v9.1.7

What's Changed

• codeql-platform.yml @Javagedes (#326)
  
  Change Details

    Removes the -t and -a command flags for the codeql-platform.yml workflow when executing stuart_build. Neither of these command line arguments are provided by the edk2_platform_build invocable. the target is set via TARGET= for platforms, and the architecture is not set at all, as platforms hardcode the required architectures.

  Sets the target via the expected way, TARGET=DEBUG.
  

  
  

  ---

  
  

• .sync/Version.njk: Update Mu repos to Mu DevOps v9.1.6 @makubacki (#324)
  
  Change Details

    Changes since last release: https://github.com/microsoft/mu_devops/compare/v9.1.5...v9.1.6

  General release info: https://github.com/microsoft/mu_devops/releases

  ---

  Includes:

  • Sync RustSetupSteps.yml to use cargo-binstall to install cargo binary tools (#320)
  • Update RustSetupSteps.yml (#321)
  • Repo File Sync: synced file(s) with microsoft/mu_devops (#322)
  • .sync/workflows/codeql: Use Version.njk cargo-make version (#323)

  In particular, including #320 in this tag allows downstream repos to use the changes.
  

  
  

  ---

  
  

Full Changelog: v9.1.6...v9.1.7

v9.1.6

What's Changed

• .sync/workflows/codeql: Use Version.njk cargo-make version @makubacki (#323)
  
  Change Details

    Most of the workflow can stay intact with GitHub caching working as-is but the cargo-make version now needs to match the version that is being synced to repos (i.e. matches rust-toolchain.toml).

  ---

  Note: We can consider using cargo binstall in the future but right now
  only cargo-make is needed, and it is simple to directly cache that binary
  as-is with existing code.
  

  
  

  ---

  
  

• Update RustSetupSteps.yml @Javagedes (#321)
  
  Change Details

    Updates RustSetupSteps.yml to use the correct variable names for the file sync to work properly.

  ---

Full Changelog: v9.1.5...v9.1.6

v9.1.5

What's Changed

• Use cargo-binstall to sync rust tool versions @Javagedes (#319)
  
  Change Details

    Update RustSetupSteps to download cargo-binstall and use it to download all other rust tools. This is to make it easy for CI to pass the updated RustEnvironmentCheck (https://github.com/microsoft/mu_basecore/pull/737) by downloading the exact tool versions as specified in the rust-toolchain.toml file.

  ---

• Change NuGetAuthenticate task to version 1. @apop5 (#296)
  
  Change Details

    Need to switch mu_devops to use NuGetAuthenticate@1 tasks. NuGetAuthenticate@0 is being depreciated, in some pipelines, starting 2024.01.31.

  https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/nuget-authenticate-v0?view=azure-pipelines
  https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/nuget-authenticate-v1?view=azure-pipelines

  Fixes #289
  

  
  

  ---

  
  

• Add pipeline to cache cargo binstall @Javagedes (#318)
  
  Change Details

    Adds a pipeline to cache cargo binstall.

  Adds .tgz (short for .tar.gz) support to the DownloadCargoBinaryFromGitHub.py script. Also fixes a logic error in the conditional that decides which assets to download.

  See successful pipeline run: https://dev.azure.com/projectmu/mu/_build/results?buildId=64211&view=logs&j=402df595-8a03-57d0-41e1-0654a1932349
  

  
  

  ---

  
  

Full Changelog: v9.1.4...v9.1.5

v9.1.4

What's Changed

• .sync/workflows/codeql-platform: Update irrelevant plugin removal dir [Rebase \& FF] @makubacki (#317)
  
  Change Details

    Two commits. One to prepare `codeql-platform.yml` for 202311 and the other to expand contextual comments in both CodeQL workflow files.

  ---

  .sync/workflows/codeql-platform: Update irrelevant plugin removal dir

  Updates the directory used for irrelevant plugin removal in this
  workflow to match codeql.yml which using the pytool directory rather
  than the directory the CodeQL plugin is found in.

  This is important because the CodeQL plugin moved from .pytool to
  BaseTools in Mu release 202311 so the plugin dir needs to be fixed
  rather than relative to the CodeQL plugin location.

  ---

  .sync/workflows/codeql: Add more inline documentation

  Updates and adds some additional comments to the CodeQL workflow
  files to give better context.
  

  
  

  ---

  
  

Full Changelog: v9.1.3...v9.1.4

v9.1.3

What's Changed

• Introduce extra\_build\_args to Jobs/PrGate.yml. Move extra\_install\_steps to after stuart\_update call. @apop5 (#292)
  
  Change Details

    extra_install_step is moved to after stuart_update.

  extra_install_steps can be used to pass a call to another stuart_update to include the --codeql parameter.
  

  
  

  ---

  
  

• .sync/Version.njk: Update Ubuntu container image @makubacki (#316)
  
  Change Details

    Update the Ubuntu build container to an image that includes Rust 1.74.

  ---

• Update Version.njk for release @Javagedes (#313)
  
  Change Details

    Updates the mu_devops version in Version.njk to 9.1.2 in preparation for a 9.1.2 release of mu_devops that will be sync'd.

  ---

Full Changelog: v9.1.2...v9.1.3

v9.1.2

What's Changed

• .sync/Version.njk: Update to Rust 1.74 @makubacki (#310)
  
  Change Details

    Routine update to keep current.

  ---

• .sync/version.njk: Update latest Mu branch to 202311 @makubacki (#309)
  
  Change Details

    Updates the latest and previous branches to 202311 and 202308.

  Also updates references to 202302 throughout the repo to prevent the
  examples from getting too stale over time.
  

  
  

  ---

  
  

Full Changelog: v9.1.1...v9.1.2

v9.1.1

What's Changed

• GitHub Action: Bump robinraju/release-downloader from 1.8 to 1.9 @makubacki (#307)
  
  Change Details

    Updates the CodeQL workflows to match the latest version that is being updated by dependabot in relevant repos.

  Release notes

  Sourced from robinraju/release-downloader's releases.

  Release Downloader v1.9

  What's Changed

  • Correct minor typo in extract action input by @​philostler in robinraju/release-downloader#666
  • Fix broken link to CI status badge on README by @​robinraju in robinraju/release-downloader#672
  • Upgrade node runtime to v20 by @​xelaris in robinraju/release-downloader#673
  • Add release name to output variable by @​robinraju in robinraju/release-downloader#677
  • Throw error when a release with no assets are obtained by @​robinraju in robinraju/release-downloader#678
  • Download latest pre-release by @​robinraju in robinraju/release-downloader#679

  Dependancy Updates

  • Update dependencies by @​robinraju in robinraju/release-downloader#671
  • Bump @​types/node from 20.9.4 to 20.11.8 by @​dependabot in robinraju/release-downloader#674
  • Bump @​typescript-eslint/parser from 6.12.0 to 6.19.1 by @​dependabot in robinraju/release-downloader#675
  • Bump eslint from 8.54.0 to 8.56.0 by @​dependabot in robinraju/release-downloader#676

  New Contributors

  • @​philostler made their first contribution in robinraju/release-downloader#666
  • @​xelaris made their first contribution in robinraju/release-downloader#673

  Full Changelog: robinraju/release-downloader@v1.8...v1.9

  Commits

  • 368754b Download latest prerelease (#679)
  • 52c0768 Throw error when a release with no assets are obtained (#678)
  • a3ec587 Add release name to output variable (#677)
  • 216d90d Bump eslint from 8.54.0 to 8.56.0 (#676)
  • f70dc82 Bump @​typescript-eslint/parser from 6.12.0 to 6.19.1 (#675)
  • 6dd543b Bump @​types/node from 20.9.4 to 20.11.8 (#674)
  • 63ce2a8 Upgrade node runtime to v20 (#673)
  • 50f312f Fix broken link to CI status badge on README (#672)
  • 56fac71 Update dependencies (#671)
  • 0ef9efa Correct minor typo in extract action input (#666)
  • Additional commits viewable in compare view

  ---

🔐 Security Impacting

• workflows: Add permissions. @Javagedes (#305)
  
  Change Details

    Add permissions to the workflows across mu_devops. This includes the workflows sync'd across repositories, and workflows used in mu_devops itself.

  With MU_BASECORE's Settings -> Code and automation -> Actions -> General -> Workflow permissions set to "Read repository contents and packages permissions" selected, I had no failures, with the following tested:

  .github/workflows

  • AutoMerger.yml - Untested
  • FileSyncer.yml - Tested
  • IssueAssignment.yml - Tested
  • IssueTriager.yml - Tested
  • LabelSyncer.yml - Tested
  • Labeler.yml - Tested
  • ReleaseDrafter.yml - Tested

  .sync/workflows/leaf

  • auto-approve.yml - Untested
  • auto-merge.yml - Untested
  • issue-assignment.yml - Tested through IssueAssignment.yml
  • label-issues.yml - Tested through Labeler.yml
  • label-sync.yml - Tested through LabelSyncer.yml
  • pull-request-formatting-validator.yml - Tested Directly
  • release-draft.yml - Tested through ReleaseDrafter.yml
  • scheduled-maintenance.yml - Tested Directly
  • stale.yml - Tested Directly
  • submodule-release-update.yml - Untested
  • triage-issues.yml - Tested
    

  
  

  ---

Full Changelog: v9.1.0...v9.1.1

v9.1.0

What's Changed

• .sync/workflows/codeql: Always remove plugins in .pytools @kenlautner (#302)
  
  Change Details

    With the CodeQL plugin moving to BaseTools (from .pytool) starting in release/202311, update the workflow to always remove unnecessary plugins (that slow down the workflow) in .pytools as opposed to relative the CodeQL plugin path.

  ---

• .sync/workflows/codeql: Update sync action to v4 @makubacki (#301)
  
  Change Details

    Matches the latest version being propagated by dependabot.

  ---

🚀 Features & ✨ Enhancements

• .sync/workflows/leaf/codeql.yml: Update CodeQL plugin from .pytool to BaseTools @makubacki (#299)
  
  Change Details

    The CodeQL plugin moved from .pytool to BaseTools in the Mu Basecore 202311 update. This change first looks for the plugin in BaseTools and falls back to the prior .pytool location if it is not found for backward compatibility with some earlier release branches that have not picked up the change.

  Eventually, the .pytool fallback can be removed.

  ---

  Issue to track removal of the fallback: #300
  

  
  

  ---

  
  

🐛 Bug Fixes

• Fix issue with .pytool/Plugin removal which was introduced with the latest codeql.yml change. @kenlautner (#303)
  
  Change Details

    The latest codeql.yml change updated the cleanup step to find .pytool/Plugin folder directly instead of using a relevant path form the CodeQL plugin directory.

  That change didn't take into account how all branches from release/202302 and older have the .pytool/Plugin version of CodeQL and was deleting all plugins in .pytool besides CompilerPlugin. This change excludes the CodeQL plugin if it exists as well.
  

  
  

  ---

  
  

Full Changelog: v9.0.6...v9.1.0

v9.0.6

What's Changed

• Rust: Makefile.toml: Add Feature flag support @Javagedes (#298)
  
  Change Details

    Adds additional environment variables to the Makefile.toml to set features when building.

  setting the variable FEATURES will translate to passing --features <features> to the underlying build command.
  

  
  

  ---

  
  

Full Changelog: v9.0.5...v9.0.6

v9.0.5

What's Changed

• .sync/workflows/leaf: CodeQL workflow changes for upload-artifact v4 @makubacki (#291)
  
  Change Details

    Two key new restrictions:

  1. No more than 10 artifacts per job in a workflow run.
  2. It is no longer possible to upload to the same named artifact
     multiple times.

  These workflows can easily split their artifacts up under the 10
  artifact limit while also not uploading to the same named artifact
  in the process.

  Full Changelog: v9.0.4...v9.0.5