PR: Code QL

.github/workflows/build.yaml

@@ -7,6 +7,10 @@ env:
   CTEST_OUTPUT_ON_FAILURE: ON
   VERBOSE: 1
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   build_and_test:
     env:
@@ -85,6 +89,8 @@ jobs:
       - name: Install dependencies
         run: |
           if [ "${{ runner.os }}" = "Linux" ]; then
+            sudo apt-get update
+
             if [ "${{ matrix.config.os }}" = "ubuntu-20.04" ]; then
               sudo apt-get install -y ninja-build elfutils libzstd-dev
             else
@@ -100,7 +106,6 @@ jobs:
               echo "CC=clang-${{ matrix.config.version }}" >> $GITHUB_ENV
               echo "CXX=clang++-${{ matrix.config.version }}" >> $GITHUB_ENV
 
-              sudo apt update
               sudo apt install -y clang-${{ matrix.config.version }} g++-multilib
             fi
           elif [ "${{ runner.os }}" = "macOS" ]; then
@@ -190,6 +195,30 @@ jobs:
             RUN_TESTS: unittest-in-wine
             apt_get: elfutils mingw-w64 wine
 
+          - name: Windows VS2019 32-bit
+            os: windows-2019
+            msvc_arch: x64_x86
+            allow_test_failures: true  # For now, don't fail the build on failure
+            CC: cl
+            CXX: cl
+            ENABLE_CACHE_CLEANUP_TESTS: 1
+            CMAKE_GENERATOR: Ninja
+            CMAKE_PARAMS: -DCMAKE_BUILD_TYPE=CI -DZSTD_FROM_INTERNET=ON
+            # -mno-incremental-linker-compatible: reproducible object files
+            TEST_CC: clang -target i686-pc-windows-msvc -mno-incremental-linker-compatible
+
+          - name: Windows VS2019 64-bit
+            os: windows-2019
+            msvc_arch: x64
+            allow_test_failures: true  # For now, don't fail the build on failure
+            CC: cl
+            CXX: cl
+            ENABLE_CACHE_CLEANUP_TESTS: 1
+            CMAKE_GENERATOR: Ninja
+            CMAKE_PARAMS: -DCMAKE_BUILD_TYPE=CI -DZSTD_FROM_INTERNET=ON
+            # -mno-incremental-linker-compatible: reproducible object files
+            TEST_CC: clang -target x86_64-pc-windows-msvc -mno-incremental-linker-compatible
+
           - name: Clang address & UB sanitizer
             os: ubuntu-20.04
             CC: clang
@@ -257,13 +286,38 @@ jobs:
         if: matrix.config.apt_get != ''
         run: sudo apt-get update && sudo apt-get install ${{ matrix.config.apt_get }}
 
+      - name: Prepare Windows environment (Visual Studio)
+        if: runner.os == 'Windows'
+        uses: ilammy/[email protected]
+        with:
+          arch: ${{ matrix.config.msvc_arch }}
+
+      - name: Prepare Windows environment (Clang)
+        if: runner.os == 'Windows'
+        shell: powershell
+        run: |
+          $ErrorActionPreference = 'Stop'
+
+          # The test suite currently requires that the compiler specified by the
+          # "CC" environment variable is on a path without spaces. Provide that
+          # by creating a junction from ~/opt/llvm to the Visual Studio path.
+          $null = New-Item `
+            -Path "${HOME}\opt\llvm" `
+            -ItemType Junction `
+            -Target "${env:VCINSTALLDIR}\Tools\Llvm\x64" `
+            -Force
+          "Path=${HOME}\opt\llvm\bin;${env:Path}" | `
+            Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+
       - name: Build and test
+        id: build-and-test
         env:
           ASAN_OPTIONS: ${{ matrix.config.ASAN_OPTIONS }}
           BUILDDIR: ${{ matrix.config.BUILDDIR }}
           CC: ${{ matrix.config.CC }}
           CCACHE_LOC: ${{ matrix.config.CCACHE_LOC }}
           CFLAGS: ${{ matrix.config.CFLAGS }}
+          CMAKE_GENERATOR: ${{ matrix.config.CMAKE_GENERATOR }}
           CMAKE_PARAMS: ${{ matrix.config.CMAKE_PARAMS }}
           CXX: ${{ matrix.config.CXX }}
           CXXFLAGS: ${{ matrix.config.CXXFLAGS }}
@@ -272,15 +326,23 @@ jobs:
           LDFLAGS: ${{ matrix.config.LDFLAGS }}
           RUN_TESTS: ${{ matrix.config.RUN_TESTS }}
           SPECIAL: ${{ matrix.config.SPECIAL }}
-        run: ci/build
+          TEST_CC: ${{ matrix.config.TEST_CC }}
+        run: |
+          rc=0
+          ci/build || rc=$?
+          echo "::set-output name=exit_status::$rc"
+          exit $rc
+        # CTest exits with return code 8 on test failure.
+        continue-on-error: ${{ matrix.config.allow_test_failures == true &&
+          steps.build-and-test.outputs.exit_status == 8 }}
 
       - name: Collect testdir from failed tests
-        if: failure()
+        if: failure() || steps.build-and-test.outcome == 'failure'
         run: ci/collect-testdir
         # TODO: in case of build-and-verify-*package the BUILDDIR is set within those scripts.
 
       - name: Upload testdir from failed tests
-        if: failure()
+        if: failure() || steps.build-and-test.outcome == 'failure'
         uses: actions/upload-artifact@v2
         with:
           name: ${{ matrix.config.name }} - testdir.tar.xz

.github/workflows/codeql-analysis.yaml

@@ -0,0 +1,49 @@
+# More info:
+# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: [*]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [*]
+    paths-ignore:
+      - '**/*.adoc'
+      - '**/*.bash'
+      - '**/*.md'
+  schedule:
+    # Full scan once a week
+    - cron: '0 14 * * 3'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-18.04
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    - name: Install dependencies
+      run: sudo apt-get update && sudo apt-get install ninja-build elfutils libzstd1-dev
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: cpp
+        queries: +security-and-quality
+
+    - name: Build
+      run: ci/build
+      env:
+        RUN_TESTS: none
+        CMAKE_GENERATOR: Ninja
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

CONTRIBUTING.md

@@ -6,8 +6,8 @@ Want to contribute to ccache? Awesome!
 
 There are several options:
 
-1. Ask a question in the [issue
-   tracker](https://github.com/ccache/ccache/issues/new/choose).
+1. Ask a question in
+   [discussions](https://github.com/ccache/ccache/issues/discussions).
 2. Post your question to the [mailing
    list](https://lists.samba.org/mailman/listinfo/ccache/).
 3. Chat in the [Gitter room](https://gitter.im/ccache/ccache).
@@ -39,8 +39,8 @@ Here are some hints to make the process smoother:
   avoid potentially wasting time on doing something that may need major rework
   to be accepted, or maybe doesn't end up being accepted at all.
 * Is your pull request "work in progress", i.e. you don't think that it's ready
-  for merging yet but you want early comments and CI test results? Then create
-  a draft pull request as described in [this Github blog
+  for merging yet but you want early comments and CI test results? Then create a
+  draft pull request as described in [this Github blog
   post](https://github.blog/2019-02-14-introducing-draft-pull-requests/).
 * Please follow the ccache's code style (see the section below).
 * Consider [A Note About Git Commit
@@ -50,24 +50,25 @@ Here are some hints to make the process smoother:
 ## Code style
 
 Ccache was written in C99 until 2019 when it started being converted to C++11.
-The conversion is a slow work in progress, which is why there is a lot of
-C-style code left. Please refrain from doing large C to C++ conversions; do it
-little by little.
+The conversion is a slow work in progress, which is why there is some C-style
+code left. Please refrain from doing large C to C++ conversions; do it little by
+little.
 
 Source code formatting is defined by `.clang-format` in the root directory. The
 format is loosely based on [LLVM's code formatting
 style](https://llvm.org/docs/CodingStandards.html) with some exceptions. It's
 highly recommended to install
 [Clang-Format](https://clang.llvm.org/docs/ClangFormat.html) 6.0 or newer and
 run `make format` to format changes according to ccache's code style. Or even
-better: set up your editor to run Clang-Format automatically when saving. If
-you don't run Clang-Format then the ccache authors have to do it for you.
+better: set up your editor to run Clang-Format automatically when saving. If you
+don't run Clang-Format then the ccache authors have to do it for you.
 
 Please follow these conventions:
 
 * Use `UpperCamelCase` for types (e.g. classes and structs) and namespaces.
 * Use `UPPER_CASE` names for macros and (non-class )enum values.
-* Use `snake_case` for other names (functions, variables, enum class values, etc.).
+* Use `snake_case` for other names (functions, variables, enum class values,
+  etc.).
 * Use an `m_` prefix for non-public member variables.
 * Use a `g_` prefix for global mutable variables.
 * Use a `k_` prefix for global constants.

LICENSE.adoc

@@ -421,12 +421,12 @@ src/third_party/doctest.h
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
 This is the single header version of https://github.com/onqtam/doctest[doctest]
-2.4.0 with the following license:
+2.4.4 with the following license:
 
 -------------------------------------------------------------------------------
 The MIT License (MIT)
 
-Copyright (c) 2016-2019 Viktor Kirilov
+Copyright (c) 2016-2020 Viktor Kirilov
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -451,7 +451,7 @@ SOFTWARE.
 src/third_party/fmt/*.h and src/third_party/format.cpp
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-This is a subset of https://fmt.dev[fmt] 7.0.3 with the following license:
+This is a subset of https://fmt.dev[fmt] 7.1.3 with the following license:
 
 -------------------------------------------------------------------------------
 Formatting library for C++
@@ -558,9 +558,9 @@ SOFTWARE.
 src/third_party/nonstd/optional.hpp
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-This alternative implementation of `std::optional` was downloaded from
-<https://github.com/martinmoene/optional-lite> and has the following license
-text:
+This is the single header version of
+https://github.com/martinmoene/optional-lite[optional-lite] 3.4.0 with the
+following license:
 
 -------------------------------------------------------------------------------
 Copyright (c) 2014-2018 Martin Moene
@@ -638,6 +638,30 @@ The full license text can be found in LGPL-3.0.txt and at
 https://www.gnu.org/licenses/lgpl-3.0.html.
 
 
+src/third_party/win32/mktemp.*
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This implementation of `mkstemp()` for Win32 was adapted from
+<https://github.com/openbsd/src/blob/99b791d14c0f1858d87a0c33b55880fb9b00be66/lib/libc/stdio/mktemp.c>
+and has the folowing license text:
+
+-------------------------------------------------------------------------------
+Copyright (c) 1996-1998, 2008 Theo de Raadt
+Copyright (c) 1997, 2008-2009 Todd C. Miller
+
+Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+-------------------------------------------------------------------------------
+
 src/third_party/xxh*
 ~~~~~~~~~~~~~~~~~~~~
 

README.md

@@ -31,6 +31,7 @@ Contributing to ccache
 * [Mailing list](https://lists.samba.org/mailman/listinfo/ccache/)
 * [Chat](https://gitter.im/ccache/ccache)
 * [Bug report info](https://ccache.dev/bugs.html)
+* [Discussions](https://github.com/ccache/ccache/discussions)
 * [Issue tracker](https://github.com/ccache/ccache/issues)
   * [Help wanted!](https://github.com/ccache/ccache/labels/help%20wanted)
   * [Good first issues!](https://github.com/ccache/ccache/labels/good%20first%20issue)

cmake/CIBuildType.cmake

@@ -25,7 +25,7 @@ set(CMAKE_BUILD_TYPE "${CMAKE_BUILD_TYPE}" CACHE STRING
   "Choose the type of build, options are: None Debug Release RelWithDebInfo MinSizeRel CI."
   FORCE)
 
-string(REPLACE -DNDEBUG "" CMAKE_CXX_FLAGS_CI ${CMAKE_CXX_FLAGS_CI})
-string(REPLACE -DNDEBUG "" CMAKE_C_FLAGS_CI ${CMAKE_C_FLAGS_CI})
+string(REGEX REPLACE "[/-]DNDEBUG" "" CMAKE_CXX_FLAGS_CI ${CMAKE_CXX_FLAGS_CI})
+string(REGEX REPLACE "[/-]DNDEBUG" "" CMAKE_C_FLAGS_CI ${CMAKE_C_FLAGS_CI})
 string(STRIP ${CMAKE_CXX_FLAGS_CI} CMAKE_CXX_FLAGS_CI)
 string(STRIP ${CMAKE_C_FLAGS_CI} CMAKE_C_FLAGS_CI)

cmake/DevModeWarnings.cmake

@@ -115,7 +115,7 @@ elseif(MSVC)
   string(REGEX REPLACE "/W[0-4]" "" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
 
   if(WARNINGS_AS_ERRORS)
-    list(APPEND CCACHE_COMPILER_WARNINGS /WE)
+    list(APPEND CCACHE_COMPILER_WARNINGS /WX)
   endif()
 
   list(
@@ -126,6 +126,7 @@ elseif(MSVC)
     /wd5105
     # Conversion warnings:
     /wd4244
+    /wd4245
     /wd4267
     # Assignment in conditional:
     /wd4706

cmake/Findzstd.cmake

@@ -6,7 +6,7 @@ if(ZSTD_FROM_INTERNET)
   # Although ${zstd_FIND_VERSION} was requested, let's download a newer version.
   # Note: The directory structure has changed in 1.3.0; we only support 1.3.0
   # and newer.
-  set(zstd_version "1.4.5")
+  set(zstd_version "1.4.8")
   set(zstd_url https://github.com/facebook/zstd/archive/v${zstd_version}.tar.gz)
 
   set(zstd_dir ${CMAKE_BINARY_DIR}/zstd-${zstd_version})

doc/INSTALL.md

@@ -20,6 +20,8 @@ To build ccache you need:
        from the Internet and unpack it in the local binary tree. Ccache will
        then be linked statically to the locally built libzstd.
 
+  To link libzstd statically you can use `-DZSTD_LIBRARY=/path/to/libzstd.a`.
+
 Optional:
 
 - GNU Bourne Again SHell (bash) for tests.