build(deps): bump requests from 2.32.5 to 2.33.0 across all component… #1398
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Unit tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| # Always run full test suite on main branch | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| test: | |
| permissions: | |
| contents: read | |
| strategy: | |
| fail-fast: false # Continue running other components even if one fails | |
| matrix: | |
| include: | |
| - component: common | |
| coverage_module: buttercup.common | |
| python: "3.12" | |
| - component: orchestrator | |
| coverage_module: buttercup.orchestrator | |
| python: "3.12" | |
| - component: program-model | |
| coverage_module: buttercup.program_model | |
| python: "3.12" | |
| - component: seed-gen | |
| coverage_module: buttercup.seed_gen | |
| python: "3.12" | |
| - component: patcher | |
| coverage_module: buttercup.patcher | |
| python: "3.12" | |
| - component: fuzzer | |
| coverage_module: buttercup.fuzzer | |
| python: "3.12" | |
| - component: fuzzer_runner | |
| coverage_module: buttercup.fuzzer_runner | |
| python: "3.12" | |
| runs-on: ubuntu-latest | |
| # Removed if: matrix.should_run since we're not using path filtering right now | |
| services: | |
| redis: | |
| image: redis@sha256:e647cfe134bf5e8e74e620f66346f93418acfc240b71dd85640325cb7cd01402 # 7.4 | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| submodules: true | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | |
| - name: Setup uv cache | |
| uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 | |
| with: | |
| path: | | |
| ~/.cache/uv | |
| ~/.local/share/uv | |
| key: ${{ runner.os }}-uv-${{ matrix.component }}-${{ hashFiles(format('{0}/uv.lock', matrix.component)) }} | |
| restore-keys: | | |
| ${{ runner.os }}-uv-${{ matrix.component }}- | |
| ${{ runner.os }}-uv- | |
| - name: Download Wasm runtime | |
| run: wget https://github.com/vmware-labs/webassembly-language-runtimes/releases/download/python%2F3.12.0%2B20231211-040d5a6/python-3.12.0.wasm | |
| if: matrix.component == 'seed-gen' | |
| working-directory: seed-gen | |
| - name: Install dependencies for program-model, seed-gen, and patcher | |
| if: matrix.component == 'program-model' || matrix.component == 'seed-gen' || matrix.component == 'patcher' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y codequery ripgrep | |
| make install-cscope | |
| - name: Install minimal dependencies | |
| if: matrix.component != 'program-model' && matrix.component != 'seed-gen' && matrix.component != 'patcher' && matrix.component != 'fuzzer' && matrix.component != 'fuzzer_runner' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y ripgrep | |
| # Fuzzer and fuzzer_runner only need ripgrep, no codequery | |
| - name: Install fuzzer dependencies | |
| if: matrix.component == 'fuzzer' || matrix.component == 'fuzzer_runner' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y ripgrep | |
| - name: Prepare environment | |
| run: | | |
| export DEBIAN_FRONTEND=noninteractive | |
| sudo apt-get update | |
| sudo mkdir -p /crs_scratch | |
| sudo chmod -R 777 /crs_scratch | |
| - name: Setup ${{ matrix.component }} component | |
| run: | | |
| uv sync --all-extras --frozen | |
| # Install test reporting tools into the project venv | |
| # This avoids adding them to every component's dependencies | |
| uv pip install 'pytest-html>=4.1.1' 'pytest-cov>=6.0.0' | |
| working-directory: ${{ matrix.component }} | |
| - name: Run tests on ${{ matrix.component }} component | |
| run: | | |
| uv run --frozen pytest -svv \ | |
| --junit-xml=test-results.xml \ | |
| --html=test-report.html \ | |
| --self-contained-html \ | |
| --cov=${{ matrix.coverage_module }} \ | |
| --cov-report=xml \ | |
| --cov-report=html \ | |
| --cov-report=term | |
| env: | |
| PYTHON_WASM_BUILD_PATH: "python-3.12.0.wasm" | |
| working-directory: ${{ matrix.component }} | |
| - name: Audit dependencies for vulnerabilities | |
| if: always() | |
| run: | | |
| # Ignore CVEs with no available fix: | |
| # - CVE-2026-4539: pygments ReDoS in AdlLexer (no fix available) | |
| # Use --skip-editable to ignore local packages not on PyPI | |
| # Use uvx to run pip-audit in an isolated environment | |
| uvx pip-audit --strict --desc \ | |
| --skip-editable \ | |
| --ignore-vuln CVE-2026-4539 | |
| working-directory: ${{ matrix.component }} | |
| - name: Generate test summary | |
| if: always() | |
| run: | | |
| echo "### Test Results: ${{ matrix.component }}" >> "$GITHUB_STEP_SUMMARY" | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| if [ -f "${{ matrix.component }}/test-results.xml" ]; then | |
| python -c " | |
| import xml.etree.ElementTree as ET | |
| tree = ET.parse('${{ matrix.component }}/test-results.xml') | |
| root = tree.getroot() | |
| tests = root.get('tests', '0') | |
| failures = root.get('failures', '0') | |
| errors = root.get('errors', '0') | |
| skipped = root.get('skipped', '0') | |
| time = root.get('time', '0') | |
| print(f'- **Total Tests**: {tests}') | |
| print(f'- **Passed**: {int(tests) - int(failures) - int(errors) - int(skipped)}') | |
| print(f'- **Failed**: {failures}') | |
| print(f'- **Errors**: {errors}') | |
| print(f'- **Skipped**: {skipped}') | |
| print(f'- **Duration**: {float(time):.2f}s') | |
| " >> "$GITHUB_STEP_SUMMARY" | |
| else | |
| echo "No test results found" >> "$GITHUB_STEP_SUMMARY" | |
| fi | |
| - name: Upload test results | |
| if: always() | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: test-results-${{ matrix.component }}-py${{ matrix.python }} | |
| path: | | |
| ${{ matrix.component }}/test-results.xml | |
| ${{ matrix.component }}/test-report.html | |
| ${{ matrix.component }}/coverage.xml | |
| ${{ matrix.component }}/htmlcov/ | |
| retention-days: 30 | |
| # Coverage will be uploaded in a separate job after all tests complete | |
| # Consolidated coverage upload after all tests complete | |
| coverage-upload: | |
| permissions: | |
| contents: read | |
| needs: [test] | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download all coverage reports | |
| uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 | |
| with: | |
| pattern: test-results-* | |
| path: coverage-reports | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 | |
| with: | |
| directory: coverage-reports | |
| files: '*/coverage.xml,**/coverage.xml' | |
| fail_ci_if_error: false | |
| verbose: true | |