Commit Graph

4957 Commits

Author SHA1 Message Date
Niels Lohmann 899cf31255 Harden CI: validate PR artifact inputs, migrate off deprecated Semgrep action (#5232)
* Harden CI workflows: validate PR artifact inputs and migrate off deprecated Semgrep action

Address two CI/supply-chain hardening items from the 2026-07-03 security
audit:

- comment_check_amalgamation.yml (todo 117): the privileged `workflow_run`
  job consumes an untrusted PR artifact. Validate `author` against a strict
  GitHub-username pattern and `number` as a positive integer before use, and
  extract the artifact into a dedicated directory (`unzip -o pr.zip -d
  ./pr_artifact`), reading only the two expected files by fixed path. This
  prevents Markdown/mention injection via the attacker-controlled `author`
  text and avoids a malicious archive touching the workspace.

- semgrep.yml (todo 118): `returntocorp/semgrep-action` is deprecated (the
  org was renamed to `semgrep/*`). Replace it with an explicit `semgrep ci`
  invocation via the maintained CLI; the deployment is inferred from
  SEMGREP_APP_TOKEN.

Todo 116 (CIFuzz `@master` refs) already carries a comment documenting the
OSS-Fuzz-recommended exception, so no change is needed there.

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Fix Semgrep step: use `semgrep scan` instead of token-gated `semgrep ci`

The CI `Scan` job failed with "Path does not exist: semgrep.sarif" because
`semgrep ci` requires a login token (SEMGREP_APP_TOKEN), which this repo does
not have configured, so it bailed without producing a SARIF file. The former
returntocorp/semgrep-action, given no token, fell back to plain
`semgrep scan --sarif`; match that with `semgrep scan --config auto`, which
needs no token and always produces the SARIF for upload.

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-04 11:10:02 +02:00
Niels Lohmann c363dc3e4d Bump codeql-action to v4.36.3 and group future updates (#5230)
Bumps init/analyze/autobuild together (previously split across #5226,
#5227, #5228, which each failed CI due to a version mismatch between
the CodeQL config and the running action). Also adds a dependabot
group so future codeql-action bumps land in a single PR.

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-07-03 08:04:41 +02:00
Niels Lohmann 972f5cc10b Attach a ready-to-apply patch when the amalgamation check fails (#5229)
When a PR is not amalgamated/formatted, the astyle version friction (see
the recurring blocker across many PRs) means contributors often struggle
to reproduce the exact fix locally. The check now regenerates the
amalgamation and formatting, captures the difference as a patch, and
uploads it as the `amalgamation-patch` artifact. The failure comment
links to that artifact and tells contributors to run
`git apply amalgamation.patch`, so they no longer need to install the
pinned astyle version themselves.

The pass/fail verdict is unchanged: the same PRs fail as before, and a
correctly amalgamated PR uploads nothing and passes.

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-02 23:05:00 +02:00
dependabot[bot] 518c5c887a 🤜 Bump github/codeql-action/upload-sarif from 4.36.2 to 4.36.3 (#5225)
Bumps [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) from 4.36.2 to 4.36.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a)

---
updated-dependencies:
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 4.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-02 23:04:05 +02:00
Niels Lohmann c944317002 Add more compilers (#5220)
* 👷 add ipcx and nvc++

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix nvc++ build

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix nvc++ build

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 👷 add more MSVC images

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 👷 add more MSVC images

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-07-02 17:13:49 +02:00
Niels Lohmann 31dd15b258 Fix ambiguous static_cast (#5221)
* 🚷 fix ambiguous static_cast

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

*  add regression test

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix warning

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🎓 fix warning

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-07-02 17:13:04 +02:00
Niels Lohmann 8d7e0046f4 Add std::format and fmt support (#5224)
*  add std::format and fmt support

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* ♻️ reorganize PR

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🧛 fix build

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🧛 fix build

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🧛 fix build

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-07-02 15:59:36 +02:00
Niels Lohmann ca49ab6123 Extend value to arrays when using JSON pointers (#5223)
*  extend value to arrays when using JSON pointers

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🧛 avoid exceptions

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🧛 avoid exceptions

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-07-02 06:35:35 +02:00
Niels Lohmann 730b57775d 🚷 avoid assertion in patch (#5222) 2026-07-01 06:47:24 +02:00
Niels Lohmann 272411c5e6 Overwork project infrastructure (#5218)
* 📡 overwork project infrastructure

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix GCC16 issue

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix GCC16 issue

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 only build module for GCC

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix build

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 📡 fix documentation

Closes #5012: fix the error_handler_t::ignore wording

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 📡 fix documentation

Closes #4354: fix "Custom data source" example

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-06-30 18:09:06 +02:00
Cosmin D. adf78d3a76 Minor: unique_ptr template resolution workaround for MSVC (#5215)
Signed-off-by: drcosmin <cosmin.dr@pm.me>
2026-06-30 13:33:18 +02:00
Niels Lohmann b7566c6293 Harden JSON_HAS_RANGES detection for incomplete C++20 ranges implementations (#5161)
*  add regression test for #4440

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 exclude breaking libraries

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 exclude breaking libraries

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-06-30 13:33:01 +02:00
Niels Lohmann c5b2b26fdc 📡 fix docs (#5217) 2026-06-29 22:15:18 +02:00
risa2000 c37f82e563 Remove forced /Od flag in MSVC Release build. (#5216)
Add /wd4702 to disable warning C4702: unreachable code in MSVC Release build.

Signed-off-by: Richard Musil <risa2000x@gmail.com>
Co-authored-by: Richard Musil <risa2000x@gmail.com>
2026-06-28 17:39:07 +02:00
dependabot[bot] 25c58ac6bd Bump actions/checkout from 6.0.3 to 7.0.0 (#5213)
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 13:17:52 +02:00
dependabot[bot] 87f1eb436e Bump lukka/get-cmake from 4.3.3 to 4.3.4 (#5214)
Bumps [lukka/get-cmake](https://github.com/lukka/get-cmake) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/lukka/get-cmake/releases)
- [Changelog](https://github.com/lukka/get-cmake/blob/main/RELEASE_PROCESS.md)
- [Commits](https://github.com/lukka/get-cmake/compare/591817e96fcad43505fb4eae36172462abb3a42e...f5b8fbb4d77cec1acc5a5f9f0df4beffaf5d98d9)

---
updated-dependencies:
- dependency-name: lukka/get-cmake
  dependency-version: 4.3.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 13:17:19 +02:00
Niels Lohmann 969333b1cc 📡 add Java SE (#5212)
Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-06-23 13:16:18 +02:00
Niels Lohmann fc1df0b7db ♻️ remove unnecessary if (#5172)
Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-06-23 13:14:56 +02:00
Cosmin D. 02dfbea39d added explicit instantiations of 'has_from_json' and 'has_to_json' for std_fs::path (#5209)
* added explicit instantiations of 'has_from_json' and 'has_to_json' for std_fs::path;
Signed-off-by: drcosmin <cosmin.dr@pm.me>

* Fixed amalgamation

Signed-off-by: drcosmin <cosmin.dr@pm.me>

---------

Signed-off-by: drcosmin <cosmin.dr@pm.me>
2026-06-17 21:11:14 +02:00
Niels Lohmann a5f8e230ac Document number conversion (#5208)
* 📡 document number conversion

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 👷 fix CI

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-06-16 22:05:44 +02:00
dependabot[bot] d8ebaf61d7 Bump mkdocs-git-revision-date-localized-plugin in /docs/mkdocs (#5199)
Bumps [mkdocs-git-revision-date-localized-plugin](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/releases)
- [Commits](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/compare/v1.5.2...v1.5.3)

---
updated-dependencies:
- dependency-name: mkdocs-git-revision-date-localized-plugin
  dependency-version: 1.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-12 18:07:39 +02:00
dependabot[bot] a39f33b951 Bump actions/checkout from 6.0.2 to 6.0.3 (#5201)
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-11 09:41:52 +02:00
dependabot[bot] e4bdf1be72 Bump github/codeql-action from 4.36.0 to 4.36.2 (#5202)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...8aad20d150bbac5944a9f9d289da16a4b0d87c1e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-07 17:04:26 +02:00
dependabot[bot] d10879bca8 Bump lukka/get-cmake from 4.3.2 to 4.3.3 (#5192) 2026-05-26 07:20:57 +02:00
dependabot[bot] 484483acad Bump github/codeql-action from 4.35.5 to 4.36.0 (#5191)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.5 to 4.36.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/9e0d7b8d25671d64c341c19c0152d693099fb5ba...7211b7c8077ea37d8641b6271f6a365a22a5fbfa)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-22 20:16:56 +02:00
Swastik Bose 584e6b1cfb Fix: update() parent pointers not updated after recursive merge with JSON_DIAGNOSTICS (#5187)
* added fix for issue 4813

Signed-off-by: VasuBhakt <cpswastik31@gmail.com>

* added regression test for 4813

Signed-off-by: VasuBhakt <cpswastik31@gmail.com>

* moved test from unit-regression2 to unit-diagnostics

Signed-off-by: VasuBhakt <cpswastik31@gmail.com>

---------

Signed-off-by: VasuBhakt <cpswastik31@gmail.com>
2026-05-22 14:14:11 +02:00
dependabot[bot] a69a42a930 Bump step-security/harden-runner from 2.19.3 to 2.19.4 (#5188)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.19.3 to 2.19.4.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/ab7a9404c0f3da075243ca237b5fac12c98deaa5...9af89fc71515a100421586dfdb3dc9c984fbf411)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-21 22:20:29 +02:00
dependabot[bot] 77388b95fc Bump actions/stale from 10.2.0 to 10.3.0 (#5189)
Bumps [actions/stale](https://github.com/actions/stale) from 10.2.0 to 10.3.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/b5d41d4e1d5dceea10e7104786b73624c18a190f...eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: 10.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-21 22:20:05 +02:00
Miko e054d4df94 docs: Fix missing newline necessary in docs website (#5190)
* Fix missing newline necessary in docs website

Signed-off-by: Miko <110693261+mikomikotaishi@users.noreply.github.com>

* Remove std export mention, as it no longer applies

Signed-off-by: Miko <110693261+mikomikotaishi@users.noreply.github.com>

---------

Signed-off-by: Miko <110693261+mikomikotaishi@users.noreply.github.com>
2026-05-21 22:19:34 +02:00
dependabot[bot] d96329f8d6 Bump david-a-wheeler/flawfinder from 2.0.19 to 2.0.20 (#5184) 2026-05-19 07:13:57 +02:00
Niels Lohmann 1d7688aef2 optional: use #if instead of #ifndef in test, fixes #3859 (#5183)
Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-05-18 22:34:13 +02:00
Caillin Nugent 58cfecf7f7 Serialize enum (#5151)
* Added NLOHNMANN_JSON_SERIALIZE_ENUM_STRICT
- duplicate of NLOHMANN_JSON_SERIALIZE_ENUM

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* Added failing tests for NLOHMANN_JSON_SERIALIZE_ENUM_STRICT

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* modified NLOHMANN_JSON_SERIALIZE_STRICT to throw

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* added documentation and changed readme to include NLOHMANN_JSON_SERIALIZE_ENUM_STRICT

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* ran amalgamate

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* docs(macros): add page for JSON_SERIALIZE_ENUM_STRICT
- added page to nav
- added links to new page where appropriate

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* refactor(macros): make JSON_SERIALIZE_ENUM_STRICT use JSON_THROW
- added templated wrapper function to fix scope error in calling JSON_THROW

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* refactor(macros): make NLOHMANN_SERIALIZE_ENUM_STRICT use error code 410
- added error code 410 to docs

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* tests(macros): add test for to_json with enum value not mentioned
	       in mapping for NLOHMANN_JSON_SERIALIZE_ENUM_STRICT

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* Apply suggestions from code review

Co-authored-by: Niels Lohmann <niels.lohmann@gmail.com>
Signed-off-by: Caillin Nugent <nugentcaillin@gmail.com>

* fix(macro): prevent compilation error with -Werror and -Wunused-parameter
            with NLOHMANN_JSON_SERIALIZE_ENUM_STRICT
- casted exception to void to avoid warning

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* fix(docs): add link to NLOHMANN_SERIALIZE_ENUM_STRICT docs to exception page

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* docs(macros): add example of exception throwing for NLOHMANN_JSON_SERIALIZE_ENUM_STRICT

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

* refactor(macros): add more in-depth error message to NLOHMANN_JSON_SERIALIZE_ENUM_STRICT
- changed error message to follow style of nlohmann/json#4989
- made description of throw wrapper more general
- updated tests and example of exceptions

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>

---------

Signed-off-by: Caillin Nugent <caillinn@student.unimelb.edu.au>
Signed-off-by: Caillin Nugent <nugentcaillin@gmail.com>
Co-authored-by: Niels Lohmann <niels.lohmann@gmail.com>
2026-05-18 20:37:07 +02:00
Niels Lohmann 47202c804a Add missing overload to ordered_map::find (#5171)
* 🚷 add missing overload

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚶 fix amalgamation

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🚷 fix typo

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

* 🎓 fix warning

Signed-off-by: Niels Lohmann <mail@nlohmann.me>

---------

Signed-off-by: Niels Lohmann <mail@nlohmann.me>
2026-05-18 20:33:47 +02:00
Kirill Lokotkov 4e5fa3bdd2 Fix long double inf test under Valgrind. Fixes #5175 (#5176)
* Fix for printing long doubles bug in dump_float

When you use long double as a floating point type with the current version of this file and try to dump json it prints trash instead of actual number. This if-else fixes the problem. On using long double you just need to add an 'L' modifier before 'g' in format string.

Signed-off-by: Kirill Lokotkov <klokotkov@ya.ru>

* C++11 compatibility

Signed-off-by: Kirill Lokotkov <klokotkov@ya.ru>

* Shorter solution

Signed-off-by: Kirill Lokotkov <klokotkov@ya.ru>

* Applied amalgamate

Signed-off-by: rusloker <klokotkov@ya.ru>

* Add unit tests for `dump()` with `long double` in custom `basic_json`

Signed-off-by: rusloker <klokotkov@ya.ru>

* Fix UB in `snprintf_float` by using `%.*Lg` for `long double`

Signed-off-by: rusloker <klokotkov@ya.ru>

* Use `std::array` for `values` in serialization unit tests to improve type safety

Signed-off-by: rusloker <klokotkov@ya.ru>

* Fix brace initialization for `std::array` in serialization unit tests

Signed-off-by: rusloker <klokotkov@ya.ru>

* Remove comments in `snprintf_float` regarding `%Lg` usage

Signed-off-by: rusloker <klokotkov@ya.ru>

* Skip `long double` infinity dump assertions under Valgrind

Signed-off-by: rusloker <klokotkov@ya.ru>

* Clarify Valgrind bug-tracker reference in `long double` test

Signed-off-by: rusloker <klokotkov@ya.ru>

* Satisfy clang-tidy in `long double` infinity probe

Signed-off-by: rusloker <klokotkov@ya.ru>

---------

Signed-off-by: Kirill Lokotkov <klokotkov@ya.ru>
Signed-off-by: rusloker <klokotkov@ya.ru>
2026-05-17 08:27:06 +02:00
George Sedov cba5dc0ed8 New macros for the named JSON convertor generation (#4563)
* Add new macros for named conversions

* Unit tests for the named conversion macros

* Update the docs to include the new macros

* Fix the documentation for the macros

the correct maximum number of member variables is 63

* Fix CI tests

* update the named macros

* move the example files

* update the explicit macros expansion

* update documentation

* fix documentation hiccups

* astyle changes

* add static analysis exceptions

* change md header to explicit html to fit the length

* Small corrections to docs

Co-authored-by: Niels Lohmann <niels.lohmann@gmail.com>
Signed-off-by: George Sedov <radist.morse@gmail.com>

---------

Signed-off-by: George Sedov <radist.morse@gmail.com>
Co-authored-by: Niels Lohmann <niels.lohmann@gmail.com>
2026-05-16 10:04:22 +02:00
dependabot[bot] e08b3cab68 Bump step-security/harden-runner from 2.19.2 to 2.19.3 (#5173)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.19.2 to 2.19.3.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/9ca718d3bf646d6534007c269a635b3e54cadf99...ab7a9404c0f3da075243ca237b5fac12c98deaa5)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 20:59:12 +02:00
dependabot[bot] 65c52ae1c8 Bump github/codeql-action from 4.35.4 to 4.35.5 (#5174)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.4 to 4.35.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...9e0d7b8d25671d64c341c19c0152d693099fb5ba)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 20:59:03 +02:00
Kirill Lokotkov b1bb9fce0c Fix for printing long doubles bug in dump_float (#3929) 2026-05-15 19:25:16 +02:00
Hariom Phulre bb5404bb86 Fix GCC C++20 modules compilation #5103 (#5164)
* Fix: Add GCC diagnostic pragmas for C++ modules support (issue #5103)

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>

* Fix: GCC C++20 modules with __cplusplus >= 202002L check (#5103)

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>

* Fix: Remove indentation from nested preprocessor directives and disable astyle preprocessor indentation

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>

* Update amalgamated files with correct preprocessor directive indentation

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>

* Fix GCC build for issue #5103; refresh amalgamated header

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>

---------

Signed-off-by: hariomphulre <hariiomphullre@gmail.com>
2026-05-15 17:04:42 +02:00
dependabot[bot] 630beaeb05 Bump step-security/harden-runner from 2.19.1 to 2.19.2 (#5170)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.19.1 to 2.19.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/a5ad31d6a139d249332a2605b85202e8c0b78450...9ca718d3bf646d6534007c269a635b3e54cadf99)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 20:04:56 +02:00
Niels Lohmann 5a05627b1f 🎓 fix warning (#5169) 2026-05-14 15:39:18 +02:00
dependabot[bot] 85cb7ea9aa Bump mkdocs-git-revision-date-localized-plugin in /docs/mkdocs (#5168)
Bumps [mkdocs-git-revision-date-localized-plugin](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/releases)
- [Commits](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/compare/v1.5.1...v1.5.2)

---
updated-dependencies:
- dependency-name: mkdocs-git-revision-date-localized-plugin
  dependency-version: 1.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 09:14:25 +02:00
SamareshSingh 7192763f15 Fix compile error when using nlohmann ordered_map with WITH_DEFAULT macros (#5163)
* Fix compile error when using nlohmann ordered_map with WITH_DEFAULT macros

ordered_map inherits its copy and move assignment from the underlying std vector, which requires value_type to be CopyAssignable. value_type is pair<const Key, T> whose assignment is deleted because of the const Key, so any code that assigns ordered_map (for example the ternary in NLOHMANN_JSON_FROM_WITH_DEFAULT) fails to compile (issue #5122). Provide assignment operators on ordered_map that rebuild via clear plus push_back for copy and transfer the underlying buffer for move, neither of which needs pair assignment. Also switch the map-shaped from_json overload from a transform plus inserter idiom to a range-for plus emplace, which avoids the same hazard.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Update ordered_map.hpp

removed unwanted comments

Signed-off-by: SamareshSingh <97642706+ssam18@users.noreply.github.com>
Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Update json.hpp

Signed-off-by: SamareshSingh <97642706+ssam18@users.noreply.github.com>
Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Address CI issues for ordered_map fix

Declare an explicit defaulted destructor on ordered_map so the rule of five is complete (clang-tidy cppcoreguidelines-special-member-functions and hicpp-special-member-functions). Initialize the ordered_map field in the regression test struct so GCC effective-C++ stops flagging Example_5122 with a missing member initializer.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Suppress redundant-member-init lint on Example_5122::c

The empty brace-init on c{} is required by GCC -Weffc++ to mark the member as initialized in the synthesized default constructor, but clang-tidy readability-redundant-member-init flags the same line because ordered_map already has a default constructor. The two checks pull in opposite directions, so add a targeted NOLINT to keep both happy.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Address review: strong exception safety in copy-assign, simplify move-assign noexcept

Copy assignment now constructs a temporary copy before move-assigning the
Container subobject, preserving *this if the copy throws. Move assignment
uses std::is_nothrow_move_assignable<Container> for a cleaner noexcept
specifier, matching the style of the move constructor.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Restore self-assignment check in copy-assign to satisfy cert-oop54-cpp

clang-tidy's cert-oop54-cpp flagged the previous revision because it could
not recognize the implicit self-safety of the copy-then-move pattern.
Restore the explicit `if (this != &other)` guard — strong exception safety
is preserved since the temporary copy is still constructed before the
move-assign of the Container subobject.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Address review: add explicit self-assignment and move-assignment tests for ordered_map

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Address review: gate -Wself-assign-overloaded suppression on Clang version

-Wself-assign-overloaded was introduced in Clang 7. Older Clang versions fail the build with "unknown warning group" when the suppression pragma references it unconditionally. Use __has_warning inside an __clang__ branch so the suppression is only emitted on Clang versions that recognize the warning. The inner check stays inside the __clang__ guard because GCC does not provide __has_warning and would tokenize-error on the argument list.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Address CI: drop unused gating macro to silence -Wunused-macros

The previous attempt defined JSON_TEST_5122_SUPPRESS_SELF_ASSIGN_OVERLOADED
as 0 unconditionally and then overrode it to 1 on Clang versions that recognize the warning. On those Clangs the initial define is immediately
undef'd without being read, which trips Clang's -Wunused-macros under -Weverything in the ci_test_clang job. Drop the macro and gate the
DOCTEST_CLANG_SUPPRESS_WARNING_PUSH/POP pragmas directly with __has_warning inside the existing __clang__ branch.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

---------

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>
Signed-off-by: SamareshSingh <97642706+ssam18@users.noreply.github.com>
2026-05-14 08:54:24 +02:00
Akhilesh Arora 93e49decbd Fix incomplete-type error in set_parents with ordered_json (#5167)
When iteration_proxy_value<iter_impl<ordered_json>> appears in a context
that requires it to be complete (function or lambda parameter), the
compiler instantiates basic_json<ordered_map> and walks into

    set_parents(iterator, typename iterator::difference_type)

while iterator is still incomplete, failing with "invalid use of
incomplete type".

basic_json::difference_type is already std::ptrdiff_t, so just naming
the underlying type directly avoids the dependent lookup. Behavior and
ABI are unchanged. This was the approach suggested in the issue thread.

Added a regression case in unit-ordered_json.cpp using the same trigger
pattern (lambda parameter naming the proxy type).

Fixes #3732

Signed-off-by: Akhilesh Arora <akhildawra@gmail.com>
2026-05-14 08:52:39 +02:00
trdesilva a0a4e7cc0b Add front methods to json_pointers (implements #4889) (#5152)
* Added front, pop_front, and push_front methods to json_pointers in order to facilitate root-to-leaf traversals of JSON object trees. (#4889)

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>

* undid VS autoformatting in irrelevant code

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>

* Ran make amalgamate, added navigation to json_pointer's new front methods in mkdocs, and fixed errors in documented complexity for those methods.

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>

* Fixed GCC 4.8 compile error caused by const iterators

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>

* Fixed another gcc-4.8 compile error

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>

* amalgamated

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>

---------

Signed-off-by: trdesilva <5818730+trdesilva@users.noreply.github.com>
2026-05-13 07:59:16 +02:00
dependabot[bot] 216c50365e Bump peaceiris/actions-gh-pages from 4.0.0 to 4.1.0 (#5166) 2026-05-13 07:23:10 +02:00
dependabot[bot] f0bf4c731a Bump actions/dependency-review-action from 4.9.0 to 5.0.0 (#5165)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.9.0 to 5.0.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-12 10:25:16 +02:00
Swastik Bose 4fad446897 docs: add IDs to @requirement tags to fix Doxygen autolinking (#5162)
Signed-off-by: Swastik Bose <cpswastik31@gmail.com>
2026-05-10 11:37:41 +02:00
Klaim (Joël Lamotte) e0f8cdfb7f build2 integration doc update (#4587)
* build2 integration doc update

Signed-off-by: Joël Lamotte <mjklaim@gmail.com>
Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* completed build2 instructions and examples

Signed-off-by: Joël Lamotte <mjklaim@gmail.com>
Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* added missing build2 buildfile

Signed-off-by: Joël Lamotte <mjklaim@gmail.com>
Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* improvments/simplifications on build2 examples

Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* removed just (rebase issue)

Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* fixed removed trailing whitespace from the rebase

Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* fixed typo and improved wording

Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

* fixed indentation/formatting and typos

Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>

---------

Signed-off-by: Joël Lamotte <mjklaim@gmail.com>
Signed-off-by: Klaim (Joël Lamotte) <142265+Klaim@users.noreply.github.com>
2026-05-09 11:00:12 +02:00
SamareshSingh 62f3b41b30 fix: treat single-element brace-init as copy/move instead of wrapping in array (#5074) (#5090)
* fix: treat single-element brace-init as copy/move

When passing a json value using brace initialization with a single element
(e.g., `json j{someObj}` or `foo({someJson})`), C++ always prefers the
initializer_list constructor over the copy/move constructor. This caused
the value to be unexpectedly wrapped in a single-element array.

This bug was previously compiler-dependent (GCC wrapped, Clang did not),
but Clang 20 started matching GCC behavior, making it a universal issue.

Fix: In the initializer_list constructor, when type deduction is enabled
and the list has exactly one element, copy/move it directly instead of
creating a single-element array.

Before:
  json obj = {{"key", 1}};
  json j{obj};   // -> [{"key":1}]  (wrong: array)
  foo({obj});    // -> [{"key":1}]  (wrong: array)

After:
  json j{obj};   // -> {"key":1}   (correct: copy)
  foo({obj});    // -> {"key":1}   (correct: copy)

To explicitly create a single-element array, use json::array({value}).

Fixes the issue #5074

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* fix: regenerate amalgamated single_include/nlohmann/json.hpp

- Add missing comment from include/nlohmann/json.hpp explaining the
  single-element brace-init fix (issue #5074)
- Fix extra 4-space indentation in embedded json_fwd.hpp section

Regenerated by running: make amalgamate

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Revert brace-init semantics change and fix amalgamation

The single-element brace-init change was a breaking change that cannot be accepted upstream. Reverted all related source, test, and doc changes, then regenerated single_include with correct indentation to pass the amalgamation CI check.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* Fix: add JSON_BRACE_INIT_COPY_SEMANTICS opt-in macro for issue #5074

Single-element brace initialization wrapping in an array cannot be fixed without breaking existing code. Added JSON_BRACE_INIT_COPY_SEMANTICS as an opt-in macro (default 0) so users can enable copy/move semantics for single-element brace init without affecting anyone relying on the current behavior.

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* docs: add dedicated macro page and CI test target for JSON_BRACE_INIT_COPY_SEMANTICS

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* fix: remove compiler-dependent assertions from #5074 regression test

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* fix: use defined() guard for JSON_BRACE_INIT_COPY_SEMANTICS to satisfy -Wundef

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* docs: fix section name in json_brace_init_copy_semantics.md to pass style check

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

* docs: move Default definition section before Notes to fix style check order

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>

---------

Signed-off-by: Samaresh Kumar Singh <ssam3003@gmail.com>
2026-05-08 08:20:24 +02:00