Release/2025.05 #3913
Draft
Release/2025.05 #3913
+14,107
−10,742
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
instead of having a 10 second delay to 'confirm' activity
Default value should be selected for replacement
# Conflicts: # indra/newview/skins/default/xui/en/floater_inventory_item_properties.xml
Release (Maint W) -> Maint C merge
1. onClear should clear file even if in 'don't log' state. 2. When chat isn't logging, check presence of old log by checking file.
This file is no longer used.
Drop python version from matrix configuration as it's always 3.11.
Move towards packaging artifacts with xz, which offers higher compression ratios and faster decode time.
Marchcat/c merge
On viewer shutdown 1. Instead of handling potential WM_* messages viewer is no longer equiped to handle drop window's pointer and expect only WM_DESTROY 2. Detach thread and let it do its own thing, thread will delete itself 3. Reverts commit 1161262 Reason for the change: window was closing too early (as son as "LLApp" status changes) without proper cleanup
1. Switched 'inspect' to thumbnails to minimalize differences 2. Reporting larger area to bump priority 3. Change scaling behavior. Old mechanics worked fine for icons that were scaled down from large images to ~32, but for thumbnails it can result in 256 image scaling down to ~200 before being scaled up to UI's scale (scale factor), causing extra loss of quality.
Standard and scaled textures couldn't share workers and if one finished a request, second one failed to start a new one.
Release (Maint YZ) -> Maint C merge
To not acuse confusion with favorites
Restore currently entered text in chat entry textbox after going through history with Ctrl-PgUp/PgDown
Snapshot fixes from archived develop branch
Clean up LLUI and fix/add suggestions from VS
to fit favorites tab
develop → 2025.05 sync
Increment viewer version after 2025.04
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+15
to
+28
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Debug Workflow Variables | ||
| run: | | ||
| echo "Workflow Conclusion: ${{ github.event.workflow_run.conclusion }}" | ||
| echo "Workflow Head Branch: ${{ github.event.workflow_run.head_branch }}" | ||
| echo "Workflow Run ID: ${{ github.event.workflow_run.id }}" | ||
| echo "Head Commit Message: ${{ github.event.workflow_run.head_commit.message }}" | ||
| echo "GitHub Ref: ${{ github.ref }}" | ||
| echo "GitHub Ref Name: ${{ github.ref_name }}" | ||
| echo "GitHub Event Name: ${{ github.event_name }}" | ||
| echo "GitHub Workflow Name: ${{ github.workflow }}" | ||
|
|
||
| install-viewer-and-run-tests: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
| - name: Debug Workflow Variables | ||
| run: | | ||
| echo "Workflow Conclusion: ${{ github.event.workflow_run.conclusion }}" | ||
| echo "Workflow Head Branch: ${{ github.event.workflow_run.head_branch }}" |
Check failure
Code scanning / CodeQL
Code injection Critical
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 11 days ago
To fix the issue, we will follow the recommended best practices for avoiding code injection in GitHub Actions. Specifically, we will:
- Assign the value of
${{ github.event.workflow_run.head_branch }}to an environment variable. - Use the environment variable in the shell command with proper quoting to ensure it is treated as a literal string and not executed as code.
This change will be applied to all instances where untrusted input is directly interpolated into shell commands.
Suggested changeset
1
.github/workflows/qatest.yaml
| @@ -14,8 +14,10 @@ | ||
| debug-workflow: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Debug Workflow Variables | ||
| run: | | ||
| echo "Workflow Conclusion: ${{ github.event.workflow_run.conclusion }}" | ||
| echo "Workflow Head Branch: ${{ github.event.workflow_run.head_branch }}" | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Debug Workflow Variables | ||
| env: | ||
| HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }} | ||
| run: | | ||
| echo "Workflow Conclusion: ${{ github.event.workflow_run.conclusion }}" | ||
| echo "Workflow Head Branch: $HEAD_BRANCH" | ||
| echo "Workflow Run ID: ${{ github.event.workflow_run.id }}" | ||
| @@ -27,12 +29,14 @@ | ||
|
|
||
| install-viewer-and-run-tests: | ||
| runs-on: [self-hosted, qa-machine] | ||
| # Run test only on successful builds of Second_Life_X branches | ||
| if: > | ||
| github.event.workflow_run.conclusion == 'success' && | ||
| ( | ||
| startsWith(github.event.workflow_run.head_branch, 'Second_Life') | ||
| ) | ||
|
|
||
| steps: | ||
| install-viewer-and-run-tests: | ||
| runs-on: [self-hosted, qa-machine] | ||
| # Run test only on successful builds of Second_Life_X branches | ||
| env: | ||
| HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }} | ||
| if: > | ||
| github.event.workflow_run.conclusion == 'success' && | ||
| ( | ||
| startsWith(env.HEAD_BRANCH, 'Second_Life') | ||
| ) | ||
|
|
||
| steps: | ||
| - name: Temporarily Allow PowerShell Scripts (Process Scope) |
Copilot is powered by AI and may make mistakes. Always verify output.
| echo "Workflow Conclusion: ${{ github.event.workflow_run.conclusion }}" | ||
| echo "Workflow Head Branch: ${{ github.event.workflow_run.head_branch }}" | ||
| echo "Workflow Run ID: ${{ github.event.workflow_run.id }}" | ||
| echo "Head Commit Message: ${{ github.event.workflow_run.head_commit.message }}" |
Check failure
Code scanning / CodeQL
Code injection Critical
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 11 days ago
To fix the issue, the untrusted input ${{ github.event.workflow_run.head_commit.message }} should be assigned to an intermediate environment variable. The environment variable should then be referenced using the native shell syntax to prevent direct interpolation of untrusted input into the run block. This approach ensures that the input is treated as a literal string and not executed as a command.
Suggested changeset
1
.github/workflows/qatest.yaml
| @@ -21,3 +21,6 @@ | ||
| echo "Workflow Run ID: ${{ github.event.workflow_run.id }}" | ||
| echo "Head Commit Message: ${{ github.event.workflow_run.head_commit.message }}" | ||
| env: | ||
| HEAD_COMMIT_MESSAGE: ${{ github.event.workflow_run.head_commit.message }} | ||
| run: | | ||
| echo "Head Commit Message: $HEAD_COMMIT_MESSAGE" | ||
| echo "GitHub Ref: ${{ github.ref }}" |
Copilot is powered by AI and may make mistakes. Always verify output.
Comment on lines
+29
to
+168
| New-Item -ItemType Directory -Path $DownloadPath -Force | Out-Null | ||
| $InstallerPath = "$DownloadPath\installer.zip" | ||
|
|
||
| # Download the ZIP | ||
| Invoke-WebRequest -Uri $ARTIFACT_NAME -Headers @{Authorization="token ${{ secrets.GITHUB_TOKEN }}"} -OutFile $InstallerPath | ||
|
|
||
| # Ensure download succeeded | ||
| if (-Not (Test-Path $InstallerPath)) { | ||
| Write-Host "❌ Error: Failed to download Windows-installer.zip" | ||
| exit 1 | ||
| } | ||
|
|
||
| - name: Extract Installer & Locate Executable | ||
| shell: pwsh | ||
| run: | | ||
| # Explicitly set BUILD_ID again (since it does not appear to persist across steps) | ||
| $BUILD_ID = "${{ github.event.workflow_run.id }}" | ||
| $ExtractPath = "$env:TEMP\secondlife-build-$BUILD_ID" | ||
| $InstallerZip = "$ExtractPath\installer.zip" | ||
|
|
||
| # Print paths for debugging | ||
| Write-Host "Extract Path: $ExtractPath" | ||
| Write-Host "Installer ZIP Path: $InstallerZip" | ||
|
|
||
| # Verify ZIP exists before extracting | ||
| if (-Not (Test-Path $InstallerZip)) { | ||
| Write-Host "❌ Error: ZIP file not found at $InstallerZip!" | ||
| exit 1 | ||
| } | ||
|
|
||
| Write-Host "✅ ZIP file exists and is valid. Extracting..." | ||
|
|
||
| Expand-Archive -Path $InstallerZip -DestinationPath $ExtractPath -Force | ||
|
|
||
| # Find installer executable | ||
| $INSTALLER_PATH = (Get-ChildItem -Path $ExtractPath -Filter '*.exe' -Recurse | Select-Object -First 1).FullName | ||
|
|
||
| if (-Not $INSTALLER_PATH -or $INSTALLER_PATH -eq "") { | ||
| Write-Host "❌ Error: No installer executable found in the extracted files!" | ||
| Write-Host "📂 Extracted Files:" | ||
| Get-ChildItem -Path $ExtractPath -Recurse | Format-Table -AutoSize | ||
| exit 1 | ||
| } | ||
|
|
||
| Write-Host "✅ Installer found: $INSTALLER_PATH" | ||
| echo "INSTALLER_PATH=$INSTALLER_PATH" | Out-File -FilePath $env:GITHUB_ENV -Append | ||
|
|
||
| - name: Install Second Life Using Task Scheduler (Bypass UAC) | ||
| shell: pwsh | ||
| run: | | ||
| $action = New-ScheduledTaskAction -Execute "${{ env.INSTALLER_PATH }}" -Argument "/S" | ||
| $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest | ||
| $task = New-ScheduledTask -Action $action -Principal $principal | ||
| Register-ScheduledTask -TaskName "SilentSLInstaller" -InputObject $task -Force | ||
| Start-ScheduledTask -TaskName "SilentSLInstaller" | ||
|
|
||
| - name: Wait for Installation to Complete | ||
| shell: pwsh | ||
| run: | | ||
| Write-Host "Waiting for the Second Life installer to finish..." | ||
| do { | ||
| Start-Sleep -Seconds 5 | ||
| $installerProcess = Get-Process | Where-Object { $_.Path -eq "${{ env.INSTALLER_PATH }}" } | ||
| } while ($installerProcess) | ||
|
|
||
| Write-Host "✅ Installation completed!" | ||
|
|
||
| - name: Cleanup Task Scheduler Entry | ||
| shell: pwsh | ||
| run: | | ||
| Unregister-ScheduledTask -TaskName "SilentSLInstaller" -Confirm:$false | ||
| Write-Host "✅ Task Scheduler entry removed." | ||
|
|
||
| - name: Delete Installer ZIP | ||
| shell: pwsh | ||
| run: | | ||
| # Explicitly set BUILD_ID again | ||
| $BUILD_ID = "${{ github.event.workflow_run.id }}" | ||
| $DeletePath = "$env:TEMP\secondlife-build-$BUILD_ID\installer.zip" | ||
|
|
||
| Write-Host "Checking if installer ZIP exists: $DeletePath" | ||
|
|
||
| # Ensure the ZIP file exists before trying to delete it | ||
| if (Test-Path $DeletePath) { | ||
| Remove-Item -Path $DeletePath -Force | ||
| Write-Host "✅ Successfully deleted: $DeletePath" | ||
| } else { | ||
| Write-Host "⚠️ Warning: ZIP file does not exist, skipping deletion." | ||
| } | ||
|
|
||
| - name: Run QA Test Script | ||
| run: | | ||
| Write-Host "Running QA Test script..." | ||
| python C:\viewer-sikulix-main\runTests.py | ||
|
|
||
| # - name: Upload Test Results | ||
| # uses: actions/upload-artifact@v3 | ||
| # with: | ||
| # name: test-results | ||
| # path: C:\viewer-sikulix-main\regressionTest\test_results.html |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Doesn't make much sense, if param is in use it is supposed to be set, but bugsplat says sculpt_params is null
I don't expect it to fix the problem. Just making things more explicit in places of most frequent crashes.
For now it's random, needs more consistent coverage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Based on Maint C (#3895)