Merge remote-tracking branch 'upstream/develop' into feat/kernel-sinf

Author: stdlib-bot

.github/workflows/autoclose.yml

@@ -221,3 +221,30 @@ jobs:
             We recommend opening a new pull request with only the intended changes.
 
             Thank you for your interest in stdlib, and we look forward to your future contributions.
+
+  # Define a job which closes a pull request if proposed changes duplicate already included changes:
+  already_resolved:
+
+    # Define job name:
+    name: 'Check for already resolved label'
+
+    # Only run this job if the pull request has a specific label:
+    if: "${{ github.event.label.name == 'autoclose: Already Resolved' }}"
+
+    # Define the type of virtual host machine:
+    runs-on: ubuntu-latest
+
+    # Define the sequence of job steps:
+    steps:
+
+      # Close the pull request:
+      - name: 'Close pull request'
+        run: gh pr close "$NUMBER" --comment "$BODY"
+        env:
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+          GH_REPO: ${{ github.repository }}
+          NUMBER: ${{ github.event.pull_request.number }}
+          BODY: |
+            Thank you for working on this pull request. However, we cannot accept your contribution as the issue this pull request seeks to resolve has already been addressed in a different pull request or commit.
+
+            Thank you again for your interest in stdlib, and we look forward to reviewing your future contributions.

.github/workflows/check_duplicate_prs.yml

@@ -0,0 +1,80 @@
+#/
+# @license Apache-2.0
+#
+# Copyright (c) 2025 The Stdlib Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#/
+
+# Workflow name:
+name: check_duplicate_prs
+
+# Workflow triggers:
+on:
+  # Run the workflow daily at 3 AM UTC:
+  schedule:
+    - cron: '0 3 * * *'
+
+  # Allow the workflow to be manually run:
+  workflow_dispatch:
+    inputs:
+      debug:
+        description: 'Enable debug output'
+        required: false
+        default: 'false'
+        type: choice
+        options:
+          - 'true'
+          - 'false'
+
+# Global permissions:
+permissions:
+  # Allow read-only access to the repository contents:
+  contents: read
+
+# Workflow jobs:
+jobs:
+
+  # Define a job for checking duplicate PRs...
+  check_duplicates:
+
+    # Define a display name:
+    name: 'Check Duplicate PRs'
+
+    # Ensure the job does not run on forks:
+    if: github.repository == 'stdlib-js/stdlib'
+
+    # Define the type of virtual host machine:
+    runs-on: ubuntu-latest
+
+    # Define the sequence of job steps...
+    steps:
+      # Checkout the repository:
+      - name: 'Checkout repository'
+        # Pin action to full length commit SHA
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+            .github/workflows/scripts
+          sparse-checkout-cone-mode: false
+        timeout-minutes: 10
+
+      # Check for duplicate PRs:
+      - name: 'Check for duplicate PRs'
+        env:
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+          DEBUG: ${{ inputs.debug || 'false' }}
+        run: |
+          . "$GITHUB_WORKSPACE/.github/workflows/scripts/check_duplicate_prs"
+        timeout-minutes: 15

.github/workflows/check_licenses.yml

@@ -81,7 +81,7 @@ jobs:
       # Install Node.js:
       - name: 'Install Node.js'
         # Pin action to full length commit SHA
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
           node-version: '20' # 'lts/*'
         timeout-minutes: 5
@@ -128,7 +128,7 @@ jobs:
       # Upload the log file:
       - name: 'Upload log file'
         # Pin action to full length commit SHA
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         if: always()
         with:
           # Define a name for the uploaded artifact:

.github/workflows/check_tracking_issue_closure.yml

@@ -0,0 +1,73 @@
+#/
+# @license Apache-2.0
+#
+# Copyright (c) 2025 The Stdlib Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#/
+
+# Workflow name:
+name: check_tracking_issue_closure
+
+# Workflow triggers:
+on:
+  # Run on a schedule:
+  schedule:
+    # Run every 12 hours:
+    - cron: '0 */12 * * *'
+
+  # Allow manual triggering:
+  workflow_dispatch:
+    inputs:
+      debug:
+        description: 'Enable debug output'
+        required: false
+        default: 'false'
+        type: choice
+        options:
+          - 'true'
+          - 'false'
+
+# Workflow jobs:
+jobs:
+  # Define job to check PRs for tracking issue closure:
+  check_prs:
+    # Define job name:
+    name: 'Check PRs for tracking issue closure'
+
+    # Define job permissions:
+    permissions:
+      contents: read
+
+    # Define the type of virtual host machine:
+    runs-on: ubuntu-latest
+
+    # Define the sequence of job steps:
+    steps:
+      # Checkout the repository:
+      - name: 'Checkout repository'
+        # Pin action to full length commit SHA
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+            .github/workflows/scripts
+          sparse-checkout-cone-mode: false
+
+      # Run the script to check PRs for tracking issue closure:
+      - name: 'Check PRs for tracking issue closure'
+        run: |
+          . "$GITHUB_WORKSPACE/.github/workflows/scripts/check_tracking_issue_closure" 1
+        env:
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+          DEBUG: ${{ inputs.debug || 'false' }}

.github/workflows/codeql.yml

@@ -121,7 +121,7 @@ jobs:
       # Install Node.js:
       - name: 'Install Node.js'
         # Pin action to full length commit SHA
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
           node-version: '20' # 'lts/*'
         timeout-minutes: 5

.github/workflows/first_time_greeting.yml

@@ -20,7 +20,11 @@
 name: first_time_greeting
 
 # Workflow triggers:
-on: [pull_request_target, issues]
+on:
+  pull_request_target:
+    types: [opened]
+  issues:
+    types: [opened]
 
 # Global permissions:
 permissions:
@@ -39,20 +43,30 @@ jobs:
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest
 
+    # Only run this job if the pull request did not have label `automated-pr` and is not from bots:
+    if: >
+      contains(github.event.pull_request.labels.*.name, 'automated-pr') == false &&
+      github.event.pull_request.user.login != 'stdlib-bot' &&
+      github.event.pull_request.user.login != 'dependabot[bot]'
+
     # Define the sequence of job steps...
     steps:
 
-      # Greet first-time contributors:
-      - name: 'Greet first-time contributors'
+      # Checkout the repository:
+      - name: 'Checkout repository'
         # Pin action to full length commit SHA
-        uses: actions/first-interaction@34f15e814fe48ac9312ccf29db4e74fa767cbab7 # v1.3.0
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          repo-token: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
-          issue-message: |
-            :wave: Hi there! :wave:
+          # Ensure we have access to the scripts directory:
+          sparse-checkout: |
+              .github/workflows/scripts
+          sparse-checkout-cone-mode: false
+        timeout-minutes: 10
 
-            And thank you for opening your first issue! We will get back to you shortly. :runner: :dash:
-          pr-message: |
-            :wave: Hi there! :wave:
-
-            And thank you for opening your first pull request! We will review it shortly. :runner: :dash:
+      # Greet first-time contributors:
+      - name: 'Greet first-time contributors'
+        env:
+          ISSUE_NUMBER: ${{ github.event.issue.number || github.event.pull_request.number }}
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+        run: |
+          . "$GITHUB_WORKSPACE/.github/workflows/scripts/first_time_greeting" $ISSUE_NUMBER

.github/workflows/generate_monthly_changelog.yml

@@ -0,0 +1,127 @@
+#/
+# @license Apache-2.0
+#
+# Copyright (c) 2025 The Stdlib Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#/
+
+# Workflow name:
+name: generate_monthly_changelog
+
+# Workflow triggers:
+on:
+  # Run the workflow at midnight UTC on the first day of each month:
+  schedule:
+    - cron: '0 0 1 * *'
+
+  # Allow the workflow to be manually run:
+  workflow_dispatch:
+
+# Global permissions:
+permissions:
+  # Allow read-only access to the repository contents:
+  contents: read
+
+# Workflow jobs:
+jobs:
+  # Generate a monthly changelog:
+  generate-monthly-changelog:
+    # Define a display name:
+    name: 'Generate Monthly Changelog'
+
+    # Define the type of virtual host machine:
+    runs-on: ubuntu-latest
+
+    # Workflow steps:
+    steps:
+      - name: 'Checkout source repository'
+        # Pin action to full length commit SHA
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          # Specify whether to remove untracked files before checking out the repository:
+          clean: false
+
+          # Fetch entire history so that we are guaranteed to have all commit messages for the last month:
+          fetch-depth: 0
+
+          # Token for accessing the repository:
+          token: ${{ secrets.STDLIB_BOT_FGPAT_REPO_READ }}
+
+          # Avoid storing GitHub token in local Git configuration:
+          persist-credentials: false
+
+      # Install Node.js:
+      - name: 'Install Node.js'
+        # Pin action to full length commit SHA
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        with:
+          node-version: '20' # 'lts/*'
+        timeout-minutes: 5
+
+      # Install dependencies (accounting for possible network failures, etc, when installing node module dependencies):
+      - name: 'Install dependencies'
+        run: |
+          make install-node-modules || make install-node-modules || make install-node-modules
+        timeout-minutes: 15
+
+      - name: 'Checkout monthly changelog repository'
+        # Pin action to full length commit SHA
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          # Monthly changelog repository:
+          repository: 'stdlib-js/www-blog-monthly-changelog'
+
+          # File path to checkout to:
+          path: './www-blog-monthly-changelog'
+
+          # Specify whether to remove untracked files before checking out the repository:
+          clean: false
+
+          # Limit clone depth to the most recent commit:
+          fetch-depth: 1
+
+          # Token for accessing the repository:
+          token: ${{ secrets.STDLIB_BOT_FGPAT_REPO_READ }}
+
+          # Avoid storing GitHub token in local Git configuration:
+          persist-credentials: false
+
+      # Generate changelog for last month:
+      - name: 'Generate changelog for last month'
+        run: |
+          UNTIL=$(date +"%Y-%m-01")
+          node lib/node_modules/@stdlib/_tools/scripts/generate_monthly_changelog.js > ./www-blog-monthly-changelog/monthly_changelog_${UNTIL//-/_}.md
+
+      # Import GPG key to sign commits:
+      - name: 'Import GPG key to sign commits'
+        # Pin action to full length commit SHA
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
+        with:
+          gpg_private_key: ${{ secrets.STDLIB_BOT_GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.STDLIB_BOT_GPG_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+
+      # Commit and push changes:
+      - name: 'Commit and push changes'
+        env:
+          REPO_GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+          USER_NAME: stdlib-bot
+        run: |
+          cd ./www-blog-monthly-changelog
+          git config --local user.email "82920195+stdlib-bot@users.noreply.github.com"
+          git config --local user.name "stdlib-bot"
+          git add .
+          git commit -m "Add monthly changelog" || exit 0
+          git push "https://$USER_NAME:$REPO_GITHUB_TOKEN@github.com/stdlib-js/www-blog-monthly-changelog.git" main