diff --git a/.github/workflows/assigner.yml b/.github/workflows/assigner.yml index f5bb122ceb4..eae5a8bbf4d 100644 --- a/.github/workflows/assigner.yml +++ b/.github/workflows/assigner.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Check out source code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false @@ -38,12 +38,13 @@ jobs: with: python-version: 3.12 - - name: Fetch west.yml from pull request + - name: Fetch west.yml/Maintainer.yml from pull request if: > github.event_name == 'pull_request_target' run: | git fetch origin pull/${{ github.event.pull_request.number }}/merge git show FETCH_HEAD:west.yml > pr_west.yml + git show FETCH_HEAD:MAINTAINERS.yml > pr_MAINTAINERS.yml - name: west setup if: > @@ -62,7 +63,7 @@ jobs: FLAGS+=" -r ${{ github.event.repository.name }}" FLAGS+=" -M MAINTAINERS.yml" if [ "${{ github.event_name }}" = "pull_request_target" ]; then - FLAGS+=" -P ${{ github.event.pull_request.number }} --updated-manifest pr_west.yml" + FLAGS+=" -P ${{ github.event.pull_request.number }} --updated-manifest pr_west.yml --updated-maintainer-file pr_MAINTAINERS.yml" elif [ "${{ github.event_name }}" = "issues" ]; then FLAGS+=" -I ${{ github.event.issue.number }}" elif [ "${{ github.event_name }}" = "schedule" ]; then @@ -71,4 +72,13 @@ jobs: echo "Unknown event: ${{ github.event_name }}" exit 1 fi - python3 scripts/set_assignees.py $FLAGS + python3 scripts/ci/set_assignees.py $FLAGS + + - name: Check maintainer file changes + if: > + github.event_name == 'pull_request_target' + env: + GITHUB_TOKEN: ${{ secrets.ZB_PR_ASSIGNER_GITHUB_TOKEN }} + run: | + python ./scripts/ci/check_maintainer_changes.py \ + --repo zephyrproject-rtos/zephyr MAINTAINERS.yml pr_MAINTAINERS.yml diff --git a/.github/workflows/backport_issue_check.yml b/.github/workflows/backport_issue_check.yml index 7811f30d050..9b5bfb8e3d9 100644 --- a/.github/workflows/backport_issue_check.yml +++ b/.github/workflows/backport_issue_check.yml @@ -26,10 +26,10 @@ jobs: steps: - name: Check out source code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip diff --git a/.github/workflows/bsim-tests-publish.yaml b/.github/workflows/bsim-tests-publish.yaml index 83aa87dcbbf..17d424f1849 100644 --- a/.github/workflows/bsim-tests-publish.yaml +++ b/.github/workflows/bsim-tests-publish.yaml @@ -24,7 +24,7 @@ jobs: run_id: ${{ github.event.workflow_run.id }} - name: Publish BabbleSim Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 with: check_name: BabbleSim Test Results comment_mode: off diff --git a/.github/workflows/bsim-tests.yaml b/.github/workflows/bsim-tests.yaml index 6d4f8eafe8d..f78871f2283 100644 --- a/.github/workflows/bsim-tests.yaml +++ b/.github/workflows/bsim-tests.yaml @@ -74,7 +74,7 @@ jobs: git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 @@ -189,7 +189,7 @@ jobs: - name: Upload Unit Test Results in HTML if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: HTML Unit Test Results if-no-files-found: ignore @@ -197,7 +197,7 @@ jobs: junit.html - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 with: check_name: Bsim Test Results files: "junit.xml" @@ -205,7 +205,7 @@ jobs: - name: Upload Event Details if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: event path: | diff --git a/.github/workflows/bug_snapshot.yaml b/.github/workflows/bug_snapshot.yaml index a03d5213717..c582723b7f2 100644 --- a/.github/workflows/bug_snapshot.yaml +++ b/.github/workflows/bug_snapshot.yaml @@ -23,10 +23,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -51,7 +51,7 @@ jobs: echo "BUGS_PICKLE_PATH=${BUGS_PICKLE_PATH}" >> ${GITHUB_ENV} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 with: aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_BUG_SNAPSHOT_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_BUG_SNAPSHOT_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/clang.yaml b/.github/workflows/clang.yaml index 71ebab29768..228560fbb22 100644 --- a/.github/workflows/clang.yaml +++ b/.github/workflows/clang.yaml @@ -53,7 +53,7 @@ jobs: git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false @@ -123,7 +123,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Unit Test Results (Subset ${{ matrix.subset }}) path: | @@ -140,18 +140,18 @@ jobs: if: (success() || failure()) steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false - name: Download Artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: artifacts - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -168,7 +168,7 @@ jobs: - name: Upload Unit Test Results in HTML if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: HTML Unit Test Results if-no-files-found: ignore @@ -176,7 +176,7 @@ jobs: junit-clang.html - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 if: always() with: check_name: Unit Test Results diff --git a/.github/workflows/codecov.yaml b/.github/workflows/codecov.yaml index 0061dabc8d4..a91d9e4b89c 100644 --- a/.github/workflows/codecov.yaml +++ b/.github/workflows/codecov.yaml @@ -67,12 +67,12 @@ jobs: git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -126,7 +126,7 @@ jobs: - name: Upload Doxygen Coverage Results if: matrix.platform == 'unit_testing' - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: doxygen-coverage-results path: | @@ -145,7 +145,7 @@ jobs: - name: Upload Coverage Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Coverage Data (Subset ${{ matrix.normalized }}) path: | @@ -161,12 +161,12 @@ jobs: steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -177,7 +177,7 @@ jobs: pip install -r scripts/requirements-actions.txt --require-hashes - name: Download Artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: coverage/reports @@ -242,7 +242,7 @@ jobs: - name: Upload Merged Coverage Results and Report if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Coverage Data and report path: | diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ad8e9669c48..f5710491488 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -36,10 +36,10 @@ jobs: config: ./.github/codeql/codeql-js-config.yml steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -53,6 +53,6 @@ jobs: exit 0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coding_guidelines.yml b/.github/workflows/coding_guidelines.yml index 258e80d1d5e..11d29ed2a1b 100644 --- a/.github/workflows/coding_guidelines.yml +++ b/.github/workflows/coding_guidelines.yml @@ -11,13 +11,13 @@ jobs: name: Run coding guidelines checks on patch series (PR) steps: - name: Checkout the code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index 2646caed111..23359782683 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -21,7 +21,7 @@ jobs: echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Checkout the code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 @@ -44,7 +44,7 @@ jobs: git log --pretty=oneline | head -n 10 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -61,7 +61,7 @@ jobs: west update -o=--depth=1 -n 2>&1 1> west.update.log || west update -o=--depth=1 -n 2>&1 1> west.update2.log - name: Setup Node.js - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: "lts/*" cache: npm @@ -91,14 +91,14 @@ jobs: ./scripts/ci/check_compliance.py --annotate $excludes -c origin/${BASE_REF}.. - name: upload-results - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true with: name: compliance.xml path: compliance.xml - name: Upload dts linter patch - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true if: hashFiles('dts_linter.patch') != '' with: diff --git a/.github/workflows/daily_test_version.yml b/.github/workflows/daily_test_version.yml index 177b1122ce8..e02f5e2ff5a 100644 --- a/.github/workflows/daily_test_version.yml +++ b/.github/workflows/daily_test_version.yml @@ -20,19 +20,19 @@ jobs: steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip diff --git a/.github/workflows/devicetree_checks.yml b/.github/workflows/devicetree_checks.yml index c0efa60951f..056fa6c59b1 100644 --- a/.github/workflows/devicetree_checks.yml +++ b/.github/workflows/devicetree_checks.yml @@ -33,10 +33,10 @@ jobs: os: [ubuntu-22.04, macos-14, windows-2022] steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} cache: pip diff --git a/.github/workflows/doc-build.yml b/.github/workflows/doc-build.yml index 75234ce753d..51def4fa758 100644 --- a/.github/workflows/doc-build.yml +++ b/.github/workflows/doc-build.yml @@ -27,7 +27,7 @@ jobs: file_check: ${{ steps.check-doc-files.outputs.any_modified }} steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 @@ -92,7 +92,7 @@ jobs: git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 @@ -156,13 +156,13 @@ jobs: tar --use-compress-program="xz -T0" -cf api-coverage.tar.xz coverage-report - name: Upload HTML output - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: html-output path: html-output.tar.xz - name: Upload Doxygen coverage artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: api-coverage path: api-coverage.tar.xz @@ -183,7 +183,7 @@ jobs: echo "API Coverage Report will be available shortly at: ${API_COVERAGE_URL}" >> $GITHUB_STEP_SUMMARY - name: Upload PR number - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 if: github.event_name == 'pull_request' with: name: pr_num @@ -202,12 +202,12 @@ jobs: steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: path: zephyr - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -259,7 +259,7 @@ jobs: - name: upload-build if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: pdf-output if-no-files-found: ignore diff --git a/.github/workflows/doc-publish-pr.yml b/.github/workflows/doc-publish-pr.yml index bcaaa284663..d458c4a1441 100644 --- a/.github/workflows/doc-publish-pr.yml +++ b/.github/workflows/doc-publish-pr.yml @@ -66,7 +66,7 @@ jobs: - name: Configure AWS Credentials if: steps.download-artifacts.outputs.found_artifact == 'true' - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 with: aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_PR_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_PR_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/doc-publish.yml b/.github/workflows/doc-publish.yml index 74698d00fb6..b37ce67e1a2 100644 --- a/.github/workflows/doc-publish.yml +++ b/.github/workflows/doc-publish.yml @@ -40,7 +40,7 @@ jobs: fi - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 with: aws-access-key-id: ${{ vars.AWS_DOCS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_DOCS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/errno.yml b/.github/workflows/errno.yml index f717e62c68d..daa54ad5128 100644 --- a/.github/workflows/errno.yml +++ b/.github/workflows/errno.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: path: zephyr diff --git a/.github/workflows/footprint-tracking.yml b/.github/workflows/footprint-tracking.yml index c703975f4e5..478843e5bcf 100644 --- a/.github/workflows/footprint-tracking.yml +++ b/.github/workflows/footprint-tracking.yml @@ -62,13 +62,13 @@ jobs: sudo apt-get install -y python3-venv - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -89,7 +89,7 @@ jobs: west update 2>&1 1> west.update.log || west update 2>&1 1> west.update2.log - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/greet_first_time_contributor.yml b/.github/workflows/greet_first_time_contributor.yml index 6a499275461..125ab18f51e 100644 --- a/.github/workflows/greet_first_time_contributor.yml +++ b/.github/workflows/greet_first_time_contributor.yml @@ -18,7 +18,7 @@ jobs: issues: write # to comment on issues steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: zephyrproject-rtos/action-first-interaction@58853996b1ac504b8e0f6964301f369d2bb22e5c # v1.1.1+zephyr.6 with: repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/hello_world_multiplatform.yaml b/.github/workflows/hello_world_multiplatform.yaml index cc1911a3f75..fe8f4544777 100644 --- a/.github/workflows/hello_world_multiplatform.yaml +++ b/.github/workflows/hello_world_multiplatform.yaml @@ -32,7 +32,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: path: zephyr fetch-depth: 0 @@ -54,7 +54,7 @@ jobs: git log --graph --oneline HEAD...${PR_HEAD} - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 @@ -80,7 +80,7 @@ jobs: - name: Upload artifacts if: failure() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: if-no-files-found: ignore path: diff --git a/.github/workflows/issue_count.yml b/.github/workflows/issue_count.yml index 0bd47bd8d8f..0ae65755906 100644 --- a/.github/workflows/issue_count.yml +++ b/.github/workflows/issue_count.yml @@ -38,14 +38,14 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: upload-stats - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true with: name: ${{ env.OUTPUT_FILE_NAME }} path: ${{ env.OUTPUT_FILE_NAME }} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/license_check.yml b/.github/workflows/license_check.yml index f0593a79f0e..fb2c1c32875 100644 --- a/.github/workflows/license_check.yml +++ b/.github/workflows/license_check.yml @@ -11,7 +11,7 @@ jobs: name: Scan code for licenses steps: - name: Checkout the code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Scan the code @@ -20,7 +20,7 @@ jobs: with: directory-to-scan: 'scan/' - name: Artifact Upload - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: scancode path: ./artifacts diff --git a/.github/workflows/maintainer_check.yml b/.github/workflows/maintainer_check.yml deleted file mode 100644 index a44efeb1272..00000000000 --- a/.github/workflows/maintainer_check.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Maintainer file check - -on: - pull_request_target: - branches: - - main - paths: - - MAINTAINERS.yml - -permissions: - contents: read - -jobs: - assignment: - name: Check MAINTAINERS.yml changes - runs-on: ubuntu-24.04 - - steps: - - name: Check out source code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 - with: - python-version: 3.12 - cache: pip - cache-dependency-path: scripts/requirements-actions.txt - - - name: Install Python packages - run: | - pip install -r scripts/requirements-actions.txt --require-hashes - - - name: Fetch MAINTAINERS.yml from pull request - run: | - git fetch origin pull/${{ github.event.pull_request.number }}/merge - git show FETCH_HEAD:MAINTAINERS.yml > pr_MAINTAINERS.yml - - - name: Check maintainer file changes - env: - GITHUB_TOKEN: ${{ secrets.ZB_PR_ASSIGNER_GITHUB_TOKEN }} - run: | - python ./scripts/ci/check_maintainer_changes.py \ - --repo zephyrproject-rtos/zephyr MAINTAINERS.yml pr_MAINTAINERS.yml diff --git a/.github/workflows/manifest.yml b/.github/workflows/manifest.yml index 3cbf007f187..067868cf8d7 100644 --- a/.github/workflows/manifest.yml +++ b/.github/workflows/manifest.yml @@ -13,7 +13,7 @@ jobs: name: Manifest steps: - name: Checkout the code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: path: zephyrproject/zephyr fetch-depth: 0 diff --git a/.github/workflows/pinned-gh-actions.yml b/.github/workflows/pinned-gh-actions.yml index f1d1bad4a43..817a749982f 100644 --- a/.github/workflows/pinned-gh-actions.yml +++ b/.github/workflows/pinned-gh-actions.yml @@ -14,6 +14,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Ensure SHA pinned actions uses: zgosalvez/github-actions-ensure-sha-pinned-actions@9e9574ef04ea69da568d6249bd69539ccc704e74 # v4.0.0 diff --git a/.github/workflows/pr_metadata_check.yml b/.github/workflows/pr_metadata_check.yml index e9ea848c05c..3e1183029fb 100644 --- a/.github/workflows/pr_metadata_check.yml +++ b/.github/workflows/pr_metadata_check.yml @@ -19,10 +19,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip diff --git a/.github/workflows/pylib_tests.yml b/.github/workflows/pylib_tests.yml index dfd6d5d44eb..f7e43588f79 100644 --- a/.github/workflows/pylib_tests.yml +++ b/.github/workflows/pylib_tests.yml @@ -32,10 +32,10 @@ jobs: os: [ubuntu-24.04] steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} cache: pip diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 50dc4a29e2b..9cc7fae3f81 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: permissions: contents: write # to create GitHub release entry steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 @@ -31,7 +31,7 @@ jobs: args: spdx -o zephyr-${{ steps.get_version.outputs.VERSION }}.spdx - name: upload-results - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true with: name: zephyr-${{ steps.get_version.outputs.VERSION }}.spdx diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 965915465e5..56280bf46dc 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -29,7 +29,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -47,7 +47,7 @@ jobs: # uploads of run results in SARIF format to the repository Actions tab. # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: SARIF file path: results.sarif @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: sarif_file: results.sarif diff --git a/.github/workflows/scripts_tests.yml b/.github/workflows/scripts_tests.yml index f3acc3da4fc..889ed4dc324 100644 --- a/.github/workflows/scripts_tests.yml +++ b/.github/workflows/scripts_tests.yml @@ -32,7 +32,7 @@ jobs: os: [ubuntu-24.04] steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 @@ -52,7 +52,7 @@ jobs: git log --graph --oneline HEAD...${PR_HEAD} - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} cache: pip diff --git a/.github/workflows/stale_issue.yml b/.github/workflows/stale_issue.yml index 96d38de631f..fd3474c910e 100644 --- a/.github/workflows/stale_issue.yml +++ b/.github/workflows/stale_issue.yml @@ -16,7 +16,7 @@ jobs: issues: write # to comment on stale issues steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 with: stale-pr-message: 'This pull request has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you diff --git a/.github/workflows/stats_merged_prs.yml b/.github/workflows/stats_merged_prs.yml index e18fc30f5c7..31217119e25 100644 --- a/.github/workflows/stats_merged_prs.yml +++ b/.github/workflows/stats_merged_prs.yml @@ -16,10 +16,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip diff --git a/.github/workflows/twister-publish.yaml b/.github/workflows/twister-publish.yaml index a6ff339df57..525dc8c3154 100644 --- a/.github/workflows/twister-publish.yaml +++ b/.github/workflows/twister-publish.yaml @@ -23,12 +23,12 @@ jobs: steps: # Needed for elasticearch and upload script - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index 761f7244af7..48522fddb15 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -42,7 +42,7 @@ jobs: steps: - name: Checkout if: github.event_name == 'pull_request' - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 @@ -51,7 +51,7 @@ jobs: - name: Set up Python if: github.event_name == 'pull_request' - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -171,7 +171,7 @@ jobs: git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 @@ -283,7 +283,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Unit Test Results (Subset ${{ matrix.subset }}) if-no-files-found: ignore @@ -305,7 +305,7 @@ jobs: - if: matrix.subset == 1 && github.event_name == 'push' name: Upload the list of Python packages - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Frozen PIP package set path: | @@ -323,14 +323,14 @@ jobs: steps: - name: Check out source code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: 3.12 cache: pip @@ -341,7 +341,7 @@ jobs: pip install -r scripts/requirements-actions.txt --require-hashes - name: Download Artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: artifacts @@ -352,7 +352,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Unit Test Results if-no-files-found: ignore @@ -367,7 +367,7 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 with: check_name: Unit Test Results files: "**/twister.xml" @@ -384,7 +384,7 @@ jobs: - name: Upload Twister Analysis Results if: needs.twister-build.result == 'failure' - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Twister Analysis Results if-no-files-found: ignore diff --git a/.github/workflows/twister_tests.yml b/.github/workflows/twister_tests.yml index 7efdab39f03..96a505019ee 100644 --- a/.github/workflows/twister_tests.yml +++ b/.github/workflows/twister_tests.yml @@ -39,10 +39,10 @@ jobs: os: [ubuntu-24.04] steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} cache: pip diff --git a/.github/workflows/twister_tests_blackbox.yml b/.github/workflows/twister_tests_blackbox.yml index b0040edabb0..0b8d70660e2 100644 --- a/.github/workflows/twister_tests_blackbox.yml +++ b/.github/workflows/twister_tests_blackbox.yml @@ -32,13 +32,13 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: path: zephyr fetch-depth: 0 - name: Set Up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} cache: pip diff --git a/.github/workflows/west_cmds.yml b/.github/workflows/west_cmds.yml index e94b3138fe9..e8c34eee3ef 100644 --- a/.github/workflows/west_cmds.yml +++ b/.github/workflows/west_cmds.yml @@ -36,10 +36,10 @@ jobs: os: [ubuntu-22.04, macos-14, windows-2022] steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} cache: pip diff --git a/.ruff-excludes.toml b/.ruff-excludes.toml index d162d15d140..7857825e007 100644 --- a/.ruff-excludes.toml +++ b/.ruff-excludes.toml @@ -1214,6 +1214,7 @@ exclude = [ "./scripts/ci/coverage/coverage_analysis.py", "./scripts/ci/errno.py", "./scripts/ci/guideline_check.py", + "./scripts/ci/set_assignees.py", "./scripts/ci/stats/merged_prs.py", "./scripts/ci/test_plan.py", "./scripts/ci/twister_report_analyzer.py", diff --git a/MAINTAINERS.yml b/MAINTAINERS.yml index af9c6861f11..a1cfc0cbc1e 100644 --- a/MAINTAINERS.yml +++ b/MAINTAINERS.yml @@ -32,6 +32,9 @@ # labels: # List of GitHub labels to add to pull requests that modify the area. # +# tests: +# List of test identifiers to be run when this area is affected by a PR. +# # files: # List of paths and/or glob patterns giving the files in the area, # relative to the root directory. @@ -60,6 +63,22 @@ # Like 'files-regex', but any matching files will be excluded from the # area. # +# file-groups: +# A list of groups of files that are treated as a single unit. +# This is useful for areas where different collaborators are responsible for +# different parts of the area. +# Each group should have the following structure: +# - name: +# collaborators: +# - +# - +# files: +# - +# - +# files-regex: +# - +# - +# # description: >- # Plain-English description. Describe what the system is about, from an # outsider's perspective. @@ -938,9 +957,22 @@ Continuous Integration: maintainers: - stephanosio - nashif - collaborators: - - fabiobaltieri - - kartben + file-groups: + - name: CI scripts + collaborators: + - kartben + files: + - scripts/ci/ + - name: Gitlint + collaborators: + - fabiobaltieri + files: + - scripts/gitlint/ + - name: Assignee setter + collaborators: + - kartben + files: + - scripts/ci/set_assignees.py files: - .github/ - scripts/requirements-actions.* @@ -948,7 +980,7 @@ Continuous Integration: - scripts/make_bugs_pickle.py - .checkpatch.conf - scripts/gitlint/ - - scripts/set_assignees.py + - scripts/ci/set_assignees.py labels: - "area: Continuous Integration" @@ -3264,7 +3296,7 @@ MAINTAINERS file: files: - MAINTAINERS.yml - scripts/get_maintainer.py - - scripts/set_assignees.py + - scripts/ci/set_assignees.py - scripts/check_maintainers.py labels: - "area: MAINTAINER File" diff --git a/scripts/set_assignees.py b/scripts/ci/set_assignees.py similarity index 74% rename from scripts/set_assignees.py rename to scripts/ci/set_assignees.py index 1cf2a29867a..a0838717230 100755 --- a/scripts/set_assignees.py +++ b/scripts/ci/set_assignees.py @@ -9,16 +9,24 @@ import sys import time from collections import defaultdict +from pathlib import Path +import yaml from github import Auth, Github, GithubException from github.GithubException import UnknownObjectException from west.manifest import Manifest, ManifestProject TOP_DIR = os.path.join(os.path.dirname(__file__)) -sys.path.insert(0, os.path.join(TOP_DIR, "scripts")) +sys.path.insert(0, str(Path(__file__).resolve().parents[1])) from get_maintainer import Maintainers # noqa: E402 -zephyr_base = os.getenv('ZEPHYR_BASE', os.path.join(TOP_DIR, '..')) +ZEPHYR_BASE = os.environ.get('ZEPHYR_BASE') +if ZEPHYR_BASE: + ZEPHYR_BASE = Path(ZEPHYR_BASE) +else: + ZEPHYR_BASE = Path(__file__).resolve().parents[2] + # Propagate this decision to child processes. + os.environ['ZEPHYR_BASE'] = str(ZEPHYR_BASE) def log(s): @@ -71,10 +79,22 @@ def parse_args(): help="Updated manifest file to compare against current west.yml", ) + parser.add_argument( + "--updated-maintainer-file", + default=None, + help="Updated maintainer file to compare against current MAINTAINERS.yml", + ) + parser.add_argument("-v", "--verbose", action="count", default=0, help="Verbose Output") args = parser.parse_args() +def load_areas(filename: str): + with open(filename) as f: + doc = yaml.safe_load(f) + return { + k: v for k, v in doc.items() if isinstance(v, dict) and ("files" in v or "files-regex" in v) + } def process_manifest(old_manifest_file): log("Processing manifest changes") @@ -104,6 +124,93 @@ def process_manifest(old_manifest_file): log(f'manifest areas: {areas}') return areas +def set_or_empty(d, key): + return set(d.get(key, []) or []) + +def compare_areas(old, new, repo_fullname=None, token=None): + old_areas = set(old.keys()) + new_areas = set(new.keys()) + + changed_areas = set() + added_areas = new_areas - old_areas + removed_areas = old_areas - new_areas + common_areas = old_areas & new_areas + + print("=== Areas Added ===") + for area in sorted(added_areas): + print(f"+ {area}") + + print("\n=== Areas Removed ===") + for area in sorted(removed_areas): + print(f"- {area}") + + print("\n=== Area Changes ===") + for area in sorted(common_areas): + changes = [] + old_entry = old[area] + new_entry = new[area] + + # Compare maintainers + old_maint = set_or_empty(old_entry, "maintainers") + new_maint = set_or_empty(new_entry, "maintainers") + added_maint = new_maint - old_maint + removed_maint = old_maint - new_maint + if added_maint: + changes.append(f" Maintainers added: {', '.join(sorted(added_maint))}") + if removed_maint: + changes.append(f" Maintainers removed: {', '.join(sorted(removed_maint))}") + + # Compare collaborators + old_collab = set_or_empty(old_entry, "collaborators") + new_collab = set_or_empty(new_entry, "collaborators") + added_collab = new_collab - old_collab + removed_collab = old_collab - new_collab + if added_collab: + changes.append(f" Collaborators added: {', '.join(sorted(added_collab))}") + if removed_collab: + changes.append(f" Collaborators removed: {', '.join(sorted(removed_collab))}") + + # Compare status + old_status = old_entry.get("status") + new_status = new_entry.get("status") + if old_status != new_status: + changes.append(f" Status changed: {old_status} -> {new_status}") + + # Compare labels + old_labels = set_or_empty(old_entry, "labels") + new_labels = set_or_empty(new_entry, "labels") + added_labels = new_labels - old_labels + removed_labels = old_labels - new_labels + if added_labels: + changes.append(f" Labels added: {', '.join(sorted(added_labels))}") + if removed_labels: + changes.append(f" Labels removed: {', '.join(sorted(removed_labels))}") + + # Compare files + old_files = set_or_empty(old_entry, "files") + new_files = set_or_empty(new_entry, "files") + added_files = new_files - old_files + removed_files = old_files - new_files + if added_files: + changes.append(f" Files added: {', '.join(sorted(added_files))}") + if removed_files: + changes.append(f" Files removed: {', '.join(sorted(removed_files))}") + + # Compare files-regex + old_regex = set_or_empty(old_entry, "files-regex") + new_regex = set_or_empty(new_entry, "files-regex") + added_regex = new_regex - old_regex + removed_regex = old_regex - new_regex + if added_regex: + changes.append(f" files-regex added: {', '.join(sorted(added_regex))}") + if removed_regex: + changes.append(f" files-regex removed: {', '.join(sorted(removed_regex))}") + + if changes: + changed_areas.add(area) + print(f"area changed: {area}") + + return added_areas | removed_areas | changed_areas def process_pr(gh, maintainer_file, number): gh_repo = gh.get_repo(f"{args.org}/{args.repo}") @@ -128,6 +235,8 @@ def process_pr(gh, maintainer_file, number): # areas where assignment happens if only said areas are affected meta_areas = ['Release Notes', 'Documentation', 'Samples', 'Tests'] + collab_per_path = [] + additional_reviews = set() for changed_file in fn: num_files += 1 log(f"file: {changed_file.filename}") @@ -139,11 +248,30 @@ def process_pr(gh, maintainer_file, number): continue parsed_areas = process_manifest(old_manifest_file=args.updated_manifest) for _area in parsed_areas: + collab_per_path.extend(_area.get_collaborators_for_path(changed_file)) area_match = maintainer_file.name2areas(_area) if area_match: areas.extend(area_match) + elif changed_file.filename in ['MAINTAINERS.yml']: + areas = maintainer_file.path2areas(changed_file.filename) + if args.updated_maintainer_file: + log( + "No updated maintainer file, cannot process MAINTAINERS.yml changes, skipping..." + ) + + old_areas = load_areas(args.updated_maintainer_file) + new_areas = load_areas('MAINTAINERS.yml') + changed_areas = compare_areas(old_areas, new_areas) + for _area in changed_areas: + area_match = maintainer_file.name2areas(_area) + if area_match: + # get list of maintainers for changed area + additional_reviews.update(maintainer_file.areas[_area].maintainers) + log(f"MAINTAINERS.yml changed, adding reviewrs: {additional_reviews}") else: areas = maintainer_file.path2areas(changed_file.filename) + for _area in areas: + collab_per_path.extend(_area.get_collaborators_for_path(changed_file)) log(f"areas for {changed_file}: {areas}") @@ -173,6 +301,9 @@ def process_pr(gh, maintainer_file, number): if 'Platform' in area.name: is_instance = True + for _area in sorted_areas: + collab_per_path.extend(_area.get_collaborators_for_path(changed_file)) + area_counter = dict(sorted(area_counter.items(), key=lambda item: item[1], reverse=True)) log(f"Area matches: {area_counter}") log(f"labels: {labels}") @@ -182,7 +313,11 @@ def process_pr(gh, maintainer_file, number): for area in area_counter: collab += maintainer_file.areas[area.name].maintainers collab += maintainer_file.areas[area.name].collaborators + collab += collab_per_path + collab = list(dict.fromkeys(collab)) + # add more reviewers based on maintainer file changes. + collab += list(additional_reviews) log(f"collab: {collab}") _all_maintainers = dict( diff --git a/scripts/ci/twister_ignore.txt b/scripts/ci/twister_ignore.txt index 9e5b417df53..ee086b61f78 100644 --- a/scripts/ci/twister_ignore.txt +++ b/scripts/ci/twister_ignore.txt @@ -52,7 +52,7 @@ scripts/checkpatch.pl scripts/ci/pylintrc scripts/footprint/* scripts/make_bugs_pickle.py -scripts/set_assignees.py +scripts/ci/set_assignees.py scripts/gitlint/zephyr_commit_rules.py scripts/west_commands/runners/canopen_program.py scripts/ci/check_maintainer_changes.py diff --git a/scripts/get_maintainer.py b/scripts/get_maintainer.py index 7ca14d9a773..afb287e8199 100755 --- a/scripts/get_maintainer.py +++ b/scripts/get_maintainer.py @@ -218,6 +218,26 @@ def __init__(self, filename=None): area.tags = area_dict.get("tags", []) area.description = area_dict.get("description") + # Initialize file groups if present + area.file_groups = [] + if "file-groups" in area_dict: + for group_dict in area_dict["file-groups"]: + file_group = FileGroup() + file_group.name = group_dict.get("name", "Unnamed Group") + file_group.description = group_dict.get("description") + file_group.collaborators = group_dict.get("collaborators", []) + + # Create match functions for this file group + file_group._match_fn = \ + _get_match_fn(group_dict.get("files"), + group_dict.get("files-regex")) + + file_group._exclude_match_fn = \ + _get_match_fn(group_dict.get("files-exclude"), + group_dict.get("files-regex-exclude")) + + area.file_groups.append(file_group) + # area._match_fn(path) tests if the path matches files and/or # files-regex area._match_fn = \ @@ -260,6 +280,32 @@ def path2areas(self, path): return [area for area in self.areas.values() if area._contains(path)] + def path2area_info(self, path): + """ + Returns a list of tuples (Area, FileGroup) for the areas that contain 'path'. + FileGroup will be None if the path matches the area's general files rather + than a specific file group. + """ + areas = self.path2areas(path) + result = [] + + # Make directory paths end in '/' so that foo/bar matches foo/bar/. + is_dir = os.path.isdir(path) + + # Make 'path' relative to the repository root and normalize it. + path = os.path.normpath(os.path.join( + os.path.relpath(os.getcwd(), self._toplevel), + path)) + + if is_dir: + path += "/" + + for area in areas: + file_group = area.get_file_group_for_path(path) + result.append((area, file_group)) + + return result + def commits2areas(self, commits): """ Returns a set() of Area instances for the areas that contain files that @@ -420,6 +466,30 @@ def _orphaned_cmd(self, args): print(path) # We get here if we never hit the 'break' +class FileGroup: + """ + Represents a file group within an area in MAINTAINERS.yml. + + These attributes are available: + + name: + The name of the file group, as specified in the 'name' key + + description: + Text from 'description' key, or None if the group has no 'description' + + collaborators: + List of collaborators specific to this file group + """ + def _contains(self, path): + # Returns True if the file group contains 'path', and False otherwise + return self._match_fn and self._match_fn(path) and not \ + (self._exclude_match_fn and self._exclude_match_fn(path)) + + def __repr__(self): + return "".format(self.name) + + class Area: """ Represents an entry for an area in MAINTAINERS.yml. @@ -447,13 +517,46 @@ class Area: description: Text from 'description' key, or None if the area has no 'description' key + + file_groups: + List of FileGroup instances for any file-groups defined in the area. + Empty if the area has no 'file-groups' key. """ def _contains(self, path): # Returns True if the area contains 'path', and False otherwise + # First check if path matches any file groups - they take precedence + for file_group in self.file_groups: + if file_group._contains(path): + return True + # If no file group matches, check area-level patterns return self._match_fn and self._match_fn(path) and not \ (self._exclude_match_fn and self._exclude_match_fn(path)) + def get_collaborators_for_path(self, path): + """ + Returns a list of collaborators for a specific path. + If the path matches a file group, returns the file group's collaborators. + Otherwise, returns the area's general collaborators. + """ + # Check file groups first + for file_group in self.file_groups: + if file_group._contains(path): + return file_group.collaborators + + # Return general area collaborators if no file group matches + return self.collaborators + + def get_file_group_for_path(self, path): + """ + Returns the FileGroup instance that contains the given path, + or None if the path doesn't match any file group. + """ + for file_group in self.file_groups: + if file_group._contains(path): + return file_group + return None + def __repr__(self): return "".format(self.name) @@ -484,6 +587,17 @@ def _print_areas(areas): ", ".join(area.tags), area.description or "")) + # Print file groups if any exist + if area.file_groups: + print("\tfile-groups:") + for file_group in area.file_groups: + print("\t\t{}: {}".format( + file_group.name, + ", ".join(file_group.collaborators) if file_group.collaborators else "no collaborators" + )) + if file_group.description: + print("\t\t description: {}".format(file_group.description)) + def _get_match_fn(globs, regexes): # Constructs a single regex that tests for matches against the globs in @@ -552,7 +666,7 @@ def ferr(msg): ok_keys = {"status", "maintainers", "collaborators", "inform", "files", "files-exclude", "files-regex", "files-regex-exclude", - "labels", "description", "tests", "tags"} + "labels", "description", "tests", "tags", "file-groups"} ok_status = {"maintained", "odd fixes", "unmaintained", "obsolete"} ok_status_s = ", ".join('"' + s + '"' for s in ok_status) # For messages @@ -572,8 +686,8 @@ def ferr(msg): ferr("bad 'status' key on area '{}', should be one of {}" .format(area_name, ok_status_s)) - if not area_dict.keys() & {"files", "files-regex"}: - ferr("either 'files' or 'files-regex' (or both) must be specified " + if not area_dict.keys() & {"files", "files-regex", "file-groups"}: + ferr("either 'files', 'files-regex', or 'file-groups' (or combinations) must be specified " "for area '{}'".format(area_name)) if not area_dict.get("maintainers") and area_dict.get("status") == "maintained": @@ -617,6 +731,64 @@ def ferr(msg): "'{}': {}".format(regex, files_regex_key, area_name, e.msg)) + # Validate file-groups structure + if "file-groups" in area_dict: + file_groups = area_dict["file-groups"] + if not isinstance(file_groups, list): + ferr("malformed 'file-groups' value for area '{}' -- should be a list" + .format(area_name)) + + ok_group_keys = {"name", "description", "collaborators", "files", + "files-exclude", "files-regex", "files-regex-exclude"} + + for i, group_dict in enumerate(file_groups): + if not isinstance(group_dict, dict): + ferr("malformed file group {} in area '{}' -- should be a dict" + .format(i, area_name)) + + for key in group_dict: + if key not in ok_group_keys: + ferr("unknown key '{}' in file group {} in area '{}'" + .format(key, i, area_name)) + + # Each file group must have either files or files-regex + if not group_dict.keys() & {"files", "files-regex"}: + ferr("file group {} in area '{}' must specify either 'files' or 'files-regex'" + .format(i, area_name)) + + # Validate string fields in file groups + for str_field in ["name", "description"]: + if str_field in group_dict and not isinstance(group_dict[str_field], str): + ferr("malformed '{}' in file group {} in area '{}' -- should be a string" + .format(str_field, i, area_name)) + + # Validate list fields in file groups + for list_field in ["collaborators", "files", "files-exclude", "files-regex", "files-regex-exclude"]: + if list_field in group_dict: + lst = group_dict[list_field] + if not (isinstance(lst, list) and all(isinstance(elm, str) for elm in lst)): + ferr("malformed '{}' in file group {} in area '{}' -- should be a list of strings" + .format(list_field, i, area_name)) + + # Validate file patterns in file groups + for files_key in "files", "files-exclude": + if files_key in group_dict: + for glob_pattern in group_dict[files_key]: + paths = tuple(root.glob(glob_pattern)) + if not paths: + ferr("glob pattern '{}' in '{}' in file group {} in area '{}' does not " + "match any files".format(glob_pattern, files_key, i, area_name)) + + # Validate regex patterns in file groups + for files_regex_key in "files-regex", "files-regex-exclude": + if files_regex_key in group_dict: + for regex in group_dict[files_regex_key]: + try: + re.compile(regex) + except re.error as e: + ferr("bad regular expression '{}' in '{}' in file group {} in area '{}': {}" + .format(regex, files_regex_key, i, area_name, e.msg)) + if "description" in area_dict and \ not isinstance(area_dict["description"], str): ferr("malformed 'description' value for area '{}' -- should be a "