Delete unneeded LLVM tools, clang libraries and testing tools.
This reduces the image size from 1.71 GB to 901 MB.
It may be possible to improve on this by deleting some LLVM
libraries though I don't know which ones we should delete
because AFL++ might use some).
Related https://github.com/google/oss-fuzz/issues/5170
OpenEXR 3.0, and the main branch, has accepted a PR to merge libIexMath
into libIex, to lower dependencies. Remove it from the list of libraries
and further sort by dependency order
Signed-off-by: Kimball Thurston <kdt3rd@gmail.com>
* initial integration of rust image-png.
* Updated the image-png so it compiles.
* Updated image-png to work with maintainer email.
* Add another maintainer to project yaml.
* Minor update to trigger CI.
* [CIFuzz] Add functionality to save diskspace.
Add a LOW_DISK_SPACE env/config var. When this is specified
(always true for Github actions) run_fuzzers will delete
base-builder and the project builder image before fuzzing.
After it finishes fuzzing with a target, it will also
delete the targets, its seed corpus and its corpus.
Related: #4879
* protobuf-c: fix coverage builds, ignore protobuf results
No need to include Google Protobuf library coverage results, since we
are testing protobuf-c.
* protobuf-c: use pkg-config for dependency resolution
* protobuf-c: use next branch to check latest code
master is not the latest branch in the protobuf-c repo. Run fuzzer on
the next branch, which is the development branch for the next release.
* protobuf-c: add myself to CC list
👋 hello there! I'm a fellow Googler who works on projects that leverage GitHub Actions for CI/CD. Recently I noticed a large increase in our queue time, and I've tracked it down to the [limit of 180 concurrent jobs](https://docs.github.com/en/actions/reference/usage-limits-billing-and-administration) for an organization. To help be better citizens, I'm proposing changes across a few repositories that will reduce GitHub Actions hours and consumption. I hope these changes are reasonable and I'm happy to talk through them in more detail.
- Only run GitHub Actions for pushes and PRs against the main branch of the repository. If your team uses a forking model, this change will not affect you. If your team pushes branches to the repository directly, this changes actions to only run against the primary branches or if you open a Pull Request against a primary branch.
- For long-running jobs (especially tests), I added the "Cancel previous" workflow. This is very helpful to prevent a large queue backlog when you are doing rapid development and pushing multiple commits. Without this, GitHub Actions' default behavior is to run all actions on all commits.
There are other changes you could make, depending on your project (but I'm not an expert):
- If you have tests that should only run when a subset of code changes, consider gating your workflow to particular file paths. For example, we have some jobs that do Terraform linting, but [they only run when Terraform files are changed](c4f59fee71/.github/workflows/terraform.yml (L3-L11)).
Hopefully these changes are not too controversial and also hopefully you can see how this would reduce actions consumption to be good citizens to fellow Googlers. If you have any questions, feel free to respond here or ping me on chat. Thank you!
Annotates the findings of the various json-sanitizer fuzzers with
severities as follows:
* XSS: High
* Comment injection: Medium
* Invalid JSON: Low
* Failure to be idempotent: Not a security issue
* Undeclared exceptions: Not a security issue
This commit takes advantage of the support for severity markers in stack
traces introduced in https://github.com/google/clusterfuzz/pull/2270.
Nigel Tao