[Feature Request] Include information to recreate build in releases

[kruton]

Description

In order to have repeatable builds, the git repository commits used to build the artifacts should be uploaded along with the release as well.

There are two cases:

1. If a qmk_firmware submodule is used, this seems easy enough to do.
2. If no submodule is used, there should be a way of determining the commit that it used to build (and a way to specify it with qmk compile, I suppose).

This could be extended into providing an SBOM for the release, but just the git commit is a good starting point.

[tzarc]

Yep, fair enough.

Quick and dirty mucking about generated something like this:

Path	Repository	Revision
.	git@github.com:tzarc/qmk_userspace.git	7e7b454 Submodule updates.
./modules/drashna	https://github.com/drashna/qmk_modules.git	86b5b8c [RTC] Add conversion function for __TIMESTAMP__ macro
./modules/getreuer	https://github.com/getreuer/qmk-modules.git	9d10a0b Sentence Case: fix on/off/toggle keys.
./modules/tzarc	git@github.com:tzarc/qmk_modules.git	757b28a Another buffer overflow fix.
./modules/tzarc/experimental/filesystem/littlefs	https://github.com/littlefs-project/littlefs.git	8ed63b2 Merge pull request #1084 from elupus/fix/packing
./modules/tzarc/experimental/lua_keymap/lib/lua	https://github.com/lua/lua.git	1ab3208a 'lua.h' back to redundancy in version definitions
./modules/tzarc/experimental/rv32_rgb_runner/lib/mini-rv32ima	https://github.com/cnlohr/mini-rv32ima.git	ac9dd82 Merge pull request #52 from daniilfigasystems/master
./qmk_firmware	git@github.com:tzarc/qmk_firmware.git	90ed47945f Add udev rule installation support.
./qmk_firmware/lib/chibios	https://github.com/qmk/ChibiOS	2365f84429 Fixed partial patch, removed an extra check.
./qmk_firmware/lib/chibios-contrib	https://github.com/qmk/ChibiOS-Contrib	3ac181e4 Merge pull request #415 from KarlK90/fix/gd32vf103-port-status
./qmk_firmware/lib/chibios-contrib/ext/mcux-sdk	https://github.com/NXPmicro/mcux-sdk	102c27d7c Propose for srtm freertos static api usage (#13)
./qmk_firmware/lib/googletest	https://github.com/qmk/googletest	e2239ee6 Googletest export
./qmk_firmware/lib/lufa	https://github.com/qmk/lufa	549b97320 Use string literals for QMK bootloader manufacturer/product (#16)
./qmk_firmware/lib/lvgl	https://github.com/qmk/lvgl.git	e19410f8 fix(demo): added gaurd to prevent crash if default theme is not used (#3257)
./qmk_firmware/lib/pico-sdk	https://github.com/qmk/pico-sdk.git	a3398d8 Merge pull request #2 from KarlK90/feature/update-pico-sdk-to-1.5.0
./qmk_firmware/lib/printf	https://github.com/qmk/printf	c2e3b4e Fixes #137: Use strict C prototypes
./qmk_firmware/lib/vusb	https://github.com/qmk/v-usb	819dbc1 Merge pull request #2 from obdev/master

I'll have a play and see if it can be standardised.

[kruton]

LGTM. Having it in JSON might be better, but that's exactly then info I was thinking. 👍

[tzarc]

Oh I’ll likely make it generate a manifest file as json as well. Was just seeing if I could get it to spit something relevant out; can put it directly into the release notes in markdown.

[tzarc]

How about https://gist.github.com/tzarc/35fa7d6872f4019ea19e927eb86fc748#file-repo-manifest-py ?
Thinking something like that could add a JSON manifest to the release assets, and the Markdown manifest to the release notes?

[tzarc]

Example Markdown:

---

Repository Manifest

Generated: 2026-01-22T13:36:38+11:00

Repository

Field	Value
Revision	863b308519
Subject	Fix avrdude version check logic (#25957)
Author	Joel Challis <git@zvecr.com>
Date	2026-01-20 08:48:51 +0000
Branch	master
Tags	0.31.9
Remote	git@github.com:tzarc/qmk_firmware.git

Submodules

Path	Commit	Message	Remote	Status
lib/chibios	8bd61b8043	git-svn-id: https://svn.code.sf.net/p/chibios/code/branch...	https://github.com/qmk/ChibiOS	✓
lib/chibios-contrib	8d863d9e	fix mx2board for UCPD	https://github.com/qmk/ChibiOS-Contrib	✓
lib/chibios-contrib/ext/mcux-sdk	102c27d7c	Propose for srtm freertos static api usage (#13)	https://github.com/NXPmicro/mcux-sdk	✓
lib/googletest	e2239ee6	Googletest export	https://github.com/qmk/googletest	✓
lib/lufa	549b97320	Use string literals for QMK bootloader manufacturer/produ...	https://github.com/qmk/lufa	✓
lib/lvgl	e19410f8f	fix(demo): added gaurd to prevent crash if default theme ...	https://github.com/qmk/lvgl.git	✓
lib/pico-sdk	d0c5cac	Merge pull request #3 from emolitor/em-pcio-1.5.1	https://github.com/qmk/pico-sdk.git	✓
lib/printf	c2e3b4e	Fixes #137: Use strict C prototypes	https://github.com/qmk/printf	✓
lib/vusb	819dbc1	Merge pull request #2 from obdev/master	https://github.com/qmk/v-usb	✓

---

Example JSON:

% repo-manifest.py --format json    
{
  "generated_at": "2026-01-22T13:38:31+11:00",
  "repository": {
    "path": ".",
    "absolute_path": "/data/Dev/qmk_userspace/qmk_firmware",
    "describe": "863b308519",
    "commit": {
      "hash": "863b30851949cf1f045328820d27bdc83d942190",
      "short_hash": "863b308519",
      "oneline": "863b308519 Fix avrdude version check logic (#25957)",
      "author_name": "Joel Challis",
      "author_email": "git@zvecr.com",
      "author_date": "2026-01-20 08:48:51 +0000",
      "subject": "Fix avrdude version check logic (#25957)"
    },
    "branch": "master",
    "remotes": {
      "origin": "git@github.com:tzarc/qmk_firmware.git",
      "upstream": "git@github.com:qmk/qmk_firmware.git"
    },
    "is_dirty": false,
    "tags": [
      "0.31.9"
    ]
  },
  "submodules": [
    {
      "path": "lib/chibios",
      "absolute_path": "/data/Dev/qmk_userspace/qmk_firmware/lib/chibios",
      "describe": "8bd61b8043",
      "commit": {
        "hash": "8bd61b804303f1614d574546c2dd735eeabb09f5",
        "short_hash": "8bd61b8043",
        "oneline": "8bd61b8043 git-svn-id: https://svn.code.sf.net/p/chibios/code/branches/stable_21.11.x@17000 085d63ac-f8f8-4fb4-a5e5-c089fd4f3ff4",
        "author_name": "gdisirio",
        "author_email": "gdisirio@085d63ac-f8f8-4fb4-a5e5-c089fd4f3ff4",
        "author_date": "2025-05-15 08:25:11 +0000",
        "subject": "git-svn-id: https://svn.code.sf.net/p/chibios/code/branches/stable_21.11.x@17000 085d63ac-f8f8-4fb4-a5e5-c089fd4f3ff4"
      },
      "branch": "HEAD",
      "remotes": {
        "origin": "https://github.com/qmk/ChibiOS",
        "qmk": "git@github.com:qmk/ChibiOS.git"
      },
      "is_dirty": false,
      "tags": [],
      "registered_commit": "bd61b804303f1614d574546c2dd735eeabb09f5",
      "status": "8"
    },
<<snip>>

[kruton]

Looks good! Maybe "absolute_path" isn't needed, though.