From d6f266cc30927ecad40458b93730c41535413284 Mon Sep 17 00:00:00 2001 From: Keith Packard Date: Sun, 11 May 2025 15:01:50 -0700 Subject: [PATCH 1/7] tests/c_lib: Skip double sqrt test when double is not 64 bits This test only works for 64-bit values. On targets which use 32 bits for double, skip this version. The float test will check the 32-bit math for that. Signed-off-by: Keith Packard Signed-off-by: Anas Nashif --- tests/lib/c_lib/common/src/test_sqrt.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/lib/c_lib/common/src/test_sqrt.c b/tests/lib/c_lib/common/src/test_sqrt.c index 3c465b8f0eb..023f7f0d07f 100644 --- a/tests/lib/c_lib/common/src/test_sqrt.c +++ b/tests/lib/c_lib/common/src/test_sqrt.c @@ -29,6 +29,7 @@ static float test_floats[] = { }; #define NUM_TEST_FLOATS (sizeof(test_floats)/sizeof(float)) +#if __SIZEOF_DOUBLE__ == 8 static double test_doubles[] = { 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0, 9.0, /* numbers across the decade */ @@ -59,6 +60,7 @@ static int isnan(double x) ((ieee754.u & 0x000fffffffffffff) != 0); } #endif +#endif /* __SIZEOF_DOUBLE__ == 8 */ #ifndef isinff static int isinff(float x) @@ -147,6 +149,10 @@ int32_t *p_root_squared = (int32_t *)&root_squared; ZTEST(libc_common, test_sqrt) { +#if __SIZEOF_DOUBLE__ != 8 + TC_PRINT("test_sqrt skipped, double not 64 bits\n"); + ztest_test_skip(); +#else int i; double resd, error, square, root_squared, exponent; uint64_t max_error; @@ -202,4 +208,5 @@ int64_t *p_root_squared = (int64_t *)&root_squared; zassert_true(max_error < 0x04, "huge errors in sqrt implementation"); /* print the max error */ TC_PRINT("test_sqrt max error %d counts\n", (uint32_t)max_error); +#endif } From d645e5665dd6278f1f800afb0cb6a3b6a8f1a24b Mon Sep 17 00:00:00 2001 From: Keith Packard Date: Wed, 14 May 2025 10:14:17 -0400 Subject: [PATCH 2/7] libc/minimal: Add stub 'sys/lock.h' This file is explicitly included by the espressif hal module. It's an internal file provided by picolibc and newlib. Provide a stub to let code designed for those to work with the minimal C library. Signed-off-by: Keith Packard --- lib/libc/minimal/include/sys/lock.h | 1 + 1 file changed, 1 insertion(+) create mode 100644 lib/libc/minimal/include/sys/lock.h diff --git a/lib/libc/minimal/include/sys/lock.h b/lib/libc/minimal/include/sys/lock.h new file mode 100644 index 00000000000..68c48adc09c --- /dev/null +++ b/lib/libc/minimal/include/sys/lock.h @@ -0,0 +1 @@ +/* empty file for newlib compatibility */ From 8451fdd19aec17b49771da0045dbe07aabc65add Mon Sep 17 00:00:00 2001 From: Keith Packard Date: Mon, 14 Apr 2025 23:07:06 -0700 Subject: [PATCH 3/7] tests/kernel: Disable -Werror when testing deprecated pipe APIs These two tests are validating that deprecated APIs still work correctly. Which means they will definitely generate compile warnings. To disable -Werror while letting it be enabled for other tests, create a new Kconfig variable, DEPRECATION_TEST and make COMPILER_WARNINGS_AS_ERRORS depend on that option being unselected. Add this option to the two tests so that the resulting configuration disables -Werror. Signed-off-by: Keith Packard --- Kconfig.zephyr | 9 +++++++++ tests/kernel/pipe/deprecated/pipe/prj.conf | 1 + tests/kernel/pipe/deprecated/pipe_api/prj.conf | 1 + 3 files changed, 11 insertions(+) diff --git a/Kconfig.zephyr b/Kconfig.zephyr index 99295612b68..070b4231eee 100644 --- a/Kconfig.zephyr +++ b/Kconfig.zephyr @@ -542,9 +542,18 @@ config LTO config COMPILER_WARNINGS_AS_ERRORS bool "Treat warnings as errors" + depends on !DEPRECATION_TEST help Turn on "warning as error" toolchain flags +config DEPRECATION_TEST + bool "Indicate test for deprecated feature" + help + This option is selected by tests which check functionality of + deprecated features. It ensures that COMPILER_WARNINGS_AS_ERRORS + is not selected as that would generate errors when the deprecated + features are used. + config COMPILER_SAVE_TEMPS bool "Save temporary object files" help diff --git a/tests/kernel/pipe/deprecated/pipe/prj.conf b/tests/kernel/pipe/deprecated/pipe/prj.conf index 5b67871bd39..97ef605d171 100644 --- a/tests/kernel/pipe/deprecated/pipe/prj.conf +++ b/tests/kernel/pipe/deprecated/pipe/prj.conf @@ -3,3 +3,4 @@ CONFIG_TEST_USERSPACE=y CONFIG_MP_MAX_NUM_CPUS=1 CONFIG_TIMESLICE_SIZE=0 CONFIG_PIPES=y +CONFIG_DEPRECATION_TEST=y diff --git a/tests/kernel/pipe/deprecated/pipe_api/prj.conf b/tests/kernel/pipe/deprecated/pipe_api/prj.conf index d080e2fbdbd..02d8fd3dd56 100644 --- a/tests/kernel/pipe/deprecated/pipe_api/prj.conf +++ b/tests/kernel/pipe/deprecated/pipe_api/prj.conf @@ -5,3 +5,4 @@ CONFIG_DYNAMIC_OBJECTS=y CONFIG_MP_MAX_NUM_CPUS=1 CONFIG_ZTEST_FATAL_HOOK=y CONFIG_PIPES=y +CONFIG_DEPRECATION_TEST=y From b4f4a21b11fc1af627f004ffb55256088064ab24 Mon Sep 17 00:00:00 2001 From: Keith Packard Date: Fri, 16 May 2025 09:16:00 -0700 Subject: [PATCH 4/7] riscv: Increase TEST_EXTRA_STACK_SIZE to 4096 if c++ exceptions Initializing the C++ stack unwinding data structures takes quite a bit of stack space. Increase the TEST_EXTRA_STACK_SIZE when using these. Signed-off-by: Keith Packard --- arch/riscv/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index 72907a41fee..7f4f57eb283 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -428,6 +428,7 @@ config MAIN_STACK_SIZE default 2048 if PMP_STACK_GUARD config TEST_EXTRA_STACK_SIZE + default 4096 if CPP_EXCEPTIONS default 1536 config CMSIS_THREAD_MAX_STACK_SIZE From d30b7913aec2282b4dd6c162df6a5fe98659fa77 Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Thu, 15 May 2025 09:56:09 -0400 Subject: [PATCH 5/7] toolchain: clang: compiler opt: -Ofast -> -O3 -ffast-math clang 20 does not like -Ofast. Signed-off-by: Anas Nashif --- cmake/compiler/clang/compiler_flags.cmake | 1 + 1 file changed, 1 insertion(+) diff --git a/cmake/compiler/clang/compiler_flags.cmake b/cmake/compiler/clang/compiler_flags.cmake index 05e08d50646..1e9b160e94a 100644 --- a/cmake/compiler/clang/compiler_flags.cmake +++ b/cmake/compiler/clang/compiler_flags.cmake @@ -6,6 +6,7 @@ include(${ZEPHYR_BASE}/cmake/compiler/gcc/compiler_flags.cmake) # No property flag, clang doesn't understand fortify at all set_compiler_property(PROPERTY security_fortify_compile_time) set_compiler_property(PROPERTY security_fortify_run_time) +set_compiler_property(PROPERTY optimization_fast -O3 -ffast-math) # No printf-return-value optimizations in clang set_compiler_property(PROPERTY no_printf_return_value) From c45fd403a3b60ea1cb91c0b0643296be93607e83 Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Wed, 21 May 2025 12:05:00 -0400 Subject: [PATCH 6/7] ci: use new docker image v0.28.0.20250523 New docker image with SDK 0.17.1 and update docker base is (ubuntu 24.04). Signed-off-by: Anas Nashif --- .github/workflows/bsim-tests.yaml | 2 +- .github/workflows/clang.yaml | 4 ++-- .github/workflows/codecov.yaml | 2 +- .github/workflows/errno.yml | 2 +- .github/workflows/footprint-tracking.yml | 2 +- .github/workflows/twister.yaml | 4 ++-- SDK_VERSION | 2 +- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/bsim-tests.yaml b/.github/workflows/bsim-tests.yaml index 60d4187cfe3..81473f734e7 100644 --- a/.github/workflows/bsim-tests.yaml +++ b/.github/workflows/bsim-tests.yaml @@ -42,7 +42,7 @@ jobs: runs-on: group: zephyr-runner-v2-linux-x64-4xlarge container: - image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.27.4.20241026 + image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.28.0.20250523 options: '--entrypoint /bin/bash' env: ZEPHYR_TOOLCHAIN_VARIANT: zephyr diff --git a/.github/workflows/clang.yaml b/.github/workflows/clang.yaml index 752ced43895..04bc190fd13 100644 --- a/.github/workflows/clang.yaml +++ b/.github/workflows/clang.yaml @@ -18,7 +18,7 @@ jobs: runs-on: group: zephyr-runner-v2-linux-x64-4xlarge container: - image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.27.4.20241026 + image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.28.0.20250523 options: '--entrypoint /bin/bash' strategy: fail-fast: false @@ -29,7 +29,7 @@ jobs: CCACHE_REMOTE_STORAGE: "redis://cache-*.keydb-cache.svc.cluster.local|shards=1,2,3" CCACHE_REMOTE_ONLY: "true" CCACHE_IGNOREOPTIONS: '-specs=* --specs=*' - LLVM_TOOLCHAIN_PATH: /usr/lib/llvm-16 + LLVM_TOOLCHAIN_PATH: /usr/lib/llvm-20 BASE_REF: ${{ github.base_ref }} steps: - name: Apply container owner mismatch workaround diff --git a/.github/workflows/codecov.yaml b/.github/workflows/codecov.yaml index 2cd4ab16d9a..0a048b95f28 100644 --- a/.github/workflows/codecov.yaml +++ b/.github/workflows/codecov.yaml @@ -17,7 +17,7 @@ jobs: runs-on: group: zephyr-runner-v2-linux-x64-4xlarge container: - image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.27.4.20241026 + image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.28.0.20250523 options: '--entrypoint /bin/bash' strategy: fail-fast: false diff --git a/.github/workflows/errno.yml b/.github/workflows/errno.yml index a035936216f..46ed4e9d5ea 100644 --- a/.github/workflows/errno.yml +++ b/.github/workflows/errno.yml @@ -13,7 +13,7 @@ jobs: check-errno: runs-on: ubuntu-24.04 container: - image: ghcr.io/zephyrproject-rtos/ci:v0.27.4 + image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.28.0.20250523 steps: - name: Apply container owner mismatch workaround diff --git a/.github/workflows/footprint-tracking.yml b/.github/workflows/footprint-tracking.yml index cb4d1e6650c..1e4eeaa76b4 100644 --- a/.github/workflows/footprint-tracking.yml +++ b/.github/workflows/footprint-tracking.yml @@ -29,7 +29,7 @@ jobs: group: zephyr-runner-v2-linux-x64-4xlarge if: github.repository_owner == 'zephyrproject-rtos' container: - image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.27.4.20241026 + image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.28.0.20250523 options: '--entrypoint /bin/bash' defaults: run: diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index a40bbbef660..c354420508e 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -127,7 +127,7 @@ jobs: needs: twister-build-prep if: needs.twister-build-prep.outputs.size != 0 container: - image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.27.4.20241026 + image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.28.0.20250523 options: '--entrypoint /bin/bash' strategy: fail-fast: false @@ -148,7 +148,7 @@ jobs: PUSH_OPTIONS: ' --clobber-output -M --show-footprint --report-filtered -j 16' COMMIT_RANGE: ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }} BASE_REF: ${{ github.base_ref }} - LLVM_TOOLCHAIN_PATH: /usr/lib/llvm-16 + LLVM_TOOLCHAIN_PATH: /usr/lib/llvm-20 steps: - name: Print cloud service information run: | diff --git a/SDK_VERSION b/SDK_VERSION index c5523bd09b1..70f3e6a6200 100644 --- a/SDK_VERSION +++ b/SDK_VERSION @@ -1 +1 @@ -0.17.0 +0.17.1-rc4 From 3eb73c6c275669c15b0f4244e94104f23f40aa1b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 May 2025 11:30:17 +0000 Subject: [PATCH 7/7] ci: github: bump the actions-deps group across 1 directory with 6 updates Bumps the actions-deps group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `4.1.0` | `4.2.1` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.4.2` | `5.4.3` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.17` | `3.28.18` | | [zephyrproject-rtos/action-zephyr-setup](https://github.com/zephyrproject-rtos/action-zephyr-setup) | `1.0.6` | `1.0.7` | | [zephyrproject-rtos/action-manifest](https://github.com/zephyrproject-rtos/action-manifest) | `1.7.0` | `1.8.0` | | [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) | `3.0.24` | `3.0.25` | Updates `aws-actions/configure-aws-credentials` from 4.1.0 to 4.2.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/ececac1a45f3b08a01d2dd070d28d111c5fe6722...b47578312673ae6fa5b5096b330d9fbac3d116df) Updates `codecov/codecov-action` from 5.4.2 to 5.4.3 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/ad3126e916f78f00edff4ed0317cf185271ccc2d...18283e04ce6e62d37312384ff67231eb8fd56d24) Updates `github/codeql-action` from 3.28.17 to 3.28.18 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/60168efe1c415ce0f5521ea06d5c2062adbeed1b...ff0a06e83cb2de871e5a09832bc6a81e7276941f) Updates `zephyrproject-rtos/action-zephyr-setup` from 1.0.6 to 1.0.7 - [Commits](https://github.com/zephyrproject-rtos/action-zephyr-setup/compare/f7b70269a8eb01f70c8e710891e4c94972a2f6b4...b2453c72966ee67b1433be22b250348d48283286) Updates `zephyrproject-rtos/action-manifest` from 1.7.0 to 1.8.0 - [Commits](https://github.com/zephyrproject-rtos/action-manifest/compare/cb8f6fba6f20b5f8649bd573e80a7583a239894c...1dab8ef694b44470d09c9f16adb6a0d82c60b2c6) Updates `zgosalvez/github-actions-ensure-sha-pinned-actions` from 3.0.24 to 3.0.25 - [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases) - [Commits](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/2d6823da4039243036c86d76f503c84e2ded2517...fc87bb5b5a97953d987372e74478de634726b3e5) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 4.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: codecov/codecov-action dependency-version: 5.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps - dependency-name: github/codeql-action dependency-version: 3.28.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps - dependency-name: zephyrproject-rtos/action-zephyr-setup dependency-version: 1.0.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps - dependency-name: zephyrproject-rtos/action-manifest dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions dependency-version: 3.0.25 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps ... Signed-off-by: dependabot[bot] --- .github/workflows/bug_snapshot.yaml | 2 +- .github/workflows/codecov.yaml | 2 +- .github/workflows/codeql.yml | 4 ++-- .github/workflows/daily_test_version.yml | 2 +- .github/workflows/doc-build.yml | 4 ++-- .github/workflows/doc-publish-pr.yml | 2 +- .github/workflows/doc-publish.yml | 2 +- .github/workflows/footprint-tracking.yml | 2 +- .github/workflows/hello_world_multiplatform.yaml | 2 +- .github/workflows/issue_count.yml | 2 +- .github/workflows/manifest.yml | 2 +- .github/workflows/pinned-gh-actions.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .github/workflows/twister.yaml | 2 +- .github/workflows/twister_tests_blackbox.yml | 2 +- 15 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/bug_snapshot.yaml b/.github/workflows/bug_snapshot.yaml index befa8cdb8bf..f1c06beb7b4 100644 --- a/.github/workflows/bug_snapshot.yaml +++ b/.github/workflows/bug_snapshot.yaml @@ -52,7 +52,7 @@ jobs: echo "BUGS_PICKLE_PATH=${BUGS_PICKLE_PATH}" >> ${GITHUB_ENV} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 with: aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_BUG_SNAPSHOT_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_BUG_SNAPSHOT_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/codecov.yaml b/.github/workflows/codecov.yaml index 0a048b95f28..0c338e4b164 100644 --- a/.github/workflows/codecov.yaml +++ b/.github/workflows/codecov.yaml @@ -232,7 +232,7 @@ jobs: - name: Upload coverage to Codecov if: always() - uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2 + uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 with: env_vars: OS,PYTHON fail_ci_if_error: false diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 869467e030a..240fad7fb25 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL - uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -53,6 +53,6 @@ jobs: exit 0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/daily_test_version.yml b/.github/workflows/daily_test_version.yml index 4b89661a8af..2b601869964 100644 --- a/.github/workflows/daily_test_version.yml +++ b/.github/workflows/daily_test_version.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/doc-build.yml b/.github/workflows/doc-build.yml index bc147ee3817..ab7ab6d7ba1 100644 --- a/.github/workflows/doc-build.yml +++ b/.github/workflows/doc-build.yml @@ -108,7 +108,7 @@ jobs: cache-dependency-path: doc/requirements.txt - name: Setup Zephyr project - uses: zephyrproject-rtos/action-zephyr-setup@f7b70269a8eb01f70c8e710891e4c94972a2f6b4 # v1.0.6 + uses: zephyrproject-rtos/action-zephyr-setup@b2453c72966ee67b1433be22b250348d48283286 # v1.0.7 with: app-path: zephyr toolchains: 'all' @@ -226,7 +226,7 @@ jobs: echo "/opt/doxygen-${DOXYGEN_VERSION}/bin" >> $GITHUB_PATH - name: Setup Zephyr project - uses: zephyrproject-rtos/action-zephyr-setup@f7b70269a8eb01f70c8e710891e4c94972a2f6b4 # v1.0.6 + uses: zephyrproject-rtos/action-zephyr-setup@b2453c72966ee67b1433be22b250348d48283286 # v1.0.7 with: app-path: zephyr toolchains: 'arm-zephyr-eabi' diff --git a/.github/workflows/doc-publish-pr.yml b/.github/workflows/doc-publish-pr.yml index 9552d72b3d9..c1bda17c1c4 100644 --- a/.github/workflows/doc-publish-pr.yml +++ b/.github/workflows/doc-publish-pr.yml @@ -66,7 +66,7 @@ jobs: - name: Configure AWS Credentials if: steps.download-artifacts.outputs.found_artifact == 'true' - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 with: aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_PR_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_PR_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/doc-publish.yml b/.github/workflows/doc-publish.yml index 89afeb4ed1b..7a91910c114 100644 --- a/.github/workflows/doc-publish.yml +++ b/.github/workflows/doc-publish.yml @@ -40,7 +40,7 @@ jobs: fi - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 with: aws-access-key-id: ${{ vars.AWS_DOCS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_DOCS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/footprint-tracking.yml b/.github/workflows/footprint-tracking.yml index 1e4eeaa76b4..3cd38c0d1e4 100644 --- a/.github/workflows/footprint-tracking.yml +++ b/.github/workflows/footprint-tracking.yml @@ -90,7 +90,7 @@ jobs: west update 2>&1 1> west.update.log || west update 2>&1 1> west.update2.log - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/hello_world_multiplatform.yaml b/.github/workflows/hello_world_multiplatform.yaml index 560e747c0d2..7fd814e72ba 100644 --- a/.github/workflows/hello_world_multiplatform.yaml +++ b/.github/workflows/hello_world_multiplatform.yaml @@ -59,7 +59,7 @@ jobs: python-version: 3.11 - name: Setup Zephyr project - uses: zephyrproject-rtos/action-zephyr-setup@f7b70269a8eb01f70c8e710891e4c94972a2f6b4 # v1.0.6 + uses: zephyrproject-rtos/action-zephyr-setup@b2453c72966ee67b1433be22b250348d48283286 # v1.0.7 with: app-path: zephyr toolchains: all diff --git a/.github/workflows/issue_count.yml b/.github/workflows/issue_count.yml index 0ab24ef5f64..f80d3d2135f 100644 --- a/.github/workflows/issue_count.yml +++ b/.github/workflows/issue_count.yml @@ -45,7 +45,7 @@ jobs: path: ${{ env.OUTPUT_FILE_NAME }} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/manifest.yml b/.github/workflows/manifest.yml index bacd0ba768b..13396237393 100644 --- a/.github/workflows/manifest.yml +++ b/.github/workflows/manifest.yml @@ -42,7 +42,7 @@ jobs: west init -l . || true - name: Manifest - uses: zephyrproject-rtos/action-manifest@cb8f6fba6f20b5f8649bd573e80a7583a239894c # v1.7.0 + uses: zephyrproject-rtos/action-manifest@1729cded3fc798cf0de4a789c596dcb9c40eb14c # v1.9.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} manifest-path: 'west.yml' diff --git a/.github/workflows/pinned-gh-actions.yml b/.github/workflows/pinned-gh-actions.yml index c89eb7464f7..e7f51a3316e 100644 --- a/.github/workflows/pinned-gh-actions.yml +++ b/.github/workflows/pinned-gh-actions.yml @@ -16,4 +16,4 @@ jobs: - name: Checkout code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Ensure SHA pinned actions - uses: zgosalvez/github-actions-ensure-sha-pinned-actions@2d6823da4039243036c86d76f503c84e2ded2517 # v3.0.24 + uses: zgosalvez/github-actions-ensure-sha-pinned-actions@fc87bb5b5a97953d987372e74478de634726b3e5 # v3.0.25 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 3d4471e70a5..4278adb8fb0 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: sarif_file: results.sarif diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index c354420508e..cc82b221f03 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -65,7 +65,7 @@ jobs: - name: Setup Zephyr project if: github.event_name == 'pull_request' - uses: zephyrproject-rtos/action-zephyr-setup@f7b70269a8eb01f70c8e710891e4c94972a2f6b4 # v1.0.6 + uses: zephyrproject-rtos/action-zephyr-setup@b2453c72966ee67b1433be22b250348d48283286 # v1.0.7 with: app-path: zephyr toolchains: all diff --git a/.github/workflows/twister_tests_blackbox.yml b/.github/workflows/twister_tests_blackbox.yml index 6cc922adb61..9a0d6432d48 100644 --- a/.github/workflows/twister_tests_blackbox.yml +++ b/.github/workflows/twister_tests_blackbox.yml @@ -45,7 +45,7 @@ jobs: cache-dependency-path: scripts/requirements-actions.txt - name: Setup Zephyr project - uses: zephyrproject-rtos/action-zephyr-setup@f7b70269a8eb01f70c8e710891e4c94972a2f6b4 # v1.0.6 + uses: zephyrproject-rtos/action-zephyr-setup@b2453c72966ee67b1433be22b250348d48283286 # v1.0.7 with: app-path: zephyr toolchains: all