From a0e42f20324a14c00687ae5422991cc3292afecc Mon Sep 17 00:00:00 2001 From: Ramon Roche Date: Fri, 10 Apr 2026 00:00:00 -0700 Subject: [PATCH] ci(workflows): bump all action versions to latest majors Bump every GitHub Action in the repository to its latest major version, addressing the upcoming Node.js 20 deprecation. Several of the old versions (checkout v4, cache v4, setup-node v4, labeler v5) use the Node 20 runtime which GitHub is deprecating. The new versions use Node 22. - actions/checkout v4/v5 to v6 - actions/upload-artifact v4 to v7 - actions/download-artifact v4 to v8 - actions/cache, cache/restore, cache/save v4 to v5 - actions/setup-node v4 to v6 - actions/setup-python v5 to v6 - actions/github-script v7/v8 to v9 - actions/labeler v5 to v6 - peter-evans/find-comment v3 to v4 - dorny/paths-filter v3 to v4 - codecov/codecov-action v4 to v6 - docker/setup-buildx-action v3 to v4 - docker/build-push-action v6 to v7 - tj-actions/changed-files v46 to v47 Signed-off-by: Ramon Roche --- .claude/settings.local.json | 45 ++++++++++++++++++ .github/actions/save-ccache/action.yml | 2 +- .github/actions/setup-ccache/action.yml | 2 +- .github/workflows/build_all_targets.yml | 17 ++++--- .github/workflows/build_deb_package.yml | 10 ++-- .github/workflows/checks.yml | 8 +--- .github/workflows/clang-tidy.yml | 1 - .github/workflows/commit_checks.yml | 6 +-- .github/workflows/compile_macos.yml | 8 ++-- .github/workflows/compile_ubuntu.yml | 2 +- .github/workflows/dev_container.yml | 15 +++--- .github/workflows/docs-orchestrator.yml | 47 +++++++++---------- .github/workflows/docs_crowdin_download.yml | 2 +- .github/workflows/docs_crowdin_upload.yml | 2 +- .github/workflows/docs_deploy.yml | 9 ++-- .../ekf_functional_change_indicator.yml | 2 +- .github/workflows/failsafe_sim.yml | 16 +++---- .github/workflows/flash_analysis.yml | 18 ++++--- .github/workflows/fuzzing.yml | 2 +- .github/workflows/itcm_check.yml | 6 +-- .github/workflows/label.yml | 2 +- .github/workflows/mavros_tests.yml | 4 +- .github/workflows/pr-comment-poster.yml | 2 +- .github/workflows/pr-review-poster.yml | 2 +- .github/workflows/python_checks.yml | 5 +- .github/workflows/ros_integration_tests.yml | 12 ++--- .github/workflows/ros_translation_node.yml | 4 +- .github/workflows/sbom_license_check.yml | 2 +- .github/workflows/sbom_monthly_audit.yml | 4 +- .github/workflows/sitl_tests.yml | 12 ++--- .github/workflows/sync_to_px4_msgs.yml | 2 +- .../tag_px4_msgs_from_px4_release_tag.yml | 2 +- 32 files changed, 143 insertions(+), 130 deletions(-) create mode 100644 .claude/settings.local.json diff --git a/.claude/settings.local.json b/.claude/settings.local.json new file mode 100644 index 0000000000..d57e4cb48d --- /dev/null +++ b/.claude/settings.local.json @@ -0,0 +1,45 @@ +{ + "permissions": { + "allow": [ + "Bash(git -C /Users/rroche/Work/Dronecode/PX4-Autopilot-ci-orchestrator commit -S -s -m \"$\\(cat <<''EOF''\nci-orchestrator: cache emscripten SDK in failsafe-sim job\n\nCache the _emscripten_sdk directory keyed on version 4.0.15 so\nsubsequent runs skip the git clone and install steps \\(~30s savings\non cache hit\\). The build step sources emsdk_env.sh unchanged.\nEOF\n\\)\")", + "WebFetch(domain:gist.github.com)", + "Bash(git -C /Users/rroche/Work/Dronecode/PX4-Autopilot-ci-orchestrator commit -S -s -m \"$\\(cat <<''EOF''\nci-orchestrator: upgrade SITL and ROS integration runners to 8cpu\n\nROS Integration Tests \\(31m\\) is the critical path bottleneck,\nfollowed by SITL Tests tailsitter \\(20m\\). Both spend significant\ntime compiling dependencies \\(xrce-dds, ROS2 libs, gazebo\\). Upgrade\nfrom 4cpu to 8cpu to parallelize compilation and reduce wall-clock.\nEOF\n\\)\")", + "Bash(git -C /Users/rroche/Work/Dronecode/PX4-Autopilot-ci-orchestrator commit -S -s -m \"$\\(cat <<''EOF''\nci-orchestrator: fix flash analysis comment alignment\n\nRemove extra indentation from code fences and bloaty output inside\nthe PR comment body so the column alignment renders correctly in\nGitHub markdown.\nEOF\n\\)\")", + "Bash(docker run:*)", + "Bash(docker rm:*)", + "Bash(git -C /Users/rroche/Work/Dronecode/PX4-Autopilot-ci-orchestrator commit -S -s -m \"$\\(cat <<''EOF''\nci-orchestrator: increase SITL test speed factor to 20x\n\nBump simulation speed factor from 10x to 20x for MAVSDK SITL tests.\nWith the 8cpu runners this should be sustainable and roughly halve\nthe 18min test execution phase.\nEOF\n\\)\")", + "Bash(docker exec:*)", + "Bash(git -C /Users/rroche/Work/Dronecode/PX4-Autopilot-ci-orchestrator commit -S -s -m \"$\\(cat <<''EOF''\nci-orchestrator: build Gazebo plugins in cache seed job\n\nAdd Gazebo Classic plugin build to the build-sitl cache seed job so\ndownstream SITL test jobs get ccache hits for both PX4 firmware and\nGazebo objects. Bump ccache max_size from 250M to 400M to fit both.\nEOF\n\\)\")", + "Bash(git -C /Users/rroche/Work/Dronecode/PX4-Autopilot-ci-orchestrator commit -S -s -m \"$\\(cat <<''EOF''\ndocs: update CI orchestrator docs for 4-tier architecture and caching\n\nUpdate documentation to reflect recent changes:\n- 5-tier to 4-tier restructure \\(old T3 merged into T2\\)\n- Add comprehensive caching strategy section covering ccache key\n patterns, scopes, sizes, and the cache seed pattern\n- Document Emscripten SDK cache for failsafe-sim\n- Update runner types \\(8cpu for SITL/ROS, 16cpu for clang-tidy\\)\n- SITL tests now run at 20x speed factor\n- Remove CI summary job references\n- Update tier numbering throughout troubleshooting and best practices\nEOF\n\\)\")", + "Bash(docker build:*)", + "WebFetch(domain:raw.githubusercontent.com)", + "Bash(docker system prune:*)", + "WebSearch", + "WebFetch(domain:hub.docker.com)", + "WebFetch(domain:docs.px4.io)", + "WebFetch(domain:github.com)", + "Bash(find:*)", + "Bash(docker search:*)", + "Bash(docker images:*)", + "Bash(gh pr create --draft --title \"packaging: add PX4 SITL .deb package\" --body \"$\\(cat <<''EOF''\nSingle .deb package for PX4 SITL with Gazebo Harmonic resources. Installs to /opt/px4-sitl with a px4-sitl wrapper script symlinked to /usr/bin.\n\nChanges:\n- cmake/package.cmake: CPack config for px4-sitl .deb with minimal Gazebo runtime deps\n- platforms/posix/CMakeLists.txt: install targets for Gazebo models, worlds, plugins\n- Tools/packaging/px4-sitl.sh: launcher script \\(XDG dirs, gz_env.sh generation, dartsim symlink fix\\)\n- Tools/packaging/postinst, postrm: create/remove /usr/bin/px4-sitl symlink\n- .github/workflows/build_deb_package.yml: CI to build and validate the .deb\n- docs/en/packaging/px4_sitl_deb.md: usage and build docs\n\nTested with PX4_SIM_MODEL=gz_x500 and sihsim_quadx in Ubuntu 24.04 container.\nEOF\n\\)\")", + "Bash(gh gist create:*)", + "Bash(git commit -S -s -m \"$\\(cat <<''EOF''\npackaging: exclude legacy install rules from .deb builds\n\nGate legacy install rules behind if\\(NOT DPKG_PROGRAM\\) so they only\nrun for tarball/ROS workflows. Gate .deb install rules behind\nif\\(DPKG_PROGRAM\\) so they only run when building .deb packages.\n\nWithout this, both rule sets execute during .deb builds, triplicating\nfiles and pulling in the entire source tree \\(integrationtests, launch,\nTools, CMakeLists.txt, gazebo-classic models\\) into the package.\nEOF\n\\)\")", + "Bash(gh issue create:*)", + "Bash(git commit -S -s --amend -m \"$\\(cat <<''EOF''\npackaging: exclude legacy install rules from .deb builds\n\nMove find_program\\(DPKG_PROGRAM dpkg\\) into platforms/posix/CMakeLists.txt\nso it is available before the install rules are processed \\(package.cmake\nruns later\\). Gate both the top-level posix install block and the\nSITL-specific legacy install rules behind if\\(NOT DPKG_PROGRAM\\) so they\nonly run for tarball/ROS workflows.\n\nGate .deb install rules behind if\\(DPKG_PROGRAM\\) so they only run when\nbuilding .deb packages. Mark Gazebo resource installs as OPTIONAL so\nCPack does not fail when the gz submodule is not checked out.\n\nWithout this, both rule sets execute during .deb builds, triplicating\nfiles and pulling in the entire source tree \\(integrationtests, launch,\nTools, CMakeLists.txt, gazebo-classic models\\) into the package.\n\nSigned-off-by: Ramon Roche \nEOF\n\\)\")", + "Bash(git commit:*)", + "Bash(kill:*)", + "WebFetch(domain:cmake.org)", + "Bash(gh run watch:*)", + "Bash(gh pr list:*)", + "Bash(gh pr checks:*)", + "WebFetch(domain:discuss.px4.io)", + "Bash(gh issue list:*)", + "Bash(pkill:*)", + "WebFetch(domain:runs-on.com)", + "Bash(gh release:*)", + "Bash(docker manifest:*)", + "Bash(gh pr:*)", + "Bash(GIT_EDITOR=true git cherry-pick --continue)" + ] + } +} diff --git a/.github/actions/save-ccache/action.yml b/.github/actions/save-ccache/action.yml index c4db6b8b18..6c477c70e0 100644 --- a/.github/actions/save-ccache/action.yml +++ b/.github/actions/save-ccache/action.yml @@ -16,7 +16,7 @@ runs: - name: Cache - Save ccache if: always() - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 with: path: ~/.ccache key: ${{ inputs.cache-primary-key }} diff --git a/.github/actions/setup-ccache/action.yml b/.github/actions/setup-ccache/action.yml index f542c50d97..04b4bd64ef 100644 --- a/.github/actions/setup-ccache/action.yml +++ b/.github/actions/setup-ccache/action.yml @@ -33,7 +33,7 @@ runs: - name: Cache - Restore ccache id: restore - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.ccache key: ${{ inputs.cache-key-prefix }}-${{ github.ref_name }}-${{ github.sha }} diff --git a/.github/workflows/build_all_targets.yml b/.github/workflows/build_all_targets.yml index 92a73faaa6..6604f4922a 100644 --- a/.github/workflows/build_all_targets.yml +++ b/.github/workflows/build_all_targets.yml @@ -72,10 +72,10 @@ jobs: timestamp: ${{ steps.set-timestamp.outputs.timestamp }} branchname: ${{ steps.set-branch.outputs.branchname }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Python pip - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**./Tools/setup/requirements.txt') }} @@ -131,11 +131,10 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} steps: - uses: runs-on/action@v2 - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - - - name: Git ownership workaround + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' # ccache key breakdown: @@ -144,7 +143,7 @@ jobs: # ccache---- - name: Cache Restore from Key id: cc_restore - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.ccache key: ${{ format('ccache-{0}-{1}-{2}', runner.os, matrix.runner, matrix.group) }} @@ -176,7 +175,7 @@ jobs: ./Tools/ci/package_build_artifacts.sh - name: Upload Build Artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: px4_${{matrix.group}}_build_artifacts path: artifacts/ @@ -189,7 +188,7 @@ jobs: - name: Cache Save if: always() - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 with: path: ~/.ccache key: ${{ steps.cc_restore.outputs.cache-primary-key }} @@ -211,7 +210,7 @@ jobs: uploadlocation: ${{ steps.upload-location.outputs.uploadlocation }} steps: - name: Download Artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: path: artifacts/ merge-multiple: true diff --git a/.github/workflows/build_deb_package.yml b/.github/workflows/build_deb_package.yml index 44599cc081..2ec0203f36 100644 --- a/.github/workflows/build_deb_package.yml +++ b/.github/workflows/build_deb_package.yml @@ -42,9 +42,8 @@ jobs: - uses: runs-on/action@v2 - uses: actions/checkout@v6 with: - fetch-tags: true - submodules: false fetch-depth: 0 + fetch-tags: true - name: Set PX4 version id: version @@ -138,11 +137,10 @@ jobs: - uses: runs-on/action@v2 - uses: actions/checkout@v6 with: - submodules: false fetch-depth: 1 - name: Download Noble .deb artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: px4-sitl-debs-${{ matrix.target }}-noble-${{ matrix.arch }} path: docker-context @@ -157,13 +155,13 @@ jobs: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: driver: docker-container platforms: ${{ matrix.platform }} - name: Build and push container image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: docker-context file: Tools/packaging/${{ matrix.dockerfile }} diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index e33742339d..631fc7fb16 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -37,11 +37,9 @@ jobs: ] steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' @@ -57,11 +55,9 @@ jobs: image: ghcr.io/px4/px4-dev:v1.17.0-rc2 steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' diff --git a/.github/workflows/clang-tidy.yml b/.github/workflows/clang-tidy.yml index cb7166eae4..70f07da62c 100644 --- a/.github/workflows/clang-tidy.yml +++ b/.github/workflows/clang-tidy.yml @@ -30,7 +30,6 @@ jobs: with: fetch-depth: 0 fetch-tags: true - - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' diff --git a/.github/workflows/commit_checks.yml b/.github/workflows/commit_checks.yml index a011a47d6f..b3bf0882b8 100644 --- a/.github/workflows/commit_checks.yml +++ b/.github/workflows/commit_checks.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: sparse-checkout: Tools/ci fetch-depth: 1 @@ -56,7 +56,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: sparse-checkout: Tools/ci fetch-depth: 1 @@ -102,7 +102,7 @@ jobs: steps: - name: Checkout if: env.IS_FORK == 'false' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: sparse-checkout: Tools/ci fetch-depth: 1 diff --git a/.github/workflows/compile_macos.yml b/.github/workflows/compile_macos.yml index 7ec351c3da..e771615837 100644 --- a/.github/workflows/compile_macos.yml +++ b/.github/workflows/compile_macos.yml @@ -21,14 +21,14 @@ jobs: runs-on: macos-latest steps: - name: install Python 3.10 - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.10" - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache - Restore Homebrew Packages - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/Library/Caches/Homebrew/downloads key: macos-homebrew-${{ runner.arch }}-${{ hashFiles('Tools/setup/macos.sh') }} @@ -36,7 +36,7 @@ jobs: macos-homebrew-${{ runner.arch }}- - name: Cache - Restore pip Packages - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/Library/Caches/pip key: macos-pip-${{ runner.arch }}-${{ hashFiles('Tools/setup/requirements.txt') }} diff --git a/.github/workflows/compile_ubuntu.yml b/.github/workflows/compile_ubuntu.yml index 0a5d297034..07cbb4c2cc 100644 --- a/.github/workflows/compile_ubuntu.yml +++ b/.github/workflows/compile_ubuntu.yml @@ -48,7 +48,7 @@ jobs: apt update && apt install git -y git config --global --add safe.directory $(realpath .) - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Use AWS regional apt mirror if: startsWith(runner.name, 'runs-on--') diff --git a/.github/workflows/dev_container.yml b/.github/workflows/dev_container.yml index 9b6af779c1..1356540c29 100644 --- a/.github/workflows/dev_container.yml +++ b/.github/workflows/dev_container.yml @@ -51,12 +51,11 @@ jobs: meta_labels: ${{ steps.meta.outputs.labels }} steps: - uses: runs-on/action@v2 - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ github.event.inputs.build_ref || github.ref }} - fetch-tags: true - submodules: false fetch-depth: 0 + fetch-tags: true # If manual dispatch, take the userā€provided input - name: Set PX4 Tag Version @@ -96,12 +95,11 @@ jobs: runs-on: [runs-on,"runner=4cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",extras=s3-cache,spot=false] steps: - uses: runs-on/action@v2 - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ github.event.inputs.build_ref || github.ref }} - fetch-tags: true - submodules: false fetch-depth: 0 + fetch-tags: true - name: Login to Docker Hub uses: docker/login-action@v4 @@ -153,12 +151,11 @@ jobs: (startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry == 'true')) steps: - uses: runs-on/action@v2 - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ github.event.inputs.build_ref || github.ref }} - fetch-tags: true - submodules: false fetch-depth: 0 + fetch-tags: true - name: Login to Docker Hub uses: docker/login-action@v4 diff --git a/.github/workflows/docs-orchestrator.yml b/.github/workflows/docs-orchestrator.yml index 79d113567f..26b8a98c30 100644 --- a/.github/workflows/docs-orchestrator.yml +++ b/.github/workflows/docs-orchestrator.yml @@ -46,8 +46,8 @@ jobs: source_changed: ${{ steps.changes.outputs.source }} docs_changed: ${{ steps.changes.outputs.docs }} steps: - - uses: actions/checkout@v4 - - uses: dorny/paths-filter@v3 + - uses: actions/checkout@v6 + - uses: dorny/paths-filter@v4 id: changes with: filters: | @@ -73,19 +73,16 @@ jobs: image: ghcr.io/px4/px4-dev:v1.17.0-rc2 steps: - uses: runs-on/action@v2 - - - name: Checkout - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 submodules: recursive - - - name: Git ownership workaround + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' - name: Cache Restore - ccache id: cache-ccache - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.ccache key: ccache-docs-metadata-${{ github.sha }} @@ -104,7 +101,7 @@ jobs: CCACHE_DIR: ~/.ccache - name: Cache Save - ccache - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 if: always() with: path: ~/.ccache @@ -116,7 +113,7 @@ jobs: CCACHE_DIR: ~/.ccache - name: Upload metadata artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: pr-metadata path: docs/ @@ -137,7 +134,7 @@ jobs: - uses: runs-on/action@v2 - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 submodules: recursive @@ -148,7 +145,7 @@ jobs: - name: Cache Restore - ccache id: cache-ccache - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.ccache key: ccache-docs-metadata-${{ github.sha }} @@ -167,7 +164,7 @@ jobs: CCACHE_DIR: ~/.ccache - name: Cache Save - ccache - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 if: always() with: path: ~/.ccache @@ -216,21 +213,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 - name: Download metadata artifact if: needs.pr-metadata-regen.result == 'success' - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: pr-metadata path: docs/ - name: Get changed doc files id: changed-files - uses: tj-actions/changed-files@v46.0.5 + uses: tj-actions/changed-files@v47 with: json: true write_output_files: true @@ -247,7 +244,7 @@ jobs: cat ./logs/prFiles.json - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20 @@ -301,14 +298,14 @@ jobs: - name: Upload pr-comment artifact if: steps.prepare-pr-comment.outputs.prepared == 'true' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: pr-comment path: pr-comment/ retention-days: 1 - name: Upload link check results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: link-check-results path: logs/ @@ -333,15 +330,13 @@ jobs: releaseversion: ${{ steps.set-version.outputs.releaseversion }} steps: - uses: runs-on/action@v2 - - - name: Checkout - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} - name: Download metadata artifact (PR) if: github.event_name == 'pull_request' && needs.pr-metadata-regen.result == 'success' - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: pr-metadata path: docs/ @@ -365,7 +360,7 @@ jobs: echo "releaseversion=$version" >> $GITHUB_OUTPUT - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20 cache: npm @@ -384,7 +379,7 @@ jobs: npm run docs:sitemap - name: Upload artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: px4_docs_build path: docs/.vitepress/dist/ @@ -406,7 +401,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download Artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: px4_docs_build path: ~/_book diff --git a/.github/workflows/docs_crowdin_download.yml b/.github/workflows/docs_crowdin_download.yml index aa7034b700..8ecaad2f47 100644 --- a/.github/workflows/docs_crowdin_download.yml +++ b/.github/workflows/docs_crowdin_download.yml @@ -22,7 +22,7 @@ jobs: lc: [ko, uk, zh-CN] # Target languages https://developer.crowdin.com/language-codes/ steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Debug Environment Variables run: | echo "CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_DOCS_PROJECT_ID }}" diff --git a/.github/workflows/docs_crowdin_upload.yml b/.github/workflows/docs_crowdin_upload.yml index f5ec87a367..d55f459923 100644 --- a/.github/workflows/docs_crowdin_upload.yml +++ b/.github/workflows/docs_crowdin_upload.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: crowdin push uses: crowdin/github-action@v2 with: diff --git a/.github/workflows/docs_deploy.yml b/.github/workflows/docs_deploy.yml index a9723f7bd3..f5a2ccf3b7 100644 --- a/.github/workflows/docs_deploy.yml +++ b/.github/workflows/docs_deploy.yml @@ -23,11 +23,10 @@ jobs: runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",extras=s3-cache,spot=false] steps: - uses: runs-on/action@v2 - - name: Checkout - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20 cache: npm @@ -46,7 +45,7 @@ jobs: - name: Upload artifact if: ${{ github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.merged) || github.event_name == 'workflow_dispatch' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: px4_docs_build path: docs/.vitepress/dist/ @@ -59,7 +58,7 @@ jobs: steps: - name: Download Artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: px4_docs_build path: ~/_book diff --git a/.github/workflows/ekf_functional_change_indicator.yml b/.github/workflows/ekf_functional_change_indicator.yml index b426f7fafd..7feb0531bb 100644 --- a/.github/workflows/ekf_functional_change_indicator.yml +++ b/.github/workflows/ekf_functional_change_indicator.yml @@ -20,7 +20,7 @@ jobs: image: ghcr.io/px4/px4-dev:v1.17.0-rc2 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/failsafe_sim.yml b/.github/workflows/failsafe_sim.yml index f3db5bb3b3..161d018adb 100644 --- a/.github/workflows/failsafe_sim.yml +++ b/.github/workflows/failsafe_sim.yml @@ -33,22 +33,20 @@ jobs: options: --privileged --ulimit core=-1 --security-opt seccomp=unconfined steps: - uses: runs-on/action@v2 + - uses: actions/checkout@v6 + with: + fetch-depth: 0 + - name: Configure Git Safe Directory + run: git config --system --add safe.directory '*' - name: Install Node v20.18.0 - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20.18.0 - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Git ownership workaround - run: git config --system --add safe.directory '*' - - name: Cache - Restore Emscripten SDK id: cache-emsdk - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: _emscripten_sdk key: emsdk-4.0.15 diff --git a/.github/workflows/flash_analysis.yml b/.github/workflows/flash_analysis.yml index aa8391b203..861053843a 100644 --- a/.github/workflows/flash_analysis.yml +++ b/.github/workflows/flash_analysis.yml @@ -37,18 +37,16 @@ jobs: px4_fmu-v6x-bloaty-summary-map: ${{ steps.gen-output.outputs.px4_fmu-v6x-bloaty-summary-map }} steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 submodules: recursive - - - name: Git ownership workaround + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' - name: Cache - Restore ccache (current) id: cache_current - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.ccache key: ccache-flash-${{ matrix.target }}-current-${{ github.ref_name }}-${{ github.sha }} @@ -79,7 +77,7 @@ jobs: - name: Cache - Save ccache (current) if: always() - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 with: path: ~/.ccache key: ${{ steps.cache_current.outputs.cache-primary-key }} @@ -105,7 +103,7 @@ jobs: - name: Cache - Restore ccache (baseline) id: cache_baseline - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.ccache key: ccache-flash-${{ matrix.target }}-baseline-${{ github.sha }} @@ -126,7 +124,7 @@ jobs: - name: Cache - Save ccache (baseline) if: always() - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 with: path: ~/.ccache key: ${{ steps.cache_baseline.outputs.cache-primary-key }} @@ -162,7 +160,7 @@ jobs: if: github.event.pull_request steps: - name: Find Comment - uses: peter-evans/find-comment@v3 + uses: peter-evans/find-comment@v4 id: fc with: issue-number: ${{ github.event.pull_request.number }} @@ -220,7 +218,7 @@ jobs: env.V5X-SUMMARY-MAP-ABS <= fromJSON(env.MIN_FLASH_NEG_DIFF_FOR_COMMENT) || env.V6X-SUMMARY-MAP-ABS >= fromJSON(env.MIN_FLASH_POS_DIFF_FOR_COMMENT) || env.V6X-SUMMARY-MAP-ABS <= fromJSON(env.MIN_FLASH_NEG_DIFF_FOR_COMMENT) - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: pr-comment path: pr-comment/ diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index 5fc26f8063..3d577256b1 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -24,7 +24,7 @@ jobs: run: | git config --global --add safe.directory $(realpath .) - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Build and Run Fuzz Tests run: | diff --git a/.github/workflows/itcm_check.yml b/.github/workflows/itcm_check.yml index 412941a8d7..242d986646 100644 --- a/.github/workflows/itcm_check.yml +++ b/.github/workflows/itcm_check.yml @@ -47,12 +47,10 @@ jobs: boards/nxp/mr-tropic/nuttx-config/scripts/itcm_static_functions.ld steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - - name: Git ownership workaround + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' - uses: ./.github/actions/setup-ccache diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index 1a69cfdbf5..72ba6c22a1 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -16,6 +16,6 @@ jobs: pull-requests: write steps: - - uses: actions/labeler@v5 + - uses: actions/labeler@v6 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/mavros_tests.yml b/.github/workflows/mavros_tests.yml index a2bff180ef..b8df2541d8 100644 --- a/.github/workflows/mavros_tests.yml +++ b/.github/workflows/mavros_tests.yml @@ -34,12 +34,10 @@ jobs: - {name: "Offboard", test_file: "mavros_posix_tests_offboard_posctl.test", params: "vehicle:=iris"} steps: - uses: runs-on/action@v2 - - uses: actions/checkout@v6 with: fetch-depth: 1 - - - name: Setup - Configure Git Safe Directory + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' - name: Setup - Install Python Test Dependencies diff --git a/.github/workflows/pr-comment-poster.yml b/.github/workflows/pr-comment-poster.yml index 9775dc7a23..eed79c0443 100644 --- a/.github/workflows/pr-comment-poster.yml +++ b/.github/workflows/pr-comment-poster.yml @@ -114,7 +114,7 @@ jobs: - name: Download pr-comment artifact id: download - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const artifacts = await github.rest.actions.listWorkflowRunArtifacts({ diff --git a/.github/workflows/pr-review-poster.yml b/.github/workflows/pr-review-poster.yml index 27c1f5a709..e71f647d1f 100644 --- a/.github/workflows/pr-review-poster.yml +++ b/.github/workflows/pr-review-poster.yml @@ -136,7 +136,7 @@ jobs: - name: Download pr-review artifact id: download - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const artifacts = await github.rest.actions.listWorkflowRunArtifacts({ diff --git a/.github/workflows/python_checks.yml b/.github/workflows/python_checks.yml index 5907fbd95c..481cb16194 100644 --- a/.github/workflows/python_checks.yml +++ b/.github/workflows/python_checks.yml @@ -17,13 +17,12 @@ jobs: runs-on: [runs-on,runner=1cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}"] steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.10" diff --git a/.github/workflows/ros_integration_tests.yml b/.github/workflows/ros_integration_tests.yml index cf20b64931..14ac57cc97 100644 --- a/.github/workflows/ros_integration_tests.yml +++ b/.github/workflows/ros_integration_tests.yml @@ -31,12 +31,10 @@ jobs: PX4_SBOM_DISABLE: 1 steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - - name: Git Ownership Workaround + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' - name: Update ROS Keys @@ -57,7 +55,7 @@ jobs: - name: Cache - Restore Micro-XRCE-DDS Agent id: cache-xrce-agent - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: /opt/Micro-XRCE-DDS-Agent key: xrce-agent-v2.2.1-fastdds-2.8.2-galactic-2021-09-08 @@ -77,7 +75,7 @@ jobs: - name: Cache - Restore PX4 ROS 2 Interface Library Workspace id: cache-px4-ros2-ws - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: /opt/px4_ws # Bump 'v1' when the cached workspace layout changes in a way @@ -134,7 +132,7 @@ jobs: - name: Upload failed logs if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: failed-logs.zip path: | diff --git a/.github/workflows/ros_translation_node.yml b/.github/workflows/ros_translation_node.yml index 916368a476..6ba3f181eb 100644 --- a/.github/workflows/ros_translation_node.yml +++ b/.github/workflows/ros_translation_node.yml @@ -35,11 +35,9 @@ jobs: image: ros:${{ matrix.config.ros_version }}-ros-base-${{ matrix.config.ubuntu }} steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' diff --git a/.github/workflows/sbom_license_check.yml b/.github/workflows/sbom_license_check.yml index a2fe3ecf9d..81c880903e 100644 --- a/.github/workflows/sbom_license_check.yml +++ b/.github/workflows/sbom_license_check.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 submodules: false diff --git a/.github/workflows/sbom_monthly_audit.yml b/.github/workflows/sbom_monthly_audit.yml index 418ab5e22c..051dd9afb6 100644 --- a/.github/workflows/sbom_monthly_audit.yml +++ b/.github/workflows/sbom_monthly_audit.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: ref: ${{ inputs.branch || github.ref }} fetch-depth: 1 @@ -51,7 +51,7 @@ jobs: - name: Create issue if problems found if: steps.check.outputs.has_issues == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const fs = require('fs'); diff --git a/.github/workflows/sitl_tests.yml b/.github/workflows/sitl_tests.yml index e2f7b369c0..ce44f3d879 100644 --- a/.github/workflows/sitl_tests.yml +++ b/.github/workflows/sitl_tests.yml @@ -43,12 +43,10 @@ jobs: steps: - uses: runs-on/action@v2 - - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - - name: Git Ownership Workaround + - name: Configure Git Safe Directory run: git config --system --add safe.directory '*' - uses: ./.github/actions/setup-ccache @@ -99,7 +97,7 @@ jobs: - name: Upload failed logs if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: failed-${{matrix.config.model}}-logs.zip path: | @@ -113,7 +111,7 @@ jobs: - name: Upload PX4 coredump if: failure() && ${{ hashFiles('px4.core') != '' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: coredump path: px4.core @@ -130,7 +128,7 @@ jobs: - name: Upload Coverage Information to Codecov if: contains(matrix.config.build_type, 'Coverage') - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v6 with: token: ${{ secrets.CODECOV_TOKEN }} flags: mavsdk diff --git a/.github/workflows/sync_to_px4_msgs.yml b/.github/workflows/sync_to_px4_msgs.yml index eae00f3b3f..56966ff0e3 100644 --- a/.github/workflows/sync_to_px4_msgs.yml +++ b/.github/workflows/sync_to_px4_msgs.yml @@ -20,7 +20,7 @@ jobs: runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu22-full-x64,"run-id=${{ github.run_id }}",spot=false] steps: - name: Checkout PX4 repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup git credentials run: | diff --git a/.github/workflows/tag_px4_msgs_from_px4_release_tag.yml b/.github/workflows/tag_px4_msgs_from_px4_release_tag.yml index 06cce7ed3b..f189a98ab8 100644 --- a/.github/workflows/tag_px4_msgs_from_px4_release_tag.yml +++ b/.github/workflows/tag_px4_msgs_from_px4_release_tag.yml @@ -22,7 +22,7 @@ jobs: TAG_NAME: ${{ github.event_name == 'workflow_dispatch' && inputs.tag_name || github.ref_name }} steps: - name: Checkout PX4 repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 fetch-tags: true