@mizchi/actrun 0.16.0 → 0.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +81 -1
- package/dist/actrun.js +410 -211
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -106,6 +106,85 @@ actrun run logs <run-id> --task <id> # View specific task log
|
|
|
106
106
|
actrun run download <run-id> # Download all artifacts
|
|
107
107
|
```
|
|
108
108
|
|
|
109
|
+
### Analysis Commands
|
|
110
|
+
|
|
111
|
+
```bash
|
|
112
|
+
# Lint: type check expressions and detect dead code
|
|
113
|
+
actrun lint # Lint all .github/workflows/*.yml
|
|
114
|
+
actrun lint .github/workflows/ci.yml # Lint a specific file
|
|
115
|
+
actrun lint --ignore W001 # Suppress a rule (repeatable)
|
|
116
|
+
|
|
117
|
+
# Visualize: render workflow job dependency graph
|
|
118
|
+
actrun viz .github/workflows/ci.yml # ASCII art (terminal)
|
|
119
|
+
actrun viz .github/workflows/ci.yml --mermaid # Mermaid text (for Markdown)
|
|
120
|
+
actrun viz .github/workflows/ci.yml --detail # Mermaid with step subgraphs
|
|
121
|
+
actrun viz .github/workflows/ci.yml --svg # SVG image
|
|
122
|
+
actrun viz .github/workflows/ci.yml --svg --theme github-light
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
#### Lint Diagnostics
|
|
126
|
+
|
|
127
|
+
| Rule | Severity | Description |
|
|
128
|
+
|------|----------|-------------|
|
|
129
|
+
| `undefined-context` | error | Undefined context (e.g. `foobar.x`) |
|
|
130
|
+
| `wrong-arity` | error | Wrong function arity (e.g. `contains('one')`) |
|
|
131
|
+
| `unknown-function` | error | Unknown function (e.g. `myFunc()`) |
|
|
132
|
+
| `unknown-property` | warning | Unknown property (e.g. `github.nonexistent`) |
|
|
133
|
+
| `type-mismatch` | warning | Comparing incompatible types |
|
|
134
|
+
| `unreachable-step` | warning | Unreachable step (`if: false`) |
|
|
135
|
+
| `future-step-ref` | error | Reference to future step |
|
|
136
|
+
| `undefined-step-ref` | error | Reference to undefined step |
|
|
137
|
+
| `undefined-needs` | error | Undefined `needs` job reference |
|
|
138
|
+
| `circular-needs` | error | Circular `needs` dependency |
|
|
139
|
+
| `unused-outputs` | warning | Unused job outputs |
|
|
140
|
+
| `duplicate-step-id` | error | Duplicate step IDs in same job |
|
|
141
|
+
| `missing-runs-on` | error | Missing `runs-on` |
|
|
142
|
+
| `empty-job` | error | Empty job (no steps) |
|
|
143
|
+
| `uses-and-run` | error | Step has both `uses` and `run` |
|
|
144
|
+
| `empty-matrix` | warning | Matrix with empty rows |
|
|
145
|
+
| `invalid-uses` | error | Invalid `uses` syntax |
|
|
146
|
+
| `invalid-glob` | warning | Invalid glob pattern in trigger filter |
|
|
147
|
+
| `redundant-condition` | warning | Always-true/false condition |
|
|
148
|
+
| `script-injection` | warning | Script injection risk (untrusted input in `run:`) |
|
|
149
|
+
| `permissive-permissions` | warning | Overly permissive permissions |
|
|
150
|
+
| `deprecated-command` | warning | Deprecated workflow command (`::set-output` etc.) |
|
|
151
|
+
| `missing-prt-permissions` | warning | `pull_request_target` without explicit `permissions` |
|
|
152
|
+
| `if-always` | warning | Bare `always()` — prefer `success() \|\| failure()` |
|
|
153
|
+
| `dangerous-checkout-in-prt` | error | Checkout PR head in `pull_request_target` |
|
|
154
|
+
| `secrets-to-third-party` | warning | Secrets passed via env to third-party action |
|
|
155
|
+
| `missing-timeout` | warning | No `timeout-minutes` (opt-in: `--strict`) |
|
|
156
|
+
| `mutable-action-ref` | warning | Tag ref instead of SHA pin (opt-in: `--online`) |
|
|
157
|
+
| `action-not-found` | error | Action ref not found on GitHub (opt-in: `--online`) |
|
|
158
|
+
|
|
159
|
+
Configure lint behavior in `actrun.toml`:
|
|
160
|
+
|
|
161
|
+
```toml
|
|
162
|
+
[lint]
|
|
163
|
+
preset = "default" # default, strict, oss
|
|
164
|
+
ignore_rules = ["unknown-property", "unused-outputs"]
|
|
165
|
+
```
|
|
166
|
+
|
|
167
|
+
| Preset | Includes |
|
|
168
|
+
|--------|----------|
|
|
169
|
+
| `default` | All rules except `missing-timeout` and online checks |
|
|
170
|
+
| `strict` | `default` + `missing-timeout` |
|
|
171
|
+
| `oss` | `strict` + `mutable-action-ref` / `action-not-found` (network) |
|
|
172
|
+
|
|
173
|
+
#### Visualization Example
|
|
174
|
+
|
|
175
|
+
```
|
|
176
|
+
$ actrun viz .github/workflows/release.yml
|
|
177
|
+
|
|
178
|
+
┌───────┐ ┌────────┐
|
|
179
|
+
│ build │ │ docker │
|
|
180
|
+
└───────┘ └────────┘
|
|
181
|
+
└┐
|
|
182
|
+
│
|
|
183
|
+
┌─────────┐
|
|
184
|
+
│ release │
|
|
185
|
+
└─────────┘
|
|
186
|
+
```
|
|
187
|
+
|
|
109
188
|
### Artifact & Cache Commands
|
|
110
189
|
|
|
111
190
|
```bash
|
|
@@ -412,7 +491,8 @@ just gha-compat-compare compat-checkout-artifact.yml _build/gha-compat/<run-id>
|
|
|
412
491
|
| `src/lowering.mbt` | Bitflow IR lowering, action/reusable workflow expansion |
|
|
413
492
|
| `src/executor.mbt` | Native host executor |
|
|
414
493
|
| `src/runtime.mbt` | Git workspace materialization |
|
|
415
|
-
| `src/
|
|
494
|
+
| `src/lint/` | Expression parser, type checker, dead code detection, workflow visualization |
|
|
495
|
+
| `src/cmd/actrun/main.mbt` | CLI entry point |
|
|
416
496
|
| `testdata/` | Compatibility fixtures |
|
|
417
497
|
|
|
418
498
|
## License
|