ci: fix hashFiles expression syntax in workflow

Author: pynip

.github/workflows/ci.yml

@@ -22,10 +22,10 @@ jobs:
           swift --version || echo 'swift not installed'
           python --version
       - name: Build
-        if: hashFiles('Package.swift') != ''
+        if: ${{ hashFiles('Package.swift') != '' }}
         run: swift build -v
       - name: Test
-        if: hashFiles('Package.swift') != ''
+        if: ${{ hashFiles('Package.swift') != '' }}
         run: swift test -v
       - name: Validate YAML configs
         run: |
@@ -45,9 +45,14 @@ jobs:
           LOC=$(jq '.SUM.code' loc.json || echo 0)
           mkdir -p badges
           echo "<svg xmlns='http://www.w3.org/2000/svg' width='150' height='20'><rect rx='3' width='150' height='20' fill='#555'/><rect rx='3' x='60' width='90' height='20' fill='#007ec6'/><text x='30' y='14' fill='#fff' font-family='Verdana' font-size='11'>loc</text><text x='105' y='14' fill='#fff' font-family='Verdana' font-size='11'>${LOC}</text></svg>" > badges/loc.svg
+          # If README previously used shields placeholder, update it.
           if grep -q "loc-dynamic" README.md; then
             sed -i '' "s|loc-dynamic-lightblue|loc-${LOC}-blue|" README.md || true
           fi
+          # If README still has an old shields numeric badge, optionally switch to local SVG once.
+          if grep -q "https://img.shields.io/badge/loc-" README.md; then
+            perl -i -pe 's|!\[Lines of Code\]\(https://img.shields.io/badge/loc-[0-9]+-blue\)|![Lines of Code](badges/loc.svg)|' README.md || true
+          fi
           git config user.name 'github-actions'
           git config user.email '[email protected]'
           git add badges/loc.svg README.md || true
@@ -64,7 +69,7 @@ jobs:
           folder-path: '.'
   swift-lint:
     runs-on: macos-14
-    if: hashFiles('Package.swift') != ''
+    if: ${{ hashFiles('Package.swift') != '' }}
     steps:
       - uses: actions/checkout@v4
       - name: Install SwiftFormat (placeholder)

.github/workflows/project-sync.yml

@@ -0,0 +1,205 @@
+name: Project Sync
+
+on:
+  push:
+    branches: [ main, '**' ]
+  pull_request:
+    types: [opened, reopened, synchronize]
+  issues:
+    types: [opened]
+
+permissions:
+  contents: read
+  issues: write
+  pull-requests: read
+  projects: write
+
+env:
+  # Set these to match your environment.
+  GITHUB_USER: pynip
+  # Replace with the numeric project number for "Virtualization Studio ARM macOS"
+  PROJECT_NUMBER: 3  # <-- UPDATE this after creating the project
+  # Status names expected in the project's single-select Status field
+  STATUS_TODO_NAME: "To do"
+  STATUS_INPROGRESS_NAME: "In Progress"
+  STATUS_DONE_NAME: "Done"
+
+jobs:
+  add-new-issues:
+    name: Add newly opened issues to project (To do)
+    if: github.event_name == 'issues'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Add to project
+        uses: actions/[email protected]
+        with:
+          project-url: https://github.com/users/${{ env.GITHUB_USER }}/projects/${{ env.PROJECT_NUMBER }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+  sync-from-push:
+    name: Sync referenced issues from push commits
+    if: github.event_name == 'push'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Extract issue numbers from commit messages
+        id: extract
+        run: |
+          issues=$(echo "${{ toJson(github.event.commits) }}" | jq -r '.[].message' | grep -Eo '#[0-9]+' | tr -d '#' | sort -u || true)
+          if [ -n "$issues" ]; then
+            echo "issues=$issues" >> $GITHUB_OUTPUT
+          else
+            echo "issues=" >> $GITHUB_OUTPUT
+          fi
+      - name: Add referenced issues to project (if any)
+        if: steps.extract.outputs.issues != ''
+        uses: actions/[email protected]
+        with:
+          project-url: https://github.com/users/${{ env.GITHUB_USER }}/projects/${{ env.PROJECT_NUMBER }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          content-id: ${{ steps.extract.outputs.issues }}
+        continue-on-error: true
+      - name: Prepare status update script
+        if: steps.extract.outputs.issues != ''
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - name: Update status for closed issues (Done)
+        if: steps.extract.outputs.issues != ''
+        run: |
+          sudo apt-get update && sudo apt-get install -y jq
+          curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
+          sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
+          sudo apt-get update && sudo apt-get install gh -y
+          gh auth status || gh auth login --with-token <<<"${GITHUB_TOKEN}"
+          LOGIN=${{ env.GITHUB_USER }}
+          PROJECT_NUM=${{ env.PROJECT_NUMBER }}
+          ISSUES="${{ steps.extract.outputs.issues }}"
+          # Fetch project + status field metadata
+          projectQuery='query($login:String!,$number:Int!){ user(login:$login){ projectV2(number:$number){ id fields(first:50){ nodes { __typename ... on ProjectV2SingleSelectField { id name options { id name } } } } items(first:200){ nodes { id content { __typename ... on Issue { number id state } } } } } } }'
+          resp=$(gh api graphql -f query="$projectQuery" -F login="$LOGIN" -F number=$PROJECT_NUM)
+          projectId=$(echo "$resp" | jq -r '.data.user.projectV2.id')
+          statusFieldId=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .id')
+          optDone=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .options[] | select(.name=="'"${STATUS_DONE_NAME}"'") | .id')
+          optInProg=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .options[] | select(.name=="'"${STATUS_INPROGRESS_NAME}"'") | .id')
+          for issue in $ISSUES; do
+            state=$(gh api repos/${{ github.repository }}/issues/$issue --jq '.state')
+            # Find item id in project
+            itemId=$(echo "$resp" | jq -r --arg n "$issue" '.data.user.projectV2.items.nodes[] | select(.content.number==($n|tonumber)) | .id')
+            if [ -z "$itemId" ]; then
+              # Attempt to add
+              addMutation='mutation($project:ID!,$issue:ID!){ addProjectV2ItemById(input:{projectId:$project contentId:$issue}){ item { id } } }'
+              issueNode=$(gh api graphql -f query='query($owner:String!,$repo:String!,$num:Int!){ repository(owner:$owner,name:$repo){ issue(number:$num){ id } } }' -F owner='${{ github.repository_owner }}' -F repo='${{ github.event.repository.name }}' -F num=$issue --jq '.data.repository.issue.id')
+              gh api graphql -f query="$addMutation" -f project=$projectId -f issue=$issueNode >/dev/null || true
+              # Refresh project items for new item
+              resp=$(gh api graphql -f query="$projectQuery" -F login="$LOGIN" -F number=$PROJECT_NUM)
+              itemId=$(echo "$resp" | jq -r --arg n "$issue" '.data.user.projectV2.items.nodes[] | select(.content.number==($n|tonumber)) | .id')
+            fi
+            if [ "$state" = "closed" ]; then
+              # Set Done
+              updateMutation='mutation($project:ID!,$item:ID!,$field:ID!,$option: String!){ updateProjectV2ItemFieldValue(input:{projectId:$project,itemId:$item,fieldId:$field,value:{singleSelectOptionId:$option}}){ projectV2Item { id } } }'
+              gh api graphql -f query="$updateMutation" -f project=$projectId -f item=$itemId -f field=$statusFieldId -f option=$optDone >/dev/null || true
+            else
+              # Mark In Progress when there is at least one commit referencing it
+              updateMutation='mutation($project:ID!,$item:ID!,$field:ID!,$option: String!){ updateProjectV2ItemFieldValue(input:{projectId:$project,itemId:$item,fieldId:$field,value:{singleSelectOptionId:$option}}){ projectV2Item { id } } }'
+              gh api graphql -f query="$updateMutation" -f project=$projectId -f item=$itemId -f field=$statusFieldId -f option=$optInProg >/dev/null || true
+            fi
+          done
+
+  sync-from-pr:
+    name: Sync referenced issues from PR
+    if: github.event_name == 'pull_request'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Gather referenced issues
+        id: refs
+        run: |
+          body="${{ github.event.pull_request.body }}\n${{ github.event.pull_request.title }}"
+          issues=$(echo "$body" | grep -Eo '#[0-9]+' | tr -d '#' | sort -u || true)
+          echo "issues=$issues" >> $GITHUB_OUTPUT
+      - name: Install gh + jq
+        if: steps.refs.outputs.issues != ''
+        run: |
+          sudo apt-get update && sudo apt-get install -y jq
+          curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
+          sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
+          sudo apt-get update && sudo apt-get install gh -y
+      - name: Update project status -> In Progress
+        if: steps.refs.outputs.issues != ''
+        env:
+          ISSUES: ${{ steps.refs.outputs.issues }}
+        run: |
+          gh auth status || gh auth login --with-token <<<"${GITHUB_TOKEN}"
+          LOGIN=${{ env.GITHUB_USER }}
+          PROJECT_NUM=${{ env.PROJECT_NUMBER }}
+          projectQuery='query($login:String!,$number:Int!){ user(login:$login){ projectV2(number:$number){ id fields(first:50){ nodes { __typename ... on ProjectV2SingleSelectField { id name options { id name } } } } items(first:200){ nodes { id content { __typename ... on Issue { number id state } } } } } } }'
+          resp=$(gh api graphql -f query="$projectQuery" -F login="$LOGIN" -F number=$PROJECT_NUM)
+          projectId=$(echo "$resp" | jq -r '.data.user.projectV2.id')
+          statusFieldId=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .id')
+          optInProg=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .options[] | select(.name=="'"${STATUS_INPROGRESS_NAME}"'") | .id')
+          updateMutation='mutation($project:ID!,$item:ID!,$field:ID!,$option: String!){ updateProjectV2ItemFieldValue(input:{projectId:$project,itemId:$item,fieldId:$field,value:{singleSelectOptionId:$option}}){ projectV2Item { id } } }'
+          for issue in $ISSUES; do
+            itemId=$(echo "$resp" | jq -r --arg n "$issue" '.data.user.projectV2.items.nodes[] | select(.content.number==($n|tonumber)) | .id')
+            if [ -z "$itemId" ]; then
+              # Add issue first
+              issueNode=$(gh api graphql -f query='query($owner:String!,$repo:String!,$num:Int!){ repository(owner:$owner,name:$repo){ issue(number:$num){ id } } }' -F owner='${{ github.repository_owner }}' -F repo='${{ github.event.repository.name }}' -F num=$issue --jq '.data.repository.issue.id')
+              addMutation='mutation($project:ID!,$issue:ID!){ addProjectV2ItemById(input:{projectId:$project contentId:$issue}){ item { id } } }'
+              gh api graphql -f query="$addMutation" -f project=$projectId -f issue=$issueNode >/dev/null || true
+              # Refresh
+              resp=$(gh api graphql -f query="$projectQuery" -F login="$LOGIN" -F number=$PROJECT_NUM)
+              itemId=$(echo "$resp" | jq -r --arg n "$issue" '.data.user.projectV2.items.nodes[] | select(.content.number==($n|tonumber)) | .id')
+            fi
+            gh api graphql -f query="$updateMutation" -f project=$projectId -f item=$itemId -f field=$statusFieldId -f option=$optInProg >/dev/null || true
+          done
+
+  finalize-merged:
+    name: Mark closed issues Done after merge
+    if: github.event_name == 'pull_request' && github.event.pull_request.merged == true
+    runs-on: ubuntu-latest
+    steps:
+      - name: Extract issues from PR body/title
+        id: issues
+        run: |
+          body="${{ github.event.pull_request.body }}\n${{ github.event.pull_request.title }}"
+          issues=$(echo "$body" | grep -Eo '#[0-9]+' | tr -d '#' | sort -u || true)
+          echo "issues=$issues" >> $GITHUB_OUTPUT
+      - name: Install gh + jq
+        if: steps.issues.outputs.issues != ''
+        run: |
+          sudo apt-get update && sudo apt-get install -y jq
+          curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
+          sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
+          sudo apt-get update && sudo apt-get install gh -y
+      - name: Set Status=Done
+        if: steps.issues.outputs.issues != ''
+        env:
+          ISSUES: ${{ steps.issues.outputs.issues }}
+        run: |
+          gh auth status || gh auth login --with-token <<<"${GITHUB_TOKEN}"
+          LOGIN=${{ env.GITHUB_USER }}
+            PROJECT_NUM=${{ env.PROJECT_NUMBER }}
+          projectQuery='query($login:String!,$number:Int!){ user(login:$login){ projectV2(number:$number){ id fields(first:50){ nodes { __typename ... on ProjectV2SingleSelectField { id name options { id name } } } } items(first:200){ nodes { id content { __typename ... on Issue { number id state } } } } } } }'
+          resp=$(gh api graphql -f query="$projectQuery" -F login="$LOGIN" -F number=$PROJECT_NUM)
+          projectId=$(echo "$resp" | jq -r '.data.user.projectV2.id')
+          statusFieldId=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .id')
+          optDone=$(echo "$resp" | jq -r '.data.user.projectV2.fields.nodes[] | select(.name=="Status") | .options[] | select(.name=="'"${STATUS_DONE_NAME}"'") | .id')
+          updateMutation='mutation($project:ID!,$item:ID!,$field:ID!,$option: String!){ updateProjectV2ItemFieldValue(input:{projectId:$project,itemId:$item,fieldId:$field,value:{singleSelectOptionId:$option}}){ projectV2Item { id } } }'
+          for issue in $ISSUES; do
+            itemId=$(echo "$resp" | jq -r --arg n "$issue" '.data.user.projectV2.items.nodes[] | select(.content.number==($n|tonumber)) | .id')
+            if [ -n "$itemId" ]; then
+              gh api graphql -f query="$updateMutation" -f project=$projectId -f item=$itemId -f field=$statusFieldId -f option=$optDone >/dev/null || true
+            fi
+          done
+
+  notes:
+    name: Guidance (no-op)
+    runs-on: ubuntu-latest
+    steps:
+      - name: Display guidance
+        run: |
+          echo "Project Sync workflow installed. IMPORTANT:"
+          echo "1. Update PROJECT_NUMBER in the workflow to match your project's number."
+          echo "2. Ensure the project has a 'Status' single-select field with options: To do, In Progress, Done."
+          echo "3. (Optional) Configure built-in project workflows: On item added -> Status=To do; On item closed -> Status=Done."

CODE_OF_CONDUCT.md

@@ -16,7 +16,7 @@ Unacceptable behaviors include:
 - Publishing others' private information
 
 ## Reporting
-Report issues to the maintainers via [email protected] (replace with real address). Include:
+Report issues to the maintainers via [email protected] Include:
 - Description
 - Links/logs
 - Reproduction steps

SECURITY.md

@@ -4,7 +4,7 @@
 Prototype phase: no formal versioning yet. Main branch is mutable.
 
 ## Reporting a Vulnerability
-Please email [email protected] (replace with real address) with:
+Please email [email protected] with:
 - Description & impact assessment
 - Reproduction steps / PoC
 - Suggested remediation (if available)

Sources/VMCore/VirtualizationController.swift

@@ -72,17 +72,23 @@ public final class VirtualizationController: NSObject, VirtualMachineControlling
         }
         // Shared folders (placeholder): In future use VZVirtioFileSystemDeviceConfiguration (virtio-fs)
         if !configuration.sharedFolders.isEmpty {
-            for folder in configuration.sharedFolders {
-                LoggerFacade.info(.lifecycle, "Shared folder host=\(folder.hostPath.path) guest=\(folder.guestPath) ro=\(folder.readOnly)")
-            }
             #if canImport(Virtualization)
-            // Current approach: expose only the first shared folder via virtio-fs (tag: "share0")
-            if let first = configuration.sharedFolders.first {
-                let share = VZSingleDirectoryShare(directory: first.hostPath)
-                let fsConfig = VZVirtioFileSystemDeviceConfiguration(tag: "share0")
+            var fsDevices: [VZVirtioFileSystemDeviceConfiguration] = []
+            let maxExports = 8 // pragmatic upper bound; adjust if framework allows more
+            for (idx, folder) in configuration.sharedFolders.enumerated() {
+                LoggerFacade.info(.lifecycle, "Shared folder host=\(folder.hostPath.path) guest=\(folder.guestPath) ro=\(folder.readOnly)")
+                if idx >= maxExports { LoggerFacade.error(.lifecycle, "Exceeded max shared folder exports (\(maxExports)); remaining ignored"); break }
+                let share = VZSingleDirectoryShare(directory: folder.hostPath)
+                let tag = "share\(idx)" // unique tag per export
+                let fsConfig = VZVirtioFileSystemDeviceConfiguration(tag: tag)
                 fsConfig.share = share
-                cfg.directorySharingDevices = [fsConfig]
-                LoggerFacade.info(.lifecycle, "Configured virtio-fs tag=share0 (only first folder exported)")
+                fsDevices.append(fsConfig)
+            }
+            if !fsDevices.isEmpty { cfg.directorySharingDevices = fsDevices }
+            LoggerFacade.info(.lifecycle, "Configured virtio-fs exports count=\(fsDevices.count)")
+            #else
+            for folder in configuration.sharedFolders {
+                LoggerFacade.info(.lifecycle, "(no-virt) Shared folder declared host=\(folder.hostPath.path) guest=\(folder.guestPath)")
             }
             #endif
         }