Skip to content
Quality Check

update README #5

Sign in to view logs

update README

update README #5

Workflow file for this run

.github/workflows/quality-check.yml at 242c151
# Lightweight CI for Python script project
# Focuses on code formatting and security scanning
name: Quality Check
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
permissions:
contents: read
security-events: write
jobs:
formatting:
name: Code Formatting
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Cache pip dependencies
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install formatting tools
run: |
python -m pip install --upgrade pip
pip install black isort flake8
- name: Check code formatting with Black
run: |
black --check --diff src/ tests/ || (echo "❌ Code formatting issues found. Run 'black src/ tests/' to fix." && exit 1)
- name: Check import sorting with isort
run: |
isort --check-only --diff src/ tests/ || (echo "❌ Import sorting issues found. Run 'isort src/ tests/' to fix." && exit 1)
- name: Lint with flake8
run: |
# Stop the build if there are Python syntax errors or undefined names
flake8 src/ tests/ --count --select=E9,F63,F7,F82 --show-source --statistics
# Check code quality with reasonable limits (warnings only, don't fail build)
flake8 src/ tests/ --count --exit-zero --max-complexity=15 --max-line-length=88 --statistics --exclude=__pycache__ || echo "⚠️ Code quality warnings found (non-blocking)"
security:
name: Security Scanning
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install security tools and dependencies
run: |
python -m pip install --upgrade pip
pip install safety bandit[toml]
# Install project dependencies for vulnerability scanning
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Run Safety check for known vulnerabilities
run: |
echo "🔍 Checking for known security vulnerabilities..."
safety check --json --output safety-report.json || echo "⚠️ Security vulnerabilities found - check safety-report.json"
- name: Run Bandit security linter
run: |
echo "🔍 Running security linter on source code..."
bandit -r src/ -f json -o bandit-report.json -ll || echo "⚠️ Security issues found - check bandit-report.json"
- name: Upload security reports
uses: actions/upload-artifact@v4
if: always()
with:
name: security-reports
path: |
safety-report.json
bandit-report.json
- name: Security scan summary
if: always()
run: |
echo "📊 Security Scan Summary:"
echo "- Safety report: safety-report.json"
echo "- Bandit report: bandit-report.json"
echo "📁 Reports uploaded as artifacts for detailed review"
basic-tests:
name: Basic Functionality
runs-on: ubuntu-latest
needs: [formatting]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Test CLI functionality
run: |
echo "🧪 Testing basic CLI functionality..."
# Test CLI help
python src/main.py --help
# Test sample file processing (check-only mode)
python src/main.py samples/05.en.srt --check-only
# Test SDH removal (v2.6 default behavior)
python src/main.py samples/05.en.srt test_output.srt
# Test keeping SDH markers
python src/main.py samples/05.en.srt test_output_with_sdh.srt --keep-sdh
# Verify outputs
if [ -f test_output.srt ]; then
echo "✅ Default SDH removal works"
else
echo "❌ Default processing failed"
exit 1
fi
if [ -f test_output_with_sdh.srt ]; then
echo "✅ Keep SDH option works"
else
echo "❌ Keep SDH processing failed"
exit 1
fi
echo "🎉 All basic functionality tests passed!"