 +19,7 @@ extern "C" { // There aren't that many DRM_FORMAT I need to use, so define them here // // They aren't likely to change any time soon. -#define fourcc_code(a, b, c, d) ((std::uint32_t)(a) | ((std::uint32_t)(b) << 8) | ((std::uint32_t)(c) << 16) | ((std::uint32_t)(d) << 24)) +#define fourcc_code(a, b, c, d) ((std::uint32_t) (a) | ((std::uint32_t) (b) << 8) | ((std::uint32_t) (c) << 16) | ((std::uint32_t) (d) << 24)) #define fourcc_mod_code(vendor, val) ((((uint64_t) vendor) << 56) | ((val) & 0x00ffffffffffffffULL)) #define DRM_FORMAT_MOD_INVALID fourcc_mod_code(0, ((1ULL << 56) - 1)) diff --git a/src/platform/windows/display_vram.cpp b/src/platform/windows/display_vram.cpp index bf85af4f..7a8b0705 100644 --- a/src/platform/windows/display_vram.cpp +++ b/src/platform/windows/display_vram.cpp @@ -219,7 +219,7 @@ namespace platf::dxgi { { util::buffer_t cursor_img = img_data; std::for_each((std::uint32_t *) std::begin(cursor_img), (std::uint32_t *) std::end(cursor_img), [](auto &pixel) { - auto alpha = (std::uint8_t)((pixel >> 24) & 0xFF); + auto alpha = (std::uint8_t) ((pixel >> 24) & 0xFF); if (alpha == 0xFF) { // Pixels with 0xFF alpha will be XOR-blended as is. } else if (alpha == 0x00) { @@ -286,7 +286,7 @@ namespace platf::dxgi { { util::buffer_t cursor_img = img_data; std::for_each((std::uint32_t *) std::begin(cursor_img), (std::uint32_t *) std::end(cursor_img), [](auto &pixel) { - auto alpha = (std::uint8_t)((pixel >> 24) & 0xFF); + auto alpha = (std::uint8_t) ((pixel >> 24) & 0xFF); if (alpha == 0xFF) { // Pixels with 0xFF alpha will be XOR-blended by make_cursor_xor_image(). // We make them transparent for the alpha-blended cursor image. diff --git a/src/platform/windows/input.cpp b/src/platform/windows/input.cpp index 53591bd7..50f8aab8 100644 --- a/src/platform/windows/input.cpp +++ b/src/platform/windows/input.cpp @@ -92,10 +92,10 @@ namespace platf { constexpr float EARTH_G = 9.80665f; -#define MPS2_TO_DS4_ACCEL(x) (int32_t)(((x) / EARTH_G) * 8192) -#define DPS_TO_DS4_GYRO(x) (int32_t)((x) * (1024 / 64)) +#define MPS2_TO_DS4_ACCEL(x) (int32_t) (((x) / EARTH_G) * 8192) +#define DPS_TO_DS4_GYRO(x) (int32_t) ((x) * (1024 / 64)) -#define APPLY_CALIBRATION(val, bias, scale) (int32_t)(((float) (val) + (bias)) / (scale)) +#define APPLY_CALIBRATION(val, bias, scale) (int32_t) (((float) (val) + (bias)) / (scale)) constexpr DS4_TOUCH ds4_touch_unused = { .bPacketCounter = 0, diff --git a/src/rtsp.cpp b/src/rtsp.cpp index 81627d9c..d6f6fbbb 100644 --- a/src/rtsp.cpp +++ b/src/rtsp.cpp @@ -112,7 +112,7 @@ namespace rtsp_stream { boost::asio::async_read(sock, boost::asio::buffer(begin, sizeof(encrypted_rtsp_header_t)), boost::bind(&socket_t::handle_read_encrypted_header, shared_from_this(), boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); } else { sock.async_read_some( - boost::asio::buffer(begin, (std::size_t)(std::end(msg_buf) - begin)), + boost::asio::buffer(begin, (std::size_t) (std::end(msg_buf) - begin)), boost::bind( &socket_t::handle_read_plaintext, shared_from_this(), @@ -253,7 +253,7 @@ namespace rtsp_stream { } sock.async_read_some( - boost::asio::buffer(begin, (std::size_t)(std::end(msg_buf) - begin)), + boost::asio::buffer(begin, (std::size_t) (std::end(msg_buf) - begin)), boost::bind( &socket_t::handle_plaintext_payload, shared_from_this(), @@ -289,7 +289,7 @@ namespace rtsp_stream { auto end = socket->begin + bytes; msg_t req {new msg_t::element_type {}}; - if (auto status = parseRtspMessage(req.get(), socket->msg_buf.data(), (std::size_t)(end - socket->msg_buf.data()))) { + if (auto status = parseRtspMessage(req.get(), socket->msg_buf.data(), (std::size_t) (end - socket->msg_buf.data()))) { BOOST_LOG(error) << "Malformed RTSP message: ["sv << status << ']'; respond(socket->sock, *socket->session, nullptr, 400, "BAD REQUEST", 0, {}); @@ -321,7 +321,7 @@ namespace rtsp_stream { if (end - socket->crlf >= content_length) { if (end - socket->crlf > content_length) { - BOOST_LOG(warning) << "(end - socket->crlf) > content_length -- "sv << (std::size_t)(end - socket->crlf) << " > "sv << content_length; + BOOST_LOG(warning) << "(end - socket->crlf) > content_length -- "sv << (std::size_t) (end - socket->crlf) << " > "sv << content_length; } fg.disable(); diff --git a/src/utility.h b/src/utility.h index 9721a1a2..db5d7f9d 100644 --- a/src/utility.h +++ b/src/utility.h @@ -375,7 +375,7 @@ namespace util { return (std::uint8_t) ch - '0'; } - return (std::uint8_t)(ch | (char) 32) - 'a' + (char) 10; + return (std::uint8_t) (ch | (char) 32) - 'a' + (char) 10; }; std::fill_n(buf + buf_size, padding, 0); @@ -429,7 +429,7 @@ namespace util { return (std::uint8_t) ch - '0'; } - return (std::uint8_t)(ch | (char) 32) - 'a' + (char) 10; + return (std::uint8_t) (ch | (char) 32) - 'a' + (char) 10; }; for (auto &el : buf) { @@ -483,12 +483,12 @@ namespace util { std::int64_t res {}; std::int64_t mul = 1; while (begin != --end) { - res += (std::int64_t)(*end - '0') * mul; + res += (std::int64_t) (*end - '0') * mul; mul *= 10; } - return *begin != '-' ? res + (std::int64_t)(*begin - '0') * mul : -res; + return *begin != '-' ? res + (std::int64_t) (*begin - '0') * mul : -res; } inline std::int64_t from_view(const std::string_view &number) { @@ -955,7 +955,7 @@ namespace util { template std::string_view view(It begin, It end) { - return std::string_view {(const char *) begin, (std::size_t)(end - begin)}; + return std::string_view {(const char *) begin, (std::size_t) (end - begin)}; } template