Docs: Minor updates for SECURITY.md #410
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| pull_request: | |
| workflow_dispatch: | |
| release: | |
| types: [published] | |
| jobs: | |
| build-efi-release: | |
| name: Build EFI Release | |
| runs-on: macos-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: '5' | |
| # Python 3.10 is not compatible with VoodooI2C cldoc | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.9' | |
| - name: Initialize Variables | |
| run: | | |
| GIT_SHA="$(git rev-parse --short HEAD)" | |
| echo "CUR_TAG=beta-$GIT_SHA" >> "$GITHUB_ENV" | |
| - name: Manage Release Version | |
| if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') | |
| run: | | |
| echo "CUR_TAG=${GITHUB_REF##*/}" >> "$GITHUB_ENV" | |
| - name: Run makefile | |
| run: | | |
| ./makefile.sh --VERSION=${CUR_TAG} --BL=CLOVEROC --MODEL=CMLKBL --PRE_RELEASE=KextOC | |
| - name: Upload to Artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: XiaoMi NoteBook Pro EFI ${{ env.CUR_TAG }} | |
| path: build/*.zip | |
| - name: Upload to Release | |
| if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') | |
| uses: ncipollo/[email protected] | |
| with: | |
| artifacts: build/*.zip | |
| bodyFile: build/XiaoMi_Pro-KBL-OC-${{ env.CUR_TAG }}/ReleaseNotes.md | |
| name: XiaoMi NoteBook Pro EFI ${{ env.CUR_TAG }} | |
| prerelease: false | |
| tag: ${{ env.CUR_TAG }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| analyze-scripts: | |
| name: Analyze Scripts | |
| runs-on: macos-latest | |
| env: | |
| HOMEBREW_NO_INSTALL_CLEANUP: 1 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Dependency | |
| run: | | |
| brew install shellcheck | |
| - name: Run shellcheck | |
| run: find . \( -name "*.tool" -o -name "*.command" -o -name "*.sh" \) -exec sh -c 'for TargetFile; do shellcheck --severity=info "${TargetFile}" || exit 1; done' sh {} + | |
| analyze-dsls: | |
| name: Analyze DSLs | |
| runs-on: macos-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Dependency | |
| run: | | |
| curl -# -L -O https://raw.githubusercontent.com/Acidanthera/MaciASL/master/Dist/iasl-stable || exit 1 | |
| chmod +x iasl* || exit 1 | |
| - name: Run iasl | |
| run: | | |
| find . -name '*.dsl' -exec sh -c './iasl* -vw 2095 -vw 2173 -vs -p "${1%/*}/../${1##*/}" "${1%}" && echo || exit 1' sh {} \; | |
| analyze-oc-config: | |
| name: Analyze OpenCore Configs | |
| runs-on: macos-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Dependency | |
| run: | | |
| mkdir "OpenCore" && cd "OpenCore" || exit 1 | |
| hg="grep -m 1 RELEASE" | |
| hg_pre="grep -A 2 OpenCorePkg | grep -m 1 RELEASE" | |
| rawURL="https://github.com/acidanthera/OpenCorePkg/releases/latest" | |
| rawURL=$(curl -Ls -o /dev/null -w "%{url_effective}" "${rawURL}" | sed 's/releases\/tag/releases\/expanded_assets/') | |
| rawURL_pre="https://github.com/dortania/build-repo/tags" | |
| rawURL_pre="https://github.com$(curl -L --silent "${rawURL_pre}" | grep -m 1 'OpenCorePkg' | sed -e 's/.*<a\ href="//' | cut -d "\"" -f1)" | |
| rawURL_pre=$(curl -Ls -o /dev/null -w "%{url_effective}" "${rawURL_pre}" | sed 's/releases\/tag/releases\/expanded_assets/') | |
| url="https://github.com$(curl -L --silent "${rawURL}" | grep '/download/' | eval "${hg}" | sed 's/^[^"]*"\([^"]*\)".*/\1/')" | |
| url_pre="https://github.com$(curl -L --silent "${rawURL_pre}" | grep '/download/' | eval "${hg_pre}" | sed 's/^[^"]*"\([^"]*\)".*/\1/')" | |
| echo "Downloading OpenCorePkg" | |
| curl -# -L -O "${url_pre}" || curl -# -L -O "${url}" || exit 1 | |
| unzip -qq "*.zip" || exit 1 | |
| chmod +x Utilities/ocvalidate/ocvalidate || exit 1 | |
| - name: Run ocvalidate | |
| run: | | |
| ./OpenCore/Utilities/ocvalidate/ocvalidate ./OC/config_kbl.plist || exit 1 | |
| ./OpenCore/Utilities/ocvalidate/ocvalidate ./OC/config_cml.plist || exit 1 |