feat(ci,tooling): improve static check developer experience

.github/PULL_REQUEST_TEMPLATE.md

@@ -11,7 +11,7 @@ N/A.
 
 - [ ] All: Ran fast `tox` checks to avoid unnecessary CI fails, see also [Code Standards](https://eest.ethereum.org/main/getting_started/code_standards/) and [Enabling Pre-commit Checks](https://eest.ethereum.org/main/dev/precommit/):
     ```console
-    uvx tox -e static
+    just check  # or: make check, uvx tox -e check
     ```
 - [ ] All: PR title adheres to the [repo standard](https://eest.ethereum.org/main/getting_started/contributing/?h=contri#commit-messages-issue-and-pr-titles) - it will be used as the squash commit message and should start `type(scope):`.
 - [ ] All: Considered updating the online docs in the [./docs/](/ethereum/execution-specs/blob/HEAD/docs/) directory.

.github/actionlint.yaml

@@ -4,3 +4,8 @@ self-hosted-runner:
     - size-l-x64
     - size-xl-x64
     - size-gigachungus-x64
+
+# Validate vars.* references in workflows
+config-variables:
+  - DEFAULT_PYTHON_VERSION
+  - UV_VERSION

.github/actions/merge-eip-branches/action.yaml

@@ -114,7 +114,7 @@ runs:
         done
 
         echo "Running static checks on merged branch"
-        uvx --with=tox-uv tox -e static
+        uvx tox -e check
 
         echo "All EIP branches merged successfully"
 

.github/actions/rebase-eip-branch/action.yaml

@@ -58,7 +58,7 @@ runs:
         fi
 
         echo "Running static checks on rebased branch"
-        uvx --with=tox-uv tox -e static
+        uvx tox -e check
 
         echo "Rebase successful"
 

.github/workflows/benchmark.yaml

@@ -26,8 +26,12 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  check:
+    uses: ./.github/workflows/check.yaml
+
   unit-tests:
     name: Benchmark Unit Tests
+    needs: check
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

.github/workflows/check.yaml

@@ -0,0 +1,58 @@
+name: Check
+
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+  workflow_call:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  checks:
+    name: ${{ matrix.name }}
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - { name: "Spellcheck", tox-env: spellcheck }
+          - { name: "Python Lint", tox-env: lint }
+          - { name: "Python Format", tox-env: format }
+          - { name: "Python Typecheck", tox-env: typecheck }
+          - { name: "Spec Lint", tox-env: spec-lint }
+          - { name: "Lock Check", tox-env: lockcheck }
+          - { name: "Action Lint", tox-env: actionlint }
+          - { name: "Changelog", tox-env: changelog }
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - name: Install uv and Python
+        uses: astral-sh/setup-uv@0c5e2b8115b80b4c7c5ddf6ffdd634974642d182
+        with:
+          enable-cache: true
+          cache-dependency-glob: "uv.lock"
+          version: ${{ vars.UV_VERSION }}
+          python-version: ${{ vars.DEFAULT_PYTHON_VERSION }}
+      - name: Run ${{ matrix.name }}
+        run: uvx tox -e ${{ matrix.tox-env }}
+
+  markdownlint:
+    name: Markdown Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265
+        with:
+          globs: |
+            docs/**/*.md
+            *.md
+
+  sha-pinned-actions:
+    name: SHA Pinned Actions
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - name: Ensure SHA pinned actions
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@6124774845927d14c601359ab8138699fa5b70c3

.github/workflows/gh-pages.yaml

@@ -21,8 +21,12 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  check:
+    uses: ./.github/workflows/check.yaml
+
   build:
     name: "Build Documentation"
+    needs: check
     runs-on: "ubuntu-latest"
 
     steps:

.github/workflows/hive-consume.yaml

@@ -48,8 +48,12 @@ env:
   FIXTURES_URL: https://github.com/ethereum/execution-spec-tests/releases/download/v5.3.0/fixtures_develop.tar.gz
 
 jobs:
+  check:
+    uses: ./.github/workflows/check.yaml
+
   cache-docker-images:
     name: Cache Docker Images
+    needs: check
     runs-on: [self-hosted-ghr, size-l-x64]
     steps:
       - name: Checkout execution-specs

.github/workflows/test-docs.yaml

@@ -23,8 +23,12 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  check:
+    uses: ./.github/workflows/check.yaml
+
   mkdocs:
     name: Test html documentation build with mkdocs
+    needs: check
     runs-on: ubuntu-latest
     steps:
       - name: Checkout ethereum/execution-specs
@@ -38,31 +42,3 @@ jobs:
           python-version: ${{ vars.DEFAULT_PYTHON_VERSION }}
       - name: Build html documentation with mkdocs via tox
         run: uvx tox -e mkdocs
-
-  changelog:
-    name: Validate changelog entries
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout ethereum/execution-specs
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - name: Install uv ${{ vars.UV_VERSION }} and python ${{ vars.DEFAULT_PYTHON_VERSION }}
-        uses: astral-sh/setup-uv@0c5e2b8115b80b4c7c5ddf6ffdd634974642d182
-        with:
-          enable-cache: true
-          cache-dependency-glob: "uv.lock"
-          version: ${{ vars.UV_VERSION }}
-          python-version: ${{ vars.DEFAULT_PYTHON_VERSION }}
-      - name: Run changelog validation via tox
-        run: uvx tox -e changelog
-
-  markdownlint:
-    name: Lint markdown files with markdownlint
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout ethereum/execution-specs
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265
-        with:
-          globs: |
-            docs/**/*.md
-            *.md

.github/workflows/test.yaml

@@ -30,41 +30,12 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  static:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
-        with:
-          submodules: recursive
-      - name: Ensure SHA pinned actions
-        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@6124774845927d14c601359ab8138699fa5b70c3 # v4.0.1
-      - name: Setup Python
-        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
-        with:
-          python-version: "3.11"
-      - name: Install Tox and any other packages
-        shell: bash
-        run: |
-          sudo DEBIAN_FRONTEND=noninteractive apt-get install --yes --force-yes build-essential pkg-config
-          pip install 'tox>=4.11,<5' requests
-      - name: Run static checks
-        run: tox -e static
-      - name: Setup uv
-        uses: astral-sh/setup-uv@0c5e2b8115b80b4c7c5ddf6ffdd634974642d182 # v5.4.1
-      - name: Validate workflow config variables
-        run: |
-          cat >> .github/actionlint.yaml << 'EOF'
-
-          # CI-only: validate vars.* references
-          config-variables:
-            - DEFAULT_PYTHON_VERSION
-            - UV_VERSION
-          EOF
-          uvx --from actionlint-py actionlint
+  check:
+    uses: ./.github/workflows/check.yaml
 
   py3:
     runs-on: [self-hosted-ghr, size-xl-x64]
-    needs: static
+    needs: check
     steps:
       - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
         with:
@@ -85,7 +56,7 @@ jobs:
 
   pypy3:
     runs-on: [self-hosted-ghr, size-xl-x64]
-    needs: static
+    needs: check
     steps:
       - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
         with:
@@ -103,7 +74,7 @@ jobs:
 
   json_infra:
     runs-on: [self-hosted-ghr, size-xl-x64]
-    needs: static
+    needs: check
     steps:
       - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
         with:
@@ -121,7 +92,7 @@ jobs:
 
   optimized:
     runs-on: [self-hosted-ghr, size-xl-x64]
-    needs: static
+    needs: check
     steps:
       - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
         with:
@@ -139,7 +110,7 @@ jobs:
 
   tests_pytest_py3:
     runs-on: [self-hosted-ghr, size-xl-x64]
-    needs: static
+    needs: check
     steps:
       - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
         with:
@@ -155,7 +126,7 @@ jobs:
 
   tests_pytest_pypy3:
     runs-on: [self-hosted-ghr, size-xl-x64]
-    needs: static
+    needs: check
     steps:
       - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955
         with:

.pre-commit-config.yaml

@@ -0,0 +1,66 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-toml
+      - id: check-added-large-files
+
+  - repo: local
+    hooks:
+      # Fast file-level checks (run on changed files only)
+      - id: ruff-check
+        name: Python lint (ruff)
+        entry: uv run ruff check --fix
+        language: system
+        types: [python]
+
+      - id: ruff-format
+        name: Python format (ruff)
+        entry: uv run ruff format
+        language: system
+        types: [python]
+
+      - id: codespell
+        name: Spellcheck (codespell)
+        entry: uv run codespell
+        language: system
+        types_or: [python, markdown, yaml, ini]
+
+      # Project-level checks (run on whole project)
+      - id: mypy
+        name: Python typecheck (mypy)
+        entry: uv run mypy
+        language: system
+        types: [python]
+        pass_filenames: false
+
+      - id: spec-lint
+        name: Ethereum spec lint
+        entry: uv run ethereum-spec-lint
+        language: system
+        types: [python]
+        pass_filenames: false
+
+      - id: lockcheck
+        name: Lock file check (uv)
+        entry: uv lock --check
+        language: system
+        files: ^(pyproject\.toml|uv\.lock)$
+        pass_filenames: false
+
+      - id: actionlint
+        name: GitHub Actions lint
+        entry: uv run actionlint
+        language: system
+        files: ^\.github/workflows/.*\.ya?ml$
+        pass_filenames: false
+
+      - id: changelog
+        name: Changelog validation
+        entry: uv run python scripts/fast_checks.py changelog
+        language: system
+        files: ^docs/CHANGELOG\.md$
+        pass_filenames: false

EIP_AUTHORS_MANUAL.md

@@ -54,7 +54,7 @@ Implementing a new EIP in the `execution-specs` repository involves the followin
 
 1. **Create a new branch**: Create a new branch for the EIP under the appropriate fork. For example, if you are implementing an EIP for the Prague fork, create a new branch under `eips/<FORK_NAME>/eip-<EIP_NUMBER>`.
 2. **Implement the EIP**: Implement the EIP in the `src/ethereum/<FORK_NAME>` folder.
-3. **Basic sanity checks**: Run `tox -e static` to run basic formatting and linting checks.
+3. **Basic sanity checks**: Run `just check  # or: make check, tox -e check` to run basic formatting and linting checks.
 4. **Raise a PR**: Raise a PR against the appropriate branch. For example, if you are implementing an EIP for the Prague fork, raise a PR against the `forks/prague` branch.
 
 An EIP can only be CFI'd (Considered For Inclusion) if it has a reference `execution-specs` implementation. The EIP author is responsible for maintaining their EIP up-to-date with the latest changes. For example, if an author had written their EIP for Cancun under `eips/cancun/eip-x`, but for some reason it didn't make it into Cancun, they would need to rebase their EIP to reflect the changes in Prague under `eips/prague/eip-x`.