commit | aa627397bf5ca216acd54e05fffee930a6dc5749 | [log] [tgz] |
---|---|---|
author | b4yuan <89487381+b4yuan@users.noreply.github.com> | Thu Oct 26 07:22:52 2023 -0400 |
committer | GitHub <noreply@github.com> | Thu Oct 26 13:22:52 2023 +0200 |
tree | ac07a1a4ff311e1af392852c0608f18b45930971 | |
parent | 8e1bc7250ff6f41a6633ff41388e51644f031c22 [diff] |
Add CodeQL Workflow for Code Security Analysis This introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats. We added a new CodeQL workflow file (.github/workflows/codeql.yml) that - Runs on every push and pull request to the main branch. - Excludes queries with a high false positive rate or low-severity findings. - Does not display results for third-party code, focusing only on our own codebase. Testing: To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code. Deployment: Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps: 1. Under the repository name, click on the Security tab. 2. In the left sidebar, click Code scanning alerts. Additional Information: - You can further customize the workflow to adapt to your specific needs by modifying the workflow file. - For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation. Signed-off-by: Brian <bayuan@purdue.edu>
Apache NimBLE is an open-source Bluetooth 5.4 stack (both Host & Controller) that completely replaces the proprietary SoftDevice on Nordic chipsets. It is part of Apache Mynewt project.
Feature highlight:
Controller supports Nordic nRF51, nRF52 and nRF5340 chipsets as well as DA1469x (cmac) from Renesas. Host runs on any board and architecture supported by Apache Mynewt OS.
If you are browsing around the source tree, and want to see some of the major functional chunks, here are a few pointers:
nimble/controller: Contains code for controller including Link Layer and HCI implementation (controller)
nimble/drivers: Contains drivers for supported radio transceivers (Nordic nRF51 and nRF52) (drivers)
nimble/host: Contains code for host subsystem. This includes protocols like L2CAP and ATT, support for HCI commands and events, Generic Access Profile (GAP), Generic Attribute Profile (GATT) and Security Manager (SM). (host)
nimble/host/mesh: Contains code for Bluetooth Mesh subsystem. (mesh)
nimble/transport: Contains code for supported transport protocols between host and controller. This includes UART, emSPI and RAM (used in combined build when host and controller run on same CPU) (transport)
porting: Contains implementation of NimBLE Porting Layer (NPL) for supported operating systems (porting)
ext: Contains external libraries used by NimBLE. Those are used if not provided by OS (ext)
kernel: Contains the core of the RTOS (kernel/os)
There are also some sample applications that show how to Apache Mynewt NimBLE stack. These sample applications are located in the apps/
directory of Apache Mynewt repo. Some examples:
Several other projects provide support for using NimBLE either by NPL port or forking:
If you publish a NimBLE port, please let us know to include it here!
If you are having trouble using or contributing to Apache Mynewt NimBLE, or just want to talk to a human about what you're working on, you can contact us via the developers mailing list.
Although not a formal channel, you can also find a number of core developers on the #mynewt channel on Freenode IRC or #general channel on Mynewt Slack
Also, be sure to checkout the Frequently Asked Questions for some help troubleshooting first.
Anybody who works with Apache Mynewt can be a contributing member of the community that develops and deploys it. The process of releasing an operating system for microcontrollers is never done: and we welcome your contributions to that effort.
More information can be found at the Community section of the Apache Mynewt website, located here.
Apache Mynewt welcomes pull request via Github. Discussions are done on Github, but depending on the topic, can also be relayed to the official Apache Mynewt developer mailing list dev@mynewt.apache.org.
If you are suggesting a new feature, please email the developer list directly, with a description of the feature you are planning to work on.
Bugs can be filed on the Apache Mynewt NimBLE Issues. Please label the issue as a “Bug”.
Where possible, please include a self-contained reproduction case!
Feature requests should also be filed on the Apache Mynewt NimBLE Bug Tracker. Please label the issue as a “Feature” or “Enhancement” depending on the scope.
We love getting newt tests! Apache Mynewt is a huge undertaking, and improving code coverage is a win for every Apache Mynewt user.
The code in this repository is all under either the Apache 2 license, or a license compatible with the Apache 2 license. See the LICENSE file for more information.