hauleth
MixMachine - machine-readable output for Mix
Recently I have published new version of mix_unused and now there is new project that improves compilation of Elixir projects.
https://github.com/hauleth/mix_machine
This is a library that provides new Mix command - mix compile.machine that, in addition to compiling your project as it was done by “regular” mix compile, will produce report file (by default report.json) that will contain report in one of the two supported formats:
- SARIF - this is default
- CodeClimate
This is useful, as SARIF is format used by GitHub Code Scanning feature, which will produce reports available from the GitHub “Security” tab. CodeClimate is format used by GitLab for similar purposes.
This works by utilising the diagnostics produced by different compilers, so as long as your additional compilers support this feature, these will be included in these reports. Tools that for sure support this feature are @sasajuric boundary and mentioned earlier mix_unused.
Disclaimer - I haven’t yet tested the GitLab, and I do not know how to setup automatic CI for that, as GitLab do not support CI pipelines for remote projects in their public service and I do not want to pay for the self-hosted version to just test that. I will test it in my side projects hosted on the GitLab, but for now there is no automatic testing. So unfortunately GitLab support currently is a little bit second class.
Most Liked
axelson
axelson
hauleth
Yeah, sure. I am still working on the documentation (PRs are welcome). The example is exactly in the same repo (just not properly documented) as it is used for testing whether the SARIF output is properly ingested by GitHub. Whole process is as simple as replacing mix compile with mix compile.machine and then using github/codeql-action/upload-sarif@v1:
- name: Compile
run: mix compile.machine
- uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: report.json
Popular in Announcing
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #elixirconf-us
- #advent-of-code
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #hex










