{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":819545415,"defaultBranch":"OQS-v8","name":"openssh","ownerLogin":"geedo0","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2024-06-24T18:13:11.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/7552310?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1724789130.0","currentOid":""},"activityList":{"items":[{"before":"cdfe8e5fed13fd46352da712d6426e40ea3ca8c1","after":"6d096ec4a11301695c9d5f487b33effda00be57a","ref":"refs/heads/release-wip","pushedAt":"2024-08-28T15:10:10.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"add another note about ipd\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"add another note about ipd"}},{"before":"383829640582ef3ba307b4c438e3e615134acee9","after":"cdfe8e5fed13fd46352da712d6426e40ea3ca8c1","ref":"refs/heads/release-wip","pushedAt":"2024-08-28T14:40:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Add note about IPD/Final\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"Add note about IPD/Final"}},{"before":"1e4d549a989384203be03d40f4ab86955a7058c9","after":"383829640582ef3ba307b4c438e3e615134acee9","ref":"refs/heads/release-wip","pushedAt":"2024-08-27T20:08:41.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Update release documentation for OQS-OpenSSH snapshot 2024-08\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"Update release documentation for OQS-OpenSSH snapshot 2024-08"}},{"before":null,"after":"1e4d549a989384203be03d40f4ab86955a7058c9","ref":"refs/heads/release-wip","pushedAt":"2024-08-27T20:05:30.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Update release documentation for OQS-OpenSSH snapshot 2024-08","shortMessageHtmlLink":"Update release documentation for OQS-OpenSSH snapshot 2024-08"}},{"before":"7779e874691dbc1c3f000ecc5aba30b241c1d01b","after":null,"ref":"refs/heads/sntrup","pushedAt":"2024-08-27T13:12:16.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"}},{"before":"ea8621a6c174cfd6811527ae47fac02716f099f2","after":"7779e874691dbc1c3f000ecc5aba30b241c1d01b","ref":"refs/heads/sntrup","pushedAt":"2024-08-26T18:43:56.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Add liboqs-backed implementation of sntrup761x25519-sha512@openssh.com\n\n`sntrup761x25519-sha512@openssh.com` is a PQ key exchange algorithm available in upstream OpenSSH. This implements that algorithm using the sntrup761 implementation within liboqs. Using this, we are able to demonstrate interop with upstream OpenSSH for this specific algorithm and more generally the construction of the hybrid combiner. While sntrup761 has fallen out of fashion, we have received [reassurances](https://github.com/open-quantum-safe/liboqs/pull/1328#issuecomment-1354111314) from upstream OpenSSH that it will be supported until at least 2027.\n\nSupport for the algorithm is added by adding the necessary entry to `generate.yml` and generating the relevant code snippets. In addition, we had to address the conflicting implementation from upstream by disabling the preprocessor macro and/or removing the conflicting code segment.\n\nTesting\n\nUpdated `try_connection.py` to accept a specific KEX and/or SIG to test. This allows us to test arbitrary algorithms against arbitrary SSH implementations including the upstream OpenSSH. It was necessary to add a classical signature to the test so that there would be a supported signature in upstream OpenSSH that OQS could test against. In a follow-up PR I plan to add a CI job to do this, but am running short on time this week.\n\nRelated to Issue #163\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"Add liboqs-backed implementation of sntrup761x25519-sha512@openssh.com"}},{"before":"4b2b83290fb0b2f1823d8a4be396bc6c5a0e60cd","after":"ea8621a6c174cfd6811527ae47fac02716f099f2","ref":"refs/heads/sntrup","pushedAt":"2024-08-26T18:32:00.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"bypass tests to check ci","shortMessageHtmlLink":"bypass tests to check ci"}},{"before":"7790d3a617b35dad7f20ba715b296a5fa476baaa","after":"4b2b83290fb0b2f1823d8a4be396bc6c5a0e60cd","ref":"refs/heads/sntrup","pushedAt":"2024-08-26T18:29:22.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"integration testing","shortMessageHtmlLink":"integration testing"}},{"before":"ac5f4a1378f04369cf2f7ff78d893f34c0ffcb25","after":"66fafed8ca4cd15170a63ef7156ffe899a9e789e","ref":"refs/heads/x25519","pushedAt":"2024-08-26T14:09:40.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"remove unnecessary pointer increment","shortMessageHtmlLink":"remove unnecessary pointer increment"}},{"before":"ded9f7a44460b66cc75b8c04b0d474a6ce395dbc","after":"ac5f4a1378f04369cf2f7ff78d893f34c0ffcb25","ref":"refs/heads/x25519","pushedAt":"2024-08-21T17:58:43.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Add support for hybrid-PQ key exchange with x25519\n\nThis adds support for hybrid-PQ key exchanges with x25519. This allows for the implementation of `mlkem768x25519-sha256` as defined by [draft-kampanakis-curdle-ssh-pq-ke-02](https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/) and `sntrup761x25519-sha512@openssh.com` as defined by upstream OpenSSH. We also take the opportunity to add hybrid implementations for all existing PQ key exchanges which supported NIST P-256. Due to the conflicting implementation for `sntrup761x25519-sha512@openssh.com` we omit an OQS exclusive version for now and will plan for it in a future PR. Unlike in `oqs-provider`, we cannot provide support for x448 hybrid algorithms since the x448 algorithm is not available within OpenSSH.\n\nThe way this all works is by introducing a new source file `kexoqsx25519.c` which is a synthesis of `kexoqsecdh.c` and `kexsntrup761x25519.c`. These files provide example implementations of hybrid-PQ for OQS-backed algorithms and x25519 usage. In that source file, we define functions to implement OpenSSH's KEX interface for each hybrid algorithm using an `oqs-template` file. Within the `generate.yml`, we add a new boolean key to flag `x25519` hybrids similar to how the `rsa` key works for hybrid signatures.\n\nRelated to issue #163.\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"Add support for hybrid-PQ key exchange with x25519"}},{"before":"128b74ad9dc10053e2fbcd7fbd79ac5829095bb9","after":"ded9f7a44460b66cc75b8c04b0d474a6ce395dbc","ref":"refs/heads/x25519","pushedAt":"2024-08-21T17:56:56.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Add support for hybrid-PQ key exchange with x25519\n\nThis adds support for hybrid-PQ key exchanges with x25519. This allows for the implementation of `mlkem768x25519-sha256` as defined by [draft-kampanakis-curdle-ssh-pq-ke-02](https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/) and `sntrup761x25519-sha512@openssh.com` as defined by upstream OpenSSH. We also take the opportunity to add hybrid implementations for all existing PQ key exchanges which supported NIST P-256. Due to the conflicting implementation for `sntrup761x25519-sha512@openssh.com` we omit an OQS exclusive version for now and will plan for it in a future PR. Unlike in `oqs-provider`, we cannot provide support for x448 hybrid algorithms since the x448 algorithm is not available within OpenSSH.\n\nThe way this all works is by introducing a new source file `kexoqsx25519.c` which is a synthesis of `kexoqsecdh.c` and `kexsntrup761x25519.c`. These files provide example implementations of hybrid-PQ for OQS-backed algorithms and x25519 usage. In that source file, we define functions to implement OpenSSH's KEX interface for each hybrid algorithm using an `oqs-template` file. Within the `generate.yml`, we add a new boolean key to flag `x25519` hybrids similar to how the `rsa` key works for hybrid signatures.\n\nRelated to issue #163.","shortMessageHtmlLink":"Add support for hybrid-PQ key exchange with x25519"}},{"before":"428ae79c7bed6b231731e09a7cc8a2b5fb318043","after":null,"ref":"refs/heads/update-algs","pushedAt":"2024-08-21T17:53:00.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"}},{"before":"4fc0fda9d6d0a2447dfbcae01616ddc139ec2a26","after":"428ae79c7bed6b231731e09a7cc8a2b5fb318043","ref":"refs/heads/update-algs","pushedAt":"2024-08-21T16:43:18.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Update PQ Algorithms\n\nThis aligns the algorithms supported by the OQS OpenSSH fork with the algorithms available in liboqs.\n\n- Added support for ML-KEM-IPD using the ML-KEM alias and the names/curves documented by the [PQ SSH draft RFC](https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/).\n- Added support for ML-DSA-IPD using the ML-DSA alias following the conventions from the Dilithium implementation. The Dilithium signatures have been disabled.\n- Updated from BIKE Round 3 to Round 4. This adds a new parameter set for BIKE-L5.\n- Added support for the Falcon PADDED format. It is disabled by default to preserve entries in the bit-mask.\n- Added support for MAYO. The level 1 variant is left disabled.\n\nThe KEX algorithms specified by the draft RFC do not match the security\nlevel pairing convention followed by Kyber so we chose to prefer the\npairings specified in the document. There were no proposed parameter\nsets for ML-KEM-512 so we defaulted to the conventional parameters.\nx25519 hybrids are currently not handled by the oqs-openssh fork so\nwe've omitted `mlkem768x25519-sha256` support for now.\n\nThis does not add support for sntrup761 as that requires handling the conflict with the upstream OpenSSH implementation.\n\nRelated to Issue #163\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"Update PQ Algorithms"}},{"before":"d4fa2fbf7fa574a25f68f6f956c0790ed65ee467","after":null,"ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T16:37:23.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"}},{"before":"e9cd961ddaa73a639ccef15b6dd6d744d73ec7d0","after":"d4fa2fbf7fa574a25f68f6f956c0790ed65ee467","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T16:36:24.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Update .github/workflows/ubuntu.yaml\n\nCo-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>\nSigned-off-by: Gerardo Ravago <gerardo@gcr.me>","shortMessageHtmlLink":"Update .github/workflows/ubuntu.yaml"}},{"before":"300c70e6312dd3655d0984a4841548619e5fc37e","after":"e9cd961ddaa73a639ccef15b6dd6d744d73ec7d0","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:57:02.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Migrate CI to Github Actions\n\nWe are hitting the 1 hour time limit of Circle CI (Issue #166). This migrates the existing CircleCI job completely to Github Actions which has a 5 hour time limit.\n\nFor the most part, this is pretty much a one-to-one migration. Since upstream OpenSSH provided its own set of Github Actions, I simply moved those to the `upstream-github` directory to avoid conflicts and preserve the source. I did run into two issues with getting the integration tests to pass. Beyond that, I ran into two issues that arose from migrating to Github Actions which need to be partched around.\n\nagent-subprocess zombie process reaping\n\nThe combination of Github Actions' host with the OQS CI container results in a lazier reaping of zombie processes which breaks this test. In this test, ssh-agent is run as a subprocess to some arbitrary user command. This enables exclusive access to ssh-agent to that specific process. The way this works under the hood is that ssh-agent forks into a child process and the parent process exec's into the arbitrary command ([code ref](https://github.com/open-quantum-safe/openssh/blob/OQS-v9/ssh-agent.c#L2384)) which runs to completion. The child process than polls its parent process until it detects its own orphaned status and terminates itself. This, by design, results in a zombie process which must be reaped. The test's assertion uses `kill -0` to check for liveness, but that counts zombies as \"alive\". The workaround for this then is to add an additional check to assert that zombies are in fact \"dead\".\n\npercent expansion is broken due to Github's HOME override\n\nThe `percent` test tests % expansions inside SSH config files (e.g. home directory, username, port number). The assertion for the home directory uses the `HOME` environmental variable. Unfortunately, when running a container on a Github Runner, they unconditionally override the value of `HOME` with `/github/home` ([issue ref](https://github.com/actions/runner/issues/863)) and this breaks the test assertion. The fix here is to get a more reliable reference for the home directory and use that for the assertion.\n\nSigned-off-by: Gerardo Ravago <gcr@amazon.com>","shortMessageHtmlLink":"Migrate CI to Github Actions"}},{"before":"abe29e4f23a37fca9ca6bc068535497e28bc4040","after":"300c70e6312dd3655d0984a4841548619e5fc37e","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:55:53.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Migrate CI to Github Actions\n\nWe are hitting the 1 hour time limit of Circle CI (Issue #166). This migrates the existing CircleCI job completely to Github Actions which has a 5 hour time limit.\n\nFor the most part, this is pretty much a one-to-one migration. Since upstream OpenSSH provided its own set of Github Actions, I simply moved those to the `upstream-github` directory to avoid conflicts and preserve the source. I did run into two issues with getting the integration tests to pass. Beyond that, I ran into two issues that arose from migrating to Github Actions which need to be partched around.\n\nagent-subprocess zombie process reaping\n\nThe combination of Github Actions' host with the OQS CI container results in a lazier reaping of zombie processes which breaks this test. In this test, ssh-agent is run as a subprocess to some arbitrary user command. This enables exclusive access to ssh-agent to that specific process. The way this works under the hood is that ssh-agent forks into a child process and the parent process exec's into the arbitrary command ([code ref](https://github.com/open-quantum-safe/openssh/blob/OQS-v9/ssh-agent.c#L2384)) which runs to completion. The child process than polls its parent process until it detects its own orphaned status and terminates itself. This, by design, results in a zombie process which must be reaped. The test's assertion uses `kill -0` to check for liveness, but that counts zombies as \"alive\". The workaround for this then is to add an additional check to assert that zombies are in fact \"dead\".\n\npercent expansion is broken due to Github's HOME override\n\nThe `percent` test tests % expansions inside SSH config files (e.g. home directory, username, port number). The assertion for the home directory uses the `HOME` environmental variable. Unfortunately, when running a container on a Github Runner, they unconditionally override the value of `HOME` with `/github/home` ([issue ref](https://github.com/actions/runner/issues/863)) and this breaks the test assertion. The fix here is to get a more reliable reference for the home directory and use that for the assertion.\n\nSigned-off-by: gcr <gcr@amazon.com>","shortMessageHtmlLink":"Migrate CI to Github Actions"}},{"before":"9c2b7243b99a32e1ddc334f1a69f1c03e74024cc","after":"abe29e4f23a37fca9ca6bc068535497e28bc4040","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:54:00.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Migrate CI to Github Actions\n\nWe are hitting the 1 hour time limit of Circle CI (Issue #166). This migrates the existing CircleCI job completely to Github Actions which has a 5 hour time limit.\n\nFor the most part, this is pretty much a one-to-one migration. Since upstream OpenSSH provided its own set of Github Actions, I simply moved those to the `upstream-github` directory to avoid conflicts and preserve the source. I did run into two issues with getting the integration tests to pass. Beyond that, I ran into two issues that arose from migrating to Github Actions which need to be partched around.\n\nThe combination of Github Actions' host with the OQS CI container results in a lazier reaping of zombie processes which breaks this test. In this test, ssh-agent is run as a subprocess to some arbitrary user command. This enables exclusive access to ssh-agent to that specific process. The way this works under the hood is that ssh-agent forks into a child process and the parent process exec's into the arbitrary command ([code ref](https://github.com/open-quantum-safe/openssh/blob/OQS-v9/ssh-agent.c#L2384)) which runs to completion. The child process than polls its parent process until it detects its own orphaned status and terminates itself. This, by design, results in a zombie process which must be reaped. The test's assertion uses `kill -0` to check for liveness, but that counts zombies as \"alive\". The workaround for this then is to add an additional check to assert that zombies are in fact \"dead\".\n\nThe `percent` test tests % expansions inside SSH config files (e.g. home directory, username, port number). The assertion for the home directory uses the `HOME` environmental variable. Unfortunately, when running a container on a Github Runner, they unconditionally override the value of `HOME` with `/github/home` ([issue ref](https://github.com/actions/runner/issues/863)) and this breaks the test assertion. The fix here is to get a more reliable reference for the home directory and use that for the assertion.\n\nSigned-off-by: gcr <gcr@amazon.com>","shortMessageHtmlLink":"Migrate CI to Github Actions"}},{"before":"c080b512ff7f537f2ebc710f89b8af35755d6649","after":"9c2b7243b99a32e1ddc334f1a69f1c03e74024cc","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:48:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"test percent with fix","shortMessageHtmlLink":"test percent with fix"}},{"before":"8cada89420e6748b69fdfeda2c9c716c983f1884","after":"c080b512ff7f537f2ebc710f89b8af35755d6649","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:42:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"fix user variable","shortMessageHtmlLink":"fix user variable"}},{"before":"4bf6b95554f4801152de767251a8fd070add86f1","after":"8cada89420e6748b69fdfeda2c9c716c983f1884","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:38:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"test inside bash script","shortMessageHtmlLink":"test inside bash script"}},{"before":"b82b12f615e37f73aa3c28d0c5a3d7df002ef570","after":"4bf6b95554f4801152de767251a8fd070add86f1","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:33:33.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"fix grep","shortMessageHtmlLink":"fix grep"}},{"before":"e776e78706810446c5d580c3dba5704c0530a1ba","after":"b82b12f615e37f73aa3c28d0c5a3d7df002ef570","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:29:06.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"try various home strats","shortMessageHtmlLink":"try various home strats"}},{"before":"2d52c6b63d7b213be78f3e66d3d5665dfd65fef6","after":"e776e78706810446c5d580c3dba5704c0530a1ba","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:18:25.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"log home values","shortMessageHtmlLink":"log home values"}},{"before":"77cc16f7926f921a1e10ba83519347ca25cfa6e9","after":"2d52c6b63d7b213be78f3e66d3d5665dfd65fef6","ref":"refs/heads/gh-actions","pushedAt":"2024-08-21T14:03:12.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"test home workaround","shortMessageHtmlLink":"test home workaround"}},{"before":"8167f61f81fc5fe5f575073bf5e4e6da7aa59e84","after":"77cc16f7926f921a1e10ba83519347ca25cfa6e9","ref":"refs/heads/gh-actions","pushedAt":"2024-08-20T22:25:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"test","shortMessageHtmlLink":"test"}},{"before":"e1572953e2c49670fc53a2f91e1a59ea9e70f10e","after":"8167f61f81fc5fe5f575073bf5e4e6da7aa59e84","ref":"refs/heads/gh-actions","pushedAt":"2024-08-20T20:05:51.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"skip percent","shortMessageHtmlLink":"skip percent"}},{"before":"9f7ce86b83d251c53b98853b8a5229a051984309","after":"e1572953e2c49670fc53a2f91e1a59ea9e70f10e","ref":"refs/heads/gh-actions","pushedAt":"2024-08-20T20:01:31.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Migrate CI to Github Actions\n\nWe are hitting the 1 hour time limit of Circle CI (Issue #166). This migrates the existing CircleCI job completely to Github Actions which has a 5 hour time limit.\n\nFor the most part, this is pretty much a one-to-one migration. The one oddity I noticed is a regression in one of the unit tests. I've root-caused it to a change in how Github's Ubuntu host + OQS' CI container handles zombie processes. In this configuration, they don't seem to reap zombies as aggressively as it did in CircleCI. This causes the test to \"fail\" because it counts a zombie as \"alive\". The creation of a zombie is by design due to how ssh-agent's subprocess mode works (ssh-agent forks into a child process to allow an arbitrary parent to take over, the child then becomes a zombie when it recognizes its orphaned status). To work around this, I added a check to the assertion to count zombies as \"not alive\" and this allows the test to pass on Github Actions.\n\nSince upstream OpenSSH provided its own set of Github Actions, I simply moved those to the `upstream-github` directory to avoid conflicts and preserve the source.\n\nSigned-off-by: gcr <gcr@amazon.com>","shortMessageHtmlLink":"Migrate CI to Github Actions"}},{"before":"b40ffec5687317ceb8009a4fc3c1c5f90b18db77","after":"9f7ce86b83d251c53b98853b8a5229a051984309","ref":"refs/heads/gh-actions","pushedAt":"2024-08-20T19:53:57.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"Migrate CI to Github Actions\n\nWe are hitting the 1 hour time limit of Circle CI (Issue #166). This migrates the existing CircleCI job completely to Github Actions which has a 5 hour time limit.\n\nFor the most part, this is pretty much a one-to-one migration. The one oddity I noticed is a regression in one of the unit tests. I've root-caused it to a change in how Github's Ubuntu host + OQS' CI container handles zombie processes. In this configuration, they don't seem to reap zombies as aggressively as it did in CircleCI. This causes the test to \"fail\" because it counts a zombie as \"alive\". The creation of a zombie is by design due to how ssh-agent's subprocess mode works (ssh-agent forks into a child process to allow an arbitrary parent to take over, the child then becomes a zombie when it recognizes its orphaned status). To work around this, I added a check to the assertion to count zombies as \"not alive\" and this allows the test to pass on Github Actions.\n\nSince upstream OpenSSH provided its own set of Github Actions, I simply moved those to the `upstream-github` directory to avoid conflicts and preserve the source.","shortMessageHtmlLink":"Migrate CI to Github Actions"}},{"before":"a31d3c3f491f733a3eb5e03507400969400a6c03","after":"b40ffec5687317ceb8009a4fc3c1c5f90b18db77","ref":"refs/heads/gh-actions","pushedAt":"2024-08-20T19:22:57.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"geedo0","name":"Gerardo Ravago","path":"/geedo0","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7552310?s=80&v=4"},"commit":{"message":"migrate to github actions","shortMessageHtmlLink":"migrate to github actions"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOC0yOFQxNToxMDoxMC4wMDAwMDBazwAAAASmp9h_","startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOC0yOFQxNToxMDoxMC4wMDAwMDBazwAAAASmp9h_","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOC0yMFQxOToyMjo1Ny4wMDAwMDBazwAAAASfdnff"}},"title":"Activity · geedo0/openssh"}