GitHub Actions (GA) is an orchestration platform that streamlines the automatic execution of software engineering tasks such as building, testing, and deployment. Although GA workflows are the primary means for automation, according to our experience and observations, human intervention is necessary to correct defects, update dependencies, or refactor existing workflow files. In fact, previous research has shown that software artifacts similar to workflows, such as build files and bots, can introduce additional maintenance tasks in software projects. This suggests that workflow files, which are also used to automate repetitive tasks in professional software production, may generate extra workload for developers. However, the nature of such effort has not been well studied. This paper presents a large-scale empirical investigation towards characterizing the maintenance of GA workflows by studying the evolution of workflow files in almost 200 mature GitHub projects across ten programming languages. Our findings largely confirm the results of previous studies on the maintenance of similar artifacts, while also revealing GA-specific insights such as bug fixing and CI/CD improvement being among the major drivers of GA maintenance. A direct implication is that practitioners should be aware of proper resource planning and allocation for maintaining GA workflows, thus exposing the ``hidden costs of automation.'' Our findings also call for identifying and documenting best practices for such maintenance, and for enhanced tool features supporting dependency tracking and better error reporting of workflow specifications.

翻译：GitHub Actions（GA）是一个编排平台，可简化软件工程任务（如构建、测试和部署）的自动执行。尽管GA工作流是实现自动化的主要手段，但根据我们的经验和观察，仍需要人工干预来纠正缺陷、更新依赖项或重构现有工作流文件。事实上，先前研究表明，与工作流类似的软件制品（如构建文件和机器人程序）可能会在软件项目中引入额外的维护任务。这表明用于专业软件生产中自动化重复任务的工作流文件，也可能为开发人员带来额外的工作负担。然而，此类工作的性质尚未得到充分研究。本文通过对近200个成熟GitHub项目中跨十种编程语言的工作流文件演化进行研究，开展了大规模实证调查以刻画GA工作流的维护特征。我们的研究结果在很大程度上证实了先前关于类似制品维护的结论，同时揭示了GA特有的洞见，例如错误修复和CI/CD改进是GA维护的主要驱动因素。一个直接启示是实践者应当意识到为维护GA工作流进行适当资源规划与分配的必要性，从而揭示了"自动化的隐性成本"。我们的发现还呼吁识别并记录此类维护的最佳实践，以及增强支持依赖项跟踪和改进工作流规范错误报告的工具功能。