SVSHI - Secure and Verified Smart Home Infrastructure

Related tags

Cryptography svshi
Overview

SVSHI - Secure and Verified Smart Home Infrastructure

logo

CI codecov Latest Stable Version License

The SVSHI (Secure and Verified Smart Home Infrastructure) (pronounced like "sushi") project is a platform/runtime/toolchain for developing and running formally verified smart infrastructures, such as smart buildings, smart cities, etc.

It provides a CLI, svshi, to interact easily with the platform.

With SVSHI, a user can develop and run Python applications interacting with KNX systems that are formally verified at both compile and run-time against a set of provided invariants.

Installation

To work, SVSHI needs Python 3.9 (or newer)(download here), pip (pip will be automatically installed by scripts on Windows, on Linux simply use sudo apt install python3-pip and on MacOS use python3 -m ensurepip) and Java 11 (or newer)(download here). Optionally, sbt 1.5.5 (or newer) is needed to build from sources.

To check if the installation was successful, run svshi version in your terminal.

From archive

Unix (Linux / macOS)

To install SVSHI on Linux or macOS:

  1. Download the latest version .zip file from the Releases page
  2. Unzip it, move the folder to the desired installation site, then run ./install.sh inside it.
  3. Add $HOME/local/bin (where the CLI executable is stored) to the path by adding export PATH=$HOME/local/bin:$PATH to your .bash_profile, .zsh_profile, etc.
  4. Add the variable SVSHI_HOME to your environment by adding export SVSHI_HOME=path/to/the/svshi/folder (a path example is ~/svshi-v1.1.0) to your .bash_profile, .zsh_profile, etc.

To update SVSHI, you just need to do the first two steps. However, do not forget to reinstall the applications (stored in installedApps) by moving all the installedApps content in the new version's generated folder and compiling.

Windows

To install SVSHI on Windows:

  1. Download the latest version .zip file from the Releases page
  2. Unzip the archive, move the unzipped folder to the desired installation site. The moved folder must contain (among other things) a src folder and some scripts.
  3. Open a Powershell instance a CD into the unzipped directory.
  4. Setup python3 by executing the script .\setup-python3.ps1. This sets up a python3 alias if it does not exist.

    The command py, python or python3 must be available in your Powershell environment for this script to work!

  5. Reboot your computer.
  6. Execute .\install-pip.ps1 to install pip on your computer
  7. Run the .\install.ps1 script inside the unzipped folder to install the program.

IMPORTANT! use Powershell to execute the scripts!

To update SVSHI, you just need to do steps 1, 2, 3 and 7. However, do not forget to reinstall the applications (stored in installedApps) by moving all the installedApps content in the new version's generated folder and compiling.

From sources

Unix (Linux / macOS)

To build from sources on Linux or macOS:

  1. Clone the repository
  2. Run ./build.sh
  3. Add $HOME/local/bin (where the CLI executable is stored) to the path by adding export PATH=$HOME/local/bin:$PATH to your .bash_profile, .zsh_profile, etc.
  4. Add the variable SVSHI_HOME to your environment by adding export SVSHI_HOME=path/to/your/cloned/repo to your .bash_profile, .zsh_profile, etc.

To update SVSHI, you just need to pull the latest changes and perform step 2. However, do not forget to reinstall the applications (stored in installedApps) by moving all the installedApps content in the new version's generated folder and compiling.

Windows

To build from sources on Windows:

  1. Clone the repository
  2. Open a Powershell instance and CD into the unzipped directory.
  3. Setup python3 by executing the script .\setup-python3.ps1. This sets up a python3 alias if it does not exist.

    The command py, python or python3 must be available in your Powershell environment for this script to work!

  4. Reboot your computer.
  5. Execute .\install-pip.ps1 to install pip on your computer
  6. Run the .\install.ps1 -build $true script inside the cloned folder to install the program.

IMPORTANT! use Powershell to execute the scripts!

To update SVSHI, you just need to pull the latest changes and perform steps 2 and 6. However, do not forget to reinstall the applications (stored in installedApps) by moving all the installedApps content in the new version's generated folder and compiling.

Docker

We also provide a Docker image with all requirements and SVSHI installed. To use it:

  1. Run ./build_docker.sh to build the image
  2. Run ./run_docker.sh to run the docker container. It opens a sh instance in the container with the current directory mapped to /pwd in the container
  3. You can find the repo copied in /home/maki/svshi
  4. svshi command is accessible

Supported devices

  • Binary sensors (deviceType = "binary")
  • Temperature sensors (deviceType = "temperature")
  • Humidity sensors (deviceType = "humidity")
  • CO2 sensors (deviceType = "co2")
  • Switches (deviceType = "switch")

Developing an application

To develop an app for SVSHI:

  1. Create the devices prototypical structure file containing the list of the devices the app should use, as explained in the app prototypical structure section.
  2. Run the app generator, as explained in the app generator section, to get the app skeleton. It will be created under the generated/ folder.
  3. Write your app.
  4. Run svshi to generate the bindings with svshi generateBindings -f ets.knxproj, where the argument is the absolute path to the ETS project file.
  5. Map the right physical ids given in generated/physical_structure.json to the right device in generated/apps_bindings.json. This is needed to provide the devices in the Python code with the group addresses to use. The first file represents the physical structure from the ETS project file, where each communication object has an id. The second one represents the apps structure with the devices and for each of them, the links they need.
  6. Run svshi again to compile and verify the app with svshi compile -f ets.knxproj.

Writing apps

To write an app, you mainly have to modify the main.py file, optionally adding dependencies into the requirements.txt file provided in the generated project. To understand how the project is generated, please refer to the app generation section.

All the available device instances are already imported in main.py. They mirror what has been defined in the device prototypical structure file.

The application can use external files. They however need to have been declared in the prototypical structure json file and they have to be located at the root of the project, next to main.py.

There are two important functions in main.py, invariant() and iteration(). In the first one the user should define all the conditions (or invariants) that the entire KNX system must satisfy throughout execution of all applications, while in the second she should write the app code.

An important thing to be aware of is that iteration() cannot use external libraries directly. Instead, these calls have to be defined first inside unchecked functions, which are functions whose name starts with unchecked and whose return type is explicitly stated. Then, these functions can be used in iteration().

In addition, note that invariant() must return a boolean value, so any kind of boolean expression containing the read properties of the devices and constants is fine. However, here operations with side effects, external libraries calls and unchecked functions calls are not allowed.

Unchecked functions are used as a compromise between usability and formal verification, and as such must be used as little as possible: their content is not verified by SVSHI. Furthermore, they should be short and simple: we encourage developers to add one different unchecked function for each call to an external library. All logic that does not involve calls to the library should be done in iteration() to maximize code that is indeed formally verified. Nonetheless, the user can help the verification deal with their presence by annotating their docstring with post-conditions.

Functions' post-conditions define a set of axioms on the return value of the function: these conditions are assumed to be always true by SVSHI during verification. They are defined like this: post: __return__ > 0. You can use constants and other operations. You can add as much post-conditions as you like and need. Therefore, we encourage developers to avoid having conjunctions in post-conditions but rather to have multiple post-conditions. This does not make difference for the verification but helps the readability.
However, keep in mind that these conditions are assumed to be true during formal verification! If these do not necessarily hold with respect to the external call, bad results can occur at runtime even though the code verification was successful!

An example with multiple post-conditions could be:

0 post: __return__ != 3 """ return external_library_get_int()">
def unchecked_function() -> int:
  """
  post: __return__ > 0
  post: __return__ != 3
  """
  return external_library_get_int()

Furthermore, applications have access to a set of variables (the app state) they can use to keep track of state between calls. Indeed, the iteration() function is called in an event-based manner (either the KNX devices' state changes or a periodic app's timer is finished). All calls to iteration() are independent and thus SVSHI offers a way to store some state that will live in between calls. There is a local state instance per app.

To do so, in main.py the app_state instance is imported along with the devices. This is a dataclass and it contains 4 fields of each of the following types: int, float, bool and str. The fields are called respectively INT_X, FLOAT_X, BOOL_X and STR_X where X equals 0, 1, 2 or 3.

These values can be used in iteration() and invariant(). One should be careful while using it in invariant() or in a condition that will affect the KNX installation's state (the physical state): the formal verification would fail if ANY possible value of the app_state leads to an invalid state after running iteration() even if this case should not occur because of previous calls to iteration() that would have set the values.

App example

In main.py:

from instances import app_state, BINARY_SENSOR, SWITCH


def invariant() -> bool:
    # The switch should be on when the binary sensor is on or when INT_0 == 42, off otherwise
    return ((BINARY_SENSOR.is_on() or app_state.INT_0 == 42) and SWITCH.is_on()) or (not BINARY_SENSOR.is_on() and not SWITCH.is_on())


def iteration():
    if BINARY_SENSOR.is_on() or app_state.INT_0 == 42:
        SWITCH.on()
    else:
        SWITCH.off()

Running the applications

To run all the installed apps (with runtime verification enabled):

  1. In ETS, import the file assignments/assignment.csv to create the group addresses, then assign to each communication object the right group address as presented in assignments/assignment.txt. The name of the group address should help understanding which device it is meant to.
  2. In ETS, do a basic configuration of the devices to make them have the correct basic behaviour (the amount of configuration depends on the particular device)
  3. Execute svshi run -a address:port, where address is the KNX IP gateway address and port is the KNX IP gateway port.

SVSHI logs which apps have been called during execution and which telegrams have been received. You can find the logs in logs/.

Updating an application

If you want to update the code of an app that is already installed, SVSHI offers a simplified process. To be updated, an app must have the same prototypical structure as its previous version and be installed.

To update the app, you then:

  1. Put the new version of the app in the generated folder

    There must be NO other app in the folder

  2. Run svshi updateApp -n app_name where app_name is the app you want to update

Using this process, you do not need to generate or modify the bindings and you do not need to pass an ETS project.

If the new version does not pass the verification stage, the update is aborted and the old set of apps is restored as before the operation.

App generator

Prototypical structure

This JSON file is given by the programmer/developer that wants to develop an application. It represents the prototypical devices that the app needs with their types. It also specifies whether the app is privileged or not ("permissionLevel": "privileged" | "notPrivileged"). A privileged app overrides the behavior of the non-privileged ones at runtime.

Moreover, the timer attribute can be used to run the application even though the physical state has not changed. The app thus becomes a periodic app.

  • If timer == 0 the application runs only when the physical state of the devices it uses changes
  • If timer > 0 the application runs when the physical state changes AND every timer seconds.

The files attributes is used to indicate files that the app needs to work properly. These files must be at the root of the application project (next to main.py).

Once the app is generated, it is moved in the generated apps' folder.

Here is an example:

{
  "permissionLevel": "notPrivileged",
  "timer": 60,
  "files": ["file1.txt", "file2.png"],
  "devices": [
    {
      "name": "name_of_the_instances",
      "deviceType": "type_of_the_devices"
    }
  ]
}

The name is used as the instance name in the Python app that is generated. It should then be unique in a given app, and should follow the Python variables naming conventions: no whitespaces nor numbers. The deviceType should be supported by SVSHI.

Usage

The app generator takes as input the devices JSON file and the name of the app.

Before executing it, you need to create the file containing the list of the devices the app should use, as explained above.

To execute the generator, run svshi generateApp -d devices.json -n app_name, where the first argument is the absolute path to the prototypical structure file and the second one (app_name in the example) is the name of the app to be used. The name has to follow the same rules as for Python modules: short, all-lowercase names. Underscores can be used if it improves readability.

CLI

You can run svshi --help to display the following:

svshi
Secure and Verified Smart Home Infrastructure
  task            The task to run. Can be passed as is. Possible options are 'run', 'compile', 'generateBindings', 'generateApp', 'removeApp', 'listApps' and 'version'. This argument is not case sensitive.
  -f --ets-file 
   
          The ETS project file to use for the tasks 'compile' and 'generateBindings'
  -d --devices-json 
    
       The devices prototypical structure JSON file to use for the task 'generateApp'
  -n --app-name 
     
            The app name to use for the tasks 'generateApp' and 'removeApp'
  -a --address 
      
              The KNX address to use for the task 'run'. The correct format is 'address:port' (ex: 192.168.1.1:5555)
  --no-colors              The flag to disable output coloring
  --all                    The flag to remove all apps for the task 'removeApp'

      
     
    
   

Available commands are:

  • svshi run -a 1.1.1.1:5555 to run all the apps with runtime verification
  • svshi compile -f ets.knxproj to compile all the apps
  • svshi generateBindings -f ets.knxproj to generate the bindings for all the apps
  • svshi generateApp -d devices.json -n app_name to generate a new Python app
  • svshi removeApp -n app_name to remove an installed app
  • svshi updateApp -n app_name to update the code of an app that is already installed
  • svshi listApps to list all the installed apps
  • svshi version to display the CLI version

Shorter aliases are also available:

  • svshi r for svshi run
  • svshi c for svshi compile
  • svshi gb for svshi generateBindings
  • svshi ga for svshi generateApp
  • svshi ra for svshi removeApp
  • svshi ua for svshi updateApp
  • svshi la for svshi listApps
  • svshi v for svshi version

How SVSHI works

Compilation

The compiler combines all applications already installed (in app_library) with new applications (in generated). It generates the bindings between physical and prototypical devices communication objects, assigns group addresses to used physical communication objects and produces useful files for the runtime.

When compiling applications, if the verification passed all checks, applications from generated are moved into app_library to become installed applications.

Bindings

The compiler generates the bindings file to let the developer map physical device communication objects (from the ETS project) to prototypical devices from applications.

Bindings for the installed applications are stored and when svshi generateBindings -f ets.knxproj is called, the new bindings reuse current bindings if the physical structure did not change since last application installation. Therefore, only bindings for new applications are empty and must be filled. If the physical structure changed, the bindings file is a fresh one and all bindings must be entered again.

Verification

Static

When compiling, the apps are also verified to make sure each one of them satisfies the invariants of each app. If not, the procedure fails with helpful error messages. Therefore, the static verification not only catches apps violating the invariants, but it also ensures compatibility between installed apps.

Runtime

Whenever an app wants to update the KNX system, SVSHI verifies whether the update could break the apps' invariants. If it is the case, the app is prevented from running, otherwise the updates are propagated to KNX.

Execution

SVSHI's runtime is reactive and event-based. Applications listen for changes to the group addresses of the devices they use, and are run on a state change (an event). The state transition can be triggered externally by the KNX system or by another app, which then proceeds to notify all the other listeners. Notable exception are apps that run every X seconds based on a timer, which not only react to state changes but are also executed periodically.

Running an application concretely means that its iteration() function is executed on the current physical state of the system and on the current app state.

Apps are always run in alphabetical order in their group (privileged or notPrivileged). The non-privileged apps run first, then the privileged ones: in such a way privileged applications can override the behavior of non-privileged ones.

This execution model has been chosen for its ease of use: users do not need to write while loops or deal with synchronization explicitly.

KNX Virtual

You do not necessarily need to build a KNX infrastructure to test your app. You can use KNX Virtual to run SVSHI. This a Windows-only program that is available on the KNX Association's website1. Once you downloaded and installed it, you can use it exactly as a physical installation with SVSHI. Use the startup settings of KNX Virtual (address and port) when executing svshi run. Default values are 127.0.0.1:3671.

Please be careful and use the right devices inside ETS when configuring the project and refer to the KNX Help for KNX Virtual related issues2.

Contributing

See the contributing guide for detailed instructions on how to get started with the project.

White paper

See the white paper for an in-depth understanding about why SVSHI exists, what it does and how it does it.

License

SVSHI is licensed under the MIT license.

Logo: Copyright @norafisler

Footnotes

  1. https://www.knx.org/knx-en/for-professionals/get-started/knx-virtual/

  2. https://support.knx.org/hc/en-us/sections/360000827779-KNX-Virtual

Comments
  • Bump actions/setup-python from 3 to 4.1.0

    Bump actions/setup-python from 3 to 4.1.0

    Bumps actions/setup-python from 3 to 4.1.0.

    Release notes

    Sourced from actions/setup-python's releases.

    v4.1.0

    In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

    Update-environment input

        - name: setup-python 3.9
          uses: actions/[email protected]
          with:
            python-version: 3.9
            update-environment: false
    

    Besides, we added such changes as:

    v4.0.0

    What's Changed

    • Support for python-version-file input: #336

    Example of usage:

    - uses: actions/[email protected]
      with:
        python-version-file: '.python-version' # Read python version from a file
    - run: python my_script.py
    

    There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

    • Use pypyX.Y for PyPy python-version input: #349

    Example of usage:

    - uses: actions/[email protected]
      with:
        python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
    - run: python my_script.py
    
    • RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

    • Bugfix: create missing pypyX.Y symlinks: #347

    • PKG_CONFIG_PATH environment variable: #400

    • Added python-path output: #405

    ... (truncated)

    Commits
    • c4e89fa Improve readme for 3.x and 3.11-dev style python-version (#441)
    • 0ad0f6a Merge pull request #452 from mayeut/fix-env
    • f0bcf8b Merge pull request #456 from akx/patch-1
    • af97157 doc: Add multiple wildcards example to readme
    • 364e819 Merge pull request #394 from akv-platform/v-sedoli/set-env-by-default
    • 782f81b Merge pull request #450 from IvanZosimov/ResolveVersionFix
    • 2c9de4e Remove duplicate code introduced in #440
    • 412091c Fix tests for update-environment==false
    • 78a2330 Merge pull request #451 from dmitry-shibanov/fx-pipenv-python-version
    • 96f494e trigger checks
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 3
  • Bump actions/setup-java from 3.3.0 to 3.4.1

    Bump actions/setup-java from 3.3.0 to 3.4.1

    Bumps actions/setup-java from 3.3.0 to 3.4.1.

    Release notes

    Sourced from actions/setup-java's releases.

    v3.4.1

    In scope of this release we updated actions/cache package as the new version contains fixes for caching error handling.

    v3.4.0

    In scope of this release we introduce such changes as:

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 3
  • Bump actions/setup-java from 3.4.1 to 3.5.1

    Bump actions/setup-java from 3.4.1 to 3.5.1

    Bumps actions/setup-java from 3.4.1 to 3.5.1.

    Release notes

    Sourced from actions/setup-java's releases.

    v3.5.1

    In scope of this release we change logic for Microsoft Build of OpenJDK. Previously it had hard coded versions. In this release versions were moved to the separate json file. When a new version of Java is released, it can be added to this file and be used without releasing new version of the action.

    v3.5.0

    Add support for multiple jdks

    In scope of this release we add support for multiple jdks. Customers can specify multiple versions of java through java-version input.

        steps:
          - uses: actions/[email protected]
            with:
              distribution: '<distribution>'
              java-version: |
                8
                11
                15
    

    Besides, we added such changes as:

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump actions/setup-java from 3.4.1 to 3.5.0

    Bump actions/setup-java from 3.4.1 to 3.5.0

    Bumps actions/setup-java from 3.4.1 to 3.5.0.

    Release notes

    Sourced from actions/setup-java's releases.

    v3.5.0

    Add support for multiple jdks

    In scope of this release we add support for multiple jdks. Customers can specify multiple versions of java through java-version input.

        steps:
          - uses: actions/[email protected]
            with:
              distribution: '<distribution>'
              java-version: |
                8
                11
                15
    

    Besides, we added such changes as:

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump actions/setup-java from 3.3.0 to 3.4.0

    Bump actions/setup-java from 3.3.0 to 3.4.0

    Bumps actions/setup-java from 3.3.0 to 3.4.0.

    Release notes

    Sourced from actions/setup-java's releases.

    v3.4.0

    In scope of this release we introduce such changes as:

    Commits
    • 16cca54 Merge pull request #346 from pjfanning/patch-1
    • 7b469c4 sbt is a valid cache option value
    • 2506d21 Merge pull request #332 from fmeriaux/sbt-exclude-some-files
    • 187f735 npm run format
    • 48576e5 npm run release
    • fa01820 add documentation notes
    • 6280813 Merge pull request #339 from starburstdata/pp/fix-arm64-architecture
    • ddbbc2f Merge pull request #342 from gdams/msft
    • 4fba831 fix test
    • 1155606 msft: bump jdk17 to 17.0.3 and add aarch64 support to jdk11
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump actions/setup-python from 3 to 4

    Bump actions/setup-python from 3 to 4

    Bumps actions/setup-python from 3 to 4.

    Release notes

    Sourced from actions/setup-python's releases.

    v4.0.0

    What's Changed

    • Support for python-version-file input: #336

    Example of usage:

    - uses: actions/[email protected]
      with:
        python-version-file: '.python-version' # Read python version from a file
    - run: python my_script.py
    

    There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

    • Use pypyX.Y for PyPy python-version input: #349

    Example of usage:

    - uses: actions/[email protected]
      with:
        python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
    - run: python my_script.py
    
    • RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

    • Bugfix: create missing pypyX.Y symlinks: #347

    • PKG_CONFIG_PATH environment variable: #400

    • Added python-path output: #405 python-path output contains Python executable path.

    • Updated zeit/ncc to vercel/ncc package: #393

    • Bugfix: fixed output for prerelease version of poetry: #409

    • Made pythonLocation environment variable consistent for Python and PyPy: #418

    • Bugfix for 3.x-dev syntax: #417

    • Other improvements: #318 #396 #384 #387 #388

    Update actions/cache version to 2.0.2

    In scope of this release we updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-python#382)

    Add "cache-hit" output and fix "python-version" output for PyPy

    This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

    The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

    ... (truncated)

    Commits
    • d09bd5e fix: 3.x-dev can install a 3.y version (#417)
    • f72db17 Made env.var pythonLocation consistent for Python and PyPy (#418)
    • 53e1529 add support for python-version-file (#336)
    • 3f82819 Fix output for prerelease version of poetry (#409)
    • 397252c Update zeit/ncc to vercel/ncc (#393)
    • de977ad Merge pull request #412 from vsafonkin/v-vsafonkin/fix-poetry-cache-test
    • 22c6af9 Change PyPy version to rebuild cache
    • 081a3cf Merge pull request #405 from mayeut/interpreter-path
    • ff70656 feature: add a python-path output
    • fff15a2 Use pypyX.Y for PyPy python-version input (#349)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump actions/setup-python from 4.1.0 to 4.2.0

    Bump actions/setup-python from 4.1.0 to 4.2.0

    Bumps actions/setup-python from 4.1.0 to 4.2.0.

    Release notes

    Sourced from actions/setup-python's releases.

    Add check-latest input and bug fixes

    In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, the version will then be downloaded from python-versions repository. By default check-latest is set to false. For PyPy it will to try to reach https://downloads.python.org/pypy/versions.json

    Example of usage:

    steps:
      - uses: actions/[email protected]
      - uses: actions/[email protected]
        with:
          python-version: '3.9'
          check-latest: true
      - run: python --version
    

    Besides, it includes such changes as

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump actions/setup-java from 2 to 3

    Bump actions/setup-java from 2 to 3

    Bumps actions/setup-java from 2 to 3.

    Release notes

    Sourced from actions/setup-java's releases.

    v3.0.0

    In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2.

    Breaking Changes

    With the update to Node 16 in #290, all scripts will now be run with Node 16 rather than Node 12.

    v2.5.0

    In scope of this pull request we add support for Microsoft Build of OpenJDK (actions/setup-java#252).

    steps:
      - name: Checkout
        uses: actions/[email protected]
      - name: Setup-java
        uses: actions/[email protected]
        with:
          distribution: microsoft
          java-version: 11
    

    Supported distributions

    Currently, the following distributions are supported:

    Keyword Distribution Official site License
    temurin Eclipse Temurin Link Link
    zulu Zulu OpenJDK Link Link
    adopt or adopt-hotspot Adopt OpenJDK Hotspot Link Link
    adopt-openj9 Adopt OpenJDK OpenJ9 Link Link
    liberica Liberica JDK Link Link
    microsoft Microsoft Build of OpenJDK Link Link

    v2.4.0

    In scope of this pull request we add support for Liberica JDK (actions/setup-java#225).

    steps:
      - name: Checkout
        uses: actions/[email protected]
      - name: Setup-java
        uses: actions/[email protected]
        with:
          distribution: liberica
          java-version: 11
    

    Supported distributions

    Currently, the following distributions are supported:

    Keyword Distribution Official site License
    zulu Zulu OpenJDK Link Link
    adopt or adopt-hotspot Adopt OpenJDK Hotspot Link Link
    adopt-openj9 Adopt OpenJDK OpenJ9 Link Link
    temurin Eclipse Temurin Link Link

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump actions/setup-python from 2 to 3.1.1

    Bump actions/setup-python from 2 to 3.1.1

    Bumps actions/setup-python from 2 to 3.1.1.

    Release notes

    Sourced from actions/setup-python's releases.

    Add "cache-hit" output and fix "python-version" output for PyPy

    This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

    The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

    The python-version contains version of Python or PyPy.

    Support caching poetry dependencies and caching on GHES 3.5

    steps:
    - uses: actions/[email protected]
    - name: Install poetry
      run: pipx install poetry
    - uses: actions/[email protected]
      with:
        python-version: '3.9'
        cache: 'poetry'
    - run: poetry install
    - run: poetry run pytest
    

    v3.0.0

    What's Changed

    Breaking Changes

    With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

    This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

    jobs:
      build:
        runs-on: ubuntu-latest
        strategy:
          matrix:
            python-version:
            - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
            - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
            - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
        steps:
        - uses: actions/[email protected]
        - uses: actions/[email protected]
          with:
            python-version: ${{ matrix.python-version }}
    

    See more usage examples in the documentation

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump codecov/codecov-action from 2 to 3

    Bump codecov/codecov-action from 2 to 3

    Bumps codecov/codecov-action from 2 to 3.

    Release notes

    Sourced from codecov/codecov-action's releases.

    v3.0.0

    Breaking Changes

    • #689 Bump to node16 and small fixes

    Features

    • #688 Incorporate gcov arguments for the Codecov uploader

    Dependencies

    • #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
    • #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
    • #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
    • #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
    • #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
    • #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
    • #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
    • #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
    • #667 build(deps): bump actions/checkout from 2 to 3
    • #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
    • #683 build(deps): bump minimist from 1.2.5 to 1.2.6
    • #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
    • #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
    • #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
    • #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
    • #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

    v2.1.0

    2.1.0

    Features

    • #515 Allow specifying version of Codecov uploader

    Dependencies

    • #499 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
    • #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
    • #514 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0

    v2.0.3

    2.0.3

    Fixes

    • #464 Fix wrong link in the readme
    • #485 fix: Add override OS and linux default to platform

    Dependencies

    • #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
    • #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
    • #465 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
    • #466 build(deps-dev): bump @​typescript-eslint/parser from 4.28.4 to 4.29.1
    • #468 build(deps-dev): bump @​types/jest from 26.0.24 to 27.0.0
    • #470 build(deps-dev): bump @​types/node from 16.4.0 to 16.6.0
    • #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
    • #473 build(deps-dev): bump @​types/jest from 27.0.0 to 27.0.1

    ... (truncated)

    Changelog

    Sourced from codecov/codecov-action's changelog.

    3.0.0

    Breaking Changes

    • #689 Bump to node16 and small fixes

    Features

    • #688 Incorporate gcov arguments for the Codecov uploader

    Dependencies

    • #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
    • #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
    • #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
    • #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
    • #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
    • #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
    • #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
    • #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
    • #667 build(deps): bump actions/checkout from 2 to 3
    • #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
    • #683 build(deps): bump minimist from 1.2.5 to 1.2.6
    • #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
    • #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
    • #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
    • #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
    • #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

    2.1.0

    Features

    • #515 Allow specifying version of Codecov uploader

    Dependencies

    • #499 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
    • #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
    • #514 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0

    2.0.3

    Fixes

    • #464 Fix wrong link in the readme
    • #485 fix: Add override OS and linux default to platform

    Dependencies

    • #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
    • #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
    • #465 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
    • #466 build(deps-dev): bump @​typescript-eslint/parser from 4.28.4 to 4.29.1
    • #468 build(deps-dev): bump @​types/jest from 26.0.24 to 27.0.0
    • #470 build(deps-dev): bump @​types/node from 16.4.0 to 16.6.0
    • #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
    • #473 build(deps-dev): bump @​types/jest from 27.0.0 to 27.0.1
    • #478 build(deps-dev): bump @​typescript-eslint/parser from 4.29.1 to 4.29.2
    • #479 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.29.1 to 4.29.2

    ... (truncated)

    Commits
    • e3c5604 Merge pull request #689 from codecov/feat/gcov
    • 174efc5 Update package-lock.json
    • 6243a75 bump to 3.0.0
    • 0d6466f Bump to node16
    • d4729ee fetch.default
    • 351baf6 fix: bash
    • d8cf680 Merge pull request #675 from codecov/dependabot/npm_and_yarn/openpgp-5.2.1
    • b775e90 Merge pull request #676 from codecov/dependabot/npm_and_yarn/actions/exec-1.1.1
    • 2ebc2f0 Merge pull request #682 from codecov/dependabot/npm_and_yarn/typescript-4.6.3
    • 8e2ef2b Merge pull request #681 from codecov/dependabot/npm_and_yarn/types/node-17.0.23
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump actions/setup-python from 2 to 3.1.0

    Bump actions/setup-python from 2 to 3.1.0

    Bumps actions/setup-python from 2 to 3.1.0.

    Release notes

    Sourced from actions/setup-python's releases.

    Support caching poetry dependencies and caching on GHES 3.5

    steps:
    - uses: actions/[email protected]
    - name: Install poetry
      run: pipx install poetry
    - uses: actions/[email protected]
      with:
        python-version: '3.9'
        cache: 'poetry'
    - run: poetry install
    - run: poetry run pytest
    

    v3.0.0

    What's Changed

    Breaking Changes

    With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

    This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

    jobs:
      build:
        runs-on: ubuntu-latest
        strategy:
          matrix:
            python-version:
            - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
            - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
            - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
        steps:
        - uses: actions/[email protected]
        - uses: actions/[email protected]
          with:
            python-version: ${{ matrix.python-version }}
    

    See more usage examples in the documentation

    Update primary and restore keys for pip

    In scope of this release we include a version of python in restore and primary cache keys for pip. Besides, we add temporary fix for Windows caching issue, that the pip cache dir command returns non zero exit code or writes to stderr. Moreover we updated node-fetch dependency.

    Update actions/cache version to 1.0.8

    We have updated actions/cache dependency version to 1.0.8 to support 10GB cache upload

    Support caching dependencies

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump actions/setup-java from 3.4.1 to 3.6.0

    Bump actions/setup-java from 3.4.1 to 3.6.0

    Bumps actions/setup-java from 3.4.1 to 3.6.0.

    Release notes

    Sourced from actions/setup-java's releases.

    v3.6.0

    In scope of this release we added Maven Toolchains Support and Maven Toolchains Declaration. Moreover, from this release we use os.arch to determine default architecture for runners: actions/setup-java#376. Besides, we made such changes as:

    v3.5.1

    In scope of this release we change logic for Microsoft Build of OpenJDK. Previously it had hard coded versions. In this release versions were moved to the separate json file. When a new version of Java is released, it can be added to this file and be used without releasing new version of the action.

    v3.5.0

    Add support for multiple jdks

    In scope of this release we add support for multiple jdks. Customers can specify multiple versions of java through java-version input.

        steps:
          - uses: actions/[email protected]
            with:
              distribution: '<distribution>'
              java-version: |
                8
                11
                15
    

    Besides, we added such changes as:

    Commits
    • de1bb2b feat: support Gradle version catalog (#394)
    • 2c53c1a Update actions/cache to 3.0.4 version (#392)
    • 3617c43 Default to runner architecture (#376)
    • a82e6d0 Update README.md (#391)
    • fbb2692 Merge pull request #390 from rentziass/rentziass/update-actions-core
    • dfcd06a Update @​actions/core to 1.10.0
    • e150063 Merge pull request #282 from Okeanos/maven-toolchains-support
    • eb1418a Add Maven Toolchains Declaration (#276)
    • 499ae9c Merge pull request #387 from akv-platform/v-sdolin/issue-382-docs2
    • a18c333 Add versions-manifest.json for Microsoft Build of OpenJDK (#383)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump actions/setup-python from 4.2.0 to 4.3.0

    Bump actions/setup-python from 4.2.0 to 4.3.0

    Bumps actions/setup-python from 4.2.0 to 4.3.0.

    Release notes

    Sourced from actions/setup-python's releases.

    v4.3.0

    • Update @​actions/core to 1.10.0 version #517
    • Update @​actions/cache to 3.0.4 version #499
    • Only use github.token on github.com #443
    • Improvement of documentation #477 #479 #491 #492
    Commits
    • 13ae5bb Merge pull request #517 from rentziass/rentziass/update-actions-core
    • 0c4d7b8 Update @​actions/core to 1.10.0
    • 13a464f Fix typo (#503)
    • b4fe97e upgrade @​actions/cache so it respects SEGMENT_DOWNLOAD_TIMEOUT_MINS (#499)
    • 434aeab Bump @​actions/core from 1.7.0 to 1.9.1 (#495)
    • 98c991d Only use github.token on github.com (#443)
    • 397a35f Merge pull request #492 from al-cheb/al-cheb/update-runner-link
    • 48a0f00 Update runner links
    • 978fd06 Merge pull request #491 from lkfortuna/patch-2
    • 050e616 Update README.md
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
Releases(v2.1.0)
  • v2.1.0(Aug 12, 2022)

    # Service to discover SVSHI

    This release brings a whole new service that helps users discovering SVSHI and write and test their apps on the simulator!

    Special thanks to @leoalz for his precious help with the simulator development!

    What's Changed

    • Release 2.0 by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/215
    • correct a bug that made IOType wrong in the ETS Parser (#208) by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/218
    • Bump actions/setup-python from 4.1.0 to 4.2.0 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/220
    • Develop the Web service for SVSHI by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/217
    • Release 2.1 by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/221
    Source code(tar.gz)
    Source code(zip)
    svshi-v2.1.0.zip(132.23 MB)
  • v2.0.0(Jul 14, 2022)

    Thanks a lot to @asrv @lmontand @isisdaude @LJRoffler @leoalz for the work on this important release!

    What's Changed

    • Release by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/174
    • Internal datetime by @LJRoffler in https://github.com/dslab-epfl/svshi/pull/164
    • Joint timer by @LJRoffler in https://github.com/dslab-epfl/svshi/pull/177
    • Feature: centralised file system by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/169
    • can now uninstall all apps at once by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/179
    • Searchable physical structure when doing bindings by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/181
    • Bugs that appeared when running by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/182
    • Prototypes filesystem by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/183
    • Bump actions/setup-python from 3 to 4.0.0 by @dependabot in https://github.com/dslab-epfl/svshi/pull/190
    • [FEATURE] GUI show the current state of the system by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/186
    • forbid the use of time module in apps by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/191
    • Let input a JSON file instead of a .knxproj file when generating bindings and compiling by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/192
    • [Feature] isolate unchecked/slow functions by @lmontand in https://github.com/dslab-epfl/svshi/pull/178
    • add simulator to svshi-private by @leoalz in https://github.com/dslab-epfl/svshi/pull/163
    • Bump actions/setup-java from 3.3.0 to 3.4.0 by @dependabot in https://github.com/dslab-epfl/svshi/pull/198
    • Improve GUI style and UX by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/196
    • New device types by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/203
    • Feature: new syntax of trigger_if_not_running for better auto-completion by @lmontand in https://github.com/dslab-epfl/svshi/pull/201
    • Bump lxml from 4.8.0 to 4.9.1 in /src/simulator-knx/requirements by @dependabot in https://github.com/dslab-epfl/svshi/pull/205
    • Improve KNX ETS proj file parser by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/204
    • Correct a bug that made IOType wrong in the ETS Parser by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/208
    • check for apps that are missing mandatory files by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/212
    • Extended_verification_module by @asrv in https://github.com/dslab-epfl/svshi/pull/172
    • Device mapper + renaming of prototipycal devices by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/206
    • Bump actions/setup-python from 4.0.0 to 4.1.0 by @dependabot in https://github.com/dslab-epfl/svshi/pull/210
    • Bump actions/setup-java from 3.4.0 to 3.4.1 by @dependabot in https://github.com/dslab-epfl/svshi/pull/211
    • Add a periodic task to read devices at runtime by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/213

    New Contributors

    • @LJRoffler made their first contribution in https://github.com/dslab-epfl/svshi/pull/164
    • @lmontand made their first contribution in https://github.com/dslab-epfl/svshi/pull/178
    • @leoalz made their first contribution in https://github.com/dslab-epfl/svshi/pull/163

    Full Changelog: https://github.com/dslab-epfl/svshi/compare/v1.4.1...v2.0.0

    What's Changed

    • Release 2.0 by @samuelchassot in https://github.com/dslab-epfl/svshi/pull/12

    Full Changelog: https://github.com/dslab-epfl/svshi/compare/v1.4.1...v2.0.0

    Source code(tar.gz)
    Source code(zip)
    svshi-v2.0.0.zip(59.79 MB)
  • v1.4.1(May 19, 2022)

    This version mainly correct a bug in the Docker preventing it from connecting to a KNX IP interface. It also added improvements to the GUI for a smoother experience.

    What's Changed

    • Bug internal by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/162
    • new local folder for temp folders all at the same place by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/166
    • Docker deployment, GUI bug and version bumps by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/165
    • 170 feature gui get current url to connect to svshi by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/171

    Full Changelog: https://github.com/dslab-epfl/svshi/compare/v1.4.0...v1.4.1

    Source code(tar.gz)
    Source code(zip)
    svshi-v1.4.1.zip(78.35 MB)
  • v1.4.0(May 11, 2022)

    Full Changelog: https://github.com/dslab-epfl/svshi/compare/v1.3.4...v1.4.0## What's Changed

    • Leo's typo by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/132
    • Bump actions/setup-python from 2 to 3 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/135
    • Bump actions/checkout from 2 to 3 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/136
    • Requirements by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/134
    • Refactor the logging system of the runtime and add limit to the by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/137
    • Bump codecov/codecov-action from 2 to 3 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/141
    • Bump dependency versions by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/142
    • Bump actions/setup-java from 2 to 3.1.1 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/144
    • Bump actions/setup-java from 3.1.1 to 3.2.0 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/148
    • Bug that made the verification module handling incorrectly the unchecked functions postconditions by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/149
    • HTTP interface for the Core by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/147
    • Bump actions/setup-java from 3.2.0 to 3.3.0 by @dependabot in https://github.com/dslab-epfl/svshi_private/pull/152
    • Gui by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/155
    • Shared time by @asrv in https://github.com/dslab-epfl/svshi_private/pull/146
    • docker file more separate commands so that raspberry takes more advantage of the cache by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/161
    • Generate a system_behaviour function that is all iterations functions in one by @samuelchassot in https://github.com/dslab-epfl/svshi_private/pull/160

    New Contributors

    • @asrv made their first contribution in https://github.com/dslab-epfl/svshi_private/pull/146
    Source code(tar.gz)
    Source code(zip)
    svshi-v1.4.0.zip(100.93 MB)
  • v1.3.4(Feb 11, 2022)

Owner
Dependable Systems Laboratory
Dependable Systems Laboratory
J. Brandon Walker 1 May 13, 2022
Smart-contracts - open sourcing our upcoming smart contracts for better security and transparency

Smart-contracts - open sourcing our upcoming smart contracts for better security and transparency

Rand Gallery 16 Jul 10, 2022
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Ubuntu

Google 12.8k Nov 23, 2022
seno-blockchain is just a fork of Chia, designed to be efficient, decentralized, and secure

seno-blockchain https://seno.uno Seno is just a fork of Chia, designed to be efficient, decentralized, and secure. Here are some of the features and b

Denis Erygin 27 Jul 2, 2022
Modeval (or Modular Eval) is a modular and secure string evaluation library that can be used to create custom parsers or interpreters.

modeval Modeval (or Modular Eval) is a modular and secure string evaluation library that can be used to create custom parsers or interpreters. Basic U

null 2 Jan 1, 2022
A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python.

pyhcrypt A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python. Usage Pytho

Hongfei Xu 3 Feb 8, 2022
Gold(Gold) is a modern cryptocurrency built from scratch, designed to be efficient, decentralized, and secure

gold-blockchain (Gold) Gold(Gold) is a modern cryptocurrency built from scratch, designed to be efficient, decentralized, and secure. Here are some of

zcomputerwiz 3 Mar 9, 2022
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any token to my BSC wallet address: 0xE75470B9a7c93038195ca116E342c42F6B3F758b

null 474 Nov 15, 2022
Tool to compare smart contracts source code

smartdiffer Tool to compare smart contracts source code. Heavily relies on API of Etherscan and Diffchecker. Installation pip install smartdiffer API

Roman Moskalenko 23 Nov 16, 2022
A repository for Algogenous Smart Contracts created on the Algorand Blockchain.

Smart Contacts Alogrand Smart Contracts using Choice Coin. Read Docs for how to implement Algogenous Smart Contracts for your own applications. Smart

Choice Coin 302 Oct 25, 2022
A repository for Algogenous Smart Contracts created on the Algorand Blockchain.

Smart Contacts This Repository is dedicated to code for Alogrand Smart Contracts using Choice Coin. Read Docs for how to implement Algogenous Smart Co

Choice Coin 302 Oct 25, 2022
cairo_kernel is a simple Jupyter kernel for Cairo a smart contract programing language for STARKs.

cairo_kernel cairo_kernel is a simple Jupyter kernel for Cairo a smart contract programing language for STARKs. Installation Install virtualenv virtua

Ankit Chiplunkar 29 Sep 21, 2022
Implementation of Smart Batch Auction for NFT launches on Tezos.

NFT Smart Batch Auction Smart Batch Auctions are an improvement over the traditional first come first serve (FCFS) NFT drops. FCFS design has been in

Anshu Jalan 5 May 6, 2022
😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations.

?? Shining ?? Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations. Shining is the name of one of my

xxxeyJ 15 Jun 17, 2022
Pythonic Smart Contract Language for the EVM

Getting Started See Installing Vyper to install vyper. See Tools and Resources for an additional list of framework and tools with vyper support. See D

Vyper 4.4k Nov 29, 2022
A workshop to build an NFT smart contract on the polygon blockchain

Polygon NFT Workshop This is an interactive workshop that guides you through the steps to deploy an NFT smart contract on the Polygon blockchain. By t

Banjo Obayomi 56 Oct 14, 2022
Audit of classmate's smart contract in blockchain seminar

Solidity-contract-audit Audit of classmate's smart contract in blockchain seminar Assignment: The task was to create a complete audit, including unit

smrza 0 Feb 4, 2022
This demo is an on-chain NFT auction using smart contracts on the Algorand blockchain.

Algorand Auction Demo This demo is an on-chain NFT auction using smart contracts on the Algorand blockchain. Usage The file auction/operations.py prov

null 1 Jan 27, 2022
TON Command Line Interface - easy smart contract manipulation

toncli The Open Network cross-platform smart contract command line interface. Easy to deploy and interact with TON smart contracts. Installation Toncl

Disintar IO 92 Nov 23, 2022