From fc0a137a0953f8e07ed00f763aadcae9992593a5 Mon Sep 17 00:00:00 2001 From: Umberto Baldi <34278123+umbynos@users.noreply.github.com> Date: Thu, 16 May 2024 11:29:44 +0200 Subject: [PATCH 01/37] use eToken for signing (#950) * fix typo * use eToken for signing, create a dedicated step for signing * update workflow, we have a certificate and no longer a container for win * env var $GITHUB_REF not expanded in step input causing workflow to fail * bump runner, so that we get an updated version of openssl OpenSSL 1.1.1f-1ubuntu2.22 in Ubuntu 20.04 https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2004-Readme.md OpenSSL 3.0.2-0ubuntu1.15 in Ubuntu 22.04 https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2204-Readme.md * add flag to correctly recognize the algorithm see https://github.com/openssl/openssl/discussions/23089 * remove double quotes, they cause errors with new version of openssl: `Could not read certificate from ` --- .github/workflows/check-certificates.yml | 69 +++++++++++++++--------- .github/workflows/release.yml | 59 +++++++++++++++----- 2 files changed, 92 insertions(+), 36 deletions(-) diff --git a/.github/workflows/check-certificates.yml b/.github/workflows/check-certificates.yml index 28e8297c1..694792dcd 100644 --- a/.github/workflows/check-certificates.yml +++ b/.github/workflows/check-certificates.yml @@ -26,7 +26,7 @@ jobs: if: > (github.event_name != 'pull_request' && github.repository == 'arduino/arduino-create-agent') || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == 'arduino/arduino-create-agent') - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 strategy: fail-fast: false @@ -37,9 +37,11 @@ jobs: - identifier: macOS signing certificate # Text used to identify certificate in notifications. certificate-secret: INSTALLER_CERT_MAC_P12 # Name of the secret that contains the certificate. password-secret: INSTALLER_CERT_MAC_PASSWORD # Name of the secret that contains the certificate password. + type: pkcs12 - identifier: Windows signing certificate - certificate-secret: INSTALLER_CERT_WINDOWS_PFX - password-secret: INSTALLER_CERT_WINDOWS_PASSWORD + certificate-secret: INSTALLER_CERT_WINDOWS_CER + # The password for the Windows certificate is not needed, because its not a container, but a single certificate. + type: x509 steps: - name: Set certificate path environment variable @@ -58,9 +60,10 @@ jobs: CERTIFICATE_PASSWORD: ${{ secrets[matrix.certificate.password-secret] }} run: | ( - openssl pkcs12 \ + openssl ${{ matrix.certificate.type }} \ -in "${{ env.CERTIFICATE_PATH }}" \ - -noout -passin env:CERTIFICATE_PASSWORD + -noout -passin env:CERTIFICATE_PASSWORD \ + -legacy ) || ( echo "::error::Verification of ${{ matrix.certificate.identifier }} failed!!!" exit 1 @@ -83,25 +86,43 @@ jobs: CERTIFICATE_PASSWORD: ${{ secrets[matrix.certificate.password-secret] }} id: get-days-before-expiration run: | - EXPIRATION_DATE="$( - ( - openssl pkcs12 \ - -in "${{ env.CERTIFICATE_PATH }}" \ - -clcerts \ - -nodes \ - -passin env:CERTIFICATE_PASSWORD - ) | ( - openssl x509 \ - -noout \ - -enddate - ) | ( - grep \ - --max-count=1 \ - --only-matching \ - --perl-regexp \ - 'notAfter=(\K.*)' - ) - )" + if [[ ${{ matrix.certificate.type }} == "pkcs12" ]]; then + EXPIRATION_DATE="$( + ( + openssl pkcs12 \ + -in ${{ env.CERTIFICATE_PATH }} \ + -clcerts \ + -nodes \ + -passin env:CERTIFICATE_PASSWORD \ + -legacy + ) | ( + openssl x509 \ + -noout \ + -enddate + ) | ( + grep \ + --max-count=1 \ + --only-matching \ + --perl-regexp \ + 'notAfter=(\K.*)' + ) + )" + elif [[ ${{ matrix.certificate.type }} == "x509" ]]; then + EXPIRATION_DATE="$( + ( + openssl x509 \ + -in ${{ env.CERTIFICATE_PATH }} \ + -noout \ + -enddate + ) | ( + grep \ + --max-count=1 \ + --only-matching \ + --perl-regexp \ + 'notAfter=(\K.*)' + ) + )" + fi DAYS_BEFORE_EXPIRATION="$((($(date --utc --date="$EXPIRATION_DATE" +%s) - $(date --utc +%s)) / 60 / 60 / 24))" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2ae2cf4e4..33fe2b7e8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,7 +45,7 @@ jobs: run: shell: bash -# by default disable CGO, it's not needed (except on macos) + # by default disable CGO, it's not needed (except on macos) env: CGO_ENABLED: 0 @@ -157,7 +157,7 @@ jobs: create-macos-bundle: needs: build - # for not they are exaclty the same + # for now they are exaclty the same strategy: matrix: arch: [amd64, arm64] @@ -371,9 +371,6 @@ jobs: # vars used by installbuilder INSTALLBUILDER_PATH: "/opt/installbuilder-23.11.0/bin/builder" INSTALLER_VARS: "project.outputDirectory=$PWD project.version=${GITHUB_REF##*/} workspace=$PWD realname=Arduino_Create_Agent" - # installbuilder will read this vars automatically (defined in installer.xml): - INSTALLER_CERT_WINDOWS_PASSWORD: ${{ secrets.INSTALLER_CERT_WINDOWS_PASSWORD }} - INSTALLER_CERT_WINDOWS_PFX: "/tmp/ArduinoCerts2020.pfx" strategy: fail-fast: false # if one os is failing continue nonetheless @@ -424,11 +421,6 @@ jobs: - name: Save InstallBuilder license to file run: echo "${{ secrets.INSTALLER_LICENSE }}" > /tmp/license.xml - - name: Save Win signing certificate to file - run: echo "${{ secrets.INSTALLER_CERT_WINDOWS_PFX }}" | base64 --decode > ${{ env.INSTALLER_CERT_WINDOWS_PFX}} - if: matrix.os == 'windows-2019' - - # installbuilder reads the env vars with certs paths and use it to sign the installer. - name: Launch Bitrock installbuilder run: ${{ env.INSTALLBUILDER_PATH }} build installer.xml ${{ matrix.installbuilder-name }} --verbose --license /tmp/license.xml --setvars ${{ env.INSTALLER_VARS }} architecture=${{ matrix.arch }} @@ -443,6 +435,49 @@ jobs: path: ArduinoCreateAgent* if-no-files-found: error + # This job will sign the Windows installer + sign-windows: + runs-on: [self-hosted, windows-sign-pc] + needs: package + + defaults: + run: + shell: bash + + env: + INSTALLER_CERT_WINDOWS_CER: "/tmp/cert.cer" + # We are hardcoding the path for signtool because is not present on the windows PATH env var by default. + # Keep in mind that this path could change when upgrading to a new runner version + SIGNTOOL_PATH: "C:/Program Files (x86)/Windows Kits/10/bin/10.0.19041.0/x86/signtool.exe" + + strategy: + matrix: + arch: [amd64, 386] + + steps: + - name: Download artifact + uses: actions/download-artifact@v3 + with: + name: ArduinoCreateAgent-windows-${{ matrix.arch }} + + - name: Save Win signing certificate to file + run: echo "${{ secrets.INSTALLER_CERT_WINDOWS_CER }}" | base64 --decode > ${{ env.INSTALLER_CERT_WINDOWS_CER}} + + - name: Sign EXE + env: + CERT_PASSWORD: ${{ secrets.INSTALLER_CERT_WINDOWS_PASSWORD }} + CONTAINER_NAME: ${{ secrets.INSTALLER_CERT_WINDOWS_CONTAINER }} + # https://stackoverflow.com/questions/17927895/automate-extended-validation-ev-code-signing-with-safenet-etoken + run: | + "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino Create Agent" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "ArduinoCreateAgent-${GITHUB_REF##*/}-windows-${{ matrix.arch }}-installer.exe" + + - name: Upload artifacts + uses: actions/upload-artifact@v3 + with: + if-no-files-found: error + name: ArduinoCreateAgent-windows-${{ matrix.arch }}-signed + path: ArduinoCreateAgent-*-windows-${{ matrix.arch }}-installer.exe + # This job will generate a dmg mac installer, sign/notarize it. generate-sign-dmg: needs: notarize-macos @@ -544,7 +579,7 @@ jobs: create-release: runs-on: ubuntu-20.04 environment: production - needs: [build, package, generate-sign-dmg] + needs: [build, generate-sign-dmg, sign-windows] steps: - name: Checkout @@ -563,7 +598,7 @@ jobs: mv -v ArduinoCreateAgent-linux-amd64/* release/ cat ArduinoCreateAgent-osx-amd64/*.tar | tar -xvf - -i -C release/ rm -v release/._ArduinoCreateAgent*.dmg - mv -v ArduinoCreateAgent-windows*/* release/ + mv -v ArduinoCreateAgent-windows*-signed/* release/ - name: VirusTotal Scan id: virustotal_step From 7e79dfd1f96e7a2523244e02bcd08b234fce3a09 Mon Sep 17 00:00:00 2001 From: Umberto Baldi <34278123+umbynos@users.noreply.github.com> Date: Thu, 16 May 2024 11:41:32 +0200 Subject: [PATCH 02/37] Bump actions/upload and actions/download (#952) * Bump actions/download-artifact from 3 to 4 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Bump actions/download-artifact in new step * Bump actions/upload-artifact from 3 to 4 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Bump actions/upload-artifact in new step * Migrate sync workflow to actions/[upload-download] to v4 See https://github.com/actions/upload-artifact/blob/main/docs/MIGRATION.md#multiple-uploads-to-the-same-named-artifact --------- Signed-off-by: dependabot[bot] --- .../workflows/check-go-dependencies-task.yml | 2 +- .github/workflows/publish-go-tester-task.yml | 2 +- .github/workflows/release.yml | 24 +++++++++---------- .github/workflows/sync-labels.yml | 9 +++---- 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml index 1d640ed43..4983e0db6 100644 --- a/.github/workflows/check-go-dependencies-task.yml +++ b/.github/workflows/check-go-dependencies-task.yml @@ -105,7 +105,7 @@ jobs: # Some might find it convenient to have CI generate the cache rather than setting up for it locally - name: Upload cache to workflow artifact if: failure() && steps.diff.outcome == 'failure' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: if-no-files-found: error name: dep-licenses-cache diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml index 5ba56a6f3..66b381643 100644 --- a/.github/workflows/publish-go-tester-task.yml +++ b/.github/workflows/publish-go-tester-task.yml @@ -128,7 +128,7 @@ jobs: if: runner.os == 'macOS' - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: arduino-create-agent-${{ matrix.os }}${{ matrix.arch }} path: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 33fe2b7e8..ce3caa1b7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -147,7 +147,7 @@ jobs: if: steps.prerelease.outputs.IS_PRE != 'true' - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ env.PROJECT_NAME }}-${{ matrix.os }}-${{ matrix.arch }} path: | @@ -174,7 +174,7 @@ jobs: token: ${{ secrets.ARDUINO_CREATE_AGENT_CI_PAT }} - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: ${{ env.PROJECT_NAME }}-macos-12-amd64 # if we want to support darwin-arm64 in the future for real this has to change. path: ${{ env.EXE_PATH }} @@ -218,7 +218,7 @@ jobs: run: tar -cvf ArduinoCreateAgent.app_${{ matrix.arch }}.tar -C skel/ . - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: if-no-files-found: error name: ArduinoCreateAgent.app_${{ matrix.arch }} @@ -241,7 +241,7 @@ jobs: steps: - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: ArduinoCreateAgent.app_${{ matrix.arch }} @@ -356,7 +356,7 @@ jobs: if: ${{ needs.build.outputs.prerelease != 'true' }} - name: Upload artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ArduinoCreateAgent.app_${{ matrix.arch }}_notarized path: ArduinoCreateAgent.app_${{ matrix.arch }}_notarized.zip @@ -405,7 +405,7 @@ jobs: token: ${{ secrets.ARDUINO_CREATE_AGENT_CI_PAT }} - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: ${{ env.PROJECT_NAME }}-${{ matrix.os }}-${{ matrix.arch }} path: artifacts/${{ matrix.platform-name }}/ # path expected by installbuilder @@ -429,7 +429,7 @@ jobs: if: matrix.os == 'ubuntu-20.04' - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ArduinoCreateAgent-${{ matrix.platform-name }}-${{ matrix.arch }} path: ArduinoCreateAgent* @@ -456,7 +456,7 @@ jobs: steps: - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: ArduinoCreateAgent-windows-${{ matrix.arch }} @@ -472,7 +472,7 @@ jobs: "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino Create Agent" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "ArduinoCreateAgent-${GITHUB_REF##*/}-windows-${{ matrix.arch }}-installer.exe" - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: if-no-files-found: error name: ArduinoCreateAgent-windows-${{ matrix.arch }}-signed @@ -494,7 +494,7 @@ jobs: token: ${{ secrets.ARDUINO_CREATE_AGENT_CI_PAT }} - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: ArduinoCreateAgent.app_${{ matrix.arch }}_notarized path: ArduinoCreateAgent.app @@ -570,7 +570,7 @@ jobs: run: tar -cvf ArduinoCreateAgent-${GITHUB_REF##*/}-osx-${{ matrix.arch }}-installer.tar ArduinoCreateAgent-${GITHUB_REF##*/}-osx-${{ matrix.arch }}-installer.dmg - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ArduinoCreateAgent-osx-${{ matrix.arch }} path: ArduinoCreateAgent*.tar @@ -588,7 +588,7 @@ jobs: fetch-depth: 0 # fetch all history for the create changelog step to work properly - name: Download artifact - uses: actions/download-artifact@v3 # download all the artifacts + uses: actions/download-artifact@v4 # download all the artifacts # mandatory step because upload-release-action does not support multiple folders - name: prepare artifacts for the release diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index d0a553526..184a42077 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -71,13 +71,13 @@ jobs: file-url: https://raw.githubusercontent.com/arduino/tooling-project-assets/main/workflow-templates/assets/sync-labels/${{ matrix.filename }} - name: Pass configuration files to next job via workflow artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: path: | *.yaml *.yml if-no-files-found: error - name: ${{ env.CONFIGURATIONS_ARTIFACT }} + name: ${{ env.CONFIGURATIONS_ARTIFACT }}-${{ matrix.filename }} sync: needs: download @@ -109,10 +109,11 @@ jobs: uses: actions/checkout@v4 - name: Download configuration files artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: - name: ${{ env.CONFIGURATIONS_ARTIFACT }} + pattern: ${{ env.CONFIGURATIONS_ARTIFACT }}-* # Download all configuration files path: ${{ env.CONFIGURATIONS_FOLDER }} + merge-multiple: true - name: Remove unneeded artifact uses: geekyeggo/delete-artifact@v5 From 0b9b35e40e8cd10eb376bdc53c691d6786e98d9b Mon Sep 17 00:00:00 2001 From: David Anson Date: Sat, 18 May 2024 17:50:49 -0700 Subject: [PATCH 03/37] Fix spelling of the word "development" in README.md. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7f7100b5e..7356117d8 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ The documentation has been moved to the [wiki](https://github.com/arduino/arduin - [Advanced usage](https://github.com/arduino/arduino-create-agent/wiki/Advanced-usage): explaining how to use multiple configurations and how to use the agent with a proxy. - [Agent Beta Program](https://github.com/arduino/arduino-create-agent/wiki/Agent-Beta-Program) -- [Developement](https://github.com/arduino/arduino-create-agent/wiki/Developement): containing useful info to help in development +- [Development](https://github.com/arduino/arduino-create-agent/wiki/Developement): containing useful info to help in development - [Disable Autostart](https://github.com/arduino/arduino-create-agent/wiki/Disable-Autostart) - [How to compile on Raspberry Pi](https://github.com/arduino/arduino-create-agent/wiki/How-to-compile-on-Raspberry-Pi) - [How to use crashreport functionality](https://github.com/arduino/arduino-create-agent/wiki/How-to-use-crashreport-functionality) From 6220828536b2de00eb2f7daabfffe45183e75234 Mon Sep 17 00:00:00 2001 From: Alby <30591904+Xayton@users.noreply.github.com> Date: Thu, 23 May 2024 18:07:26 +0200 Subject: [PATCH 04/37] Update README.md "Development" link (#959) Update a wrong link (https://github.com/arduino/arduino-create-agent/wiki/Development), so that we can remove the wrong page in the Wiki. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7356117d8..5c97939b6 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ The documentation has been moved to the [wiki](https://github.com/arduino/arduin - [Advanced usage](https://github.com/arduino/arduino-create-agent/wiki/Advanced-usage): explaining how to use multiple configurations and how to use the agent with a proxy. - [Agent Beta Program](https://github.com/arduino/arduino-create-agent/wiki/Agent-Beta-Program) -- [Development](https://github.com/arduino/arduino-create-agent/wiki/Developement): containing useful info to help in development +- [Development](https://github.com/arduino/arduino-create-agent/wiki/Development): containing useful info to help in development - [Disable Autostart](https://github.com/arduino/arduino-create-agent/wiki/Disable-Autostart) - [How to compile on Raspberry Pi](https://github.com/arduino/arduino-create-agent/wiki/How-to-compile-on-Raspberry-Pi) - [How to use crashreport functionality](https://github.com/arduino/arduino-create-agent/wiki/How-to-use-crashreport-functionality) From b02967edac710a5690857bd0fa8dbf6cd503dbf8 Mon Sep 17 00:00:00 2001 From: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com> Date: Mon, 17 Jun 2024 09:31:22 +0200 Subject: [PATCH 05/37] Add step to delete the signed exe on the self-hosted runner (#965) --- .github/workflows/release.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ce3caa1b7..f149c8eb9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -132,7 +132,7 @@ jobs: - name: Create autoupdate files for win32 run: go-selfupdate -platform windows-${{ matrix.arch }} ${{ env.PROJECT_NAME }}${{ matrix.ext }} ${TAG_VERSION} if: matrix.arch == '386' && matrix.os == 'windows-2019' && steps.prerelease.outputs.IS_PRE != 'true' - + - name: configure aws credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -311,7 +311,7 @@ jobs: run: | wget -q https://github.com/Bearer/gon/releases/download/v0.0.27/gon_macos.zip unzip gon_macos.zip -d /usr/local/bin - + - name: Write gon config to file run: | cat > "${{ env.GON_CONFIG_PATH }}" < ${{ env.INSTALLER_CERT_WINDOWS_CER}} @@ -468,7 +468,7 @@ jobs: CERT_PASSWORD: ${{ secrets.INSTALLER_CERT_WINDOWS_PASSWORD }} CONTAINER_NAME: ${{ secrets.INSTALLER_CERT_WINDOWS_CONTAINER }} # https://stackoverflow.com/questions/17927895/automate-extended-validation-ev-code-signing-with-safenet-etoken - run: | + run: | "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino Create Agent" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "ArduinoCreateAgent-${GITHUB_REF##*/}-windows-${{ matrix.arch }}-installer.exe" - name: Upload artifacts @@ -478,6 +478,10 @@ jobs: name: ArduinoCreateAgent-windows-${{ matrix.arch }}-signed path: ArduinoCreateAgent-*-windows-${{ matrix.arch }}-installer.exe + # This step is needed because the self hosted runner does not delete files automatically + - name: Clean up EXE + run: rm ArduinoCreateAgent-*-windows-${{ matrix.arch }}-installer.exe + # This job will generate a dmg mac installer, sign/notarize it. generate-sign-dmg: needs: notarize-macos From 04414e26c0d8cf0795d02c364637c3bb3f218bd4 Mon Sep 17 00:00:00 2001 From: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com> Date: Tue, 2 Jul 2024 09:31:09 +0200 Subject: [PATCH 06/37] Check if a signed URL is specified and use it download tools (#953) * Wrap v2 tools install function inside tools.Download * Download tools defaulting to the replace behaviour * Improve archive renamer and fix failing tests * Find the correct tool and system when `version=latest` is specified * Reintroduce caching option when downloading tools --- tools/download.go | 170 ++++------------------------------------- tools/download_test.go | 24 +++--- tools/tools.go | 12 --- v2/http.go | 2 +- v2/pkgs/tools.go | 137 ++++++++++++++++++++++++++------- v2/pkgs/tools_test.go | 8 +- 6 files changed, 142 insertions(+), 211 deletions(-) diff --git a/tools/download.go b/tools/download.go index 360d6e4c3..6e5fa8b7f 100644 --- a/tools/download.go +++ b/tools/download.go @@ -16,43 +16,18 @@ package tools import ( - "bytes" "context" - "crypto/sha256" - "encoding/hex" - "encoding/json" "errors" - "fmt" - "io" - "net/http" "os" "os/exec" "path/filepath" "runtime" + "github.com/arduino/arduino-create-agent/gen/tools" + "github.com/arduino/arduino-create-agent/utilities" "github.com/arduino/arduino-create-agent/v2/pkgs" - "github.com/arduino/go-paths-helper" - "github.com/blang/semver" - "github.com/codeclysm/extract/v3" ) -// public vars to allow override in the tests -var ( - OS = runtime.GOOS - Arch = runtime.GOARCH -) - -func pathExists(path string) bool { - _, err := os.Stat(path) - if err == nil { - return true - } - if os.IsNotExist(err) { - return false - } - return true -} - // Download will parse the index at the indexURL for the tool to download. // It will extract it in a folder in .arduino-create, and it will update the // Installed map. @@ -70,97 +45,21 @@ func pathExists(path string) bool { // if it already exists. func (t *Tools) Download(pack, name, version, behaviour string) error { - body, err := t.index.Read() - if err != nil { - return err - } - - var data pkgs.Index - json.Unmarshal(body, &data) - - // Find the tool by name - correctTool, correctSystem := findTool(pack, name, version, data) - - if correctTool.Name == "" || correctSystem.URL == "" { - t.logger("We couldn't find a tool with the name " + name + " and version " + version + " packaged by " + pack) - return nil - } - - key := correctTool.Name + "-" + correctTool.Version - - // Check if it already exists - if behaviour == "keep" { - location, ok := t.getMapValue(key) - if ok && pathExists(location) { - // overwrite the default tool with this one - t.setMapValue(correctTool.Name, location) - t.logger("The tool is already present on the system") - return t.writeMap() - } - } - - // Download the tool - t.logger("Downloading tool " + name + " from " + correctSystem.URL) - resp, err := http.Get(correctSystem.URL) + tool := pkgs.New(t.index, t.directory.String(), behaviour) + _, err := tool.Install(context.Background(), &tools.ToolPayload{Name: name, Version: version, Packager: pack}) if err != nil { return err } - defer resp.Body.Close() - - // Read the body - body, err = io.ReadAll(resp.Body) - if err != nil { - return err - } - - // Checksum - checksum := sha256.Sum256(body) - checkSumString := "SHA-256:" + hex.EncodeToString(checksum[:sha256.Size]) - - if checkSumString != correctSystem.Checksum { - return errors.New("checksum doesn't match") - } - - tempPath := paths.TempDir() - // Create a temporary dir to extract package - if err := tempPath.MkdirAll(); err != nil { - return fmt.Errorf("creating temp dir for extraction: %s", err) - } - tempDir, err := tempPath.MkTempDir("package-") - if err != nil { - return fmt.Errorf("creating temp dir for extraction: %s", err) - } - defer tempDir.RemoveAll() - t.logger("Unpacking tool " + name) - ctx := context.Background() - reader := bytes.NewReader(body) - // Extract into temp directory - if err := extract.Archive(ctx, reader, tempDir.String(), nil); err != nil { - return fmt.Errorf("extracting archive: %s", err) - } - - location := t.directory.Join(pack, correctTool.Name, correctTool.Version) - err = location.RemoveAll() + path := filepath.Join(pack, name, version) + safePath, err := utilities.SafeJoin(t.directory.String(), path) if err != nil { return err } - // Check package content and find package root dir - root, err := findPackageRoot(tempDir) - if err != nil { - return fmt.Errorf("searching package root dir: %s", err) - } - - if err := root.Rename(location); err != nil { - if err := root.CopyDirTo(location); err != nil { - return fmt.Errorf("moving extracted archive to destination dir: %s", err) - } - } - // if the tool contains a post_install script, run it: it means it is a tool that needs to install drivers // AFAIK this is only the case for the windows-driver tool - err = t.installDrivers(location.String()) + err = t.installDrivers(safePath) if err != nil { return err } @@ -169,55 +68,12 @@ func (t *Tools) Download(pack, name, version, behaviour string) error { t.logger("Ensure that the files are executable") // Update the tool map - t.logger("Updating map with location " + location.String()) - - t.setMapValue(name, location.String()) - t.setMapValue(name+"-"+correctTool.Version, location.String()) - return t.writeMap() -} + t.logger("Updating map with location " + safePath) -func findPackageRoot(parent *paths.Path) (*paths.Path, error) { - files, err := parent.ReadDir() - if err != nil { - return nil, fmt.Errorf("reading package root dir: %s", err) - } - files.FilterOutPrefix("__MACOSX") + t.setMapValue(name, safePath) + t.setMapValue(name+"-"+version, safePath) - // if there is only one dir, it is the root dir - if len(files) == 1 && files[0].IsDir() { - return files[0], nil - } - return parent, nil -} - -func findTool(pack, name, version string, data pkgs.Index) (pkgs.Tool, pkgs.System) { - var correctTool pkgs.Tool - correctTool.Version = "0.0" - - for _, p := range data.Packages { - if p.Name != pack { - continue - } - for _, t := range p.Tools { - if version != "latest" { - if t.Name == name && t.Version == version { - correctTool = t - } - } else { - // Find latest - v1, _ := semver.Make(t.Version) - v2, _ := semver.Make(correctTool.Version) - if t.Name == name && v1.Compare(v2) > 0 { - correctTool = t - } - } - } - } - - // Find the url based on system - correctSystem := correctTool.GetFlavourCompatibleWith(OS, Arch) - - return correctTool, correctSystem + return nil } func (t *Tools) installDrivers(location string) error { @@ -225,7 +81,7 @@ func (t *Tools) installDrivers(location string) error { extension := ".bat" // add .\ to force locality preamble := ".\\" - if OS != "windows" { + if runtime.GOOS != "windows" { extension = ".sh" // add ./ to force locality preamble = "./" @@ -237,7 +93,7 @@ func (t *Tools) installDrivers(location string) error { os.Chdir(location) t.logger(preamble + "post_install" + extension) oscmd := exec.Command(preamble + "post_install" + extension) - if OS != "linux" { + if runtime.GOOS != "linux" { // spawning a shell could be the only way to let the user type his password TellCommandNotToSpawnShell(oscmd) } diff --git a/tools/download_test.go b/tools/download_test.go index c45914b51..1e958de91 100644 --- a/tools/download_test.go +++ b/tools/download_test.go @@ -42,8 +42,8 @@ func TestDownloadCorrectPlatform(t *testing.T) { {"linux", "arm", "arm-linux-gnueabihf"}, } defer func() { - OS = runtime.GOOS // restore `runtime.OS` - Arch = runtime.GOARCH // restore `runtime.ARCH` + pkgs.OS = runtime.GOOS // restore `runtime.OS` + pkgs.Arch = runtime.GOARCH // restore `runtime.ARCH` }() testIndex := paths.New("testdata", "test_tool_index.json") buf, err := testIndex.ReadFile() @@ -54,10 +54,11 @@ func TestDownloadCorrectPlatform(t *testing.T) { require.NoError(t, err) for _, tc := range testCases { t.Run(tc.hostOS+tc.hostArch, func(t *testing.T) { - OS = tc.hostOS // override `runtime.OS` for testing purposes - Arch = tc.hostArch // override `runtime.ARCH` for testing purposes + pkgs.OS = tc.hostOS // override `runtime.OS` for testing purposes + pkgs.Arch = tc.hostArch // override `runtime.ARCH` for testing purposes // Find the tool by name - correctTool, correctSystem := findTool("arduino-test", "arduino-fwuploader", "2.2.2", data) + correctTool, correctSystem, found := pkgs.FindTool("arduino-test", "arduino-fwuploader", "2.2.2", data) + require.True(t, found) require.NotNil(t, correctTool) require.NotNil(t, correctSystem) require.Equal(t, correctTool.Name, "arduino-fwuploader") @@ -78,8 +79,8 @@ func TestDownloadFallbackPlatform(t *testing.T) { {"windows", "amd64", "i686-mingw32"}, } defer func() { - OS = runtime.GOOS // restore `runtime.OS` - Arch = runtime.GOARCH // restore `runtime.ARCH` + pkgs.OS = runtime.GOOS // restore `runtime.OS` + pkgs.Arch = runtime.GOARCH // restore `runtime.ARCH` }() testIndex := paths.New("testdata", "test_tool_index.json") buf, err := testIndex.ReadFile() @@ -90,10 +91,11 @@ func TestDownloadFallbackPlatform(t *testing.T) { require.NoError(t, err) for _, tc := range testCases { t.Run(tc.hostOS+tc.hostArch, func(t *testing.T) { - OS = tc.hostOS // override `runtime.OS` for testing purposes - Arch = tc.hostArch // override `runtime.ARCH` for testing purposes + pkgs.OS = tc.hostOS // override `runtime.OS` for testing purposes + pkgs.Arch = tc.hostArch // override `runtime.ARCH` for testing purposes // Find the tool by name - correctTool, correctSystem := findTool("arduino-test", "arduino-fwuploader", "2.2.0", data) + correctTool, correctSystem, found := pkgs.FindTool("arduino-test", "arduino-fwuploader", "2.2.0", data) + require.True(t, found) require.NotNil(t, correctTool) require.NotNil(t, correctSystem) require.Equal(t, correctTool.Name, "arduino-fwuploader") @@ -145,7 +147,7 @@ func TestDownload(t *testing.T) { if filePath.IsDir() { require.DirExists(t, filePath.String()) } else { - if OS == "windows" { + if runtime.GOOS == "windows" { require.FileExists(t, filePath.String()+".exe") } else { require.FileExists(t, filePath.String()) diff --git a/tools/tools.go b/tools/tools.go index e641db351..cb9efc787 100644 --- a/tools/tools.go +++ b/tools/tools.go @@ -78,18 +78,6 @@ func (t *Tools) getMapValue(key string) (string, bool) { return value, ok } -// writeMap() writes installed map to the json file "installed.json" -func (t *Tools) writeMap() error { - t.mutex.RLock() - defer t.mutex.RUnlock() - b, err := json.Marshal(t.installed) - if err != nil { - return err - } - filePath := t.directory.Join("installed.json") - return filePath.WriteFile(b) -} - // readMap() reads the installed map from json file "installed.json" func (t *Tools) readMap() error { t.mutex.Lock() diff --git a/v2/http.go b/v2/http.go index bcfbc82aa..390ec3989 100644 --- a/v2/http.go +++ b/v2/http.go @@ -40,7 +40,7 @@ func Server(directory string, index *index.Resource) http.Handler { logAdapter := LogAdapter{Logger: logger} // Mount tools - toolsSvc := pkgs.New(index, directory) + toolsSvc := pkgs.New(index, directory, "replace") toolsEndpoints := toolssvc.NewEndpoints(toolsSvc) toolsServer := toolssvr.New(toolsEndpoints, mux, CustomRequestDecoder, goahttp.ResponseEncoder, errorHandler(logger), nil) toolssvr.Mount(mux, toolsServer) diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go index 55ff6c2e4..b0daaaaef 100644 --- a/v2/pkgs/tools.go +++ b/v2/pkgs/tools.go @@ -33,9 +33,16 @@ import ( "github.com/arduino/arduino-create-agent/gen/tools" "github.com/arduino/arduino-create-agent/index" "github.com/arduino/arduino-create-agent/utilities" + "github.com/blang/semver" "github.com/codeclysm/extract/v3" ) +// public vars to allow override in the tests +var ( + OS = runtime.GOOS + Arch = runtime.GOARCH +) + // Tools is a client that implements github.com/arduino/arduino-create-agent/gen/tools.Service interface. // It saves tools in a specified folder with this structure: packager/name/version // For example: @@ -50,17 +57,19 @@ import ( // // It requires an Index Resource to search for tools type Tools struct { - index *index.Resource - folder string + index *index.Resource + folder string + behaviour string } // New will return a Tool object, allowing the caller to execute operations on it. // The New function will accept an index as parameter (used to download the indexes) // and a folder used to download the indexes -func New(index *index.Resource, folder string) *Tools { +func New(index *index.Resource, folder, behaviour string) *Tools { return &Tools{ - index: index, - folder: folder, + index: index, + folder: folder, + behaviour: behaviour, } } @@ -166,21 +175,28 @@ func (t *Tools) Install(ctx context.Context, payload *tools.ToolPayload) (*tools var index Index json.Unmarshal(body, &index) - for _, packager := range index.Packages { - if packager.Name != payload.Packager { - continue - } - - for _, tool := range packager.Tools { - if tool.Name == payload.Name && - tool.Version == payload.Version { - - sys := tool.GetFlavourCompatibleWith(runtime.GOOS, runtime.GOARCH) + correctTool, correctSystem, found := FindTool(payload.Packager, payload.Name, payload.Version, index) + path = filepath.Join(payload.Packager, correctTool.Name, correctTool.Version) - return t.install(ctx, path, sys.URL, sys.Checksum) + key := correctTool.Name + "-" + correctTool.Version + // Check if it already exists + if t.behaviour == "keep" && pathExists(t.folder) { + location, ok, err := checkInstalled(t.folder, key) + if err != nil { + return nil, err + } + if ok && pathExists(location) { + // overwrite the default tool with this one + err := writeInstalled(t.folder, path) + if err != nil { + return nil, err } + return &tools.Operation{Status: "ok"}, nil } } + if found { + return t.install(ctx, path, correctSystem.URL, correctSystem.Checksum) + } return nil, tools.MakeNotFound( fmt.Errorf("tool not found with packager '%s', name '%s', version '%s'", @@ -256,27 +272,51 @@ func (t *Tools) Remove(ctx context.Context, payload *tools.ToolPayload) (*tools. func rename(base string) extract.Renamer { return func(path string) string { parts := strings.Split(filepath.ToSlash(path), "/") - path = strings.Join(parts[1:], "/") - path = filepath.Join(base, path) + newPath := strings.Join(parts[1:], "/") + if newPath == "" { + newPath = filepath.Join(newPath, path) + } + path = filepath.Join(base, newPath) return path } } -func writeInstalled(folder, path string) error { +func readInstalled(installedFile string) (map[string]string, error) { // read installed.json installed := map[string]string{} - - installedFile, err := utilities.SafeJoin(folder, "installed.json") - if err != nil { - return err - } data, err := os.ReadFile(installedFile) if err == nil { err = json.Unmarshal(data, &installed) if err != nil { - return err + return nil, err } } + return installed, nil +} + +func checkInstalled(folder, key string) (string, bool, error) { + installedFile, err := utilities.SafeJoin(folder, "installed.json") + if err != nil { + return "", false, err + } + installed, err := readInstalled(installedFile) + if err != nil { + return "", false, err + } + location, ok := installed[key] + return location, ok, err +} + +func writeInstalled(folder, path string) error { + // read installed.json + installedFile, err := utilities.SafeJoin(folder, "installed.json") + if err != nil { + return err + } + installed, err := readInstalled(installedFile) + if err != nil { + return err + } parts := strings.Split(path, string(filepath.Separator)) tool := parts[len(parts)-2] @@ -288,10 +328,55 @@ func writeInstalled(folder, path string) error { installed[tool] = toolFile installed[toolWithVersion] = toolFile - data, err = json.Marshal(installed) + data, err := json.Marshal(installed) if err != nil { return err } return os.WriteFile(installedFile, data, 0644) } + +func pathExists(path string) bool { + _, err := os.Stat(path) + if err == nil { + return true + } + if os.IsNotExist(err) { + return false + } + return true +} + +// FindTool searches the index for the correct tool and system that match the specified tool name and version +func FindTool(pack, name, version string, data Index) (Tool, System, bool) { + var correctTool Tool + correctTool.Version = "0.0" + found := false + + for _, p := range data.Packages { + if p.Name != pack { + continue + } + for _, t := range p.Tools { + if version != "latest" { + if t.Name == name && t.Version == version { + correctTool = t + found = true + } + } else { + // Find latest + v1, _ := semver.Make(t.Version) + v2, _ := semver.Make(correctTool.Version) + if t.Name == name && v1.Compare(v2) > 0 { + correctTool = t + found = true + } + } + } + } + + // Find the url based on system + correctSystem := correctTool.GetFlavourCompatibleWith(OS, Arch) + + return correctTool, correctSystem, found +} diff --git a/v2/pkgs/tools_test.go b/v2/pkgs/tools_test.go index 78c56398f..be4d5e4d1 100644 --- a/v2/pkgs/tools_test.go +++ b/v2/pkgs/tools_test.go @@ -45,7 +45,7 @@ func TestTools(t *testing.T) { // Instantiate Index Index := index.Init(indexURL, config.GetDataDir()) - service := pkgs.New(Index, tmp) + service := pkgs.New(Index, tmp, "replace") ctx := context.Background() @@ -126,7 +126,7 @@ func TestEvilFilename(t *testing.T) { // Instantiate Index Index := index.Init(indexURL, config.GetDataDir()) - service := pkgs.New(Index, tmp) + service := pkgs.New(Index, tmp, "replace") ctx := context.Background() @@ -195,7 +195,7 @@ func TestInstalledHead(t *testing.T) { // Instantiate Index Index := index.Init(indexURL, config.GetDataDir()) - service := pkgs.New(Index, tmp) + service := pkgs.New(Index, tmp, "replace") ctx := context.Background() @@ -216,7 +216,7 @@ func TestInstall(t *testing.T) { LastRefresh: time.Now(), } - tool := pkgs.New(testIndex, tmp) + tool := pkgs.New(testIndex, tmp, "replace") ctx := context.Background() From da1fa2e1dfc896754901087bddfd7e8b3a3efc03 Mon Sep 17 00:00:00 2001 From: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com> Date: Wed, 10 Jul 2024 10:05:54 +0200 Subject: [PATCH 07/37] Create a single universal executable for macOS (#964) * Create a single universal executable for macos * Update docs on macOS support * Add macos-arm64 to the test builds * Check that the new executable exists and is in the right path before proceding with the update --- .github/workflows/publish-go-tester-task.yml | 29 +++++++++++++++++--- .github/workflows/release.yml | 25 +++++++++++++++-- README.md | 4 +-- Taskfile.yml | 3 +- updater/updater_darwin.go | 2 +- 5 files changed, 51 insertions(+), 12 deletions(-) diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml index 66b381643..54d9c04f0 100644 --- a/.github/workflows/publish-go-tester-task.yml +++ b/.github/workflows/publish-go-tester-task.yml @@ -30,6 +30,7 @@ on: repository_dispatch: env: + PROJECT_NAME: arduino-create-agent GO_VERSION: "1.21" jobs: @@ -119,18 +120,38 @@ jobs: run: task go:build-win # GOARCH=amd64 by default on the runners if: runner.os == 'Windows' && matrix.arch == '-amd64' - - name: Build the Agent for macos + - name: Build the Agent for macos amd 64 env: MACOSX_DEPLOYMENT_TARGET: 10.15 # minimum supported version for mac CGO_CFLAGS: -mmacosx-version-min=10.15 CGO_LDFLAGS: -mmacosx-version-min=10.15 - run: task go:build + run: | + task go:build + mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME}}_amd64 + if: runner.os == 'macOS' + + - name: Build the Agent for macos amd 64 + env: + MACOSX_DEPLOYMENT_TARGET: 10.15 # minimum supported version for mac + CGO_CFLAGS: -mmacosx-version-min=10.15 + CGO_LDFLAGS: -mmacosx-version-min=10.15 + GOARCH: arm64 + CGO_ENABLED: 1 + run: | + task go:build + mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME}}_arm64 + if: runner.os == 'macOS' + + - name: Create universal macos executable + run: | + lipo -create -output ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME}}_amd64 ${{ env.PROJECT_NAME}}_arm64 + rm ${{ env.PROJECT_NAME}}_amd64 ${{ env.PROJECT_NAME}}_arm64 if: runner.os == 'macOS' - name: Upload artifacts uses: actions/upload-artifact@v4 with: - name: arduino-create-agent-${{ matrix.os }}${{ matrix.arch }} + name: ${{ env.PROJECT_NAME}}-${{ matrix.os }}${{ matrix.arch }} path: | - arduino-create-agent* + ${{ env.PROJECT_NAME}}* if-no-files-found: error diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f149c8eb9..72b07c468 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -107,13 +107,33 @@ jobs: run: task go:build-win # GOARCH=amd64 by default on the runners if: matrix.os == 'windows-2019' && matrix.arch == 'amd64' - - name: Build the Agent for macos + - name: Build the Agent for macos amd64 env: CGO_ENABLED: 1 MACOSX_DEPLOYMENT_TARGET: 10.15 # minimum supported version for mac CGO_CFLAGS: -mmacosx-version-min=10.15 CGO_LDFLAGS: -mmacosx-version-min=10.15 - run: task go:build + run: | + task go:build + mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME }}_amd64 + if: matrix.os == 'macos-12' + + - name: Build the Agent for macos arm64 + env: + CGO_ENABLED: 1 + MACOSX_DEPLOYMENT_TARGET: 10.15 # minimum supported version for mac + CGO_CFLAGS: -mmacosx-version-min=10.15 + CGO_LDFLAGS: -mmacosx-version-min=10.15 + GOARCH: arm64 + run: | + task go:build + mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME }}_arm64 + if: matrix.os == 'macos-12' + + - name: Create universal macos executable + run: | + lipo -create -output ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME }}_amd64 ${{ env.PROJECT_NAME }}_arm64 + rm ${{ env.PROJECT_NAME }}_amd64 ${{ env.PROJECT_NAME }}_arm64 if: matrix.os == 'macos-12' # this will create `public/` dir with compressed full bin (/-.gz) and a json file @@ -121,7 +141,6 @@ jobs: run: go-selfupdate ${{ env.PROJECT_NAME }}${{ matrix.ext }} ${TAG_VERSION} if: matrix.arch != '386' && steps.prerelease.outputs.IS_PRE != 'true' - # for now we do not distribute m1 build, this is a workaround for now - name: Copy autoupdate file for darwin-arm64 (m1 arch) working-directory: public/ run: | diff --git a/README.md b/README.md index 5c97939b6..a2efe270a 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ Get the [latest version](https://github.com/arduino/arduino-create-agent/release ## Apple silicon support The Arduino Agent is supported both on Intel and Apple silicon computers. This includes devices with the M1, M2 and M3 processors. -At the moment the Arduino Agent is only built for Intel architectures, but Apple silicon devices can run it thanks to the [Rosetta 2](https://support.apple.com/en-us/HT211861) translation layer by Apple. +The Arduino Agent is built both for Intel architectures and Apple silicon devices, but distributed as a single universal executable for macOS. ## Documentation @@ -50,7 +50,7 @@ The documentation has been moved to the [wiki](https://github.com/arduino/arduin ### Submitting an issue -When submitting a new issue please search for duplicates before creating a new one. Help us by providing useful context and information. Please attach the output of the commands running at the debug console or attach [crash reports](https://github.com/arduino/arduino-create-agent/wiki/How-to-use-crashreport-functionality) if useful. +When submitting a new issue please search for duplicates before creating a new one. Help us by providing useful context and information. Please attach the output of the commands running at the debug console or attach [crash reports](https://github.com/arduino/arduino-create-agent/wiki/How-to-use-crashreport-functionality) if useful. #### Security diff --git a/Taskfile.yml b/Taskfile.yml index 6b7852762..603a2ce91 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -84,7 +84,7 @@ tasks: cmds: - poetry run pytest tests - # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/poetry-task/Taskfile.yml + # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/poetry-task/Taskfile.yml poetry:install-deps: desc: Install dependencies managed by Poetry cmds: @@ -138,7 +138,6 @@ tasks: - task: go:vet - task: go:lint - vars: # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/release-go-task/Taskfile.yml PROJECT_NAME: arduino-create-agent diff --git a/updater/updater_darwin.go b/updater/updater_darwin.go index ec00f88cc..105a529ef 100644 --- a/updater/updater_darwin.go +++ b/updater/updater_darwin.go @@ -143,7 +143,7 @@ func checkForUpdates(currentVersion string, updateURL string, cmdName string) (s // Install new app logrus.WithField("from", tmpAppPath).WithField("to", currentAppPath).Info("Copying updated app") - if err := tmpAppPath.CopyDirTo(currentAppPath); err != nil { + if err := tmpAppPath.CopyDirTo(currentAppPath); err != nil || !paths.New(executablePath).Exist() { // Try rollback changes _ = currentAppPath.RemoveAll() _ = oldAppPath.Rename(currentAppPath) From 46fbb343ee66a5a38bd716e59a1a96c43454b6a2 Mon Sep 17 00:00:00 2001 From: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com> Date: Wed, 17 Jul 2024 11:35:02 +0200 Subject: [PATCH 08/37] Rename executable and releases to `Arduino Cloud Agent` (#961) * Change name in the docs * Change executable's name * Change debug console's name * Update name in test release workflow * Update name in release workflow * Change name used in the installer * Rename .app to Cloud Agent * Check that either the Create Agent or the Cloud Agent exist when autoupdating on macos * Fix typo * Revert changes on the zipped notarized app bundle uploaded to s3 We are keeping it this way because it is used by the autoupdate procedure on macos --- .github/workflows/publish-go-tester-task.yml | 2 +- .github/workflows/release.yml | 89 +-- .gitignore | 4 +- README.md | 8 +- Taskfile.yml | 8 +- home.html | 627 ++++++++++--------- tests/conftest.py | 4 +- updater/updater_darwin.go | 4 +- 8 files changed, 387 insertions(+), 359 deletions(-) diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml index 54d9c04f0..aa2949e13 100644 --- a/.github/workflows/publish-go-tester-task.yml +++ b/.github/workflows/publish-go-tester-task.yml @@ -30,7 +30,7 @@ on: repository_dispatch: env: - PROJECT_NAME: arduino-create-agent + PROJECT_NAME: arduino-cloud-agent GO_VERSION: "1.21" jobs: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 72b07c468..fe60ec8f8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ permissions: env: # As defined by the Taskfile's PROJECT_NAME variable - PROJECT_NAME: arduino-create-agent + PROJECT_NAME: arduino-cloud-agent TARGET: "/CreateAgent/Stable/" VERSION_TARGET: "arduino-create-static/agent-metadata/" AWS_REGION: "us-east-1" # or https://github.com/aws/aws-cli/issues/5623 @@ -183,7 +183,7 @@ jobs: runs-on: macos-12 env: - EXE_PATH: "skel/ArduinoCreateAgent.app/Contents/MacOS/" + EXE_PATH: "skel/ArduinoCloudAgent.app/Contents/MacOS/" steps: - name: Checkout @@ -205,21 +205,21 @@ jobs: - name: Make executable run: chmod -v +x ${{ env.EXE_PATH }}${{ env.PROJECT_NAME }} - - name: Rename executable to Arduino_Create_Agent - run: mv -v ${{ env.EXE_PATH }}${{ env.PROJECT_NAME }} ${{ env.EXE_PATH }}Arduino_Create_Agent + - name: Rename executable to Arduino_Cloud_Agent + run: mv -v ${{ env.EXE_PATH }}${{ env.PROJECT_NAME }} ${{ env.EXE_PATH }}Arduino_Cloud_Agent - name: get year run: echo "YEAR=$(date "+%Y")" >> $GITHUB_ENV - name: Generate Info.plist for MacOS run: | - cat > skel/ArduinoCreateAgent.app/Contents/Info.plist < skel/ArduinoCloudAgent.app/Contents/Info.plist <CFBundlePackageTypeAPPLCFBundleInfoDictionaryVersion6.0 CFBundleIconFile AppIcon.icns - CFBundleName Arduino Create Agent - CFBundleExecutable Arduino_Create_Agent + CFBundleName Arduino Cloud Agent + CFBundleExecutable Arduino_Cloud_Agent CFBundleIdentifier create.arduino.cc CFBundleVersion ${GITHUB_REF##*/} @@ -234,14 +234,14 @@ jobs: EOF - name: Tar bundle to keep permissions - run: tar -cvf ArduinoCreateAgent.app_${{ matrix.arch }}.tar -C skel/ . + run: tar -cvf ArduinoCloudAgent.app_${{ matrix.arch }}.tar -C skel/ . - name: Upload artifacts uses: actions/upload-artifact@v4 with: if-no-files-found: error - name: ArduinoCreateAgent.app_${{ matrix.arch }} - path: ArduinoCreateAgent.app_${{ matrix.arch }}.tar + name: ArduinoCloudAgent.app_${{ matrix.arch }} + path: ArduinoCloudAgent.app_${{ matrix.arch }}.tar # The notarize-macos job will download the macos bundle from the previous job, sign, notarize and re-upload it, uploading it also on s3 download servers for the autoupdate. notarize-macos: @@ -262,10 +262,10 @@ jobs: - name: Download artifact uses: actions/download-artifact@v4 with: - name: ArduinoCreateAgent.app_${{ matrix.arch }} + name: ArduinoCloudAgent.app_${{ matrix.arch }} - name: un-Tar bundle - run: tar -xvf ArduinoCreateAgent.app_${{ matrix.arch }}.tar + run: tar -xvf ArduinoCloudAgent.app_${{ matrix.arch }}.tar - name: Import Code-Signing Certificates run: | @@ -305,7 +305,7 @@ jobs: run: | cat > "${{ env.GON_CONFIG_PATH }}" < /tmp/license.xml @@ -444,14 +445,14 @@ jobs: run: ${{ env.INSTALLBUILDER_PATH }} build installer.xml ${{ matrix.installbuilder-name }} --verbose --license /tmp/license.xml --setvars ${{ env.INSTALLER_VARS }} architecture=${{ matrix.arch }} - name: Generate archive - run: tar -czvf ArduinoCreateAgent-${GITHUB_REF##*/}-${{ matrix.platform-name }}-${{ matrix.arch }}-installer.tar.gz ArduinoCreateAgent-${GITHUB_REF##*/}-${{ matrix.platform-name }}-${{ matrix.arch }}-installer${{matrix.installer-extension}} + run: tar -czvf ArduinoCloudAgent-${GITHUB_REF##*/}-${{ matrix.platform-name }}-${{ matrix.arch }}-installer.tar.gz ArduinoCloudAgent-${GITHUB_REF##*/}-${{ matrix.platform-name }}-${{ matrix.arch }}-installer${{matrix.installer-extension}} if: matrix.os == 'ubuntu-20.04' - name: Upload artifacts uses: actions/upload-artifact@v4 with: - name: ArduinoCreateAgent-${{ matrix.platform-name }}-${{ matrix.arch }} - path: ArduinoCreateAgent* + name: ArduinoCloudAgent-${{ matrix.platform-name }}-${{ matrix.arch }} + path: ArduinoCloudAgent* if-no-files-found: error # This job will sign the Windows installer @@ -477,7 +478,7 @@ jobs: - name: Download artifact uses: actions/download-artifact@v4 with: - name: ArduinoCreateAgent-windows-${{ matrix.arch }} + name: ArduinoCloudAgent-windows-${{ matrix.arch }} - name: Save Win signing certificate to file run: echo "${{ secrets.INSTALLER_CERT_WINDOWS_CER }}" | base64 --decode > ${{ env.INSTALLER_CERT_WINDOWS_CER}} @@ -488,18 +489,18 @@ jobs: CONTAINER_NAME: ${{ secrets.INSTALLER_CERT_WINDOWS_CONTAINER }} # https://stackoverflow.com/questions/17927895/automate-extended-validation-ev-code-signing-with-safenet-etoken run: | - "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino Create Agent" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "ArduinoCreateAgent-${GITHUB_REF##*/}-windows-${{ matrix.arch }}-installer.exe" + "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino Cloud Agent" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "ArduinoCloudAgent-${GITHUB_REF##*/}-windows-${{ matrix.arch }}-installer.exe" - name: Upload artifacts uses: actions/upload-artifact@v4 with: if-no-files-found: error - name: ArduinoCreateAgent-windows-${{ matrix.arch }}-signed - path: ArduinoCreateAgent-*-windows-${{ matrix.arch }}-installer.exe + name: ArduinoCloudAgent-windows-${{ matrix.arch }}-signed + path: ArduinoCloudAgent-*-windows-${{ matrix.arch }}-installer.exe # This step is needed because the self hosted runner does not delete files automatically - name: Clean up EXE - run: rm ArduinoCreateAgent-*-windows-${{ matrix.arch }}-installer.exe + run: rm ArduinoCloudAgent-*-windows-${{ matrix.arch }}-installer.exe # This job will generate a dmg mac installer, sign/notarize it. generate-sign-dmg: @@ -519,11 +520,11 @@ jobs: - name: Download artifact uses: actions/download-artifact@v4 with: - name: ArduinoCreateAgent.app_${{ matrix.arch }}_notarized - path: ArduinoCreateAgent.app + name: ArduinoCloudAgent.app_${{ matrix.arch }}_notarized + path: ArduinoCloudAgent.app - name: unzip artifact - working-directory: ArduinoCreateAgent.app + working-directory: ArduinoCloudAgent.app run: | unzip ArduinoCreateAgent.app_${{ matrix.arch }}_notarized.zip rm ArduinoCreateAgent.app_${{ matrix.arch }}_notarized.zip @@ -531,18 +532,18 @@ jobs: - name: Install create-dmg run: brew install create-dmg - - name: Genarate DMG + - name: Generate DMG run: | create-dmg \ - --volname "ArduinoCreateAgent" \ + --volname "ArduinoCloudAgent" \ --background "installer_icons/background.tiff" \ --window-pos 200 120 \ --window-size 500 320 \ --icon-size 80 \ - --icon "ArduinoCreateAgent.app" 125 150 \ + --icon "ArduinoCloudAgent.app" 125 150 \ --app-drop-link 375 150 \ - "ArduinoCreateAgent-${GITHUB_REF##*/}-osx-${{ matrix.arch }}-installer.dmg" \ - "ArduinoCreateAgent.app" + "ArduinoCloudAgent-${GITHUB_REF##*/}-osx-${{ matrix.arch }}-installer.dmg" \ + "ArduinoCloudAgent.app" - name: Import Code-Signing Certificates run: | @@ -572,7 +573,7 @@ jobs: # gon does not allow env variables in config file (https://github.com/mitchellh/gon/issues/20) run: | cat > gon.config_installer.hcl <| +------------>| | -| | | | | Arduino Create Agent | | Arduino Board | +| | | | | Arduino Cloud Agent | | Arduino Board | | | Arduino Create Web Editor | +--------------->| |<------------+ | | | | | REST API +----------------------+ serial +---------------+ | +---------------------------+ | @@ -74,7 +74,7 @@ By signing off your commits, you agree to the following agreement, also known as ## Authors and acknowledgment -arduino-create-agent is a fork of @[johnlauer](https://github.com/johnlauer)'s [serial-port-json-server](https://github.com/johnlauer/serial-port-json-server) (which we really want to thank for his kindness and great work) +arduino-cloud-agent is a fork of @[johnlauer](https://github.com/johnlauer)'s [serial-port-json-server](https://github.com/johnlauer/serial-port-json-server) (which we really want to thank for his kindness and great work) The history has been rewritten to keep the repo small (thus removing all binaries committed in the past) diff --git a/Taskfile.yml b/Taskfile.yml index 603a2ce91..b64b12bb5 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -37,7 +37,7 @@ tasks: cmds: - task: go:build vars: - PROJECT_NAME: arduino-create-agent_cli + PROJECT_NAME: arduino-cloud-agent_cli ADDITIONAL_FLAGS: -tags cli go:build-win: @@ -46,7 +46,7 @@ tasks: - rsrc -arch {{.GOARCH}} -manifest manifest.xml # GOARCH shoud be either amd64 or 386 - task: go:build vars: - PROJECT_NAME: arduino-create-agent.exe + PROJECT_NAME: arduino-cloud-agent.exe WIN_FLAGS: -H=windowsgui - rm *.syso # rm file to avoid compilation problems on other platforms vars: @@ -58,7 +58,7 @@ tasks: cmds: - task: go:build vars: - PROJECT_NAME: arduino-create-agent_cli.exe + PROJECT_NAME: arduino-cloud-agent_cli.exe ADDITIONAL_FLAGS: -tags cli # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/test-go-task/Taskfile.yml @@ -140,7 +140,7 @@ tasks: vars: # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/release-go-task/Taskfile.yml - PROJECT_NAME: arduino-create-agent + PROJECT_NAME: arduino-cloud-agent # build vars COMMIT: sh: echo "$(git log --no-show-signature -n 1 --format=%h)" diff --git a/home.html b/home.html index e66b7c975..ee523981a 100644 --- a/home.html +++ b/home.html @@ -1,321 +1,346 @@ - - - Arduino Create Agent Debug Console - - - + + Arduino Cloud Agent Debug Console + + + - - + - +
-
- 

-            

-        

-        
-
-
-
\ No newline at end of file
+  
+
diff --git a/tests/conftest.py b/tests/conftest.py
index 622965b64..0e81d76f0 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -27,9 +27,9 @@
 @pytest.fixture(scope="function")
 def agent(pytestconfig):
     if platform.system() == "Windows":
-        agent = str(Path(pytestconfig.rootdir) / "arduino-create-agent_cli.exe")
+        agent = str(Path(pytestconfig.rootdir) / "arduino-cloud-agent_cli.exe")
     else:
-        agent = str(Path(pytestconfig.rootdir) / "arduino-create-agent")
+        agent = str(Path(pytestconfig.rootdir) / "arduino-cloud-agent")
     env = {
         # "ARDUINO_DATA_DIR": data_dir,
         # "ARDUINO_DOWNLOADS_DIR": downloads_dir,
diff --git a/updater/updater_darwin.go b/updater/updater_darwin.go
index 105a529ef..c4eb5070d 100644
--- a/updater/updater_darwin.go
+++ b/updater/updater_darwin.go
@@ -143,7 +143,9 @@ func checkForUpdates(currentVersion string, updateURL string, cmdName string) (s
 
 	// Install new app
 	logrus.WithField("from", tmpAppPath).WithField("to", currentAppPath).Info("Copying updated app")
-	if err := tmpAppPath.CopyDirTo(currentAppPath); err != nil || !paths.New(executablePath).Exist() {
+	createPath := currentAppPath.Join("Contents", "MacOS", "Arduino_Create_Agent")
+	cloudPath := currentAppPath.Join("Contents", "MacOS", "Arduino_Cloud_Agent")
+	if err := tmpAppPath.CopyDirTo(currentAppPath); err != nil || (!createPath.Exist() && !cloudPath.Exist()) {
 		// Try rollback changes
 		_ = currentAppPath.RemoveAll()
 		_ = oldAppPath.Rename(currentAppPath)

From 6287df1e7a1611bf28569df49f493593b598cb4e Mon Sep 17 00:00:00 2001
From: Umberto Baldi <34278123+umbynos@users.noreply.github.com>
Date: Mon, 5 Aug 2024 16:01:59 +0200
Subject: [PATCH 09/37] Fix agent not able to install `esptool` after 1.6.0
 (#986)

* fix link

* drop test on old tool not used anymore, and introduce again `arduino-fwuploader`

* add tests to install esptool to verify https://github.com/arduino/arduino-create-agent/issues/980

* implement properly rename function to fix extraction issue with esptool

* fix test

* Update v2/pkgs/tools_test.go

Co-authored-by: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com>

---------

Co-authored-by: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com>
---
 main_test.go                          | 13 +++++++
 tools/download_test.go                |  1 -
 tools/testdata/test_tool_index.json   | 55 ---------------------------
 v2/pkgs/pkgs.go                       |  8 ++--
 v2/pkgs/testdata/test_tool_index.json | 55 ---------------------------
 v2/pkgs/tools.go                      | 14 ++++---
 v2/pkgs/tools_test.go                 | 12 +++---
 7 files changed, 32 insertions(+), 126 deletions(-)

diff --git a/main_test.go b/main_test.go
index c8276bba8..568556953 100644
--- a/main_test.go
+++ b/main_test.go
@@ -116,6 +116,18 @@ func TestInstallToolV2(t *testing.T) {
 		Signature: &bossacSignature,
 	}
 
+	esptoolURL := "https://github.com/earlephilhower/esp-quick-toolchain/releases/download/2.5.0-3/x86_64-linux-gnu.esptool-f80ae31.tar.gz"
+	esptoolChecksum := "SHA-256:bded1dca953377838b6086a9bcd40a1dc5286ba5f69f2372c22a1d1819baad24"
+	esptoolSignature := "852b58871419ce5e5633ecfaa72c0f0fa890ceb51164b362b8133bc0e3e003a21cec48935b8cdc078f4031219cbf17fb7edd9d7c9ca8ed85492911c9ca6353c9aa4691eb91fda99563a6bd49aeca0d9981fb05ec76e45c6024f8a6822862ad1e34ddc652fbbf4fa909887a255d4f087398ec386577efcec523c21203be3d10fc9e9b0f990a7536875a77dc2bc5cbffea7734b62238e31719111b718bacccebffc9be689545540e81d23b81caa66214376f58a0d6a45cf7efc5d3af62ab932b371628162fffe403906f41d5534921e5be081c5ac2ecc9db5caec03a105cc44b00ce19a95ad079843501eb8182e0717ce327867380c0e39d2b48698547fc1d0d66"
+	esptoolInstallURLOK := tools.ToolPayload{
+		Name:      "esptool",
+		Version:   "2.5.0-3-20ed2b9",
+		Packager:  "esp8266",
+		URL:       &esptoolURL,
+		Checksum:  &esptoolChecksum,
+		Signature: &esptoolSignature,
+	}
+
 	wrongSignature := "wr0ngs1gn4tur3"
 	bossacInstallWrongSig := tools.ToolPayload{
 		Name:      "bossac",
@@ -147,6 +159,7 @@ func TestInstallToolV2(t *testing.T) {
 		{bossacInstallWrongSig, http.StatusInternalServerError, "verification error"},
 		{bossacInstallWrongCheck, http.StatusInternalServerError, "checksum of downloaded file doesn't match"},
 		{bossacInstallNoURL, http.StatusOK, "ok"},
+		{esptoolInstallURLOK, http.StatusOK, "ok"},
 	}
 
 	for _, test := range tests {
diff --git a/tools/download_test.go b/tools/download_test.go
index 1e958de91..8863a09d7 100644
--- a/tools/download_test.go
+++ b/tools/download_test.go
@@ -120,7 +120,6 @@ func TestDownload(t *testing.T) {
 		{"rp2040tools", "1.0.6", []string{"elf2uf2", "picotool", "pioasm", "rp2040load"}},
 		{"esptool_py", "4.5.1", []string{"esptool"}},
 		{"arduino-fwuploader", "2.2.2", []string{"arduino-fwuploader"}},
-		{"fwupdater", "0.1.12", []string{"firmwares", "FirmwareUploader"}}, // old legacy tool
 	}
 	// prepare the test environment
 	tempDir := t.TempDir()
diff --git a/tools/testdata/test_tool_index.json b/tools/testdata/test_tool_index.json
index fdee1cc9d..b7f8b87d2 100644
--- a/tools/testdata/test_tool_index.json
+++ b/tools/testdata/test_tool_index.json
@@ -514,61 +514,6 @@
               "size": "6829396"
             }
           ]
-        },
-        {
-          "name": "fwupdater",
-          "version": "0.1.12",
-          "systems": [
-            {
-              "host": "i686-linux-gnu",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_32bit.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_32bit.tar.bz2",
-              "checksum": "SHA-256:2fec2bdfd20ad4950bc9ba37108dc2a7c152f569174279c0697efe1f5a0db781",
-              "size": "26097546"
-            },
-            {
-              "host": "x86_64-pc-linux-gnu",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_64bit.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_64bit.tar.bz2",
-              "checksum": "SHA-256:ce57d0afef30cb7d3513f5da326346c99d6bf4923bbc2200634086811f3fb31e",
-              "size": "26073327"
-            },
-            {
-              "host": "i686-mingw32",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Windows_32bit.zip",
-              "archiveFileName": "FirmwareUploader_0.1.12_Windows_32bit.zip",
-              "checksum": "SHA-256:558568b453caa1c821def8cc6d34555d0c910eb7e7e871de3ae1c39ae6f01bdd",
-              "size": "25743641"
-            },
-            {
-              "host": "x86_64-mingw32",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Windows_64bit.zip",
-              "archiveFileName": "FirmwareUploader_0.1.12_Windows_64bit.zip",
-              "checksum": "SHA-256:ec16de33620985434280c92c3c322257b89bb67adf8fd4d5dd5f9467ea1e9e40",
-              "size": "25851428"
-            },
-            {
-              "host": "i386-apple-darwin11",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_macOS_64bit.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_macOS_64bit.tar.bz2",
-              "checksum": "SHA-256:a470361b57f86ddfcaecd274d844af51ee1d23a71cd6c26e30fcef2152d1a03f",
-              "size": "25792860"
-            },
-            {
-              "host": "arm-linux-gnueabihf",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_ARM.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_ARM.tar.bz2",
-              "checksum": "SHA-256:855fa0a9b942c3ee18906efc510bdfe30bf3334ff28ffbb476e648ff30033847",
-              "size": "25936245"
-            },
-            {
-              "host": "aarch64-linux-gnu",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_ARM64.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_ARM64.tar.bz2",
-              "checksum": "SHA-256:691461e64fe075e9a79801347c2bd895fb72f8f2c45a7cd49056c6ad9efe8fc4",
-              "size": "25967430"
-            }
-          ]
         }
       ]
     }
diff --git a/v2/pkgs/pkgs.go b/v2/pkgs/pkgs.go
index f4965117c..07e392b2f 100644
--- a/v2/pkgs/pkgs.go
+++ b/v2/pkgs/pkgs.go
@@ -50,7 +50,7 @@ type System struct {
 	Checksum string `json:"checksum"`
 }
 
-// Source: https://github.com/arduino/arduino-cli/blob/master/arduino/cores/tools.go#L129-L142
+// Source: https://github.com/arduino/arduino-cli/blob/master/internal/arduino/cores/tools.go#L129-L142
 var (
 	regexpLinuxArm   = regexp.MustCompile("arm.*-linux-gnueabihf")
 	regexpLinuxArm64 = regexp.MustCompile("(aarch64|arm64)-linux-gnu")
@@ -66,7 +66,7 @@ var (
 	regexpFreeBSD64  = regexp.MustCompile("amd64-freebsd[0-9]*")
 )
 
-// Source: https://github.com/arduino/arduino-cli/blob/master/arduino/cores/tools.go#L144-L176
+// Source: https://github.com/arduino/arduino-cli/blob/master/internal/arduino/cores/tools.go#L144-L176
 func (s *System) isExactMatchWith(osName, osArch string) bool {
 	if s.Host == "all" {
 		return true
@@ -101,7 +101,7 @@ func (s *System) isExactMatchWith(osName, osArch string) bool {
 	return false
 }
 
-// Source: https://github.com/arduino/arduino-cli/blob/master/arduino/cores/tools.go#L178-L198
+// Source: https://github.com/arduino/arduino-cli/blob/master/internal/arduino/cores/tools.go#L178-L198
 func (s *System) isCompatibleWith(osName, osArch string) (bool, int) {
 	if s.isExactMatchWith(osName, osArch) {
 		return true, 1000
@@ -125,7 +125,7 @@ func (s *System) isCompatibleWith(osName, osArch string) (bool, int) {
 }
 
 // GetFlavourCompatibleWith returns the downloadable resource (System) compatible with the specified OS/Arch
-// Source: https://github.com/arduino/arduino-cli/blob/master/arduino/cores/tools.go#L206-L216
+// Source: https://github.com/arduino/arduino-cli/blob/master/internal/arduino/cores/tools.go#L206-L216
 func (t *Tool) GetFlavourCompatibleWith(osName, osArch string) System {
 	var correctSystem System
 	maxSimilarity := -1
diff --git a/v2/pkgs/testdata/test_tool_index.json b/v2/pkgs/testdata/test_tool_index.json
index fdee1cc9d..b7f8b87d2 100644
--- a/v2/pkgs/testdata/test_tool_index.json
+++ b/v2/pkgs/testdata/test_tool_index.json
@@ -514,61 +514,6 @@
               "size": "6829396"
             }
           ]
-        },
-        {
-          "name": "fwupdater",
-          "version": "0.1.12",
-          "systems": [
-            {
-              "host": "i686-linux-gnu",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_32bit.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_32bit.tar.bz2",
-              "checksum": "SHA-256:2fec2bdfd20ad4950bc9ba37108dc2a7c152f569174279c0697efe1f5a0db781",
-              "size": "26097546"
-            },
-            {
-              "host": "x86_64-pc-linux-gnu",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_64bit.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_64bit.tar.bz2",
-              "checksum": "SHA-256:ce57d0afef30cb7d3513f5da326346c99d6bf4923bbc2200634086811f3fb31e",
-              "size": "26073327"
-            },
-            {
-              "host": "i686-mingw32",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Windows_32bit.zip",
-              "archiveFileName": "FirmwareUploader_0.1.12_Windows_32bit.zip",
-              "checksum": "SHA-256:558568b453caa1c821def8cc6d34555d0c910eb7e7e871de3ae1c39ae6f01bdd",
-              "size": "25743641"
-            },
-            {
-              "host": "x86_64-mingw32",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Windows_64bit.zip",
-              "archiveFileName": "FirmwareUploader_0.1.12_Windows_64bit.zip",
-              "checksum": "SHA-256:ec16de33620985434280c92c3c322257b89bb67adf8fd4d5dd5f9467ea1e9e40",
-              "size": "25851428"
-            },
-            {
-              "host": "i386-apple-darwin11",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_macOS_64bit.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_macOS_64bit.tar.bz2",
-              "checksum": "SHA-256:a470361b57f86ddfcaecd274d844af51ee1d23a71cd6c26e30fcef2152d1a03f",
-              "size": "25792860"
-            },
-            {
-              "host": "arm-linux-gnueabihf",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_ARM.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_ARM.tar.bz2",
-              "checksum": "SHA-256:855fa0a9b942c3ee18906efc510bdfe30bf3334ff28ffbb476e648ff30033847",
-              "size": "25936245"
-            },
-            {
-              "host": "aarch64-linux-gnu",
-              "url": "http://downloads.arduino.cc/tools/FirmwareUploader_0.1.12_Linux_ARM64.tar.bz2",
-              "archiveFileName": "FirmwareUploader_0.1.12_Linux_ARM64.tar.bz2",
-              "checksum": "SHA-256:691461e64fe075e9a79801347c2bd895fb72f8f2c45a7cd49056c6ad9efe8fc4",
-              "size": "25967430"
-            }
-          ]
         }
       ]
     }
diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go
index b0daaaaef..14f853e9e 100644
--- a/v2/pkgs/tools.go
+++ b/v2/pkgs/tools.go
@@ -269,15 +269,19 @@ func (t *Tools) Remove(ctx context.Context, payload *tools.ToolPayload) (*tools.
 	return &tools.Operation{Status: "ok"}, nil
 }
 
+// rename function is used to rename the path of the extracted files
 func rename(base string) extract.Renamer {
+	// "Rename" the given path adding the "base" and removing the root folder in "path" (if present).
 	return func(path string) string {
 		parts := strings.Split(filepath.ToSlash(path), "/")
-		newPath := strings.Join(parts[1:], "/")
-		if newPath == "" {
-			newPath = filepath.Join(newPath, path)
+		if len(parts) <= 1 {
+			// The path does not contain a root folder. This might happen for tool packages (zip files)
+			// that have an invalid structure. Do not try to remove the root folder in these cases.
+			return filepath.Join(base, path)
 		}
-		path = filepath.Join(base, newPath)
-		return path
+		// Removes the first part of the path (the root folder).
+		path = strings.Join(parts[1:], "/")
+		return filepath.Join(base, path)
 	}
 }
 
diff --git a/v2/pkgs/tools_test.go b/v2/pkgs/tools_test.go
index be4d5e4d1..edd575fc8 100644
--- a/v2/pkgs/tools_test.go
+++ b/v2/pkgs/tools_test.go
@@ -230,9 +230,9 @@ func TestInstall(t *testing.T) {
 		{Name: "dfu-util", Version: "0.10.0-arduino1", Packager: "arduino-test", URL: nil, Checksum: nil, Signature: nil},
 		{Name: "rp2040tools", Version: "1.0.6", Packager: "arduino-test", URL: nil, Checksum: nil, Signature: nil},
 		{Name: "esptool_py", Version: "4.5.1", Packager: "arduino-test", URL: nil, Checksum: nil, Signature: nil},
-		// At the moment we don't install these ones because they are packaged in a different way: they do not have a top level dir, causing the rename funcion to behave incorrectly
-		// {Name: "fwupdater", Version: "0.1.12", Packager: "arduino-test", URL: nil, Checksum: nil, Signature: nil},
-		// {Name: "arduino-fwuploader", Version: "2.2.2", Packager: "arduino-test", URL: nil, Checksum: nil, Signature: nil},
+		{Name: "arduino-fwuploader", Version: "2.2.2", Packager: "arduino-test", URL: nil, Checksum: nil, Signature: nil},
+		// test download of a tool not present in index. the same archive is downloaded on linux/win/mac See https://github.com/arduino/arduino-create-agent/issues/980
+		{Name: "esptool", Version: "2.5.0-3-20ed2b9", Packager: "esp8266", URL: strpoint("https://github.com/earlephilhower/esp-quick-toolchain/releases/download/2.5.0-3/x86_64-linux-gnu.esptool-f80ae31.tar.gz"), Checksum: strpoint("SHA-256:bded1dca953377838b6086a9bcd40a1dc5286ba5f69f2372c22a1d1819baad24"), Signature: strpoint("852b58871419ce5e5633ecfaa72c0f0fa890ceb51164b362b8133bc0e3e003a21cec48935b8cdc078f4031219cbf17fb7edd9d7c9ca8ed85492911c9ca6353c9aa4691eb91fda99563a6bd49aeca0d9981fb05ec76e45c6024f8a6822862ad1e34ddc652fbbf4fa909887a255d4f087398ec386577efcec523c21203be3d10fc9e9b0f990a7536875a77dc2bc5cbffea7734b62238e31719111b718bacccebffc9be689545540e81d23b81caa66214376f58a0d6a45cf7efc5d3af62ab932b371628162fffe403906f41d5534921e5be081c5ac2ecc9db5caec03a105cc44b00ce19a95ad079843501eb8182e0717ce327867380c0e39d2b48698547fc1d0d66")},
 	}
 
 	expectedFiles := map[string][]string{
@@ -244,8 +244,8 @@ func TestInstall(t *testing.T) {
 		"dfu-util-0.10.0-arduino1": {"dfu-prefix", "dfu-suffix", "dfu-util"},
 		"rp2040tools-1.0.6":        {"elf2uf2", "picotool", "pioasm", "rp2040load"},
 		"esptool_py-4.5.1":         {"esptool"},
-		// "fwupdater-0.1.12":         {"firmwares", "FirmwareUploader"}, // old legacy tool
-		// "arduino-fwuploader-2.2.2": {"arduino-fwuploader"},
+		"arduino-fwuploader-2.2.2": {"arduino-fwuploader"},
+		// "esptool-2.5.0-3-20ed2b9":  {"esptool"}, // we don't check if there is esptool in the archive because it's the same archive even on windows (no extension)
 	}
 	for _, tc := range testCases {
 		t.Run(tc.Name+"-"+tc.Version, func(t *testing.T) {
@@ -254,7 +254,7 @@ func TestInstall(t *testing.T) {
 			require.NoError(t, err)
 
 			// Check that the tool has been downloaded
-			toolDir := paths.New(tmp).Join("arduino-test", tc.Name, tc.Version)
+			toolDir := paths.New(tmp).Join(tc.Packager, tc.Name, tc.Version)
 			require.DirExists(t, toolDir.String())
 
 			// Check that the files have been created

From a679bf359c17749c056648ef1b0c66d50d418e0f Mon Sep 17 00:00:00 2001
From: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com>
Date: Mon, 5 Aug 2024 16:38:05 +0200
Subject: [PATCH 10/37] Improve `installed.json` handling in `v2/tools` (#983)

* Introduce mutex policy to the v2 tools and use it to write the installed.json

* Use a map to store installed.json information

* Use the correct lock for reading and writing

* Include the v2.Tools constructor in the old Tools struct

* Add corrupted json test
---
 tools/download.go      |  5 ++-
 tools/download_test.go | 20 +++++++++++
 tools/tools.go         |  3 ++
 v2/pkgs/tools.go       | 76 ++++++++++++++++++++----------------------
 4 files changed, 61 insertions(+), 43 deletions(-)

diff --git a/tools/download.go b/tools/download.go
index 6e5fa8b7f..8c4a37a6c 100644
--- a/tools/download.go
+++ b/tools/download.go
@@ -25,7 +25,6 @@ import (
 
 	"github.com/arduino/arduino-create-agent/gen/tools"
 	"github.com/arduino/arduino-create-agent/utilities"
-	"github.com/arduino/arduino-create-agent/v2/pkgs"
 )
 
 // Download will parse the index at the indexURL for the tool to download.
@@ -45,8 +44,8 @@ import (
 // if it already exists.
 func (t *Tools) Download(pack, name, version, behaviour string) error {
 
-	tool := pkgs.New(t.index, t.directory.String(), behaviour)
-	_, err := tool.Install(context.Background(), &tools.ToolPayload{Name: name, Version: version, Packager: pack})
+	t.tools.SetBehaviour(behaviour)
+	_, err := t.tools.Install(context.Background(), &tools.ToolPayload{Name: name, Version: version, Packager: pack})
 	if err != nil {
 		return err
 	}
diff --git a/tools/download_test.go b/tools/download_test.go
index 8863a09d7..7cf2fab0d 100644
--- a/tools/download_test.go
+++ b/tools/download_test.go
@@ -160,3 +160,23 @@ func TestDownload(t *testing.T) {
 		})
 	}
 }
+
+func TestCorruptedInstalled(t *testing.T) {
+	// prepare the test environment
+	tempDir := t.TempDir()
+	tempDirPath := paths.New(tempDir)
+	testIndex := index.Resource{
+		IndexFile:   *paths.New("testdata", "test_tool_index.json"),
+		LastRefresh: time.Now(),
+	}
+	corruptedJSON := tempDirPath.Join("installed.json")
+	fileJSON, err := corruptedJSON.Create()
+	require.NoError(t, err)
+	defer fileJSON.Close()
+	_, err = fileJSON.Write([]byte("Hello"))
+	require.NoError(t, err)
+	testTools := New(tempDirPath, &testIndex, func(msg string) { t.Log(msg) })
+	// Download the tool
+	err = testTools.Download("arduino-test", "avrdude", "6.3.0-arduino17", "keep")
+	require.NoError(t, err)
+}
diff --git a/tools/tools.go b/tools/tools.go
index cb9efc787..5cecc5089 100644
--- a/tools/tools.go
+++ b/tools/tools.go
@@ -22,6 +22,7 @@ import (
 	"sync"
 
 	"github.com/arduino/arduino-create-agent/index"
+	"github.com/arduino/arduino-create-agent/v2/pkgs"
 	"github.com/arduino/go-paths-helper"
 	"github.com/xrash/smetrics"
 )
@@ -47,6 +48,7 @@ type Tools struct {
 	logger    func(msg string)
 	installed map[string]string
 	mutex     sync.RWMutex
+	tools     *pkgs.Tools
 }
 
 // New will return a Tool object, allowing the caller to execute operations on it.
@@ -60,6 +62,7 @@ func New(directory *paths.Path, index *index.Resource, logger func(msg string))
 		logger:    logger,
 		installed: map[string]string{},
 		mutex:     sync.RWMutex{},
+		tools:     pkgs.New(index, directory.String(), "replace"),
 	}
 	_ = t.readMap()
 	return t
diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go
index 14f853e9e..c84d207f8 100644
--- a/v2/pkgs/tools.go
+++ b/v2/pkgs/tools.go
@@ -29,6 +29,7 @@ import (
 	"path/filepath"
 	"runtime"
 	"strings"
+	"sync"
 
 	"github.com/arduino/arduino-create-agent/gen/tools"
 	"github.com/arduino/arduino-create-agent/index"
@@ -60,17 +61,23 @@ type Tools struct {
 	index     *index.Resource
 	folder    string
 	behaviour string
+	installed map[string]string
+	mutex     sync.RWMutex
 }
 
 // New will return a Tool object, allowing the caller to execute operations on it.
 // The New function will accept an index as parameter (used to download the indexes)
 // and a folder used to download the indexes
 func New(index *index.Resource, folder, behaviour string) *Tools {
-	return &Tools{
+	t := &Tools{
 		index:     index,
 		folder:    folder,
 		behaviour: behaviour,
+		installed: map[string]string{},
+		mutex:     sync.RWMutex{},
 	}
+	t.readInstalled()
+	return t
 }
 
 // Installedhead is here only because it was required by the front-end.
@@ -181,13 +188,10 @@ func (t *Tools) Install(ctx context.Context, payload *tools.ToolPayload) (*tools
 	key := correctTool.Name + "-" + correctTool.Version
 	// Check if it already exists
 	if t.behaviour == "keep" && pathExists(t.folder) {
-		location, ok, err := checkInstalled(t.folder, key)
-		if err != nil {
-			return nil, err
-		}
+		location, ok := t.installed[key]
 		if ok && pathExists(location) {
 			// overwrite the default tool with this one
-			err := writeInstalled(t.folder, path)
+			err := t.writeInstalled(path)
 			if err != nil {
 				return nil, err
 			}
@@ -245,7 +249,7 @@ func (t *Tools) install(ctx context.Context, path, url, checksum string) (*tools
 	}
 
 	// Write installed.json for retrocompatibility with v1
-	err = writeInstalled(t.folder, path)
+	err = t.writeInstalled(path)
 	if err != nil {
 		return nil, err
 	}
@@ -285,54 +289,41 @@ func rename(base string) extract.Renamer {
 	}
 }
 
-func readInstalled(installedFile string) (map[string]string, error) {
+func (t *Tools) readInstalled() error {
+	t.mutex.RLock()
+	defer t.mutex.RUnlock()
 	// read installed.json
-	installed := map[string]string{}
-	data, err := os.ReadFile(installedFile)
-	if err == nil {
-		err = json.Unmarshal(data, &installed)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return installed, nil
-}
-
-func checkInstalled(folder, key string) (string, bool, error) {
-	installedFile, err := utilities.SafeJoin(folder, "installed.json")
-	if err != nil {
-		return "", false, err
-	}
-	installed, err := readInstalled(installedFile)
-	if err != nil {
-		return "", false, err
-	}
-	location, ok := installed[key]
-	return location, ok, err
-}
-
-func writeInstalled(folder, path string) error {
-	// read installed.json
-	installedFile, err := utilities.SafeJoin(folder, "installed.json")
+	installedFile, err := utilities.SafeJoin(t.folder, "installed.json")
 	if err != nil {
 		return err
 	}
-	installed, err := readInstalled(installedFile)
+	data, err := os.ReadFile(installedFile)
 	if err != nil {
 		return err
 	}
+	return json.Unmarshal(data, &t.installed)
+}
+
+func (t *Tools) writeInstalled(path string) error {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
 
 	parts := strings.Split(path, string(filepath.Separator))
 	tool := parts[len(parts)-2]
 	toolWithVersion := fmt.Sprint(tool, "-", parts[len(parts)-1])
-	toolFile, err := utilities.SafeJoin(folder, path)
+	toolFile, err := utilities.SafeJoin(t.folder, path)
 	if err != nil {
 		return err
 	}
-	installed[tool] = toolFile
-	installed[toolWithVersion] = toolFile
+	t.installed[tool] = toolFile
+	t.installed[toolWithVersion] = toolFile
 
-	data, err := json.Marshal(installed)
+	data, err := json.Marshal(t.installed)
+	if err != nil {
+		return err
+	}
+
+	installedFile, err := utilities.SafeJoin(t.folder, "installed.json")
 	if err != nil {
 		return err
 	}
@@ -340,6 +331,11 @@ func writeInstalled(folder, path string) error {
 	return os.WriteFile(installedFile, data, 0644)
 }
 
+// SetBehaviour sets the download behaviour to either keep or replace
+func (t *Tools) SetBehaviour(behaviour string) {
+	t.behaviour = behaviour
+}
+
 func pathExists(path string) bool {
 	_, err := os.Stat(path)
 	if err == nil {

From 1561223e52c891127a5f4645c0023699a804c043 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Aug 2024 16:39:07 +0200
Subject: [PATCH 11/37] Bump golang.org/x/sys from 0.20.0 to 0.23.0 (#985)

* Bump golang.org/x/sys from 0.20.0 to 0.23.0

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.20.0 to 0.23.0.
- [Commits](https://github.com/golang/sys/compare/v0.20.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 

* update license

---------

Signed-off-by: dependabot[bot] 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Umberto Baldi 
---
 .licensed.yml                                        |  1 +
 .../go/golang.org/x/sys/unix.dep.yml                 | 12 ++++++------
 go.mod                                               |  2 +-
 go.sum                                               |  4 ++--
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/.licensed.yml b/.licensed.yml
index f0c02a90e..104135193 100644
--- a/.licensed.yml
+++ b/.licensed.yml
@@ -10,6 +10,7 @@ reviewed:
     - golang.org/x/net/html
     - golang.org/x/net/html/atom
     - golang.org/x/crypto/curve25519
+    - golang.org/x/sys/unix
     - github.com/ProtonMail/go-crypto/bitcurves
     - github.com/ProtonMail/go-crypto/brainpool
     - github.com/ProtonMail/go-crypto/eax
diff --git a/.licenses/arduino-create-agent/go/golang.org/x/sys/unix.dep.yml b/.licenses/arduino-create-agent/go/golang.org/x/sys/unix.dep.yml
index 8c6dd955b..5c4780a8d 100644
--- a/.licenses/arduino-create-agent/go/golang.org/x/sys/unix.dep.yml
+++ b/.licenses/arduino-create-agent/go/golang.org/x/sys/unix.dep.yml
@@ -1,14 +1,14 @@
 ---
 name: golang.org/x/sys/unix
-version: v0.20.0
+version: v0.23.0
 type: go
 summary: Package unix contains an interface to the low-level operating system primitives.
 homepage: https://pkg.go.dev/golang.org/x/sys/unix
-license: bsd-3-clause
+license: other
 licenses:
-- sources: sys@v0.20.0/LICENSE
+- sources: sys@v0.23.0/LICENSE
   text: |
-    Copyright (c) 2009 The Go Authors. All rights reserved.
+    Copyright 2009 The Go Authors.
 
     Redistribution and use in source and binary forms, with or without
     modification, are permitted provided that the following conditions are
@@ -20,7 +20,7 @@ licenses:
     copyright notice, this list of conditions and the following disclaimer
     in the documentation and/or other materials provided with the
     distribution.
-       * Neither the name of Google Inc. nor the names of its
+       * Neither the name of Google LLC nor the names of its
     contributors may be used to endorse or promote products derived from
     this software without specific prior written permission.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: sys@v0.20.0/PATENTS
+- sources: sys@v0.23.0/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/go.mod b/go.mod
index b1f0f8fda..4b92a2573 100644
--- a/go.mod
+++ b/go.mod
@@ -23,7 +23,7 @@ require (
 	github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9
 	go.bug.st/serial v1.6.1
 	goa.design/goa/v3 v3.16.1
-	golang.org/x/sys v0.20.0
+	golang.org/x/sys v0.23.0
 	gopkg.in/inconshreveable/go-update.v0 v0.0.0-20150814200126-d8b0b1d421aa
 )
 
diff --git a/go.sum b/go.sum
index 278446a66..2e8a44221 100644
--- a/go.sum
+++ b/go.sum
@@ -181,8 +181,8 @@ golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
+golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=

From 3ebca0a054b2451a2a5ddc962bac3ae133f6bcfa Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Aug 2024 16:41:54 +0200
Subject: [PATCH 12/37] Bump github.com/ProtonMail/go-crypto from 1.1.0-alpha.2
 to 1.1.0-alpha.5-proton (#974)

* Bump github.com/ProtonMail/go-crypto

Bumps [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) from 1.1.0-alpha.2 to 1.1.0-alpha.5-proton.
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](https://github.com/ProtonMail/go-crypto/compare/v1.1.0-alpha.2...v1.1.0-alpha.5-proton)

---
updated-dependencies:
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 

* update licenses

---------

Signed-off-by: dependabot[bot] 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Umberto Baldi 
---
 .licensed.yml                                 |  3 +
 .../ProtonMail/go-crypto/bitcurves.dep.yml    |  6 +-
 .../ProtonMail/go-crypto/brainpool.dep.yml    |  6 +-
 .../ProtonMail/go-crypto/eax.dep.yml          |  6 +-
 .../go-crypto/internal/byteutil.dep.yml       |  6 +-
 .../ProtonMail/go-crypto/ocb.dep.yml          |  6 +-
 .../ProtonMail/go-crypto/openpgp.dep.yml      |  6 +-
 .../go-crypto/openpgp/aes/keywrap.dep.yml     |  6 +-
 .../go-crypto/openpgp/armor.dep.yml           |  6 +-
 .../ProtonMail/go-crypto/openpgp/ecdh.dep.yml |  6 +-
 .../go-crypto/openpgp/ecdsa.dep.yml           |  6 +-
 .../go-crypto/openpgp/ed25519.dep.yml         |  6 +-
 .../go-crypto/openpgp/ed448.dep.yml           |  6 +-
 .../go-crypto/openpgp/eddsa.dep.yml           |  6 +-
 .../go-crypto/openpgp/elgamal.dep.yml         |  6 +-
 .../go-crypto/openpgp/errors.dep.yml          |  6 +-
 .../openpgp/internal/algorithm.dep.yml        |  6 +-
 .../go-crypto/openpgp/internal/ecc.dep.yml    |  6 +-
 .../openpgp/internal/ecc/curve25519.dep.yml   | 63 +++++++++++++++++++
 .../internal/ecc/curve25519/field.dep.yml     | 62 ++++++++++++++++++
 .../openpgp/internal/encoding.dep.yml         |  6 +-
 .../go-crypto/openpgp/packet.dep.yml          |  6 +-
 .../ProtonMail/go-crypto/openpgp/s2k.dep.yml  |  6 +-
 .../go-crypto/openpgp/symmetric.dep.yml       | 62 ++++++++++++++++++
 .../go-crypto/openpgp/x25519.dep.yml          |  6 +-
 .../ProtonMail/go-crypto/openpgp/x448.dep.yml |  6 +-
 go.mod                                        |  2 +-
 go.sum                                        |  4 +-
 28 files changed, 259 insertions(+), 69 deletions(-)
 create mode 100644 .licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.dep.yml
 create mode 100644 .licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field.dep.yml
 create mode 100644 .licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/symmetric.dep.yml

diff --git a/.licensed.yml b/.licensed.yml
index 104135193..12e7395a3 100644
--- a/.licensed.yml
+++ b/.licensed.yml
@@ -28,9 +28,12 @@ reviewed:
     - github.com/ProtonMail/go-crypto/openpgp/errors
     - github.com/ProtonMail/go-crypto/openpgp/internal/algorithm
     - github.com/ProtonMail/go-crypto/openpgp/internal/ecc
+    - github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519
+    - github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field
     - github.com/ProtonMail/go-crypto/openpgp/internal/encoding
     - github.com/ProtonMail/go-crypto/openpgp/packet
     - github.com/ProtonMail/go-crypto/openpgp/s2k
+    - github.com/ProtonMail/go-crypto/openpgp/symmetric
     - github.com/ProtonMail/go-crypto/openpgp/x25519
     - github.com/ProtonMail/go-crypto/openpgp/x448
     - github.com/cloudflare/circl/dh/x25519
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/bitcurves.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/bitcurves.dep.yml
index 08606aa3f..ff1d983d0 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/bitcurves.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/bitcurves.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/bitcurves
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary:
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/bitcurves
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/brainpool.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/brainpool.dep.yml
index 5cc5c2938..9ec1b1cef 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/brainpool.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/brainpool.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/brainpool
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package brainpool implements Brainpool elliptic curves.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/brainpool
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/eax.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/eax.dep.yml
index 24d186b3c..e086227d1 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/eax.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/eax.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/ProtonMail/go-crypto/eax
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: 'Package eax provides an implementation of the EAX (encrypt-authenticate-translate)
   mode of operation, as described in Bellare, Rogaway, and Wagner "THE EAX MODE OF
@@ -9,7 +9,7 @@ summary: 'Package eax provides an implementation of the EAX (encrypt-authenticat
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/eax
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -38,7 +38,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/internal/byteutil.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/internal/byteutil.dep.yml
index a3835acbf..1d0b837c3 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/internal/byteutil.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/internal/byteutil.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/internal/byteutil
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary:
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/internal/byteutil
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/ocb.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/ocb.dep.yml
index 4ca8e6a7f..f24f78fe7 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/ocb.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/ocb.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/ProtonMail/go-crypto/ocb
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: 'Package ocb provides an implementation of the OCB (offset codebook) mode
   of operation, as described in RFC-7253 of the IRTF and in Rogaway, Bellare, Black
@@ -9,7 +9,7 @@ summary: 'Package ocb provides an implementation of the OCB (offset codebook) mo
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/ocb
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -38,7 +38,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp.dep.yml
index b2cfe5b0e..af72530c0 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package openpgp implements high level operations on OpenPGP messages.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap.dep.yml
index c8b82bc49..7cc6fb0d4 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/aes/keywrap
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package keywrap is an implementation of the RFC 3394 AES key wrapping algorithm.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/armor.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/armor.dep.yml
index 5d827c6f9..982a14505 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/armor.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/armor.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/armor
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package armor implements OpenPGP ASCII Armor, see RFC 4880.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/armor
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdh.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdh.dep.yml
index 19bbd5b3c..9107dd71b 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdh.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdh.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/ecdh
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package ecdh implements ECDH encryption, suitable for OpenPGP, as specified
   in RFC 6637, section 8.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/ecdh
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdsa.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdsa.dep.yml
index 6d4935361..26ae39b99 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdsa.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ecdsa.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/ecdsa
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package ecdsa implements ECDSA signature, suitable for OpenPGP, as specified
   in RFC 6637, section 5.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/ecdsa
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed25519.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed25519.dep.yml
index 619142d7b..b98f3d6ff 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed25519.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed25519.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/ed25519
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package ed25519 implements the ed25519 signature algorithm for OpenPGP as
   defined in the Open PGP crypto refresh.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/ed25519
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed448.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed448.dep.yml
index ba001ce30..a3ec2359a 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed448.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/ed448.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/ed448
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package ed448 implements the ed448 signature algorithm for OpenPGP as defined
   in the Open PGP crypto refresh.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/ed448
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/eddsa.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/eddsa.dep.yml
index a197e12e7..77cb4464e 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/eddsa.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/eddsa.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/eddsa
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package eddsa implements EdDSA signature, suitable for OpenPGP, as specified
   in https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-13.7
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/eddsa
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/elgamal.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/elgamal.dep.yml
index 01278f3d4..30c4e4652 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/elgamal.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/elgamal.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/elgamal
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified
   in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,"
@@ -8,7 +8,7 @@ summary: Package elgamal implements ElGamal encryption, suitable for OpenPGP, as
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/elgamal
 license: bsd-3-clause
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -37,7 +37,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/errors.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/errors.dep.yml
index cb6ba9441..81688cd2f 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/errors.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/errors.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/errors
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package errors contains common error types for the OpenPGP packages.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/errors
 license: bsd-3-clause
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm.dep.yml
index 9671f9971..6d96f4443 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/internal/algorithm
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary:
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc.dep.yml
index 080c67ae9..81e8f7cb5 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/internal/ecc
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/internal/ecc
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.dep.yml
new file mode 100644
index 000000000..ce6e3efe5
--- /dev/null
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.dep.yml
@@ -0,0 +1,63 @@
+---
+name: github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519
+version: v1.1.0-alpha.5-proton
+type: go
+summary: Package curve25519 implements custom field operations without clamping for
+  forwarding.
+homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519
+license: other
+licenses:
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
+  text: |
+    Copyright (c) 2009 The Go Authors. All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are
+    met:
+
+       * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+       * Redistributions in binary form must reproduce the above
+    copyright notice, this list of conditions and the following disclaimer
+    in the documentation and/or other materials provided with the
+    distribution.
+       * Neither the name of Google Inc. nor the names of its
+    contributors may be used to endorse or promote products derived from
+    this software without specific prior written permission.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+    A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+    OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+    LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
+  text: |
+    Additional IP Rights Grant (Patents)
+
+    "This implementation" means the copyrightable works distributed by
+    Google as part of the Go project.
+
+    Google hereby grants to You a perpetual, worldwide, non-exclusive,
+    no-charge, royalty-free, irrevocable (except as stated in this section)
+    patent license to make, have made, use, offer to sell, sell, import,
+    transfer and otherwise run, modify and propagate the contents of this
+    implementation of Go, where such license applies only to those patent
+    claims, both currently owned or controlled by Google and acquired in
+    the future, licensable by Google that are necessarily infringed by this
+    implementation of Go.  This grant does not include claims that would be
+    infringed only as a consequence of further modification of this
+    implementation.  If you or your agent or exclusive licensee institute or
+    order or agree to the institution of patent litigation against any
+    entity (including a cross-claim or counterclaim in a lawsuit) alleging
+    that this implementation of Go or any code incorporated within this
+    implementation of Go constitutes direct or contributory patent
+    infringement, or inducement of patent infringement, then any patent
+    rights granted to you under this License for this implementation of Go
+    shall terminate as of the date such litigation is filed.
+notices: []
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field.dep.yml
new file mode 100644
index 000000000..8df0ed080
--- /dev/null
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field.dep.yml
@@ -0,0 +1,62 @@
+---
+name: github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field
+version: v1.1.0-alpha.5-proton
+type: go
+summary: Package field implements fast arithmetic modulo 2^255-19.
+homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519/field
+license: other
+licenses:
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
+  text: |
+    Copyright (c) 2009 The Go Authors. All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are
+    met:
+
+       * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+       * Redistributions in binary form must reproduce the above
+    copyright notice, this list of conditions and the following disclaimer
+    in the documentation and/or other materials provided with the
+    distribution.
+       * Neither the name of Google Inc. nor the names of its
+    contributors may be used to endorse or promote products derived from
+    this software without specific prior written permission.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+    A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+    OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+    LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
+  text: |
+    Additional IP Rights Grant (Patents)
+
+    "This implementation" means the copyrightable works distributed by
+    Google as part of the Go project.
+
+    Google hereby grants to You a perpetual, worldwide, non-exclusive,
+    no-charge, royalty-free, irrevocable (except as stated in this section)
+    patent license to make, have made, use, offer to sell, sell, import,
+    transfer and otherwise run, modify and propagate the contents of this
+    implementation of Go, where such license applies only to those patent
+    claims, both currently owned or controlled by Google and acquired in
+    the future, licensable by Google that are necessarily infringed by this
+    implementation of Go.  This grant does not include claims that would be
+    infringed only as a consequence of further modification of this
+    implementation.  If you or your agent or exclusive licensee institute or
+    order or agree to the institution of patent litigation against any
+    entity (including a cross-claim or counterclaim in a lawsuit) alleging
+    that this implementation of Go or any code incorporated within this
+    implementation of Go constitutes direct or contributory patent
+    infringement, or inducement of patent infringement, then any patent
+    rights granted to you under this License for this implementation of Go
+    shall terminate as of the date such litigation is filed.
+notices: []
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/encoding.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/encoding.dep.yml
index 871478bef..990da1aa3 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/encoding.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/internal/encoding.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/internal/encoding
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package encoding implements openpgp packet field encodings as specified in
   RFC 4880 and 6637.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/internal/encoding
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/packet.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/packet.dep.yml
index 990c817b3..c470a9e2b 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/packet.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/packet.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/packet
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package packet implements parsing and serialization of OpenPGP packets, as
   specified in RFC 4880.
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/packet
 license: bsd-3-clause
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -36,7 +36,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/s2k.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/s2k.dep.yml
index 3ec86e4b8..a1a554e68 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/s2k.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/s2k.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/s2k
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary: Package s2k implements the various OpenPGP string-to-key transforms as specified
   in RFC 4800 section 3.7.1, and Argon2 specified in draft-ietf-openpgp-crypto-refresh-08
@@ -8,7 +8,7 @@ summary: Package s2k implements the various OpenPGP string-to-key transforms as
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/s2k
 license: bsd-3-clause
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -37,7 +37,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/symmetric.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/symmetric.dep.yml
new file mode 100644
index 000000000..581db5cbd
--- /dev/null
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/symmetric.dep.yml
@@ -0,0 +1,62 @@
+---
+name: github.com/ProtonMail/go-crypto/openpgp/symmetric
+version: v1.1.0-alpha.5-proton
+type: go
+summary:
+homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/symmetric
+license: other
+licenses:
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
+  text: |
+    Copyright (c) 2009 The Go Authors. All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are
+    met:
+
+       * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+       * Redistributions in binary form must reproduce the above
+    copyright notice, this list of conditions and the following disclaimer
+    in the documentation and/or other materials provided with the
+    distribution.
+       * Neither the name of Google Inc. nor the names of its
+    contributors may be used to endorse or promote products derived from
+    this software without specific prior written permission.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+    A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+    OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+    LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
+  text: |
+    Additional IP Rights Grant (Patents)
+
+    "This implementation" means the copyrightable works distributed by
+    Google as part of the Go project.
+
+    Google hereby grants to You a perpetual, worldwide, non-exclusive,
+    no-charge, royalty-free, irrevocable (except as stated in this section)
+    patent license to make, have made, use, offer to sell, sell, import,
+    transfer and otherwise run, modify and propagate the contents of this
+    implementation of Go, where such license applies only to those patent
+    claims, both currently owned or controlled by Google and acquired in
+    the future, licensable by Google that are necessarily infringed by this
+    implementation of Go.  This grant does not include claims that would be
+    infringed only as a consequence of further modification of this
+    implementation.  If you or your agent or exclusive licensee institute or
+    order or agree to the institution of patent litigation against any
+    entity (including a cross-claim or counterclaim in a lawsuit) alleging
+    that this implementation of Go or any code incorporated within this
+    implementation of Go constitutes direct or contributory patent
+    infringement, or inducement of patent infringement, then any patent
+    rights granted to you under this License for this implementation of Go
+    shall terminate as of the date such litigation is filed.
+notices: []
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x25519.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x25519.dep.yml
index 79e3c7c83..16798ee8e 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x25519.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x25519.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/x25519
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary:
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/x25519
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x448.dep.yml b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x448.dep.yml
index 21d2d9e9c..27acdb02c 100644
--- a/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x448.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ProtonMail/go-crypto/openpgp/x448.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ProtonMail/go-crypto/openpgp/x448
-version: v1.1.0-alpha.2
+version: v1.1.0-alpha.5-proton
 type: go
 summary:
 homepage: https://pkg.go.dev/github.com/ProtonMail/go-crypto/openpgp/x448
 license: other
 licenses:
-- sources: go-crypto@v1.1.0-alpha.2/LICENSE
+- sources: go-crypto@v1.1.0-alpha.5-proton/LICENSE
   text: |
     Copyright (c) 2009 The Go Authors. All rights reserved.
 
@@ -35,7 +35,7 @@ licenses:
     THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: go-crypto@v1.1.0-alpha.2/PATENTS
+- sources: go-crypto@v1.1.0-alpha.5-proton/PATENTS
   text: |
     Additional IP Rights Grant (Patents)
 
diff --git a/go.mod b/go.mod
index 4b92a2573..356b51101 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.21
 
 require (
 	fyne.io/systray v1.10.0
-	github.com/ProtonMail/go-crypto v1.1.0-alpha.2
+	github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton
 	github.com/arduino/go-paths-helper v1.12.0
 	github.com/arduino/go-serial-utils v0.1.2
 	github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.0
diff --git a/go.sum b/go.sum
index 2e8a44221..1481506db 100644
--- a/go.sum
+++ b/go.sum
@@ -2,8 +2,8 @@ fyne.io/systray v1.10.0 h1:Yr1D9Lxeiw3+vSuZWPlaHC8BMjIHZXJKkek706AfYQk=
 fyne.io/systray v1.10.0/go.mod h1:oM2AQqGJ1AMo4nNqZFYU8xYygSBZkW2hmdJ7n4yjedE=
 github.com/AnatolyRugalev/goregen v0.1.0 h1:xrdXkLaskMnbxW0x4FWNj2yoednv0X2bcTBWpuJGYfE=
 github.com/AnatolyRugalev/goregen v0.1.0/go.mod h1:sVlY1tjcirqLBRZnCcIq1+7/Lwmqz5g7IK8AStjOVzI=
-github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg=
-github.com/ProtonMail/go-crypto v1.1.0-alpha.2/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
+github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton h1:KVBEgU3CJpmzLChnLiSuEyCuhGhcMt3eOST+7A+ckto=
+github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
 github.com/arduino/go-paths-helper v1.0.1/go.mod h1:HpxtKph+g238EJHq4geEPv9p+gl3v5YYu35Yb+w31Ck=
 github.com/arduino/go-paths-helper v1.12.0 h1:xizOQtI9iHdl19qXd1EmWg5i9W//2bOCOYwlNv8F61E=
 github.com/arduino/go-paths-helper v1.12.0/go.mod h1:jcpW4wr0u69GlXhTYydsdsqAjLaYK5n7oWHfKqOG6LM=

From a945e56092413ccae8339879487912092552ac4a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Aug 2024 16:54:02 +0200
Subject: [PATCH 13/37] Bump github.com/arduino/go-paths-helper from 1.12.0 to
 1.12.1 (#962)

* Bump github.com/arduino/go-paths-helper from 1.12.0 to 1.12.1

Bumps [github.com/arduino/go-paths-helper](https://github.com/arduino/go-paths-helper) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/arduino/go-paths-helper/releases)
- [Commits](https://github.com/arduino/go-paths-helper/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: github.com/arduino/go-paths-helper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 

* update license

---------

Signed-off-by: dependabot[bot] 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Umberto Baldi 
---
 .../go/github.com/arduino/go-paths-helper.dep.yml             | 2 +-
 go.mod                                                        | 2 +-
 go.sum                                                        | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.licenses/arduino-create-agent/go/github.com/arduino/go-paths-helper.dep.yml b/.licenses/arduino-create-agent/go/github.com/arduino/go-paths-helper.dep.yml
index 1de189b7f..21d102e90 100644
--- a/.licenses/arduino-create-agent/go/github.com/arduino/go-paths-helper.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/arduino/go-paths-helper.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/arduino/go-paths-helper
-version: v1.12.0
+version: v1.12.1
 type: go
 summary:
 homepage: https://pkg.go.dev/github.com/arduino/go-paths-helper
diff --git a/go.mod b/go.mod
index 356b51101..9c4e3a03d 100644
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.21
 require (
 	fyne.io/systray v1.10.0
 	github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton
-	github.com/arduino/go-paths-helper v1.12.0
+	github.com/arduino/go-paths-helper v1.12.1
 	github.com/arduino/go-serial-utils v0.1.2
 	github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.0
 	github.com/blang/semver v3.5.1+incompatible
diff --git a/go.sum b/go.sum
index 1481506db..1551328e1 100644
--- a/go.sum
+++ b/go.sum
@@ -5,8 +5,8 @@ github.com/AnatolyRugalev/goregen v0.1.0/go.mod h1:sVlY1tjcirqLBRZnCcIq1+7/Lwmqz
 github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton h1:KVBEgU3CJpmzLChnLiSuEyCuhGhcMt3eOST+7A+ckto=
 github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
 github.com/arduino/go-paths-helper v1.0.1/go.mod h1:HpxtKph+g238EJHq4geEPv9p+gl3v5YYu35Yb+w31Ck=
-github.com/arduino/go-paths-helper v1.12.0 h1:xizOQtI9iHdl19qXd1EmWg5i9W//2bOCOYwlNv8F61E=
-github.com/arduino/go-paths-helper v1.12.0/go.mod h1:jcpW4wr0u69GlXhTYydsdsqAjLaYK5n7oWHfKqOG6LM=
+github.com/arduino/go-paths-helper v1.12.1 h1:WkxiVUxBjKWlLMiMuYy8DcmVrkxdP7aKxQOAq7r2lVM=
+github.com/arduino/go-paths-helper v1.12.1/go.mod h1:jcpW4wr0u69GlXhTYydsdsqAjLaYK5n7oWHfKqOG6LM=
 github.com/arduino/go-properties-orderedmap v1.8.0 h1:wEfa6hHdpezrVOh787OmClsf/Kd8qB+zE3P2Xbrn0CQ=
 github.com/arduino/go-properties-orderedmap v1.8.0/go.mod h1:DKjD2VXY/NZmlingh4lSFMEYCVubfeArCsGPGDwb2yk=
 github.com/arduino/go-serial-utils v0.1.2 h1:MRFwME4w/uaVkJ1R+wzz4KSbI9cF9IDVrYorazvjpTk=

From fb06ef3746e769925505948b0a8c77080d6b8b92 Mon Sep 17 00:00:00 2001
From: MatteoPologruto <109663225+MatteoPologruto@users.noreply.github.com>
Date: Mon, 5 Aug 2024 17:48:10 +0200
Subject: [PATCH 14/37] Insert lock while reading from the installed map (#987)

---
 v2/pkgs/tools.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go
index c84d207f8..1623d6a62 100644
--- a/v2/pkgs/tools.go
+++ b/v2/pkgs/tools.go
@@ -188,7 +188,7 @@ func (t *Tools) Install(ctx context.Context, payload *tools.ToolPayload) (*tools
 	key := correctTool.Name + "-" + correctTool.Version
 	// Check if it already exists
 	if t.behaviour == "keep" && pathExists(t.folder) {
-		location, ok := t.installed[key]
+		location, ok := t.getInstalledValue(key)
 		if ok && pathExists(location) {
 			// overwrite the default tool with this one
 			err := t.writeInstalled(path)
@@ -336,6 +336,13 @@ func (t *Tools) SetBehaviour(behaviour string) {
 	t.behaviour = behaviour
 }
 
+func (t *Tools) getInstalledValue(key string) (string, bool) {
+	t.mutex.RLock()
+	defer t.mutex.RUnlock()
+	location, ok := t.installed[key]
+	return location, ok
+}
+
 func pathExists(path string) bool {
 	_, err := os.Stat(path)
 	if err == nil {

From 6f9025e14d57c8a53faa51262bfd23339f981f0a Mon Sep 17 00:00:00 2001
From: Cristian Maglie 
Date: Thu, 29 Aug 2024 11:25:04 +0200
Subject: [PATCH 15/37] Update `extract` to 4.0.0 and golang to 1.23 (#990)

* Update extract to v4.0.0

* Update go version to 1.22

* Upgrade go to 1.23.0
---
 .../workflows/check-go-dependencies-task.yml  |  2 +-
 .github/workflows/check-go-task.yml           |  2 +-
 .github/workflows/publish-go-tester-task.yml  |  2 +-
 .github/workflows/release.yml                 |  2 +-
 .../workflows/test-go-integration-task.yml    |  2 +-
 .github/workflows/test-go-task.yml            |  2 +-
 .../extract/{v3.dep.yml => v4.dep.yml}        |  6 +-
 .../go/github.com/ulikunitz/xz.dep.yml        |  2 +-
 .../ulikunitz/xz/internal/hash.dep.yml        |  4 +-
 .../ulikunitz/xz/internal/xlog.dep.yml        |  4 +-
 .../go/github.com/ulikunitz/xz/lzma.dep.yml   |  4 +-
 .../go/golang.org/x/crypto/sha3.dep.yml       | 63 -------------------
 go.mod                                        |  6 +-
 go.sum                                        |  8 +--
 updater/updater_darwin.go                     |  2 +-
 v2/pkgs/tools.go                              |  2 +-
 16 files changed, 25 insertions(+), 88 deletions(-)
 rename .licenses/arduino-create-agent/go/github.com/codeclysm/extract/{v3.dep.yml => v4.dep.yml} (91%)
 delete mode 100644 .licenses/arduino-create-agent/go/golang.org/x/crypto/sha3.dep.yml

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index 4983e0db6..a179ee992 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -3,7 +3,7 @@ name: Check Go Dependencies
 
 env:
   # See: https://github.com/actions/setup-go/tree/v3#readme
-  GO_VERSION: "1.21"
+  GO_VERSION: "1.23"
 
 # See: https://docs.github.com/actions/using-workflows/events-that-trigger-workflows
 on:
diff --git a/.github/workflows/check-go-task.yml b/.github/workflows/check-go-task.yml
index 7ea76eb48..6981f26cb 100644
--- a/.github/workflows/check-go-task.yml
+++ b/.github/workflows/check-go-task.yml
@@ -3,7 +3,7 @@ name: Check Go
 
 env:
   # See: https://github.com/actions/setup-go/tree/main#supported-version-syntax
-  GO_VERSION: "1.21"
+  GO_VERSION: "1.23"
 
 # See: https://docs.github.com/actions/using-workflows/events-that-trigger-workflows
 on:
diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml
index aa2949e13..864f21c5f 100644
--- a/.github/workflows/publish-go-tester-task.yml
+++ b/.github/workflows/publish-go-tester-task.yml
@@ -31,7 +31,7 @@ on:
 
 env:
   PROJECT_NAME: arduino-cloud-agent
-  GO_VERSION: "1.21"
+  GO_VERSION: "1.23"
 
 jobs:
   run-determination:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fe60ec8f8..af37a9b85 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -23,7 +23,7 @@ env:
   AC_PASSWORD: ${{ secrets.AC_PASSWORD }} # used by gon
   AC_PROVIDER: ${{ secrets.AC_PROVIDER }} # used by gon
   # See: https://github.com/actions/setup-go/tree/v3#readme
-  GO_VERSION: "1.21"
+  GO_VERSION: "1.23"
 
 jobs:
   # The build job is responsible for: configuring the environment, testing and compiling process
diff --git a/.github/workflows/test-go-integration-task.yml b/.github/workflows/test-go-integration-task.yml
index 79766b083..7eeb8e55f 100644
--- a/.github/workflows/test-go-integration-task.yml
+++ b/.github/workflows/test-go-integration-task.yml
@@ -3,7 +3,7 @@ name: Test Integration
 
 env:
   # See: https://github.com/actions/setup-go/tree/v2#readme
-  GO_VERSION: "1.21"
+  GO_VERSION: "1.23"
   # See: https://github.com/actions/setup-python/tree/v2#available-versions-of-python
   PYTHON_VERSION: "3.9"
 
diff --git a/.github/workflows/test-go-task.yml b/.github/workflows/test-go-task.yml
index 8a7c733ba..cbb95655f 100644
--- a/.github/workflows/test-go-task.yml
+++ b/.github/workflows/test-go-task.yml
@@ -3,7 +3,7 @@ name: Test Go
 
 env:
   # See: https://github.com/actions/setup-go/tree/v2#readme
-  GO_VERSION: "1.21"
+  GO_VERSION: "1.23"
 
 # See: https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows
 on:
diff --git a/.licenses/arduino-create-agent/go/github.com/codeclysm/extract/v3.dep.yml b/.licenses/arduino-create-agent/go/github.com/codeclysm/extract/v4.dep.yml
similarity index 91%
rename from .licenses/arduino-create-agent/go/github.com/codeclysm/extract/v3.dep.yml
rename to .licenses/arduino-create-agent/go/github.com/codeclysm/extract/v4.dep.yml
index 0c6f99746..9defe5f88 100644
--- a/.licenses/arduino-create-agent/go/github.com/codeclysm/extract/v3.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/codeclysm/extract/v4.dep.yml
@@ -1,10 +1,10 @@
 ---
-name: github.com/codeclysm/extract/v3
-version: v3.1.1
+name: github.com/codeclysm/extract/v4
+version: v4.0.0
 type: go
 summary: Package extract allows to extract archives in zip, tar.gz or tar.bz2 formats
   easily.
-homepage: https://pkg.go.dev/github.com/codeclysm/extract/v3
+homepage: https://pkg.go.dev/github.com/codeclysm/extract/v4
 license: mit
 licenses:
 - sources: LICENSE
diff --git a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz.dep.yml b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz.dep.yml
index 0b3c4e2b2..b02e158ff 100644
--- a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/ulikunitz/xz
-version: v0.5.11
+version: v0.5.12
 type: go
 summary: Package xz supports the compression and decompression of xz files.
 homepage: https://pkg.go.dev/github.com/ulikunitz/xz
diff --git a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/hash.dep.yml b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/hash.dep.yml
index 470737fb6..c9a34e7af 100644
--- a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/hash.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/hash.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ulikunitz/xz/internal/hash
-version: v0.5.11
+version: v0.5.12
 type: go
 summary: Package hash provides rolling hashes.
 homepage: https://pkg.go.dev/github.com/ulikunitz/xz/internal/hash
 license: bsd-3-clause
 licenses:
-- sources: xz@v0.5.11/LICENSE
+- sources: xz@v0.5.12/LICENSE
   text: |
     Copyright (c) 2014-2022  Ulrich Kunitz
     All rights reserved.
diff --git a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/xlog.dep.yml b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/xlog.dep.yml
index 5fc1e57f7..a5ec30088 100644
--- a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/xlog.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/internal/xlog.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: github.com/ulikunitz/xz/internal/xlog
-version: v0.5.11
+version: v0.5.12
 type: go
 summary: Package xlog provides a simple logging package that allows to disable certain
   message categories.
 homepage: https://pkg.go.dev/github.com/ulikunitz/xz/internal/xlog
 license: bsd-3-clause
 licenses:
-- sources: xz@v0.5.11/LICENSE
+- sources: xz@v0.5.12/LICENSE
   text: |
     Copyright (c) 2014-2022  Ulrich Kunitz
     All rights reserved.
diff --git a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/lzma.dep.yml b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/lzma.dep.yml
index b30f1859d..66a937e5e 100644
--- a/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/lzma.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/ulikunitz/xz/lzma.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: github.com/ulikunitz/xz/lzma
-version: v0.5.11
+version: v0.5.12
 type: go
 summary: Package lzma supports the decoding and encoding of LZMA streams.
 homepage: https://pkg.go.dev/github.com/ulikunitz/xz/lzma
 license: bsd-3-clause
 licenses:
-- sources: xz@v0.5.11/LICENSE
+- sources: xz@v0.5.12/LICENSE
   text: |
     Copyright (c) 2014-2022  Ulrich Kunitz
     All rights reserved.
diff --git a/.licenses/arduino-create-agent/go/golang.org/x/crypto/sha3.dep.yml b/.licenses/arduino-create-agent/go/golang.org/x/crypto/sha3.dep.yml
deleted file mode 100644
index 1ef1c7c9f..000000000
--- a/.licenses/arduino-create-agent/go/golang.org/x/crypto/sha3.dep.yml
+++ /dev/null
@@ -1,63 +0,0 @@
----
-name: golang.org/x/crypto/sha3
-version: v0.23.0
-type: go
-summary: Package sha3 implements the SHA-3 fixed-output-length hash functions and
-  the SHAKE variable-output-length hash functions defined by FIPS-202.
-homepage: https://pkg.go.dev/golang.org/x/crypto/sha3
-license: bsd-3-clause
-licenses:
-- sources: crypto@v0.23.0/LICENSE
-  text: |
-    Copyright (c) 2009 The Go Authors. All rights reserved.
-
-    Redistribution and use in source and binary forms, with or without
-    modification, are permitted provided that the following conditions are
-    met:
-
-       * Redistributions of source code must retain the above copyright
-    notice, this list of conditions and the following disclaimer.
-       * Redistributions in binary form must reproduce the above
-    copyright notice, this list of conditions and the following disclaimer
-    in the documentation and/or other materials provided with the
-    distribution.
-       * Neither the name of Google Inc. nor the names of its
-    contributors may be used to endorse or promote products derived from
-    this software without specific prior written permission.
-
-    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-    A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-    OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-    LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- sources: crypto@v0.23.0/PATENTS
-  text: |
-    Additional IP Rights Grant (Patents)
-
-    "This implementation" means the copyrightable works distributed by
-    Google as part of the Go project.
-
-    Google hereby grants to You a perpetual, worldwide, non-exclusive,
-    no-charge, royalty-free, irrevocable (except as stated in this section)
-    patent license to make, have made, use, offer to sell, sell, import,
-    transfer and otherwise run, modify and propagate the contents of this
-    implementation of Go, where such license applies only to those patent
-    claims, both currently owned or controlled by Google and acquired in
-    the future, licensable by Google that are necessarily infringed by this
-    implementation of Go.  This grant does not include claims that would be
-    infringed only as a consequence of further modification of this
-    implementation.  If you or your agent or exclusive licensee institute or
-    order or agree to the institution of patent litigation against any
-    entity (including a cross-claim or counterclaim in a lawsuit) alleging
-    that this implementation of Go or any code incorporated within this
-    implementation of Go constitutes direct or contributory patent
-    infringement, or inducement of patent infringement, then any patent
-    rights granted to you under this License for this implementation of Go
-    shall terminate as of the date such litigation is filed.
-notices: []
diff --git a/go.mod b/go.mod
index 9c4e3a03d..82ee10173 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/arduino/arduino-create-agent
 
-go 1.21
+go 1.23.0
 
 require (
 	fyne.io/systray v1.10.0
@@ -9,7 +9,7 @@ require (
 	github.com/arduino/go-serial-utils v0.1.2
 	github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.0
 	github.com/blang/semver v3.5.1+incompatible
-	github.com/codeclysm/extract/v3 v3.1.1
+	github.com/codeclysm/extract/v4 v4.0.0
 	github.com/gin-contrib/cors v1.7.2
 	github.com/gin-gonic/gin v1.10.0
 	github.com/go-ini/ini v1.62.0
@@ -71,7 +71,7 @@ require (
 	github.com/tevino/abool v1.2.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go v1.1.6 // indirect
-	github.com/ulikunitz/xz v0.5.11 // indirect
+	github.com/ulikunitz/xz v0.5.12 // indirect
 	golang.org/x/arch v0.8.0 // indirect
 	golang.org/x/crypto v0.23.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
diff --git a/go.sum b/go.sum
index 1551328e1..bee2988ac 100644
--- a/go.sum
+++ b/go.sum
@@ -25,8 +25,8 @@ github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/
 github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
 github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg=
 github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
-github.com/codeclysm/extract/v3 v3.1.1 h1:iHZtdEAwSTqPrd+1n4jfhr1qBhUWtHlMTjT90+fJVXg=
-github.com/codeclysm/extract/v3 v3.1.1/go.mod h1:ZJi80UG2JtfHqJI+lgJSCACttZi++dHxfWuPaMhlOfQ=
+github.com/codeclysm/extract/v4 v4.0.0 h1:H87LFsUNaJTu2e/8p/oiuiUsOK/TaPQ5wxsjPnwPEIY=
+github.com/codeclysm/extract/v4 v4.0.0/go.mod h1:SFju1lj6as7FvUgalpSct7torJE0zttbJUWtryPRG6s=
 github.com/creack/goselect v0.1.2 h1:2DNy14+JPjRBgPzAd1thbQp4BSIihxcBf0IXhQXDRa0=
 github.com/creack/goselect v0.1.2/go.mod h1:a/NhLweNvqIYMuxcMOuWY516Cimucms3DglDzQP3hKY=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
@@ -155,8 +155,8 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go v1.1.6 h1:zoJUBK8kLIUDNJ9LGB04qOQRfoDRoWBBpl0X7pZyi5I=
 github.com/ugorji/go v1.1.6/go.mod h1:RaaajvHwnCbhlqWLTIB78hyPWp24YUXhQ3YXM7Hg7os=
-github.com/ulikunitz/xz v0.5.11 h1:kpFauv27b6ynzBNT/Xy+1k+fK4WswhN/6PN5WhFAGw8=
-github.com/ulikunitz/xz v0.5.11/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
+github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
+github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9 h1:w8V9v0qVympSF6GjdjIyeqR7+EVhAF9CBQmkmW7Zw0w=
 github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
 go.bug.st/serial v1.6.1 h1:VSSWmUxlj1T/YlRo2J104Zv3wJFrjHIl/T3NeruWAHY=
diff --git a/updater/updater_darwin.go b/updater/updater_darwin.go
index c4eb5070d..829466352 100644
--- a/updater/updater_darwin.go
+++ b/updater/updater_darwin.go
@@ -26,7 +26,7 @@ import (
 	"strings"
 
 	"github.com/arduino/go-paths-helper"
-	"github.com/codeclysm/extract/v3"
+	"github.com/codeclysm/extract/v4"
 	"github.com/sirupsen/logrus"
 	log "github.com/sirupsen/logrus"
 )
diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go
index 1623d6a62..f09dc3f0a 100644
--- a/v2/pkgs/tools.go
+++ b/v2/pkgs/tools.go
@@ -35,7 +35,7 @@ import (
 	"github.com/arduino/arduino-create-agent/index"
 	"github.com/arduino/arduino-create-agent/utilities"
 	"github.com/blang/semver"
-	"github.com/codeclysm/extract/v3"
+	"github.com/codeclysm/extract/v4"
 )
 
 // public vars to allow override in the tests

From 63ef1111488408f5549f6918a5ee62c2814bb6d7 Mon Sep 17 00:00:00 2001
From: per1234 
Date: Tue, 3 Sep 2024 12:21:07 -0700
Subject: [PATCH 16/37] [skip-changelog] Configure actions/upload-artifact
 action to upload required hidden files

A breaking change was made in the 3.2.1 release of the "actions/upload-artifact" action, without doing a major version
bump as would be done in a responsibly maintained project. The action now defaults to not uploading "hidden" files.

This project's "Check Go Dependencies" workflow uses the "Licensed" tool to check for incompatible dependency licenses.
The dependencies license metadata cache used by Licensed is stored in a folder named `.licensed`.

In order to facilitate updates, the workflow uploads the generated dependencies license metadata cache as a workflow
artifact when the current cache is found to be outdated.

The `.` at the start of the `.licensed` folder name causes it to now not be uploaded to the workflow artifact. In order
to catch such problems, the workflow configures the "actions/upload-artifact" action to fail if no files were uploaded.
So in addition to not uploading the artifact, the change in the "actions/upload-artifact" action's behavior also
resulted in the workflow runs failing:

Error: No files were found with the provided path: .licenses/. No artifacts will be uploaded.

The problem is fixed by disabling the "actions/upload-artifact" action's new behavior via the `include-hidden-files`
input. After this change, the workflow can once more upload the dependencies license metadata cache to a workflow
artifact as needed.
---
 .github/workflows/check-go-dependencies-task.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index a179ee992..5b78888bb 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -108,6 +108,7 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           if-no-files-found: error
+          include-hidden-files: true
           name: dep-licenses-cache
           path: ${{ env.CACHE_PATH }}
 

From d36d0e142b8b46c0cde117f94b37b37422b806d7 Mon Sep 17 00:00:00 2001
From: Alessio Perugini 
Date: Thu, 24 Oct 2024 14:11:20 +0200
Subject: [PATCH 17/37] upload: don't ignore BindJSON errors (#999)

* upload: don't ignore BindJSON errors
---
 conn.go      |  6 ++++--
 main_test.go | 25 +++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/conn.go b/conn.go
index 727a5cadb..b6e03268c 100644
--- a/conn.go
+++ b/conn.go
@@ -80,9 +80,11 @@ type Upload struct {
 var uploadStatusStr = "ProgrammerStatus"
 
 func uploadHandler(c *gin.Context) {
-
 	data := new(Upload)
-	c.BindJSON(data)
+	if err := c.BindJSON(data); err != nil {
+		c.String(http.StatusBadRequest, fmt.Sprintf("err with the payload. %v", err.Error()))
+		return
+	}
 
 	log.Printf("%+v %+v %+v %+v %+v %+v", data.Port, data.Board, data.Rewrite, data.Commandline, data.Extra, data.Filename)
 
diff --git a/main_test.go b/main_test.go
index 568556953..d6f23fcec 100644
--- a/main_test.go
+++ b/main_test.go
@@ -18,6 +18,7 @@ package main
 import (
 	"bytes"
 	"crypto/x509"
+	"encoding/base64"
 	"encoding/json"
 	"encoding/pem"
 	"fmt"
@@ -87,6 +88,30 @@ func TestUploadHandlerAgainstEvilFileNames(t *testing.T) {
 	}
 }
 
+func TestUploadHandlerAgainstBase64WithoutPaddingMustFail(t *testing.T) {
+	r := gin.New()
+	r.POST("/", uploadHandler)
+	ts := httptest.NewServer(r)
+	defer ts.Close()
+
+	// When calling the `BindJSON` func, when a json field will be Unmarshaled
+	// in a []byte type, we expect to receive a base64 padded string in input.
+	// In case we receive a base64 unpadded string BindJSON fails.
+	// The expectation here is that the upload handler won't continue with the
+	// upload operation.
+	base64ContentWithoutPadding := base64.RawStdEncoding.EncodeToString([]byte("test"))
+	payload := fmt.Sprintf(`{"hex": "%s"}`, base64ContentWithoutPadding)
+
+	resp, err := http.Post(ts.URL, "encoding/json", bytes.NewBufferString(payload))
+	require.NoError(t, err)
+	require.Equal(t, http.StatusBadRequest, resp.StatusCode)
+
+	defer resp.Body.Close()
+	body, err := io.ReadAll(resp.Body)
+	require.NoError(t, err)
+	require.Contains(t, string(body), "err with the payload. illegal base64 data at input")
+}
+
 func TestInstallToolV2(t *testing.T) {
 
 	indexURL := "https://downloads.arduino.cc/packages/package_index.json"

From 84a3854a3fe479a9da1151a61b234199113d82e0 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Fri, 10 Jan 2025 11:13:00 +0100
Subject: [PATCH 18/37] docs: update references from Arduino Create Web Editor
 to Arduino Cloud  (#1001)

* docs: update references from Arduino Create Web Editor to Arduino Cloud in README
---
 README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index fc88205a2..db5e92c65 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@
 [![Check Go Dependencies status](https://github.com/arduino/arduino-create-agent/actions/workflows/check-go-dependencies-task.yml/badge.svg)](https://github.com/arduino/arduino-create-agent/actions/workflows/check-go-dependencies-task.yml)
 [![Check Go status](https://github.com/arduino/arduino-create-agent/actions/workflows/check-go-task.yml/badge.svg)](https://github.com/arduino/arduino-create-agent/actions/workflows/check-go-task.yml)
 
-The Arduino Cloud Agent is a single binary that will sit on the traybar and work in the background. It allows you to use the [Arduino Create applications](https://create.arduino.cc) to seamlessly upload code to any USB connected Arduino board (or YĂşn in LAN) directly from the browser.
+The Arduino Cloud Agent is a single binary that will sit on the traybar and work in the background. It allows you to use the [Arduino Cloud](https://app.arduino.cc/) to seamlessly upload code to any USB connected Arduino board (or YĂşn in LAN) directly from the browser.
 
 ## Architecture
 
@@ -18,8 +18,8 @@ The Arduino Cloud Agent is a single binary that will sit on the traybar and work
 |            Browser            |
 |                               |   Web socket   +----------------------+   flashes   +---------------+
 | +---------------------------+ |<-------------->|                      +------------>|               |
-| |                           | |                | Arduino Cloud Agent |             | Arduino Board |
-| | Arduino Create Web Editor | +--------------->|                      |<------------+               |
+| |                           | |                | Arduino Cloud Agent  |             | Arduino Board |
+| | Arduino Cloud             | +--------------->|                      |<------------+               |
 | |                           | |   REST API     +----------------------+   serial    +---------------+
 | +---------------------------+ |
 +-------------------------------+
@@ -27,11 +27,11 @@ The Arduino Cloud Agent is a single binary that will sit on the traybar and work
 
 ## Installation
 
-Get the [latest version](https://github.com/arduino/arduino-create-agent/releases) of the Agent for all supported platforms or complete the [Getting Started](https://create.arduino.cc/getting-started/plugin/welcome).
+Get the [latest version](https://github.com/arduino/arduino-create-agent/releases) of the Agent for all supported platforms or complete the [Getting Started](https://cloud.arduino.cc/download-agent/).
 
 ## Apple silicon support
 
-The Arduino Agent is supported both on Intel and Apple silicon computers. This includes devices with the M1, M2 and M3 processors.  
+The Arduino Agent is supported both on Intel and Apple silicon computers. This includes devices with the M1, M2 and M3 processors.
 The Arduino Agent is built both for Intel architectures and Apple silicon devices, but distributed as a single universal executable for macOS.
 
 ## Documentation

From 2cb53d3defa3fa19f50d6bccafe55935598ffd3b Mon Sep 17 00:00:00 2001
From: Davide 
Date: Fri, 10 Jan 2025 14:50:30 +0100
Subject: [PATCH 19/37] fix: update libwebkit2gtk package version in workflow
 (#1004)

---
 .github/workflows/check-go-task.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check-go-task.yml b/.github/workflows/check-go-task.yml
index 6981f26cb..21478d23e 100644
--- a/.github/workflows/check-go-task.yml
+++ b/.github/workflows/check-go-task.yml
@@ -82,7 +82,7 @@ jobs:
           version: 3.x
 
       - name: Install Dependencies
-        run: sudo apt update && sudo apt install -y --no-install-recommends build-essential libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev
+        run: sudo apt update && sudo apt install -y --no-install-recommends build-essential libgtk-3-dev libwebkit2gtk-4.1-0 libappindicator3-dev
 
       - name: Check for errors
         env:

From 67db428c24bbcb33e70c0bebbb97c57addd53131 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Fri, 10 Jan 2025 15:38:01 +0100
Subject: [PATCH 20/37] ci(Taskfile): add install and run tasks for local
 development with auto-reload (#1003)

---
 Taskfile.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/Taskfile.yml b/Taskfile.yml
index b64b12bb5..bba07548e 100644
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -1,6 +1,17 @@
 version: "3"
 
 tasks:
+
+  install:
+    desc: Install dependencies for local development
+    cmds:
+      - go install github.com/githubnemo/CompileDaemon@v1.4.0
+
+  run:
+    desc: Run the project locally with auto-reload and data race detector
+    cmds:
+      - CompileDaemon -build="go build -race" -command="./arduino-create-agent" -graceful-kill=true
+
   # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-dependencies-task/Taskfile.yml
   general:cache-dep-licenses:
     desc: Cache dependency license metadata

From 1eb1d343d708ea334eadbac4519754c6ef3cda9f Mon Sep 17 00:00:00 2001
From: Davide 
Date: Thu, 16 Jan 2025 17:44:05 +0100
Subject: [PATCH 21/37] fix:  name of arch macos build (#1008)

---
 .github/workflows/publish-go-tester-task.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml
index 864f21c5f..1c1a73bab 100644
--- a/.github/workflows/publish-go-tester-task.yml
+++ b/.github/workflows/publish-go-tester-task.yml
@@ -130,7 +130,7 @@ jobs:
           mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME}}_amd64
         if: runner.os == 'macOS'
 
-      - name: Build the Agent for macos amd 64
+      - name: Build the Agent for macos arm 64
         env:
           MACOSX_DEPLOYMENT_TARGET: 10.15 # minimum supported version for mac
           CGO_CFLAGS: -mmacosx-version-min=10.15

From f1ca3c9305d8875bf337dcabd62194f365d603e7 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Fri, 17 Jan 2025 12:23:29 +0100
Subject: [PATCH 22/37] ci: update macOS version in publish workflow to
 macos-13 (#1007)

* ci: update macOS version in workflows from macos-13
---
 .github/workflows/publish-go-tester-task.yml |  2 +-
 .github/workflows/release.yml                | 18 +++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml
index 1c1a73bab..8e72c351a 100644
--- a/.github/workflows/publish-go-tester-task.yml
+++ b/.github/workflows/publish-go-tester-task.yml
@@ -65,7 +65,7 @@ jobs:
     #use the strategy instead because we still use the native build
     strategy:
       matrix:
-        os: [ubuntu-20.04, windows-2019, macos-12]
+        os: [ubuntu-20.04, windows-2019, macos-13]
         arch: [-amd64]
         include:
           - os: windows-2019
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index af37a9b85..3b2a210d9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -32,7 +32,7 @@ jobs:
       prerelease: ${{ steps.prerelease.outputs.IS_PRE }}
     strategy:
       matrix:
-        os: [ubuntu-20.04, windows-2019, macos-12]
+        os: [ubuntu-20.04, windows-2019, macos-13]
         arch: [amd64]
         include:
           - os: windows-2019
@@ -116,7 +116,7 @@ jobs:
         run: |
           task go:build
           mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME }}_amd64
-        if: matrix.os == 'macos-12'
+        if: matrix.os == 'macos-13'
 
       - name: Build the Agent for macos arm64
         env:
@@ -128,13 +128,13 @@ jobs:
         run: |
           task go:build
           mv ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME }}_arm64
-        if: matrix.os == 'macos-12'
+        if: matrix.os == 'macos-13'
 
       - name: Create universal macos executable
         run: |
           lipo -create -output ${{ env.PROJECT_NAME }} ${{ env.PROJECT_NAME }}_amd64 ${{ env.PROJECT_NAME }}_arm64
           rm ${{ env.PROJECT_NAME }}_amd64 ${{ env.PROJECT_NAME }}_arm64
-        if: matrix.os == 'macos-12'
+        if: matrix.os == 'macos-13'
 
         # this will create `public/` dir with compressed full bin (/-.gz) and a json file
       - name: Create autoupdate files
@@ -146,7 +146,7 @@ jobs:
         run: |
           cp darwin-amd64.json darwin-arm64.json
           cp ${TAG_VERSION}/darwin-amd64.gz ${TAG_VERSION}/darwin-arm64.gz
-        if: matrix.os == 'macos-12' && steps.prerelease.outputs.IS_PRE != 'true'
+        if: matrix.os == 'macos-13' && steps.prerelease.outputs.IS_PRE != 'true'
 
       - name: Create autoupdate files for win32
         run: go-selfupdate -platform windows-${{ matrix.arch }} ${{ env.PROJECT_NAME }}${{ matrix.ext }} ${TAG_VERSION}
@@ -181,7 +181,7 @@ jobs:
       matrix:
         arch: [amd64, arm64]
 
-    runs-on: macos-12
+    runs-on: macos-13
     env:
       EXE_PATH: "skel/ArduinoCloudAgent.app/Contents/MacOS/"
 
@@ -195,7 +195,7 @@ jobs:
       - name: Download artifact
         uses: actions/download-artifact@v4
         with:
-          name: ${{ env.PROJECT_NAME }}-macos-12-amd64 # if we want to support darwin-arm64 in the future for real this has to change.
+          name: ${{ env.PROJECT_NAME }}-macos-13-amd64 # if we want to support darwin-arm64 in the future for real this has to change.
           path: ${{ env.EXE_PATH }}
 
       - name: Remove placeholder file
@@ -252,7 +252,7 @@ jobs:
       matrix:
         arch: [amd64, arm64]
 
-    runs-on: macos-12
+    runs-on: macos-13
     env:
       GON_PATH: ${{ github.workspace }}/gon
     needs: [build, create-macos-bundle]
@@ -509,7 +509,7 @@ jobs:
       matrix:
         arch: [amd64]
 
-    runs-on: macos-12
+    runs-on: macos-13
     steps:
       - name: Checkout repo with icons/background
         uses: actions/checkout@v4

From 1b94cccb9865c34bb10a80e505eab8700e06cda0 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Tue, 21 Jan 2025 09:28:50 +0100
Subject: [PATCH 23/37] fix(serialport): data race on the  `isClosing` bool
 status of the serial port (#1009)

* fix: use atomic boolean for thread-safe isClosing flag
---
 serialport.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/serialport.go b/serialport.go
index a11483f63..0d386bbfc 100755
--- a/serialport.go
+++ b/serialport.go
@@ -20,6 +20,7 @@ import (
 	"encoding/base64"
 	"io"
 	"strconv"
+	"sync/atomic"
 	"time"
 	"unicode/utf8"
 
@@ -43,7 +44,7 @@ type serport struct {
 
 	// Keep track of whether we're being actively closed
 	// just so we don't show scary error messages
-	isClosing bool
+	isClosing atomic.Bool
 
 	isClosingDueToError bool
 
@@ -85,7 +86,7 @@ func (p *serport) reader(buftype string) {
 		bufferPart := serialBuffer[:n]
 
 		//if we detect that port is closing, break out of this for{} loop.
-		if p.isClosing {
+		if p.isClosing.Load() {
 			strmsg := "Shutting down reader on " + p.portConf.Name
 			log.Println(strmsg)
 			h.broadcastSys <- []byte(strmsg)
@@ -348,7 +349,8 @@ func spHandlerOpen(portname string, baud int, buftype string) {
 }
 
 func (p *serport) Close() {
-	p.isClosing = true
+	p.isClosing.Store(true)
+
 	p.bufferwatcher.Close()
 	p.portIo.Close()
 	serialPorts.MarkPortAsClosed(p.portName)

From f0857f0c65a5178b5798d92365310f01c78da766 Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sat, 1 Mar 2025 20:35:55 -0800
Subject: [PATCH 24/37] Use canonical github/setup-licensed action in
 dependencies license check workflow

This GitHub Actions action is used by the dependencies license check workflow to install the "Licensed" tool in the
runner workspace. At the time the workflow was developed, the action was owned by GitHub user `jonabc`, and so the
action was referenced as `jonabc/setup-licensed` in the workflow.

Since that time, the action was transferred to the `github` GitHub organization. Making things more confusing is the
fact that GitHub user `jonabc` now has a development fork of the `github/setup-licensed` repository, meaning that the
redirect GitHub provides from the old to the new repository after a transfer does not exist for this action. This
resulted in the workflow referencing an outdated copy of the action not intended for production use.

The workflow is hereby updated to use the canonical "github/setup-licensed" action.
---
 .github/workflows/check-go-dependencies-task.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index 5b78888bb..183899c2d 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -124,7 +124,7 @@ jobs:
           submodules: recursive
 
       - name: Install licensed
-        uses: jonabc/setup-licensed@v1
+        uses: github/setup-licensed@v1
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           version: 3.x

From 2bf6e95284d1ff223feff780d4858310d3b128d6 Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sat, 1 Mar 2025 20:39:20 -0800
Subject: [PATCH 25/37] Use latest version of "github/setup-licensed" action

The "github/setup-licensed" action is used by the dependencies license check workflow to install the "Licensed" tool in
the runner machine.

Previously the `v1` major version ref of the action was specified in the workflow. This approach is used in order to
allow the workflow to automatically always use the latest minor version of the action, only requiring the project
maintainers to perform a bump of the action after each major version release.

In a competently maintained action project, the major version ref will be updated after each release within that major
version series so that it always points to the latest release version. Unfortunately that was not done by the
"github/setup-licensed" action maintainers. This means that the use of the `v1` ref in the workflow causes an outdated
version of the action to be used. This has been reported to the action maintainers, but unfortunately instead of fixing
the problem they archived the repository, so there is no hope of it being resolved.

The solution is to replace the major version ref with the ref for the latest release tag. This won't result in an
increased maintenance burden because the action repository is archived and thus there won't be any bumps.
---
 .github/workflows/check-go-dependencies-task.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index 183899c2d..a72d247ac 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -124,7 +124,7 @@ jobs:
           submodules: recursive
 
       - name: Install licensed
-        uses: github/setup-licensed@v1
+        uses: github/setup-licensed@v1.3.1
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           version: 3.x

From 26bd5667ba31bb2b5e7e19bfa4a33ad6bbf0802f Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sun, 2 Mar 2025 02:11:53 -0800
Subject: [PATCH 26/37] Use maintained fork of "setup-licensed" action in
 dependencies license check workflow

This GitHub Actions action is used by the dependencies license check workflow to install the "Licensed" tool in the
runner workspace.

The action has a convoluted history: the repository was originally owned by GitHub user `jonabc`. It was later
transferred to the `github` organization. Then GitHub abandoned the project, archiving the repository. The `licensee`
organization has now created a hard fork of the action, which is recommended in the readme of the
`github/setup-licensed` repository.

The `licensee` organization has also taken over the management of the "Licensed" tool, and their `licensee` Ruby gem is
a significant dependency of "Licensed". So they will be best equipped to maintain the action going forward.

The workflow is hereby updated to use the canonical "licensee/setup-licensed" action.

The "licensee/setup-licensed" action maintainers have not provided a major version ref, so it is necessary to pin the
action to the latest release tag.
---
 .github/workflows/check-go-dependencies-task.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index a72d247ac..aa7b26e3f 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -73,7 +73,7 @@ jobs:
           submodules: recursive
 
       - name: Install licensed
-        uses: jonabc/setup-licensed@v1
+        uses: licensee/setup-licensed@v1.3.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           version: 3.x
@@ -124,7 +124,7 @@ jobs:
           submodules: recursive
 
       - name: Install licensed
-        uses: github/setup-licensed@v1.3.1
+        uses: licensee/setup-licensed@v1.3.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           version: 3.x

From 1f89384366920359c063e18ef704f6d39413b6a8 Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sun, 2 Mar 2025 02:43:13 -0800
Subject: [PATCH 27/37] Configure dependency license check workflows to allow
 "Licensed" install via Gem

The "Licensed" tool is used to check the project's compatibility with the licensing of its dependencies.

This tool is installed by the dependency license check GitHub Actions workflow using the `licensee/setup-licensed`
GitHub Actions action. This action attempts the installation according to the following procedure:

1. Install the Ruby gem.
2. If gem installation fails, install the pre-built executable from the GitHub release asset in the `licensee/licensed`
repo.

Previously, the first of these installation methods was failing:

```text
/usr/bin/gem install licensed -v 3.9.1
ERROR:  While executing gem ... (Gem::FilePermissionError)
    You don't have write permissions for the /var/lib/gems/3.2.0 directory.
	/usr/lib/ruby/vendor_ruby/rubygems/installer.rb:713:in `verify_gem_home'
	/usr/lib/ruby/vendor_ruby/rubygems/installer.rb:903:in `pre_install_checks'
	/usr/lib/ruby/vendor_ruby/rubygems/installer.rb:303:in `install'
	/usr/lib/ruby/vendor_ruby/rubygems/resolver/specification.rb:105:in `install'
	/usr/lib/ruby/vendor_ruby/rubygems/request_set.rb:195:in `block in install'
	/usr/lib/ruby/vendor_ruby/rubygems/request_set.rb:183:in `each'
	/usr/lib/ruby/vendor_ruby/rubygems/request_set.rb:183:in `install'
	/usr/lib/ruby/vendor_ruby/rubygems/commands/install_command.rb:215:in `install_gem'
	/usr/lib/ruby/vendor_ruby/rubygems/commands/install_command.rb:231:in `block in install_gems'
	/usr/lib/ruby/vendor_ruby/rubygems/commands/install_command.rb:224:in `each'
	/usr/lib/ruby/vendor_ruby/rubygems/commands/install_command.rb:224:in `install_gems'
	/usr/lib/ruby/vendor_ruby/rubygems/commands/install_command.rb:170:in `execute'
	/usr/lib/ruby/vendor_ruby/rubygems/command.rb:328:in `invoke_with_build_args'
	/usr/lib/ruby/vendor_ruby/rubygems/command_manager.rb:253:in `invoke_command'
	/usr/lib/ruby/vendor_ruby/rubygems/command_manager.rb:193:in `process_args'
	/usr/lib/ruby/vendor_ruby/rubygems/command_manager.rb:151:in `run'
	/usr/lib/ruby/vendor_ruby/rubygems/gem_runner.rb:52:in `run'
	/usr/bin/gem:12:in `
'
gem installation was not successful
```

So it falls back on the second installation method. That method works fine when using a version of "Licensed" <4.0.0.
However, starting from version 4.0.0, pre-built executable are no longer provided, so the only available installation
method for modern versions of "Licensed" is via the Ruby gem.

The gem failure can be avoided by setting up an accessible installation of Ruby in the runner machine, which is
accomplished using the "ruby/setup-ruby" action in a step preceding the `licensee/setup-licensed` step in the workflow.
---
 .github/workflows/check-go-dependencies-task.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index aa7b26e3f..67a2944e3 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -72,6 +72,12 @@ jobs:
         with:
           submodules: recursive
 
+      # This is required to allow licensee/setup-licensed to install Licensed via Ruby gem.
+      - name: Install Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ruby # Install latest version
+
       - name: Install licensed
         uses: licensee/setup-licensed@v1.3.2
         with:
@@ -123,6 +129,12 @@ jobs:
         with:
           submodules: recursive
 
+      # This is required to allow licensee/setup-licensed to install Licensed via Ruby gem.
+      - name: Install Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ruby # Install latest version
+
       - name: Install licensed
         uses: licensee/setup-licensed@v1.3.2
         with:

From b2e28c0345cf4043daa2f011884ecbb1b144b292 Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sun, 2 Mar 2025 02:37:28 -0800
Subject: [PATCH 28/37] Bump "Licensed" version in dependencies license check
 workflow

The version of the "Licensed" tool for use in the GitHub Actions workflow is defined via the "licensee/setup-licensed"
action's `version` input.

Previously the action was configured to install version 3.x of the action. That version is significantly outdated. The
workflow is hereby updated to use the latest version of Licensed.
---
 .github/workflows/check-go-dependencies-task.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index 67a2944e3..417c525e5 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -82,7 +82,7 @@ jobs:
         uses: licensee/setup-licensed@v1.3.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          version: 3.x
+          version: 5.x
 
       - name: Install Go
         uses: actions/setup-go@v5
@@ -139,7 +139,7 @@ jobs:
         uses: licensee/setup-licensed@v1.3.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          version: 3.x
+          version: 5.x
 
       - name: Install Go
         uses: actions/setup-go@v5

From 0fae57e21178bfb6c6f60ea626f08349d453c2ea Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sun, 2 Mar 2025 03:39:06 -0800
Subject: [PATCH 29/37] Remove trailing space from dependency license metadata

The dependency license metadata is generated by the "Licensed" tool. Previous versions of this tool added a trailing
space on the `summary` key. Although trailing whitespace in human produced content is not permitted, machine generated
content is used as-is, and so these trailing spaces were left in the metadata files.

It seems that the defect in the "Licensed" tool that caused the trailing space was fixed in a recent version because it
is now absent in the metadata files produced by the tool. The metadata files are hereby updated to use the format of
the version of the "Licensed" tool currently in use.
---
 .../go/github.com/arduino/go-serial-utils.dep.yml               | 2 +-
 .../arduino-create-agent/go/github.com/blang/semver.dep.yml     | 2 +-
 .../arduino-create-agent/go/github.com/creack/goselect.dep.yml  | 2 +-
 .../arduino-create-agent/go/github.com/gin-contrib/sse.dep.yml  | 2 +-
 .../go/github.com/gin-gonic/gin/binding.dep.yml                 | 2 +-
 .../go/github.com/gin-gonic/gin/internal/bytesconv.dep.yml      | 2 +-
 .../go/github.com/gin-gonic/gin/internal/json.dep.yml           | 2 +-
 .../go/github.com/gin-gonic/gin/render.dep.yml                  | 2 +-
 .../go/github.com/googollee/go-engine.io.dep.yml                | 2 +-
 .../go/github.com/googollee/go-engine.io/message.dep.yml        | 2 +-
 .../go/github.com/googollee/go-engine.io/parser.dep.yml         | 2 +-
 .../go/github.com/googollee/go-engine.io/polling.dep.yml        | 2 +-
 .../go/github.com/googollee/go-engine.io/transport.dep.yml      | 2 +-
 .../go/github.com/googollee/go-engine.io/websocket.dep.yml      | 2 +-
 .../arduino-create-agent/go/github.com/h2non/filetype.dep.yml   | 2 +-
 .../go/github.com/h2non/filetype/matchers.dep.yml               | 2 +-
 .../go/github.com/h2non/filetype/matchers/isobmff.dep.yml       | 2 +-
 .../go/github.com/h2non/filetype/types.dep.yml                  | 2 +-
 .../go/github.com/mattn/go-shellwords.dep.yml                   | 2 +-
 .../github.com/pelletier/go-toml/v2/internal/characters.dep.yml | 2 +-
 .../go/github.com/pelletier/go-toml/v2/internal/danger.dep.yml  | 2 +-
 .../go/github.com/pelletier/go-toml/v2/internal/tracker.dep.yml | 2 +-
 .../arduino-create-agent/go/github.com/xrash/smetrics.dep.yml   | 2 +-
 .../arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml  | 2 +-
 .../go/golang.org/x/text/internal/language.dep.yml              | 2 +-
 .../go/gopkg.in/inconshreveable/go-update.v0/download.dep.yml   | 2 +-
 26 files changed, 26 insertions(+), 26 deletions(-)

diff --git a/.licenses/arduino-create-agent/go/github.com/arduino/go-serial-utils.dep.yml b/.licenses/arduino-create-agent/go/github.com/arduino/go-serial-utils.dep.yml
index d80310c77..fb7fa6ea5 100644
--- a/.licenses/arduino-create-agent/go/github.com/arduino/go-serial-utils.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/arduino/go-serial-utils.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/arduino/go-serial-utils
 version: v0.1.2
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/arduino/go-serial-utils
 license: gpl-3.0
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml b/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml
index 3ef4e43fa..d1655fecd 100644
--- a/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/blang/semver
 version: v3.5.1+incompatible
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/blang/semver
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml b/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml
index 2ebe18293..65e69c4c1 100644
--- a/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/creack/goselect
 version: v0.1.2
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/creack/goselect
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/gin-contrib/sse.dep.yml b/.licenses/arduino-create-agent/go/github.com/gin-contrib/sse.dep.yml
index 4895be7a5..c888d59ab 100644
--- a/.licenses/arduino-create-agent/go/github.com/gin-contrib/sse.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/gin-contrib/sse.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/gin-contrib/sse
 version: v0.1.0
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/gin-contrib/sse
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/binding.dep.yml b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/binding.dep.yml
index 6801615fa..a99238ac3 100644
--- a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/binding.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/binding.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/gin-gonic/gin/binding
 version: v1.10.0
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/gin-gonic/gin/binding
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/bytesconv.dep.yml b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/bytesconv.dep.yml
index c9d7afd9a..97e8d6cb9 100644
--- a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/bytesconv.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/bytesconv.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/gin-gonic/gin/internal/bytesconv
 version: v1.10.0
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/gin-gonic/gin/internal/bytesconv
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/json.dep.yml b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/json.dep.yml
index 57739599b..2551fb8d9 100644
--- a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/json.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/internal/json.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/gin-gonic/gin/internal/json
 version: v1.10.0
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/gin-gonic/gin/internal/json
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/render.dep.yml b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/render.dep.yml
index 5b0dc5bbb..deb06fb36 100644
--- a/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/render.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/gin-gonic/gin/render.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/gin-gonic/gin/render
 version: v1.10.0
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/gin-gonic/gin/render
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io.dep.yml b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io.dep.yml
index a798ca46f..3d65daba3 100644
--- a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/googollee/go-engine.io
 version: v0.0.0-20180829091931-e2f255711dcb
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/googollee/go-engine.io
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/message.dep.yml b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/message.dep.yml
index ccf2355f5..55490cf08 100644
--- a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/message.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/message.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/googollee/go-engine.io/message
 version: v0.0.0-20180829091931-e2f255711dcb
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/googollee/go-engine.io/message
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/parser.dep.yml b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/parser.dep.yml
index 0a08396a0..718fadade 100644
--- a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/parser.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/parser.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/googollee/go-engine.io/parser
 version: v0.0.0-20180829091931-e2f255711dcb
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/googollee/go-engine.io/parser
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/polling.dep.yml b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/polling.dep.yml
index ccc32fe6e..5692db014 100644
--- a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/polling.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/polling.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/googollee/go-engine.io/polling
 version: v0.0.0-20180829091931-e2f255711dcb
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/googollee/go-engine.io/polling
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/transport.dep.yml b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/transport.dep.yml
index d48516a8a..430ab5ad5 100644
--- a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/transport.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/transport.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/googollee/go-engine.io/transport
 version: v0.0.0-20180829091931-e2f255711dcb
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/googollee/go-engine.io/transport
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/websocket.dep.yml b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/websocket.dep.yml
index 9eb8de2c2..3718a69b2 100644
--- a/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/websocket.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/googollee/go-engine.io/websocket.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/googollee/go-engine.io/websocket
 version: v0.0.0-20180829091931-e2f255711dcb
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/googollee/go-engine.io/websocket
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/h2non/filetype.dep.yml b/.licenses/arduino-create-agent/go/github.com/h2non/filetype.dep.yml
index 02102b9ee..ce88ad732 100644
--- a/.licenses/arduino-create-agent/go/github.com/h2non/filetype.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/h2non/filetype.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/h2non/filetype
 version: v1.1.3
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/h2non/filetype
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers.dep.yml b/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers.dep.yml
index e9421e1f8..e441102a1 100644
--- a/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/h2non/filetype/matchers
 version: v1.1.3
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/h2non/filetype/matchers
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers/isobmff.dep.yml b/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers/isobmff.dep.yml
index 0a3984965..d18a56f5a 100644
--- a/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers/isobmff.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/h2non/filetype/matchers/isobmff.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/h2non/filetype/matchers/isobmff
 version: v1.1.3
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/h2non/filetype/matchers/isobmff
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/h2non/filetype/types.dep.yml b/.licenses/arduino-create-agent/go/github.com/h2non/filetype/types.dep.yml
index f8fe41654..6a3e9ff8c 100644
--- a/.licenses/arduino-create-agent/go/github.com/h2non/filetype/types.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/h2non/filetype/types.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/h2non/filetype/types
 version: v1.1.3
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/h2non/filetype/types
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/mattn/go-shellwords.dep.yml b/.licenses/arduino-create-agent/go/github.com/mattn/go-shellwords.dep.yml
index afff99822..742e6604f 100644
--- a/.licenses/arduino-create-agent/go/github.com/mattn/go-shellwords.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/mattn/go-shellwords.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/mattn/go-shellwords
 version: v1.0.12
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/mattn/go-shellwords
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/characters.dep.yml b/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/characters.dep.yml
index afddf80f5..59a3269ba 100644
--- a/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/characters.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/characters.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/pelletier/go-toml/v2/internal/characters
 version: v2.2.2
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/pelletier/go-toml/v2/internal/characters
 license: other
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/danger.dep.yml b/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/danger.dep.yml
index 5fe64d014..36075df83 100644
--- a/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/danger.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/danger.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/pelletier/go-toml/v2/internal/danger
 version: v2.2.2
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/pelletier/go-toml/v2/internal/danger
 license: other
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/tracker.dep.yml b/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/tracker.dep.yml
index 6b73e51e6..954011183 100644
--- a/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/tracker.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/pelletier/go-toml/v2/internal/tracker.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/pelletier/go-toml/v2/internal/tracker
 version: v2.2.2
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/pelletier/go-toml/v2/internal/tracker
 license: other
 licenses:
diff --git a/.licenses/arduino-create-agent/go/github.com/xrash/smetrics.dep.yml b/.licenses/arduino-create-agent/go/github.com/xrash/smetrics.dep.yml
index f2795524e..cbd322a2e 100644
--- a/.licenses/arduino-create-agent/go/github.com/xrash/smetrics.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/xrash/smetrics.dep.yml
@@ -2,7 +2,7 @@
 name: github.com/xrash/smetrics
 version: v0.0.0-20170218160415-a3153f7040e9
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/github.com/xrash/smetrics
 license: mit
 licenses:
diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
index b744d2524..d81d7857c 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
@@ -2,7 +2,7 @@
 name: go.bug.st/serial/unixutils
 version: v1.6.1
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/go.bug.st/serial/unixutils
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/golang.org/x/text/internal/language.dep.yml b/.licenses/arduino-create-agent/go/golang.org/x/text/internal/language.dep.yml
index 988bad3c9..4a392d8cf 100644
--- a/.licenses/arduino-create-agent/go/golang.org/x/text/internal/language.dep.yml
+++ b/.licenses/arduino-create-agent/go/golang.org/x/text/internal/language.dep.yml
@@ -2,7 +2,7 @@
 name: golang.org/x/text/internal/language
 version: v0.15.0
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/golang.org/x/text/internal/language
 license: bsd-3-clause
 licenses:
diff --git a/.licenses/arduino-create-agent/go/gopkg.in/inconshreveable/go-update.v0/download.dep.yml b/.licenses/arduino-create-agent/go/gopkg.in/inconshreveable/go-update.v0/download.dep.yml
index 5894a7618..12e0b1dcf 100644
--- a/.licenses/arduino-create-agent/go/gopkg.in/inconshreveable/go-update.v0/download.dep.yml
+++ b/.licenses/arduino-create-agent/go/gopkg.in/inconshreveable/go-update.v0/download.dep.yml
@@ -2,7 +2,7 @@
 name: gopkg.in/inconshreveable/go-update.v0/download
 version: v0.0.0-20150814200126-d8b0b1d421aa
 type: go
-summary: 
+summary:
 homepage: https://pkg.go.dev/gopkg.in/inconshreveable/go-update.v0/download
 license: apache-2.0
 licenses:

From bfab101eddb16374c6f97e29a0a240e15e5a5af7 Mon Sep 17 00:00:00 2001
From: per1234 
Date: Sun, 2 Mar 2025 03:42:05 -0800
Subject: [PATCH 30/37] Add generated YAML document end markers to dependency
 license metadata cache

The dependency license metadata is generated by the "Licensed" tool. The version of the tool now in use adds YAML
document end markers to some metadata files, which were not present in the files generated by the tool at the time the
cache was established.

I don't know why it adds these markers to only some of the metadata files, but they are valid (though optional so the
files without are also correct) and machine generated content is used as-is.

The metadata files are hereby updated to use the format produced by the version of the "Licensed" tool currently in use.
---
 .../arduino-create-agent/go/github.com/blang/semver.dep.yml      | 1 +
 .../arduino-create-agent/go/github.com/creack/goselect.dep.yml   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml b/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml
index d1655fecd..39cce428f 100644
--- a/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/blang/semver.dep.yml
@@ -33,3 +33,4 @@ licenses:
 - sources: README.md
   text: See [LICENSE](LICENSE) file.
 notices: []
+...
diff --git a/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml b/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml
index 65e69c4c1..0785cd02c 100644
--- a/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/creack/goselect.dep.yml
@@ -33,3 +33,4 @@ licenses:
 - sources: README.md
   text: Released under the [MIT license](LICENSE).
 notices: []
+...

From 5fcb7c47f666bdb2f85188e7968ccde698b44c40 Mon Sep 17 00:00:00 2001
From: Cristian Maglie 
Date: Wed, 19 Mar 2025 10:08:36 +0100
Subject: [PATCH 31/37] Updated go-serial and
 pluggable-discovery-protocol-handler (#1023)

---
 .../pluggable-discovery-protocol-handler/v2.dep.yml  |  2 +-
 .../arduino-create-agent/go/go.bug.st/serial.dep.yml |  6 +++---
 .../go/go.bug.st/serial/enumerator.dep.yml           | 10 +++++-----
 .../go/go.bug.st/serial/unixutils.dep.yml            | 12 ++++++------
 go.mod                                               |  4 ++--
 go.sum                                               |  8 ++++----
 6 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/.licenses/arduino-create-agent/go/github.com/arduino/pluggable-discovery-protocol-handler/v2.dep.yml b/.licenses/arduino-create-agent/go/github.com/arduino/pluggable-discovery-protocol-handler/v2.dep.yml
index 2fdbca217..0825582ba 100644
--- a/.licenses/arduino-create-agent/go/github.com/arduino/pluggable-discovery-protocol-handler/v2.dep.yml
+++ b/.licenses/arduino-create-agent/go/github.com/arduino/pluggable-discovery-protocol-handler/v2.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: github.com/arduino/pluggable-discovery-protocol-handler/v2
-version: v2.2.0
+version: v2.2.1
 type: go
 summary: Package discovery is a library for handling the Arduino Pluggable-Discovery
   protocol (https://github.com/arduino/tooling-rfcs/blob/main/RFCs/0002-pluggable-discovery.md#pluggable-discovery-api-via-stdinstdout)
diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml
index c55d351d0..3c29440df 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: go.bug.st/serial
-version: v1.6.1
+version: v1.6.3
 type: go
 summary: Package serial is a cross-platform serial library for the go language.
 homepage: https://pkg.go.dev/go.bug.st/serial
@@ -9,7 +9,7 @@ licenses:
 - sources: LICENSE
   text: |2+
 
-    Copyright (c) 2014-2023, Cristian Maglie.
+    Copyright (c) 2014-2024, Cristian Maglie.
     All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
@@ -43,7 +43,7 @@ licenses:
 
 - sources: README.md
   text: |-
-    The software is release under a [BSD 3-clause license]
+    This software is released under the [BSD 3-clause license].
 
     [contributors]: https://github.com/bugst/go-serial/graphs/contributors
     [BSD 3-clause license]: https://github.com/bugst/go-serial/blob/master/LICENSE
diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml
index 7743f09d9..4b562e2a1 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml
@@ -1,16 +1,16 @@
 ---
 name: go.bug.st/serial/enumerator
-version: v1.6.1
+version: v1.6.3
 type: go
 summary: Package enumerator is a golang cross-platform library for USB serial port
   discovery.
 homepage: https://pkg.go.dev/go.bug.st/serial/enumerator
 license: bsd-3-clause
 licenses:
-- sources: serial@v1.6.1/LICENSE
+- sources: serial@v1.6.3/LICENSE
   text: |2+
 
-    Copyright (c) 2014-2023, Cristian Maglie.
+    Copyright (c) 2014-2024, Cristian Maglie.
     All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
@@ -42,9 +42,9 @@ licenses:
     ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     POSSIBILITY OF SUCH DAMAGE.
 
-- sources: serial@v1.6.1/README.md
+- sources: serial@v1.6.3/README.md
   text: |-
-    The software is release under a [BSD 3-clause license]
+    This software is released under the [BSD 3-clause license].
 
     [contributors]: https://github.com/bugst/go-serial/graphs/contributors
     [BSD 3-clause license]: https://github.com/bugst/go-serial/blob/master/LICENSE
diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
index d81d7857c..0e2d5f7da 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
@@ -1,15 +1,15 @@
 ---
 name: go.bug.st/serial/unixutils
-version: v1.6.1
+version: v1.6.3
 type: go
-summary:
+summary: 
 homepage: https://pkg.go.dev/go.bug.st/serial/unixutils
 license: bsd-3-clause
 licenses:
-- sources: serial@v1.6.1/LICENSE
+- sources: serial@v1.6.3/LICENSE
   text: |2+
 
-    Copyright (c) 2014-2023, Cristian Maglie.
+    Copyright (c) 2014-2024, Cristian Maglie.
     All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
@@ -41,9 +41,9 @@ licenses:
     ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     POSSIBILITY OF SUCH DAMAGE.
 
-- sources: serial@v1.6.1/README.md
+- sources: serial@v1.6.3/README.md
   text: |-
-    The software is release under a [BSD 3-clause license]
+    This software is released under the [BSD 3-clause license].
 
     [contributors]: https://github.com/bugst/go-serial/graphs/contributors
     [BSD 3-clause license]: https://github.com/bugst/go-serial/blob/master/LICENSE
diff --git a/go.mod b/go.mod
index 82ee10173..19d0eae02 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton
 	github.com/arduino/go-paths-helper v1.12.1
 	github.com/arduino/go-serial-utils v0.1.2
-	github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.0
+	github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.1
 	github.com/blang/semver v3.5.1+incompatible
 	github.com/codeclysm/extract/v4 v4.0.0
 	github.com/gin-contrib/cors v1.7.2
@@ -21,7 +21,7 @@ require (
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/stretchr/testify v1.9.0
 	github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9
-	go.bug.st/serial v1.6.1
+	go.bug.st/serial v1.6.3
 	goa.design/goa/v3 v3.16.1
 	golang.org/x/sys v0.23.0
 	gopkg.in/inconshreveable/go-update.v0 v0.0.0-20150814200126-d8b0b1d421aa
diff --git a/go.sum b/go.sum
index bee2988ac..a46d0bad6 100644
--- a/go.sum
+++ b/go.sum
@@ -11,8 +11,8 @@ github.com/arduino/go-properties-orderedmap v1.8.0 h1:wEfa6hHdpezrVOh787OmClsf/K
 github.com/arduino/go-properties-orderedmap v1.8.0/go.mod h1:DKjD2VXY/NZmlingh4lSFMEYCVubfeArCsGPGDwb2yk=
 github.com/arduino/go-serial-utils v0.1.2 h1:MRFwME4w/uaVkJ1R+wzz4KSbI9cF9IDVrYorazvjpTk=
 github.com/arduino/go-serial-utils v0.1.2/go.mod h1:kzIsNPgz8DFAd1sAFKve4ubxrdGcwQ4XzvRLlztsgnE=
-github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.0 h1:v7og6LpskewFabmaShKVzWXl5MXbmsxaRP3yo4dJta8=
-github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.0/go.mod h1:1dgblsmK2iBx3L5iNTyRIokeaxbTLUrYiUbHBK6yC3Y=
+github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.1 h1:Fw8zKj1b/FkcQrWgN7aBw3ubSxpKIUtdANLXvd1Qdzw=
+github.com/arduino/pluggable-discovery-protocol-handler/v2 v2.2.1/go.mod h1:1dgblsmK2iBx3L5iNTyRIokeaxbTLUrYiUbHBK6yC3Y=
 github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
 github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
 github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
@@ -159,8 +159,8 @@ github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
 github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9 h1:w8V9v0qVympSF6GjdjIyeqR7+EVhAF9CBQmkmW7Zw0w=
 github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
-go.bug.st/serial v1.6.1 h1:VSSWmUxlj1T/YlRo2J104Zv3wJFrjHIl/T3NeruWAHY=
-go.bug.st/serial v1.6.1/go.mod h1:UABfsluHAiaNI+La2iESysd9Vetq7VRdpxvjx7CmmOE=
+go.bug.st/serial v1.6.3 h1:S3OG1bH+IDyokVndKrzwxI9ywiGBd8sWOn08dzSqEQI=
+go.bug.st/serial v1.6.3/go.mod h1:nofMJxTeNVny/m6+KaafC6vJGj3miwQZ6vW4BZUGJPI=
 goa.design/goa/v3 v3.16.1 h1:yZwbKrfMpE8+sz0uf+n+BtArVOFQ0kNSC0twQKwQb04=
 goa.design/goa/v3 v3.16.1/go.mod h1:Yd42LR0PYDbHSbsbF3vNd4YY/O+LG20Jb7+IyNdkQic=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=

From 5063c6c5fa0afa2f553b11f582f3f9b2921aa766 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Wed, 26 Mar 2025 14:30:46 +0100
Subject: [PATCH 32/37] fix(release.yml) install go step for gon (#1025)

---
 .github/workflows/release.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3b2a210d9..6275922c3 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -259,6 +259,11 @@ jobs:
     environment: production
 
     steps:
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
       - name: Download artifact
         uses: actions/download-artifact@v4
         with:

From 901728dadac8e48dc8acdc8692ee70d9d13ddb65 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Thu, 27 Mar 2025 09:54:39 +0100
Subject: [PATCH 33/37] fix: allow to specify custom `signatureKey`  in the
 `config.ini` (#1024)

* make the signaturePubKey overwritable

* Add debug logging for signature key parsing and handle newline escape sequences

* Add MustParseRsaPublicKey function for parsing PEM formatted public keys

* Remove debug print statement for signature key and fix comment typo in key parsing logic

* Add error logging for command verification and update comment for public key usage

* refactor(main.go) remove unnecessary print statement in parseIni function

* refactor(utilities): improve formatting in ParseRsaPublicKey function

* style(tools): align field declarations for improved readability

---------

Co-authored-by: Luca Rinaldi 
---
 conn.go                | 158 +++++++++++++++++++++--------------------
 globals/globals.go     |  13 +++-
 main.go                |  16 +++--
 main_test.go           |  10 +--
 tools/download_test.go |   6 +-
 tools/tools.go         |   5 +-
 utilities/utilities.go |  45 ++++++++----
 v2/http.go             |   5 +-
 v2/pkgs/tools.go       |  27 +++----
 v2/pkgs/tools_test.go  |  10 +--
 10 files changed, 172 insertions(+), 123 deletions(-)

diff --git a/conn.go b/conn.go
index b6e03268c..8c71c54c4 100644
--- a/conn.go
+++ b/conn.go
@@ -19,6 +19,7 @@ package main
 
 import (
 	"bytes"
+	"crypto/rsa"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -79,111 +80,114 @@ type Upload struct {
 
 var uploadStatusStr = "ProgrammerStatus"
 
-func uploadHandler(c *gin.Context) {
-	data := new(Upload)
-	if err := c.BindJSON(data); err != nil {
-		c.String(http.StatusBadRequest, fmt.Sprintf("err with the payload. %v", err.Error()))
-		return
-	}
-
-	log.Printf("%+v %+v %+v %+v %+v %+v", data.Port, data.Board, data.Rewrite, data.Commandline, data.Extra, data.Filename)
-
-	if data.Port == "" {
-		c.String(http.StatusBadRequest, "port is required")
-		return
-	}
-
-	if data.Board == "" {
-		c.String(http.StatusBadRequest, "board is required")
-		log.Error("board is required")
-		return
-	}
-
-	if !data.Extra.Network {
-		if data.Signature == "" {
-			c.String(http.StatusBadRequest, "signature is required")
+func uploadHandler(pubKey *rsa.PublicKey) func(*gin.Context) {
+	return func(c *gin.Context) {
+		data := new(Upload)
+		if err := c.BindJSON(data); err != nil {
+			c.String(http.StatusBadRequest, fmt.Sprintf("err with the payload. %v", err.Error()))
 			return
 		}
 
-		if data.Commandline == "" {
-			c.String(http.StatusBadRequest, "commandline is required for local board")
+		log.Printf("%+v %+v %+v %+v %+v %+v", data.Port, data.Board, data.Rewrite, data.Commandline, data.Extra, data.Filename)
+
+		if data.Port == "" {
+			c.String(http.StatusBadRequest, "port is required")
 			return
 		}
 
-		err := utilities.VerifyInput(data.Commandline, data.Signature)
-
-		if err != nil {
-			c.String(http.StatusBadRequest, "signature is invalid")
+		if data.Board == "" {
+			c.String(http.StatusBadRequest, "board is required")
+			log.Error("board is required")
 			return
 		}
-	}
 
-	buffer := bytes.NewBuffer(data.Hex)
+		if !data.Extra.Network {
+			if data.Signature == "" {
+				c.String(http.StatusBadRequest, "signature is required")
+				return
+			}
 
-	filePath, err := utilities.SaveFileonTempDir(data.Filename, buffer)
-	if err != nil {
-		c.String(http.StatusBadRequest, err.Error())
-		return
-	}
+			if data.Commandline == "" {
+				c.String(http.StatusBadRequest, "commandline is required for local board")
+				return
+			}
 
-	tmpdir, err := os.MkdirTemp("", "extrafiles")
-	if err != nil {
-		c.String(http.StatusBadRequest, err.Error())
-		return
-	}
+			err := utilities.VerifyInput(data.Commandline, data.Signature, pubKey)
 
-	for _, extraFile := range data.ExtraFiles {
-		path, err := utilities.SafeJoin(tmpdir, extraFile.Filename)
-		if err != nil {
-			c.String(http.StatusBadRequest, err.Error())
-			return
+			if err != nil {
+				log.WithField("err", err).Error("Error verifying the command")
+				c.String(http.StatusBadRequest, "signature is invalid")
+				return
+			}
 		}
-		log.Printf("Saving %s on %s", extraFile.Filename, path)
 
-		err = os.MkdirAll(filepath.Dir(path), 0744)
-		if err != nil {
-			c.String(http.StatusBadRequest, err.Error())
-			return
-		}
+		buffer := bytes.NewBuffer(data.Hex)
 
-		err = os.WriteFile(path, extraFile.Hex, 0644)
+		filePath, err := utilities.SaveFileonTempDir(data.Filename, buffer)
 		if err != nil {
 			c.String(http.StatusBadRequest, err.Error())
 			return
 		}
-	}
 
-	if data.Rewrite != "" {
-		data.Board = data.Rewrite
-	}
-
-	go func() {
-		// Resolve commandline
-		commandline, err := upload.PartiallyResolve(data.Board, filePath, tmpdir, data.Commandline, data.Extra, Tools)
+		tmpdir, err := os.MkdirTemp("", "extrafiles")
 		if err != nil {
-			send(map[string]string{uploadStatusStr: "Error", "Msg": err.Error()})
+			c.String(http.StatusBadRequest, err.Error())
 			return
 		}
 
-		l := PLogger{Verbose: true}
-
-		// Upload
-		if data.Extra.Network {
-			err = errors.New("network upload is not supported anymore, pease use OTA instead")
-		} else {
-			send(map[string]string{uploadStatusStr: "Starting", "Cmd": "Serial"})
-			err = upload.Serial(data.Port, commandline, data.Extra, l)
+		for _, extraFile := range data.ExtraFiles {
+			path, err := utilities.SafeJoin(tmpdir, extraFile.Filename)
+			if err != nil {
+				c.String(http.StatusBadRequest, err.Error())
+				return
+			}
+			log.Printf("Saving %s on %s", extraFile.Filename, path)
+
+			err = os.MkdirAll(filepath.Dir(path), 0744)
+			if err != nil {
+				c.String(http.StatusBadRequest, err.Error())
+				return
+			}
+
+			err = os.WriteFile(path, extraFile.Hex, 0644)
+			if err != nil {
+				c.String(http.StatusBadRequest, err.Error())
+				return
+			}
 		}
 
-		// Handle result
-		if err != nil {
-			send(map[string]string{uploadStatusStr: "Error", "Msg": err.Error()})
-			return
+		if data.Rewrite != "" {
+			data.Board = data.Rewrite
 		}
-		send(map[string]string{uploadStatusStr: "Done", "Flash": "Ok"})
-	}()
 
-	c.String(http.StatusAccepted, "")
+		go func() {
+			// Resolve commandline
+			commandline, err := upload.PartiallyResolve(data.Board, filePath, tmpdir, data.Commandline, data.Extra, Tools)
+			if err != nil {
+				send(map[string]string{uploadStatusStr: "Error", "Msg": err.Error()})
+				return
+			}
+
+			l := PLogger{Verbose: true}
+
+			// Upload
+			if data.Extra.Network {
+				err = errors.New("network upload is not supported anymore, pease use OTA instead")
+			} else {
+				send(map[string]string{uploadStatusStr: "Starting", "Cmd": "Serial"})
+				err = upload.Serial(data.Port, commandline, data.Extra, l)
+			}
+
+			// Handle result
+			if err != nil {
+				send(map[string]string{uploadStatusStr: "Error", "Msg": err.Error()})
+				return
+			}
+			send(map[string]string{uploadStatusStr: "Done", "Flash": "Ok"})
+		}()
+
+		c.String(http.StatusAccepted, "")
+	}
 }
 
 // PLogger sends the info from the upload to the websocket
diff --git a/globals/globals.go b/globals/globals.go
index d7cb09a17..ac4c14666 100644
--- a/globals/globals.go
+++ b/globals/globals.go
@@ -15,8 +15,15 @@
 
 package globals
 
-// DefaultIndexURL is the default index url
 var (
-	// SignatureKey is the public key used to verify commands and url sent by the builder
-	SignatureKey = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc0yZr1yUSen7qmE3cxF\nIE12rCksDnqR+Hp7o0nGi9123eCSFcJ7CkIRC8F+8JMhgI3zNqn4cUEn47I3RKD1\nZChPUCMiJCvbLbloxfdJrUi7gcSgUXrlKQStOKF5Iz7xv1M4XOP3JtjXLGo3EnJ1\npFgdWTOyoSrA8/w1rck4c/ISXZSinVAggPxmLwVEAAln6Itj6giIZHKvA2fL2o8z\nCeK057Lu8X6u2CG8tRWSQzVoKIQw/PKK6CNXCAy8vo4EkXudRutnEYHEJlPkVgPn\n2qP06GI+I+9zKE37iqj0k1/wFaCVXHXIvn06YrmjQw6I0dDj/60Wvi500FuRVpn9\ntwIDAQAB\n-----END PUBLIC KEY-----"
+	// ArduinoSignaturePubKey is the public key used to verify commands and url sent by the builder
+	ArduinoSignaturePubKey = `-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc0yZr1yUSen7qmE3cxF
+IE12rCksDnqR+Hp7o0nGi9123eCSFcJ7CkIRC8F+8JMhgI3zNqn4cUEn47I3RKD1
+ZChPUCMiJCvbLbloxfdJrUi7gcSgUXrlKQStOKF5Iz7xv1M4XOP3JtjXLGo3EnJ1
+pFgdWTOyoSrA8/w1rck4c/ISXZSinVAggPxmLwVEAAln6Itj6giIZHKvA2fL2o8z
+CeK057Lu8X6u2CG8tRWSQzVoKIQw/PKK6CNXCAy8vo4EkXudRutnEYHEJlPkVgPn
+2qP06GI+I+9zKE37iqj0k1/wFaCVXHXIvn06YrmjQw6I0dDj/60Wvi500FuRVpn9
+twIDAQAB
+-----END PUBLIC KEY-----`
 )
diff --git a/main.go b/main.go
index 1ca857b02..41f824b1b 100755
--- a/main.go
+++ b/main.go
@@ -81,7 +81,7 @@ var (
 	logDump           = iniConf.String("log", "off", "off = (default)")
 	origins           = iniConf.String("origins", "", "Allowed origin list for CORS")
 	portsFilterRegexp = iniConf.String("regex", "usb|acm|com", "Regular expression to filter serial port list")
-	signatureKey      = iniConf.String("signatureKey", globals.SignatureKey, "Pem-encoded public key to verify signed commandlines")
+	signatureKey      = iniConf.String("signatureKey", globals.ArduinoSignaturePubKey, "Pem-encoded public key to verify signed commandlines")
 	updateURL         = iniConf.String("updateUrl", "", "")
 	verbose           = iniConf.Bool("v", true, "show debug logging")
 	crashreport       = iniConf.Bool("crashreport", false, "enable crashreport logging")
@@ -278,9 +278,17 @@ func loop() {
 		}
 	}
 
+	if signatureKey == nil || len(*signatureKey) == 0 {
+		log.Panicf("signature public key should be set")
+	}
+	signaturePubKey, err := utilities.ParseRsaPublicKey([]byte(*signatureKey))
+	if err != nil {
+		log.Panicf("cannot parse signature key '%s'. %s", *signatureKey, err)
+	}
+
 	// Instantiate Index and Tools
 	Index = index.Init(*indexURL, config.GetDataDir())
-	Tools = tools.New(config.GetDataDir(), Index, logger)
+	Tools = tools.New(config.GetDataDir(), Index, logger, signaturePubKey)
 
 	// see if we are supposed to wait 5 seconds
 	if *isLaunchSelf {
@@ -454,7 +462,7 @@ func loop() {
 	r.LoadHTMLFiles("templates/nofirefox.html")
 
 	r.GET("/", homeHandler)
-	r.POST("/upload", uploadHandler)
+	r.POST("/upload", uploadHandler(signaturePubKey))
 	r.GET("/socket.io/", socketHandler)
 	r.POST("/socket.io/", socketHandler)
 	r.Handle("WS", "/socket.io/", socketHandler)
@@ -464,7 +472,7 @@ func loop() {
 	r.POST("/update", updateHandler)
 
 	// Mount goa handlers
-	goa := v2.Server(config.GetDataDir().String(), Index)
+	goa := v2.Server(config.GetDataDir().String(), Index, signaturePubKey)
 	r.Any("/v2/*path", gin.WrapH(goa))
 
 	go func() {
diff --git a/main_test.go b/main_test.go
index d6f23fcec..1387fd221 100644
--- a/main_test.go
+++ b/main_test.go
@@ -30,8 +30,10 @@ import (
 
 	"github.com/arduino/arduino-create-agent/config"
 	"github.com/arduino/arduino-create-agent/gen/tools"
+	"github.com/arduino/arduino-create-agent/globals"
 	"github.com/arduino/arduino-create-agent/index"
 	"github.com/arduino/arduino-create-agent/upload"
+	"github.com/arduino/arduino-create-agent/utilities"
 	v2 "github.com/arduino/arduino-create-agent/v2"
 	"github.com/gin-gonic/gin"
 	"github.com/stretchr/testify/require"
@@ -54,7 +56,7 @@ func TestValidSignatureKey(t *testing.T) {
 
 func TestUploadHandlerAgainstEvilFileNames(t *testing.T) {
 	r := gin.New()
-	r.POST("/", uploadHandler)
+	r.POST("/", uploadHandler(utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey))))
 	ts := httptest.NewServer(r)
 
 	uploadEvilFileName := Upload{
@@ -90,7 +92,7 @@ func TestUploadHandlerAgainstEvilFileNames(t *testing.T) {
 
 func TestUploadHandlerAgainstBase64WithoutPaddingMustFail(t *testing.T) {
 	r := gin.New()
-	r.POST("/", uploadHandler)
+	r.POST("/", uploadHandler(utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey))))
 	ts := httptest.NewServer(r)
 	defer ts.Close()
 
@@ -119,7 +121,7 @@ func TestInstallToolV2(t *testing.T) {
 	Index := index.Init(indexURL, config.GetDataDir())
 
 	r := gin.New()
-	goa := v2.Server(config.GetDataDir().String(), Index)
+	goa := v2.Server(config.GetDataDir().String(), Index, utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 	r.Any("/v2/*path", gin.WrapH(goa))
 	ts := httptest.NewServer(r)
 
@@ -213,7 +215,7 @@ func TestInstalledHead(t *testing.T) {
 	Index := index.Init(indexURL, config.GetDataDir())
 
 	r := gin.New()
-	goa := v2.Server(config.GetDataDir().String(), Index)
+	goa := v2.Server(config.GetDataDir().String(), Index, utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 	r.Any("/v2/*path", gin.WrapH(goa))
 	ts := httptest.NewServer(r)
 
diff --git a/tools/download_test.go b/tools/download_test.go
index 7cf2fab0d..96a105fd7 100644
--- a/tools/download_test.go
+++ b/tools/download_test.go
@@ -21,7 +21,9 @@ import (
 	"testing"
 	"time"
 
+	"github.com/arduino/arduino-create-agent/globals"
 	"github.com/arduino/arduino-create-agent/index"
+	"github.com/arduino/arduino-create-agent/utilities"
 	"github.com/arduino/arduino-create-agent/v2/pkgs"
 	"github.com/arduino/go-paths-helper"
 	"github.com/stretchr/testify/require"
@@ -128,7 +130,7 @@ func TestDownload(t *testing.T) {
 		IndexFile:   *paths.New("testdata", "test_tool_index.json"),
 		LastRefresh: time.Now(),
 	}
-	testTools := New(tempDirPath, &testIndex, func(msg string) { t.Log(msg) })
+	testTools := New(tempDirPath, &testIndex, func(msg string) { t.Log(msg) }, utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 
 	for _, tc := range testCases {
 		t.Run(tc.name+"-"+tc.version, func(t *testing.T) {
@@ -175,7 +177,7 @@ func TestCorruptedInstalled(t *testing.T) {
 	defer fileJSON.Close()
 	_, err = fileJSON.Write([]byte("Hello"))
 	require.NoError(t, err)
-	testTools := New(tempDirPath, &testIndex, func(msg string) { t.Log(msg) })
+	testTools := New(tempDirPath, &testIndex, func(msg string) { t.Log(msg) }, utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 	// Download the tool
 	err = testTools.Download("arduino-test", "avrdude", "6.3.0-arduino17", "keep")
 	require.NoError(t, err)
diff --git a/tools/tools.go b/tools/tools.go
index 5cecc5089..f371126b5 100644
--- a/tools/tools.go
+++ b/tools/tools.go
@@ -16,6 +16,7 @@
 package tools
 
 import (
+	"crypto/rsa"
 	"encoding/json"
 	"path/filepath"
 	"strings"
@@ -55,14 +56,14 @@ type Tools struct {
 // The New functions accept the directory to use to host the tools,
 // an index (used to download the tools),
 // and a logger to log the operations
-func New(directory *paths.Path, index *index.Resource, logger func(msg string)) *Tools {
+func New(directory *paths.Path, index *index.Resource, logger func(msg string), signPubKey *rsa.PublicKey) *Tools {
 	t := &Tools{
 		directory: directory,
 		index:     index,
 		logger:    logger,
 		installed: map[string]string{},
 		mutex:     sync.RWMutex{},
-		tools:     pkgs.New(index, directory.String(), "replace"),
+		tools:     pkgs.New(index, directory.String(), "replace", signPubKey),
 	}
 	_ = t.readMap()
 	return t
diff --git a/utilities/utilities.go b/utilities/utilities.go
index 5979732d4..662672da7 100644
--- a/utilities/utilities.go
+++ b/utilities/utilities.go
@@ -30,8 +30,6 @@ import (
 	"os/exec"
 	"path/filepath"
 	"strings"
-
-	"github.com/arduino/arduino-create-agent/globals"
 )
 
 // SaveFileonTempDir creates a temp directory and saves the file data as the
@@ -131,23 +129,44 @@ func SafeJoin(parent, subdir string) (string, error) {
 	return res, nil
 }
 
-// VerifyInput will verify an input against a signature
+// VerifyInput will verify an input against a signature using the public key.
 // A valid signature is indicated by returning a nil error.
-func VerifyInput(input string, signature string) error {
+func VerifyInput(input string, signature string, pubKey *rsa.PublicKey) error {
 	sign, _ := hex.DecodeString(signature)
-	block, _ := pem.Decode([]byte(globals.SignatureKey))
+	h := sha256.New()
+	h.Write([]byte(input))
+	d := h.Sum(nil)
+	return rsa.VerifyPKCS1v15(pubKey, crypto.SHA256, d, sign)
+}
+
+// ParseRsaPublicKey parses a public key in PEM format and returns the rsa.PublicKey object.
+// Returns an error if the key is invalid.
+func ParseRsaPublicKey(key []byte) (*rsa.PublicKey, error) {
+	block, _ := pem.Decode(key)
 	if block == nil {
-		return errors.New("invalid key")
+		return nil, errors.New("invalid key")
 	}
-	key, err := x509.ParsePKIXPublicKey(block.Bytes)
+
+	parsedKey, err := x509.ParsePKIXPublicKey(block.Bytes)
 	if err != nil {
-		return err
+		return nil, err
 	}
-	rsaKey := key.(*rsa.PublicKey)
-	h := sha256.New()
-	h.Write([]byte(input))
-	d := h.Sum(nil)
-	return rsa.VerifyPKCS1v15(rsaKey, crypto.SHA256, d, sign)
+
+	publicKey, ok := parsedKey.(*rsa.PublicKey)
+	if !ok {
+		return nil, fmt.Errorf("not an rsa key")
+	}
+	return publicKey, nil
+}
+
+// MustParseRsaPublicKey parses a public key in PEM format and returns the rsa.PublicKey object.
+// Panics if the key is invalid.
+func MustParseRsaPublicKey(key []byte) *rsa.PublicKey {
+	parsedKey, err := ParseRsaPublicKey(key)
+	if err != nil {
+		panic(err)
+	}
+	return parsedKey
 }
 
 // UserPrompt executes an osascript and returns the pressed button
diff --git a/v2/http.go b/v2/http.go
index 390ec3989..2b47b93a8 100644
--- a/v2/http.go
+++ b/v2/http.go
@@ -17,6 +17,7 @@ package v2
 
 import (
 	"context"
+	"crypto/rsa"
 	"encoding/json"
 	"net/http"
 
@@ -31,7 +32,7 @@ import (
 )
 
 // Server is the actual server
-func Server(directory string, index *index.Resource) http.Handler {
+func Server(directory string, index *index.Resource, pubKey *rsa.PublicKey) http.Handler {
 	mux := goahttp.NewMuxer()
 
 	// Instantiate logger
@@ -40,7 +41,7 @@ func Server(directory string, index *index.Resource) http.Handler {
 	logAdapter := LogAdapter{Logger: logger}
 
 	// Mount tools
-	toolsSvc := pkgs.New(index, directory, "replace")
+	toolsSvc := pkgs.New(index, directory, "replace", pubKey)
 	toolsEndpoints := toolssvc.NewEndpoints(toolsSvc)
 	toolsServer := toolssvr.New(toolsEndpoints, mux, CustomRequestDecoder, goahttp.ResponseEncoder, errorHandler(logger), nil)
 	toolssvr.Mount(mux, toolsServer)
diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go
index f09dc3f0a..7f34e3d08 100644
--- a/v2/pkgs/tools.go
+++ b/v2/pkgs/tools.go
@@ -18,6 +18,7 @@ package pkgs
 import (
 	"bytes"
 	"context"
+	"crypto/rsa"
 	"crypto/sha256"
 	"encoding/hex"
 	"encoding/json"
@@ -58,23 +59,25 @@ var (
 //
 // It requires an Index Resource to search for tools
 type Tools struct {
-	index     *index.Resource
-	folder    string
-	behaviour string
-	installed map[string]string
-	mutex     sync.RWMutex
+	index                 *index.Resource
+	folder                string
+	behaviour             string
+	installed             map[string]string
+	mutex                 sync.RWMutex
+	verifySignaturePubKey *rsa.PublicKey // public key used to verify the signature of a command sent to the boards
 }
 
 // New will return a Tool object, allowing the caller to execute operations on it.
 // The New function will accept an index as parameter (used to download the indexes)
 // and a folder used to download the indexes
-func New(index *index.Resource, folder, behaviour string) *Tools {
+func New(index *index.Resource, folder, behaviour string, verifySignaturePubKey *rsa.PublicKey) *Tools {
 	t := &Tools{
-		index:     index,
-		folder:    folder,
-		behaviour: behaviour,
-		installed: map[string]string{},
-		mutex:     sync.RWMutex{},
+		index:                 index,
+		folder:                folder,
+		behaviour:             behaviour,
+		installed:             map[string]string{},
+		mutex:                 sync.RWMutex{},
+		verifySignaturePubKey: verifySignaturePubKey,
 	}
 	t.readInstalled()
 	return t
@@ -166,7 +169,7 @@ func (t *Tools) Install(ctx context.Context, payload *tools.ToolPayload) (*tools
 
 	//if URL is defined and is signed we verify the signature and override the name, payload, version parameters
 	if payload.URL != nil && payload.Signature != nil && payload.Checksum != nil {
-		err := utilities.VerifyInput(*payload.URL, *payload.Signature)
+		err := utilities.VerifyInput(*payload.URL, *payload.Signature, t.verifySignaturePubKey)
 		if err != nil {
 			return nil, err
 		}
diff --git a/v2/pkgs/tools_test.go b/v2/pkgs/tools_test.go
index edd575fc8..7bf0ff0e3 100644
--- a/v2/pkgs/tools_test.go
+++ b/v2/pkgs/tools_test.go
@@ -25,7 +25,9 @@ import (
 
 	"github.com/arduino/arduino-create-agent/config"
 	"github.com/arduino/arduino-create-agent/gen/tools"
+	"github.com/arduino/arduino-create-agent/globals"
 	"github.com/arduino/arduino-create-agent/index"
+	"github.com/arduino/arduino-create-agent/utilities"
 	"github.com/arduino/arduino-create-agent/v2/pkgs"
 	"github.com/arduino/go-paths-helper"
 	"github.com/stretchr/testify/require"
@@ -45,7 +47,7 @@ func TestTools(t *testing.T) {
 	// Instantiate Index
 	Index := index.Init(indexURL, config.GetDataDir())
 
-	service := pkgs.New(Index, tmp, "replace")
+	service := pkgs.New(Index, tmp, "replace", utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 
 	ctx := context.Background()
 
@@ -126,7 +128,7 @@ func TestEvilFilename(t *testing.T) {
 	// Instantiate Index
 	Index := index.Init(indexURL, config.GetDataDir())
 
-	service := pkgs.New(Index, tmp, "replace")
+	service := pkgs.New(Index, tmp, "replace", utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 
 	ctx := context.Background()
 
@@ -195,7 +197,7 @@ func TestInstalledHead(t *testing.T) {
 	// Instantiate Index
 	Index := index.Init(indexURL, config.GetDataDir())
 
-	service := pkgs.New(Index, tmp, "replace")
+	service := pkgs.New(Index, tmp, "replace", utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 
 	ctx := context.Background()
 
@@ -216,7 +218,7 @@ func TestInstall(t *testing.T) {
 		LastRefresh: time.Now(),
 	}
 
-	tool := pkgs.New(testIndex, tmp, "replace")
+	tool := pkgs.New(testIndex, tmp, "replace", utilities.MustParseRsaPublicKey([]byte(globals.ArduinoSignaturePubKey)))
 
 	ctx := context.Background()
 

From 87f097b862ae2e98179fd216a132712493777543 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Fri, 28 Mar 2025 16:41:53 +0100
Subject: [PATCH 34/37] fix: update go.bug.st/serial to v1.6.4 to fix windows
 issue (#1027)

* fix: update go.bug.st/serial to v1.6.4

* Updated license cache

---------

Co-authored-by: Cristian Maglie 
---
 .licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml  | 2 +-
 .../go/go.bug.st/serial/enumerator.dep.yml                  | 6 +++---
 .../go/go.bug.st/serial/unixutils.dep.yml                   | 6 +++---
 go.mod                                                      | 2 +-
 go.sum                                                      | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml
index 3c29440df..73d434109 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: go.bug.st/serial
-version: v1.6.3
+version: v1.6.4
 type: go
 summary: Package serial is a cross-platform serial library for the go language.
 homepage: https://pkg.go.dev/go.bug.st/serial
diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml
index 4b562e2a1..d7b0b63e1 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial/enumerator.dep.yml
@@ -1,13 +1,13 @@
 ---
 name: go.bug.st/serial/enumerator
-version: v1.6.3
+version: v1.6.4
 type: go
 summary: Package enumerator is a golang cross-platform library for USB serial port
   discovery.
 homepage: https://pkg.go.dev/go.bug.st/serial/enumerator
 license: bsd-3-clause
 licenses:
-- sources: serial@v1.6.3/LICENSE
+- sources: serial@v1.6.4/LICENSE
   text: |2+
 
     Copyright (c) 2014-2024, Cristian Maglie.
@@ -42,7 +42,7 @@ licenses:
     ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     POSSIBILITY OF SUCH DAMAGE.
 
-- sources: serial@v1.6.3/README.md
+- sources: serial@v1.6.4/README.md
   text: |-
     This software is released under the [BSD 3-clause license].
 
diff --git a/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml b/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
index 0e2d5f7da..ac5bb6bb1 100644
--- a/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
+++ b/.licenses/arduino-create-agent/go/go.bug.st/serial/unixutils.dep.yml
@@ -1,12 +1,12 @@
 ---
 name: go.bug.st/serial/unixutils
-version: v1.6.3
+version: v1.6.4
 type: go
 summary: 
 homepage: https://pkg.go.dev/go.bug.st/serial/unixutils
 license: bsd-3-clause
 licenses:
-- sources: serial@v1.6.3/LICENSE
+- sources: serial@v1.6.4/LICENSE
   text: |2+
 
     Copyright (c) 2014-2024, Cristian Maglie.
@@ -41,7 +41,7 @@ licenses:
     ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     POSSIBILITY OF SUCH DAMAGE.
 
-- sources: serial@v1.6.3/README.md
+- sources: serial@v1.6.4/README.md
   text: |-
     This software is released under the [BSD 3-clause license].
 
diff --git a/go.mod b/go.mod
index 19d0eae02..3bffc09ed 100644
--- a/go.mod
+++ b/go.mod
@@ -21,7 +21,7 @@ require (
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/stretchr/testify v1.9.0
 	github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9
-	go.bug.st/serial v1.6.3
+	go.bug.st/serial v1.6.4
 	goa.design/goa/v3 v3.16.1
 	golang.org/x/sys v0.23.0
 	gopkg.in/inconshreveable/go-update.v0 v0.0.0-20150814200126-d8b0b1d421aa
diff --git a/go.sum b/go.sum
index a46d0bad6..676649d56 100644
--- a/go.sum
+++ b/go.sum
@@ -159,8 +159,8 @@ github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
 github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9 h1:w8V9v0qVympSF6GjdjIyeqR7+EVhAF9CBQmkmW7Zw0w=
 github.com/xrash/smetrics v0.0.0-20170218160415-a3153f7040e9/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
-go.bug.st/serial v1.6.3 h1:S3OG1bH+IDyokVndKrzwxI9ywiGBd8sWOn08dzSqEQI=
-go.bug.st/serial v1.6.3/go.mod h1:nofMJxTeNVny/m6+KaafC6vJGj3miwQZ6vW4BZUGJPI=
+go.bug.st/serial v1.6.4 h1:7FmqNPgVp3pu2Jz5PoPtbZ9jJO5gnEnZIvnI1lzve8A=
+go.bug.st/serial v1.6.4/go.mod h1:nofMJxTeNVny/m6+KaafC6vJGj3miwQZ6vW4BZUGJPI=
 goa.design/goa/v3 v3.16.1 h1:yZwbKrfMpE8+sz0uf+n+BtArVOFQ0kNSC0twQKwQb04=
 goa.design/goa/v3 v3.16.1/go.mod h1:Yd42LR0PYDbHSbsbF3vNd4YY/O+LG20Jb7+IyNdkQic=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=

From b7174301c1983cf2593643b5789e01d3d50d1089 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Tue, 1 Apr 2025 15:42:28 +0200
Subject: [PATCH 35/37] fix: update workflow to use ubuntu-22.04 instead of
 ubuntu-20.04 (#1028)

---
 .github/workflows/publish-go-tester-task.yml |  2 +-
 .github/workflows/release.yml                | 16 ++++++++--------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml
index 8e72c351a..89d5c2b45 100644
--- a/.github/workflows/publish-go-tester-task.yml
+++ b/.github/workflows/publish-go-tester-task.yml
@@ -65,7 +65,7 @@ jobs:
     #use the strategy instead because we still use the native build
     strategy:
       matrix:
-        os: [ubuntu-20.04, windows-2019, macos-13]
+        os: [ubuntu-22.04, windows-2019, macos-13]
         arch: [-amd64]
         include:
           - os: windows-2019
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 6275922c3..12b3781ba 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -32,7 +32,7 @@ jobs:
       prerelease: ${{ steps.prerelease.outputs.IS_PRE }}
     strategy:
       matrix:
-        os: [ubuntu-20.04, windows-2019, macos-13]
+        os: [ubuntu-22.04, windows-2019, macos-13]
         arch: [amd64]
         include:
           - os: windows-2019
@@ -88,7 +88,7 @@ jobs:
 
       - name: Build the Agent for linux
         run: task go:build
-        if: matrix.os == 'ubuntu-20.04'
+        if: matrix.os == 'ubuntu-22.04'
 
         # the manifest is required by windows GUI apps, otherwise the binary will crash with: "Unable to create main window: TTM_ADDTOOL failed" (for reference https://github.com/lxn/walk/issues/28)
         # rsrc will produce a *.syso file that should get automatically recognized by go build command and linked into an executable.
@@ -390,7 +390,7 @@ jobs:
   # This job is responsible for generating the installers (using installbuilder)
   package:
     needs: build
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     env:
       # vars used by installbuilder
@@ -400,10 +400,10 @@ jobs:
     strategy:
       fail-fast: false # if one os is failing continue nonetheless
       matrix: # used to generate installers for different OS and not for runs-on
-        os: [ubuntu-20.04, windows-2019]
+        os: [ubuntu-22.04, windows-2019]
         arch: [amd64]
         include:
-          - os: ubuntu-20.04
+          - os: ubuntu-22.04
             platform-name: linux
             installbuilder-name: linux-x64
             installer-extension: .run
@@ -438,7 +438,7 @@ jobs:
         # zip artifacts do not mantain executable permission
       - name: Make executable
         run: chmod -v +x artifacts/${{ matrix.platform-name }}/${{ env.PROJECT_NAME }}*
-        if: matrix.os == 'ubuntu-20.04'
+        if: matrix.os == 'ubuntu-22.04'
 
       - name: Rename executable to Arduino_Cloud_Agent
         run: mv -v artifacts/${{ matrix.platform-name }}/${{ env.PROJECT_NAME }}${{ matrix.extension }} artifacts/${{ matrix.platform-name }}/Arduino_Cloud_Agent${{ matrix.extension }}
@@ -451,7 +451,7 @@ jobs:
 
       - name: Generate archive
         run: tar -czvf ArduinoCloudAgent-${GITHUB_REF##*/}-${{ matrix.platform-name }}-${{ matrix.arch }}-installer.tar.gz ArduinoCloudAgent-${GITHUB_REF##*/}-${{ matrix.platform-name }}-${{ matrix.arch }}-installer${{matrix.installer-extension}}
-        if: matrix.os == 'ubuntu-20.04'
+        if: matrix.os == 'ubuntu-22.04'
 
       - name: Upload artifacts
         uses: actions/upload-artifact@v4
@@ -606,7 +606,7 @@ jobs:
           if-no-files-found: error
 
   create-release:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     environment: production
     needs: [build, generate-sign-dmg, sign-windows]
 

From e7ea3763ff3d4db6a84c207afd562790a38dc3b5 Mon Sep 17 00:00:00 2001
From: Cristian Maglie 
Date: Thu, 24 Apr 2025 16:45:22 +0200
Subject: [PATCH 36/37] fix: Serial Monitor corrupted output in some rare cases
 (#1032)

* Synchronize multiple open commands coming together.

* Allow re-opening of already opened ports

* Renamed mutex var and added comment

* Error out if baudrate and buftype of already opened port do not match
---
 serial.go     | 19 ++++++-------------
 serialport.go | 31 +++++++++++++++++++++----------
 2 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/serial.go b/serial.go
index 64e5b8f7f..1a43f3644 100755
--- a/serial.go
+++ b/serial.go
@@ -31,7 +31,7 @@ import (
 
 type serialhub struct {
 	// Opened serial ports.
-	ports map[*serport]bool
+	ports map[string]*serport
 
 	mu sync.Mutex
 }
@@ -60,7 +60,7 @@ type SpPortItem struct {
 var serialPorts SerialPortList
 
 var sh = serialhub{
-	ports: make(map[*serport]bool),
+	ports: make(map[string]*serport),
 }
 
 // Register serial ports from the connections.
@@ -68,7 +68,7 @@ func (sh *serialhub) Register(port *serport) {
 	sh.mu.Lock()
 	//log.Print("Registering a port: ", p.portConf.Name)
 	h.broadcastSys <- []byte("{\"Cmd\":\"Open\",\"Desc\":\"Got register/open on port.\",\"Port\":\"" + port.portConf.Name + "\",\"Baud\":" + strconv.Itoa(port.portConf.Baud) + ",\"BufferType\":\"" + port.BufferType + "\"}")
-	sh.ports[port] = true
+	sh.ports[port.portName] = port
 	sh.mu.Unlock()
 }
 
@@ -77,7 +77,7 @@ func (sh *serialhub) Unregister(port *serport) {
 	sh.mu.Lock()
 	//log.Print("Unregistering a port: ", p.portConf.Name)
 	h.broadcastSys <- []byte("{\"Cmd\":\"Close\",\"Desc\":\"Got unregister/close on port.\",\"Port\":\"" + port.portConf.Name + "\",\"Baud\":" + strconv.Itoa(port.portConf.Baud) + "}")
-	delete(sh.ports, port)
+	delete(sh.ports, port.portName)
 	close(port.sendBuffered)
 	close(port.sendNoBuf)
 	sh.mu.Unlock()
@@ -86,15 +86,8 @@ func (sh *serialhub) Unregister(port *serport) {
 func (sh *serialhub) FindPortByName(portname string) (*serport, bool) {
 	sh.mu.Lock()
 	defer sh.mu.Unlock()
-
-	for port := range sh.ports {
-		if strings.EqualFold(port.portConf.Name, portname) {
-			// we found our port
-			//spHandlerClose(port)
-			return port, true
-		}
-	}
-	return nil, false
+	port, ok := sh.ports[portname]
+	return port, ok
 }
 
 // List broadcasts a Json representation of the ports found
diff --git a/serialport.go b/serialport.go
index 0d386bbfc..b3418fe5d 100755
--- a/serialport.go
+++ b/serialport.go
@@ -20,6 +20,7 @@ import (
 	"encoding/base64"
 	"io"
 	"strconv"
+	"sync"
 	"sync/atomic"
 	"time"
 	"unicode/utf8"
@@ -273,7 +274,13 @@ func (p *serport) writerRaw() {
 	h.broadcastSys <- []byte(msgstr)
 }
 
+// This lock is used to prevent multiple threads from trying to open the same port at the same time.
+// It presents issues with the serial port driver on some OS's: https://github.com/arduino/arduino-create-agent/issues/1031
+var spHandlerOpenLock sync.Mutex
+
 func spHandlerOpen(portname string, baud int, buftype string) {
+	spHandlerOpenLock.Lock()
+	defer spHandlerOpenLock.Unlock()
 
 	log.Print("Inside spHandler")
 
@@ -295,11 +302,14 @@ func spHandlerOpen(portname string, baud int, buftype string) {
 	sp, err := serial.Open(portname, mode)
 	log.Print("Just tried to open port")
 	if err != nil {
-		//log.Fatal(err)
-		log.Print("Error opening port " + err.Error())
-		//h.broadcastSys <- []byte("Error opening port. " + err.Error())
-		h.broadcastSys <- []byte("{\"Cmd\":\"OpenFail\",\"Desc\":\"Error opening port. " + err.Error() + "\",\"Port\":\"" + conf.Name + "\",\"Baud\":" + strconv.Itoa(conf.Baud) + "}")
-
+		existingPort, ok := sh.FindPortByName(portname)
+		if ok && existingPort.portConf.Baud == baud && existingPort.BufferType == buftype {
+			log.Print("Port already opened")
+			h.broadcastSys <- []byte("{\"Cmd\":\"Open\",\"Desc\":\"Port already opened.\",\"Port\":\"" + existingPort.portConf.Name + "\",\"Baud\":" + strconv.Itoa(existingPort.portConf.Baud) + ",\"BufferType\":\"" + existingPort.BufferType + "\"}")
+		} else {
+			log.Print("Error opening port " + err.Error())
+			h.broadcastSys <- []byte("{\"Cmd\":\"OpenFail\",\"Desc\":\"Error opening port. " + err.Error() + "\",\"Port\":\"" + conf.Name + "\",\"Baud\":" + strconv.Itoa(conf.Baud) + "}")
+		}
 		return
 	}
 	log.Print("Opened port successfully")
@@ -331,7 +341,6 @@ func spHandlerOpen(portname string, baud int, buftype string) {
 	p.bufferwatcher = bw
 
 	sh.Register(p)
-	defer sh.Unregister(p)
 
 	serialPorts.MarkPortAsOpened(portname)
 	serialPorts.List()
@@ -342,10 +351,12 @@ func spHandlerOpen(portname string, baud int, buftype string) {
 	go p.writerNoBuf()
 	// this is thread to send to serial port but with base64 decoding
 	go p.writerRaw()
-
-	p.reader(buftype)
-
-	serialPorts.List()
+	// this is the thread that reads from the serial port
+	go func() {
+		p.reader(buftype)
+		serialPorts.List()
+		sh.Unregister(p)
+	}()
 }
 
 func (p *serport) Close() {

From b2b98877d93b0e762c50145971d45b5a97cc6d44 Mon Sep 17 00:00:00 2001
From: Davide 
Date: Thu, 15 May 2025 15:51:25 +0200
Subject: [PATCH 37/37] ci(Taskfile): add a command to test autoupdate (#1033)

* feat: add demo task for local auto-update workflow of the Agent

* fix: update autoupdate demo description and improve server wait logic

* fix: remove unnecessary blank lines in Taskfile.yml

* fix: clarify the importance of the 'CreateAgent/Stable' path in update file search
---
 Taskfile.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/Taskfile.yml b/Taskfile.yml
index bba07548e..681c8274d 100644
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -149,6 +149,20 @@ tasks:
       - task: go:vet
       - task: go:lint
 
+  autoupdate:demo:
+    desc: Demo the local auto-update workflow for the Agent (for linux and mac user)
+    prompt: Before continuing, please make sure you’ve opened the "Open Configuration" option from the Agent menu and set the updateUrl=http://127.0.0.1:3000/
+    cmds:
+      - task: go:build
+      - go install github.com/sanbornm/go-selfupdate/...@latest
+      # NOTE: the path 'CreateAgent/Stable' is important to keep as is
+      # because agent searches the update files into "CreateAgent/Stable/{platform}.json" and "https://downloads.arduino.cc/CreateAgent/Stable/{version}/{platform}.gz"
+      - go-selfupdate -o public/CreateAgent/Stable ./arduino-cloud-agent {{.VERSION}}
+      - docker rm -f agent-static-server
+      - docker run --rm -d -v "$PWD/public:/usr/share/nginx/html:ro" -p 3000:80 --name agent-static-server nginx:alpine
+      - sleep 5 # wait the server is up before starting the update
+      - curl -X POST http://127.0.0.1:8991/update
+
 vars:
   # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/release-go-task/Taskfile.yml
   PROJECT_NAME: arduino-cloud-agent