| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The Session cookie is an HttpOnly cookie.
HttpOnly means the cookie cannot be accessed through client side script
because of this the GUI can not delete this cookie on log out.
Recommendation online was setting this cookie to an expired date.
From https://tools.ietf.org/search/rfc6265
"Finally, to remove a cookie, the server returns a Set-Cookie header
with an expiration date in the past. The server will be successful in
removing the cookie only if the Path and the Domain attribute in the
Set-Cookie header match the values used when the cookie was created."
For more information see
https://stackoverflow.com/questions/5285940/correct-way-to-delete-cookies-server-side
Modern browsers delete expired cookies although based on reading it
might not be right away but on the next request from that domain or
when the browser is cleaning up cookies.
When I tested the cookie is deleted right away.
Also set the SESSION to an empty string.
Discussed in discord here:
https://discord.com/channels/775381525260664832/855566794994221117/982351098998321163
Webui-vue and phosphor-webui both use this /logout route:
https://github.com/openbmc/webui-vue/blob/a5fefd0ad25753e5f7da03d77dfe7fe10255ebb6/src/store/modules/Authentication/AuthenticanStore.js#L50
https://github.com/openbmc/phosphor-webui/blob/339db9a4c8610c5ecb92993c0bbc2219933bc858/app/common/services/userModel.js#L46
It seemed unnecessary to add it to the SessionCollection Post.
Tested: No longer have the cookie after log out on webui-vue.
Tested on Firefox and Chrome.
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Change-Id: Ic12b6f628293a80c93ffbbe1bf06c9b2d6a53af7
|
|
bmcweb is in a weird position where, on the one hand, we would like to
support Redfish to the specification, while also supporting a secure
webui. For better or worse, the webui can't currently use non-cookie
auth because of the impacts to things outside of Redfish like
websockets.
This has lead to some odd code in bmcweb that tries to "detect" whether
the browser is present, so we don't accidentally pop up the basic auth
window if a user happens to get logged out on an xhr request. Basic
auth in a browser actually causes CSRF vulnerabilities, as the browser
caches the credentials, so we don't want to make that auth method
available at all.
Previously, this detection was based on the presence of the user-agent
header, but in the years since this code was originally written, a
majority of implementations have moved to sending a user-agent by
default, which makes this check pretty much useless for its purpose. To
work around that, this patchset relies on the X-Requested-With header,
to determine if a json payload request was done by xhr. In theory, all
browsers will set this header when doing xhr requests, so this should
provide a "more correct" solution to this issue.
Background:
https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
"X-Requested-With Mainly used to identify Ajax requests (most JavaScript
frameworks send this field with value of XMLHttpRequest)"
Tested:
curl -vvvv --insecure https://192.168.7.2/redfish/v1/SessionService/Sessions
Now returns a WWW-Authenticate header
Redfish-protocol-validator now passes 7 more tests from the
RESP_HEADERS_WWW_AUTHENTICATE category.
Launched webui-vue and logged in. Responses in network tab appear to
work, and data populates the page as expected.
Used curl to delete redfish session from store with
DELETE /redfish/v1/SessionService/Sessions/<SessionId>
Then clicked an element on the webui, page forwarded to login page as
expected.
Opened https://localhost:8000/redfish/v1/CertificateService in a
browser, and observed that page forwarded to the login page as it
should.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I60345caa41e520c23fe57792bf2e8c16ef144a7a
|
|
clang-tidy has a setting, LambdaBodyIndentation, which it says:
"For callback-heavy code, it may improve readability to have the
signature indented two levels and to use OuterScope."
bmcweb is very callback heavy code. Try to enable it and see if that
improves things. There are many cases where the length of a lambda call
will change, and reindent the entire lambda function. This is really
bad for code reviews, as it's difficult to see the lines changed. This
commit should resolve it. This does have the downside of reindenting a
lot of functions, which is unfortunate, but probably worth it in the
long run.
All changes except for the .clang-format file were made by the robot.
Tested: Code compiles, whitespace changes only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib4aa2f1391fada981febd25b67dcdb9143827f43
|
|
The existing authorization header is actually doing "authentication"
work. The authorization is happening in routing.hpp where we fetch the
role of the authenticated user and get their privilege set.
This commits changes the name of the file, as well as the namespace, to
be more precise on what the file actually does.
Tested:
1. Trivial change, it builds
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: Ib91ed70507a7308522c7e5363ed2f4dc279a19d9
|
|
The bmcweb is implementated as async i/o access, sometimes the input
buffer still has unprocessed data, and the next websocket message comes
in. The input buffer originally reserved only 1 nbd request packet size,
so it will cause buffer overflow exception. Extend the buffer size and
correctly check the remaining buffer size.
v8: fix coding style
v7: remove debug log and proxy.wait() change to keep this change simple
v4: fix coding style
v3: fix coding style
v2: fix coding style
Signed-off-by: Troy Lee <troy_lee@aspeedtech.com>
Change-Id: I8df2445503393f63401678d9f2486a80d31aee16
|
|
Commit 4cee35e ("Add RootOfTrustCollection and RootOfTrust under Google
service root.") still uses the crow::openbmc_mapper::GetSubTreeType
removed in b9d36b4 ("Consitently use dbus::utility types"), causing
build failure. This patch fixes the build issue by using the
dbus::utility::MapperGetSubTreeResponse instead.
Tested:
Build pass.
Change-Id: Ia2ca965f320ef18f431bfcb6d62c9c44eb935d9d
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
|
|
These are Google only resources powered by Hoth DBus interface.
The ComponentsProtected links is hardcoded for now.
But it will be queried from DBus and interpreted accordingly in the
future.
TEST:
$curl -u root:0penBmc -X GET http://[::1]:$PORT/google/v1/RootOfTrustCollection
{
"@odata.id": "/google/v1/RootOfTrustCollection",
"@odata.type": "#RootOfTrustCollection.RootOfTrustCollection",
"Members": [
{
"@odata.id": "/google/v1/RootOfTrustCollection/Hoth"
}
],
"Members@odata.count": 1
}
$ curl -u root:0penBmc -X GET http://[::1]:$PORT/google/v1/RootOfTrustCollection/Hoth
{
"@odata.id": "/google/v1/RootOfTrustCollection/Hoth",
"@odata.type": "#RootOfTrust.v1_0_0.RootOfTrust",
"Actions": {
"#RootOfTrust.SendCommand": {
"target": "/google/v1/RootOfTrustCollection/Hoth/Actions/RootOfTrust.SendCommand"
}
},
"Id": "Hoth",
"Location": {
"PartLocation": {
"ServiceLabel": "Hoth",
"Locationtype": "Embedded"
}
},
"Name": "RootOfTrust-Hoth",
"Status": {
"State": "Enabled"
}
$ curl -u root:0penBmc -X POST -d @req.json -H "Content-Type: application/json" http://[::1]:$PORT/google/v1/RootOfTrustCollection/Hoth/Actions/RootOfTrust.SendCommand
{
"CommandResponse": "033B0000"
}
Signed-off-by: Vidya Satyamsetti <satyamsetti@google.com>
Change-Id: If64612468bb89e6d9251d848697608b7daf37339
|
|
This will generalize it and make it callable from other places
Tested: Added test cases, they pass
Signed-off-by: Josh Lehan <krellan@google.com>
Change-Id: I8df30d6fe6753a2454d7051cc2d8813ddbf14bad
|
|
Brace initialization of json objects, while quite interesting from an
academic sense, are very difficult for people to grok, and lead to
inconsistencies. This patchset aims to remove a majority of them in
lieu of operator[]. Interestingly, this saves about 1% of the binary
size of bmcweb.
This also has an added benefit that as a design pattern, we're never
constructing a new object, then moving it into place, we're always
adding to the existing object, which in the future _could_ make things
like OEM schemas or properties easier, as there's no case where we're
completely replacing the response object.
Tested:
Ran redfish service validator. No new failures.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iae409b0a40ddd3ae6112cb2d52c6f6ab388595fe
|
|
Per the reorganization we've done elsewhere, move this large lambda
function to simplify it.
Tested: Code move only. Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib0586b34809167120bdc127868706ac517db4474
|
|
This file has existed for a long time, and predates redfish-core, so it
was put in an inopportune place.
Move the code to where it should be, in lib.
Tested: Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I422c27563a5e0f2a5debb2b1d4713aa8db0fe331
|
|
Sometimes Slot0 got higher key than Slot1 and erase function for Slot1
invalidates elements with keys not less than the erased element.
In that case invalid slot0 will be unmounted.
Change order of calling close() and erase() functions to
unmount correct device.
Change-Id: I7a40a4518982f697d3eed635cde6d06978149cf0
Signed-off-by: Alicja Rybak <alicja.rybak@intel.com>
Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com>
|
|
Fixes compilation errors after introducing
* 7772638ea777820234e6004ee63dc558e629e35e Remove AsyncResp from
openHandler
* b9d36b4791d77a47e1f3c5c4564fcdf7cc68c115 Consistently use
dbus::utility types
Tested:
When nbd_proxy is enabled, code compiles.
Change-Id: I6422bbcb7086a8ebc6cc48c7c72636afd1e3ac21
Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com>
|
|
As the patch at
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/50994 can attest,
parsing urls with a regex is error prone. We should avoid it where
possible, and we have boost::urls that implements a full, correct, and
unit tested parser.
Ideally, eventually this helper function would devolve into just the
parse_uri, and setting defaults portion, and we could rely on the
boost::urls::url class to pass into things like http_client.
As a side note, because boost url implements port as a proper type-safe
uint16, some interfaces that previously accepted port by std::string&
needed to be modified, and is included in this patch.
Also, once moved, the branch on the ifdef for HTTP push support was
failing a clang-tidy validation. This is a known limitation of using
ifdefs for our code, and something we've solved with the header file, so
move the http push enabler to the header file.
Also note that given this reorganization, two EXPECT statements are
added to the unit tests for user input behaviors that the old code
previously did not handle properly.
Tested: Unit tests passing
Ran Redfish-Event-Listener, saw subscription create properly:
Subcription is successful for https://192.168.7.2, /redfish/v1/EventService/Subscriptions/2197426973
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ia4127c6cbcde6002fe8a50348792024d1d615e8f
|
|
This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.
Tested:
(from previous commit) Opened KVM in webui-vue and it works.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I793f05836aeccdc275b7aaaeede41b3a2c276595
|
|
The Members property within resources is expected to allow create in the
same way the Collection resource does. From the spec:
Submitting a POST request to a resource collection is equivalent to
submitting the same request to the Members property of that resource
collection. Services that support the addition of Members to a resource
collection shall support both forms.
Related: #192
Tested:
Redfish protocol validator, REQ_POST_CREATE_TO_MEMBERS_PROP now passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I5c22325946eab9aec8c690450aa2ea24a6e4e485
|
|
This saves about 4k on the binary size
Tested: Redfish service validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb80e80307889548c0293f
|
|
The HTTP Content-Security-Policy (CSP) plugin-types directive has been
removed from the specification and is not supported by most browsers.
Chrome browser suggests to specify "object-src 'none'" instead to block
plugins, so replace it with that directive.
Refer https://github.com/w3c/webappsec-csp/issues/394 for details about
this change.
Tested:
* In Chrome 99.0.4844.74, it no longer gives errors about CSP
plugin-types directive.
* Checked neiter <embed>, <object> or <applet> tags are used in eiter
phosphor-webui or webui-vue.
* Using webui-vue, KVM and SOL Console works.
Change-Id: I79d7ed1de2c4d204bf040e7b32a7b6afe354862c
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
|
|
This class has been unused for a long time, ever since moving to the
common AsyncResp.
Tested: Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ia74c5ff73e6eb991fac5a8b0292bf59910e9689b
|
|
clang-tidy readability checks are overall a good thing, and help us to
write consistent and readable code, even if it doesn't change the
result.
All changes done by the robot.
Tested: Code compiles, inspection only (changes made by robot)
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iee4a0c74a11eef9f158f0044eae675ebc518b549
|
|
The only changes were to make some functions static, which is
essentially no-op.
Changes were done by the robot.
Tested: Unit tests pass, changes no-op
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id84ca2bee6f237877ba2900b2cbe4679b38a91dc
|
|
In the upcoming fmt patch, we remove the use of streams, and a number of
our logging statements are relying on them. This commit changes them to
no longer rely on operator>> or operator+ to build their strings. This
alone isn't very useful, but in the context of the next patch makes the
automation able to do a complete conversion of all log statements
automatically.
Tested: enabled logging on local and saw log statements print to console
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I0e5dc2cf015c6924037e38d547535eda8175a6a1
|
|
When CI tests are run locally on machine without OpenSSL 3.0, there are
some warnings during clang-tidy scan. They are related to unsupported
c-style code (implicit bool/int conversion, casting, and varagrs
functions). This change is fixing all of them, without changing
functionality.
Testing done:
- running docker image with UTs on local Ubuntu machine with SSL 1.1 is
passing all tests, and no clang errors are reported.
Signed-off-by: Szymon Dompke <szymon.dompke@intel.com>
Change-Id: I5ec91db8f02f487786811afad77080137bab3c9a
|
|
When first committed, I had a misunderstanding of what dedup variant
does. In this case, because we unpack all variants of 64/32 bit and int
vs uint, so in this case, dedup variant doesn't do anything, and just
adds template complexity. In terms of developer readability,
std::variant is a c++ concept that is infinitely googlable, and not
having to look it up through sdbusplus should be better.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ia73b642fd06b24187503196bcdfecb9c896d62c9
|
|
There's nowhere in the codebase where we actually use these as maps.
99% of the time, we just iterate and pull these into specific data
structures anyway, so there's no reason for them to be maps.
This saves a negligible amount (600 bytes) on our compressed binary
size.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I91085cfa2cf8d70e0f0fa0f2f3927776667d834f
|
|
These modifications are from WIP:Redfish:Query parameters:Only
(https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/47474). It will
be used in future CLs for Query Parameters.
The code changed the completion handle to accept Res to be able to
recall handle with a new Response object.
AsyncResp owns a new res, so there is no need to pass in a res.
Also fixed a self-move assignment bug.
Context:
Originally submitted:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/480020
Reveted here:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/48880
Because of failures here:
https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/48864
Tested:
1. Romulus QEMU + Robot tests; all passed
2. Use scripts/websocket_test.py to test websockets. It is still work correctly.
3. Tested in real hardware; no new validator errors; tested both
authless, session, and basic auth.
4. Hacked codes to return 500 errors on certain resource; response is
expected;
5. Tested Eventing, the push style one (not SSE which is still under
review), worked as expected.
6. Tested 404 errors; response is expected.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Signed-off-by: John Edward Broadbent <jebr@google.com>
Change-Id: I52adb174476e0f6656335baa6657456752a031be
|
|
Added support for readJson for Patch and Action. The only difference is
that Patch does not allow empty json input while Action does. Action with
empty input will use the default value based on the implementation and
return 200 OK response code.
readJsonPatch will replace the existing readJson and be used for path
requests. It will not allow empty json input and all requested
keys are required in the json input.
readJsonAction will be used for Action requests where it is possible for
all of the properties to be optional and allow empty request.
The optional properties are determined by the requested values type.
All current Action readJson are replaced with readJsonAction. It does
not change the existing behavior since it needs `std::optional`.
This will have to be updated later as we define the default behavior.
Tested:
Added unit tests and readJsonAction allows empty empty json object.
No Change to Redfish Tree.
Change-Id: Ia5e1f81695c528a20f1dc985aee19c920d8adaea
Signed-off-by: Willy Tu <wltu@google.com>
|
|
All changes done by the robot, and are trivial.
Tested: Code passes clang-tidy.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I04a19bcc5ec74eddf9f3490adbdf70ac5a8bc68f
|
|
This used to rely on the boost::flat_map find() to find the
interface and properties.
After the ManagedObjectType changed to a std::vector of std::pair
it needs to loop instead of using find()
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>
Change-Id: I08d3f09dbfb5ad449aaa058a44d86f4c3eb1a25c
|
|
clang-tidy 14 now detects some more stuff that it couldn't before.
These are all pretty reasonable and things that we enforce today.
All changes were made by the robot.
Tested: Code compiles and unit tests pass.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I880d714c97adc38a190472766fb922fbfb30e82a
|
|
multi_buffer doesn't support empty(), so need to check
for (size() == 0) instead.
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>
Change-Id: I98abaebc68e11d769da57d8e2c1ef54c94f64521
|
|
We only had a few violations of this; Fix them and enable the check.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I159e774fd0169a91a092218ec8dc896ba9edebf4
|
|
We access std::string::npos through member variables in a couple places.
Fix it.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I587f89e1580661aa311dfe4e06591ab38806e241
|
|
These checks ensure that we're not implicitly converting ints or
pointers into bools, which makes the code easier to read.
Tested:
Ran series through redfish service validator. No changes observed.
UUID failing in Qemu both before and after.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1ca0be980d136bd4e5474341f4fd62f2f6bbdbae
|
|
There's a number of redundancies in our code that clang can sanitize
out. Fix the existing problems, and enable the checks.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie63d7b7f0777b702fbf1b23a24e1bed7b4f5183b
|
|
This check involves explicitly declaring variables const when they're
declared auto, which helps in readability, and makes it more clear that
the variables are const.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I71198ea03850384a389a56ad26f2c4a48c75b148
|
|
These checks are a nice addition to our static analysis, as they
simplify code quite a bit, as can be seen by this diff being negative
lines.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I60ede4ad23d7e5337e811d70ddcab24bf8986891
|
|
We don't have too many violations here, probably because we don't have
many optional parameters. Fix the existing instances, and enable the
check.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I4d512f0ec90b060fb60a42fe3cd6ba72fb6c6bcb
|
|
This one is a little trivial, but it does help in readability.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I5366d4eec8af2f781b3bad804131ae2eb806e3aa
|
|
Clang-tidy correctly noted that this method was overly complex and could
be simplified. This commit does exactly that.
Tested: Unit tests run and passing.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ia225f0d8cc5942f776bc8d5b48ca91de40596451
|
|
Do a partial update from the include what you use tool.
While ideally we'd be able to do this as part of CI, there's still quite
a bit of noise in the output that requires manual intervention.
Tested:
Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iaaeb7a9199f64b5d6913c3abab4779b252768ed8
|
|
The following typedefs that are commonly used by redfish services
to get dbus subtree objects:
MapperServiceMap =
std::vector<std::pair<std::string, std::vector<std::string>>>
MapperGetSubTreeResponse =
std::vector<std::pair<std::string, MapperServiceMap>>
This commit adds the above mentioned typedefs to dbus utility namespace
and removes locally defined typedefs in processor.hpp.
Testing:
Validator: No errors
Few sample outputs from curl command:
$ curl -k -X GET https://{$bmc}/redfish/v1/Systems/system/Processors
{
"@odata.id": "/redfish/v1/Systems/system/Processors",
"@odata.type": "#ProcessorCollection.ProcessorCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Processors/dcm0-cpu0"
},
{
"@odata.id": "/redfish/v1/Systems/system/Processors/dcm0-cpu1"
},
{
"@odata.id": "/redfish/v1/Systems/system/Processors/dcm1-cpu0"
},
{
"@odata.id": "/redfish/v1/Systems/system/Processors/dcm1-cpu1"
}
],
"Members@odata.count": 4,
"Name": "Processor Collection"
}
$ curl -k -X GET
https://{$bmc}/redfish/v1/Systems/system/Processors/dcm0-cpu0
{
"@odata.id": "/redfish/v1/Systems/system/Processors/dcm0-cpu0",
"@odata.type": "#Processor.v1_12_0.Processor",
"Id": "dcm0-cpu0",
"Location": {
"PartLocation": {
"ServiceLabel": "U78DA.ND0.WZS004K-P0-C15"
}
},
"LocationIndicatorActive": false,
"Manufacturer": "",
"MaxSpeedMHz": 0,
"Model": "5C67",
"Name": "PROCESSOR MODULE",
"PartNumber": "03JM290",
"ProcessorId": {
"EffectiveFamily": ""
},
"ProcessorType": "CPU",
"SerialNumber": "YA3936061828",
"Socket": "",
"SparePartNumber": "F210110",
"Status": {
"Health": "OK",
"State": "Enabled"
},
"SubProcessors": {
"@odata.id":
"/redfish/v1/Systems/system/Processors/dcm0-cpu0/SubProcessors"
},
"TotalCores": 8,
"TotalThreads": 0
}
$ curl -k -X GET
https://{$bmc}/redfish/v1/Systems/system/Processors/dcm0-cpu0/SubProcessors
{
"@odata.id":
"/redfish/v1/Systems/system/Processors/dcm0-cpu0/SubProcessors",
"@odata.type": "#ProcessorCollection.ProcessorCollection",
"Members": [],
"Members@odata.count": 0,
"Name": "SubProcessor Collection"
}
Signed-off-by: Shantappa Teekappanavar <sbteeks@yahoo.com>
Change-Id: I297c763af38fa5b13ef297e911b338f406b7c6e6
|
|
We only use malloc in one place, when we hand a pointer off to PAM.
Ignore that one issue, and enable the check.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I37c41c193bae1bab370b03944617c642df0179fc
|
|
We only use varargs in some code we borrowed from nlohmann, so ignore
that, and enable the check.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iab1305784e7532e2ee10c617fb59b75aba142ce6
|
|
const_cast is an anti pattern. There are a few places we need to do it
for interacting with C APIs, so enable the checks, and ignore the
existing uses.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: If1748213992b97f5e3e04cf9b86a6fcafbb7cf06
|
|
There were a few places we weren't initting our variables per cpp core
guidelines. Fix all of them, and enable checks for this.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iba09924beb9fb26f597ff94d1cecbd6d6b1af912
|
|
Quite a few places we've disobeyed this rule, so simply ignore them for
now to avoid new issues popping up.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3e518a8e8742279afb3ad1a9dad54006ed109fb1
|
|
We seem to use reinterpret cast in a few cases unfortunately. For the
moment, simply ignore most of them, and make it so we don't get more.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic860cf922576b18cdc8d51d6132f5a9cbcc1d9dc
|
|
Part of enforcing cpp core guidelines involves explicitly including all
constructors required on a non-trivial class. We were missing quite a
few. In all cases, the copy/move/and operator= methods are simply
deleted.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie8d6e8bf2bc311fa21a9ae48b0d61ee5c1940999
|
|
clang-tidy added cppcoreguidelines-init-variables as a check, which is
something we already enforce to some extent, but getting CI to enforce
it will help reviews move faster.
Tested: Code compiles. Noop changes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I7e10950de617b1d3262265572b1703f2e60b69d0
|
