Skip to content

docs(pt-BR): update v2.0.0 - ISP BR devices, FCC-ID, iSpy DB, RTSP cl… #195

docs(pt-BR): update v2.0.0 - ISP BR devices, FCC-ID, iSpy DB, RTSP cl…

docs(pt-BR): update v2.0.0 - ISP BR devices, FCC-ID, iSpy DB, RTSP cl… #195

Workflow file for this run

# Author: André Henrique (@mrhenrike) | União Geek — https://github.com/Uniao-Geek
name: compatibility-matrix
on:
push:
branches: ["**"]
pull_request:
workflow_dispatch:
permissions:
contents: write
jobs:
smoke:
name: "${{ matrix.os }} / py${{ matrix.python-version }}"
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install runtime requirements
run: |
python -m pip install --upgrade pip setuptools wheel
python -m pip install -r requirements.txt
- name: Run compatibility smoke check
run: |
python tools/compat_smoke.py
- name: Validate market priority yearly minimums
if: matrix.os == 'ubuntu-latest' && matrix.python-version == '3.11'
run: |
python tools/validate_market_priority_minimums.py
quality-security:
name: "quality-security / ubuntu / py3.11"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install runtime requirements
run: |
python -m pip install --upgrade pip setuptools wheel
python -m pip install -r requirements.txt
- name: Install security audit tooling
run: |
python -m pip install pip-audit flake8 pytest bandit
- name: Validate dependency graph integrity
run: |
python -m pip check
- name: Lint gate (critical errors)
run: |
flake8 tools exf.py --count --select=E9,F63,F7,F82 --show-source --statistics
- name: Scoped tests gate
run: |
python tools/run_scoped_tests.py
- name: Validate Python syntax compilation
run: |
python -m compileall -q embedxpl tools
- name: Validate market priority yearly minimums
run: |
python tools/validate_market_priority_minimums.py
- name: Validate governance baseline
run: |
python tools/validate_governance.py
- name: Build OSI/TCP-IP attack-test matrix snapshot
run: |
python tools/build_osi_tcpip_attack_matrix.py
- name: Build curated arsenal index
run: |
python tools/build_arsenal_index.py
- name: Validate curated arsenal architecture
run: |
python tools/validate_arsenal_architecture.py
- name: Validate generated coverage matrix is up to date
# Non-gating: regenerate and show diff for awareness.
# The matrix is auto-generated and may differ by platform line-endings.
# Run locally: python tools/generate_coverage_matrix.py && python tools/build_arsenal_index.py
continue-on-error: true
run: |
python tools/generate_coverage_matrix.py
python tools/build_arsenal_index.py
git diff --stat -- docs/COVERAGE_MATRIX.md docs/COVERAGE_MATRIX.txt embedxpl/resources/catalogs/arsenal_index.json || true
echo "Coverage matrix regenerated (diff shown above — non-gating)."
- name: Dependency vulnerability audit
run: |
pip-audit -r requirements.txt --progress-spinner off
- name: Static security review (bandit)
run: |
bandit -q -r tools -lll
- name: Refresh deep intel and honeypot snapshots (non-gating)
run: |
python tools/deep_intel_backlog.py
python tools/phase6b_honeypot_validation.py
dependency-review:
name: "dependency-review / pull_request"
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Dependency review
uses: actions/dependency-review-action@v4