@@ -77,18 +77,17 @@ jobs:
7777 - target : x86_64-pc-windows-gnu
7878 os : windows-latest
7979 name : mhrv-rs-windows-amd64
80- - target : i686-pc-windows-msvc
81- os : windows-latest
82- name : mhrv-rs-windows-i686
83- # Pin Rust 1.77.2 specifically for this target. Rust 1.78
84- # (May 2024) raised the Windows MSRV from Win7 to Win10 by
85- # switching std::time to GetSystemTimePreciseAsFileTime, a
86- # kernel32 export that doesn't exist on Win7. The whole
87- # reason this target ships is to support legacy Win7 32-bit
88- # boxes (#272), so a stock-stable build defeats the purpose.
89- # 1.77.2 is the last stable that produces a Win7-loadable
90- # binary; other targets stay on @stable. (Fixes #318.)
91- rust_toolchain : " 1.77.2"
80+ # i686-pc-windows-msvc target was attempted in v1.7.7-v1.7.10
81+ # to support Windows 7 32-bit users (#272, #318). Removed in
82+ # v1.7.11 because keeping it on Rust 1.77.2 (last Win7-stable)
83+ # is fundamentally fragile: every transitive crate that bumps
84+ # its MSRV (e.g. `time` 0.3.47 needs Cargo manifest features
85+ # only available in Rust 1.78+) breaks the build, and pinning
86+ # transitives is brittle across releases. Win7 users should
87+ # self-build per the README; the project no longer ships a
88+ # prebuilt i686 Win7 binary. Replaced by the existing
89+ # x86_64-pc-windows-gnu (windows-amd64) which covers ~99% of
90+ # active Windows installs (incl. all WoA64 emulation).
9291 - target : x86_64-unknown-linux-musl
9392 os : [self-hosted, linux, x64, mhrv-build]
9493 name : mhrv-rs-linux-musl-amd64
@@ -112,12 +111,7 @@ jobs:
112111 # mipsel-softfloat is best-effort: the Rust tier-3 target occasionally
113112 # regresses. Letting it fail keeps the main release going so
114113 # desktop/Android users aren't blocked by MT7621 router support.
115- # i686-pc-windows-msvc is similarly best-effort — pinned to Rust
116- # 1.77.2 for Win7 compat (#318), so a future dep MSRV bump above
117- # 1.77 will fail this one target. Letting it skip keeps the rest
118- # of the release unblocked; we'd then choose between dropping the
119- # target or moving to the tier-3 win7-msvc target with build-std.
120- continue-on-error : ${{ matrix.mipsel_softfloat == true || matrix.target == 'i686-pc-windows-msvc' }}
114+ continue-on-error : ${{ matrix.mipsel_softfloat == true }}
121115
122116 steps :
123117 # Heal any root-owned leftovers from a previous mipsel docker
@@ -165,21 +159,6 @@ jobs:
165159 toolchain : ${{ matrix.rust_toolchain || 'stable' }}
166160 targets : ${{ matrix.target }}
167161
168- # Cargo.lock from main is generated by stable Rust (1.78+ writes
169- # version=4 lockfiles). Rust 1.77 only understands version=3, so
170- # the i686 build with the pinned 1.77.2 toolchain bails with
171- # "failed to parse lock file at: Cargo.lock" before it ever
172- # touches our code. Drop the committed lockfile only on the pinned
173- # job — cargo will regenerate it with version=3 against the same
174- # Cargo.toml. We don't ship a `Cargo.lock` for binary reproducibility
175- # contracts, so regenerating per-build is safe.
176- - name : Regenerate Cargo.lock for older toolchain (Win7 i686 only)
177- if : matrix.rust_toolchain == '1.77.2'
178- shell : bash
179- run : |
180- rm -f Cargo.lock
181- cargo +${{ matrix.rust_toolchain }} generate-lockfile
182-
183162 # Cache target/ + cargo registry across runs — this is the big
184163 # self-hosted speedup. Without it, actions/checkout@v4's default
185164 # `git clean -ffdx` wipes target/ between runs and every build is
@@ -619,10 +598,33 @@ jobs:
619598 with :
620599 fetch-depth : 0
621600
622- - uses : actions/download-artifact@v4
623- with :
624- path : dist
625- merge-multiple : true
601+ # `actions/download-artifact@v4` has been intermittently flaking on
602+ # this workflow with "5 retries exhausted" on a single artifact (~10
603+ # of 13). Wrap it in a manual retry — usually the second attempt
604+ # succeeds, the third nails any laggards. We use `gh run download`
605+ # against the current run so we don't depend on the release page
606+ # existing yet (it doesn't until the softprops step below runs).
607+ - name : Download all build artifacts (with retries)
608+ env :
609+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
610+ run : |
611+ mkdir -p dist
612+ for attempt in 1 2 3; do
613+ if gh run download "${GITHUB_RUN_ID}" --dir dist --repo "${GITHUB_REPOSITORY}"; then
614+ echo "downloaded all artifacts on attempt $attempt"
615+ # `gh run download` puts each artifact in its own subdir;
616+ # flatten so downstream steps that expect dist/<file> work
617+ # the same as `merge-multiple: true` did.
618+ find dist -type f -mindepth 2 -exec mv -f {} dist/ \;
619+ find dist -type d -empty -delete
620+ ls -la dist/
621+ exit 0
622+ fi
623+ echo "download attempt $attempt failed; retrying in 30s..."
624+ sleep 30
625+ done
626+ echo "::error::failed to download artifacts after 3 attempts"
627+ exit 1
626628
627629# Compose the GitHub release body from `docs/changelog/v<ver>.md`
628630 # so the Releases page tells humans what actually changed —
@@ -826,43 +828,58 @@ jobs:
826828 # isn't gated by the same protection.
827829 git push origin HEAD:main
828830
829- # Notify the Persian-speaking Telegram channel with the CI-built
830- # Android APK + its sha256 + the per-version changelog from
831- # `docs/changelog/v<tag>.md`.
831+ # ─────────── LEGACY — DORMANT BY DEFAULT ───────────
832832 #
833- # Two Telegram API calls:
834- # 1. sendDocument — APK file + a short caption (Telegram caps
835- # captions at 1024 chars, and we have bigger changelogs than
836- # that).
837- # 2. sendMessage — full changelog as a reply to #1, Persian
838- # quote-block first then English, same pattern as the
839- # previous manual post. No emojis, as the user asked.
833+ # Posts the universal APK + per-version changelog to the **main**
834+ # Telegram channel as one big sendDocument + sendMessage pair.
840835 #
841- # Needs two repo secrets:
842- # TELEGRAM_BOT_TOKEN — bot the channel admits as poster
843- # TELEGRAM_CHAT_ID — numeric chat id (starts with -100...)
844- # Missing either => the whole job is skipped (not failed) so a
845- # forker who hasn't set up a Telegram channel gets a clean release.
836+ # Superseded as of v1.8.0+ by `.github/workflows/telegram-publish-files.yml`,
837+ # which posts each platform's artifact individually to the **files**
838+ # channel (with SHA-256 captions) and then a single cross-link
839+ # message to the main channel pointing at the files-channel anchor.
840+ #
841+ # This job stays in the source tree, dormant, in case we ever want
842+ # to revert to the bundled-changelog-on-main-channel pattern (or
843+ # use both at once during a transition). To turn it back on:
844+ #
845+ # gh variable set TELEGRAM_NOTIFY_ENABLED --body true
846+ #
847+ # Note: with the new workflow active too, that produces TWO posts
848+ # to the main channel per release (the legacy APK+changelog *and*
849+ # the new cross-link). Pick one.
850+ #
851+ # Default state is disabled.
846852 telegram :
847853 needs : [android, release]
848854 runs-on : ubuntu-latest
849855 # Gated on the repo variable `TELEGRAM_NOTIFY_ENABLED`. Default is
850- # OFF — the job skips silently unless the variable is set to the
851- # literal string "true". Toggle via:
852- #
853- # gh variable set TELEGRAM_NOTIFY_ENABLED --body true
854- # gh variable set TELEGRAM_NOTIFY_ENABLED --body false
855- #
856- # Keeping the machinery (script + secrets) in place so flipping
857- # the switch back on is a one-liner, not a workflow edit.
856+ # off — the job skips silently unless the variable is set to the
857+ # literal string "true".
858858 if : ${{ vars.TELEGRAM_NOTIFY_ENABLED == 'true' && needs.android.result == 'success' }}
859859 steps :
860860 - uses : actions/checkout@v4
861861
862- - uses : actions/download-artifact@v4
863- with :
864- name : mhrv-rs-android-universal
865- path : apk
862+ # Same retry pattern as the `release` job above — `actions/download-artifact@v4`
863+ # has been flaking on this workflow with 5-retries-exhausted errors.
864+ - name : Download universal APK (with retries)
865+ env :
866+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
867+ run : |
868+ mkdir -p apk
869+ for attempt in 1 2 3; do
870+ if gh run download "${GITHUB_RUN_ID}" \
871+ --name mhrv-rs-android-universal \
872+ --dir apk \
873+ --repo "${GITHUB_REPOSITORY}"; then
874+ echo "downloaded universal APK on attempt $attempt"
875+ ls -la apk/
876+ exit 0
877+ fi
878+ echo "download attempt $attempt failed; retrying in 30s..."
879+ sleep 30
880+ done
881+ echo "::error::failed to download universal APK after 3 attempts"
882+ exit 1
866883
867884name : Post to Telegram
868885 env :
0 commit comments