From 4bdf8cddecdb064a30be987d20beaba0b6b8d109 Mon Sep 17 00:00:00 2001 From: Ariel Adams Date: Fri, 5 Mar 2021 09:45:20 -0600 Subject: [PATCH 1/2] Fix #73, Add Testing Tools to the Security Policy --- SECURITY.md | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 20c6e24..7c57ec0 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,12 +4,38 @@ To report a vulnerability for the elf2cfetbl subsystem please [submit an issue](https://github.com/nasa/elf2cfetbl/issues/new/choose). -For general cFS vulnerabilities please [open a cFS framework issue](https://github.com/nasa/cfs/issues/new/choose) and see our [top-level security policy](https://github.com/nasa/cFS/security/policy). +For general cFS vulnerabilities please [open a cFS framework issue](https://github.com/nasa/cfs/issues/new/choose) and see our [top-level security policy](https://github.com/nasa/cFS/security/policy) for additional information. In either case please use the "Bug Report" template and provide as much information as possible. Apply appropraite labels for each report. For security related reports, tag the issue with the "security" label. +## Testing + +**Disclaimer: nasa/elf2cfetbl is not responsible for any liability incurred under the [Apache License 2.0](https://github.com/nasa/elf2cfetbl/blob/main/LICENSE).** + +Testing is an important aspect our team values to improve elf2cfetbl. + +To view tools used for the cFS bundle, see our [top-level security policy](https://github.com/nasa/cFS/security/policy). + +### CodeQL + +The [elf2cfetbl CodeQL GitHub Actions workflow](https://github.com/nasa/elf2cfetbl/actions/workflows/codeql-build.yml) is available to the public. To review the results, fork the elf2cfetbl repository and run the CodeQL workflow. + +CodeQL is ran for every push and pull-request on all branches of elf2cfetbl in GitHub Actions. + +For the CodeQL GitHub Actions setup, visit https://github.com/github/codeql-action. + +### Cppcheck + +The [elf2cfetbl Cppcheck GitHub Actions workflow and results](https://github.com/nasa/elf2cfetbl/actions/workflows/static-analysis.yml) are available to the public. To view the results, select a workflow and download the artifacts. + +Cppcheck is ran for every push on the main branch and every pull request on all branches of elf2cfetbl in Github Actions. + +For more information about Cppcheck, visit http://cppcheck.sourceforge.net/. + ## Additional Support -For additional support, email us at cfs-program@lists.nasa.gov. For help using OSAL and cFS, [subscribe to our mailing list](https://lists.nasa.gov/mailman/listinfo/cfs-community) that includes all the community members/users of the NASA core Flight Software (cFS) product line. The mailing list is used to communicate any information related to the cFS product such as current releases, bug findings and fixes, enhancement requests, community meeting notifications, sending out meeting minutes, etc. +For additional support, submit a GitHub issue. You can also email the cfs community at cfs-community@lists.nasa.gov. + +You can subscribe to the mailing list [here](https://lists.nasa.gov/mailman/listinfo/cfs-community) that includes all the community members/users of the NASA core Flight Software (cFS) product line. The mailing list is used to communicate any information related to the cFS product such as current releases, bug findings and fixes, enhancement requests, community meeting notifications, sending out meeting minutes, etc. -If you wish to report a cybersecurity incident or concern please contact the NASA Security Operations Center either by phone at 1-877-627-2732 or via email address soc@nasa.gov. +If you wish to report a cybersecurity incident or concern, please contact the NASA Security Operations Center either by phone at 1-877-627-2732 or via email address soc@nasa.gov. From 4495ad29193a816321b2d7746abc7ea2cc592309 Mon Sep 17 00:00:00 2001 From: Jacob Hageman Date: Fri, 5 Mar 2021 17:50:20 -0500 Subject: [PATCH 2/2] IC-20210305, Update readme and version --- README.md | 4 ++++ elf2cfetbl_version.h | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 939ed0e..87a14ff 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,10 @@ See README.txt for more information. ## Version History +### Development Build: v3.2.0-rc1+dev24 +- Fix #73, Add Testing Tools to the Security Policy +- See + ### Development Build: v3.2.0+dev20 - Changes cpp-styled comments to c-style to meet coding standard - See diff --git a/elf2cfetbl_version.h b/elf2cfetbl_version.h index a44fc06..22e5385 100644 --- a/elf2cfetbl_version.h +++ b/elf2cfetbl_version.h @@ -30,7 +30,7 @@ /* * Development Build Macro Definitions */ -#define ELF2CFETBL_BUILD_NUMBER 20 /*!< @brief Number of commits since baseline */ +#define ELF2CFETBL_BUILD_NUMBER 24 /*!< @brief Number of commits since baseline */ #define ELF2CFETBL_BUILD_BASELINE \ "v3.2.0-rc1" /*!< @brief Development Build: git tag that is the base for the current */