sp9unb
/
meshtastic-firmware
sforkowany z mirror/meshtastic-firmware
1
0
Forkuj 0
Kod Zgłoszenia Oczekujące zmiany Packages Projekty Wydania Wiki Aktywność

Trunk, you got a big storm coming, honey

wio-e5
Ben Meadors 2023-01-27 10:22:17 -06:00
rodzic ed155476ac
commit 2e8832babb
8 zmienionych plików z 64 dodań i 69 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE/New Board.yml vendored
Wyświetl plik

@ -28,7 +28,7 @@ body:
description: What LoRa IC does the board have?
validations:
required: true
- type: input
id: link
attributes:

8
.github/actions/setup-base/action.yml vendored
Wyświetl plik

@ -1,5 +1,5 @@
name: 'Setup Build Base Composite Action'
description: 'Base build actions for Meshtastic Platform IO steps'
name: "Setup Build Base Composite Action"
description: "Base build actions for Meshtastic Platform IO steps"
runs:
using: "composite"
@ -10,7 +10,7 @@ runs:
submodules: "recursive"
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}
- name: Install cppcheck
shell: bash
run: |
@ -38,4 +38,4 @@ runs:
- name: Upgrade platformio
shell: bash
run: |
pio upgrade
pio upgrade

6
.github/workflows/build_esp32.yml vendored
Wyświetl plik

@ -7,7 +7,7 @@ on:
required: true
type: string
jobs:
jobs:
build-esp32:
runs-on: ubuntu-latest
steps:
@ -31,7 +31,7 @@ jobs:
- name: Remove debug flags for release
if: ${{ github.event_name == 'workflow_dispatch' }}
run: |
run: |
sed -i '/DDEBUG_HEAP/d' ./arch/esp32/esp32.ini
sed -i '/DDEBUG_HEAP/d' ./arch/esp32/esp32s2.ini
sed -i '/DDEBUG_HEAP/d' ./arch/esp32/esp32s3.ini
@ -46,7 +46,7 @@ jobs:
file: "firmware.bin"
target: "release/bleota.bin"
token: ${{ secrets.GITHUB_TOKEN }}
- name: Get release version string
shell: bash
run: echo "version=$(./bin/buildinfo.py long)" >> $GITHUB_OUTPUT

4
.github/workflows/build_nrf52.yml vendored
Wyświetl plik

@ -7,7 +7,7 @@ on:
required: true
type: string
jobs:
jobs:
build-nrf52:
runs-on: ubuntu-latest
steps:
@ -30,4 +30,4 @@ jobs:
path: |
release/*.uf2
release/*.elf
release/*.zip
release/*.zip

4
.github/workflows/build_rpi2040.yml vendored
Wyświetl plik

@ -7,7 +7,7 @@ on:
required: true
type: string
jobs:
jobs:
build-rpi2040:
runs-on: ubuntu-latest
steps:
@ -29,4 +29,4 @@ jobs:
name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip
path: |
release/*.uf2
release/*.elf
release/*.elf

48
.github/workflows/sec_sast_flawfinder.yml vendored
Wyświetl plik

@ -10,31 +10,31 @@ on:
jobs:
flawfinder:
runs-on: ubuntu-latest
name: Flawfinder
runs-on: ubuntu-latest
name: Flawfinder
steps:
# step 1
- name: clone application source code
uses: actions/checkout@v3
steps:
# step 1
- name: clone application source code
uses: actions/checkout@v3
# step 2
- name: flawfinder_scan
uses: david-a-wheeler/flawfinder@2.0.19
with:
arguments: '--sarif ./'
output: 'flawfinder_report.sarif'
# step 2
- name: flawfinder_scan
uses: david-a-wheeler/flawfinder@2.0.19
with:
arguments: "--sarif ./"
output: "flawfinder_report.sarif"
# step 3
- name: save report as pipeline artifact
uses: actions/upload-artifact@v3
with:
name: flawfinder_report.sarif
path: flawfinder_report.sarif
# step 3
- name: save report as pipeline artifact
uses: actions/upload-artifact@v3
with:
name: flawfinder_report.sarif
path: flawfinder_report.sarif
# step 4
- name: publish code scanning alerts
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: flawfinder_report.sarif
category: flawfinder
# step 4
- name: publish code scanning alerts
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: flawfinder_report.sarif
category: flawfinder

56
.github/workflows/sec_sast_semgrep_cron.yml vendored
Wyświetl plik

@ -6,39 +6,37 @@ on:
branches:
- master
schedule:
- cron: '0 1 * * 6'
- cron: "0 1 * * 6"
jobs:
semgrep-full:
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep
steps:
steps:
# step 1
- name: clone application source code
uses: actions/checkout@v3
# step 1
- name: clone application source code
uses: actions/checkout@v3
# step 2
- name: full scan
run: |
semgrep \
--sarif --output report.sarif \
--metrics=off \
--config="p/default"
# step 2
- name: full scan
run: |
semgrep \
--sarif --output report.sarif \
--metrics=off \
--config="p/default"
# step 3
- name: save report as pipeline artifact
uses: actions/upload-artifact@v3
with:
name: report.sarif
path: report.sarif
# step 3
- name: save report as pipeline artifact
uses: actions/upload-artifact@v3
with:
name: report.sarif
path: report.sarif
# step 4
- name: publish code scanning alerts
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: report.sarif
category: semgrep
# step 4
- name: publish code scanning alerts
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: report.sarif
category: semgrep

5
.github/workflows/sec_sast_semgrep_pull.yml vendored
Wyświetl plik

@ -1,17 +1,14 @@
---
name: Semgrep Differential Scan
on:
pull_request
on: pull_request
jobs:
semgrep-diff:
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep
steps:
# step 1
- name: clone application source code
uses: actions/checkout@v3