[riot-devel] RIOT OS Student Research
To whom it may concern: My colleague and I are pursuing a research project in regards to the security of IoT Operating Systems. We have selected Riot OS as our focus for our project. We are hoping to ask for some helpful information in regards to the security policies and practices implemented in the standard opensource version of Riot OS, with the ultimate goal of contributing to the Riot OS community the results of our research and suggestions for improvement. Thank you so much in advance for your time and consideration, Dominic Massoni Towson University BS Combined Mathematics & Computer Science ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
[riot-devel] GitHub's new features - A release managers assessment
Dear RIOTers, due to me being the release manager for the first release after GitHub rolled out a bunch of new features I came a lot in contact with them. I thought it might be beneficial to share my impressions and opinions about these features and how we could utilize them as the RIOT community in the future. TL;DR: the new features are great in general but have a few caveats primarily in easy usage. # Projects [1] This feature I utilized the most to organize the release. It basically provides a Trello-like cards-and-columns project management, that allows for adding pull requests and issues directly as cards. The column the card resides in and a link to the card will then be provided in the issue/PR (see e.g. PR 6082). The benefit is that this allows for a much more isolated organisation just in scope of the release (or e.g. a task force effort) than just milestones and issues could provide. Due to this feature it was little effort to draft some release notes from that. But they also come with a few drawbacks. First they are not directly linked to a milestone. E.g. adding an issue to the release project does not set the release milestone automatically, nor does the removal of the milestone remove it from the project. With a project as big as a release this quickly leads to confusion, if the assigned release manager does not stay on top of the game. Speaking of staying on top of the game: other than e.g. Trello no history of the cards, columns and the overall project is provided. Because of that, in a multi-user scenario things quickly might get lost (or lead to some surprises). There is also no way to change the project status of an issue from the issue directly. One always has to click on the current status (opening the link in the same window) and then has to manually change the status via drag-and-drop from one column to the next. All in all I see a benefit in using projects, even if it is just the direct link between issues/PRs and a project that makes it a little less fiddly and a little bit more transparent then e.g. working with an Excel table to organize the release. # Reviews [3] This is basically our time-tested review process formalized. A user can approve a PR, request changes or comment in bulk, but still can leave single comments without any review. All in all I think the feature is great! It integrates nicely into our established workflow and if a PR is approved it is far more visible than just a "looks good" instead of our formal "ACK". The drawbacks I could gather are rather nitpicky and just annoyances. First, GitHub changed the behavior of hitting Ctrl+Enter from leaving a single comment to giving a review comment. Since a review comment is only visible when the review is finalized (i.e. approval, change request, or in-bulk comment) it happened to me more than a few times (and from the comments of my colleagues at the office to them also) that I wrote a comment but nobody saw it for days, since I never finalized my review. The other issue some people had was that you only can approve a PR if you click on the "Files" tab of the PR, then "Review changes", then Approve. To me that is a logical GUI decision since one has to look at the code anyway to approve the code ;-) but I can see that less patient people might want to approve a PR in one click ;-). Lastly, you can't filter for approved PRs (yet) in the search bar (or at least the search terms are not documented by GitHub). A question that was raised by the introduction of this feature: Do we still need the informal ACK in our review process? # New integration methods of a PR We are now able to squash PR commits into one or rebase instead of merge them into master directly from the Web GUI. I don't know if and how well this handles merge conflicts, but I used it primarily to squash pull PRs where the authors did not react on the request to squash. Also a nice feature! # Required CI builds I think this is already a little older and was introduced with branch protection earlier this year, but I activated this for the 2016.10 release branch. I think this is helpful if Murdock does not pick up the PR for any reason, but of course if it fails for a random reason the PR is blocked. Another dimension to this is that one can choose to have the build always be up-to-date with the base branch. I chose this for RC1, RC2 and RC3 but it required unnecessary rebuilds when a PR was merged and another was basically already also build successful, but now needed a rebuild since 2016.10-branch had changed. What are your opinions/experiences so far? Kind Regards, Martine [1] https://help.github.com/articles/tracking-the-progress-of-your-work-with-projects/ [2] https://github.com/RIOT-OS/RIOT/pull/6082 [3] https://help.github.com/articles/about-pull-request-reviews/ ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] RIOT Release 2016.10
Hi! That's awesome and I'm really happy to see another RIOT release out there to conquer the IoT! ;-) Many thanks to Martine for thoroughly managing this release and putting so much work into it. And congrats for the fastest release - only 100 days! [1] And of course, also many thanks to the whole RIOT community for having contributed another great set of new features, bug fixes, and new hardware support! Cheers, Oleg [1] https://github.com/RIOT-OS/RIOT/wiki/release-statistics On Fri, Nov 11, 2016 at 04:07:46PM +0100, Martine Lenders wrote: > Dear RIOTers, > > we are happy to announce the ninth official release of the RIOT: > > --- * RIOT 2016.10 * > --- > > This release provides a lot of new features as well as it fixes several major > bugs. Among these new features are the new simplified network socket API > called sock, the GNRC specific CoAP implementation gcoap and several new > packages: TinyDTLS, the Aversive++ microcontroller library for robotics, the > u8g2 graphic library, and nanocoap. > Using the new sock API an implementation of the Simple Time Network Protocol > (SNTP) was also introduced, allowing for time synchronization between nodes. > New platforms include the Arduino Uno, the Arduino Duemilanove, the Arduino > Zero, SODAQ Autonomo, and the Zolertia remote (rev. B). > The most significant bug fix was done in native which led to a significantly > more robust handling of ISRs and now allows for at least 1,000 native > instances running stably on one machine. > > About 263 pull requests with about 398 commits have been merged since the last > release and about 42 issues have been solved. 37 people contributed with code > in 100 days. 1006 files have been touched with 166500 insertions and 26926 > deletions. > > You can download the RIOT release from Github by cloning the > repository [1] or by > downloading the tarball [2], and look up the release notes for further > details [3]. > > Thanks everyone for your contributions, discussions, testing efforts, > and keep RIOTing! > > Kind regards and wishing you a great weekend, > Martine > > [1] https://github.com/RIOT-OS/RIOT/releases/tag/2016.10 > [2] https://github.com/RIOT-OS/RIOT/archive/2016.10.tar.gz > [3] https://github.com/RIOT-OS/RIOT/blob/master/release-notes.txt > ___ > devel mailing list > devel@riot-os.org > https://lists.riot-os.org/mailman/listinfo/devel -- panic("IRQ, you lose..."); linux-2.2.16/arch/mips/sgi/kernel/indy_int.c signature.asc Description: PGP signature ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] RIOT Release 2016.10
Yay! Thanks a bunch Martine for taking on the role of manager for this release. Congrats to everyone for all the work! Emmanuel On Fri, Nov 11, 2016 at 4:21 PM, Kaspar Schleiserwrote: > Hey, > > congratulations to everyone and thanks for all the hard work! > > On 11/11/2016 04:07 PM, Martine Lenders wrote: > > nanocoap > > As the release notes are not clear on this: > > Nanocoap not only provides CoAP header parsing/building and is used for > that as backend for gcoap. It also provides easy to use server and > client functionality. > > Kaspar > ___ > devel mailing list > devel@riot-os.org > https://lists.riot-os.org/mailman/listinfo/devel > ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] RIOT Release 2016.10
Hey, congratulations to everyone and thanks for all the hard work! On 11/11/2016 04:07 PM, Martine Lenders wrote: > nanocoap As the release notes are not clear on this: Nanocoap not only provides CoAP header parsing/building and is used for that as backend for gcoap. It also provides easy to use server and client functionality. Kaspar ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
[riot-devel] RIOT Release 2016.10
Dear RIOTers, we are happy to announce the ninth official release of the RIOT: --- * RIOT 2016.10 * --- This release provides a lot of new features as well as it fixes several major bugs. Among these new features are the new simplified network socket API called sock, the GNRC specific CoAP implementation gcoap and several new packages: TinyDTLS, the Aversive++ microcontroller library for robotics, the u8g2 graphic library, and nanocoap. Using the new sock API an implementation of the Simple Time Network Protocol (SNTP) was also introduced, allowing for time synchronization between nodes. New platforms include the Arduino Uno, the Arduino Duemilanove, the Arduino Zero, SODAQ Autonomo, and the Zolertia remote (rev. B). The most significant bug fix was done in native which led to a significantly more robust handling of ISRs and now allows for at least 1,000 native instances running stably on one machine. About 263 pull requests with about 398 commits have been merged since the last release and about 42 issues have been solved. 37 people contributed with code in 100 days. 1006 files have been touched with 166500 insertions and 26926 deletions. You can download the RIOT release from Github by cloning the repository [1] or by downloading the tarball [2], and look up the release notes for further details [3]. Thanks everyone for your contributions, discussions, testing efforts, and keep RIOTing! Kind regards and wishing you a great weekend, Martine [1] https://github.com/RIOT-OS/RIOT/releases/tag/2016.10 [2] https://github.com/RIOT-OS/RIOT/archive/2016.10.tar.gz [3] https://github.com/RIOT-OS/RIOT/blob/master/release-notes.txt ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel