Merge pull request #17 from jelurida-dev/develop

Audit review

.clang-format

@@ -0,0 +1,19 @@
+---
+BasedOnStyle: Google
+IndentWidth: 4
+---
+Language: Cpp
+ColumnLimit: 100
+PointerAlignment: Right
+AlignAfterOpenBracket: Align
+AlignConsecutiveMacros: false
+AllowAllParametersOfDeclarationOnNextLine: false
+SortIncludes: false
+SpaceAfterCStyleCast: true
+AllowShortCaseLabelsOnASingleLine: false
+AllowAllArgumentsOnNextLine: false
+AllowShortBlocksOnASingleLine: Never
+AllowShortFunctionsOnASingleLine: None
+BinPackArguments: false
+BinPackParameters: false
+---

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,8 @@
+# Checklist
+<!-- Put an `x` in each box when you have completed the items. -->
+- [ ] App update process has been followed <!-- See comment below -->
+- [ ] Target branch is `develop` <!-- unless you have a very good reason -->
+- [ ] Application version has been bumped <!-- required if your changes are to be deployed -->
+
+<!-- Make sure you followed the process described in https://developers.ledger.com/docs/embedded-app/maintenance/ before opening your Pull Request.
+Don't hesitate to contact us directly on Discord if you have any questions ! https://developers.ledger.com/discord -->

.github/workflows/build_and_functional_tests.yml

@@ -0,0 +1,80 @@
+name: Build and run functional tests using ragger
+
+# This workflow will build the app and then run functional tests using the Ragger framework upon Speculos emulation.
+# It calls a reusable workflow developed by Ledger's internal developer team to build the application and upload the
+# resulting binaries.
+# It then calls another reusable workflow to run the Ragger tests on the compiled application binary.
+#
+# While this workflow is optional, having functional testing on your application is mandatory and this workflow and
+# tooling environment is meant to be easy to use and adapt after forking your application
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+      - main
+      - develop
+  pull_request:
+
+jobs:
+  build_application:
+    name: Build application
+    uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_build.yml@v1
+    with:
+      upload_app_binaries_artifact: "compiled_app_binaries"
+
+  ragger_tests:
+    name: Run ragger tests
+    needs: build_application
+    uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_ragger_tests.yml@v1
+    with:
+      download_app_binaries_artifact: "compiled_app_binaries"
+
+  job_e2e_tests:
+    name: E2E tests
+    needs: build_application
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+
+    container:
+      image: ghcr.io/ledgerhq/speculos:latest
+      options: --entrypoint /bin/bash
+
+    steps:
+      - name: Install dependencies
+        run: apt update && apt install -qy openjdk-17-jdk-headless git
+
+      - name: Download app binary
+        uses: actions/download-artifact@v3
+        with:
+          name: "compiled_app_binaries"
+          path: /tmp/app/build/
+
+      - name: Run speculos in the background
+        run: |
+          /speculos/speculos.py --display headless --seed "opinion change copy struggle town cigar input kit school patient execute bird bundle option canvas defense hover poverty skill donkey pottery infant sense orchard" /tmp/app/build/nanos/bin/app.elf 2>/tmp/speculos.log &
+          echo $! >/tmp/speculos.pid
+
+      - name: Run tests with Ardor node
+        run: |
+          git clone --branch ledger-tests https://[email protected]/sargue/ardor-ledger-test.git /ardor
+          cd /ardor
+          ./run-unit-tests.sh com.jelurida.ardor.integration.wallet.ledger.application.LedgerSpeculosSuite
+
+      - name: Kill speculos
+        run: kill -9 $(cat /tmp/speculos.pid)
+
+      - name: Upload Speculos log
+        uses: actions/upload-artifact@v3
+        if: failure()
+        with:
+          name: speculos-log
+          path: /tmp/speculos.log
+
+      - name: Upload Ardor log
+        uses: actions/upload-artifact@v3
+        if: failure()
+        with:
+          name: ardor-log
+          path: /ardor/logs/ardor.0.log

.github/workflows/codeql_checks.yml

@@ -0,0 +1,44 @@
+name: "CodeQL"
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+      - main
+      - develop
+  pull_request:
+    # Excluded path: add the paths you want to ignore instead of deleting the workflow
+    paths-ignore:
+      - '.github/workflows/*.yml'
+      - 'tests/*'
+
+jobs:
+  analyse:
+    name: Analyse
+    strategy:
+      matrix:
+        sdk: [ "$NANOS_SDK", "$NANOX_SDK", "$NANOSP_SDK", "$STAX_SDK" ]
+        #'cpp' covers C and C++
+        language: [ 'cpp' ]
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-legacy:latest
+
+    steps:
+      - name: Clone
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-and-quality
+
+      # CodeQL will create the database during the compilation
+      - name: Build
+        run: |
+          make BOLOS_SDK=${{ matrix.sdk }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/coding_style_checks.yml

@@ -0,0 +1,25 @@
+name: Run coding style check through reusable workflow
+
+# This workflow will run linting checks to ensure a level of uniformization among all Ledger applications.
+#
+# The presence of this workflow is mandatory as a minimal level of linting is required.
+# You are however free to modify the content of the .clang-format file and thus the coding style of your application.
+# We simply ask you to not diverge too much from the linting of the Boilerplate application.
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+      - main
+      - develop
+  pull_request:
+
+jobs:
+  check_linting:
+    name: Check linting using the reusable workflow
+    uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_lint.yml@v1
+    with:
+      source: './src'
+      extensions: 'h,c'
+      version: 11

.github/workflows/guidelines_enforcer.yml

@@ -0,0 +1,23 @@
+name: Ensure compliance with Ledger guidelines
+
+# This workflow is mandatory in all applications
+# It calls a reusable workflow guidelines_enforcer developed by Ledger's internal developer team.
+# The successful completion of the reusable workflow is a mandatory step for an app to be available on the Ledger
+# application store.
+#
+# More information on the guidelines can be found in the repository:
+# LedgerHQ/ledger-app-workflows/
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+      - main
+      - develop
+  pull_request:
+
+jobs:
+  guidelines_enforcer:
+    name: Call Ledger guidelines_enforcer
+    uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_guidelines_enforcer.yml@v1

.gitignore

@@ -2,11 +2,15 @@ bin/
 debug/
 dep/
 obj/
+build/
 src/glyphs\.c
 src/glyphs\.h
 usbtool/
-src/txnTypeLists.c
 .vscode/
 output-scan-build/
 tests/build/
-scan-build/
+scan-build/
+.history/
+tests/__pycache__/
+tests/snapshots-tmp/
+.venv/

LICENSE

@@ -1,4 +1,5 @@
 Copyright 2019-2020 Haim Bender
+Copyright 2021-2023 Jelurida IP B.V.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.