Scan code with HLint for GitHub, v1.0.0

For anyone who has code on GitHub, there is a new code scanning GitHub action using HLint, which uploads results from HLint to GitHub code scanning dashboards:

It can track issues in Haskell code that HLint may suggest improvements for in GitHub’s code scanning dashboards. The action can also serve as a status check for pull requests, and could arguably provide a nicer interface for contributors to inspect what issues their code may have.

This is what a code scanning dashboard with issues reported by HLint looks like:

GitHub code scanning is able to display the file and lines where the issue is located, and it shows the message explaining the issue and possible improvements as suggested by HLint.

I hope this proves useful to those maintaining Haskell code on GitHub.

Side note

HLint has recently incorporated support for SARIF output, which is an open format that GitHub uses to receive static analysis results. However, GitHub code scanning has a few idiosyncracies which make its use of the output directly from HLint somewhat janky. This is why haskell-actions/hlint-scan does some amount of rewriting of the SARIF output from HLint before uploading it to GitHub code scanning, despite the SARIF output being fine on its own.

There was no way I was going to lose my sanity trying to do this as a shell script, and I was not very interested in learning JavaScript to implement the action. For this reason, this ended up being a GitHub Docker container action written in Haskell; it might be an example to look at for anyone else interested in creating similar GitHub actions with Haskell.

18 Likes

Great project! :clap:

I already can see how it’ll make Haskell more approachable for OSS contributors. Maybe I can even integrate this action in the exercises of my Haskell course to have a helpful code reviewing assistant :eyes:

2 Likes

Cool! Could it make sense for haskell-ci to use this action instead of how it currently simply shells out to hlint?

1 Like

Could it make sense for haskell-ci to use this action instead of how it currently simply shells out to hlint?

I have no say in the matter, and it’s my biased opinion, but I think yes! :smirk:

1 Like