This adds SBOM information for submodules, which are not managed
by Espressif. Meaning there is no fork for them in the espressif
namespace. Other submodules should add sbom.yml manifest file to
the root of their git repository.
The SBOM information for submodules is stored in the .gitmodules file.
Each SBOM related variable has the "sbom-" prefix and the following
variables may be used:
sbom-version:
submodule version
sbom-cpe:
CPE record if available in NVD. This will be used by the SBOM
tool to check for possible submodule vulnerabilities. The
version in the CPE can be replaced with the "{}" placeholder,
which will be replaced by the "sbom-version" value from above.
sbom-supplier:
Person or organization who is providing the submodule.
It has to start with "Person:" or "Organization:" prefix
as required by the SPDX-2.2 standard.
sbom-url:
URL to the project if exists, e.g. github.
sbom-description:
Project description.
sbom-hash:
Submodule SHA as recorded in the git-tree. This field is used by
CI to check that the submodule checkout hash and info in .gitmodules
are in sync. IOW if submodule is updated and it has SBOM info in
.gitmodules, the .gitmodules has to be updated too. The test is
part of this commit. The checkout has of the submodule can be found
by using "git submodule status".
Example for micro-ecc submodule
---8<---
[submodule "components/bootloader/subproject/components/micro-ecc/micro-ecc"]
path = components/bootloader/subproject/components/micro-ecc/micro-ecc
url = ../../kmackay/micro-ecc.git
sbom-version = 1.0
sbom-cpe = cpe:2.3🅰️micro-ecc_project:micro-ecc:{}:*:*:*:*:*:*:*
sbom-supplier = Person: Ken MacKay
sbom-url = https://github.com/kmackay/micro-ecc
sbom-description = A small and fast ECDH and ECDSA implementation for 8-bit, 32-bit, and 64-bit processors
sbom-hash = d037ec89546fad14b5c4d5456c2e23a71e554966
---8<---
Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
ESP32S2/C3/C2: fixed S2 dangerous power parameters in sleep modes and support S2/C3/C2 different sleep mode(v5.0)
See merge request espressif/esp-idf!23754
1. mesh: layer2 node will scan all channels when root leave in fixed root network
2. show warning infomation when setting softAP's max connection number
3. update pairwise cipher in softAP
4. overwrite pairwise cipher when softAP auth mode is WPA2 WPA2_WPA3 WAP3
5. fix sta receive csa issue
temperature_sensor: Fix issue that have conflict with phy / Fix phy pwdet and tsens power cannot be set twice issue (v5.0)
See merge request espressif/esp-idf!24066
bugfix: Fixed the crash of LoadProhibited caused by invalid operation on list node in handling hci_hardware_error event (v5.0)
See merge request espressif/esp-idf!23117
1.pm: mesh sleep support phy ref
2.pm: send wake null after scan if txq isn't idle
3.fix esp32 wifi schm interrupted by ble act
4.fix the bug that ble scan start impacts wifi in some coex scenarios
5.fix softAP qos null issue
6.fix the tx data error when change phymode from LR to 11N
7.fix the heap corrupt issue in MTXON task
8.add new api for supplicant to get softAP's max connection
9.owe: reject pmf incapable ciphers for owe connections
10.fix nvs store softap pmk not match ssid&password
11.install keys after successful transmission of eapol 4/4 message
12.add apis to get assoc id and negotiated phymode
13.softAP pmf: handle SA Query bug in AP-STA concurrent mode when both connections are pmf enabled
14.softAP pmf: merge softAP and station SA Query handlers
15.add wpa_sta_connected callback
16.softAP: validate softAP interface when sending beacon
17.ftm: send ftm frames immediately
18.fix ftm procedure with peer failed status 4 issue
19.fix set inactive time crash issue
