Skip to content

Commit

Permalink
Merge pull request #73 from LedgerHQ/develop
Browse files Browse the repository at this point in the history
Align master with p1
  • Loading branch information
sgliner-ledger authored Apr 19, 2024
2 parents 883e4b7 + 7534d00 commit 2e6a96a
Show file tree
Hide file tree
Showing 151 changed files with 9,835 additions and 4,645 deletions.
7 changes: 7 additions & 0 deletions .clusterfuzzlite/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
FROM ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-lite:latest AS LITE_BUILDER

FROM gcr.io/oss-fuzz-base/base-builder:v1
COPY . $SRC/app-cardano
COPY ./.clusterfuzzlite/build.sh $SRC/
COPY --from=LITE_BUILDER /opt/ledger-secure-sdk $SRC/app-cardano/BOLOS_SDK
WORKDIR $SRC/app-cardano
9 changes: 9 additions & 0 deletions .clusterfuzzlite/build.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
#!/bin/bash -eu

# build fuzzers

pushd fuzzing
cmake -DBOLOS_SDK=../BOLOS_SDK -Bbuild -H.
make -C build
mv build/*_harness $OUT
popd
1 change: 1 addition & 0 deletions .clusterfuzzlite/project.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
language: c
8 changes: 8 additions & 0 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# Checklist
<!-- Put an `x` in each box when you have completed the items. -->
- [ ] App update process has been followed <!-- See comment below -->
- [ ] Target branch is `develop` <!-- unless you have a very good reason -->
- [ ] Application version has been bumped <!-- required if your changes are to be deployed -->

<!-- Make sure you followed the process described in https://developers.ledger.com/docs/device-app/deliver/maintenance before opening your Pull Request.
Don't hesitate to contact us directly on Discord if you have any questions ! https://developers.ledger.com/discord -->
41 changes: 41 additions & 0 deletions .github/workflows/cflite_cron.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: ClusterFuzzLite cron tasks
on:
workflow_dispatch:
push:
branches:
- main # Use your actual default branch here.
schedule:
- cron: '0 13 * * 6' # At 01:00 PM, only on Saturday
permissions: read-all
jobs:
Fuzzing:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- mode: batch
sanitizer: address
- mode: batch
sanitizer: memory
- mode: prune
sanitizer: address
- mode: coverage
sanitizer: coverage
steps:
- name: Build Fuzzers (${{ matrix.mode }} - ${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
language: c # Change this to the language you are fuzzing.
sanitizer: ${{ matrix.sanitizer }}
- name: Run Fuzzers (${{ matrix.mode }} - ${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 300 # 5 minutes
mode: ${{ matrix.mode }}
sanitizer: ${{ matrix.sanitizer }}

43 changes: 43 additions & 0 deletions .github/workflows/cflite_pr.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
name: ClusterFuzzLite PR fuzzing
on:
pull_request:
paths:
- '**'
permissions: read-all
jobs:
PR:
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ matrix.sanitizer }}-${{ github.ref }}
cancel-in-progress: true
strategy:
fail-fast: false
matrix:
sanitizer: [address, undefined, memory] # Override this with the sanitizers you want.
steps:
- name: Build Fuzzers (${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: c # Change this to the language you are fuzzing.
github-token: ${{ secrets.GITHUB_TOKEN }}
sanitizer: ${{ matrix.sanitizer }}
# Optional but recommended: used to only run fuzzers that are affected
# by the PR.
# storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git
# storage-repo-branch: main # Optional. Defaults to "main"
# storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages".
- name: Run Fuzzers (${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 300 # 5 minutes
mode: 'code-change'
sanitizer: ${{ matrix.sanitizer }}
output-sarif: true
# Optional but recommended: used to download the corpus produced by
# batch fuzzing.
# storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git
# storage-repo-branch: main # Optional. Defaults to "main"
# storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages".
49 changes: 5 additions & 44 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,47 +10,8 @@ on:
workflow_dispatch:

jobs:
nano_build:
name: Build application for NanoS, X and S+
strategy:
matrix:
include:
- SDK: "$NANOS_SDK"
name: nanos
- SDK: "$NANOX_SDK"
name: nanox
- SDK: "$NANOSP_SDK"
name: nanosp
runs-on: ubuntu-latest
container:
image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
steps:
- name: Clone
uses: actions/checkout@v2
- name: Build
run: |
make clean
make DEBUG=1 BOLOS_SDK=${{ matrix.SDK }}
mv bin/app.elf bin/cardano_${{ matrix.name }}.elf
- name: Upload app binary
uses: actions/upload-artifact@v2
with:
name: apps
path: bin/*.elf

scan-build:
name: Clang Static Analyzer
runs-on: ubuntu-latest
container:
image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
steps:
- uses: actions/checkout@v2
- name: Build with Clang Static Analyzer
run: |
make clean
scan-build --use-cc=clang -analyze-headers -enable-checker security -enable-checker unix -enable-checker valist -o scan-build --status-bugs make default
- uses: actions/upload-artifact@v2
if: failure()
with:
name: scan-build
path: scan-build
build_application:
name: Build application using the reusable workflow
uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_build.yml@v1
with:
upload_app_binaries_artifact: "compiled_app_binaries"
23 changes: 23 additions & 0 deletions .github/workflows/guidelines_enforcer.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Ensure compliance with Ledger guidelines

# This workflow is mandatory in all applications
# It calls a reusable workflow guidelines_enforcer developed by Ledger's internal developer team.
# The successful completion of the reusable workflow is a mandatory step for an app to be available on the Ledger
# application store.
#
# More information on the guidelines can be found in the repository:
# LedgerHQ/ledger-app-workflows/

on:
workflow_dispatch:
push:
branches:
- master
- main
- develop
pull_request:

jobs:
guidelines_enforcer:
name: Call Ledger guidelines_enforcer
uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_guidelines_enforcer.yml@v1
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
ledger
bin
build
debug
dep
obj
Expand Down
22 changes: 19 additions & 3 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,12 +1,28 @@
# Change Log

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](http://keepachangelog.com/)
and this project adheres to [Semantic Versioning](http://semver.org/).


## [5.0.0](TBD) - [TBD]
## [6.0.3](TBD) - [TBD]

Support for CIP-36 voting

### Added

- export of vote keys (1694'/1815'/...)
- support for CIP-36 voting (signing of vote-cast fragments with 1694 keys)
- support for CIP-36 registrations (in transaction auxiliary data)

### Changed

- API for Catalyst voting registration (it is still possible to use CIP-15 in auxiliary data)
- updated list of native tokens recognized by the app with correct decimal places


## [5.0.0](/~https://github.com/LedgerHQ/app-cardano/compare/4.1.2...LedgerHQ:nanos_2.1.0_5.0.0) - [October 11th 2022]

Support for Babbage era

Expand Down Expand Up @@ -189,7 +205,7 @@ d- Support bulk public key export: /~https://github.com/LedgerHQ/app-cardano/pull/

### Fixed

- Serialize reward address instead of staking key into the withdrawals within the transaction body: /~https://github.com/LedgerHQ/app-cardano/pull/2
- Serialize reward address instead of stake key into the withdrawals within the transaction body: /~https://github.com/LedgerHQ/app-cardano/pull/2



Expand Down
79 changes: 0 additions & 79 deletions Dockerfile

This file was deleted.

Loading

0 comments on commit 2e6a96a

Please sign in to comment.