quarto-dev
diff --git a/‎.github/DISCUSSION_TEMPLATE/q-a.yml‎
Lines changed: 23 additions & 4 deletions b/‎.github/DISCUSSION_TEMPLATE/q-a.yml‎
Lines changed: 23 additions & 4 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/bug_report.yml‎
Lines changed: 52 additions & 6 deletions b/‎.github/ISSUE_TEMPLATE/bug_report.yml‎
Lines changed: 52 additions & 6 deletions
diff --git a/‎.github/pull_request_template.md‎
Lines changed: 4 additions & 1 deletion b/‎.github/pull_request_template.md‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎.github/workflows/actions/quarto-dev/action.yml‎
Lines changed: 22 additions & 4 deletions b/‎.github/workflows/actions/quarto-dev/action.yml‎
Lines changed: 22 additions & 4 deletions
diff --git a/‎.github/workflows/actions/sign-files/action.yml‎
Lines changed: 97 additions & 0 deletions b/‎.github/workflows/actions/sign-files/action.yml‎
Lines changed: 97 additions & 0 deletions
@@ -28,7 +28,11 @@ body:
         print("Hello, world!")
         ```
 
-        ![A placeholder image](https://placehold.co/600x400.png)
+        ![An image]({{< placeholder 600 400 >}}){#fig-placeholder}
+
+        {{< lipsum 1 >}}
+
+        A reference to @fig-placeholder.
 
         The end.
         ````
@@ -49,16 +53,31 @@ body:
       placeholder: |
         You can include Quarto document code which includes code blocks like this:
 
+        `````md
         ````qmd
         ---
-        title: "Hello Quarto!"
+        title: "Reproducible Quarto Document"
         format: html
+        engine: jupyter
         ---
 
-        ```py
-        print("Hello Quarto!")
+        This is a reproducible Quarto document using `format: html`.
+        It is written in Markdown and contains embedded Python code.
+        When you run the code, it will produce a message.
+
+        ```{python}
+        print("Hello, world!")
         ```
+
+        ![An image]({{< placeholder 600 400 >}}){#fig-placeholder}
+
+        {{< lipsum 1 >}}
+
+        A reference to @fig-placeholder.
+
+        The end.
         ````
+        `````
 
         ---
 
 
@@ -7,9 +7,13 @@ body:
     attributes:
       value: |
         Welcome to the quarto GitHub repository!
-
         We are always happy to hear feedback from our users.
 
+        This is the repository for the command-line program `quarto`:
+
+        - If you're reporting an issue with the VS Code extension, please visit https://github.com/quarto-dev/quarto
+        - If you're reporting an issue inside RStudio, please visit https://github.com/rstudio/rstudio
+
         Quarto is under active development!
         If convenient, we'd appreciate if you could check that the issue persists on the [latest pre-release](https://github.com/quarto-dev/quarto-cli/releases).
 
@@ -20,6 +24,37 @@ body:
 
         Thank you for using Quarto!
 
+        ---
+
+        You can share a Quarto document using the following syntax, _i.e._, using more backticks than you have in your document (usually four ` ```` `).
+        For example with Quarto CLI >=1.5:
+
+        `````md
+        ````qmd
+        ---
+        title: "Reproducible Quarto Document"
+        format: html
+        engine: jupyter
+        ---
+
+        This is a reproducible Quarto document using `format: html`.
+        It is written in Markdown and contains embedded Python code.
+        When you run the code, it will produce a message.
+
+        ```{python}
+        print("Hello, world!")
+        ```
+
+        ![An image]({{< placeholder 600 400 >}}){#fig-placeholder}
+
+        {{< lipsum 1 >}}
+
+        A reference to @fig-placeholder.
+
+        The end.
+        ````
+        `````
+
   - type: textarea
     attributes:
       label: Bug description
@@ -35,22 +70,31 @@ body:
       placeholder: |
         You can share a Quarto document using the following syntax, _i.e._, using more backticks than you have in your document (usually four ` ```` `).
 
+        `````md
         ````qmd
         ---
         title: "Reproducible Quarto Document"
         format: html
+        engine: jupyter
         ---
 
         This is a reproducible Quarto document using `format: html`.
-        It is written in Markdown and contains embedded R code.
-        When you run the code, it will produce a plot.
+        It is written in Markdown and contains embedded Python code.
+        When you run the code, it will produce a message.
 
-        ```{r}
-        plot(cars)
+        ```{python}
+        print("Hello, world!")
         ```
 
+        ![An image]({{< placeholder 600 400 >}}){#fig-placeholder}
+
+        {{< lipsum 1 >}}
+
+        A reference to @fig-placeholder.
+
         The end.
         ````
+        `````
 
   - type: textarea
     attributes:
@@ -80,7 +124,9 @@ body:
         ```bash
         quarto check
         ```
-  
+    validations:
+      required: true
+
   - type: markdown
     attributes:
       value: "_Thanks for submitting this bug report!_"
@@ -24,4 +24,7 @@ I have (if applicable):
 
 - [ ] filed a [contributor agreement](https://github.com/quarto-dev/quarto-cli/blob/main/CONTRIBUTING.md).
 - [ ] referenced the GitHub issue this PR closes
-- [ ] updated the appropriate changelog
+- [ ] updated the appropriate changelog in the PR
+- [ ] ensured the present test suite passes
+- [ ] added new tests
+- [ ] created a separate documentation PR in [Quarto's website repo](https://github.com/quarto-dev/quarto-web/) and linked it to this PR
@@ -42,10 +42,28 @@ runs:
           echo "Unexpected package/dist/share path detected: $(quarto --paths)"
           Exit 1 
         }
-        If ( "$(git status --porcelain)" -ne "" ) {
-          echo "Uncommitted changes detected:"
-          git status --porcelain
-          Exit 1 
+        # check if configure is modifying some files as it should not
+        $modifiedFiles = git diff --name-only
+        If ($modifiedFiles -ne "") {
+
+          # Convert the list to an array
+          $modifiedFilesArray = $modifiedFiles -split "`n" | ForEach-Object { $_.Trim() }
+
+          If ($modifiedFilesArray -contains "tests/uv.lock") {
+            Write-Output "::warning::test/uv.lock has been modified."
+            $modifiedFilesArray = $modifiedFilesArray | Where-Object { $_ -notmatch "uv.lock" }
+          }
+
+          # Count the number of modified files
+          $modifiedFilesCount = $modifiedFilesArray.Count
+
+          If ($modifiedFilesCount -ge 1) {
+            Write-Output "::error::Uncommitted changes detected."
+            foreach ($file in $modifiedFilesArray) {
+              Write-Output $file
+            }
+            Exit 1
+          }
         }
 
     - name: Quarto Check
 
@@ -0,0 +1,97 @@
+name: "Signing file"
+description: "Install and configure the environment to then do the signing of files."
+inputs:
+  paths:
+    description: "Paths to sign"
+    required: true
+  signtools-extra-args:
+    description: "Additionnal arguments to pass to signtool"
+outputs:
+  cert_path:
+    description: "certificate path"
+    value: ${{ steps.setup-cert.outputs.SM_CLIENT_CERT_FILE }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Setup for SMCTL authentication
+      id: setup-cert
+      shell: pwsh
+      run: |
+        Write-Output "::group::Check for required environment variable"
+        if (-not $env:SM_CLIENT_CERT_FILE_B64) {
+          Write-Output "::error title=Environment Variable Error::SM_CLIENT_CERT_FILE_B64 is not set"
+          exit 1
+        } else {
+          Write-Output "SM_CLIENT_CERT_FILE_B64 is set correctly"
+        }
+        Write-Output "::endgroup::" 
+        Write-Output "::group::Retrieve client certificate for auth"
+        if (!(Test-Path ".\.build\certificates\codesign.pfx")) {
+          # Get certificates
+          New-Item -ItemType Directory -Force -Path .\.build\certificates
+          Set-Content -Path ".\.build\certificates\codesign.txt" -Value $env:SM_CLIENT_CERT_FILE_B64
+          & certutil -decode ".\.build\certificates\codesign.txt" ".\.build\certificates\codesign.pfx"
+        } else {
+          Write-Output "Certificate already exists"
+        }
+        # Configure environment for next step
+        "SM_CLIENT_CERT_FILE=.\.build\certificates\codesign.pfx" | Out-File -FilePath $env:GITHUB_OUTPUT -Append
+        Write-Output "::endgroup::"
+
+    - name: Install SMCTL
+      shell: pwsh
+      run: |
+        Write-Output "::group::Install smctl if needed"
+        if (!(Get-Command smctl -ErrorAction SilentlyContinue)) {
+          curl -o smtools-windows-x64.msi "https://rstudio-buildtools.s3.amazonaws.com/posit-dev/smtools-windows-x64.msi"
+          msiexec /i smtools-windows-x64.msi /quiet /qn /log smtools-windows-x64.log
+          "C:/Program Files/DigiCert/DigiCert One Signing Manager Tools" | Out-File -FilePath $env:GITHUB_PATH -Append
+          Write-Output "SMCTL installed and added on PATH"
+        } else {
+          Write-Output "SMCTL already installed and on PATH"
+        }
+        Write-Output "::endgroup::" 
+        Write-Output "::group::Add signtools in PATH"
+        if (!(Get-Command signtool -ErrorAction SilentlyContinue)) {
+          "C:/Program Files (x86)/Windows Kits/10/App Certification Kit" | Out-File -FilePath $env:GITHUB_PATH -Append
+          Write-Output "signtool added on PATH"
+        } else {
+          Write-Output "signtool already installed and on PATH"
+        }
+        Write-Output "::endgroup::"
+
+    - name: Sign files with signtool
+      shell: pwsh
+      env:
+        SM_CLIENT_CERT_FILE: ${{ steps.setup-cert.outputs.SM_CLIENT_CERT_FILE }}
+      run: |
+        Write-Output "::group::Check for required environment variables"
+        $requiredEnvVars = @('SM_HOST', 'SM_API_KEY', 'SM_CLIENT_CERT_FILE', 'SM_CLIENT_CERT_PASSWORD', 'CERT_FINGERPRINT')
+        foreach ($envVar in $requiredEnvVars) {
+          if (-not $(Get-Item -Path "Env:$envVar" -ErrorAction SilentlyContinue)) {
+            Write-Output "::error title=Missing environment variable::Environment variable $envVar is not set."
+            exit 1
+          }
+          Write-Output "All env var correctly set."
+        }
+        Write-Output "::endgroup::"
+        Write-Output "::group::Sync certificates"
+        smctl windows certsync
+        Write-Output "::endgroup::"
+        # Sign each file that will be bundled in the installer
+        $paths = "${{ inputs.paths }}" -split "`n" | ForEach-Object { $_.Trim() } | Where-Object { $_ -ne "" }
+        foreach ($path in $paths) {
+          Write-Output "::group::Signing ${path}"
+          signtool.exe sign /sha1 $env:CERT_FINGERPRINT /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 ${{ inputs.signtools-extra-args }} $path
+          if ($LASTEXITCODE -ne 0) {
+            Write-Output "::error title=Signing error::Error while signing ${path}"
+            exit 1
+          }
+          signtool.exe verify /v /pa $path
+          if ($LASTEXITCODE -ne 0) {
+            Write-Output "::error title=Verify signature error::Error while verifying ${path}"
+            exit 1
+          }
+          Write-Output "::endgroup::"
+        }