Skip to content

TEST#4

Open
marelab wants to merge 4742 commits into
marelab:masterfrom
meshtastic:master
Open

TEST#4
marelab wants to merge 4742 commits into
marelab:masterfrom
meshtastic:master

Conversation

@marelab

@marelab marelab commented Mar 15, 2024

Copy link
Copy Markdown
Owner

Thank you for sending in a pull request, here's some tips to get started!

(Please delete all these tips and replace with your text)

  • Before starting on some new big chunk of code, it it is optional but highly recommended to open an issue first
    to say "hey, I think this idea X should be implemented and I'm starting work on it. My general plan is Y, any feedback
    is appreciated." This will allow other devs to potentially save you time by not accidentially duplicating work etc...
  • Please do not check in files that don't have real changes
  • Please do not reformat lines that you didn't have to change the code on
  • We recommend using the Visual Studio Code editor along with the 'Trunk Check' extension (In beta for windows, WSL2 for the linux version),
    because it automatically follows our indentation rules and its auto reformatting will not cause spurious changes to lines.
  • If your PR fixes a bug, mention "fixes #bugnum" somewhere in your pull request description.
  • If your other co-developers have comments on your PR please tweak as needed.
  • Please also enable "Allow edits by maintainers".

mverch67 and others added 28 commits April 1, 2026 08:03
* fix MESHTASTIC_EXCLUDE_SCREEN

* mesh-tab map constraints (2 MB PSRAM)

* point MUI commit to the related PR

---------

Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: thebentern <9000580+thebentern@users.noreply.github.com>
Co-authored-by: thebentern <9000580+thebentern@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
These configs were generated programatically by Opus 4.6.

See: https://github.com/vidplace7/meshtasticd-40pin

Tested with MeshAdv-Pi, other pinmaps are untested but should work.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
These configs were generated programatically by Opus 4.6.

See: https://github.com/vidplace7/meshtasticd-40pin

Tested with MeshAdv-Pi, other pinmaps are untested but should work.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Use Google / Amazon mirrors, not DockerHub, when pulling images for Docker builds.

Should prevent Docker ratelimiting during CI (Actions) builds.
* Upload to PPA via SFTP

* PPA-SFTP: Trust Launchpad's SSH Key

* Move SSH key import next to GPG

* Increase dput timeout...

* Use env for inputs (address semgrep gripe)
…10146)

Addresses cppcheck `src/graphics/EInkParallelDisplay.cpp:205: [low:style] Variable 'prev' can be declared as pointer to const [constVariablePointer]`
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
jp-bennett and others added 30 commits June 17, 2026 18:46
…ition (#10739)

* fix(esp32): skip RTC timer wake on user shutdown

Do not arm esp_sleep_enable_timer_wakeup when msecToWake is portMAX_DELAY (UI shutdown), matching nRF52 system_off semantics.

fix(rak_wismesh_tap_v2): Tag OCV curve and 16MB partition

Add OCV_ARRAY matching WisMesh Tag for accurate SOC. Use 16MB flash partition scheme for TAP V2 hardware.

Co-authored-by: Cursor <cursoragent@cursor.com>

* Trunkt

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
)

* Initial plan

* fix(FSCommon): add file.name()[0] guard in getFiles() for nRF52 LittleFS bug workaround

* style(FSCommon): run clang-format (trunk fmt)

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
…#10754)

* fix(fs): bound getFiles() result size and harden traversal

The recursive filesystem traversal in getFiles() could grow its result
vector without limit, contributing to heap pressure on memory-constrained
devices during client config starts. The implementation also relied on
unbounded strcpy and per-entry String() allocations for dot-suffix
filtering, and leaked the directory handle when the opened path was not
a directory.

Rework the traversal to address all of those at once:

- Add optional maxCount (default 64) and wasLimited out-param. The walk
  stops once maxCount entries have been collected and wasLimited is set,
  so callers can distinguish a complete listing from a truncated one.
  Default arguments preserve backward compatibility for existing callers.

- Extract the recursive walk into a collectFiles() helper in an
  anonymous namespace, accumulating into a single caller-owned vector
  instead of building and inserting temporary vectors at every recursion
  level.

- Replace strcpy with strlcpy so file_name writes are bounded by the
  destination buffer.

- Replace String(name).endsWith(".") with a stack-based
  pathEndsWithDot() helper to avoid a heap allocation per entry.

- Close the directory handle when the opened path is not a directory,
  and close the file in both branches of recursion instead of only the
  leaf branch (the previous code leaked the handle when depth was
  exhausted).

- Compile-gate the std::bad_alloc reserve probe-down behind
  __cpp_exceptions / __EXCEPTIONS so the fallback only compiles where
  bad_alloc is actually catchable. No-exception targets (nRF52, RP2040,
  STM32, ESP32-C6) skip the probe and rely on the bounded maxCount
  alone, which is safe because the default cap is small enough to fit
  comfortably in available RAM on every supported platform.

* fix(phone-api): skip manifest scan for node-info-only config requests

A client can request a node-info-only config response by sending
want_config_id with the SPECIAL_NONCE_ONLY_NODES nonce. The manifest
walk in handleStartConfig() ran unconditionally even though
STATE_SEND_FILEMANIFEST short-circuits past the manifest on that path,
so the SPI lock and recursive filesystem traversal were wasted work.
On memory-constrained devices this extra heap pressure was enough to
trigger allocation aborts and spontaneous reboots before the node-info
response could complete.

Gate the manifest call behind config_nonce != SPECIAL_NONCE_ONLY_NODES
so the node-info-only path no longer touches the filesystem at all, and
release any stale manifest storage left over from a previous run.

For normal full-config requests, also tighten the scan limits from
depth 10 / unbounded to depth 3 / max 64 entries via the new getFiles()
parameters. A 10-level recursive listing was never useful for a client
file picker and amplified heap pressure for no benefit. Log a warning
when the listing was truncated so operators can distinguish a bounded
result from a genuinely empty filesystem.

A few small cleanups fall out of the above:

- Replace raw spiLock->lock()/unlock() with a LockGuard so the lock is
  released even if getFiles() throws on exception-enabled targets.

- Use a releaseFilesManifest() helper (swap-with-empty idiom) in
  close() and the STATE_SEND_FILEMANIFEST drain path instead of the
  previous clear()+shrink_to_fit() pair. Equivalent behavior, but the
  swap idiom is the canonical vector-freeing pattern and centralizing
  it avoids divergence between call sites.

- Use %zu for the size_t log arguments.

* fix(fs): harden bounded directory traversal

Close each child directory entry before recursive descent so bounded manifest scans do not stack file handles on constrained filesystems.

Treat null or overlong paths as truncated listings, handle reserve length failures like allocation failures, and keep manifest constants aligned with repository naming.

* Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
)

* fix(nrf52): restore BLE security state on resume

NRF52Bluetooth::shutdown() swaps the passkey callback to onUnwantedPairing() while Bluetooth is disabled. resumeAdvertising() used to restart GAP advertising without rebuilding that security state, which could leave the node advertising while normal pairing attempts were still rejected until reboot.

Restore the configured security state before advertising resumes. PIN-based modes reinstall the pairing, completion, and secured callbacks, explicitly restore display-only IO capabilities, and explicitly require MITM. NO_PIN mode clears those callbacks and clears MITM after setPairPasskeyCallback(nullptr), because Bluefruit enables MITM as a callback-setter side effect even when clearing the callback.

Share the same restore helpers with setup(), keep TX power setup symmetric with the resume path, and log unexpected onUnwantedPairing() hits so callback poisoning is visible in diagnostics.

* fix(nrf52): remove blocking BLE pairing wait

NRF52Bluetooth::onPairingPasskey() blocked the firmware loop for up to 30 seconds when match_request was true. That wait did not yield or delay, so it could starve application-level BLE event handling while the SoftDevice connection was active.

Remove the busy-wait. The passkey UI remains visible because pairing completion and disconnect callbacks already dismiss it, so pairing can continue through the normal callback flow without stalling the rest of the firmware.

* fix(nrf52): redact BLE pairing secrets from logs

The nRF52 BLE pairing path logged both the configured boot PIN and the per-pairing passkey at INFO level. Those values can be exposed through serial diagnostics or log streaming even though they are intended only for the pairing UI and status observers.

Keep the diagnostic signal without printing secret digits: log that a PIN is configured, log the pairing start with match_request state, and remove the now-unused passkey-splitting locals and duplicate match_request log.
Co-authored-by: vidplace7 <1779290+vidplace7@users.noreply.github.com>
Avoid nested spiLock acquisition in MessageStore::clearAllMessages() by
only holding the lock during the write() call. SafeFile's constructor
and close() methods already handle their own spiLock acquisition, so
nesting the guard around the entire operation causes a deadlock until
the watchdog timer triggers a reset.

Relates to PR #10809.
The automated trunk upgrade (#10865) enabled ascii-dash@SYSTEM and
too-many-defined@SYSTEM without any lint.definitions for them, so trunk
reports 'not a supported linter' (trunk/config-error) and fails the Trunk
Check on every open PR. trunk_check.yml runs on pull_request only, so
master's push CI never caught it. Remove the two undefined entries to
restore a valid config; the version bumps from #10865 are kept.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.