Workflow improvements and enhancements 🍭

.github/dependabot.yml

@@ -1,15 +1,18 @@
+# This workflow is designed to automate the update process for various package ecosystems,
+# ensuring that dependencies are kept up-to-date with regular checks.
+#
 # For more details about configuring Dependabot, see full documentations here:
 # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 
 version: 2
 updates:
   # Configuration for pip
   - package-ecosystem: "pip"
-    directory: "/"
+    directory: "/"   # Search for "requirements.txt" on root directory
     schedule:
       interval: "daily"
     commit-message:
-      prefix: "pip updated"
+      prefix: "pip"
       include: "scope"
     labels:
       - "dependencies"
@@ -18,11 +21,24 @@ updates:
 
   # Configuration for GitHub Actions
   - package-ecosystem: "github-actions"
-    directory: "/"
+    directory: "/"   # Search for ".github/workflows" on root directory
     schedule:
       interval: "daily"
     commit-message:
-      prefix: "GitHub Actions updated"
+      prefix: "GH Actions"
+      include: "scope"
+    labels:
+      - "dependencies"
+    assignees:
+      - "mitsuki31"
+
+  # Configuration for Maven
+  - package-ecosystem: "maven"
+    directory: "/"   # Search for "pom.xml" on root directory
+    schedule:
+      interval: "weekly"
+    commit-message:
+      prefix: "Maven"
       include: "scope"
     labels:
       - "dependencies"

.github/release-drafter.yml

@@ -1,9 +1,10 @@
-name-template: 'Release v$RESOLVED_VERSION'
+name-template: 'v$RESOLVED_VERSION'
 tag-template: 'v$RESOLVED_VERSION'
+
 # Categories filter
 categories:
   # New Features
-  - title: '🚀 New Features'
+  - title: '🚀 Features & Enhancements'
     labels:
       - 'feature'
       - 'enhancement'
@@ -27,13 +28,44 @@ categories:
   - title: '⛔ Removed'
     labels:
       - 'remove'
+      - 'deprecate'
   # Dependencies Updates
   - title: '🧩 Dependencies'
     labels:
       - 'dependencies'
+      - 'deps'
 exclude-labels:
   - 'skip-changelog'
 
+# Auto Labeler
+autolabeler:
+  # Documentation
+  - label: 'documentation'
+    files:
+      - '*.md'
+    branch:
+      - '/docs\/.+/'
+      - '/updatedocs\/.+/'
+  # Bug Fixes
+  - label: 'bugfix'
+    branch:
+      - '/fix\/.+/'
+      - '/fixes\/.+/'
+  # Enhancements / New Features
+  - label: 'enhancement'
+    branch:
+      - '/feature\/.+/'
+      - '/features\/.+/'
+
+  # Changes on Java code
+  - label: 'lang:java'
+    files:
+      - '*.java'
+  # Changes on Python code
+  - label: 'lang:python'
+    files:
+      - '*.py'
+
 change-template: '- $TITLE (#$NUMBER) - @$AUTHOR'
 change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks.
 version-resolver:
@@ -52,5 +84,21 @@ template: |
 
   $CHANGES
 
-  For more details, see [full changelogs](https://github.com/mitsuki31/jmatrix/compare/$PREVIOUS_TAG...$NEXT_MINOR_VERSION)
+  For more details, see the [full changelogs][changelogs].
+
+  ## 🚧 Issues
+
+  Report any issues or have any suggestions? [Create new issue][new-issue] and help us improve **JMatrix**.
+
+  ---
+
+  🛡️ [VirusTotal][virustotal] Scan Detections:
+
+  - jmatrix-$RESOLVED_VERSION.jar
+  - jmatrix-$RESOLVED_VERSION_with_sources.jar
+
 
+  <!-- LINKS -->
+  [changelogs]: https://github.com/mitsuki31/jmatrix/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION
+  [new-issue]: https://github.com/mitsuki31/jmatrix/issues/new
+  [virustotal]: https://www.virustotal.com

.github/workflows/codeql.yml

@@ -1,92 +1,69 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
+# This workflow focuses on enhancing code security and identifying
+# potential vulnerabilities in the Java codebase. The workflow is triggered
+# by push events to the "master" and "release" branches, as well as by
+# a weekly schedule. It targets Java source files located in the "src" directory.
 #
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
+# This workflow is crucial for maintaining code security and quality by
+# regularly analyzing the Java codebase for vulnerabilities and providing
+# insights to address potential security issues.
 #
+# The workflow runs on both Ubuntu and Windows platforms for comprehensive
+# code portability checks.
+
 name: "CodeQL"
 
 on:
   push:
-    branches: [ "master", "develop" ]
+    branches: [ "master", "release" ]
+    # Only run when the specific file(s) are changed
     paths:
-      - 'src/'
-      - '**/*.java'
-      - '**/*.py'
+      - 'src/**/*.java'  # All Java source files
+
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ "master", "develop" ]
+    branches: [ "master", "release" ]
+    # Only run when the specific file(s) are changed
     paths:
-      - 'src/'
-      - '**/*.java'
-      - '**/*.py'
+      - 'src/**/*.java'  # All Java source files
+
   schedule:
     - cron: '30 7 * * 6'
 
 jobs:
   analyze:
-    name: Analyze Code
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    name: ${{ matrix.os }} / Analyze Code
+    runs-on: ${{ matrix.os }}-latest
     permissions:
       actions: read
       contents: read
       security-events: write
 
+    env:
+      language: java
+      java-dist: temurin
+      java-version: 11
+
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'java', 'python' ]
+        os: [Ubuntu, Windows]  # Run on Ubuntu and Windows
 
     steps:
     - name: Checkout Repository
       uses: actions/checkout@v3
 
     # Setup the Java Virtual Machine
-    - name: Setup JVM
-      if: ${{ matrix.language == 'java' }}
+    - name: Setup JVM / ${{ matrix.os }}
       uses: actions/setup-java@v3
       with:
-        distribution: temurin
-        java-version: '11'
-
-    # Setup the Python
-    - name: Setup Python
-      if: ${{ matrix.language == 'python' }}
-      uses: actions/setup-python@v3
-      with:
-        python-version: '3.7'
-
-    # Install and setup Python dependencies
-    - name: Install Python Dependencies
-      if: ${{ matrix.language == 'python' }}
-      run: |
-        python -m pip install --upgrade pip
-        if [ -f requirements.txt ]; then
-          pip install -r requirements.txt;
-        fi
-        echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
+        distribution: ${{ env.java-dist }}
+        java-version: ${{ env.java-version }}
 
     # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
+    - name: Initialize CodeQL / ${{ matrix.os }}
       uses: github/codeql-action/init@v2
       with:
-        languages: ${{ matrix.language }}
-        # Only run if CodeQL detecting Python
-        if: ${{ matrix.language == 'python' }}
-        setup-python-dependencies: false
-
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
-
+        languages: ${{ env.language }}
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
@@ -96,14 +73,22 @@ jobs:
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
-    # Now CodeQL will checking the code with Maven
-    # instead checking it separately.
-    - name: Build the Project with Maven
+    - name: Caching Dependencies / ${{ matrix.os }}
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-${{ hashfiles('**/pom.xml') }}
+          ${{ runner.os }}-maven-
+
+    - name: Build Project / ${{ matrix.os }}
       run: |
         echo "Building the project..."
         mvn clean install
+        mvn test
 
-    - name: Perform CodeQL Analysis
+    - name: Perform CodeQL Analysis / ${{ matrix.os }}
       uses: github/codeql-action/analyze@v2
       with:
-        category: "/language:${{ matrix.language }}"
+        category: "/language:${{ env.language }}"

.github/workflows/pylint.yml

@@ -1,32 +1,54 @@
+# This workflow focuses on ensuring the quality and consistency of Python code
+# in the repository. It is triggered by both push and pull request events.
+# The workflow runs on both Ubuntu and Windows platforms, covering Python
+# versions 3.7 and 3.x (latest version).
+#
+# This workflow helps maintain code quality and adherence to coding standards
+# by regularly analyzing the Python codebase and providing insights into
+# potential issues or areas for improvement.
+#
+# NOTE:
+# The Python code is analyzed using a custom configuration file (`.pylintrc`).
+# The configuration file can be found on the root of this repository.
+
 name: PyLint
 
 on: [push, pull_request]
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    name: ${{ matrix.os }} / ${{ matrix.python-version }}
+    runs-on: ${{ matrix.os }}-latest
+
     strategy:
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
+        os: [Ubuntu, Windows]           # Run on Ubuntu and Windows
+        python-version: ["3.7", "3.x"]  # Run on Py3.7 and the latest version
+
     steps:
       # Checkout the repo
       - name: Checkout repository
         uses: actions/checkout@v3
-      
+
       # Setup Python
       - name: Set up Python ${{ matrix.python-version }}
+        id: setup-py
         uses: actions/setup-python@v3
         with:
           python-version: ${{ matrix.python-version }}
-
-      # Install the dependencies
+          architecture: x64
+          cache: 'pip'
+          cache-dependency-path: '**/requirements.txt'
+
+      # Update pip and install the PyLint
       - name: Install dependencies
+        if: ${{ steps.setup-py.outputs.cache-hit != true }}
         run: |
           echo "Updating 'pip'..."
           python -m pip install --upgrade pip
           echo "Installing 'pylint'..."
           pip install pylint
-      
+
       # Analyze the Python code
       - name: Analyzing the code with pylint
         run: |

.github/workflows/release-drafter.yml

@@ -1,11 +1,25 @@
+# The "Release Drafter" workflow automates the process of drafting
+# new releases by generating release notes based on pull requests
+# and commits. This workflow is triggered when changes are pushed to
+# the `master` branch and when pull requests are opened, reopened,
+# or synchronized.
+#
+# This workflow streamlines the process of creating informative and organized
+# release notes for each new version of the project. It ensures that
+# the release notes accurately reflect the changes introduced by pull requests
+# and commits, enhancing transparency and communication with users and contributors.
+#
+# For more details about Release Drafter, consider refer to link below.
+#   https://github.com/release-drafter/release-drafter
+
 name: Release Drafter
 
 on:
   push:
     # branches to consider in the event; optional, defaults to all
     branches:
       - master
-      # - develop
+
   # pull_request event is required only for autolabeler
   pull_request:
     # Only following types are handled by the action, but one can default to all as well

.github/workflows/virus-scan.yml

@@ -1,4 +1,10 @@
-name: Scan Virus on Releases
+# This workflow is triggered upon the publication of a release.
+# It performs a virus scan on the released files using the VirusTotal API.
+# Designed to enhance the security of the release process by performing
+# virus scans on the released ".jar" files using the VirusTotal service.
+
+
+name: VirusTotal Scan
 
 on:
   release: