{"id":32596166,"url":"https://github.com/cwtools/cwtools-action","last_synced_at":"2025-10-30T04:57:53.235Z","repository":{"id":65159406,"uuid":"222281213","full_name":"cwtools/cwtools-action","owner":"cwtools","description":"Run CWTools on your Clausewitz mod PDXScript code in parallel to your builds thanks to GitHub Actions.","archived":false,"fork":false,"pushed_at":"2023-03-10T03:40:32.000Z","size":193,"stargazers_count":14,"open_issues_count":4,"forks_count":6,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-10-20T00:07:08.532Z","etag":null,"topics":["action","actions","crusader-kings-2","crusader-kings-ii","crusaders-kings-2","cwtools","europa-universalis-4","europa-universalis-iv","hearts-of-iron-4","hearts-of-iron-iv","heartsofiron4","imperatorrome","modding","modding-tools","paradox-interactive","paradoxgame","stellaris"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cwtools.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-11-17T16:55:50.000Z","updated_at":"2025-10-16T18:25:35.000Z","dependencies_parsed_at":"2024-06-21T20:22:53.525Z","dependency_job_id":"51678189-dc1c-4d38-bef7-91b0fc448b1c","html_url":"https://github.com/cwtools/cwtools-action","commit_stats":{"total_commits":211,"total_committers":3,"mean_commits":70.33333333333333,"dds":0.2274881516587678,"last_synced_commit":"a729d740ba1fbb71c799b65850730328a7bacb5c"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/cwtools/cwtools-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cwtools%2Fcwtools-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cwtools%2Fcwtools-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cwtools%2Fcwtools-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cwtools%2Fcwtools-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cwtools","download_url":"https://codeload.github.com/cwtools/cwtools-action/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cwtools%2Fcwtools-action/sbom","scorecard":{"id":313709,"data":{"date":"2025-08-11","repo":{"name":"github.com/cwtools/cwtools-action","commit":"a729d740ba1fbb71c799b65850730328a7bacb5c"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.8,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 1/16 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating cwtools/cwtools-action:latest to cwtools/cwtools-action:latest@sha256:087ad88ad98b96e876cc799f5c900e5586e19adf1b5511cf7e7d5ab03ed80311","Warn: downloadThenRun not pinned by hash: lib/gitlab_setup.sh:15","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 16 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T23:41:49.005Z","repository_id":65159406,"created_at":"2025-08-17T23:41:49.005Z","updated_at":"2025-08-17T23:41:49.005Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281748722,"owners_count":26554822,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-30T02:00:06.501Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["action","actions","crusader-kings-2","crusader-kings-ii","crusaders-kings-2","cwtools","europa-universalis-4","europa-universalis-iv","hearts-of-iron-4","hearts-of-iron-iv","heartsofiron4","imperatorrome","modding","modding-tools","paradox-interactive","paradoxgame","stellaris"],"created_at":"2025-10-30T04:57:47.851Z","updated_at":"2025-10-30T04:57:53.224Z","avatar_url":"https://github.com/cwtools.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CWTools Action\n\nRun CWTools on your Clausewitz mod PDXScript code in parallel to your builds.\n\nIf CWTools finds errors, warnings or suggestions in the mod code then they will be output.\n\nIt will also insert them as inline feedback into your PRs (\"Files changed\" tab):\n\n![pr_example](./etc/cwtools_pr_example.png)\n\n## Setup\n\n**GitHub:** Can't use GitHub? Click [here](#gitlab) for GitLab installation instructions .\n\nIn most cases, no setup is required beyond adding the following workflow yml file to your project (`.github/workflows` folder) and setting the correct game. See below for advanced configuration and an explanation of the tools used.\n\nThe following games require no further setup:\n\n- HOI4\n- Stellaris\n\n### Example workflow yml\n\n```yml\nname: CWTools CI\n\non: [pull_request, push] # other events may work but are not supported\n\njobs:\n  cwtools_job:\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions/checkout@v1 # required\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required, secret is automatically set by github\n\n```\n\nThis action will create a new job called \"CWTools\", which will be used to annotate your code. Its success or failure state depends on the CWTools output.\n\nThe full `output.json` log is saved to `$GITHUB_WORKSPACE`, and can be recovered with [actions/upload-artifact](https://github.com/actions/upload-artifact).\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n    - name: Upload artifact\n      if: always() # so even if the check fails, the log is uploaded\n      uses: actions/upload-artifact@v1.1.0\n      with:\n        name: cwtools_output\n        path: output.json\n```\n\n## Configuration\n\n### game (required)\n\nWhat game to use. Allowed values: `hoi4`, `ck2`, `eu4`, `ir`, `stellaris`, `vic2`.\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### modPath (optional)\n\nPath to the mod folder in `$GITHUB_WORKSPACE` (root of repository). (Default: \"\" - root of repository itself)\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        modPath: \"mod_folder\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### cache (optional)\n\nPath to the full cache file (`cwb.bz2`) in `$GITHUB_WORKSPACE` (root of repository). Use an empty string to use metadata from cwtools/cwtools-cache-files (Default: use metadata)\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        cache: \"cache/hoi4.cwb.bz2\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### locLanguages (optional)\n\nWhich languages to check localisation for, space separated, lowercase (eg. `english spanish russian`). Note: May be different from game to game. (Default: `english`)\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        locLanguages: \"english spanish russian\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### vanillaMode (optional)\n\nWhether to not use cache, and instead treat the project as a vanilla game installation folder - if you are a modder, you probably should not be using this. If True, cache input will be ignored (Default: False, set to anything other than 0 or blank for True)\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        vanillaMode: \"1\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### rules (optional)\n\nWhat rules repository to use (Default: `https://github.com/cwtools/cwtools-$INPUT_GAME-config.git`)\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        rules: \"https://github.com/Yard1/cwtools-hoi4-config.git\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### rulesRef (optional)\n\nWhat ref on rules repo to checkout (Default: `master`)\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        rulesRef: \"1.0.0\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### changedFilesOnly (optional)\n\nBy default will only annotate changed files in a push or a pull request. In order to annotate all files set `changedFilesOnly` input to `\"0\"`.\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        changedFilesOnly: \"0\"\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### suppressedOffenceCategories (optional)\n\nYou can choose to suppress annotations with chosen CWTools offence category IDs (`CW###`) per GitHub severity type (failure, warning, notice).\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        suppressedOffenceCategories: '{\"failure\":[\"CW110\", \"CW210\"], \"warning\":[], \"notice\":[]}' # will suppress CW110 and CW210 category failures, but will show those for warnings and notices\n      env:\n        default: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### suppressedFiles (optional)\n\nYou can choose to suppress annotations completely in certain files. Use paths from root of repository, make sure to have no trailing whitespace. Globbing is not supported.\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        suppressedFiles: '[\"common/scripted_effects/my_effects.txt\", \"events/EventFile.txt\"]' # will completely suppress any annotations in those two files\n      env:\n        default: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### CWToolsCLIVersion (optional)\n\nWhich CWTools.CLI version to use (Default: latest stable).\n\n```yml\n    - uses: cwtools/cwtools-action@v1.1.0\n      with:\n        game: hoi4\n        CWToolsCLIVersion: '0.0.7'\n      env:\n        default: ${{ secrets.GITHUB_TOKEN }}\n```\n\n## GitLab\n\n**Due to limitations with GitLab, this currently only works for merge requests to master**\n\n[](gitlab)Running this action on GitLab is a bit more involved, requiring the creation of a bot account. It is also limited to providing comments on pull requests as shown here:\n\n![GitLab example](etc/cwtools_gitlab_pr_example.png)\n\n### Setting up the bot account\n\n1. Create a new GitLab account for this \"bot\" and give it \"Reporter\" access to your project.\n2. Log into the account, browse to [the Personal Access Token page](https://gitlab.com/profile/personal_access_tokens) and generate a PAT with \"api\" scope. Make a note of the token.\n3. Log back into your primary account.\n4. Browse to your Project and go to \"Settings\", \"CI / CD\", and open the section \"Variables\".\n5. Create a variable called \"REVIEWDOG_GITLAB_API_TOKEN\". Put the PAT generated above as the Value, then set it as \"Masked\" but **not** Protected.\n6. Press \"Save variables\".\n\n**Please note:** This PAT gives access to all projects the bot can access. If somebody gets access to your pipeline logs, it's possible (although not likely) that they could access the token.\n\n### Configuring gitlab-ci\n\n1. In the root of your project create a file called `.gitlab-ci.yml`\n2. Copy the contents of the example file [GitLab_CWToolsCI.yml](examples/GitLab_CWToolsCI.yml), found in /examples, into it.\n3. Configure the variables if desired (see above).\n4. Create a merge request and check it works!\n\n#### GitLab self-hosted\n\nIf you're running your own instance of GitLab, you'll need to set the following two variables in addition to those in the default template:\n\n```\n - GITLAB_API: \"https://example.gitlab.com/api/v4\"\n - REVIEWDOG_INSECURE_SKIP_VERIFY: true\n```\n\n## How this works\n\n[CWTools](https://github.com/tboby/cwtools) is a .NET library that provides features to analyse and manipulate the scripting language used in Paradox Development Studio's games (PDXScript). This is mainly used in a VS Code extension, [cwtools-vscode](https://marketplace.visualstudio.com/items?itemName=tboby.cwtools-vscode). CWTools also provides a CLI tool [CWTools.CLI](https://www.nuget.org/packages/CWTools.CLI/) to allow automated anaylsis, which is what this action relies on.\n\nThis action relies on two things:\n\n1. A set of valiation rules written for the game your mod is for\n2. A cache file containing key information from vanilla files\n\n### Validation rules\n\nThe validation rules are taken from the master branch of the public repository for the game, e.g. [https://github.com/cwtools/cwtools-hoi4-config](https://github.com/cwtools/cwtools-hoi4-config). The settings `rules` and `rulesRef` can be used to specify an alternative repo, or to stay on an old version of the rules.\n\n### Vanilla cache file\n\nIn order to validate correctly, CWTools requires certain data from the vanilla game files such as defined localisation, variables, etc. There are two formats of cache file:\n\n#### Metadata only\n\nThe metadata format contains a limited set of information from vanilla, enough to run the main validator. For convenience CWTools automatically generates these metadata cache files for the latest public rules and latest version of each game. These are found [here](https://github.com/cwtools/cwtools-cache-files) and are used by default in this action (please note that not all games may be supported yet).\n\n#### Full\n\nThe full format contains a more details, processed, version of the vanilla script files. This is required in order to provide accurate validation taking load order and file overrides into account. This is the same format used by cwtools-vscode. We do not provide these files, however this action can be configured to use them.\n\n## Credits\n\nCreated by Antoni Baum ([Yard1](https://github.com/Yard1)).\n\nUsing [tboby/cwtools](https://github.com/tboby/cwtools).\n\nBased on [gimenete/rubocop-action](https://github.com/gimenete/rubocop-action) by Alberto Gimeno.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcwtools%2Fcwtools-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcwtools%2Fcwtools-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcwtools%2Fcwtools-action/lists"}