ArcForges · deku2026 · Mar 6, 2026 · Mar 6, 2026 · Mar 6, 2026 · Mar 6, 2026
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,14 +1,12 @@
 name: "CodeQL Advanced"
 
 on:
-  push:
-    branches: [main]
   schedule:
-    - cron: '19 17 * * 3'
-
+    - cron: "0 0 1 * *"
+  workflow_dispatch:
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
+  cancel-in-progress: false
 
 permissions:
   security-events: write
@@ -18,17 +16,22 @@ permissions:
 
 defaults:
   run:
-    shell: pwsh
+    shell: bash
 
 jobs:
   analyze:
     name: Analyze (${{ matrix.language }})
-    runs-on: windows-2025-vs2026
+    runs-on: [self-hosted, linux, arcforges]
+    if: >-
+      github.event_name != 'pull_request' ||
+      github.event.pull_request.head.repo.full_name == github.repository
     timeout-minutes: 180
-
     env:
-      GLOBAL_VCPKG_PATH: C:\vcpkg
-      VCPKG_DEFAULT_TRIPLET: x64-windows
+      VCPKG_DEFAULT_BINARY_CACHE: /cache/vcpkg
+      VCPKG_DEFAULT_HOST_TRIPLET: x64-linux-dynamic
+      GLOBAL_VCPKG_PATH: /tmp/vcpkg
+      VCPKG_MAX_CONCURRENCY: 6
+      CMAKE_BUILD_PARALLEL_LEVEL: 6
 
     strategy:
       fail-fast: false
@@ -45,75 +48,87 @@ jobs:
           submodules: recursive
 
       # ── Toolchain ─────────────────────────────────────────────
-      - name: Install CMake (Scoop)
-        uses: MinoruSekine/setup-scoop@v4
-        with:
-          apps: cmake
-
-      - name: Setup MSVC developer environment
-        uses: ilammy/msvc-dev-cmd@v1
-        with:
-          arch: x64
-          vsversion: '18.0'
-
-      - name: Remove MinGW from PATH
+      - name: Install system dependencies
+        run: |
+          set -euo pipefail
+          apt-get update -qq
+          apt-get install -y --no-install-recommends \
+            wget unzip git curl pkg-config \
+            autoconf autoconf-archive automake libtool \
+            libltdl-dev \
+            lsb-release software-properties-common gnupg ca-certificates \
+            libgl-dev libx11-dev libxkbcommon-dev libxcb-cursor-dev \
+            libfontconfig1-dev libfreetype-dev libegl-dev \
+            g++ nasm bison flex \
+            '^libxcb.*-dev' libx11-xcb-dev libglu1-mesa-dev \
+            libxrender-dev libxi-dev libxkbcommon-x11-dev libegl1-mesa-dev \
+            libsm-dev libice-dev
+          wget -qO- https://apt.llvm.org/llvm.sh | bash -s -- 20
+          update-alternatives --install /usr/bin/clang   clang   /usr/bin/clang-20   100
+          update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-20 100
+          update-alternatives --install /usr/bin/lld     lld     /usr/bin/lld-20     100
+
+      - name: Install CMake 4.2.3
         run: |
-          $clean = ($env:PATH -split ';' | Where-Object { $_ -notmatch 'mingw' }) -join ';'
-          "PATH=$clean" >> $env:GITHUB_ENV
+          wget -qO- https://github.com/Kitware/CMake/releases/download/v4.2.3/cmake-4.2.3-linux-x86_64.tar.gz \
+            | tar -xz -C /tmp
+          echo "/tmp/cmake-4.2.3-linux-x86_64/bin" >> "$GITHUB_PATH"
 
-      # ── Qt6 ───────────────────────────────────────────────────
-      - name: Install Qt6
-        uses: jurplel/install-qt-action@v4
-        with:
-          version: '6.10.*'
-          arch: win64_msvc2022_64
-          cache: true
+      - name: Install FASTBuild v1.19
+        run: |
+          mkdir -p /tmp/fastbuild
+          wget -O /tmp/fastbuild.zip \
+            https://www.fastbuild.org/downloads/v1.19/FASTBuild-Linux-x64-v1.19.zip
+          unzip -o /tmp/fastbuild.zip -d /tmp/fastbuild
+          chmod +x /tmp/fastbuild/fbuild /tmp/fastbuild/fbuildworker
+          ln -sf /tmp/fastbuild/fbuild /tmp/fastbuild/FBuild
+          echo "/tmp/fastbuild" >> "$GITHUB_PATH"
+
+      - name: Setup vcpkg
+        run: |
+          if [ ! -f /tmp/vcpkg/vcpkg ]; then
+            rm -rf /tmp/vcpkg
+            git clone --depth 1 https://github.com/microsoft/vcpkg.git /tmp/vcpkg
+            /tmp/vcpkg/bootstrap-vcpkg.sh -disableMetrics
+          fi
+          echo "VCPKG_ROOT=/tmp/vcpkg" >> "$GITHUB_ENV"
+          echo "/tmp/vcpkg" >> "$GITHUB_PATH"
+
+      - name: Verify tool versions
+        run: |
+          echo "CMake:    $(cmake --version | head -1)"
+          echo "Clang:    $(clang++ --version | head -1)"
+          echo "FBuild:   $(fbuild -version 2>&1 | head -1)"
+          echo "vcpkg:    $(vcpkg version 2>&1 | head -2 | tail -1)"
 
       # ── vcpkg ─────────────────────────────────────────────────
-      - name: Setup vcpkg binary caching (GitHub Actions)
-        uses: actions/github-script@v8
-        with:
-          script: |
-            core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || '');
-            core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
+      - name: Ensure vcpkg binary cache dir
+        run: mkdir -p "$VCPKG_DEFAULT_BINARY_CACHE"
 
-      - name: Restore vcpkg installed packages
-        id: vcpkg-cache
-        uses: actions/cache@v5
-        with:
-          path: C:\vcpkg\installed
-          key: vcpkg-x64-windows-${{ hashFiles('vcpkg.json') }}-v1
-          restore-keys: vcpkg-x64-windows-
-
-      - name: Install vcpkg packages
-        if: steps.vcpkg-cache.outputs.cache-hit != 'true'
-        env:
-          VCPKG_BINARY_SOURCES: clear;x-gha,readwrite
+      - name: Install base vcpkg packages
         run: |
-          & C:\vcpkg\vcpkg install --triplet x64-windows `
-            opencolorio openimageio openexr imath `
-            "ffmpeg[avcodec,avdevice,avfilter,avformat,swresample,swscale]" `
-            portaudio crashpad zlib libpng
+          vcpkg install \
+            --triplet x64-linux-dynamic \
+            --host-triplet x64-linux-dynamic \
+            opencolorio openimageio openexr imath ffmpeg \
+            portaudio crashpad qtbase rapidjson pybind11 kddockwidgets
 
       # ── CodeQL ────────────────────────────────────────────────
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
+          queries: security-and-quality
           config: |
             paths:
               - app
-              - tools
 
-      - name: Configure (CMake — Visual Studio generator)
-        env:
-          CC: cl
-          CXX: cl
-        run: cmake --preset windows-vs
+      - name: Configure (CMake)
+        run: cmake --preset linux-ci -DUSE_WERROR=ON
 
-      - name: Build (MSBuild — parallel)
-        run: cmake --build build/vs --config Release --parallel
+      - name: Build
+        run: cmake --build build/linux-ci
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v4

diff --git a/.github/workflows/linux-ci.yml b/.github/workflows/linux-ci.yml
@@ -0,0 +1,119 @@
+name: Linux CI (Docker Self-Hosted)
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+permissions:
+  contents: read
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  build:
+    name: Linux x64 (FASTBuild)
+    runs-on: [self-hosted, linux, arcforges]
+    if: >-
+      github.event_name != 'pull_request' ||
+      github.event.pull_request.head.repo.full_name == github.repository
+    timeout-minutes: 120
+    env:
+      VCPKG_DEFAULT_BINARY_CACHE: /cache/vcpkg
+      VCPKG_DEFAULT_HOST_TRIPLET: x64-linux-dynamic
+      FASTBUILD_CACHE_PATH: /cache/fastbuild
+      GLOBAL_VCPKG_PATH: /tmp/vcpkg
+      VCPKG_MAX_CONCURRENCY: 6
+      CMAKE_BUILD_PARALLEL_LEVEL: 6
+
+    steps:
+      # ── Checkout ──────────────────────────────────────────────
+      - name: Checkout
+        uses: actions/checkout@v6
+        with:
+          submodules: recursive
+
+      # ── Toolchain ─────────────────────────────────────────────
+      - name: Install system dependencies
+        run: |
+          set -euo pipefail
+          apt-get update -qq
+          apt-get install -y --no-install-recommends \
+            wget unzip git curl pkg-config \
+            autoconf autoconf-archive automake libtool \
+            libltdl-dev \
+            lsb-release software-properties-common gnupg ca-certificates \
+            libgl-dev libx11-dev libxkbcommon-dev libxcb-cursor-dev \
+            libfontconfig1-dev libfreetype-dev libegl-dev \
+            g++ nasm bison flex \
+            '^libxcb.*-dev' libx11-xcb-dev libglu1-mesa-dev \
+            libxrender-dev libxi-dev libxkbcommon-x11-dev libegl1-mesa-dev \
+            libsm-dev libice-dev
+          wget -qO- https://apt.llvm.org/llvm.sh | bash -s -- 20
+          update-alternatives --install /usr/bin/clang   clang   /usr/bin/clang-20   100
+          update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-20 100
+          update-alternatives --install /usr/bin/lld     lld     /usr/bin/lld-20     100
+
+      - name: Install CMake 4.2.3
+        run: |
+          wget -qO- https://github.com/Kitware/CMake/releases/download/v4.2.3/cmake-4.2.3-linux-x86_64.tar.gz \
+            | tar -xz -C /tmp
+          echo "/tmp/cmake-4.2.3-linux-x86_64/bin" >> "$GITHUB_PATH"
+
+      - name: Install FASTBuild v1.19
+        run: |
+          mkdir -p /tmp/fastbuild
+          wget -O /tmp/fastbuild.zip \
+            https://www.fastbuild.org/downloads/v1.19/FASTBuild-Linux-x64-v1.19.zip
+          unzip -o /tmp/fastbuild.zip -d /tmp/fastbuild
+          chmod +x /tmp/fastbuild/fbuild /tmp/fastbuild/fbuildworker
+          ln -sf /tmp/fastbuild/fbuild /tmp/fastbuild/FBuild
+          echo "/tmp/fastbuild" >> "$GITHUB_PATH"
+
+      - name: Setup vcpkg
+        run: |
+          if [ ! -f /tmp/vcpkg/vcpkg ]; then
+            rm -rf /tmp/vcpkg
+            git clone --depth 1 https://github.com/microsoft/vcpkg.git /tmp/vcpkg
+            /tmp/vcpkg/bootstrap-vcpkg.sh -disableMetrics
+          fi
+          echo "VCPKG_ROOT=/tmp/vcpkg" >> "$GITHUB_ENV"
+          echo "/tmp/vcpkg" >> "$GITHUB_PATH"
+
+      - name: Verify tool versions
+        run: |
+          echo "CMake:    $(cmake --version | head -1)"
+          echo "Clang:    $(clang++ --version | head -1)"
+          echo "FBuild:   $(fbuild -version 2>&1 | head -1)"
+          echo "vcpkg:    $(vcpkg version 2>&1 | head -2 | tail -1)"
+
+      # ── vcpkg ─────────────────────────────────────────────────
+      - name: Ensure vcpkg binary cache dir
+        run: mkdir -p "$VCPKG_DEFAULT_BINARY_CACHE"
+
+      - name: Install base vcpkg packages
+        run: |
+          vcpkg install \
+            --triplet x64-linux-dynamic \
+            --host-triplet x64-linux-dynamic \
+            opencolorio openimageio openexr imath ffmpeg \
+            portaudio crashpad qtbase rapidjson pybind11 kddockwidgets
+
+      # ── Build ─────────────────────────────────────────────────
+      - name: Configure (CMake)
+        run: cmake --preset linux-ci -DUSE_WERROR=ON
+
+      - name: Build (FASTBuild)
+        run: cmake --build --preset linux-ci
+
+      - name: Trim FASTBuild cache
+        if: always()
+        run: fbuild -cachetrim 10240
+        working-directory: ${{ github.workspace }}/build/linux-ci
diff --git a/.github/workflows/windows-ci.yml b/.github/workflows/windows-ci.yml
@@ -8,7 +8,7 @@ on:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
+  cancel-in-progress: false
 
 permissions:
   contents: read
@@ -79,14 +79,6 @@ jobs:
           "WindowsKitRC=$($rc.DirectoryName)" >> $env:GITHUB_ENV
           $rc.DirectoryName >> $env:GITHUB_PATH
 
-      # ── Qt6 ───────────────────────────────────────────────────
-      - name: Install Qt6
-        uses: jurplel/install-qt-action@v4
-        with:
-          version: '6.10.*'
-          arch: win64_msvc2022_64
-          cache: true
-
       # ── vcpkg ─────────────────────────────────────────────────
       - name: Setup vcpkg binary caching (GitHub Actions)
         uses: actions/github-script@v8
@@ -108,10 +100,10 @@ jobs:
         env:
           VCPKG_BINARY_SOURCES: clear;x-gha,readwrite
         run: |
-          & C:\vcpkg\vcpkg install --triplet x64-windows `
+          & C:\vcpkg\vcpkg.exe install --triplet x64-windows `
             opencolorio openimageio openexr imath `
-            "ffmpeg[avcodec,avdevice,avfilter,avformat,swresample,swscale]" `
-            portaudio crashpad zlib libpng
+            ffmpeg `
+            portaudio crashpad qtbase rapidjson pybind11 kddockwidgets
 
       # ── FASTBuild cache ──────────────────────────────────────
       # The windows-ci preset sets FASTBUILD_CACHE_PATH to $LOCALAPPDATA/FASTBuild/Cache
@@ -147,13 +139,18 @@ jobs:
       # ── Build ─────────────────────────────────────────────────
       - name: Configure (CMake)
         env:
-          CC: cl
-          CXX: cl
-        run: cmake --preset windows-ci
+          CC: clang-cl
+          CXX: clang-cl
+        run: cmake --preset windows-ci -DUSE_WERROR=ON
 
       - name: Build (FASTBuild)
         run: cmake --build --preset ci
 
+      - name: Trim FASTBuild cache
+        if: always()
+        run: FBuild.exe -cachetrim 10240
+        working-directory: ${{ github.workspace }}/build/ci
+
       # ── Artifacts ─────────────────────────────────────────────
       - name: Upload build artifacts
         uses: actions/upload-artifact@v7

diff --git a/.gitmodules b/.gitmodules
@@ -1,6 +1,3 @@
-[submodule "third_party/KDDockWidgets"]
-	path = third_party/KDDockWidgets
-	url = https://github.com/KDAB/KDDockWidgets.git
 [submodule "third_party/OpenTimelineIO"]
 	path = third_party/OpenTimelineIO
 	url = https://github.com/AcademySoftwareFoundation/OpenTimelineIO.git