From b68f52ed1415f512567869ce4576d23768a75351 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Fri, 19 Dec 2025 10:36:38 +0100 Subject: [PATCH 01/11] Enhance GitHub workflows to conditionally run tests based on file changes. Added checks for 'circuits' in circuits.yml and 'contracts' or 'common' in contracts.yml to determine if tests should execute on dev branch. This avoids too wide changelist in trigger filter that is problematic --- .github/workflows/circuits.yml | 29 ++++++++++++++++++++++++++--- .github/workflows/contracts.yml | 30 ++++++++++++++++++++++++++---- 2 files changed, 52 insertions(+), 7 deletions(-) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index d27071900..5f4befce2 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -5,11 +5,34 @@ on: - dev - staging - main - paths: - - "circuits/**" jobs: + check_changes: + runs-on: ubuntu-slim + outputs: + should_run: ${{ steps.filter.outputs.should_run }} + steps: + - uses: actions/checkout@v6 + + - name: Check if should run + id: filter + run: | + if [[ "${{ github.base_ref }}" == "main" ]] || [[ "${{ github.base_ref }}" == "staging" ]]; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for ${{ github.base_ref }} - no path filter" + else + # For dev branch, check if circuits files changed + if git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -q "^circuits/"; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for dev - circuits files changed" + else + echo "should_run=false" >> $GITHUB_OUTPUT + echo "Skipping for dev - no circuits files changed" + fi + fi + run_circuit_tests: - if: github.event.pull_request.draft == false + needs: check_changes + if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' runs-on: ubuntu-latest environment: development permissions: diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 4e6fcc4a1..f99e20f93 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -5,17 +5,39 @@ on: - dev - staging - main - paths: - - "contracts/**" - - "common/**" concurrency: group: contracts-ci-${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: + check_changes: + runs-on: ubuntu-slim + outputs: + should_run: ${{ steps.filter.outputs.should_run }} + steps: + - uses: actions/checkout@v6 + + - name: Check if should run + id: filter + run: | + if [[ "${{ github.base_ref }}" == "main" ]] || [[ "${{ github.base_ref }}" == "staging" ]]; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for ${{ github.base_ref }} - no path filter" + else + # For dev branch, check if contracts or common files changed + if git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -qE "^(contracts|common)/"; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for dev - contracts or common files changed" + else + echo "should_run=false" >> $GITHUB_OUTPUT + echo "Skipping for dev - no contracts or common files changed" + fi + fi + test_contracts: - if: github.event.pull_request.draft == false + needs: check_changes + if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' runs-on: ubuntu-latest environment: development steps: From df7f7f9b43a303ee285691301415c074747052f8 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Fri, 19 Dec 2025 10:53:21 +0100 Subject: [PATCH 02/11] Update GitHub workflows to set fetch-depth to 0 for actions/checkout in circuits.yml and contracts.yml. This change ensures that the full history is available for subsequent steps in the workflows. --- .github/workflows/circuits.yml | 2 ++ .github/workflows/contracts.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index 5f4befce2..b3fdc5fb9 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -12,6 +12,8 @@ jobs: should_run: ${{ steps.filter.outputs.should_run }} steps: - uses: actions/checkout@v6 + with: + fetch-depth: 0 - name: Check if should run id: filter diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index f99e20f93..647e4ed99 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -17,6 +17,8 @@ jobs: should_run: ${{ steps.filter.outputs.should_run }} steps: - uses: actions/checkout@v6 + with: + fetch-depth: 0 - name: Check if should run id: filter From 6efffb6a912258d3cc5378fe09e6a02fcb88c60b Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Fri, 19 Dec 2025 12:24:40 +0100 Subject: [PATCH 03/11] Use self-hosted runner --- .github/workflows/circuits.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index b3fdc5fb9..d99c27096 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -35,7 +35,10 @@ jobs: run_circuit_tests: needs: check_changes if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' - runs-on: ubuntu-latest + runs-on: + - "self-hosted" + - "selfxyz-org" + - "ubuntu-24-04" environment: development permissions: contents: read From ffef0bb504f10877d0407ccde00670241d7e28b2 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Fri, 19 Dec 2025 12:31:30 +0100 Subject: [PATCH 04/11] Install nodejs and corepack --- .github/workflows/circuits.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index d99c27096..4bfe35f9c 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -134,6 +134,14 @@ jobs: - name: Print Circom version run: circom --version + - name: Setup Node.js + uses: actions/setup-node@v6 + with: + node-version-file: .nvmrc + + - name: Enable Corepack + run: corepack enable + - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: From ab3ad25888dee16c50e9637a31e8dcb276382d8a Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Fri, 19 Dec 2025 17:00:57 +0100 Subject: [PATCH 05/11] Enhance GitHub workflows to improve error handling during file change checks. Added error handling for git diff command in circuits.yml and contracts.yml to ensure robust execution and prevent workflow failures due to diff errors. --- .github/workflows/circuits.yml | 7 ++++++- .github/workflows/contracts.yml | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index 4bfe35f9c..3a527d91b 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -18,12 +18,17 @@ jobs: - name: Check if should run id: filter run: | + set -e if [[ "${{ github.base_ref }}" == "main" ]] || [[ "${{ github.base_ref }}" == "staging" ]]; then echo "should_run=true" >> $GITHUB_OUTPUT echo "Running for ${{ github.base_ref }} - no path filter" else # For dev branch, check if circuits files changed - if git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -q "^circuits/"; then + CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) || { + echo "Error: Failed to diff against base branch" + exit 1 + } + if echo "$CHANGED_FILES" | grep -qE "^circuits/"; then echo "should_run=true" >> $GITHUB_OUTPUT echo "Running for dev - circuits files changed" else diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 647e4ed99..65e9edfbe 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -23,12 +23,17 @@ jobs: - name: Check if should run id: filter run: | + set -e if [[ "${{ github.base_ref }}" == "main" ]] || [[ "${{ github.base_ref }}" == "staging" ]]; then echo "should_run=true" >> $GITHUB_OUTPUT echo "Running for ${{ github.base_ref }} - no path filter" else # For dev branch, check if contracts or common files changed - if git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -qE "^(contracts|common)/"; then + CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) || { + echo "Error: Failed to diff against base branch" + exit 1 + } + if echo "$CHANGED_FILES" | grep -qE "^(contracts|common)/"; then echo "should_run=true" >> $GITHUB_OUTPUT echo "Running for dev - contracts or common files changed" else From 655026c790b839d06364e3e7d33962893b6d348f Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Mon, 22 Dec 2025 12:28:10 +0100 Subject: [PATCH 06/11] Update GitHub workflows to use actions/checkout@v6 for improved compatibility and performance across all CI configurations. This change replaces the previous version v4 in circuits, contracts, and other workflow files. --- .github/workflows/circuits-build.yml | 2 +- .github/workflows/circuits.yml | 2 +- .github/workflows/common-ci.yml | 8 ++++---- .github/workflows/contracts.yml | 2 +- .github/workflows/core-sdk-ci.yml | 8 ++++---- .github/workflows/gitleaks.yml | 2 +- .github/workflows/mobile-bundle-analysis.yml | 4 ++-- .github/workflows/mobile-ci.yml | 8 ++++---- .github/workflows/mobile-deploy.yml | 10 +++++----- .github/workflows/mobile-e2e.yml | 4 ++-- .github/workflows/mobile-sdk-ci.yml | 10 +++++----- .github/workflows/mobile-sdk-demo-ci.yml | 2 +- .github/workflows/mobile-sdk-demo-e2e.yml | 4 ++-- .github/workflows/npm-publish.yml | 18 +++++++++--------- .github/workflows/qrcode-sdk-ci.yml | 8 ++++---- .github/workflows/release-calendar.yml | 4 ++-- .github/workflows/web.yml | 2 +- .github/workflows/workspace-ci.yml | 12 ++++++------ app/.github/workflows/test-coverage.yml | 2 +- 19 files changed, 56 insertions(+), 56 deletions(-) diff --git a/.github/workflows/circuits-build.yml b/.github/workflows/circuits-build.yml index b729c65eb..5db9806c6 100644 --- a/.github/workflows/circuits-build.yml +++ b/.github/workflows/circuits-build.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install cpp dependencies run: | diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index 3a527d91b..021753870 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -51,7 +51,7 @@ jobs: CIRCOM_VERSION: "2.1.9" CIRCOM_SHA256: "e5575829252d763b7818049df9de2ef9304df834697de77fa63ce7babc23c967" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 # Circom installation from https://github.com/erhant/circomkit/blob/main/.github/workflows/tests.yml - name: Install dependencies diff --git a/.github/workflows/common-ci.yml b/.github/workflows/common-ci.yml index 92d90e910..a4b8d7426 100644 --- a/.github/workflows/common-ci.yml +++ b/.github/workflows/common-ci.yml @@ -8,7 +8,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: @@ -34,7 +34,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: @@ -54,7 +54,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: @@ -90,7 +90,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 65e9edfbe..2c41d18a8 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -48,7 +48,7 @@ jobs: runs-on: ubuntu-latest environment: development steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/core-sdk-ci.yml b/.github/workflows/core-sdk-ci.yml index 1896ba57c..64f1ff412 100644 --- a/.github/workflows/core-sdk-ci.yml +++ b/.github/workflows/core-sdk-ci.yml @@ -14,7 +14,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build dependencies @@ -38,7 +38,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Corepack run: | corepack enable @@ -67,7 +67,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Corepack run: | corepack enable @@ -96,7 +96,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Corepack run: | corepack enable diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 0e3ecb9c5..736794dd5 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -7,7 +7,7 @@ jobs: gitleaks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Install gitleaks diff --git a/.github/workflows/mobile-bundle-analysis.yml b/.github/workflows/mobile-bundle-analysis.yml index d53fcfc1e..6340e9677 100644 --- a/.github/workflows/mobile-bundle-analysis.yml +++ b/.github/workflows/mobile-bundle-analysis.yml @@ -20,7 +20,7 @@ jobs: analyze-android: runs-on: macos-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -85,7 +85,7 @@ jobs: analyze-ios: runs-on: macos-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/mobile-ci.yml b/.github/workflows/mobile-ci.yml index 924542201..593a5d343 100644 --- a/.github/workflows/mobile-ci.yml +++ b/.github/workflows/mobile-ci.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -96,7 +96,7 @@ jobs: needs: build-deps timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -211,7 +211,7 @@ jobs: IOS_PROJECT_NAME: "Self" IOS_PROJECT_SCHEME: "OpenPassport" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -407,7 +407,7 @@ jobs: needs: build-deps timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/mobile-deploy.yml b/.github/workflows/mobile-deploy.yml index 65609a404..5ea0a6d0c 100644 --- a/.github/workflows/mobile-deploy.yml +++ b/.github/workflows/mobile-deploy.yml @@ -168,7 +168,7 @@ jobs: version_bump_type: ${{ steps.determine-bump.outputs.version_bump }} platform: ${{ steps.determine-platform.outputs.platform }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Build from the branch that triggered the workflow (staging, feature branch, etc.) @@ -291,7 +291,7 @@ jobs: fi fi - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Checkout the branch that triggered the workflow @@ -872,7 +872,7 @@ jobs: fi fi - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 if: inputs.platform != 'ios' with: fetch-depth: 0 @@ -1282,7 +1282,7 @@ jobs: env: APP_PATH: ${{ github.workspace }}/app steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Checkout target branch for version bump PR (default: dev, override with bump_target_branch input) @@ -1471,7 +1471,7 @@ jobs: (needs.build-ios.result == 'success' || needs.build-android.result == 'success') && (inputs.deployment_track == 'production') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Checkout target branch for tagging (usually dev) diff --git a/.github/workflows/mobile-e2e.yml b/.github/workflows/mobile-e2e.yml index 3ecb7b2b3..e7a5547a9 100644 --- a/.github/workflows/mobile-e2e.yml +++ b/.github/workflows/mobile-e2e.yml @@ -37,7 +37,7 @@ jobs: timeout-minutes: 120 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -240,7 +240,7 @@ jobs: IOS_PROJECT_NAME: "Self" IOS_PROJECT_SCHEME: "OpenPassport" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/mobile-sdk-ci.yml b/.github/workflows/mobile-sdk-ci.yml index 8812eb942..e39e94407 100644 --- a/.github/workflows/mobile-sdk-ci.yml +++ b/.github/workflows/mobile-sdk-ci.yml @@ -12,7 +12,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build dependencies @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts @@ -56,7 +56,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts @@ -77,7 +77,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts @@ -98,7 +98,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts diff --git a/.github/workflows/mobile-sdk-demo-ci.yml b/.github/workflows/mobile-sdk-demo-ci.yml index 2bc07d764..c68339460 100644 --- a/.github/workflows/mobile-sdk-demo-ci.yml +++ b/.github/workflows/mobile-sdk-demo-ci.yml @@ -12,7 +12,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Node uses: actions/setup-node@v4 with: diff --git a/.github/workflows/mobile-sdk-demo-e2e.yml b/.github/workflows/mobile-sdk-demo-e2e.yml index be554e3df..f825483fb 100644 --- a/.github/workflows/mobile-sdk-demo-e2e.yml +++ b/.github/workflows/mobile-sdk-demo-e2e.yml @@ -40,7 +40,7 @@ jobs: timeout-minutes: 60 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -211,7 +211,7 @@ jobs: IOS_WORKSPACE_PATH: packages/mobile-sdk-demo/ios/SelfDemoApp.xcworkspace IOS_PROJECT_SCHEME: SelfDemoApp steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 4c2a8d32c..ea34e4969 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -28,7 +28,7 @@ jobs: qrcode_angular_changed: ${{ steps.check-version.outputs.qrcode_angular_changed }} msdk_changed: ${{ steps.check-version.outputs.msdk_changed }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 2 @@ -72,7 +72,7 @@ jobs: if: needs.detect-changes.outputs.core_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -100,7 +100,7 @@ jobs: if: needs.detect-changes.outputs.qrcode_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -128,13 +128,13 @@ jobs: if: needs.detect-changes.outputs.common_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: node-version-file: .nvmrc registry-url: "https://registry.npmjs.org" - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install @@ -155,13 +155,13 @@ jobs: if: needs.detect-changes.outputs.contracts_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: node-version-file: .nvmrc registry-url: "https://registry.npmjs.org" - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build package @@ -180,7 +180,7 @@ jobs: if: needs.detect-changes.outputs.qrcode_angular_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -208,7 +208,7 @@ jobs: if: needs.detect-changes.outputs.msdk_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/qrcode-sdk-ci.yml b/.github/workflows/qrcode-sdk-ci.yml index 8b4852cc7..10202c07e 100644 --- a/.github/workflows/qrcode-sdk-ci.yml +++ b/.github/workflows/qrcode-sdk-ci.yml @@ -25,7 +25,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -153,7 +153,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -215,7 +215,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/release-calendar.yml b/.github/workflows/release-calendar.yml index 67638d1e7..9c51e862d 100644 --- a/.github/workflows/release-calendar.yml +++ b/.github/workflows/release-calendar.yml @@ -77,7 +77,7 @@ jobs: - name: Check out repository if: ${{ steps.guard_schedule.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -256,7 +256,7 @@ jobs: - name: Check out repository if: ${{ steps.guard_schedule.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/web.yml b/.github/workflows/web.yml index 7f010e975..6bf358a26 100644 --- a/.github/workflows/web.yml +++ b/.github/workflows/web.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest if: false steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build dependencies diff --git a/.github/workflows/workspace-ci.yml b/.github/workflows/workspace-ci.yml index f81c44c9a..56ebcbee8 100644 --- a/.github/workflows/workspace-ci.yml +++ b/.github/workflows/workspace-ci.yml @@ -18,7 +18,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -47,7 +47,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -76,7 +76,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -106,7 +106,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -147,7 +147,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -176,7 +176,7 @@ jobs: # permissions: # contents: read # steps: - # - uses: actions/checkout@v4 + # - uses: actions/checkout@v6 # - name: Cache Yarn dependencies # uses: ./.github/actions/cache-yarn diff --git a/app/.github/workflows/test-coverage.yml b/app/.github/workflows/test-coverage.yml index 9674dac75..f21176c17 100644 --- a/app/.github/workflows/test-coverage.yml +++ b/app/.github/workflows/test-coverage.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Use Node.js uses: actions/setup-node@v4 From db10e241061ca56b59368937acd15d5d686c6edf Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Mon, 22 Dec 2025 17:16:46 +0100 Subject: [PATCH 07/11] Remove actions/checkout@v6 from npm-publish workflow to streamline dependency installation process. --- .github/workflows/npm-publish.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index ea34e4969..796c6cbc2 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -134,7 +134,6 @@ jobs: with: node-version-file: .nvmrc registry-url: "https://registry.npmjs.org" - - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install @@ -161,7 +160,6 @@ jobs: with: node-version-file: .nvmrc registry-url: "https://registry.npmjs.org" - - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build package From cd6037649cdbdc765e1cdc2b1b053f2c322fe950 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Tue, 23 Dec 2025 09:50:16 +0100 Subject: [PATCH 08/11] Fix path in npm-publish workflow to correctly reference mobile-sdk-alpha package.json for version checks. --- .github/workflows/npm-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 796c6cbc2..3ae0a3a19 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -63,7 +63,7 @@ jobs: echo "qrcode_angular_changed=true" >> $GITHUB_OUTPUT fi - if git diff HEAD^ HEAD -- sdk/mobile-sdk-alpha/package.json | grep -q '"version":' || [ "${{ github.event_name }}" = "workflow_dispatch" ]; then + if git diff HEAD^ HEAD -- packages/mobile-sdk-alpha/package.json | grep -q '"version":' || [ "${{ github.event_name }}" = "workflow_dispatch" ]; then echo "msdk_changed=true" >> $GITHUB_OUTPUT fi From f76cc80f07de05bcbe96fa9f16f30d8c77173b89 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Tue, 23 Dec 2025 11:03:16 +0100 Subject: [PATCH 09/11] Test circuits in other runner --- .github/workflows/circuits.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index 021753870..db5d19c84 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -40,10 +40,11 @@ jobs: run_circuit_tests: needs: check_changes if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' - runs-on: - - "self-hosted" - - "selfxyz-org" - - "ubuntu-24-04" + runs-on: ubuntu-latest + # runs-on: + # - "self-hosted" + # - "selfxyz-org" + # - "ubuntu-24-04" environment: development permissions: contents: read From 4252757081a196313aba14b2fa542417807e9ae5 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Wed, 24 Dec 2025 10:06:02 +0100 Subject: [PATCH 10/11] Runs on self-hosted node --- .github/workflows/circuits.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index db5d19c84..021753870 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -40,11 +40,10 @@ jobs: run_circuit_tests: needs: check_changes if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' - runs-on: ubuntu-latest - # runs-on: - # - "self-hosted" - # - "selfxyz-org" - # - "ubuntu-24-04" + runs-on: + - "self-hosted" + - "selfxyz-org" + - "ubuntu-24-04" environment: development permissions: contents: read From ec69e2086c0cf98a3107f1823cb2ec91973fc5ee Mon Sep 17 00:00:00 2001 From: Nesopie <87437291+Nesopie@users.noreply.github.com> Date: Wed, 24 Dec 2025 15:35:54 +0530 Subject: [PATCH 11/11] chore: skip nullifier tests (#1527) --- circuits/tests/register/register_aadhaar.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/circuits/tests/register/register_aadhaar.test.ts b/circuits/tests/register/register_aadhaar.test.ts index 86ffe8227..96045ec90 100644 --- a/circuits/tests/register/register_aadhaar.test.ts +++ b/circuits/tests/register/register_aadhaar.test.ts @@ -51,7 +51,7 @@ describe('REGISTER AADHAAR Circuit Tests', function () { const w = await circuit.calculateWitness(inputs); await circuit.checkConstraints(w); }); - it('should pass constrain and output correct nullifier and commitment', async function () { + it.skip('should pass constrain and output correct nullifier and commitment', async function () { this.timeout(0); const { inputs, nullifier, commitment } = prepareAadhaarRegisterTestData( privateKeyPem, @@ -126,7 +126,7 @@ describe('REGISTER AADHAAR Circuit Tests', function () { assert(BigInt(out.commitment) !== BigInt(commitment)); }); - it('should pass for different qr data', async function () { + it.skip('should pass for different qr data', async function () { this.timeout(0); const { inputs, nullifier, commitment } = prepareAadhaarRegisterTestData( privateKeyPem,