Improve settings loading and input remap safety, update CI actions

.github/workflows/browser_test.yml

@@ -30,18 +30,18 @@
         id: "export"
         uses: "firebelley/godot-export@930577654862a320eef793f399ee911b4479efb9"
         with:
           godot_executable_download_url: "https://github.com/godotengine/godot/releases/download/4.5-stable/Godot_v4.5-stable_linux.x86_64.zip"
           godot_export_templates_download_url: "https://github.com/godotengine/godot/releases/download/4.5-stable/Godot_v4.5-stable_export_templates.tpz"
           relative_project_path: "./"
           relative_export_path: "./export/web_thread_off"
           archive_output: false
           cache: false
           verbose: true
           presets_to_export: "Web_thread_off"
           use_preset_export_path: true  # Move exports to the directory defined in export_presets.cfg
       - name: "Flatten Export Directory"
         run: |
           bash ./.github/scripts/flatten_export.sh "export/web_thread_off" "Web_thread_off"
       - name: "List Export Directory Contents"
         run: |
           ls -la export/web_thread_off
@@ -54,11 +54,11 @@
           python-version: "3.12"
       - name: "Cache PIP Dependencies"
         uses: "actions/cache@v5"
         id: cache
         with:
           path: "~/.cache/pip"
           key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
           restore-keys: ${{ runner.os }}-pip-
       - name: "Install Playwright"
         run: |
           sudo apt-get update && sudo apt-get install -y libxml2-utils
@@ -66,8 +66,8 @@
       - name: "Cache Playwright Browsers"
         uses: "actions/cache@v5"
         with:
           path: ~/.cache/ms-playwright
           key: ${{ runner.os }}-playwright-${{ hashFiles('**/requirements.txt') }}  # Or your dependency file
           restore-keys: ${{ runner.os }}-playwright-
 
       - name: "Install Playwright Browsers"
@@ -150,7 +150,7 @@
 
       - name: "Upload LCOV Artifact"
         if: always()
-        uses: "actions/upload-artifact@v6"
+        uses: "actions/upload-artifact@v7"
         with:
           name: lcov-report
           path: "./coverage/lcov/lcov.info"
@@ -176,14 +176,14 @@
 
       - name: "Upload Test Report Artifact"
         if: always()
-        uses: "actions/upload-artifact@v6"
+        uses: "actions/upload-artifact@v7"
         with:
           name: test-report
           path: junit.xml
 
       - name: "Upload Screenshot and Coverage Artifacts"
         if: always()
-        uses: "actions/upload-artifact@v6"
+        uses: "actions/upload-artifact@v7"
         with:
           name: test-screenshots
           path: |

.github/workflows/codeql.yml

@@ -62,7 +62,7 @@ jobs:
         run: |
           bash ./.github/scripts/patch_index_js.sh "export/web"
       - name: "Initialize CodeQL"
-        uses: "github/codeql-action/[email protected].3"
+        uses: "github/codeql-action/[email protected].4"
         with:
           # yamllint disable rule:quoted-strings
           languages: ${{ matrix.language }}
@@ -74,10 +74,10 @@ jobs:
           debug: "false"
 
       - name: "Autobuild (optional for JS but included for completeness)"
-        uses: "github/codeql-action/[email protected].3"
+        uses: "github/codeql-action/[email protected].4"
 
       - name: "Perform CodeQL Analysis"
-        uses: "github/codeql-action/[email protected].3"
+        uses: "github/codeql-action/[email protected].4"
 
       - name: "Post-scan summary (optional)"
         if: "always()"  # Run even if previous steps fail

.github/workflows/gdunit4_tests.yml

@@ -51,7 +51,7 @@ jobs:
           ls -la ${{ steps.find_report.outputs.latest_report }}/
       - name: "Upload Test Reports Artifacts"
         if: always()
-        uses: "actions/upload-artifact@v6"
+        uses: "actions/upload-artifact@v7"
         with:
           name: gdunit-reports
           path: reports/**

.github/workflows/gut_tests.yml

@@ -53,7 +53,7 @@ jobs:
           ls -la ${{ steps.find_report.outputs.latest_report }}/
       - name: "Upload Test Reports Artifacts"
         if: always()
-        uses: "actions/upload-artifact@v6"
+        uses: "actions/upload-artifact@v7"
         with:
           name: gut-reports
           path: gut-reports/**

.github/workflows/snyk.yml

@@ -43,7 +43,7 @@ jobs:
         continue-on-error: true
 
       - name: "Upload Snyk Code SARIF to GitHub"
-        uses: "github/codeql-action/upload-sarif@ef618feace3c4838ae42b239ab86e8fb46437508"
+        uses: "github/codeql-action/upload-sarif@0ec47d036c68ae0cf94c629009b1029407111281"
         if: "always() && hashFiles('snyk-code.sarif') != ''"
         with:
           sarif_file: "snyk-code.sarif"
@@ -54,7 +54,7 @@ jobs:
         continue-on-error: true
 
       - name: "Upload Snyk Open Source SARIF to GitHub"
-        uses: "github/codeql-action/upload-sarif@ef618feace3c4838ae42b239ab86e8fb46437508"
+        uses: "github/codeql-action/upload-sarif@0ec47d036c68ae0cf94c629009b1029407111281"
         if: "always() && hashFiles('snyk-os.sarif') != ''"
         with:
           sarif_file: "snyk-os.sarif"

.github/workflows/trivy.yml

@@ -36,7 +36,7 @@ jobs:
           ignore-unfixed: true  # Ignore vulns without fixes available
 
       - name: "Upload Trivy scan results to GitHub Security tab"
-        uses: "github/codeql-action/upload-sarif@ef618feace3c4838ae42b239ab86e8fb46437508"  # Pinned to SHA for v4.32.2
+        uses: "github/codeql-action/upload-sarif@0ec47d036c68ae0cf94c629009b1029407111281"  # Pinned to SHA for v4.32.2
         if: always()  # Upload even if scan fails
         with:
           sarif_file: 'trivy-results.sarif'

scripts/game_settings_resource.gd

@@ -22,10 +22,8 @@ extends Resource
 @export var difficulty: float = 1.0:
 	set(value):
 		if value < 0.5 or value > 2.0:
-			Globals.log_message(
-				"Invalid difficulty loaded (" + str(value) + ") - clamping to valid range.",
-				Globals.LogLevel.WARNING
-			)
+			# BREAK THE CYCLE: Use push_warning instead of Globals.log_message
+			push_warning("Invalid difficulty loaded (" + str(value) + ") - clamping.")
 		_difficulty = clamp(value, 0.5, 2.0)
 	get:
 		return _difficulty

scripts/globals.gd

@@ -19,8 +19,7 @@ enum LogLevel { DEBUG, INFO, WARNING, ERROR, NONE = 4 }
 # @export var difficulty: float = 1.0  # Multiplier: 1.0=Normal, <1=Easy, >1=Hard
 
 # Add the resource reference here
-@export var settings: GameSettingsResource = preload("res://settings/default_settings.tres")
-
+@export var settings: GameSettingsResource
 # In globals.gd (add after @export vars)
 var options_instance: CanvasLayer = null
 # var hidden_menu: Node = null
@@ -37,6 +36,13 @@ var current_input_device: String = "keyboard"  # "keyboard" or "gamepad"
 
 
 func _ready() -> void:
+	# Load the resource here instead of preloading at the top
+	settings = load("res://config_resources/default_settings.tres")
+	if not settings:
+		# Use push_error since Globals logging might not be ready
+		push_error("CRITICAL: 'GameSettingsResource' failed to load at path.")
+		return
+
 	if Engine.is_editor_hint() or settings.enable_debug_logging:
 		settings.current_log_level = LogLevel.DEBUG
 	log_message("Log level set to: " + LogLevel.keys()[settings.current_log_level], LogLevel.DEBUG)

scripts/input_remap_button.gd

@@ -116,12 +116,19 @@ func _ready() -> void:
 func _on_pressed() -> void:
 	listening = button_pressed
 	if listening:
+		# Safely check if Globals and settings are ready
+		if is_instance_valid(Globals) and Globals.settings:
 		# FIXED: Check the actual current_device to return the correct prompt
-		text = (
-			Globals.settings.remap_prompt_keyboard
-			if current_device == DeviceType.KEYBOARD
-			else Globals.settings.remap_prompt_gamepad
-		)
+			text = (
+				Globals.settings.remap_prompt_keyboard
+				if current_device == DeviceType.KEYBOARD
+				else Globals.settings.remap_prompt_gamepad
+			)
+		else:
+			Globals.log_message(
+				"'Globals.settings' resource is NULL'",
+				Globals.LogLevel.ERROR
+			)
 	else:
 		update_button_text()
 

scripts/key_mapping.gd

@@ -179,6 +179,7 @@ func _on_reset_pressed() -> void:
 	# Function resets only the selected device type (keyboard or gamepad)
 	var device_type: String = "keyboard" if keyboard.button_pressed else "gamepad"
 	Settings.reset_to_defaults(device_type)
+	# You must update the UI buttons so they show the new defaults!
 	update_all_remap_buttons()
 	Globals.log_message("Resetting " + device_type + " controls.", Globals.LogLevel.DEBUG)
 	# NEW: Clear critical warning flag when player fixes unbound (once-per-session)

scripts/settings.gd

@@ -386,10 +386,16 @@ func deserialize_event(serialized: String) -> InputEvent:
 
 	match parts[0]:
 		"key":
-			if parts[1].is_valid_int():
+			if parts.size() >= 2 and parts[1].is_valid_int():
+			# if parts[1].is_valid_int():
 				var ev := InputEventKey.new()
+				# You saved as physical_keycode, so you MUST load as physical_keycode
 				ev.physical_keycode = parts[1].to_int()
+				if ev.physical_keycode == 0:
+					return
+				# print("DEBUG: Deserializing '", serialized, "' -> keycode: ", ev.physical_keycode)
 				# Logic for combinations (Shift + Tab etc)
+				# Modifiers must be checked explicitly in the 'parts' array
 				if "shift" in parts:
 					ev.shift_pressed = true
 				if "ctrl" in parts: