merge main

.github/CODEOWNERS

@@ -0,0 +1,26 @@
+# anything with no explicit code owners will be tagged to @core-devs
+*   @napari/core-devs
+
+# submodules
+napari/_vispy/      @brisvag @melonora
+napari/_qt/         @Czaki @DragaDoncila @psobolewskiPhD
+napari/_app_model/  @lucyleeow @DragaDoncila
+napari/benchmarks/  @Czaki @jni
+napari/plugins/     @Czaki @DragaDoncila @lucyleeow
+napari/qt/          @Czaki @jni
+napari/settings/    @Czaki @jni
+
+# specific layers
+napari/layers/image/    @Czaki @brisvag @andy-sweet @kephale
+napari/layers/labels/   @jni @Czaki @brisvag
+napari/layers/points/   @brisvag @kevinyamauchi @andy-sweet @DragaDoncila @kephale
+napari/layers/shapes/   @kevinyamauchi @DragaDoncila @melonora
+napari/layers/surface/  @brisvag @kevinyamauchi @Czaki
+napari/layers/tracks/   @jni @andy-sweet
+napari/layers/vectors/  @brisvag @kevinyamauchi @andy-sweet
+
+# docs
+examples/                            @melissawm @psobolewskiPhD @lucyleeow
+.github/workflows/build_docs.yml     @melissawm @psobolewskiPhD @lucyleeow
+.github/workflows/deploy_docs.yml    @melissawm @psobolewskiPhD
+.github/workflows/circleci.yml       @melissawm @psobolewskiPhD

.github/CONTRIBUTING.md

@@ -0,0 +1,50 @@
+# Contributing to GitHub workflows and actions
+
+*Created: 2024-11-11; Updated:*
+
+See the napari website for more detailed contributor information:
+- [deployment](https://napari.org/stable/developers/contributing/documentation/docs_deployment.html)
+- [contributing guide](https://napari.org/stable/developers/contributing/index.html)
+- [core developer guide](https://napari.org/stable/developers/coredev/core_dev_guide.html)
+
+## Workflows and actions
+
+There are over 20 GitHub workflows found in `.github/workflows`.
+The team creates a workflow to automate manual actions and steps.
+This results in improved accuracy and quality. Some key workflows:
+- `actionlint.yml` does static testing of GitHub action workflows
+- benchmarks
+- `reusable_run_tox_test.yml` uses our constraint files to install the
+  compatible dependencies for each test environment which may differ
+  by OS and qt versions. It is called from `test_pull_request.yml` and `test_comprehensive.yml`, not directly. 
+- `upgrade_test_constraints.yml` automates upgrading dependencies for
+  our test environments. It also has extensive commenting on what the
+  upgrade process entails.
+
+If adding a workflow, please take a moment to explain its purpose at the
+top of its file.
+
+## Templates
+
+Used to provide a consistent user experience when submitting an issue or PR.
+napari uses the following:
+- `PULL_REQUEST_TEMPLATE.md`
+- `ISSUE_TEMPLATE` directory containing:
+   - `config.yml` to add the menu selector when "New Issue" button is pressed
+   - `design_related.md`
+   - `documentation.md`
+   - `feature_request.md`
+   - `bug_report.yml` config file to provide text areas for users to complete for bug reports.
+- `FUNDING.yml`: redirect GitHub to napari NumFOCUS account
+- Testing and bots
+   - `missing_translations.md`: used if an action detects a missing language translation
+   - `dependabot.yml`: opens a PR to notify maintainers of updates to dependencies
+   - `labeler.yml` is a labels config file for labeler action
+   - `BOT_REPO_UPDATE_FAIL_TEMPLATE.md` is an bot failure notification template
+   - `TEST_FAIL_TEMPLATE.md` is a test failure notification template
+
+## CODEOWNERS
+
+This `CODEOWNERS` file identifies which individuals are notified if a
+particular file or directory is found in a PR. Core team members can
+update if desired.

.github/PULL_REQUEST_TEMPLATE.md

@@ -15,5 +15,8 @@ a screenshot or a screen capture: "An image is worth a thousand words!" -->
   (open a PR on the docs repository (https://github.com/napari/docs) if relevant!)
 - I have added tests that prove my fix is effective or that my feature works
 - If I included new strings, I have used `trans._("some string")` to make them localizable.
-  (For more information see our [translations guide](https://napari.org/developers/translations.html)).
+  (For more information see our [translations guide](https://napari.org/stable/developers/contributing/translations.html)).
+- If an API has been modified, I have added a `.. versionadded::` or `.. versionchanged::`
+  directive to the appropriate docstring (For more information see
+  [the Sphinx documentation](https://www.sphinx-doc.org/en/master/usage/restructuredtext/directives.html#describing-changes-between-versions)).
 -->

.github/labeler.yml

@@ -1,4 +1,7 @@
-# See: .github/workflows/labeler.yml and https://github.com/marketplace/actions/labeler
+# This config file maps code base files to GitHub labels.
+# We use `.github/workflow/labeler.yml` action and use this file to apply labels to PRs.
+# Repo: https://github.com/actions/labeler
+# Marketplace Action docs: https://github.com/marketplace/actions/labeler
 design:
   - changed-files:
     - any-glob-to-any-file: 'napari/_qt/qt_resources/**/*'

.github/workflows/actionlint.yml

@@ -0,0 +1,19 @@
+name: Actionlint
+# https://github.com/rhysd/actionlint
+
+on:
+  pull_request:
+    paths:
+      - '.github/**'
+
+jobs:
+  actionlint:
+    name: Action lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Check workflow files
+        run: |
+          bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
+          ./actionlint -color -ignore SC2129
+        shell: bash

.github/workflows/benchmarks.yml

@@ -73,6 +73,8 @@ jobs:
 
       - name: Setup asv
         run: python -m pip install "asv[virtualenv]"
+        env:
+          PIP_CONSTRAINT: resources/constraints/benchmark.txt
 
       - uses: octokit/[email protected]
         id: latest_release
@@ -89,8 +91,11 @@ jobs:
           # asv will checkout commits, which might contain LFS artifacts; ignore those errors since
           # they are probably just documentation PNGs not needed here anyway
           GIT_LFS_SKIP_SMUDGE: 1
+          HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+          PIP_CONSTRAINT: ${{ github.workspace }}/resources/constraints/benchmark.txt
         run: |
           set -euxo pipefail
+          read -ra cmd_options <<< "$ASV_OPTIONS"
 
           # ID this runner
           asv machine --yes
@@ -100,7 +105,7 @@ jobs:
             BASE_REF=${{ github.event.pull_request.base.sha }}
             CONTENDER_REF=${GITHUB_SHA}
             echo "Baseline:  ${BASE_REF} (${{ github.event.pull_request.base.label }})"
-            echo "Contender: ${CONTENDER_REF} (${{ github.event.pull_request.head.label }})"
+            echo "Contender: ${CONTENDER_REF} ($HEAD_LABEL)"
           elif [[ $GITHUB_EVENT_NAME == schedule ]]; then
             EVENT_NAME="cronjob"
             BASE_REF="${{ fromJSON(steps.latest_release.outputs.data).target_commitish }}"
@@ -115,12 +120,12 @@ jobs:
             echo "Contender: ${CONTENDER_REF} (workflow input)"
           fi
 
-          echo "EVENT_NAME=$EVENT_NAME" >> $GITHUB_ENV
-          echo "BASE_REF=$BASE_REF" >> $GITHUB_ENV
-          echo "CONTENDER_REF=$CONTENDER_REF" >> $GITHUB_ENV
+          echo "EVENT_NAME=$EVENT_NAME" >> "$GITHUB_ENV"
+          echo "BASE_REF=$BASE_REF" >> "$GITHUB_ENV"
+          echo "CONTENDER_REF=$CONTENDER_REF" >> "$GITHUB_ENV"
 
           # Run benchmarks for current commit against base
-          asv continuous $ASV_OPTIONS -b '${{ matrix.selection-regex }}' ${BASE_REF} ${CONTENDER_REF} \
+          asv continuous "${cmd_options[@]}" -b "${{ matrix.selection-regex }}" "${BASE_REF}" "${CONTENDER_REF}" \
           | sed -E "/Traceback | failed$|PERFORMANCE DECREASED/ s/^/::error:: /" \
           | tee asv_continuous.log
 
@@ -163,6 +168,9 @@ jobs:
           "[CI logs and artifacts](||BENCHMARK_CI_LOGS_URL||) for further details." \
           > .asv/results/message_${{ matrix.benchmark-name }}.txt
 
+          awk  '/Benchmark.*Parameter/,/SOME BENCHMARKS HAVE CHANGED SIGNIFICANTLY/' asv_continuous.log \
+          >> .asv/results/message_${{ matrix.benchmark-name }}.txt
+
           fi
 
       - uses: actions/upload-artifact@v4

.github/workflows/benchmarks_report.yml

@@ -63,7 +63,7 @@ jobs:
       - name: Collect PR number if available
         run: |
           if [[ -f pr_number ]]; then
-            echo "PR_NUMBER=$(cat pr_number)" >> $GITHUB_ENV
+            echo "PR_NUMBER=$(cat pr_number)" >> "$GITHUB_ENV"
           fi
 
       - name: "Comment on PR"

.github/workflows/deploy_docs.yml

@@ -4,6 +4,8 @@ on:
   push:
     branches:
       - main
+    tags:
+      - "v*"
   workflow_dispatch:
 
 concurrency:
@@ -16,6 +18,22 @@ jobs:
     name: Build docs on napari/docs
     runs-on: ubuntu-latest
     steps:
+      - name: get directory name
+        # if this is a tag, use the tag name as the directory name else dev
+        env:
+          REF: ${{ github.ref }}
+        run: |
+          TAG="${GITHUB_REF/refs\/tags\/v/}"
+          VER="${TAG/a*/}"  # remove alpha identifier
+          VER="${VER/b*/}"  # remove beta identifier
+          VER="${VER/rc*/}"  # remove rc identifier
+          VER="${VER/post*/}"  # remove post identifier
+
+          if [[ "$REF" == "refs/tags/v"* ]]; then
+            echo "branch_name=$VER" >> "$GITHUB_ENV"
+          else
+            echo "branch_name=dev" >> "$GITHUB_ENV"
+          fi
       - name: Trigger workflow and wait
         uses: convictional/[email protected]
         with:
@@ -25,3 +43,4 @@ jobs:
           workflow_file_name: build_and_deploy.yml
           trigger_workflow: true
           wait_workflow: true
+          client_payload: '{"target_directory": "${{ env.branch_name }}"}'

.github/workflows/docker-singularity-publish.yml → .github/workflows/docker-publish.yml

@@ -1,4 +1,4 @@
-name: Docker and Singularity build
+name: Docker build
 
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
@@ -10,7 +10,7 @@ on:
 
   pull_request:
     paths:
-      - '.github/workflows/docker-singularity-publish.yaml'
+      - '.github/workflows/docker-publish.yml'
 
 #  schedule:
 #    - cron: '31 0 * * *'
@@ -48,7 +48,7 @@ jobs:
       # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3.2.0
+        uses: docker/login-action@v3.3.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -81,7 +81,7 @@ jobs:
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         id: docker_build
         with:
           context: .
@@ -97,53 +97,3 @@ jobs:
       - name: Test Docker image
         run: |
           docker run --rm --entrypoint=/bin/bash ${{ steps.docker_build.outputs.imageid }} -ec "python3 -m napari --version"
-
-# ----
-
-  build2:
-    needs: build1
-    runs-on: ubuntu-latest
-    container:
-      image: quay.io/singularity/docker2singularity:v4.1.0
-      options: --privileged
-    permissions:
-      contents: read
-      packages: write
-    strategy:
-      fail-fast: false
-      matrix:
-        recipe: ["Singularity"]
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Continue if Singularity Recipe Exists
-        run: |
-          if [[ -f "${{ matrix.recipe }}" ]]; then
-            echo "keepgoing=true" >> $GITHUB_ENV
-          fi
-
-      - name: Build Container
-        if: ${{ env.keepgoing == 'true' }}
-        env:
-          recipe: ${{ matrix.recipe }}
-        run: |
-          ls
-          if [ -f "${{ matrix.recipe }}" ]; then
-             singularity build container.sif ${{ matrix.recipe }}
-             tag=latest
-          fi
-          # Build the container and name by tag
-          echo "Tag is $tag."
-          echo "tag=$tag" >> $GITHUB_ENV
-
-      - name: Login and Deploy Container
-        if: (github.event_name != 'pull_request')
-        env:
-          keepgoing: ${{ env.keepgoing }}
-        run: |
-          if [[ "${keepgoing}" == "true" ]]; then
-              echo ${{ secrets.GITHUB_TOKEN }} | singularity remote login -u ${{ secrets.GHCR_USERNAME }} --password-stdin oras://ghcr.io
-              singularity push container.sif oras://ghcr.io/${GITHUB_REPOSITORY}:${tag}
-          fi

.github/workflows/edit_pr_description.yml

@@ -1,5 +1,5 @@
-name: Remove html In PR description
-# see https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
+name: Clean up PR description
+
 on:
   # see https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
   pull_request_target:
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   check_labels:
-    name: Remove html comments.
+    name: Remove html comments
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4