Merge remote-tracking branch 'upstream/develop' into random-Caaa

Author: stdlib-bot

.github/workflows/autoclose.yml

@@ -37,11 +37,6 @@ jobs:
     # Only run this job if the pull request has a specific label:
     if: "${{ github.event.label.name == 'autoclose: EditorConfig' }}"
 
-    # Define job permissions:
-    permissions:
-      contents: read
-      pull-requests: write
-
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
@@ -73,11 +68,6 @@ jobs:
     # Only run this job if the pull request has a specific label:
     if: "${{ github.event.label.name == 'autoclose: Contributor Guidelines' }}"
 
-    # Define job permissions:
-    permissions:
-      contents: read
-      pull-requests: write
-
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
@@ -109,11 +99,6 @@ jobs:
     # Only run this job if the pull request has a specific label:
     if: "${{ github.event.label.name == 'autoclose: Project Conventions' }}"
 
-    # Define job permissions:
-    permissions:
-      contents: read
-      pull-requests: write
-
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
@@ -149,11 +134,6 @@ jobs:
     # Only run this job if the pull request has a specific label:
     if: "${{ github.event.label.name == 'autoclose: Spam' }}"
 
-    # Define job permissions:
-    permissions:
-      contents: read
-      pull-requests: write
-
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
@@ -189,12 +169,6 @@ jobs:
     # Only run this job if the pull request has a specific label:
     if: "${{ github.event.label.name == 'autoclose: Stale' }}"
 
-    # Define job permissions:
-    permissions:
-      contents: read
-      issues: write
-      pull-requests: write
-
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
@@ -221,11 +195,6 @@ jobs:
     # Only run this job if the pull request has a specific label:
     if: "${{ github.event.label.name == 'autoclose: Git History' }}"
 
-    # Define job permissions:
-    permissions:
-      contents: read
-      pull-requests: write
-
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
@@ -252,3 +221,30 @@ jobs:
             We recommend opening a new pull request with only the intended changes.
 
             Thank you for your interest in stdlib, and we look forward to your future contributions.
+
+  # Define a job which closes a pull request if proposed changes duplicate already included changes:
+  already_resolved:
+
+    # Define job name:
+    name: 'Check for already resolved label'
+
+    # Only run this job if the pull request has a specific label:
+    if: "${{ github.event.label.name == 'autoclose: Already Resolved' }}"
+
+    # Define the type of virtual host machine:
+    runs-on: ubuntu-latest
+
+    # Define the sequence of job steps:
+    steps:
+
+      # Close the pull request:
+      - name: 'Close pull request'
+        run: gh pr close "$NUMBER" --comment "$BODY"
+        env:
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+          GH_REPO: ${{ github.repository }}
+          NUMBER: ${{ github.event.pull_request.number }}
+          BODY: |
+            Thank you for working on this pull request. However, we cannot accept your contribution as the issue this pull request seeks to resolve has already been addressed in a different pull request or commit.
+
+            Thank you again for your interest in stdlib, and we look forward to reviewing your future contributions.

.github/workflows/check_commit_metadata.yml

@@ -53,14 +53,10 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          # Specify whether to remove untracked files before checking out the repository:
-          clean: true
-
-          # Limit clone depth to the most recent commit:
-          fetch-depth: 1
-
-          # Specify whether to download Git-LFS files:
-          lfs: false
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+              .github/workflows/scripts
+          sparse-checkout-cone-mode: false
         timeout-minutes: 10
 
       # Extract commit metadata from commit messages as JSON:

.github/workflows/check_contributing_guidelines_acceptance.yml

@@ -50,9 +50,6 @@ permissions:
   # Allow read-only access to the repository contents:
   contents: read
 
-  # Allow write access to pull requests:
-  pull-requests: write
-
 # Workflow jobs:
 jobs:
 
@@ -75,14 +72,10 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          # Specify whether to remove untracked files before checking out the repository:
-          clean: true
-
-          # Limit clone depth to the most recent commit:
-          fetch-depth: 1
-
-          # Specify whether to download Git-LFS files:
-          lfs: false
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+              .github/workflows/scripts
+          sparse-checkout-cone-mode: false
         timeout-minutes: 10
 
       # Check contributing guidelines acceptance:

.github/workflows/create_address_commit_comment_issues.yml

@@ -55,14 +55,10 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          # Specify whether to remove untracked files before checking out the repository:
-          clean: false
-
-          # Limit clone depth to the most recent commit:
-          fetch-depth: 1
-
-          # Specify whether to download Git-LFS files:
-          lfs: false
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+              .github/workflows/scripts
+          sparse-checkout-cone-mode: false
         timeout-minutes: 10
 
       # Create issues from commit comments:

.github/workflows/generate_pr_commit_message.yml

@@ -30,12 +30,6 @@ permissions:
   # Allow read-only access to the repository contents:
   contents: read
 
-  # Allow write access to issues, assignees, labels, and milestones:
-  issues: write
-
-  # Allow write access to pull requests:
-  pull-requests: write
-
 # Workflow jobs:
 jobs:
 
@@ -62,8 +56,11 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          # Fetch all commits to ensure we have the full commit history:
-          fetch-depth: 0
+          # Ensure we have access to the scripts directory and .mailmap file for generating the commit message:
+          sparse-checkout: |
+            .github/workflows/scripts
+            .mailmap
+          sparse-checkout-cone-mode: false
 
       # Generate commit message:
       - name: 'Generate commit message'

.github/workflows/git_note_amend_message.yml

@@ -120,7 +120,7 @@ jobs:
       # Import GPG key to sign commits:
       - name: 'Import GPG key to sign commits'
         # Pin action to full length commit SHA
-        uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
         with:
           gpg_private_key: ${{ secrets.STDLIB_BOT_GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.STDLIB_BOT_GPG_PASSPHRASE }}

.github/workflows/git_note_filter_packages.yml

@@ -129,7 +129,7 @@ jobs:
       # Import GPG key to sign commits:
       - name: 'Import GPG key to sign commits'
         # Pin action to full length commit SHA
-        uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
         with:
           gpg_private_key: ${{ secrets.STDLIB_BOT_GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.STDLIB_BOT_GPG_PASSPHRASE }}

.github/workflows/good_first_issue.yml

@@ -40,7 +40,6 @@ jobs:
     # Define job permissions:
     permissions:
       contents: read
-      pull-requests: write
 
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest

.github/workflows/label_good_first_prs.yml

@@ -43,8 +43,8 @@ jobs:
 
     # Define job permissions:
     permissions:
+      # Allow read-only access to the repository contents:
       contents: read
-      pull-requests: write
 
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
@@ -56,14 +56,10 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          # Specify whether to remove untracked files before checking out the repository:
-          clean: true
-
-          # Limit clone depth to the most recent commit:
-          fetch-depth: 1
-
-          # Specify whether to download Git-LFS files:
-          lfs: false
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+              .github/workflows/scripts
+          sparse-checkout-cone-mode: false
         timeout-minutes: 10
 
       # Check whether any of the referenced issues is a "Good First Issue":

.github/workflows/labeler.yml

@@ -49,7 +49,6 @@ jobs:
     # Define job permissions:
     permissions:
       contents: read
-      pull-requests: write
 
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest

.github/workflows/lint_autofix.yml

@@ -161,7 +161,7 @@ jobs:
       # Import GPG key to sign commits:
       - name: 'Import GPG key to sign commits'
         # Pin action to full length commit SHA
-        uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
         with:
           gpg_private_key: ${{ secrets.STDLIB_BOT_GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.STDLIB_BOT_GPG_PASSPHRASE }}

.github/workflows/lint_changed_files.yml

@@ -75,7 +75,7 @@ jobs:
       # Cache dependencies:
       - name: 'Cache dependencies'
         # Pin action to full length commit SHA
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: cache
         with:
           path: |
@@ -264,7 +264,7 @@ jobs:
       - name: 'Setup R'
         if: ( success() || failure() ) && steps.check-r-files.outputs.files != ''
         # Pin action to full length commit SHA
-        uses: r-lib/actions/setup-r@14a7e741c1cb130261263aa1593718ba42cf443b # v2.11.2
+        uses: r-lib/actions/setup-r@bd49c52ffe281809afa6f0fecbf37483c5dd0b93 # v2.11.3
         with:
           r-version: '3.5.3'
 

.github/workflows/lint_pr_title.yml

@@ -62,8 +62,8 @@ jobs:
           # Specify whether to remove untracked files before checking out the repository:
           clean: false
 
-          # Limit clone depth to the most recent 100 commits:
-          fetch-depth: 100
+          # Limit clone depth to the most recent commit:
+          fetch-depth: 1
 
           # Specify whether to download Git-LFS files:
           lfs: false
@@ -90,5 +90,7 @@ jobs:
         run: |
           echo "Pull request titles should follow stdlib's Git commit message conventions."
           echo "Linting pull request title..."
-          make lint-commit-message GIT_COMMIT_MESSAGE="${PR_TITLE}"
+          PR_TITLE_FILE="${GITHUB_WORKSPACE}/pr_title.txt"
+          printf '%s\n' "$PR_TITLE" > "$PR_TITLE_FILE"
+          make lint-commit-files FILES="$PR_TITLE_FILE"
         timeout-minutes: 5

.github/workflows/lint_random_files.yml

@@ -230,6 +230,12 @@ jobs:
           \`\`\`
           $(cat lint_editorconfig_errors.txt | strip_ansi)
           \`\`\`
+
+          ### Pull Request Instructions
+
+          -   Please use the following PR title format:
+          "chore: fix EditorConfig lint errors (issue #<ISSUE_NUMBER>)".
+          -   Reference this issue in the "Related Issues" section of the PR body as "resolves #<ISSUE_NUMBER>".
           EOF
 
           . "$GITHUB_WORKSPACE/.github/workflows/scripts/create_sub_issue" \
@@ -370,20 +376,26 @@ jobs:
         run: |
           BODY_FILE="$GITHUB_WORKSPACE/lint_issue_body.md"
           cat << EOF > "$BODY_FILE"
-          ## JavaScript Linting Failures
+            ## JavaScript Linting Failures
 
-          Linting failures were detected in the automated JavaScript lint workflow run.
+            Linting failures were detected in the automated JavaScript lint workflow run.
 
-          ### Workflow Details
+            ### Workflow Details
 
-          - Run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
-          - Type: JavaScript Linting
-          - Date: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+            - Run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+            - Type: JavaScript Linting
+            - Date: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
 
-          ### Error Details
-          \`\`\`
-          $(cat lint_javascript_errors.txt)
-          \`\`\`
+            ### Error Details
+            \`\`\`
+            $(cat lint_javascript_errors.txt)
+            \`\`\`
+
+            ### Pull Request Instructions
+
+            -   Please use the following PR title format:
+            "chore: fix JavaScript lint errors (issue #<ISSUE_NUMBER>)".
+            -   Reference this issue in the "Related Issues" section of the PR body as "resolves #<ISSUE_NUMBER>".
           EOF
 
           . "$GITHUB_WORKSPACE/.github/workflows/scripts/create_sub_issue" \
@@ -411,7 +423,7 @@ jobs:
       - name: 'Setup R'
         if: ( github.event.inputs.r != 'false' ) && ( success() || failure() )
         # Pin action to full length commit SHA
-        uses: r-lib/actions/setup-r@14a7e741c1cb130261263aa1593718ba42cf443b # v2.11.2
+        uses: r-lib/actions/setup-r@bd49c52ffe281809afa6f0fecbf37483c5dd0b93 # v2.11.3
         with:
           r-version: '4.3.3'
 
@@ -524,6 +536,12 @@ jobs:
           \`\`\`
           $(grep -B 1 -A 2 "style:\|warning:\|error:" "lint_c_errors.txt")
           \`\`\`
+
+          ### Pull Request Instructions
+
+          -   Please use the following PR title format:
+          "chore: fix C lint errors (issue #<ISSUE_NUMBER>)".
+          -   Reference this issue in the "Related Issues" section of the PR body as "resolves #<ISSUE_NUMBER>".
           EOF
 
           . "$GITHUB_WORKSPACE/.github/workflows/scripts/create_sub_issue" \
@@ -561,7 +579,7 @@ jobs:
       - name: 'Import GPG key to sign commits'
         if: ${{ github.event.inputs.fix == 'true' }} && ( success() || failure() )
         # Pin action to full length commit SHA
-        uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
         with:
           gpg_private_key: ${{ secrets.STDLIB_BOT_GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.STDLIB_BOT_GPG_PASSPHRASE }}
@@ -573,7 +591,7 @@ jobs:
         if: ${{ github.event.inputs.fix == 'true' }} && ( success() || failure() )
         id: cpr
         # Pin action to full length commit SHA
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
         with:
           title: 'style: fix lint errors'
           add-paths: ${{ steps.random-files.outputs.files }}