Commit Graph

672 Commits

Author SHA1 Message Date
Juliusz Sosinowicz 8754aee447 CI: fix ccache-setup load failure (github context in composite if:)
The scheduled-reseed step gated CCACHE_RECACHE with
`if: github.event_name == 'schedule'`, but the github context is not
available in a composite action's step-level if:. The action manifest
therefore failed to load ("Unrecognized named-value: 'github'"), and
every workflow using ccache-setup broke at the "Set up ccache" step
(build library, make check, Compiler test, Multi-arch test, ...).

Gate on the built-in $GITHUB_EVENT_NAME env var in the shell instead,
which keeps the schedule-only reseed behaviour with no caller changes.
2026-06-15 22:36:35 +00:00
Juliusz Sosinowicz 146e1c3d34 CI: reseed ccache from clean compiles on scheduled runs
The scheduled (cron) refresh restored the prior ccache and recompiled
only the translation units that changed, so unchanged objects were never
rebuilt and the shared cache could drift indefinitely. Set
CCACHE_RECACHE=1 on schedule events - gated inside the ccache-setup
action, so none of the calling workflows change - to force fresh
compiles that re-store every result. PR and push runs are unaffected and
keep their warm hits; only the scheduled jobs pay the full recompile.
2026-06-15 22:36:35 +00:00
Juliusz Sosinowicz 3faaf7818c CI: address Copilot review - offline no-install-recommends, stale comments
- install-apt-deps: the ghcr offline-install path now honors the
  no-install-recommends input; it was always installing recommends,
  diverging from the regular apt path.
- install-apt-deps: correct the ghcr-debs-tag example to a real tag
  (ubuntu-24.04-minimal) - ci-deps-image publishes -minimal/-full
  variants, not a bare <ver> tag.
- os-check: fix the schedule header comment - macOS runs --build-only on
  the weekday cron to seed its ccache (like the linux shards); only
  Windows is skipped on schedule.
2026-06-15 22:36:35 +00:00
Juliusz Sosinowicz dd2f9d3ab8 CI: offload ccache/apt/buildx caches off the GitHub Actions cache
The 10 GB, LRU-evicted, PR-scoped Actions cache was being thrashed - the
docker simulator buildx layers (~6 GiB), plus per-PR ccache and apt-archive
writes whose keys never hit - which kept evicting the shared ccache, while
the apt mirror timed out often enough to break PR CI. Move the heavy caches
to ghcr (free, separate pool) and make PR runs read-only against the Actions
cache.

apt dependencies from prebuilt ghcr .deb bundles
  - ci-deps-image.yml resolves each package list under .github/ci-deps/ into
    its .deb closure and publishes ghcr.io/<owner>/wolfssl-ci-debs:<tag> in
    two tiers: <ver>-minimal (make-check family) and <ver>-full (interop
    superset), for ubuntu-22.04 and 24.04.
  - install-apt-deps gains a ghcr-debs-tag input: pull the bundle and install
    offline (--no-download) so the apt mirror is never on the PR critical
    path. Any failure (bundle missing/not public/incomplete) falls through to
    the existing apt path, so it is always safe to set.

sim-test buildx layers to a shared ghcr registry cache
  - the 7 docker simulator workflows switch from cache-to: type=gha to
    ghcr.io/wolfssl/wolfssl-sim-cache:<scope>. cache-from reads on every run
    (anonymous); cache-to writes only on the weekend cron and manual
    workflow_dispatch. Per-distinct-image tags and de-duplicated writers keep
    parallel matrix jobs from racing on one ref.

ccache: PRs read, the schedule writes
  - ccache-setup gains read-only: PR runs restore the shared master-scoped
    cache but never upload; schedule/push runs refresh it. Wired across
    os-check (linux + macOS), pq-all, smoke-test and the 12 small make-check
    workflows.
  - parallel-make-check.py gains --build-only (compile every config, skip the
    test phase) so weekday-morning seed crons warm the cache PR runs consume.

artifact retention capped at 7 days on the failure-log/result uploads that
previously defaulted to 90.

ONE-TIME SETUP: after their first publish, make the ghcr packages
wolfssl-ci-debs and wolfssl-sim-cache PUBLIC so anonymous pulls work from PR
(including fork) runs; until then everything falls back cleanly.
2026-06-15 22:36:35 +00:00
David Garske f9cd909c4d Merge pull request #10689 from julek-wolfssl/bump-github-actions-node24
.github: bump JavaScript actions to Node.js 24 runtimes
2026-06-15 15:27:01 -07:00
Juliusz Sosinowicz 844852202b .github: bump JavaScript actions to Node.js 24 runtimes
GitHub Actions now emits "Node.js 20 actions are deprecated" warnings:
actions are forced to Node.js 24 by default starting 2026-06-16, and
Node.js 20 is removed from the runners on 2026-09-16. Update every
JavaScript action referenced by the workflows and the local composite
actions to the lowest release that runs on Node.js 24:

  actions/checkout              v4     -> v5
  actions/checkout (SHA pin)    v4.1.7 -> v5
  actions/upload-artifact       v4     -> v6   (v5 still Node.js 20)
  actions/download-artifact     v4     -> v7   (v5/v6 still Node.js 20)
  actions/cache[/restore|/save] v4     -> v5
  actions/setup-python          v5     -> v6
  actions/github-script         v7     -> v8
  docker/setup-buildx-action    v3     -> v4
  docker/build-push-action      v5     -> v7   (v6 still Node.js 20)
  docker/login-action           v3     -> v4
  microsoft/setup-msbuild       v2     -> v3
  open-watcom/setup-watcom      v0     -> v1

Actions already running on Node.js 24 (jwlawson/actions-setup-cmake,
shogo82148/actions-setup-perl, msys2/setup-msys2, dorny/paths-filter)
are left unchanged. These bumps are runtime-only; no workflow uses an
input or output removed by the new majors, and v4-format artifacts
remain compatible across the upload v6 / download v7 backends.
2026-06-15 18:09:04 +00:00
Juliusz Sosinowicz ea3bd56e97 parallel-make-check: fix warning-doc wording and escape every workflow command
Addresses review feedback:
- The "minutes" header comment described the check backwards (the
  estimate drifting from the measured time). Reword it to match the
  code, which warns when the measured time lands more than +/-50% away
  from the estimate.
- Centralize the GitHub workflow-command escaping in gh_escape() and
  apply it to the ::group:: title in dump() and the ::error:: summary in
  main(), not just warn(), so a config name or step carrying %, CR or LF
  cannot corrupt those commands either.
2026-06-15 11:30:00 +00:00
Juliusz Sosinowicz d9079978ed parallel-make-check: percent-encode warn() workflow-command data
A config name comes from JSON and is only checked for emptiness and a
'/', so it can carry %, CR or LF. Passed straight into the ::warning::
workflow command those would truncate the annotation or be parsed as a
second command, so escape them in the GitHub branch of warn() per
GitHub's documented command-data encoding (% first). Local output is
unchanged.
2026-06-15 11:14:06 +00:00
Juliusz Sosinowicz 7b2d19ca86 parallel-make-check: warn when a job runtime drifts >50% from "minutes"
The "minutes" field is only a scheduling estimate; when it goes stale it
just packs the schedule a little worse, and there was no signal that a
value needed updating. Emit a non-fatal warning when a config that
explicitly sets "minutes" finishes more than 50% above or below it (a
GitHub ::warning:: annotation in CI, a plain line locally) and flag the
row in the step-summary table with the value to copy over.

Configs that omit "minutes" keep riding the 1.0 default and are left
alone. The warning never touches the exit status, so it cannot fail the
job.
2026-06-15 08:36:04 +00:00
Michael Rogov Papernov f30cbd4606 skip membrowse comment action on draft PRs 2026-06-13 11:59:58 +01:00
Juliusz Sosinowicz 742a0267f2 trackmemory: raise timeout to 40 min for wolfEntropy runtime variance 2026-06-12 14:12:56 +02:00
Juliusz Sosinowicz 6d1d750ad3 parallel-make-check: reserved names, type hints, readability
- Reject the config names "aux" and "test": build-aux/ is autotools'
  aux-script dir and build-test/ a legacy build dir, neither the
  script's to wipe and rebuild over.
- Add type hints throughout.
- Reword the shard-partition comment (the LPT bound was unparseable)
  and replace the zip-over-pool.map result pairing with a run_one()
  helper so the pool returns complete result rows.
2026-06-12 13:39:28 +02:00
Juliusz Sosinowicz 85d3bc2380 parallel-make-check: drop the --jobs option
wolfSSL's configure enables make's jobserver by default
(AX_AM_JOBSERVER([yes]) -> AM_MAKEFLAGS += -j<nproc+1> in aminclude.am),
and automake passes that explicit -j to every recursive sub-make, where
it overrides the invoking make's job limit. The script's -j therefore
only ever scheduled the outermost recursion hop: --jobs was inert.

Measured on a 4-CPU host with 10 build-only configs oversaturating the
worker pool, the jobserver default is also the better policy: capping
sub-makes via --disable-jobserver and -j2 dropped CPU utilization from
96% to 89% and lengthened the wall time, because configs' serial
phases (configure, link) stopped being backfilled by other configs'
compile jobs. So make is now invoked with no -j at all - parallelism
within a config comes from the configure-default jobserver - and the
misleading knob is gone, including the macOS job's --jobs 3.
2026-06-12 09:47:14 +00:00
Juliusz Sosinowicz 12597308de smoke-test, os-check: pin CCACHE_DIR to the cached path
The two jobs that manage their ccache cache manually rely on ccache's
XDG default (~/.cache/ccache) matching the actions/cache path. That
holds today, but nothing enforces it: a later change that sets
CCACHE_DIR (e.g. adopting the ccache-setup composite, which uses
~/.ccache) would silently decouple the build's cache from the
saved/restored directory. Pin CCACHE_DIR explicitly to the cached
path so the pairing is visible and cannot drift.
2026-06-12 09:47:13 +00:00
Juliusz Sosinowicz 1f6abed28e CI hardening: stamp under set -e, SIGKILL escalation for fail-fast
Third Copilot review round:

- Makefile.am: run the test-data stamp recipe body under set -e. A
  failed symlink mid-loop previously did not fail the compound command
  (only the last command's status counted), so a partially-populated
  build tree could be stamped complete. Now any failed setup command
  aborts the recipe and the stamp is not created.

- parallel-make-check.py: fail-fast sent SIGTERM only, so a test that
  traps or ignores SIGTERM could keep the job alive until the workflow
  timeout. abort_others() now polls the swept processes and SIGKILLs
  whatever is still alive after a 10 s grace period, and the
  post-registration race-window kill escalates the same way (bounded
  wait, then SIGKILL). Verified with a config running
  "trap '' TERM; sleep 300": the run completes in ~10 s with the
  stubborn config reported as aborted and no surviving processes.
2026-06-12 09:47:13 +00:00
Juliusz Sosinowicz eb59a12b36 parallel-make-check: close the fail-fast race, contain callable errors
Two fixes from the second Copilot review round:

A process spawned between abort_others()' live_procs snapshot and its
registration escaped the kill sweep, leaving that build/check running
to completion after fail-fast had begun. Re-check stop_event right
after registering the process and SIGTERM its process group if the
abort already started: either the registration happened before the
sweep's snapshot (the sweep kills it) or it happened after stop_event
was set (the re-check sees it), so the window is closed.

Exceptions from callable steps (user_settings staging, private-dir
copies) used to escape the worker thread and crash the whole script
with no summary. They are now recorded as that config's step failure
with the exception written to its make-check.log, e.g. a bad
"user_settings" path reports FAIL (stage <path>) while the other
configs keep running; the fail-fast bookkeeping is shared with the
nonzero-exit path via record_failure().
2026-06-12 09:47:13 +00:00
Juliusz Sosinowicz a62884599b CI review fixes: JSON validation, log volume, rm -rf, flag spelling
Address the Copilot review:
- parallel-make-check.py: validate "configure" (list of strings) and
  cflags/ldflags (strings) so a malformed entry fails the load instead
  of exploding a string into per-character configure arguments; print
  a single line for passing configs instead of dumping their full
  make-check.log into the CI log (failure dumps unchanged; the logs
  remain in build-<name>/ for the failure artifacts).
- Makefile.am: use rm -rf for the certs/input/quit setup and distclean
  cleanup. A --private-dir run replaces the certs symlink with a
  private directory copy that rm -f cannot remove (verified: make
  distclean in a build dir with a privatized certs/ now succeeds and
  removes it).
- psk.yml, disable-pk-algs.yml: normalize the single-dash tokens
  (-disable-rsa, -disable-ecc, -disable-aescbc, -enable-cryptonly)
  carried verbatim from the old matrices to the canonical double-dash
  form. No coverage change: configure honors single-dash spellings
  (verified -disable-rsa sets NO_RSA with no unrecognized-option
  warning), so these were always in effect; both touched configs
  re-validated end-to-end.

The --cc default stays "ccache gcc": ccache resolves the compiler
through its own masquerade symlinks (verified: no recursion and normal
cache hits with /usr/lib/ccache prepended to PATH), and the explicit
CC= also covers jobs that use ccache without the PATH masquerade.
2026-06-12 09:47:13 +00:00
Juliusz Sosinowicz 3a6c31a51e CI: pool the per-config runner matrices into parallel make-check jobs
Replace the one-runner-per-configuration matrices across the
make-check workflow family with a generic pooled runner,
.github/scripts/parallel-make-check.py. Each workflow keeps its
configuration list as JSON next to the invocation; one runner (or a
small fixed set of shards, balanced by measured per-config minutes)
builds every config in its own out-of-tree (VPATH) build directory off
a single checkout/autogen, on a pool of one-per-CPU worker threads,
longest first. Concurrent checks are isolated with bubblewrap network
namespaces, compilations are cached with ccache, the first failure
aborts the rest (fail-fast, with --no-fail-fast to run everything),
and per-config timings plus pool efficiency land in the step summary.
Failure logs upload as artifacts. smoke-test.yml is likewise reworked
into a single pooled job that runs its nine configs on one runner.

Converted workflows (runner jobs per full pass):
  os-check.yml             101 -> 8  (92 Ubuntu configs -> 4 shards;
                           the macOS matrix, the user-settings jobs and
                           the standalone
                           macos-apple-native-cert-validation.yml fold
                           into one macOS runner; Windows unchanged)
  pq-all.yml                21 -> 2 shards
  disable-pk-algs.yml       15 -> 1
  wolfCrypt-Wconversion.yml 11 -> 1
  trackmemory.yml            7 -> 1
  cryptocb-only.yml          8 -> 1  (incl. the two new SHA512 entries)
  multi-compiler.yml         6 -> 1
  smallStackSize.yml         6 -> 1
  multi-arch.yml             6 -> 1
  async.yml                  5 -> 1
  psk.yml                    5 -> 1
  no-malloc.yml              3 -> 1
  wolfsm.yml                 3 -> 1
  opensslcoexist.yml         2 -> 1

Measured against current upstream passing runs (job execution time,
queue excluded): ~200 runner jobs / ~374 runner-minutes per full pass
become 23 jobs / ~168 runner-minutes, with more coverage than before.
multi-arch's old matrix combined an "include" list of four
architectures with an "opts" axis; GitHub's include-merge rules made
each arch entry overwrite the previous one, so only the armel
combinations actually ran. The pooled list restores the intended
aarch64/armhf/riscv64 coverage (23 combinations; riscv64 x sp-math is
omitted as invalid - configure rejects sp-math without SP, and
--enable-riscv-asm, unlike --enable-sp-asm, does not bring SP in).

Out-of-tree build fixes this depends on:
- Makefile.am: symlink the read-only test data (certs/, tests/ config
  files, sniffer captures and helpers, examples/crypto_policies,
  input, quit) into the build tree via a BUILT_SOURCES stamp, removed
  again in distclean-local. ChangeToWolfRoot() and the script tests
  resolve everything relative to the working directory, so out-of-tree
  make check and make distcheck now pass.
- scripts/multi-msg-record.py: locate the client binary from the build
  tree working directory rather than the script's source directory.
- configure.ac + wolfssl/include.am: run
  support/gen-debug-trace-error-codes.sh from $srcdir; it reads the
  error-code headers from the source tree and generates into the build
  tree.
- tests/swdev: a WOLFBUILD variable points the sub-make at the build
  tree for the configure-generated headers (wolfssl/options.h,
  wolfssl/version.h); the in-tree-only guards are dropped.

Portions of PR #10649 are incorporated: the cross-platform
ccache-setup composite action, repository_owner gates on check-headers
and check-source-text, the docs-only paths-ignore on os-check, and the
libspdm timeout bumps.
2026-06-12 09:47:13 +00:00
night1rider aa7b7defba Switch to use merge branch for PR testing instead of HEAD Branch 2026-06-11 15:57:29 -06:00
Tobias Frauenschläger c73afe67a5 Fixes for Zephyr 4.4 2026-06-11 13:33:27 +02:00
Tobias Frauenschläger 0278d3a72e Reduce flash size for Arduino examples 2026-06-09 15:41:27 +02:00
David Garske bbace5a1cc Merge pull request #10494 from LinuxJedi/STM32MP13-SHAKE
Fix SHAKE with STM32MP13 and add simulator
2026-06-08 15:45:30 -07:00
Daniel Pouzzner 1943a6f33a Merge pull request #10550 from rizlik/sha512_only
add support for WOLF_CRYPTO_CB_ONLY_SHA512
2026-06-08 15:20:08 -05:00
Daniel Pouzzner 8fca95ce65 Merge pull request #10532 from rlm2002/zd21800
Remove chain walk for OCSP responder
2026-06-05 16:27:00 -05:00
Michael Rogov Papernov 5d810f4625 fix membrowse report group 2026-06-04 21:04:16 +01:00
Marco Oliverio 0314b3fed2 cryptocb: support WOLF_CRYPTO_CB_ONLY_SHA512 2026-06-04 20:21:50 +02:00
Daniel Pouzzner 3bf1ae36a7 Merge pull request #10539 from julek-wolfssl/misc/20260527
Guard test_wrong_cs_downgrade on SHA-384 cipher suite; enable SHA disables in minimal DTLS os-check build
2026-06-03 22:50:57 -05:00
Daniel Pouzzner df9f3e4cf9 Merge pull request #10377 from jackctj117/DTLS13-Kernel
docs(linuxkm): document DTLS 1.3 configure flags
2026-06-03 17:58:25 -05:00
Andrew Hutchings 10c1816e35 Add GCC-ARM large linker script for membrowse 2026-06-03 11:21:35 +01:00
Andrew Hutchings 61a77e2dd6 Add lots more membrowse platforms
Lots more ARM Cortex, RiscV, AArch64, linuxkm and some Zephyr
2026-06-03 11:21:35 +01:00
Ruby Martin 5c3100ed5c Remove non-RFC-compliant OCSP responder chain walk. The chain walk
authorized any responder issued by an ancestor of the target's issuer;
  RFC 6960 4.2.2.2 requires direct issuance by the CA identified in the
  request.

    - Remove CheckOcspResponderChain() and WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK.
    - Drop now-unused vp parameter from CheckOcspResponder() and the
      OcspRespCheck() helper; cascade through template and non-template
      paths.

  OCSP test blobs:

    - Re-sign resp_server1_cert with intermediate1-ca (CA-direct path).
    - Add resp_server1_cert_ancestor_responder for the negative test.
    - Embed server1_cert_pem[] in test_ocsp_test_blobs.h so the new test
      runs under NO_FILESYSTEM; matching entry added to
      create_ocsp_test_blobs.py.
    - Regenerate response[] in test_certman.c with intermediate1-ca as
      signer; recipe switched from Wireshark export to openssl -respout
      + xxd -i for reproducibility.
    - Fix self-XOR in test_wolfSSL_CertManagerCheckOCSPResponse so the
      serial byte actually flips (^= 0xFF).

  Live OCSP coverage:

    - Add ocsp-responder-int1 (delegated responder issued directly by
      intermediate1-ca, with id-kp-OCSPSigning EKU) for the
      responder->intermediate->root chain.
    - scripts/ocsp-stapling.test: intermediate1 responder switched to
      ocsp-responder-int1 (delegated path).
    - scripts/ocsp-stapling2.test, scripts/ocsp-stapling_tls13multi.test:
      intermediate2 and intermediate3 sign their OCSP responses with
      their own CA keys (CA-direct path); root block unchanged
      (ocsp-responder-cert is still RFC-compliant for root-issued certs).
    - .github/workflows/ocsp.yml: server1 OCSP responder switched to
      ocsp-responder-int1 to match the cert chain.
    - New test_ocsp_ancestor_responder_rejected confirms the
      ancestor-issued response is rejected with OCSP_LOOKUP_FAIL.
2026-06-02 16:20:37 -06:00
Juliusz Sosinowicz 2703458535 ci: don't run membrowse workflows on forks
Forks with Actions enabled would otherwise run the membrowse build matrix on push/workflow_dispatch and report fork builds to the membrowse backend. Guard the jobs in both workflows with github.repository_owner == 'wolfssl' (combined with the existing draft check in the report workflow), matching tls-anvil.yml and coverity-scan-fixes.yml.

Also default the analyze/onboard matrix to '[]' so strategy expansion does not error when load-targets is skipped on forks or draft PRs.
2026-06-01 18:08:37 +02:00
JacobBarthelmeh f6f27652dd Merge pull request #10495 from LinuxJedi/PIC32MZ-Sim
Add PIC32MZ emulator tests
2026-05-29 16:21:15 -06:00
Juliusz Sosinowicz aff7885baf Guard test_wrong_cs_downgrade on SHA-384 cipher suite; enable SHA disables in minimal DTLS os-check build 2026-05-28 19:36:19 +00:00
Michael Rogov Papernov bddf76d4d1 fix memory report and add path filter 2026-05-27 19:18:00 +01:00
David Garske 08022ffebf CI: cache compiler output in os-check Ubuntu matrix
- Add .github/actions/ccache-setup composite (ccache + PATH intercept).
- Wire into os-check.yml make_check_linux; macOS unchanged for now.
- Measured on master --enable-all: cold 11.6s -> warm 1.1s (~10x), 100% hit.
2026-05-26 10:36:49 -07:00
David Garske a3f5260260 Merge pull request #10500 from rizlik/sha224_only
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
2026-05-26 08:05:47 -07:00
Tobias Frauenschläger 637c07798a Finalize ML-DSA renaming 2026-05-26 14:54:30 +02:00
David Garske b0d2b10c6b GH Actions: retrigger Jenkins PRB when draft PR is marked ready 2026-05-22 15:14:50 -07:00
David Garske 6605060b18 CI: more smoke coverage + header self-sufficiency
- Add AddressSanitizer entry to smoke matrix (--enable-all + -fsanitize=address).
- Add check-headers workflow: 214 public wolfssl/*.h compile standalone.
- Fix quic.h, rng_bank.h, Renesas/renesas-fspsm-crypt.h to be self-sufficient.
- Remove no-tls.yml (its single config is already covered by os-check.yml).
2026-05-21 14:37:11 -07:00
David Garske 7f80896033 CI optimizations
- Skip CI for draft PRs and redundant master-push re-runs; membrowse nightly.
- Add smoke test (8 configs, CFLAGS=-Werror, post-merge tree, fail-fast on conflicts).
- Add wait-for-smoke composite action for downstream CI gating.
- Add check-source-text + bash -n + shellcheck workflow (script in make dist).
- Cache apt-get update in install-apt-deps composite on cache hit.
2026-05-21 13:19:29 -07:00
Marco Oliverio 0c8cabedff crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256 2026-05-19 10:22:06 +02:00
David Garske 145a4fac69 Merge pull request #10449 from LinuxJedi/TropicSim
Add TROPIC01 simulator
2026-05-18 16:34:25 -07:00
David Garske ec101bae98 Merge pull request #10149 from julek-wolfssl/refactor-middle-padding
Refactor record padding handling to eliminate middle padding pattern
2026-05-18 16:34:10 -07:00
Andrew Hutchings ecdf170a91 Fix SHAKE with STM32MP13 and add simulator
This fixes the fact that you can't compile SHAKE when SHA-3 hardware
acceleration is enabled for STM32. It also adds the STM32MP13 emulator
with hardware support from the simulators repo.
2026-05-18 14:56:53 -07:00
Andrew Hutchings f60dc63dad Add PIC32MZ emulator tests
Adds PIC32MZ EC / EF emulators with hardware acceleration. Also fix a
stack pointer free bug in the PIC32 hardware acceleration code.
2026-05-18 14:48:30 -07:00
David Garske 9096bcc8fa Merge pull request #10393 from JacobBarthelmeh/opensslextra
support build --enable-opensslextra with NO_BIO and NO_FILESYSTEM
2026-05-17 22:33:23 -07:00
David Garske 156c088f3c Merge pull request #10475 from julek-wolfssl/ci-apt-cache
ci: switch direct apt usage to install-apt-deps action
2026-05-17 22:19:43 -07:00
David Garske e0f1ae2af8 Merge pull request #10477 from Frauschi/arduino
Improve Arduino CI test
2026-05-17 22:19:31 -07:00
JacobBarthelmeh 3bca71be0b add test case for NO_BIO and NO_FILESYSTEM build with opensslextra 2026-05-15 10:38:24 -06:00