Merge branch 'master' into kc/arg_usings

Author: vtjnash

.devcontainer/Dockerfile

@@ -1,8 +1,12 @@
 {
-    "extensions": [
-      "julialang.language-julia",
-      "ms-vscode.cpptools"
-    ],
-  
-    "dockerFile": "Dockerfile"
+  "image": "docker.io/library/julia:latest",
+  "customizations": {
+      "vscode": {
+        "extensions": [
+          "julialang.language-julia",
+          "ms-vscode.cpptools"
+        ]
+     }
+  },
+  "onCreateCommand": "apt-get update && apt-get install -y build-essential libatomic1 python3 gfortran perl wget m4 cmake pkg-config git"
 }

.devcontainer/devcontainer.json

@@ -7,3 +7,7 @@ e66bfa5dd32f93e76068c00ad882c1fc839c5af8
 100a741e7ab38c91d48cc929bb001afc8e09261f
 # whitespace: replace tabs => space
 b03e8ab9c7bd3e001add519571858fa04d6a249b
+# whitespace: replace 2-space => 4-space for indentation
+f1b567507731129f90ca0dffc8fbc0ed98b6a15d
+# whitespace: replace multiple spaces after period with a single space
+f942c29bb0d02cc24f19712c642ac72ffc85a26b

.git-blame-ignore-revs

@@ -4,3 +4,11 @@ CODEOWNERS @JuliaLang/github-actions
 
 /.github/workflows/rerun_failed.yml @DilumAluthge
 /.github/workflows/statuses.yml @DilumAluthge
+/.github/workflows/PrAssignee.yml @LilithHafner @DilumAluthge
+/base/special/ @oscardssmith
+/base/sort.jl @LilithHafner
+/test/sorting.jl @LilithHafner
+/stdlib/*_jll @giordano
+/base/binaryplatforms.jl @giordano
+/src/julia_gcext.h @fingolfin
+/test/gcext/gcext.c @fingolfin

.github/CODEOWNERS

@@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    open-pull-requests-limit: 100
+    labels:
+      - "dependencies"
+      - "github-actions"
+      - "domain:ci"

.github/dependabot.yml

@@ -11,9 +11,9 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 2
     steps:
-    - uses: yogevbd/[email protected]
+    - uses: yogevbd/enforce-label-action@a3c219da6b8fa73f6ba62b68ff09c469b3a1c024 # 2.2.2
       with:
         # REQUIRED_LABELS_ANY: "bug,enhancement,skip-changelog"
         # REQUIRED_LABELS_ANY_DESCRIPTION: "Select at least one label ['bug','enhancement','skip-changelog']"
-        BANNED_LABELS: "needs docs,needs compat annotation,needs more info,needs nanosoldier run,needs news,needs pkgeval,needs tests,DO NOT MERGE"
-        BANNED_LABELS_DESCRIPTION: "A PR should not be merged with `needs *` or `DO NOT MERGE` labels"
+        BANNED_LABELS: "needs docs,needs compat annotation,needs more info,needs nanosoldier run,needs news,needs pkgeval,needs tests,needs decision,DO NOT MERGE,status:DO NOT MERGE"
+        BANNED_LABELS_DESCRIPTION: "A PR should not be merged with `needs *` or `status:DO NOT MERGE` labels"

.github/workflows/LabelCheck.yml

@@ -0,0 +1,210 @@
+name: PR Assignee
+on:
+  # Important security note: Do NOT use `actions/checkout`
+  # or any other method for checking out the pull request's source code.
+  # This is because the pull request's source code is untrusted, but the
+  # GITHUB_TOKEN has write permissions (because of the `on: pull_request_target` event).
+  #
+  # Quoting from the GitHub Docs:
+  # > For workflows that are triggered by the pull_request_target event, the GITHUB_TOKEN is granted
+  # > read/write repository permission unless the permissions key is specified and the workflow can access secrets,
+  # > even when it is triggered from a fork.
+  # >
+  # > Although the workflow runs in the context of the base of the pull request,
+  # > you should make sure that you do not check out, build, or run untrusted code from the pull request with this event.
+  #
+  # Source: https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target
+  #
+  # See also: https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/
+  pull_request_target:
+    types: [opened, reopened, ready_for_review]
+
+# Permissions for the `GITHUB_TOKEN`:
+permissions:
+  pull-requests: write # Needed in order to assign a user as the PR assignee
+
+jobs:
+  pr-assignee:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.pull_request.draft != true }}
+    steps:
+      # Important security note: As discussed above, do NOT use `actions/checkout`
+      # or any other method for checking out the pull request's source code.
+      # This is because the pull request's source code is untrusted, but the
+      # GITHUB_TOKEN has write permissions (because of the `on: pull_request_target` event).
+      - name: Add Assignee
+        # We pin all third-party actions to a full length commit SHA
+        # https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        with:
+          retries: 5 # retry GitHub API requests up to 5 times, with exponential backoff
+          retry-exempt-status-codes: 404
+          # Don't retry 404 because we will hit a 404 when the PR author is a committer.
+          # This 404 is normal and expected.
+          # Do retry 400 and other 4xx errors because github sometimes (erroneously)
+          # returns a 4xx error code due to server errors.
+          script: |
+            const oldPrAssignees = context.payload.pull_request.assignees
+              .map(obj => obj.login)
+            console.log('oldPrAssignees: ', oldPrAssignees);
+            const prAuthor = context.payload.pull_request.user.login;
+
+            // Check if the PR is opened by a collaborator on the repo, aka someone with write (commit) permissions or higher.
+            const relevantPerms = [
+              // 'triage', // Uncomment this line if you don't want PRs from triagers to get auto-assignees.
+              'push',
+              'maintain',
+              'admin',
+            ]
+            const allCollaboratorsNestedPromises = relevantPerms.map(
+              (perm) => github.paginate(
+                // We use the `/repos/{owner}/{repo}/collaborators` endpoint to avoid needing org scope permissions:
+                '/repos/{owner}/{repo}/collaborators',
+                {
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  per_page: 100,
+                  permission: perm,
+                },
+                (response) => response.data.map((collaboratorInfo) => collaboratorInfo.login),
+              )
+            )
+            const allCollaboratorsNested = await Promise.all(allCollaboratorsNestedPromises);
+            const allCollaboratorsFlattened = allCollaboratorsNested.flat();
+
+            // Skip BumpStdlibs.jl PRs
+            allCollaboratorsFlattened.push('DilumAluthgeBot');
+            // Skip Dependabot PRs
+            allCollaboratorsFlattened.push('dependabot');
+
+            const isCollaborator = allCollaboratorsFlattened.includes(prAuthor);
+
+            console.log('prAuthor: ', prAuthor);
+            console.log('isCollaborator: ', isCollaborator);
+
+            // Load the list of assignable reviewers from the JuliaLang/pr-assignment repo at:
+            // https://github.com/JuliaLang/pr-assignment/blob/main/users.txt
+            //
+            // NOTE to JuliaLang committers: If you want to be assigned to new PRs, please add your
+            // GitHub username to that file.
+
+            // Load file contents
+            const { data: fileContentsObj } = await github.rest.repos.getContent({
+              owner: 'JuliaLang',
+              repo: 'pr-assignment',
+              path: 'users.txt',
+              ref: 'main',
+            });
+
+            const fileContentsBufferObj = Buffer.from(fileContentsObj.content, "base64");
+            const fileContentsText = fileContentsBufferObj.toString("utf8");
+
+            // Find lines that match the following regex, and extract the usernames:
+            const regex = /^@([a-zA-Z0-9\-]+)(\s*?)?(#[\S]*?)?$/;
+            const assigneeCandidates = fileContentsText
+              .split('\n')
+              .map(line => line.trim())
+              .map(line => line.match(regex))
+              .filter(match => match !== null)
+              .map(match => match[1]);
+
+            console.log('assigneeCandidates: ', assigneeCandidates);
+            if (assigneeCandidates.length < 1) {
+              const msg = 'ERROR: Could not find any assigneeCandidates';
+              console.error(msg);
+              throw new Error(msg);
+            }
+
+            if (oldPrAssignees.length >= 1) {
+              console.log('Skipping this PR, because it already has at least one assignee');
+              return;
+            }
+
+
+            const RUNNER_DEBUG_original = process.env.RUNNER_DEBUG;
+            console.log('RUNNER_DEBUG_original: ', RUNNER_DEBUG_original);
+            if (RUNNER_DEBUG_original === undefined) {
+              var thisIsActionsRunnerDebugMode = false;
+            } else {
+              const RUNNER_DEBUG_trimmed = RUNNER_DEBUG_original.trim().toLowerCase()
+              if (RUNNER_DEBUG_trimmed.length < 1) {
+                var thisIsActionsRunnerDebugMode = false;
+              } else {
+                var thisIsActionsRunnerDebugMode = (RUNNER_DEBUG_trimmed == 'true') || (RUNNER_DEBUG_trimmed == '1');
+              }
+            }
+            console.log('thisIsActionsRunnerDebugMode: ', thisIsActionsRunnerDebugMode);
+
+            if (isCollaborator == true) {
+
+              if (thisIsActionsRunnerDebugMode) {
+                // The PR author is a committer
+                // But thisIsActionsRunnerDebugMode is true, so we proceed to still run the rest of the script
+                console.log('PR is authored by JuliaLang committer, but thisIsActionsRunnerDebugMode is true, so we will still run the rest of the script: ', prAuthor);
+              } else {
+                // The PR author is a committer, so we skip assigning them
+                console.log('Skipping PR authored by JuliaLang committer: ', prAuthor);
+                console.log('Note: If you want to run the full script (even though the PR author is a committer), simply re-run this job with Actions debug logging enabled');
+                return;
+              }
+            }
+
+            var weDidEncounterError = false;
+
+            // Assign random committer
+            const selectedAssignee = assigneeCandidates[Math.floor(Math.random()*assigneeCandidates.length)]
+            console.log('selectedAssignee: ', selectedAssignee);
+            console.log(`Attempting to assign @${selectedAssignee} to this PR...`);
+            await github.rest.issues.addAssignees({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.payload.pull_request.number,
+              assignees: selectedAssignee,
+            });
+
+            // The following is commented out because the label only makes sense in the presence of a larger state machine
+            // // Add the "pr review" label
+            // const prReviewLabel = 'status: waiting for PR reviewer';
+            // console.log('Attempting to add prReviewLabel to this PR...');
+            // await github.rest.issues.addLabels({
+            //   owner: context.repo.owner,
+            //   repo: context.repo.repo,
+            //   issue_number: context.payload.pull_request.number,
+            //   labels: [prReviewLabel],
+            // });
+
+            // Now get the updated PR info, and see if we were successful:
+            const updatedPrData = await github.rest.pulls.get({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: context.payload.pull_request.number,
+            });
+            const newPrAssignees = updatedPrData
+              .data
+              .assignees
+              .map(element => element.login)
+            console.log('newPrAssignees: ', newPrAssignees);
+            if (newPrAssignees.includes(selectedAssignee)) {
+              console.log(`Successfully assigned @${selectedAssignee}`);
+            } else {
+              weDidEncounterError = true;
+              console.log(`ERROR: Failed to assign @${selectedAssignee}`);
+            }
+            // const newPrLabels = updatedPrData
+            //   .data
+            //   .labels
+            //   .map(element => element.name)
+            // console.log('newPrLabels: ', newPrLabels);
+            // if (newPrLabels.includes(prReviewLabel)) {
+            //   console.log('Successfully added prReviewLabel');
+            // } else {
+            //   weDidEncounterError = true;
+            //   console.log('ERROR: Failed to add add prReviewLabel');
+            // }
+
+            // Exit with error if any problems were encountered earlier
+            if (weDidEncounterError) {
+              const msg = 'ERROR: Encountered at least one problem while running the script';
+              console.error(msg);
+              throw new Error(msg);
+            }

.github/workflows/PrAssignee.yml

@@ -0,0 +1,70 @@
+name: Typos
+
+permissions: {}
+
+on: [pull_request]
+
+jobs:
+  typos-check:
+    name: Check for new typos
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - name: Checkout the JuliaLang/julia repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+      - name: Check spelling with typos
+        #uses: crate-ci/typos@c7af4712eda24dd1ef54bd8212973888489eb0ce # v1.23.5
+        env:
+          GH_TOKEN: "${{ github.token }}"
+        run: |
+          git fetch --depth=1 origin ${{ github.base_ref }}
+          OLD_FILES=$(git diff-index --name-only --diff-filter=ad FETCH_HEAD)
+          NEW_FILES=$(git diff-index --name-only --diff-filter=d FETCH_HEAD)
+
+          # This is necessary because the typos command interprets the
+          # empty string as "check all files" rather than "check no files".
+          if [ -z "$NEW_FILES" ]; then
+            echo "All edited files were deleted. Skipping typos check."
+            exit 0
+          fi
+
+          mkdir -p "${{ runner.temp }}/typos"
+          RELEASE_ASSET_URL="$(
+            gh api /repos/crate-ci/typos/releases/latest \
+            --jq '."assets"[] | select(."name" | test("^typos-.+-x86_64-unknown-linux-musl\\.tar\\.gz$")) | ."browser_download_url"'
+          )"
+          wget --secure-protocol=TLSv1_3 --max-redirect=1 --retry-on-host-error --retry-connrefused --tries=3 \
+            --quiet --output-document=- "${RELEASE_ASSET_URL}" \
+            | tar -xz -C "${{ runner.temp }}/typos" ./typos
+          "${{ runner.temp }}/typos/typos" --version
+
+          echo -n $NEW_FILES | xargs "${{ runner.temp }}/typos/typos" --format json >> ${{ runner.temp }}/new_typos.jsonl || true
+          git checkout FETCH_HEAD -- $OLD_FILES
+          if [ -z "$OLD_FILES" ]; then
+            touch "${{ runner.temp }}/old_typos.jsonl" # No old files, so no old typos.
+          else
+            echo -n $OLD_FILES | xargs "${{ runner.temp }}/typos/typos" --format json >> ${{ runner.temp }}/old_typos.jsonl || true
+          fi
+
+
+          python -c '
+          import sys, json
+          old = set()
+          with open(sys.argv[1]) as old_file:
+            for line in old_file:
+              j = json.loads(line)
+              if j["type"] == "typo":
+                old.add(j["typo"])
+          clean = True
+          with open(sys.argv[2]) as new_file:
+            for line in new_file:
+              new = json.loads(line)
+              if new["type"] == "typo" and new["typo"] not in old:
+                if len(new["typo"]) > 6: # Short typos might be false positives. Long are probably real.
+                  clean = False
+                print("::warning file={},line={},col={}::perhaps \"{}\" should be \"{}\".".format(
+                  new["path"], new["line_num"], new["byte_offset"],
+                  new["typo"], " or ".join(new["corrections"])))
+          sys.exit(1 if not clean else 0)' "${{ runner.temp }}/old_typos.jsonl" "${{ runner.temp }}/new_typos.jsonl"

.github/workflows/Typos.yml

@@ -0,0 +1,26 @@
+name: Whitespace
+
+permissions: {}
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+jobs:
+  whitespace:
+    name: Check whitespace
+    runs-on: ubuntu-latest
+    timeout-minutes: 2
+    steps:
+      - name: Checkout the JuliaLang/julia repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+      - uses: julia-actions/setup-julia@5c9647d97b78a5debe5164e9eec09d653d29bd71 # v2.6.1
+        with:
+          version: '1.11.6'
+      - name: Check whitespace
+        run: |
+          contrib/check-whitespace.jl