Skip to content

lib: blobs: fix url versioning fragility for stm32wba Link Layer 802.15.4 libraries #324

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 3, 2025
Merged

lib: blobs: fix url versioning fragility for stm32wba Link Layer 802.15.4 libraries #324

merged 1 commit into from
Nov 3, 2025

Conversation

@vtardy-st
Copy link
Contributor

@vtardy-st vtardy-st commented Oct 28, 2025
edited
Loading

The url specified in the module.yml for the WBA6_LinkLayer15_4_Zephyr.a and WBA6_LinkLayer_Thread_lib_Zephyr.a libraries takes the main branch as reference. This url format generates a fragility about the association of zephyr and hal_stm32 to a specific historical version of the libraries. Only the last pushed version could be fetched.

In order to fix this fragility, the 'main' in the url is replaced by the SHA-1 of the commit corresponding to the version of the libraries.

Associated to issue :
#98410

@github-actions github-actions bot mentioned this pull request Oct 28, 2025
Merged
etienne-lms
etienne-lms approved these changes Oct 29, 2025
View reviewed changes
Copy link
Contributor

@etienne-lms etienne-lms left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
Maybe add in the commit message that the change makes the reference more robust against later changes in the target repo main branch:

@etienne-lms etienne-lms mentioned this pull request Oct 29, 2025
Closed
@vtardy-st
lib: blobs: fix url for stm32wba Link Layer 802.15.4 libraries
7b2e540 
Replace 'main' by the SHA-1 of the commit in the URL addresses
for WBA6_LinkLayer_Thread_lib_Zephyr.a and
WBA6_LinkLayer15_4_Zephyr.a
This change increases the robustness of the reference of the
libraries to fetch against later changes in the target repo
main branch

Signed-off-by: Vincent Tardy <vincent.tardy@st.com>
@vtardy-st vtardy-st force-pushed the stm32wbax_ll_url_ref_fix branch from dcc460e to 7b2e540 Compare October 29, 2025 09:27
@mathieuchopstm
Copy link

mathieuchopstm commented Oct 30, 2025

FTR this is not strictly speaking a vulnerability as updating the blob would generate a SHA-256 mismatch, but it is for sure not correct to use a branch rather than tag/commit.

@etienne-lms
Copy link
Contributor

etienne-lms commented Oct 30, 2025

Indeed I agree "vulnerability" is not the right wording. "Fragility" may better apply.

@vtardy-st vtardy-st changed the title lib: blobs: fix url vulnerability for stm32wba Link Layer 802.15.4 libraries lib: blobs: fix url versioning fragility for stm32wba Link Layer 802.15.4 libraries Oct 30, 2025
@vtardy-st
Copy link
Contributor Author

vtardy-st commented Oct 30, 2025

Indeed I agree "vulnerability" is not the right wording. "Fragility" may better apply.

PR title changed

@erwango erwango merged commit 93e7944 into zephyrproject-rtos:main Nov 3, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@erwango erwango erwango approved these changes

+2 more reviewers

@etienne-lms etienne-lms etienne-lms approved these changes

@mathieuchopstm mathieuchopstm mathieuchopstm approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vtardy-st @mathieuchopstm @etienne-lms @erwango