[codex] Add catalog-driven app package installs#70
Conversation
|
Validation update for Local checks passed:
Remote firmware build passed:
COM8 hardware validation passed from the Actions artifact only:
COM11 and COM29 were not used. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0a97df8e09
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if(!app_catalog_find_entry(id, entry, err, sizeof err)) | ||
| goto fail; |
There was a problem hiding this comment.
When the cached catalog contains an entry whose compatibility.targets is only sim, app_catalog_find_entry() still returns it because parsing only records target_tdeck/target_sim; this install path then continues to fetch and promote it on a T-Deck without checking the current build target. That makes incompatible packages installable from both UI and serial catalog installs, so reject entries whose target flag does not match the running build before continuing.
Useful? React with 👍 / 👎.
| if(!lz_store_install_app_package(entry->id, selected, entry->package_sha256, | ||
| entry->package_bytes, r)) { |
There was a problem hiding this comment.
For catalog installs, this call verifies only the package id/hash/size and then promotes whatever permissions the embedded manifest declares. If the catalog row says a package is display-only but the downloaded manifest requests storage or network_wifi, the install succeeds and the app later runs with the broader manifest permissions, so the validated catalog metadata is not actually enforced. Compare the extracted manifest's permission/API metadata with entry and roll back on mismatch before treating the catalog install as successful.
Useful? React with 👍 / 👎.
1 participant
Summary
app catalog install[-test], and App Store GET/UPDATE/OPEN stateStack
This branch includes the existing open-pr commits for:
5f4b523)8706af9)New work is in
c38904eon top of merge commit759c251.Validation
git diff --checkpython -m py_compile scripts\validate_app_catalog.py scripts\build_app_package.pypython scripts\validate_app_catalog.py docs\examples\app-catalog-index.jsonpython scripts\validate_local_app_samples.pypython scripts\build_app_package.py examples\local-apps\weather-mesh --out .pio\weather-mesh-test.zip --device-path /sd/limitlezz/packages/weather.mesh.zippio run -e native.pio\build\native\program.exe --selftest.pio\build\native\program.exe --simtestpio run -e tdeck(RAM 248592 / 327680, Flash 1729113 / 5242880)pio run -e tdeck-meshcore(RAM 248592 / 327680, Flash 1730721 / 5242880)Hardware plan
After Firmware CI publishes the exact
tdeck-meshcoreartifact for this commit, flash that artifact on COM8 only and run serial smoke includingapp catalog status,app catalog test,app catalog install-test, andapp package test.