Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

{bp-2921} apps: migrate to SPDX identifier #2922

Merged
merged 38 commits into from
Dec 30, 2024
Merged

{bp-2921} apps: migrate to SPDX identifier #2922

merged 38 commits into from
Dec 30, 2024

Conversation

jerpelea
Copy link
Contributor

@jerpelea jerpelea commented Dec 29, 2024
edited
Loading

Summary

Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

included
#2875
#2877
#2879
#2886
#2882
#2891
#2897
#2909
#2911
#2920
#2921

Impact

RELEASE

Testing

CI

jerpelea and others added 14 commits December 29, 2024 19:01
@jerpelea
Revert "system/nxdiag: Change the order to generate the sysinfo.h file"
19707b8 
This reverts commit 9d7714f.
@tmedicci @jerpelea
system/nxdiag: Change the order to generate the sysinfo.h file
c132d33 
The generation of `sys info.h` depends on evaluating whether
Espressif's HAL exists in the arch folder. However, cloning the HAL
itself happens in the `context` phase of the build, so it is
necessary to wait for it to finish before proceeding to the
evaluation in nxdiag. This is done by using the `depend` phase to
generate the `sysinfo.h` file.
@tmedicci @jerpelea
interpreters/python: Add Python's port to NuttX
08c4ad3 
This is the NuttX's port of Python (cpython)!

Initial support of Python includes building the Python's static
library and the `python` (Programs/python.c) application. Python's
modules are stored in `pyc` (byte-code file) and loaded as needed
from flash.
@tmedicci @jerpelea
interpreters/python: Avoid warnings that could be treated as errors
7923aab 
This commit disables some warnings when building CPython to avoid
CI failing when `EXTRAFLAGS="-Wno-cpp -Werror"` is set.
@anchao @jerpelea
mlearning/tflite-micro: add a config option to redirect micro log to …
dfb2869 
…syslog

new config option TFLITEMICRO_SYSLOG to redirect micro log to syslog

Signed-off-by: chao an <anchao@lixiang.com>
@jerpelea
inertial: migrate to SPDX identifier
cc9d4b6 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
interpreters: migrate to SPDX identifier
dfa8432 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
logging: migrate to SPDX identifier
55e010a 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
lte: migrate to SPDX identifier
ccba9e1 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
math: migrate to SPDX identifier
0dc4245 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
mlearning: migrate to SPDX identifier
1fadb93 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
modbus: migrate to SPDX identifier
40764bb 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
Cmake: migrate the license to ASF
480c5fd 
Xiaomi has submitted the SGA and we can migate the license to ASF

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
netutils: migrate the license to ASF
b5e72b3 
Xiaomi has submitted the SGA and we can migate the license to ASF

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
yamt added 4 commits December 29, 2024 19:07
@yamt @jerpelea
toywasm: bump to v65.0.0
f0bf344
@yamt @jerpelea
toywasm/tmpl: Revert "interpreters: migrate to SPDX identifier"
054739c 
Note that these files are templates used by regen.sh script.
@yamt @jerpelea
interpreters/toywasm/tmpl/license.in: Add SPDX identifier
1dd99d0
@yamt @jerpelea
toywasm: regen
7145e8c 
```
REF=e972e94fa427c3371fb21ad4bb9f238a1cca7795 ./regen.sh
```
@nuttxpr
Copy link

nuttxpr commented Dec 29, 2024

[Experimental Bot, please feedback here]

Fill In The Commit Message: This PR contains a Commit with an Empty Commit Message. Please fill in the Commit Message with the PR Summary.

This PR summary is missing crucial information. While it mentions SPDX identifiers and SBOM generation, it doesn't explain what code changes were made. The summary needs to describe the how – what files were modified and what the modifications do. Linking to other PRs is helpful context, but not a substitute for describing the changes within this PR.

Here's a breakdown of the issues and how to fix them:

  • Summary: Insufficient detail. Instead of just saying "This change brings us a step closer," explain how. For example: "This PR adds SPDX license identifiers to the license headers of files in the [specify directories/files] directory. These identifiers will enable automated tools to generate a Software Bill of Materials (SBOM)." Mention the specific license(s) added.

  • Impact: Saying "RELEASE" is not descriptive. While it might imply a change to the release process or versioning, it's ambiguous. Address each impact point individually and thoroughly. For example:

    • Is new feature added? Is existing feature changed?: YES, Added support for SPDX license identifiers to facilitate SBOM generation.
    • Impact on user: NO (unless there's a user-facing change related to how licenses are displayed or accessed)
    • Impact on build: NO (unless adding the identifiers changes the build process in some way)
    • Impact on hardware: NO
    • Impact on documentation: YES (Documentation should be updated to explain how the SPDX identifiers are used and how to generate an SBOM)
    • Impact on security: Potentially YES. Using standardized license identifiers can help in identifying and mitigating security risks associated with known vulnerabilities in specific open-source components. Explain further.
    • Impact on compatibility: NO (unless there's a specific reason why adding identifiers could break compatibility)
    • Anything else to consider?: Mention any potential issues or considerations related to the SBOM generation process.

  • Testing: Saying "CI" isn't sufficient. While CI testing is important, it needs more context. Specify which CI systems were used and what tests were run. Ideally, provide a summary of the test results. If the related nuttx-apps PRs have relevant test logs, link to them specifically. Don't just assume the reviewer will go through all of them. Since this likely impacts a large number of files, it's helpful to show examples of the changes and how they were tested. A "before" and "after" example would be extremely beneficial.

In short, rewrite the PR description to provide specific details about the changes, their impact, and how they were tested. Don't rely on linked PRs to provide all the necessary information. The PR description should be self-contained and easily understood.

@jerpelea
Copy link
Contributor Author

@xiaoxiang781216 please ignore nxstyle errors

W-M-R and others added 2 commits December 30, 2024 06:39
@W-M-R @jerpelea
mtetest: Add a series of tests for the mte instruction set
b6f0594 
Added basic mte instructions, ldg, stg, irg, gmi instruction tests

➜  NX git:(master) ✗ qemu-system-aarch64 -cpu max -nographic \
        -machine virt,virtualization=on,gic-version=3,mte=on \
        -chardev stdio,id=con,mux=on, -serial chardev:con \
        -mon chardev=con,mode=readline  -kernel ./nuttx/nuttx
- Ready to Boot Primary CPU
- Boot from EL2
- Boot from EL1
- Boot to C runtime for OS Initialize

NuttShell (NSH)
nsh>
nsh>
nsh> mtetest
Spawning process for test: mtetest1
Running test: mtetest1
Test 'mtetest1' completed
Spawning process for test: mtetest2
Running test: mtetest2
Test 'mtetest2' completed
Spawning process for test: mtetest3
Running test: mtetest3
Test 'mtetest3' completed
Spawning process for test: mtetest4
Running test: mtetest4
Test 'mtetest4' completed
Spawning process for test: mtetest5
Running test: mtetest5
Test 'mtetest5' completed
All tests completed.
nsh>

Signed-off-by: wangmingrong1 <wangmingrong1@xiaomi.com>
@tmedicci @jerpelea
ostest: Add test for GCC's tls (CONFIG_SCHED_THREAD_LOCAL)
a37a9b2 
Enables testing the GCC thread local storage (tls) and the __thread
keyword within ostest.
@jerpelea
examples: migrate to SPDX identifier
f8c566a 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
apps: migrate to SPDX identifier
2e6ce64 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
nshlib: migrate to SPDX identifier
3b3002d 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
platform: migrate to SPDX identifier
b7c6b0a 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
sdr: migrate to SPDX identifier
eb200f5 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
video: migrate to SPDX identifier
8e3148d 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
wireless: migrate to SPDX identifier
26e1f1d 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
system: migrate to SPDX identifier
ec897df 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
tee: remove the advertising clause
f84193d 
3. All advertising materials mentioning features or use of this software must
display the following acknowledgement: This product includes software
developed by the University of California, Berkeley and its contributors.

permitted by Berkley amendment
https://ipira.berkeley.edu/sites/default/files/amendment_of_4-clause_bsd_software_license.pdf

following example from NETBSD and OPENBSD
NetBSD/src@eb7c159
openbsd/src@6580fee

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
system/tee: migrate to SPDX identifier
dd59c9b 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
testing: migrate to SPDX identifier
be98514 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
tools: migrate to SPDX identifier
812ad8d 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea
videoutils/x264: migrate license to ASF
a53d122 
Xiaomi has submitted the SGA and we can migrate the licenses to ASF

Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
@jerpelea jerpelea changed the title {bp-2909} apps: migrate to SPDX identifier {bp-2921} apps: migrate to SPDX identifier Dec 30, 2024
@jerpelea
Copy link
Contributor Author

CI fixed by apache/nuttx#15386

@jerpelea jerpelea mentioned this pull request Dec 30, 2024
Merged
@xiaoxiang781216 xiaoxiang781216 merged commit b34ccb8 into apache:releases/12.8 Dec 30, 2024
22 of 25 checks passed
@jerpelea jerpelea deleted the bp-2909 branch December 30, 2024 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xiaoxiang781216 xiaoxiang781216 xiaoxiang781216 approved these changes

Assignees
No one assigned
Labels
Area: Build System Area: Examples Area: Inertial Area: Interpreters Area: Logging Area: LTE Area: Math Area: Mlearning Area: Modbus Area: Networking Area: NSH Area: SDR Area: System Area: Testing Area: Tools Area: Wireless Size: M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@jerpelea @nuttxpr @xiaoxiang781216 @tmedicci @anchao @yamt @eren-terzioglu @jasonbu @W-M-R