Merge remote-tracking branch 'refs/remotes/origin/main' into update-drag-and-drop

# Conflicts:
#	gradle/libs.versions.toml

Author: Rob Orgiu

.editorconfig

@@ -5,3 +5,13 @@
 ij_kotlin_allow_trailing_comma=true
 ij_kotlin_allow_trailing_comma_on_call_site=true
 ktlint_function_naming_ignore_when_annotated_with=Composable, Test
+ktlint_standard_backing-property-naming = disabled
+ktlint_standard_binary-expression-wrapping = disabled
+ktlint_standard_chain-method-continuation = disabled
+ktlint_standard_class-signature = disabled
+ktlint_standard_condition-wrapping = disabled
+ktlint_standard_function-expression-body = disabled
+ktlint_standard_function-literal = disabled
+ktlint_standard_function-type-modifier-spacing = disabled
+ktlint_standard_multiline-loop = disabled
+ktlint_standard_function-signature = disabled

.github/ci-gradle.properties

@@ -17,6 +17,8 @@
 org.gradle.daemon=false
 org.gradle.parallel=true
 org.gradle.workers.max=2
+org.gradle.configuration-cache=true
+org.gradle.configuration-cache.parallel=true
 
 kotlin.incremental=false
 

.github/dependabot.yml

@@ -0,0 +1,14 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "local>android/.github:renovate-config"
+  ],
+  "baseBranches": [
+    "main"
+  ],
+  "gitIgnoredAuthors": [
+    "renovate[bot]@users.noreply.github.com",
+    "github-actions[bot]@users.noreply.github.com",
+    "41898282+github-actions[bot]@users.noreply.github.com"
+  ]
+}

.github/renovate.json

@@ -18,20 +18,14 @@ jobs:
     permissions:
       contents: write
       pull-requests: write
+      security-events: write
 
     timeout-minutes: 60
 
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Enable KVM group perms
-        run: |
-          echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
-          sudo udevadm control --reload-rules
-          sudo udevadm trigger --name-match=kvm
-          ls /dev/kvm
-
       - name: Copy CI gradle.properties
         run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties
 
@@ -43,15 +37,11 @@ jobs:
 
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v4
-
-      - name: Setup Android SDK
-        uses: android-actions/setup-android@v3
-
-      - name: Accept licenses
-        run: yes | sdkmanager --licenses || true
+        with:
+          cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
 
       - name: Check build-logic
-        run: ./gradlew check -p build-logic
+        run: ./gradlew :build-logic:convention:check
 
       - name: Check spotless
         run: ./gradlew spotlessCheck --init-script gradle/init.gradle.kts --no-configuration-cache
@@ -93,7 +83,9 @@ jobs:
         continue-on-error: false
         if: steps.screenshotsverify.outcome == 'failure' && github.event.pull_request.head.repo.full_name != github.repository
         run: |
-          echo "::error::Screenshot tests failed, please create a PR in your fork first." && exit 1
+          echo "::error::Screenshot tests failed, please create a PR in your fork first." 
+          echo "Your fork's CI will take screenshots for your fork."
+          exit 1
 
       # Runs if previous job failed
       - name: Generate new screenshots if verification failed and it's a PR
@@ -114,19 +106,8 @@ jobs:
       - name: Run local tests
         run: ./gradlew testDemoDebug :lint:test
 
-      - name: Setup GMD
-        run: ./gradlew :benchmarks:pixel6Api33Setup
-          --info
-          -Pandroid.experimental.testOptions.managedDevices.emulator.showKernelLogging=true
-          -Pandroid.testoptions.manageddevices.emulator.gpu="swiftshader_indirect"
-
       - name: Build all build type and flavor permutations
-        run: ./gradlew :app:assemble :benchmarks:assemble -Pandroidx.baselineprofile.skipgeneration
-          -Pandroid.testoptions.manageddevices.emulator.gpu="swiftshader_indirect"
-          -Pandroid.experimental.testOptions.managedDevices.emulator.showKernelLogging=true
-          -Pandroid.experimental.androidTest.numManagedDeviceShards=1
-          -Pandroid.experimental.testOptions.managedDevices.maxConcurrentDevices=1
-          -Pandroid.experimental.testOptions.managedDevices.setupTimeoutMinutes=5
+        run: ./gradlew :app:assemble
 
       - name: Upload build outputs (APKs)
         uses: actions/upload-artifact@v4
@@ -135,14 +116,14 @@ jobs:
           path: '**/build/outputs/apk/**/*.apk'
 
       - name: Upload JVM local results (XML)
-        if: always()
+        if: ${{ !cancelled() }}
         uses: actions/upload-artifact@v4
         with:
           name: local-test-results
           path: '**/build/test-results/test*UnitTest/**.xml'
 
       - name: Upload screenshot results (PNG)
-        if: always()
+        if: ${{ !cancelled() }}
         uses: actions/upload-artifact@v4
         with:
           name: screenshot-test-results
@@ -152,12 +133,18 @@ jobs:
         run: ./gradlew :app:lintProdRelease :app-nia-catalog:lintRelease :lint:lint
 
       - name: Upload lint reports (HTML)
-        if: always()
+        if: ${{ !cancelled() }}
         uses: actions/upload-artifact@v4
         with:
           name: lint-reports
           path: '**/build/reports/lint-results-*.html'
 
+      - name: Upload lint reports (SARIF)
+        if: ${{ !cancelled() && hashFiles('**/*.sarif') != '' }}
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: './'
+
       - name: Check badging
         run: ./gradlew :app:checkProdReleaseBadging
 
@@ -166,7 +153,7 @@ jobs:
     timeout-minutes: 55
     strategy:
       matrix:
-        api-level: [26, 30]
+        api-level: [26, 34]
 
     steps:
       - name: Delete unnecessary tools 🔧
@@ -202,8 +189,7 @@ jobs:
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v4
         with:
-          validate-wrappers: true
-          gradle-home-cache-cleanup: true
+          cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
 
       - name: Build projects and run instrumentation tests
         uses: reactivecircus/android-emulator-runner@v2
@@ -226,7 +212,7 @@ jobs:
         run: ./gradlew createDemoDebugCombinedCoverageReport
 
       - name: Upload test reports
-        if: always()
+        if: ${{ !cancelled() }}
         uses: actions/upload-artifact@v4
         with:
           name: test-reports-${{ matrix.api-level }}
@@ -235,7 +221,7 @@ jobs:
       - name: Display local test coverage (only API 30)
         if: matrix.api-level == 30
         id: jacoco
-        uses: madrapps/[email protected].0
+        uses: madrapps/[email protected].1
         with:
           title: Combined test coverage report
           min-coverage-overall: 40

.github/workflows/Build.yaml

@@ -7,6 +7,7 @@ on:
 jobs:
   baseline_profiles:
     name: "Generate Baseline Profiles"
+    if: github.repository == 'android/nowinandroid'
     runs-on: ubuntu-latest
 
     permissions:
@@ -36,6 +37,8 @@ jobs:
 
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v4
+        with:
+          cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
 
       - name: Setup Android SDK
         uses: android-actions/setup-android@v3
@@ -44,16 +47,17 @@ jobs:
         run: yes | sdkmanager --licenses || true
 
       - name: Check build-logic
-        run: ./gradlew check -p build-logic
+        run: ./gradlew :build-logic:convention:check
 
       - name: Setup GMD
         run: ./gradlew :benchmarks:pixel6Api33Setup
           --info
           -Pandroid.experimental.testOptions.managedDevices.emulator.showKernelLogging=true
           -Pandroid.testoptions.manageddevices.emulator.gpu="swiftshader_indirect"
 
-      - name: Build all build type and flavor permutations including baseline profiles
-        run: ./gradlew :app:assemble
-             -Pandroid.testInstrumentationRunnerArguments.androidx.benchmark.enabledRules=baselineprofile
-             -Pandroid.testoptions.manageddevices.emulator.gpu="swiftshader_indirect"
-             -Pandroid.experimental.testOptions.managedDevices.emulator.showKernelLogging=true
+      # This generates both baseline and startup profile and adds them into the generated folder
+      - name: Generate Baseline Profile
+        run: ./gradlew :app:generateReleaseBaselineProfile
+          -Pandroid.testInstrumentationRunnerArguments.androidx.benchmark.enabledRules=baselineprofile
+          -Pandroid.testoptions.manageddevices.emulator.gpu="swiftshader_indirect"
+          --stacktrace

.github/workflows/NightlyBaselineProfiles.yaml

@@ -7,6 +7,7 @@ on:
 
 jobs:
   build:
+    if: github.repository == 'android/nowinandroid'
     runs-on: ubuntu-latest
     timeout-minutes: 120
 
@@ -33,6 +34,8 @@ jobs:
 
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v4
+        with:
+          cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
 
       - name: Setup Android SDK
         uses: android-actions/setup-android@v3

.github/workflows/Release.yml

@@ -115,8 +115,9 @@ To run the tests execute the following gradle tasks:
 (see below for explanation). To avoid this, run `recordRoborazziDemoDebug` prior to running unit tests.
 - `connectedDemoDebugAndroidTest` run all instrumented tests against the `demoDebug` variant. 
 
-**Note:** You should not run `./gradlew test` or `./gradlew connectedAndroidTest` as this will execute 
-tests against _all_ build variants which is both unecessary and will result in failures as only the
+> [!NOTE]
+> You should not run `./gradlew test` or `./gradlew connectedAndroidTest` as this will execute 
+tests against _all_ build variants which is both unnecessary and will result in failures as only the
 `demoDebug` variant is supported. No other variants have any tests (although this might change in future). 
 
 ## Screenshot tests
@@ -138,7 +139,9 @@ stored in `modulename/src/test/screenshots`.
 - `compareRoborazziDemoDebug` create comparison images between failed tests and the known correct
 images. These can also be found in `modulename/src/test/screenshots`. 
 
-**Note on failing screenshot tests:** The known correct screenshots stored in this repository are recorded on CI using Linux. Other
+> [!NOTE]
+> **Note on failing screenshot tests**   
+> The known correct screenshots stored in this repository are recorded on CI using Linux. Other
 platforms may (and probably will) generate slightly different images, making the screenshot tests fail. 
 When working on a non-Linux platform, a workaround to this is to run `recordRoborazziDemoDebug` on the
 `main` branch before starting work. After making changes, `verifyRoborazziDemoDebug` will identify only