Merge branch 'stdlib-js:develop' into isamax-wasm

Author: aman-095

.editorconfig

@@ -86,7 +86,6 @@ indent_style = tab
 [*.{f,f.txt}]
 indent_style = space
 indent_size = 2
-insert_final_newline = false
 
 # Set properties for shell files:
 [*.{sh,sh.txt}]

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -117,5 +117,5 @@ body:
       options:
         - label: Read and understood the [Code of Conduct](https://github.com/stdlib-js/stdlib/blob/develop/CODE_OF_CONDUCT.md).
           required: true
-        - label:  Searched for existing issues and pull requests.
+        - label: Searched for existing issues and pull requests.
           required: true

.github/ISSUE_TEMPLATE/config.yml

@@ -18,10 +18,10 @@
 
 contact_links:
   - name: 👩‍🏫 Frequently Asked Questions
-    url:  https://github.com/stdlib-js/stdlib/blob/develop/FAQ.md
+    url: https://github.com/stdlib-js/stdlib/blob/develop/FAQ.md
     about: Consult the FAQ in case we have already answered your question there.
   - name: 💬 Question
-    url:  https://gitter.im/stdlib-js/stdlib
+    url: https://gitter.im/stdlib-js/stdlib
     about: Got a (non-bug related) question we haven't already answered? Ask us on Gitter! 🤗
   - name: 👏 Support Us
     url: https://github.com/stdlib-js/stdlib/blob/develop/docs/support_the_project.md

.github/labeler.yml

@@ -35,3 +35,7 @@ REPL:
 Statistics:
 - changed-files:
   - any-glob-to-all-files: '**/stats/**/*'
+
+Tools:
+- changed-files:
+  - any-glob-to-all-files: '**/_tools/**/*'

.github/workflows/autoclose.yml

@@ -52,7 +52,7 @@ jobs:
       - name: 'Close pull request'
         run: gh pr close "$NUMBER" --comment "$BODY"
         env:
-          GH_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           GH_REPO: ${{ github.repository }}
           NUMBER: ${{ github.event.pull_request.number }}
           BODY: |
@@ -88,7 +88,7 @@ jobs:
       - name: 'Close pull request'
         run: gh pr close "$NUMBER" --comment "$BODY"
         env:
-          GH_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           GH_REPO: ${{ github.repository }}
           NUMBER: ${{ github.event.pull_request.number }}
           BODY: |
@@ -124,7 +124,7 @@ jobs:
       - name: 'Close pull request'
         run: gh pr close "$NUMBER" --comment "$BODY"
         env:
-          GH_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           GH_REPO: ${{ github.repository }}
           NUMBER: ${{ github.event.pull_request.number }}
           BODY: |
@@ -164,7 +164,7 @@ jobs:
       - name: 'Close pull request'
         run: gh pr close "$NUMBER" --comment "$BODY"
         env:
-          GH_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           GH_REPO: ${{ github.repository }}
           NUMBER: ${{ github.event.pull_request.number }}
           BODY: |
@@ -176,7 +176,7 @@ jobs:
       - name: 'Lock conversation'
         run: gh pr lock "$NUMBER" --reason spam
         env:
-          GH_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           GH_REPO: ${{ github.repository }}
           NUMBER: ${{ github.event.pull_request.number }}
 
@@ -204,7 +204,7 @@ jobs:
       - name: 'Close pull request'
         run: gh pr close "$NUMBER" --comment "$BODY"
         env:
-          GH_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           GH_REPO: ${{ github.repository }}
           NUMBER: ${{ github.event.pull_request.number }}
           BODY: |

.github/workflows/check_contributing_guidelines_acceptance.yml

@@ -72,7 +72,7 @@ jobs:
       # Checkout the repository:
       - name: 'Checkout repository'
         # Pin action to full length commit SHA
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           # Specify whether to remove untracked files before checking out the repository:
           clean: true
@@ -87,7 +87,7 @@ jobs:
       # Check contributing guidelines acceptance:
       - name: 'Check contributing guidelines acceptance'
         env:
-          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           PR_NUMBER: ${{ github.event.pull_request.number || inputs.pull_request_number }}
         run: |
           . "$GITHUB_WORKSPACE/.github/workflows/scripts/check_contributing_guidelines_acceptance" $PR_NUMBER

.github/workflows/check_licenses.yml

@@ -59,7 +59,7 @@ jobs:
       # Checkout the repository:
       - name: 'Checkout repository'
         # Pin action to full length commit SHA
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           # Specify whether to remove untracked files before checking out the repository:
           clean: false
@@ -81,7 +81,7 @@ jobs:
       # Install Node.js:
       - name: 'Install Node.js'
         # Pin action to full length commit SHA
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
         with:
           node-version: '20' # 'lts/*'
         timeout-minutes: 5
@@ -128,7 +128,7 @@ jobs:
       # Upload the log file:
       - name: 'Upload log file'
         # Pin action to full length commit SHA
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         if: always()
         with:
           # Define a name for the uploaded artifact:

.github/workflows/check_required_files.yml

@@ -73,12 +73,14 @@ jobs:
       # Get list of added files:
       - name: 'Get list of added files'
         id: added-files
+        env:
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+          PR_NUMBER: ${{ inputs.pull_request_number }}
         run: |
           page=1
           files=""
           while true; do
-              new_files=$(curl -s -H "Accept: application/vnd.github.v3+json" -H "Authorization: Bearer ${{ secrets.STDLIB_BOT_GITHUB_TOKEN
-                 }}" "https://api.github.com/repos/stdlib-js/stdlib/pulls/${{ inputs.pull_request_number }}/files?page=$page&per_page=100" | jq -r '.[] | select(.status == "added") | .filename')
+              new_files=$(curl -s -H "Accept: application/vnd.github.v3+json" -H "Authorization: Bearer $GITHUB_TOKEN" "https://api.github.com/repos/stdlib-js/stdlib/pulls/$PR_NUMBER/files?page=$page&per_page=100" | jq -r '.[] | select(.status == "added") | .filename')
               if [ -z "$new_files" ]; then
                   break
               fi

.github/workflows/cleanup_coverage.yml

@@ -43,7 +43,7 @@ jobs:
       # Delete the 'pr-<number>' branch from the 'stdlib-js/www-test-code-coverage' repository:
       - name: 'Delete coverage branch for PR'
         env:
-          REPO_GITHUB_TOKEN: ${{ secrets.REPO_GITHUB_TOKEN }}
+          REPO_GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           PR_NUMBER: ${{ github.event.pull_request.number }}
         run: |
           curl -X DELETE -H "Authorization: token $REPO_GITHUB_TOKEN" \
@@ -55,7 +55,7 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         with:
-          github-token: ${{ secrets.CHATBOT_GITHUB_TOKEN }}
+          github-token: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           script: |
             const prNumber = context.payload.pull_request.number;
             const { data: comments } = await github.rest.issues.listComments({

.github/workflows/codeql.yml

@@ -93,7 +93,7 @@ jobs:
       # Checkout the repository:
       - name: 'Checkout repository'
         # Pin action to full length commit SHA
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           # Specify whether to remove untracked files before checking out the repository:
           clean: false
@@ -121,7 +121,7 @@ jobs:
       # Install Node.js:
       - name: 'Install Node.js'
         # Pin action to full length commit SHA
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
         with:
           node-version: '20' # 'lts/*'
         timeout-minutes: 5

.github/workflows/create_address_commit_comment_issues.yml

@@ -0,0 +1,74 @@
+#/
+# @license Apache-2.0
+#
+# Copyright (c) 2025 The Stdlib Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#/
+
+# Workflow name:
+name: create_address_commit_comment_issues
+
+# Workflow triggers:
+on:
+  # Run the workflow daily at midnight UTC:
+  schedule:
+    - cron: '0 0 * * *'
+
+  # Allow the workflow to be manually run:
+  workflow_dispatch:
+
+# Global permissions:
+permissions:
+  # Allow read-only access to the repository contents:
+  contents: read
+
+# Workflow jobs:
+jobs:
+
+  # Define a job for creating issues from commit comments...
+  create_issues:
+
+    # Define a display name:
+    name: 'Create issues from commit comments'
+
+    # Ensure the job does not run on forks:
+    if: github.repository == 'stdlib-js/stdlib'
+
+    # Define the type of virtual host machine:
+    runs-on: ubuntu-latest
+
+    # Define the sequence of job steps...
+    steps:
+      # Checkout the repository:
+      - name: 'Checkout repository'
+        # Pin action to full length commit SHA
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          # Specify whether to remove untracked files before checking out the repository:
+          clean: false
+
+          # Limit clone depth to the most recent commit:
+          fetch-depth: 1
+
+          # Specify whether to download Git-LFS files:
+          lfs: false
+        timeout-minutes: 10
+
+      # Create issues from commit comments:
+      - name: 'Create issues from commit comments'
+        env:
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
+        run: |
+          . "$GITHUB_WORKSPACE/.github/workflows/scripts/create_address_commit_comments_issues" 14
+        timeout-minutes: 15

.github/workflows/deprecate_packages.yml

@@ -61,7 +61,7 @@ jobs:
       # Deprecate the specified packages on npm and the respective GitHub repositories:
       - name: 'Deprecate packages'
         env:
-          GITHUB_TOKEN: ${{ secrets.REPO_GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
         run: |
           pkgs='${{ github.event.inputs.packages }}'
           npm_names=""

.github/workflows/do_not_merge.yml

@@ -43,8 +43,7 @@ jobs:
 
     # Define job permissions:
     permissions:
-      contents: read
-      pull-requests: write
+      pull-requests: read
 
     # Define the type of virtual host machine:
     runs-on: ubuntu-latest

.github/workflows/first_time_greeting.yml

@@ -24,8 +24,8 @@ on: [pull_request_target, issues]
 
 # Global permissions:
 permissions:
-  # Allow read-only access to the repository contents:
-  contents: read
+  # Do not give the workflow any permissions:
+  contents: none
 
 # Workflow jobs:
 jobs:
@@ -47,7 +47,7 @@ jobs:
         # Pin action to full length commit SHA
         uses: actions/first-interaction@34f15e814fe48ac9312ccf29db4e74fa767cbab7 # v1.3.0
         with:
-          repo-token: ${{ secrets.CHATBOT_GITHUB_TOKEN }}
+          repo-token: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           issue-message: |
             :wave: Hi there! :wave:
 

.github/workflows/generate_pr_commit_message.yml

@@ -53,14 +53,14 @@ jobs:
 
     # Define environment variables:
     env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       PR_NUMBER: ${{ github.event.pull_request.number }}
 
     # Define the sequence of job steps...
     steps:
       # Checkout repository:
       - name: 'Checkout repository'
-        uses: actions/checkout@v4
+        # Pin action to full length commit SHA
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           # Fetch all commits to ensure we have the full commit history:
           fetch-depth: 0
@@ -87,9 +87,10 @@ jobs:
 
       # Post commit message as PR comment:
       - name: 'Post commit message as PR comment'
-        uses: peter-evans/create-or-update-comment@v4
+        # Pin action to full length commit SHA
+        uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
         with:
-          token: ${{ secrets.CHATBOT_GITHUB_TOKEN }}
+          token: ${{ secrets.STDLIB_BOT_PAT_REPO_WRITE }}
           issue-number: ${{ github.event.pull_request.number }}
           body: |
             ### PR Commit Message

.github/workflows/git_note_amend_message.yml

@@ -52,9 +52,6 @@ on:
       STDLIB_BOT_GITHUB_TOKEN:
         description: 'GitHub token for stdlib-bot'
         required: true
-      REPO_GITHUB_TOKEN:
-        description: 'GitHub token for accessing the repository'
-        required: true
       STDLIB_BOT_GPG_PRIVATE_KEY:
         description: 'GPG private key for stdlib-bot'
         required: true
@@ -79,13 +76,16 @@ jobs:
       # Checkout the repository:
       - name: 'Checkout repository'
         # Pin action to full length commit SHA
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           # Fetch all history to allow creating a Git note for any commit:
           fetch-depth: 0
 
           # Token for accessing the repository:
-          token: ${{ secrets.REPO_GITHUB_TOKEN }}
+          token: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
+
+          # Avoid storing GitHub token in local Git configuration:
+          persist-credentials: false
 
       # Verify commit exists:
       - name: 'Verify commit exists'
@@ -130,7 +130,7 @@ jobs:
       # Commit and push changes:
       - name: 'Commit and push changes'
         env:
-            REPO_GITHUB_TOKEN: ${{ secrets.REPO_GITHUB_TOKEN }}
+            REPO_GITHUB_TOKEN: ${{ secrets.STDLIB_BOT_GITHUB_TOKEN }}
             USER_NAME: stdlib-bot
         run: |
           git config --local user.email "82920195+stdlib-bot@users.noreply.github.com"