[CI] Remvoe workflows

[dm4]

No description provided.

[dm4]

Hello, I am a code review agent on flows.network. Here are my reviews of changed source code files in this PR.

---

.github/workflows/IWYU_scan.yml

Potential issues

1. Duplicate Checkout Action: Both build_fedora and build_macos jobs have redundant actions/checkout@v4 steps, which could be optimized to avoid duplicate checkouts.
2. Hardcoded Directory Changes in macOS Job: The cd ../../ command in the build_macos job is brittle and can lead to unexpected behaviors if the directory structure changes.
3. Lack of Error Handling in Build Steps: The build and scanning commands (cmake --build) in both build_fedora and build_macos jobs do not have error handling, which may cause the workflow to silently fail without clear logs.

Summary of changes

• Removal of Entire Workflow Configuration: The patch deletes the entire CI workflow named "IWYU checker" which includes job definitions for Fedora and macOS environments.
• Deletion of Version Retrieval Job: The job responsible for checking out the repository and retrieving version information using git has been removed.
• Removal of IWYU Build and Scan Steps: The steps to install dependencies, build IWYU (Include What You Use), and perform scanning in both Fedora and macOS environments have been deleted.

.github/workflows/bindings-java.yml

Potential issues

1. Permissions Inconsistency: jobs.build_ubuntu.permissions.contents is set to write instead of read, which is inconsistent with the global permissions setting and can pose a security risk or cause unintended side effects.

2. Redundant Docker Container: jobs.build_ubuntu.container.image is set to an image (wasmedge/wasmedge:ubuntu-build-clang) while also installing packages (like clang-format-15) that should ideally be part of the docker image, leading to unnecessary installation steps and longer build times.

3. Disabled Tests: Both build_macos and build_windows have steps (Run Tests) with if: ${{ false }}, meaning the tests are never run, thereby risking undetected errors and reducing confidence in the code's reliability.

Summary of changes

• Complete Removal of the Workflow: The entire CI workflow script bindings-java has been removed, including all job definitions, steps, and configuration settings.
• Elimination of Cross-Platform Builds: The jobs for building and testing on Ubuntu, macOS, and Windows platforms are deleted, ceasing automated builds across these operating systems.
• Deletion of Java and WasmEdge Setup: Steps specific to setting up the Java environment and building WasmEdge libraries for each platform are removed from the CI pipeline.

.github/workflows/build-extensions.yml

Potential issues

1. Security Risk with privileged Container in build_ubuntu job: The use of --privileged in the container options may expose the CI environment to unnecessary risks, potentially leading to security vulnerabilities.

2. Setting Git Safe Directory Repeatedly: The Ensure git safe directory step is repeated in multiple jobs (get_version, build_ubuntu_wasi_nn, build_windows_wasi_nn), which could be optimized by placing this step in a reusable workflow to avoid redundancy.

3. Environment Variables for Plugin Configuration Not Quoted: In the build_ubuntu_wasi_nn and build_macos_wasi_nn steps, the plugin configuration (build_options, tar_names, etc.) are not quoted, which can lead to parser errors if any of the variables contain spaces.

Summary of changes

• Removal of entire CI workflow for WasmEdge Extensions: The patch entirely deletes a CI workflow file that handled building, testing, and uploading artifacts for various WasmEdge plugins and extensions on different operating systems and configurations.

• Deletion of multi-platform build configurations: The workflow configurations for Ubuntu, macOS, and Windows builds, including specific setups for WASI-NN, CUDA, and manylinux builds, are removed from the CI process.

• Elimination of environment setup and plugin testing steps: Steps involving dependency installation, environment configuration, and testing for various plugins such as wasi_nn, tensorflow, image, and stablediffusion across different platforms and compilers are deleted, indicating a significant reduction in automated testing and validation.

.github/workflows/build.yml

Potential issues

1. Invalid actions/checkout version: The correct version syntax is v2 or v3. actions/checkout@v4 does not exist and will cause an error.

2. Repeated branch specifications in pull_request and push triggers: Specifying branches and repeated paths filters redundantly makes the workflow verbose and harder to maintain; they should be modularized or simplified.

3. Matrix configuration error in build_on_ubuntu_22_04 job: The asset_tag value is incorrectly duplicated for "manylinux_2_28 aarch64" configuration ('asset_tag':'manylinux_2_28_x86_64'), which should be 'asset_tag':'manylinux_2_28_aarch64'.

Summary of changes

• Removal of the entire GitHub Actions workflow for testing WasmEdge Core, including several defined jobs.
• Elimination of the CI jobs that handled linting, version retrieval, and various builds for different operating systems and configurations (e.g., macOS, Manylinux, Debian, Alpine, Ubuntu, Windows, Android, and Fedora).
• Deletion of the trigger conditions for the workflow, which included specific branches and paths for both push and pull request events.

.github/workflows/build_for_nix.yml

Potential issues

1. Incorrect Action Version for Checkout: actions/checkout@v4 should be actions/checkout@v2 or v3 as there is no v4 version; using a nonexistent version will cause an error.
2. Deprecated Syntax for nix_path Assignment: nix_path usage as nixpkgs=channel:nixos-24.05 might be incorrect or outdated; ensure it's compatible with the syntax expected by cachix/install-nix-action@v27.
3. Missing working-directory for nix Commands: Without specifying the working-directory, nix build and nix flake check might not execute in the correct context, leading to potential build failures.

Summary of changes

• Removed the entire GitHub Actions workflow configuration for building WasmEdge on Nix.
• Deleted the job configuration specifying the environment and steps for the build process.
• Removed automated triggers for the workflow on push and pull_request events for specific branches and file paths.

.github/workflows/build_for_openwrt.yml

Potential issues

1. actions/checkout@v4 does not exist: The latest version of the GitHub Actions checkout is v3; using v4 will likely cause the workflow to fail due to an invalid reference.

2. Caching key reference issue: The caching step should use steps.restore-openwrt.outputs.cache instead of a non-existent steps.restore-openwrt.outputs.cache-primary-key which will result in cache save failure.

3. Potential infinite loop in make download step: Using "|| make download -j1 V=s" after "make download -j8" could inadvertently cause an infinite loop if the download keeps failing, leading to unnecessary workflow execution time.

Summary of changes

Key Changes Summary

1. Removal of Entire Workflow Configuration:

   • The patch entirely deletes the GitHub Actions workflow named "Test WasmEdge on OpenWrt."

2. Deletion of Job Definitions:

   • Removes the definitions for lint, build_openwrt, and build_openwrt_docker jobs, along with all their steps.

3. Elimination of Event Triggers:

   • The configuration for triggering the workflow on push to the master branch and on pull_request to the master and proposal/** branches has been removed.

.github/workflows/build_for_riscv.yml

Potential issues

1. Incorrect Action Version for Checkout: The correct version for actions/checkout should be @v3 instead of @v4, as there is no officially released version v4 for this action.

2. Installation Redundancy: apt-get install -q -y git is unnecessary since the actions/checkout step already ensures that Git is available in the runner; removing it can speed up the setup.

3. Sensitive Data Exposure: Avoid using ${PWD} directly in Docker run arguments as it might expose sensitive paths; consider using GitHub Actions context variables for security and portability.

Summary of changes

• Removal of RISC-V64 Build and Test Workflow: The build and test workflow for the WasmEdge project on the RISC-V64 architecture has been completely deleted.
• Elimination of Lint Job Reference: The existing lint job reference intended to be refactored with on.workflow_run has been removed.
• Deletion of GitHub Action Trigger Rules: The triggers for push and pull request events on specified branches and paths have been removed, effectively stopping the workflow from being triggered.

.github/workflows/codeql-analysis.yml

Potential issues

1. Hardcoded actions/checkout@v4 version: Referencing the checkout action without a specific commit SHA or immutable version tag can lead to unexpected changes when the action updates; use a specific version or SHA for reliability.

2. git config --global --add safe.directory $(pwd) potential misuse: Using --global scope in a CI environment might affect other parallel or subsequent jobs that use the same runner; prefer --local or ensure scope isolation.

3. Missing dependencies installation before cmake build: The build step installs libssl-dev but might miss other dependencies that could lead to build failures; ensure all necessary dependencies are included or part of the container image.

Summary of changes

• Removal of CodeQL Workflow: The entire CodeQL workflow configuration is removed, including the sections related to triggering events (push, pull_request, schedule), job definitions (lint, analyze), and steps for checkout, building, and analysis.
• Cancellation of In-progress Workflows: The concurrency and cancel-in-progress settings for the GitHub workflow are removed.
• Conditional Paths for Analysis: Specific file patterns and directory exclusions for triggering the workflow on code changes are removed.

.github/workflows/docker.yml

Potential issues

1. Invalid elif Syntax in prep Job: The prep shell script uses incorrect syntax for elif statements by using double brackets [[ ... ]] instead of single brackets if and missing fi terminations after some condition blocks.

2. Inconsistent Quoting in docker Job: In the paths-filter job's outputs section, using ${{ github.event_name == 'pull_request' && steps.filter.outputs.ci-image-base || 'true' }} can lead to unexpected behavior due to the inconsistent treatment of boolean expressions and strings; ensure correct conditions and quoting.

3. Potential Secrets Exposure: The docker/login-action@v3 steps in bake-base-images, build-ubuntu-images, and build-manylinux-images use plain ${{ secrets.DOCKER_USERNAME }} and ${{ secrets.DOCKER_ACCESS_TOKEN }} which, if improperly configured, could be logged or exposed; consider verifying secret handling and permissions.

Summary of changes

• Complete Removal of Docker Workflow: The entire workflow configuration related to building and pushing Docker images has been deleted.

• Elimination of CI Job Definitions: All job definitions, including prep, paths-filter, bake-base-images, build-ubuntu-images, and build-manylinux-images have been removed.

• Discontinuation of Docker Image Management: The setup, login, and build processes for various Docker images related to different environments and architectures have been eliminated.

.github/workflows/ignore_words

Potential issues

1. Spelling Mistakes in Identifiers: Terms like "Remvoe", "expext", "unexpect", "archtype", and "inout" have spelling errors, which can lead to confusion and potential bugs.
2. Inconsistent Naming Conventions: The use of mixed naming conventions (e.g., "keypair", "inflight", "datas") may lead to readability and maintainability issues.
3. Typographical Errors: Words such as "nd", "od", "seh", and "te" appear incomplete or incorrect, indicating potential errors that may cause functionality problems.

Summary of changes

• Removed the entire block of 23 items listed as some form of configuration or definitions.
• Cleaned up invalid or misspelled keys (e.g., "expext", "inout").
• Possibly deprecated or unused variables such as "totalin", "anull", etc., are removed to possibly streamline the configuration or improve code cleanliness.

.github/workflows/labeler.yml

Potential issues

1. Unnecessary Workflow Trigger for 'closed' Events: Triggering on pull_request_target for closed events is redundant for labeling actions, leading to wasted resources.
2. Permission Redundancy: Specifying contents: read under jobs.labeler.permissions is redundant since it's already defined at the root level.
3. Missing Default Permissions Setting: It lacks a permissions block at the workflow top-level which can lead to least-privileged permissions not being enforced for all jobs consistently.

Summary of changes

• Removal of the "Pull Request Labeler" workflow configuration file.
• Eliminated all associated job definitions and permissions settings for pull request labeling.
• Discontinued the use of the actions/labeler@v5 GitHub Action.

.github/workflows/matrix-extensions.json

Potential issues

1. Inconsistent Directory Naming: The dir value for the plugin "wasi_crypto" uses an underscore while other similar plugins such as "wasmedge_tensorflow" use a dash or no separator, which can lead to directory-related issues if consistency is not maintained.

2. Duplicate bin Values: Plugins like "wasi_nn-pytorch" and "wasi_nn-ggml" share the same bin value (libwasmedgePluginWasiNN.so), which can cause conflicts or overwriting issues during the build process if not properly handled.

3. Platform Inconsistency: The plugin "wasi_nn-pytorch" is missing some platforms that other "wasi_nn" backend plugins (e.g., "wasi_nn-ggml") support, potentially causing unhandled exceptions or errors if the platform-specific code is not implemented for all intended targets.

Summary of changes

• Removal of all configurations for various plugins including wasi_crypto, wasi_nn (with multiple backends), wasm_bpf, and others.
• Elimination of platform-specific build configurations and options for these plugins.
• Deletion of paths to binaries, test binaries, and specific build options for the removed plugins.

.github/workflows/misc-linters.yml

Potential issues

1. Deprecated Action Version: The actions/checkout@v4 version does not exist; it should be actions/checkout@v3 as the latest stable version.
2. Permissions Misconfiguration: The pull-requests: read permission under jobs.misc.permissions is unnecessary and redundant because it's not used in the specified steps.
3. Hardcoded Git Safe Directory: Using $(pwd) in git config --global --add safe.directory $(pwd) may lead to issues if the working directory changes; consider dynamically retrieving the directory explicitly.

Summary of changes

• Complete Workflow Removal: The entire GitHub Actions workflow file for miscellaneous linters has been deleted.
• Linting Steps Removal: Specific steps for checking out the repository, ensuring the git safe directory, and running the codespell linter have been removed.
• Permissions and Conditions Removal: Associated permissions, concurrency settings, and event triggers for the workflow (push and pull_request) have been removed.

.github/workflows/release.yml

Potential issues

1. Redundant Global Git Configuration:

   • Multiple steps redundantly configure Git's safe directory setting, which should be consolidated to improve efficiency.

2. Quoted YAML List Elements in 'matrix':

   • Job matrix values for 'build_on_macos', 'build_on_ubuntu_20_04', 'build_on_manylinux2014' and others are improperly quoted YAML lists, leading to potential parsing issues; proper YAML list formatting should be used instead.

3. Potential Environment Variable Overwriting:

   • In the steps' shell scripts, environment variables like output_bin and build_options are reused across loops, which can lead to overwriting and unexpected behaviors in concurrent or subsequent steps.

Summary of changes

Key Changes:

1. Complete Removal of the Release Workflow: The entire GitHub Actions workflow for creating and managing releases, including jobs for various OS builds and plugin uploads, was removed.
2. Elimination of Automated Build Jobs: Specific build jobs for different environments including macOS, Ubuntu, Windows, Manylinux, and others were removed, impacting the CI's ability to automate builds across various platforms.
3. Removal of Plugin Build and Upload Steps: Detailed steps for building and uploading plugins (like WASI-NN, WASI-Plugin) for different backends and platforms were entirely deleted, including handling complex build dependencies and packaging.

.github/workflows/reusable-build-extensions-on-legacy-manylinux.yml

Potential issues

1. Security Issue: The ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION environment variable is set to true, which allows the use of insecure Node.js versions and exposes the CI environment to potential security vulnerabilities.

2. Potential Undefined Variable: The ${{ matrix.testBin }} and ${{ matrix.bin }} variables are used in the env and steps sections, but their values are not explicitly checked for correctness within the matrix configuration, leading to potential undefined behavior.

3. Incorrect Expression Syntax: In the cmake step, the conditional expression ${{ inputs.release && 'OFF' || 'ON' }} uses a non-standard approach to manage the DWASMEDGE_BUILD_TESTS, which should be corrected for logical clarity and proper evaluation.

Summary of changes

• Complete Workflow Removal: The entire workflow configuration for building extensions on legacy manylinux has been removed. This includes steps for building, testing, and uploading artifacts.
• Environment Variables and Conditional Logic: All environment variable setups, conditional steps based on inputs.release and matrix.plugin, and matrix strategies to handle different plugin builds have been removed.
• Docker and Privileged Options: The configuration specifying the use of a Docker container with the wasmedge/wasmedge image and the --privileged option have been removed.

.github/workflows/reusable-build-extensions-on-manylinux.yml

Potential issues

1. Expression Syntax Error in run: Command:

   . . .
   - name: Build ${{ matrix.plugin }}
     shell: bash
     run: |
       cmake -Bbuild -GNinja \
         -DCMAKE_BUILD_TYPE=Release \
         -DWASMEDGE_BUILD_TESTS=${{ inputs.release && 'OFF' || 'ON' }} \
         -DWASMEDGE_BUILD_TOOLS=OFF \
         -DWASMEDGE_USE_LLVM=OFF \
         -DOPENSSL_ROOT_DIR=${OpenSSL_DIR} \
         ${{ matrix.options }}
       cmake --build build --target ${target}
   . . .

   The inline condition ${{ inputs.release && 'OFF' || 'ON' }} should be ${{ inputs.release }} ? 'OFF' : 'ON' for proper GitHub Actions' expression syntax.

2. Missing Quotation Marks in Docker Image Specification:

   container:
     image: wasmedge/wasmedge:${{ inputs.docker_tag }}
     options: --privileged

   The ${{ inputs.docker_tag }} should be quoted, i.e., "wasmedge/wasmedge:${{ inputs.docker_tag }}" to prevent potential parsing issues.

3. Inconsistent Run Command with if Condition:

   - if: ${{ !inputs.release && matrix.plugin == 'wasm_bpf' }}
     name: Prepare test env
     shell: bash
     run: |
       mount -t debugfs none /sys/kernel/debug

   The inline condition should not use && inside ${{ }}; it should be ${{ !inputs.release && eq(matrix.plugin, 'wasm_bpf') }} to properly handle GitHub Action expression conditions.

Summary of changes

• Entire workflow for building extensions on manylinux was removed: The patch deletes comprehensive sections of the CI workflow responsible for handling builds on manylinux environments.

• Removal of job and step definitions: All job definitions, step sequences, and environment setups that facilitated the continuous integration process for multiple plugins using manylinux were eradicated.

• Elimination of CI-related inputs: All input parameter configurations required for the workflow like runner, docker_tag, asset_tag, plugins, version, and release were entirely removed.

.github/workflows/reusable-build-extensions.yml

Potential issues

1. Invalid Ternary Operator Expression in JavaScript: The syntax ${{ inputs.release || fromJSON(steps.filter.outputs.all) }} is incorrect because ${{ }} is evaluated by GitHub Actions as YAML expression, not JavaScript code, leading to parsing errors in the script section.

2. Missing Core Definition: The line core.setOutput(tag, plugins.filter depends on the core module, which isn't imported; it should include const core = require('@actions/core');.

3. Potential Undefined Environment Variables: Environment variables such as wasi_crypto are directly accessed from steps.filter.outputs without ensuring they are set, which can cause runtime errors if any output key is missing or undefined.

Summary of changes

Key Changes Summary

1. Complete Workflow Removal:

   • The entire "Build extensions" workflow has been removed, encompassing all job definitions and steps.

2. Elimination of Build Jobs:

   • Specific jobs for preparing and building extensions on various manylinux platforms (e.g., manylinux_2_28_x86_64, manylinux2014_x86_64) have been deleted.

3. Removal of Workflow Inputs and Outputs:

   • Inputs such as version and release, and outputs like manylinux_2_28_x86_64 and manylinux2014_x86_64 have been eliminated.

.github/workflows/reusable-build-on-alpine-static.yml

Potential issues

1. Inconsistent job naming: The job is named build_on_debian_static, but it builds on Alpine, which is confusing and can cause misconfigurations.

2. Inconsistent runs-on OS: The job is set to run on ubuntu-latest, but the context implies it should use an Alpine environment, conflicting with the job's purpose.

3. Insecure Docker Setup: The setup-buildx-action is configured without specifying trusted userns or seccomp, potentially leading to security risks during Docker operations.

Summary of changes

• Removed entire workflow for building on Alpine using a static library.
• Deleted job configurations for running on ubuntu-latest, including steps for checking out code, setting up Docker, building, and uploading artifacts.
• Removed logic for conditional package tarball upload based on release input.

.github/workflows/reusable-build-on-android.yml

Potential issues

1. Inconsistent Version Tag in Artifacts:
   The artifact name in upload-artifact step uses ${{ inputs.version }}-android_aarch64.tar.gz but the path uses ${{ inputs.version }}-Android.tar.gz, causing potential upload failures due to mismatched filenames.

2. Missing Default Value for Boolean Input:
   The release input is of type boolean but does not provide a default value, which could lead to errors or undefined behavior during workflow execution.

3. Unpinned Actions Version:
   The actions/checkout and actions/upload-artifact actions are using unpinned versions (v4 and v3 respectively); for security and reliability, it's recommended to pin the exact versions, e.g., actions/[email protected].

Summary of changes

• Removal of Android Build Workflow: The entire workflow for building on Android, including job definitions, dependencies, and steps, has been deleted.
• Elimination of Artifact Upload Steps: Both conditional uploads of artifacts and release tar.gz package have been removed.
• Discontinuation of Environment Setup: Steps related to setting up the build environment, including installing dependencies and configuring the build system, are no longer present.

.github/workflows/reusable-build-on-debian-static.yml

Potential issues

1. Hardcoded Dependency Version: The uses keyword references hardcoded versions of actions (e.g., actions/checkout@v4), which could break the workflow if newer versions are released with breaking changes.

2. Duplicate Installation Command: The curl installation command checks and installs curl even though it is almost always pre-installed on ubuntu-latest; this could be avoided to speed up the workflow.

3. Permission Misconfiguration: Setting contents: write permission allows unnecessary access rights for the job; if no content is being modified in the repository, a more restrictive permission should be set.

Summary of changes

• Removed Workflow for Building on Debian (static lib): Complete deletion of the workflow file that defined the CI job to build a static library on Debian-based systems.
• Eliminated Docker Setup and Build Steps: Removed all steps related to setting up Docker Buildx and running Docker Bake Action for building WasmEdge.
• Stopped Artifact and Tarball Upload: Removed steps for uploading build artifacts and packaging tarballs, as well as the conditional logic for uploading to GitHub releases.

.github/workflows/reusable-build-on-debian.yml

Potential issues

1. Mismatched GitHub Actions Version Usage: The workflow specifies using "actions/checkout@v4", which does not exist (the latest is v2); this will cause the action to fail.

2. Incorrect Conditional for Artifact Uploading: ${{ !inputs.release }} is not a valid conditional syntax for GitHub Actions; it should be ${{ inputs.release == false }} to ensure the correct logical evaluation.

3. Missing Dependency on Step: The step "Create package tarball" implicitly depends on the previous build step, which should be made explicit by using needs, ensuring clear dependency management and avoiding potential concurrency issues.

Summary of changes

• Removal of the "Build on Debian" workflow: The entire workflow, including jobs, steps, permissions, and inputs, has been deleted.
• Elimination of Debian-specific build and test steps: All steps related to installing dependencies, building, testing WasmEdge, creating package tarballs, and uploading artifacts have been removed.
• End of CI support for building on Debian: By removing this workflow, continuous integration no longer includes Debian-based build processes.

.github/workflows/reusable-build-on-fedora.yml

Potential issues

1. Inconsistent Permissions Level: The job-level permissions block grants contents: write which is more permissive than the permissions: read specified at the top-level block, violating the principle of least privilege.

2. 'runs-on' Platform Incompatibility: The job is set to runs-on: ubuntu-latest but uses Fedora container images, which can lead to dependency and environment inconsistencies during the build process.

3. Potential Undefined Input: The use of ${{ !inputs.release }} in the Upload artifact step assumes that inputs.release is defined always. If it's not provided, this could lead to unexpected behavior or errors.

Summary of changes

• Complete Removal of Workflow: Entire workflow definition for building and testing on Fedora has been deleted.
• Removal of Job Configurations: Specific job configurations for Fedora Rawhide and Fedora Latest, including their associated build and test steps, have been removed.
• Deletion of Artifact Upload Steps: Steps for uploading build artifacts conditioned on input values have been removed.

.github/workflows/reusable-build-on-macos.yml

Potential issues

1. Inconsistent permissions scope: The top-level permissions declares contents: read, but under jobs.build_on_macos.permissions, it declares contents: write, which might grant more permissions than intended if access control is critical.

2. Potential missing required field for release input: Under workflow_call, the release input field type is boolean but does not specify if it is required, potentially causing unpredictable behavior if not provided.

3. Inconsistent artifact naming convention: The Upload artifact step uses matrix.darwin_version and version in the artifact name but the Upload package tarball step only uses matrix.arch, causing inconsistency in the naming convention which can lead to ambiguities when managing artifacts.

Summary of changes

• Removal of Entire Workflow: The patch completely removes the "Build on MacOS" GitHub Actions workflow, eliminating all 108 lines related to it.
• Discontinuation of MacOS Builds: This deletion implies that future continuous integration (CI) processes will no longer include building and testing on MacOS environments.
• Cessation of Artifact Uploads: With the workflow's removal, the process of uploading build artifacts and release packages to GitHub has been discontinued.

The elimination of this workflow requires project teams to assess the impact on MacOS-based builds and potentially set up alternative CI mechanisms if needed.

.github/workflows/reusable-build-on-manylinux.yml

Potential issues

1. Incorrect if Expressions: The condition if: ${{ inputs.release && (!contains(matrix.docker_tag, 'manylinux2014')) }} should use double quotes around the expression for proper evaluation: if: ${{ inputs.release && !contains(matrix.docker_tag, 'manylinux2014') }}.

2. Hardcoded wasmedge Path: Using a hardcoded path ./build/tools/wasmedge/wasmedge -v can lead to failures if the directory structure changes; consider using environment variables or project-relative paths to add flexibility.

3. Undeclared Default matrix.asset_tag: The placeholder ${{ matrix.asset_tag }} is used without an ensured definition in the matrix input, which could cause unexpected runtime errors if asset_tag is not provided in the matrix. Ensure the matrix input includes the asset_tag.

Summary of changes

• Entire "Build on manylinux" GitHub Actions workflow has been removed.
• All related job steps, environment settings, and permissions configurations have been deleted.
• Specific tasks for building, uploading artifacts, and releasing packages through GitHub CLI are eliminated.

.github/workflows/reusable-build-on-ubuntu.yml

Potential issues

1. Redundant git config --global --add safe.directory $(pwd) steps: Executing the same command twice (lines 22 and 28) is unnecessary and could be combined to streamline the script.

2. Inconsistent conditional checks (inputs.release vs inputs.release == 'true'): The conditionals handling the release input should consistently use one style to avoid confusion, e.g., ${{ inputs.release == 'true' }}.

3. Potential variable conflict with matrix.tests undefined check: The check if: ${{ matrix.tests }} (lines 18 and 26) implies matrix.tests is always defined, which could lead to errors if tests is not included in the matrix configuration.

Summary of changes

• Entire workflow configuration for building on Ubuntu has been removed.
• This includes all steps for installing dependencies, building with different compilers and configurations, testing, and uploading artifacts or coverage reports.
• Removal also entails the deletion of steps for setting up environmental variables, handling Git settings, and leveraging GitHub Actions tools like actions/checkout and codecov/codecov-action.

.github/workflows/reusable-build-on-windows-msvc.yml

Potential issues

1. Security Issue with GITHUB_TOKEN exposure: Hardcoding GITHUB_TOKEN in the script can potentially expose it, making the secrets accessible; it's better to use it directly through GitHub Actions' built-in access.

2. Inconsistent Input Conditions: The echo command used to set environment variables for release might not execute as expected for non-release builds, potentially leading to build issues due to an uninitialized build_tests variable.

3. Unnecessary Duplication in vswhere invocation: The Enter-VsDevShell command with vswhere is invoked repeatedly across multiple steps, which could be consolidated to avoid redundancy and ensure a consistent environment setup.

Summary of changes

• Entire workflow for building on Windows with MSVC has been removed.
• Removal includes steps for git checkout, dependency installation, and setting environment variables.
• All steps related to building, testing, packaging, and uploading WasmEdge artifacts on Windows are deleted.

.github/workflows/reusable-build-on-windows.yml

Potential issues

1. Fix Typographical Error in Name: The name "[CI] Remvoe workflows" likely contains a typo and should probably be "[CI] Remove workflows" for clarity and accuracy.

2. Incorrect Use of Double Quotes in PowerShell Script: Within the Set environment variables for release and shell scripts for building, using double quotes "$pwd\\..." can potentially lead to issues in PowerShell. PowerShell variables should be enclosed in $() like $($pwd)\\....

3. Inconsistent if Condition Syntax: The if conditions use ${{ inputs.release }} in some places while other places use {{ !inputs.release }} and $Env:product_version. Ensuring consistent syntax will reduce potential logic errors and improve readability.

Summary of changes

• Complete Removal of Windows Build Workflow: The entire GitHub Actions workflow configuration for building on Windows Server 2022 has been deleted.
• Deletion of Specific Build Steps: All the steps involved in setting up the environment (e.g., installing dependencies like CMake, Ninja, LLVM, Windows SDK), building and testing WasmEdge, generating the Windows installer, and uploading artifacts have been removed.
• Removal of Workflow Permissions and Environment Configurations: The permissions, environmental variables setup, and conditional logic based on input parameters (e.g., release) within the workflow have been removed.

.github/workflows/reusable-call-linter.yml

Potential issues

1. Hardcoded install command for clang-format-15: The script installs a specific version of clang-format (clang-format-15) which might not be compatible with future changes; it would be more flexible to either use a variable or the latest version available.

2. Potential sudo usage without caution: The use of sudo for package installation might cause failures in environments where sudo is restricted or behaves differently; consider adding checks or alternative methods for installation.

Summary of changes

• Complete Removal of Clang-Format Workflow: The entire Clang-Format workflow, including its configuration and job definitions, was deleted from the file.
• Stopped Clang-Format Linting Job: Removal of the lint job which checked out the repository, ensured a safe git directory, installed clang-format-15, and executed the Clang-Format script.
• Elimination of Dependencies: By removing the workflow, there is no longer a need to install dependencies such as clang-format-15 during the CI process.

.github/workflows/reusable-create-source-tarball.yml

Potential issues

1. Security Misconfiguration: The git config --global --add safe.directory $(pwd) command adds the current working directory to the safe list globally, which could lead to security risks if other workflows or repositories involve unsafe repositories.

2. Incorrect File Path in Upload Artifact: The path: WasmEdge-${{ inputs.version }}.tar.gz should reference WasmEdge-${{ inputs.version }}-src.tar.gz to match the artifact name specified in the name field and the file being created in the workflow.

3. Missing Release Condition Safety: The upload step with gh release upload command should include a check to ensure gh CLI is installed and properly configured, otherwise it might fail for users without appropriate setup or insufficient permissions.

Summary of changes

• Workflow file for creating a source tarball has been entirely removed.
• Job definitions and steps for creating and uploading a tarball have been deleted.
• Permissions, input parameters, and environment variable setups specifically for the workflow have been removed.