chore: update global workflows (#155)

Author: LizardByte-bot

.github/workflows/automerge.yml

@@ -26,7 +26,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Autoapproving
-        uses: hmarr/auto-approve-action@v3
+        uses: hmarr/auto-approve-action@v4
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 
@@ -49,7 +49,7 @@ jobs:
 
     steps:
       - name: Automerging
-        uses: pascalgn/automerge-action@v0.15.6
+        uses: pascalgn/automerge-action@v0.16.3
         env:
           BASE_BRANCHES: nightly
           GITHUB_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

.github/workflows/codeql.yml

@@ -16,7 +16,7 @@ on:
     - cron: '00 12 * * 0'  # every Sunday at 12:00 UTC
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
+  group: "${{ github.workflow }}-${{ github.ref }}"
   cancel-in-progress: true
 
 jobs:
@@ -57,10 +57,27 @@ jobs:
                 console.log(`Remapping language: ${key} to ${remap_languages[key.toLowerCase()]}`)
                 key = remap_languages[key.toLowerCase()]
               }
-              if (supported_languages.includes(key.toLowerCase()) &&
-                  !matrix['include'].includes({"language": key.toLowerCase()})) {
+              if (supported_languages.includes(key.toLowerCase())) {
                 console.log(`Found supported language: ${key}`)
-                matrix['include'].push({"language": key.toLowerCase()})
+                let osList = ['ubuntu-latest'];
+                if (key.toLowerCase() === 'swift') {
+                  osList = ['macos-latest'];
+                } else if (key.toLowerCase() === 'cpp') {
+                  // TODO: update macos to latest after the below issue is resolved
+                  // https://github.com/github/codeql-action/issues/2266
+                  osList = ['macos-13', 'ubuntu-latest', 'windows-latest'];
+                }
+                for (let os of osList) {
+                  // set name for matrix
+                  if (osList.length == 1) {
+                    name = key.toLowerCase()
+                  } else {
+                    name = `${key.toLowerCase()}, ${os}`
+                  }
+
+                  // add to matrix
+                  matrix['include'].push({"language": key.toLowerCase(), "os": os, "name": name})
+                }
               }
             }
 
@@ -84,10 +101,15 @@ jobs:
             }
 
   analyze:
-    name: Analyze
+    name: Analyze (${{ matrix.name }})
     if: ${{ needs.languages.outputs.continue == 'true' }}
+    defaults:
+      run:
+        shell: ${{ matrix.os == 'windows-latest' && 'msys2 {0}' || 'bash' }}
+    env:
+      GITHUB_CODEQL_BUILD: true
     needs: [languages]
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    runs-on: ${{ matrix.os || 'ubuntu-latest' }}
     timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
     permissions:
       actions: read
@@ -100,9 +122,12 @@ jobs:
 
     steps:
       - name: Maximize build space
-        uses: easimon/maximize-build-space@v8
+        if: >-
+          runner.os == 'Linux' &&
+          matrix.language == 'cpp'
+        uses: easimon/maximize-build-space@v10
         with:
-          root-reserve-mb: 20480
+          root-reserve-mb: 30720
           remove-dotnet: ${{ (matrix.language == 'csharp' && 'false') || 'true' }}
           remove-android: 'true'
           remove-haskell: 'true'
@@ -114,6 +139,12 @@ jobs:
         with:
           submodules: recursive
 
+      - name: Setup msys2
+        if: runner.os == 'Windows'
+        uses: msys2/setup-msys2@v2
+        with:
+          update: true
+
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v3
@@ -129,16 +160,20 @@ jobs:
 
       # Pre autobuild
       # create a file named .codeql-prebuild-${{ matrix.language }}.sh in the root of your repository
+      # create a file named .codeql-build-${{ matrix.language }}.sh in the root of your repository
       - name: Prebuild
+        id: prebuild
         run: |
-          # check if .qodeql-prebuild-${{ matrix.language }}.sh exists
-          if [ -f "./.codeql-prebuild-${{ matrix.language }}.sh" ]; then
-            echo "Running .codeql-prebuild-${{ matrix.language }}.sh"
-            ./.codeql-prebuild-${{ matrix.language }}.sh
+          # check if prebuild script exists
+          filename=".codeql-prebuild-${{ matrix.language }}-${{ runner.os }}.sh"
+          if [ -f "./${filename}" ]; then
+            echo "Running prebuild script: ${filename}"
+            ./${filename}
           fi
 
       # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
       - name: Autobuild
+        if: steps.prebuild.outputs.skip_autobuild != 'true'
         uses: github/codeql-action/autobuild@v3
 
       - name: Perform CodeQL Analysis

.github/workflows/update-changelog.yml

@@ -0,0 +1,31 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+# Update changelog on release events.
+
+name: Update changelog
+
+on:
+  release:
+    types: [created, edited, deleted]
+  workflow_dispatch:
+
+concurrency:
+  group: "${{ github.workflow }}"
+  cancel-in-progress: true
+
+jobs:
+  update-changelog:
+    if: >-
+      github.event_name == 'workflow_dispatch' ||
+      (!github.event.release.prerelease && !github.event.release.draft)
+    runs-on: ubuntu-latest
+    steps:
+      - name: Update Changelog
+        uses: LizardByte/update-changelog-action@v2024.520.183314
+        with:
+          changelogBranch: changelog
+          changelogFile: CHANGELOG.md
+          token: ${{ secrets.GH_BOT_TOKEN }}