name: Lint
on:
  pull_request:
    paths:
      - "**"
      - "!mkdocs.yml"
      - "!docs/**"
      - "!*.md"

jobs:
  lint:
    strategy:
      fail-fast: false
      matrix:
        os: [ubuntu-24.04]
    runs-on: ${{ matrix.os }}
    timeout-minutes: 10
    steps:
      - uses: actions/checkout@v4

      - name: Cache for pip
        uses: actions/cache@v3
        with:
          path: ~/.cache/pip
          key: ${{ matrix.os }}-cache-pip

      - name: Install latest uv
        uses: astral-sh/setup-uv@v6
        with:
          version: "latest"

      - name: Install dependencies
        run: |
          sudo apt install -y shfmt curl
          uv sync --group lint --group dev

      - name: Run linters
        run: |
          git diff-index --quiet HEAD -- pwndbg tests
          ./lint.sh

      # The PR must not contain any mypy errors
      - name: Run mypy
        uses: tsuyoshicho/action-mypy@v4
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          # Change reviewdog reporter if you need [github-pr-check,github-check,github-pr-review].
          reporter: github-pr-check
          # Change reporter level if you need.
          # GitHub Status Check won't become failure with warning.
          level: error
          # Change the current directory to run mypy command.
          # mypy command reads setup.cfg or other settings file in this path.
          execute_command: uv run --group dev --group lint --group tests --all-extras mypy
          install_types: false
          target: pwndbg pwndbginit tests/host
          filter_mode: nofilter
          fail_on_error: true

      # The PR must not contain more mypy --strict errors than the dev branch does
      - name: Count strict mypy errors in PR branch
        id: mypy_pr
        run: |
          set +e
          uv run --group dev --group lint --group tests --all-extras mypy --strict pwndbg pwndbginit tests/host > mypy_pr.txt 2>&1
          echo "exit_code=$?" >> $GITHUB_OUTPUT
          ERRORS=$(grep -c "error:" mypy_pr.txt || true)
          echo "count=$ERRORS" >> $GITHUB_OUTPUT
          echo "PR mypy (--strict) errors: $ERRORS"
        continue-on-error: true

      - name: Check out dev branch
        run: |
          git fetch origin dev
          git checkout origin/dev

      - name: Count strict mypy errors in dev branch
        id: mypy_dev
        run: |
          set +e
          uv run --group dev --group lint --group tests --all-extras mypy --strict pwndbg pwndbginit tests/host > mypy_dev.txt 2>&1
          echo "exit_code=$?" >> $GITHUB_OUTPUT
          ERRORS=$(grep -c "error:" mypy_dev.txt || true)
          echo "count=$ERRORS" >> $GITHUB_OUTPUT
          echo "Dev mypy (--strict) errors: $ERRORS"
        continue-on-error: true

      - name: Compare mypy error counts
        run: |
          PR_ERRORS=${{ steps.mypy_pr.outputs.count }}
          DEV_ERRORS=${{ steps.mypy_dev.outputs.count }}

          echo "PR errors: $PR_ERRORS"
          echo "Dev errors: $DEV_ERRORS"

          if [ "$PR_ERRORS" -gt "$DEV_ERRORS" ]; then
            echo "This PR introduces more \`mypy --strict\` errors than are present on the dev branch."
            echo "You may run \`uv run mypy --strict file/you/modified\` to diagnose where the issue lies."
            echo "Ideally, a python type checker (mypy/pyright/ty/pyrefly etc..) should be running in your editor."
            exit 1
          else
            echo "This PR does not introduce any more \`mypy --strict\` errors than there are on the dev branch."
          fi