espressif · Mar 27, 2025
diff --git a/‎.github/scripts/set_push_chunks.sh
+3-90 b/‎.github/scripts/set_push_chunks.sh
+3-90
diff --git a/‎.github/workflows/allboards.yml
+5-5 b/‎.github/workflows/allboards.yml
+5-5
diff --git a/‎.github/workflows/boards.yml
+5-5 b/‎.github/workflows/boards.yml
+5-5
diff --git a/‎.github/workflows/build_py_tools.yml
+21-12 b/‎.github/workflows/build_py_tools.yml
+21-12
diff --git a/‎.github/workflows/dangerjs.yml
+2-2 b/‎.github/workflows/dangerjs.yml
+2-2
diff --git a/‎.github/workflows/docs_build.yml
+6-3 b/‎.github/workflows/docs_build.yml
+6-3
diff --git a/‎.github/workflows/docs_deploy.yml
+5-2 b/‎.github/workflows/docs_deploy.yml
+5-2
diff --git a/‎.github/workflows/gh-pages.yml
+3-1 b/‎.github/workflows/gh-pages.yml
+3-1
@@ -2,93 +2,6 @@
 
 build_all=false
 chunks_count=0
-last_check_files=""
-last_check_result=""
-gh_output=""
-
-# Define the file patterns
-core_files=(
-    '\.github/.*'
-    'cores/.*'
-    'package/.*'
-    'tools/.*'
-    'platform\.txt'
-    'programmers\.txt'
-    'variants/esp32/.*'
-    'variants/esp32c3/.*'
-    'variants/esp32c6/.*'
-    'variants/esp32h2/.*'
-    'variants/esp32p4/.*'
-    'variants/esp32s2/.*'
-    'variants/esp32s3/.*'
-)
-library_files=(
-    'libraries/.*/examples/.*'
-    'libraries/.*/src/.*'
-)
-networking_files=(
-    'libraries/Network/src/.*'
-)
-fs_files=(
-    'libraries/FS/src/.*'
-)
-static_sketches_files=(
-    'libraries/NetworkClientSecure/examples/WiFiClientSecure/WiFiClientSecure\.ino'
-    'libraries/BLE/examples/Server/Server\.ino'
-    'libraries/ESP32/examples/Camera/CameraWebServer/CameraWebServer\.ino'
-    'libraries/Insights/examples/MinimalDiagnostics/MinimalDiagnostics\.ino'
-    'libraries/NetworkClientSecure/src/.*'
-    'libraries/BLE/src/.*'
-    'libraries/Insights/src/.*'
-)
-idf_files=(
-    'idf_component\.yml'
-    'Kconfig\.projbuild'
-    'CMakeLists\.txt'
-    'variants/esp32c2/.*'
-)
-
-# Function to check if any files match the patterns
-check_files() {
-    local patterns=("$@")
-    local files_found=""
-    for pattern in "${patterns[@]}"; do
-        echo "Checking pattern: $pattern"
-        matched_files=$(echo "$gh_output" | grep -E "$pattern")
-        echo "matched_files: $matched_files"
-        files_found+="$matched_files "
-    done
-
-    last_check_files=$(echo "$files_found" | xargs)
-    if [[ -n $last_check_files ]]; then
-        last_check_result="true"
-    else
-        last_check_result="false"
-    fi
-    echo "last_check_result: $last_check_result"
-}
-
-if [[ $IS_PR != 'true' ]]; then
-    gh_output=$(gh api repos/espressif/arduino-esp32/commits/"$GITHUB_SHA" --jq '.files[].filename')
-else
-    gh_output=$(gh pr diff "$PR_NUM" --name-only)
-fi
-echo "gh_output: $gh_output"
-
-# Output the results
-check_files "${core_files[@]}"
-CORE_CHANGED=$last_check_result
-check_files "${library_files[@]}"
-LIB_CHANGED=$last_check_result
-LIB_FILES=$last_check_files
-check_files "${networking_files[@]}"
-NETWORKING_CHANGED=$last_check_result
-check_files "${fs_files[@]}"
-FS_CHANGED=$last_check_result
-check_files "${static_sketches_files[@]}"
-STATIC_SKETCHES_CHANGED=$last_check_result
-check_files "${idf_files[@]}"
-IDF_CHANGED=$last_check_result
 
 if [[ $CORE_CHANGED == 'true' ]] || [[ $IS_PR != 'true' ]]; then
     echo "Core files changed or not a PR. Building all."
@@ -163,9 +76,9 @@ chunks+="]"
 
 {
     echo "build_all=$build_all"
-    echo "build_libraries=$LIB_CHANGED"
-    echo "build_static_sketches=$STATIC_SKETCHES_CHANGED"
-    echo "build_idf=$IDF_CHANGED"
+    echo "build_libraries=$BUILD_LIBRARIES"
+    echo "build_static_sketches=$BUILD_STATIC_SKETCHES"
+    echo "build_idf=$BUILD_IDF"
     echo "chunk_count=$chunks_count"
     echo "chunks=$chunks"
 } >> "$GITHUB_OUTPUT"
@@ -15,7 +15,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ github.event.client_payload.branch }}
 
@@ -32,13 +32,13 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ github.event.client_payload.branch }}
 
       - run: npm install
       - name: Setup jq
-        uses: dcarbone/install-jq-action@v1.0.1
+        uses: dcarbone/install-jq-action@e397bd87438d72198f81efd21f876461183d383a # v3.0.1
 
       - id: set-test-chunks
         name: Set Chunks
@@ -64,7 +64,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ github.event.client_payload.branch }}
 
@@ -74,7 +74,7 @@ jobs:
           FQBN: ${{ toJSON(matrix.chunk) }}
 
       - name: Compile sketch
-        uses: P-R-O-C-H-Y/compile-sketches@main
+        uses: P-R-O-C-H-Y/compile-sketches@a62f069b92dc8f5053da4ac439ea6d1950cf6379 # main
         with:
           platforms: |
             ${{ env.REPOSITORY }}
 
@@ -22,10 +22,10 @@ jobs:
     steps:
       # This step makes the contents of the repository available to the workflow
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Setup jq
-        uses: dcarbone/install-jq-action@v1.0.1
+        uses: dcarbone/install-jq-action@e397bd87438d72198f81efd21f876461183d383a # v3.0.1
 
       - name: Get board name
         run: bash .github/scripts/find_new_boards.sh ${{ github.repository }} ${{github.base_ref}}
@@ -47,7 +47,7 @@ jobs:
     steps:
       # This step makes the contents of the repository available to the workflow
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Check if build.board is uppercase
         run: |
@@ -60,7 +60,7 @@ jobs:
           fi
 
       - name: Get libs cache
-        uses: actions/cache@v4
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         with:
           key: libs-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('package/package_esp32_index.template.json', 'tools/get.py') }}
           path: |
@@ -73,7 +73,7 @@ jobs:
             ./tools/xtensa-*
 
       - name: Compile sketch
-        uses: P-R-O-C-H-Y/compile-sketches@main
+        uses: P-R-O-C-H-Y/compile-sketches@a62f069b92dc8f5053da4ac439ea6d1950cf6379 # main
         with:
           platforms: |
             ${{ env.REPOSITORY }}
 
@@ -18,7 +18,7 @@ jobs:
       all_changed_files: ${{ steps.verify-changed-files.outputs.all_changed_files }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 2
           ref: ${{ github.event.pull_request.head.ref }}
@@ -30,15 +30,16 @@ jobs:
           echo "Make sure you are using a branch inside the repository and not a fork."
 
       - name: Verify Python Tools Changed
+        uses: tj-actions/changed-files@2f7c5bfce28377bc069a65ba478de0a74aa0ca32 # v46.0.1
         id: verify-changed-files
-        run: |
-          CHANGED_FILES=$(git diff-tree --no-commit-id --name-only -r ^HEAD -- tools/get.py tools/espota.py tools/gen_esp32part.py tools/gen_insights_package.py | xargs)
-          echo "all_changed_files=$CHANGED_FILES" >> $GITHUB_OUTPUT
-          if [ -n "$CHANGED_FILES" ]; then
-            echo "any_changed=true" >> $GITHUB_OUTPUT
-          else
-            echo "any_changed=false" >> $GITHUB_OUTPUT
-          fi
+        with:
+          fetch_depth: "2"
+          since_last_remote_commit: "true"
+          files: |
+            tools/get.py
+            tools/espota.py
+            tools/gen_esp32part.py
+            tools/gen_insights_package.py
 
       - name: List all changed files
         shell: bash
@@ -88,25 +89,30 @@ jobs:
           for tool in ${{ env.CHANGED_TOOLS }}; do
             echo "tool $tool was changed"
           done
+
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           token: ${{ secrets.TOOLS_UPLOAD_PAT }}
           ref: ${{ github.event.pull_request.head.ref }}
+
       - name: Set up Python 3.8
-        uses: actions/setup-python@master
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.0.4
         with:
           python-version: 3.8
+
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
           pip install pyinstaller requests
+
       - name: Build with PyInstaller
         shell: bash
         run: |
           for tool in ${{ env.CHANGED_TOOLS }}; do
             pyinstaller --distpath ./${{ env.DISTPATH }} -F --icon=.github/pytools/espressif.ico tools/$tool.py
           done
+
       - name: Sign binaries
         if: matrix.os == 'windows-latest'
         env:
@@ -119,12 +125,14 @@ jobs:
           {
             ./.github/pytools/Sign-File.ps1 -Path ./${{ env.DISTPATH }}/$node.exe
           }
+
       - name: Test binaries
         shell: bash
         run: |
           for tool in ${{ env.CHANGED_TOOLS }}; do
             ./${{ env.DISTPATH }}/$tool${{ matrix.EXTEN }} -h
           done
+
       - name: Push binary to tools
         if: matrix.os == 'windows-latest'
         env:
@@ -135,8 +143,9 @@ jobs:
             cp -f ./${{ env.DISTPATH }}/$tool.exe tools/$tool.exe
           done
           bash .github/scripts/upload_py_tools.sh "${{ env.CHANGED_TOOLS }}"
+
       - name: Archive artifact
-        uses: actions/upload-artifact@master
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: ${{ env.DISTPATH }}
           path: ${{ env.DISTPATH }}
@@ -12,12 +12,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out PR head
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
       - name: DangerJS pull request linter
-        uses: espressif/shared-github-dangerjs@v1
+        uses: espressif/shared-github-dangerjs@fb17367fd3e8ff7412603b8e946d9b19ffdb2d7f # v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
 
@@ -21,14 +21,16 @@ jobs:
       run:
         shell: bash
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           submodules: true
-      - uses: actions/setup-python@v5
+
+      - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.0.4
         with:
           cache-dependency-path: docs/requirements.txt
           cache: "pip"
           python-version: "3.10"
+
       - name: Build
         run: |
           sudo apt update
@@ -38,8 +40,9 @@ jobs:
           cd ./docs
           PATH=/home/runner/.local/bin:$PATH pip3 install -r requirements.txt --prefer-binary
           PATH=/home/runner/.local/bin:$PATH SPHINXOPTS="-W" build-docs -l en
+
       - name: Archive Docs
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: docs
           path: docs
@@ -26,14 +26,17 @@ jobs:
         run: |
           echo "Release workflow failed. Exiting..."
           exit 1
-      - uses: actions/checkout@v4
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           submodules: true
-      - uses: actions/setup-python@v5
+
+      - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.0.4
         with:
           cache-dependency-path: docs/requirements.txt
           cache: "pip"
           python-version: "3.10"
+
       - name: Deploy Documentation
         env:
           # Deploy to production server
 
@@ -15,7 +15,9 @@ jobs:
     name: Build GitHub Pages
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
       - name: Copy Files
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}