Merge branch 'master' of github.com:gnolang/gno into r/foo20-airdrop

.gitattributes

@@ -3,3 +3,7 @@
 go.sum linguist-generated text
 gnovm/stdlibs/generated.go linguist-generated
 gnovm/tests/stdlibs/generated.go linguist-generated
+*.gen.gno linguist-generated
+*.gen_test.gno linguist-generated
+*.gen.go linguist-generated
+*.gen_test.go linguist-generated

.github/.editorconfig

@@ -0,0 +1,8 @@
+# Make sure this is the top-level editorconfig
+# https://editorconfig.org/
+root = true
+
+# GitHub Actions Workflows
+[workflows/**.yml]
+indent_style = space
+indent_size = 2

.github/codecov.yml

@@ -4,7 +4,7 @@ codecov:
     wait_for_ci: true
 
 comment:
-  require_changes: false
+  require_changes: true
 
 coverage:
   round: down
@@ -13,7 +13,7 @@ coverage:
     project:
       default:
         target: auto
-        threshold: 10 # Let's decrease this later.
+        threshold: 5 # Let's decrease this later.
         base: parent
         if_no_uploads: error
         if_not_found: success
@@ -22,12 +22,12 @@ coverage:
     patch:
       default:
         target: auto
-        threshold: 10 # Let's decrease this later.
+        threshold: 5 # Let's decrease this later.
         base: auto
         if_no_uploads: error
         if_not_found: success
         if_ci_failed: error
-        only_pulls: false
+        only_pulls: true # Only check patch coverage on PRs
 
 flag_management:
   default_rules:

.github/golangci.yml

@@ -44,24 +44,29 @@ linters:
 linters-settings:
   gofmt:
     simplify: true
+
   goconst:
     min-len: 3
     min-occurrences: 3
+
   gosec:
     excludes:
       - G204 # Subprocess launched with a potential tainted input or cmd arguments
       - G306 # Expect WriteFile permissions to be 0600 or less
+      - G115 # Integer overflow conversion, no solution to check the overflow in time of convert, so linter shouldn't check the overflow.
   stylecheck:
     checks: [ "all", "-ST1022", "-ST1003" ]
   errorlint:
     asserts: false
+
   gocritic:
     enabled-tags:
       - diagnostic
       - experimental
       - opinionated
       - performance
       - style
+
   forbidigo:
     forbid:
       - p: '^regexp\.(Match|MatchString)$'
@@ -73,12 +78,14 @@ issues:
   max-same-issues: 0
   new: false
   fix: false
+
   exclude-rules:
     - path: _test\.go
       linters:
         - gosec # Disabled linting of weak number generators
         - makezero # Disabled linting of intentional slice appends
         - goconst # Disabled linting of common mnemonics and test case strings
+        - unused # Disabled linting of unused mock methods
     - path: _\.gno
       linters:
         - errorlint # Disabled linting of error comparisons, because of lacking std lib support

.github/workflows/auto-author-assign.yml

@@ -1,4 +1,4 @@
-name: auto-author-assign
+name: Auto Assign PR Author
 
 on:
   pull_request_target:

.github/workflows/autocounterd.yml

@@ -1,19 +1,13 @@
-name: autocounterd
+name: Portal Loop - autocounterd
 
 on:
-  pull_request:
-    branches:
-      - master
   push:
+    branches:
+      - "master"
     paths:
       - misc/autocounterd
       - misc/loop
       - .github/workflows/autocounterd.yml
-    branches:
-      - "master"
-      - "misc/autocounterd"
-    tags:
-      - "v*"
 
 permissions:
   contents: read

.github/workflows/benchmark-master-push.yml

@@ -1,14 +1,14 @@
-name: run benchmarks when pushing on main branch
+name: Run and Save Benchmarks
 
 on:
   push:
     branches:
       - master
     paths:
-      - contribs/**
-      - gno.land/**
-      - gnovm/**
-      - tm2/**
+      - contribs/**/*.go
+      - gno.land/**/*.go
+      - gnovm/**/*.go
+      - tm2/**/*.go
 
 permissions:
   # deployments permission to deploy GitHub pages website
@@ -22,7 +22,7 @@ env:
 jobs:
   benchmarks:
     if: ${{ github.repository == 'gnolang/gno' }}
-    runs-on: [self-hosted, Linux, X64, benchmarks]
+    runs-on: [ self-hosted, Linux, X64, benchmarks ]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -31,7 +31,7 @@ jobs:
 
       - uses: actions/setup-go@v5
         with:
-          go-version: "1.22.x"
+          go-version-file: go.mod
 
       - name: Run benchmark
         # add more benchmarks by adding additional lines for different packages;

.github/workflows/bot-proxy.yml

@@ -0,0 +1,48 @@
+# This workflow must be kept in sync to some extent with bot.yml
+name: GitHub Bot Proxy
+
+on:
+  # Watch for any completed run on bot.yml workflow
+  workflow_run:
+    workflows: [GitHub Bot]
+    types: [completed]
+
+jobs:
+  # This workflow monitors any run completed on the GitHub Bot workflow and
+  # checks if the event that triggered it is limited to read-only permissions
+  # (e.g 'pull_request_review' on a pull request opened from a fork).
+  # In this case, it reruns the GitHub Bot workflow using a 'workflow_dispatch'
+  # event, thereby allowing it to run with write permissions.
+  #
+  # Complete flow:
+  # 'pull_request_review' from fork on bot.yml (read-only) -> 'workflow_run' on bot-proxy.yml (write) -> 'workflow_dispatch' on bot.yml (write)
+  rerun-with-write-perm:
+    name: Rerun Bot with write permission
+    # Skip this workflow if the original event is not 'pull_request_review'
+    if: github.event.workflow_run.event == 'pull_request_review'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+
+    steps:
+      - name: Download artifact from previous run
+        uses: actions/download-artifact@v4
+        with:
+          name: pr-number
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+        # Even if the artifact doesn't exist, do not mark the workflow as failed
+        # Useful if the 'pull_request_review' event was emitted by a PR opened
+        # from a branch on the main repo, so it has already been processed by
+        # the bot workflow, and no artifact has been uploaded.
+        continue-on-error: true
+        id: download
+
+      - name: Send workflow_dispatch event to Github Bot
+        # Run only if an artifact was downloaded
+        if: steps.download.outcome == 'success'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          REPO: ${{ github.event.workflow_run.repository.full_name }}
+        run: |
+          gh workflow run bot.yml -R "$REPO" -f "pull-request-list=$(cat pr-number)"

.github/workflows/bot.yml

@@ -0,0 +1,123 @@
+# This workflow must be kept in sync to some extent with bot-proxy.yml
+name: GitHub Bot
+
+on:
+  # Watch for changes on PR state, assignees, labels, head branch and draft/ready status
+  pull_request_target:
+    types:
+      - assigned
+      - unassigned
+      - labeled
+      - unlabeled
+      - opened
+      - reopened
+      - synchronize # PR head updated
+      - converted_to_draft
+      - ready_for_review
+
+  # Watch for changes on PR reviews
+  pull_request_review:
+    types: [submitted, edited, dismissed]
+
+  # Watch for changes on PR comment
+  issue_comment:
+    types: [created, edited, deleted]
+
+  # Manual run from GitHub Actions interface
+  workflow_dispatch:
+    inputs:
+      pull-request-list:
+        description: "PR(s) to process: specify 'all' or a comma separated list of PR numbers, e.g. '42,1337,7890'"
+        required: true
+        default: all
+        type: string
+
+jobs:
+  # This job creates a matrix of PR numbers based on the inputs from the various
+  # events that can trigger this workflow so that the process-pr job below can
+  # handle the parallel processing of the pull-requests
+  define-prs-matrix:
+    name: Define PRs matrix
+    # Skip this workflow if:
+    #   - the bot is retriggering itself
+    #   - the event is emitted by codecov
+    #   - the event is a review on a pull request from a fork (see save-pr-number job below)
+    if: |
+      github.actor != vars.GH_BOT_LOGIN &&
+      github.actor != 'codecov[bot]' &&
+      (github.event_name != 'pull_request_review' || github.event.pull_request.base.repo.full_name == github.event.pull_request.head.repo.full_name)
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: read
+    outputs:
+      pr-numbers: ${{ steps.pr-numbers.outputs.pr-numbers }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: contribs/github-bot/go.mod
+
+      - name: Generate matrix from event
+        id: pr-numbers
+        working-directory: contribs/github-bot
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: go run . matrix -matrix-key 'pr-numbers' -verbose
+
+  # This job is executed if an event with read-only permission has triggered this
+  # workflow (e.g 'pull_request_review' on a pull request opened from a fork).
+  # In this case, this job persists the PR number in an artifact so that the
+  # proxy workflow can use it to rerun the current workflow with write permission.
+  # See bot-proxy.yml for more info.
+  save-pr-number:
+    name: Persist PR number for proxy
+    # Run this job if the event is a review on a pull request opened from a fork
+    if: github.event_name == 'pull_request_review' && github.event.pull_request.base.repo.full_name != github.event.pull_request.head.repo.full_name
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Write PR number to a file
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: echo $PR_NUMBER > pr-number
+
+      - name: Upload it as an artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: pr-number
+          path: pr-number
+
+  # This job processes each pull request in the matrix individually while ensuring
+  # that a same PR cannot be processed concurrently by mutliple runners
+  process-pr:
+    name: Process PR
+    needs: define-prs-matrix
+    # Just skip this job if PR numbers matrix is empty (prevent failed state)
+    if: needs.define-prs-matrix.outputs.pr-numbers != '[]' && needs.define-prs-matrix.outputs.pr-numbers != ''
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # Run one job for each PR to process
+        pr-number: ${{ fromJSON(needs.define-prs-matrix.outputs.pr-numbers) }}
+    concurrency:
+      # Prevent running concurrent jobs for a given PR number
+      group: ${{ matrix.pr-number }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: contribs/github-bot/go.mod
+
+      - name: Run GitHub Bot
+        working-directory: contribs/github-bot
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_BOT_PAT }}
+        run: go run . check -pr-numbers '${{ matrix.pr-number }}' -verbose