* chore(Trace): add dev env settings
* add(Trace): init add Poco::trace and libbacktrace files
* feat(Exception): generate stack trace if enabled at compile time
* chore(DNSSD): remove binaries from git
* fix(Trace): build
* chore(ci): exclude exception text tests for trace build; add debug test script params
* chore(build): mac (dl)
* chore(cmake): Changes to build Trace with CMake.
* chore(cmake): Changes to build Trace on Windows
* chore(cmake): Improvements to include trace sample.
* chore(cmake): Fixes to properly build/link Trace on Linux
* chore(cmake): add_definitions --> add_compile_definitions
* chore(cmake): Build Trace as static and don't export it.
* chore(make): Link Trace with built-in libbacktrace on Linux
* chore(Trace): remove unnecessary sources for libbacktrace.
* chore(github): enable trace on a few github checks
* chore(cmake): Build Trace with clang++ on Linux.
* chore(cmake): Properly set POCO_ENABLE_TRACE globally when needed.
* fix(cmake): Trace: corrected include for clang on Linux
---------
Co-authored-by: Matej Kenda <matejken@gmail.com>
* enh(ProcessRunner): does not detect launch errors #4482
* enh(File): add absolutePath and existsAnywhere() #4482
* fix windows build and tsan fail
* fix tsan
* fix windows file tests
* comment out some CI env path -related issues
* fix tsan and windows build
* try to fix ci
* ignore ProcessRunner test fail on windows cmake
* enh(File): canExecute throws FileNotFoundException if the file to be executed can't be found in the path.
* Few C++ modernisation changes.
* enh(File): Windows specifics of File::canExecute. Returns false if the file to be executed can't be found using absolutePath.
---------
Co-authored-by: Matej Kenda <matejken@gmail.com>
* fix(ActiveRecord): missing ActiveRecordLib_API definitions for clang/gcc.
* fix(FPEnvironment): export FPEnvironmentImpl classes (#4393, #3331)
* fix(Crypto): export *Impl classes used from inlines (#4393, #3331)
* fix(Dynamic): explicitly instantiate and export Dynamic::Struct for string and int (-fvisibility=hidden) (#4393, #3331)
* fix(JSON): explicitly instantiate and export SharedPtr for JSON::Array and JSON::Object (-fvisibility=hidden) (#4393, #3331)
* enh(CMake): Set symbol visibility to hidden (#4393, #3331)
* enh(configure): user c++17 standard for iphone, Darwin and ARM-Linux.
* fix(UTF): explicitly instantiate and export 16 and 32-bit strings (-fvisibility=hidden) (#4393, #3331)
* fix(RecordSet): make Extraction.h internal and instantiate RecordsSet::column template functions only for supported types. (-fvisibility=hidden) (#4393, #3331)
* fix(UTF): fix explicitly instantiation on Windows (-fvisibility=hidden) (#4393, #3331)
* enh(CMake): Add github jobs for macOS with visibility set to hidden (#4393, #3331)
* fix(CppParser): Add missing declarations for CppParser_API (#4393, #3331)
* enh(CMake): Enable more options in github jobs for macOS with visibility set to hidden (#4393, #3331)
* fix(MongoDB): Add missing MongoDB_API (#4393, #3331)
* fix(Data::AbstracSessionImpl): protect autocommit feature handlers #4261
* chore(CI): re-enable mysql
* MySQL SessionImpl: make sure autocommit mode is on when session is openend or reset.
* PostgreSQL SessionImpl: reuse autocommit flag of AbstractSessionImpl.
* Github workflow: re-activated linux-gcc-make-postgres
* Fixed indentation in ci.yml
* Fix for DataTest SQLExecutor: use connector
* Data::Session: when parser is not used and autocommit mode is off, assume any SQL statement begins a transaction.
* PostgreSQL: don't use SQL parser (it currently cannot handle placeholders).
* PostgreSQL: added test sessionTransactionNoAutoCommit
* PostgreSQL test suite: removed reference to generic SQLExecutor
* PostgreSQL: fixes for sessionTransactionNoAutoCommit.
* MySQL: added test sessionPoolAndUnicode (from #2801)
* Fixed #define in sql-parser
* Data generic testsuite: support numbered placeholders
* PostgreSQL test suite: added missing include directory to Makefile.
* Attempt to fix PostgreSQL Makefiles
* PostgreSQL testsuite: added include path to Makefile
* PostgreSQL testsuite: added PocoDataTest library to Makefile
* DataTest SQLExecutor::formatSQL: don't use string_view
* PostgreSQL test suite: delegated most tests to Poco::Data::Test
* Makefile: added dependencies on Data-Tests
* Weaken assumptions about async in generic transaction tests
* Makefile: added dependency for Prometheus samples
* Fix deadlock in DataTest SQLExecutor
* PostgreSQL tests SQLExecutor: cleanup
* feat(Data::AbstractSessionImpl): add autoCommit property and tests #4261
* Brought MySQL backend in line with _autoCommit flag of AbstractSessionImpl.
---------
Co-authored-by: Friedrich Wilckens <frwilckens@gmail.com>
Co-authored-by: Friedrich Wilckens <friedrich.wilckens@ingramcontent.com>
* Add first android git hub action to try
* Set up android toolchain
* Add second android ndk build
* add some default settings for android
* Add a third android build for armv7
* fix(OpMsgMessage): android v7a compile
---------
Co-authored-by: Aleksandar Fabijanic <aleks-f@users.noreply.github.com>
* add sendfile method for streamsocket
* add mswsock.lib to the project files and templates
* remove /DPOCO_NO_AUTOMATIC_LIBS for cmake windows build
* merge from upstream
* merge from upstream
* fix code stile
add NotImplemented exception for unsupported platforms
exculude <sys/sendfile.h> for POCO_EMSCRIPTEN, because https://
github.com/emscripten-core/emscripten/pull/16234
* add iostream include for std::cout
* fix compilation for emscripten (wrap sendfile)
* fix(SQLParser): use Data_API if available
* fix(ProGen): wrong AdditionalOptions separator #4259
* fix(SQLParser): add default export define when embedded
* feat(ci): run pull request runs only on pull request open #4205
* feat(ci): add retry action for tsan #4205
* feat(ci): use local action for retrying tsan #4205
* fix(ci): use correct version of retry action #4205
* fix: make POSIX event thread safe
* feat(ci): add info on retry action to ci.yml header #4205
* feat(ci): add linux mysql test #4205
* feat(ci): remove unused mysql containers from tests#4205
* feat(ci): add linux postgre test #4205
* feat(ci): add linux redis test #4205
* feat(ci): add linux mongodb tests #4205
* feat(ci): add mysql odbc test #4205
* chore(ci): rename tests #4205
* chore(ci): pin postgres and mysql versions #4205
* feat(ci): add odbc postgres tests #4205
* chore(ci): mysql odbc comment #4205
* chore(ci): disable windows 2019 job #4205
* feat(ci): add linux oracle tests #4205
* chore(ci): disable oracle tests #4205
* feat(ci): add sql server tests #4205
* chore(ci): disable postgres tests #4205
* chore(ci): add logging for task test #4205
* feat(ci): add local retry action #4205
* feat(ci): ignore process kill failure in action #4205
* feat(ci): send SIGKILL instead of SIGTERM in action #4205
* chore(ci): add updated action #4205
* chore(ci): reduce tsan timeout #4205
* feat(ci): kill process without children #4205
* feat(ci): send SIGTERM to child in action #4205
* feat(ci): prolong tsan timeout #4205
* chore(ci): add missing newlines #4205
* fix(ci): revert sql server test FreeTDS version #4205
* feat(ci): add retry to all jobs #4205
* feat(ci): setup python for codeQL #4205
* chore(ci): disable throwing on codeql error #4205
Add CodeQL Workflow for Code Security Analysis
This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.
We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.
Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.
Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.
Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).
Signed-off-by: Brian <bayuan@purdue.edu>
