From 8fab0c67bf242d44140b68fd7a328d3c00d440a5 Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sun, 15 Jan 2023 18:28:41 -0800
Subject: [PATCH 1/6] Add `library.properties` to path filter of "Compile
 Examples" workflow

For the sake of efficiency, the "Compile Examples" GitHub Actions workflow is configured to only run when relevant files
are modified.

Changes to the `library.properties` metadata file can affect the compilation of the library, so the workflow must be
triggered any time that file is modified. That was not done with the previous paths filter configuration.
---
 .github/workflows/compile-examples.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/compile-examples.yml b/.github/workflows/compile-examples.yml
index 36881c5..232e6f4 100644
--- a/.github/workflows/compile-examples.yml
+++ b/.github/workflows/compile-examples.yml
@@ -4,11 +4,13 @@ on:
   pull_request:
     paths:
       - ".github/workflows/compile-examples.yml"
+      - "library.properties"
       - "examples/**"
       - "src/**"
   push:
     paths:
       - ".github/workflows/compile-examples.yml"
+      - "library.properties"
       - "examples/**"
       - "src/**"
   # Scheduled trigger checks for breakage caused by changes to external resources (libraries, platforms)

From 66fb35ac963b95f1497330df278318f836a3b6ea Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sun, 15 Jan 2023 18:33:03 -0800
Subject: [PATCH 2/6] Use FQBN as job name in "Compile Examples" workflow

The `jobs.<job_id>.name` key sets the human identifier for the workflow job shown in the workflow run logs.

By default, the name of matrix jobs is based on the job ID combined with the `jobs.<job_id>.strategy.matrix` object,
which can result in an unnecessarily long and cryptic job name. The job ID + the FQBN of the job's target board is
sufficient. The use of this job name format will improve the readability of the workflow run logs.
---
 .github/workflows/compile-examples.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/compile-examples.yml b/.github/workflows/compile-examples.yml
index 232e6f4..1550209 100644
--- a/.github/workflows/compile-examples.yml
+++ b/.github/workflows/compile-examples.yml
@@ -24,6 +24,7 @@ on:
 
 jobs:
   build:
+    name: ${{ matrix.board.fqbn }}
     runs-on: ubuntu-latest
 
     env:

From 77ce72a056852e8a4f560a68abe9632d6600eb05 Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sun, 15 Jan 2023 18:47:35 -0800
Subject: [PATCH 3/6] Use major version refs of GitHub Actions actions

Use of the major version ref will cause the workflow to benefit from ongoing development to the actions up until such
time as a new major release of an action is made, at which time we would need to evaluate whether any changes to the
workflow are required by the breaking change that triggered the major release before updating the major ref
(e.g., `uses: arduino/compile-sketches@v2`).
---
 .github/workflows/compile-examples.yml   | 2 +-
 .github/workflows/report-size-deltas.yml | 2 +-
 .github/workflows/spell-check.yml        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/compile-examples.yml b/.github/workflows/compile-examples.yml
index 1550209..dc72b7b 100644
--- a/.github/workflows/compile-examples.yml
+++ b/.github/workflows/compile-examples.yml
@@ -56,7 +56,7 @@ jobs:
         run: pip3 install pyserial
 
       - name: Compile examples
-        uses: arduino/compile-sketches@main
+        uses: arduino/compile-sketches@v1
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           platforms: ${{ matrix.platforms }}
diff --git a/.github/workflows/report-size-deltas.yml b/.github/workflows/report-size-deltas.yml
index c69650f..bdad780 100644
--- a/.github/workflows/report-size-deltas.yml
+++ b/.github/workflows/report-size-deltas.yml
@@ -15,7 +15,7 @@ jobs:
     steps:
       # See: https://github.com/arduino/actions/blob/master/libraries/report-size-deltas/README.md
       - name: Comment size deltas reports to PRs
-        uses: arduino/report-size-deltas@main
+        uses: arduino/report-size-deltas@v1
         with:
           # The name of the workflow artifact created by the "Compile Examples" workflow
           sketches-reports-source: sketches-reports
diff --git a/.github/workflows/spell-check.yml b/.github/workflows/spell-check.yml
index cdfc002..9b6856f 100644
--- a/.github/workflows/spell-check.yml
+++ b/.github/workflows/spell-check.yml
@@ -21,4 +21,4 @@ jobs:
 
       # See: https://github.com/codespell-project/actions-codespell/blob/master/README.md
       - name: Spell check
-        uses: codespell-project/actions-codespell@master
+        uses: codespell-project/actions-codespell@v1

From 0f6051909d5ba84ff9b148a0fb17456e9f24fd4c Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sun, 15 Jan 2023 18:48:21 -0800
Subject: [PATCH 4/6] Fail "Compile Examples" workflow run if report file
 missing

The `arduino/compile-sketches` action is configured to produce a file containing information about the compilations.
This file is uploaded to a workflow artifact via the `actions/upload-artifact` action and later consumed by the
`arduino/report-size-deltas` action.

By default the `actions/upload-artifact` action step will pass even if the file specified for upload is not found. In
this case where the file will always be present if the workflow is functioning correctly, that behavior could mask a
serious problem with the workflow. It is better to configure the `actions/upload-artifact` action to fail the workflow
run if the file is not found.
---
 .github/workflows/compile-examples.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/compile-examples.yml b/.github/workflows/compile-examples.yml
index dc72b7b..385ef69 100644
--- a/.github/workflows/compile-examples.yml
+++ b/.github/workflows/compile-examples.yml
@@ -74,4 +74,5 @@ jobs:
         uses: actions/upload-artifact@v3
         with:
           name: ${{ env.SKETCHES_REPORTS_PATH }}
+          if-no-files-found: error
           path: ${{ env.SKETCHES_REPORTS_PATH }}

From 3617d5c60a6de10034932da266da00cbdd0d6a44 Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sun, 15 Jan 2023 18:53:06 -0800
Subject: [PATCH 5/6] Trigger "Report Size Deltas" workflow run when workflow
 file is modified

This provides a "smoke test" to validate proposed changes to the workflow.
---
 .github/workflows/report-size-deltas.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/report-size-deltas.yml b/.github/workflows/report-size-deltas.yml
index bdad780..5b6e9a6 100644
--- a/.github/workflows/report-size-deltas.yml
+++ b/.github/workflows/report-size-deltas.yml
@@ -1,6 +1,9 @@
 name: Report Size Deltas
 
 on:
+  push:
+    paths:
+      - ".github/workflows/report-size-deltas.ya?ml"
   schedule:
     - cron: '*/5 * * * *'
   # See: https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows#workflow_dispatch

From ea7153e765fb6f38af1f7e0b8b1b4bfe0fe414c6 Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sun, 15 Jan 2023 18:55:01 -0800
Subject: [PATCH 6/6] Migrate `sync-labels` workflow from deprecated
 `set-output` command

GitHub Actions provides the capability for workflow authors to use the capabilities of the GitHub Actions ToolKit
package directly in the `run` keys of workflows via "workflow commands". One such command is `set-output`, which allows
data to be passed out of a workflow step as an output.

It has been determined that this command has potential to be a security risk in some applications. For this reason,
GitHub has deprecated the command and a warning of this is shown in the workflow run summary page of any workflow using
it:

The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more
information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

The identical capability is now provided in a safer form via the GitHub Actions "environment files" system. Migrating
the use of the deprecated workflow commands to use the `GITHUB_OUTPUT` environment file instead fixes any potential
vulnerabilities in the workflows, resolves the warnings, and avoids the eventual complete breakage of the workflows that
would result from GitHub's planned removal of the `set-output` workflow command 2023-05-31.
---
 .github/workflows/sync-labels.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml
index 94938f3..f9f1848 100644
--- a/.github/workflows/sync-labels.yml
+++ b/.github/workflows/sync-labels.yml
@@ -102,7 +102,7 @@ jobs:
         run: |
           # Use of this flag in the github-label-sync command will cause it to only check the validity of the
           # configuration.
-          echo "::set-output name=flag::--dry-run"
+          echo "flag=--dry-run" >> $GITHUB_OUTPUT
 
       - name: Checkout repository
         uses: actions/checkout@v3