Use reusable workflows

[soumeh01]

Checklist

• 🤖 This change is covered by unit tests (if applicable).
• 🤹 Manual testing has been performed (if necessary).
• 🛡️ Security impacts have been considered (if relevant).
• 📖 Documentation updates are complete (if required).
• 🧠 Third-party dependencies and TPIP updated (if required).

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/EnricoMi/publish-unit-test-result-action/linux	3a74b2957438d0b6e2e61d67b05318aa25c9e6c6	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 2 Found 6/30 approved changesets -- score normalized to 2 Maintained 🟢 4 2 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected Vulnerabilities ⚠️ 0 15 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
actions/Open-CMSIS-Pack/workflows-and-actions-collection/.github/workflows/build-and-verify.yml	1.0.0	Unknown	Unknown
actions/actions/download-artifact	634f93cb2916e3fdff6788551b99b062d0335ce0	🟢 5.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 11 existing vulnerabilities detected
actions/step-security/harden-runner	ec9f2d5744a09debf3a187a3f4f675c53b671911	🟢 8.7	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 6 out of 6 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 6 project has 2 contributing companies or organizations -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 20 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool detected but not run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
actions/Open-CMSIS-Pack/workflows-and-actions-collection/.github/workflows/markdown-lint.yml	1.0.0	Unknown	Unknown
actions/Open-CMSIS-Pack/workflows-and-actions-collection/.github/workflows/build-and-verify.yml	1.0.0	Unknown	Unknown
actions/Open-CMSIS-Pack/workflows-and-actions-collection/.github/workflows/update-workflow.yml	1.0.0	Unknown	Unknown

Scanned Files

• .github/workflows/build.yml
• .github/workflows/ci.yml
• .github/workflows/markdown.yml
• .github/workflows/release.yml
• .github/workflows/test.yml
• .github/workflows/update-workflows.yml

[github-actions]

Test Results

  6 files  +  2   30 suites  +10   1s ⏱️ -1s
 78 tests ±  0   78 ✅ ±  0  0 💤 ±0  0 ❌ ±0 
468 runs  +156  468 ✅ +156  0 💤 ±0  0 ❌ ±0 

Results for commit f824dd1. ± Comparison against base commit c5268c9.

♻️ This comment has been updated with latest results.