Skip to content

Resolves #1311 - <a> HTML tag applying styling rules to all followi… #3580

Resolves #1311 - <a> HTML tag applying styling rules to all followi…

Resolves #1311 - <a> HTML tag applying styling rules to all followi… #3580

name: build
on: # cf. https://github.community/t/how-to-trigger-an-action-on-push-or-pull-request-but-not-both/16662
push:
branches:
- master
pull_request:
branches:
- master
jobs:
check-reference-pdf-files:
runs-on: ubuntu-latest
steps:
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Set up Python 3.13 πŸ”§
uses: actions/setup-python@v5
with:
python-version: 3.13
- name: Install system dependencies βš™οΈ
run: sudo apt-get update --allow-releaseinfo-change && sudo apt-get install qpdf
- name: Check all PDF reference files used in tests β˜‘
run: |
# Using qpdf
find . -name '*.pdf' | xargs -n 1 sh -c 'qpdf --check --password=fpdf2 $0 || exit 255'
export PYTHONPATH=$PWD
# Using VeraPDF:
scripts/install-verapdf.sh
scripts/verapdf.py --process-all-test-pdf-files
scripts/verapdf.py --print-aggregated-report
# Using Datalogics PDF Checker:
scripts/install-pdfchecker.sh
scripts/pdfchecker.py --process-all-test-pdf-files
scripts/pdfchecker.py --print-aggregated-report
lint:
# Note: there is currently an issue with ubuntu-latest==ubuntu-24.04 / OpenSSL 3.0.13 / oscrypto:
# https://github.com/py-pdf/fpdf2/issues/1333
runs-on: ubuntu-22.04
steps:
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Set up Python 3.13 πŸ”§
uses: actions/setup-python@v5
with:
python-version: 3.13
- name: Install Python dependencies βš™οΈ
run: |
python -m pip install --upgrade pip setuptools wheel
pip install --upgrade . -r test/linters-requirements.txt -r test/requirements.txt
- name: Run linters πŸ”Ž
run: |
black --check .
pylint fpdf test tutorial/tuto*.py
bandit -c .banditrc.yml -r contributors/ fpdf/ tutorial/
semgrep scan --config auto --error --strict --exclude-rule=python.lang.security.insecure-hash-function.insecure-hash-function fpdf
- name: Scan project with grype πŸ”Ž
uses: anchore/scan-action@v3
with:
path: "."
fail-build: true
- name: Scan project dependencies with guarddog 🐢
run: |
pip install guarddog
# Scanning direct dependencies:
guarddog pypi scan defusedxml
guarddog pypi scan Pillow
guarddog pypi scan fonttools
# Scanning dev dependencies:
guarddog pypi verify contributors/requirements.txt
guarddog pypi verify docs/requirements.txt
guarddog pypi verify test/linters-requirements.txt
guarddog pypi verify test/requirements.txt
test:
strategy:
matrix:
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13']
platform: [ubuntu-22.04, windows-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }} πŸ”§
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install system dependencies βš™οΈ
if: ${{ startsWith(matrix.platform, 'ubuntu') }}
# Ghostscript is needed for test/table/test_table_extraction.py
run: sudo apt-get update --allow-releaseinfo-change && sudo apt-get install ghostscript
- name: Install qpdf βš™οΈ
# We run the unit tests WITHOUT qpdf for a single parallel execution / Python version:
if: ${{ startsWith(matrix.platform, 'ubuntu') && matrix.python-version != '3.13' }}
run: sudo apt-get update --allow-releaseinfo-change && sudo apt-get install qpdf
- name: Install Python dependencies βš™οΈ
run: |
python -m pip install --upgrade pip setuptools wheel
pip install --upgrade . -r test/requirements.txt
- name: Run tests β˜‘
env:
CHECK_EXEC_TIME: ${{ matrix.python-version == '3.9' && 'test-enabled' || '' }}
CHECK_RSS_MEMORY: ${{ matrix.python-version == '3.13' && 'test-enabled' || '' }}
run: |
# Ensuring there is no `generate=True` left remaining in calls to assert_pdf_equal:
grep -IRF generate=True test/ && exit 1
# Executing all tests:
pytest -vv --trace-memory-usage
- name: Upload coverage report to codecov.io β˜‘
# We only upload coverage ONCE, for a single parallel execution / Python version:
if: ${{ startsWith(matrix.platform, 'ubuntu') && matrix.python-version == '3.13' }}
run: bash <(curl -s https://codecov.io/bash)
- name: Run tests with the minimal versions of fpdf2 direct dependencies β˜‘
if: ${{ startsWith(matrix.platform, 'ubuntu') && matrix.python-version == '3.8' }}
run: |
# Ensuring that those minimal versions remain compatible:
sed -i '/install_requires/,/\n/s/>=/==/' setup.cfg
pip install .
# Targeting only a subset of tests because: A) it's faster and B) some tests are dependant on a specific version of fonttools or Pillow
pytest -vv test/barcodes test/drawing test/errors test/image/test_load_image.py test/metadata test/shapes test/signing test/text_region test/utils
doc:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
# Security hardening because this is a sensitive job,
# where extra care should be taken NOT to leak any secret
uses: step-security/harden-runner@v2
with:
egress-policy: block
allowed-endpoints:
github.com:443
api.github.com:443
*.githubusercontent.com:443
pypi.org:443
files.pythonhosted.org:443
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Set up Python 3.13 πŸ”§
uses: actions/setup-python@v5
with:
python-version: 3.13
- name: Install Python dependencies βš™οΈ
run: |
python -m pip install --upgrade pip setuptools wheel
pip install --upgrade -r docs/requirements.txt -r contributors/requirements.txt
- name: Generate HTML documentation πŸ—οΈ
run: |
mkdir -p public/
# Setting PDF manual version:
sed -i "s/author:.*/author: v$(python setup.py -V 2>/dev/null)/" mkdocs.yml
cp tutorial/notebook.ipynb docs/
mkdocs build
pdoc --html -o public/ fpdf --config "git_link_template='https://github.com/py-pdf/fpdf2/blob/{commit}/{path}#L{start_line}-L{end_line}'"
scripts/add_pdoc_to_search_index.py
- name: Build contributors map πŸ—ΊοΈ
# As build_contributors_html_page.py can hang due to GitHub rate-limiting, we only execute this on master for now
if: github.ref == 'refs/heads/master'
env:
# Needed by contributors/build_contributors_html_page.py:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
cd contributors/ && PYTHONUNBUFFERED=1 ./build_contributors_html_page.py py-pdf/fpdf2
cp -t ../public/ contributors.html contributors-map-small.png
- name: Deploy documentation πŸš€
if: github.ref == 'refs/heads/master'
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: public/
publish:
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/fpdf2
permissions:
# Trusted publishing configured there: https://pypi.org/manage/project/fpdf2/settings/publishing/
id-token: write
steps:
- name: Harden Runner
# Security hardening because this is a sensitive job,
# where extra care should be taken NOT to leak any secret
uses: step-security/harden-runner@v2
with:
egress-policy: block
allowed-endpoints:
github.com:443
*.githubusercontent.com:443
pypi.org:443
files.pythonhosted.org:443
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Set up Python 3.13 πŸ”§
uses: actions/setup-python@v5
with:
python-version: '3.13'
- name: Build distributions for Pypi πŸ—οΈ
id: build
run: |
echo Versions already released on Pypi: $(curl -Ls 'https://pypi.org/pypi/fpdf2/json' | jq -r '.releases|keys[]')
pip install --upgrade setuptools twine wheel .
echo Current code version: $(python setup.py -V)
# Checking if current code version has already been released:
if ! curl -Ls 'https://pypi.org/pypi/fpdf2/json' | jq -r '.releases|keys[]' | grep "^$(python setup.py -V)\$"; then echo publish=yes >> "$GITHUB_OUTPUT"; python setup.py sdist bdist_wheel; twine check dist/*; fi
- name: Publish package distributions to PyPI πŸš€
if: steps.build.outputs.publish == 'yes'
uses: pypa/gh-action-pypi-publish@release/v1
# Doc: https://github.com/marketplace/actions/pypi-publish
with:
print-hash: true