v0.22.0

Highlights

• Added a new Golioth PKI service. Golioth PKI can be used to securely rotate certificates by sending Certificate Signing Requests to be signed by the PKI provider configured in your Golioth project.

• Logs are sent through Pipelines by default. This allows seamless routing of logs to the destination of your choice.

  NOTE: Existing projects will need to create a new Pipeline in order to continue to have logs stored in the Golioth Logs service. Alternatively, you may set CONFIG_GOLIOTH_LOG_LEGACY=y to preserve the existing functionality. Add the new Pipeline to your project by clicking here or manually enter the Pipeline YAML below:

filter:
  path: "/logs"
  content_type: application/cbor
steps:
  - name: step-0
    transformer:
      type: cbor-to-json
      version: v1
    destination:
      type: logs
      version: v1

Added

• New Kconfig options for setting min/max DTLS handshake timeout
• New Zephyr example for Certificate Rotation
• More readable error messages

Changed

• The Firmware Update reference design has been moved to the samples
• ESP-IDF: ESP32 and ESP32C3 have been removed from the Continuously Verified Boards
• Zephyr: ESP32S3 replaces ESP32 as a Continuously Verified Board
• Stream and Location examples: use /data prefix for paths

Fixed

• Various fixes and stabilizations for tests
• Fixed potential buffer overrun during logging
• Fixed potential buffer overrun when receiving LightDB payloads
• Fixed out-of-bounds read for maximum length blockwise paths
• Avoid calling duplicate error callbacks during blockwise operations
• Fixed missing abstraction in SHA calculation on ESP-IDF
• Fixed bug that prevented re-creating the Golioth Client with new credentials at runtime

v0.21.1

Fixed

• Fixed Settings when using ZCBOR_CANONICAL
• Fixed incorrect pointer passed to timer callbacks

v0.21.0

Breaking Changes

• The function for subscribing to changes to the OTA manifest has
  been renamed from golioth_ota_observe_manifest_async() to
  golioth_ota_manifest_subscribe(). This name change reflects the
  new subscription behavior described below. Applications using
  Golioth's reference firmware update implementation do not require
  any changes.
• Applications which use Golioth's sample library for storing WiFi
  credentials will need to maintain that functionality themselves
  going forward or migrate to Zephyr's WiFi Credentials library
  (see below).

Added

• The OTA service now periodically polls for updates to the OTA
  manifest, in addition to using CoAP observations to receive
  asynchronous notifications of changes to the manifest. The
  polling period defaults to 1 day and is configurable using
  CONFIG_GOLIOTH_OTA_MANIFEST_SUBSCRITION_POLL_INTERVAL_S.

Changed

• Zephyr samples use Zephyr's native WiFi Credentials library for
  storing WiFi network information, instead of the previous custom
  solution. This provides greater flexibility in the selection of
  WiFi security and storage backend options.
• Zephyr support has been upgraded to v4.2.1.
• nRF Connect SDK support has been upgraded to v3.1.1.

v0.20.0

Added

• The Gateway service supports certificate operations

Changed

• The Gateway service pulls downlink data as a response to uplink
• The Gateway service targets a different path

v0.19.1

• Fixed compilation errors and warnings when disabling Golioth logging
• Fixed an error log related to CoAP option lengths
• Fixed garbage appended to path when receiving blockwise responses

v0.19.0

Changed

• Based on experience gained during the Private Access phase, the
  Golioth Location service has been changed from a dedicated service
  to a Pipelines Transformer. The experimental firmware service has
  been removed and the Location examples have been updated to use
  Pipelines. A new net_info utility has been added to facilitate
  constructing payloads appropriate for use with the transformer.

Fixed:

• Fixed a NULL dereference that occurred when processing certain errors
  in CoAP blockwise operations.
• Fixed some internal log messages being to sent to Golioth even when
  turned off in Kconfig.
• Fixed unsigned-compare-against zero in certain error paths
• Fixed memory leak during blockwise transfers

Added

• The CoAP client can now receive blockwise responses to blockwise
  posts.
• Added an API for receiving OTA manifests blockwise, to support
  manifests larger than 1 kB.
• The SDK is now scanned by Coverity Static Analysis

v0.18.1

Fixed

• OTA: Fixed a bug that could result in hung downloads during high
  traffic events.
• Zephyr: Fixed a bug that prevented the keepalive timer from working,
  resulting in disconnects during periods of no traffic.

Added

• Examples: Added an option to get credentials from the host
  environment when using Zephyr's native_sim platform.

v0.18.0

Breaking Changes

• Zephyr: The default maximum path length for Golioth APIs has changed
  from 39 characters to 12 characters and the
  CONFIG_GOLIOTH_COAP_MAX_PATH_LEN symbol can no longer be changed by
  the user. Update this limit using the following Kconfig symbols
  supplied by Zephyr's CoAP library:

  CONFIG_COAP_EXTENDED_OPTIONS_LEN=y
  CONFIG_COAP_EXTENDED_OPTIONS_LEN_VALUE=39
  

• OTA: golioth_ota_download_component is now non-blocking, and the
  function signature has changed to support two callbacks - one for
  reading blocks called 0 or more times, and one that is called exactly
  one time at the end of the download.

Removed

• QEMU is no longer continually verified. Users should use native_sim
  for emulated testing.
• i.MX RT1024 is no longer continually verified. It is replaced with
  the FRDM-RW612.
• Zephyr: Hardcoded WiFi and TLS credentials are no longer supported.
  Users should use the provided shell functions to set WiFi and TLS
  credentials instead.

Changed

• Zephyr support upgraded to v4.1.0
• nRF Connect SDK support upgraded to v3.0.1
• ESP-IDF support upgraded to v5.4.1
• The FW Update rollback timer is now configurable, and the default is
  changed from 60 seconds to 300 seconds.

Added:

• FW Update now checks if an artifact is already stored before
  initiating a download. This will prevent excessive network and flash
  operations in this case that an update cannot be applied.
• Multipart API for blockwise uploads.
• Continually verify on FRDM-RW612
• Added an API for on-demand fetching of the OTA manifest
• Support PSA crypto API
• EXPERIMENTAL: Gateway service for proxying pouches to Golioth

Fixed

• Zephyr: correctly detect path names that are longer than the maximum
  setting.
• Various typos and formatting
• Plugged a memory leak when using SHA256

v0.17.0

Highlights:

• Added New Golioth Location Service
• Improved OTA stability and robustness
• ESP-IDF port updated to ESP-IDF v5.4
• ModusToolbox port updated to ModusToolbox v3.3

Added:

• New APIs for interacting with the Golioth Location service. Golioth
  Location can be used to resolve WiFi scan results and cellular tower
  information into approximate geolocation.
• New Zephyr examples for the Golioth Location service.
• fw_update: Resume downloads
• fw_update: Retry downloads with backoff
• fw_update: Add retries for reporting state

Changed:

• Default PSK max length set to 32 to match mbedTLS defaults
• Improved WiFi handling in samples
• Improved handling of new OTA manifests when download is in progress

v0.16.0

Breaking Changes:

• All asynchronous callbacks now have both a status member and a coap_rsp_code member to replace the response member. All of the same information remains accessible. Update callback functions to match the new declaration and change any response->status checks to status.
• golioth_ota_download_component() has a new uint32_t *next_block_idx parameter. Use this to resume block download. Set to NULL to use previous functionality in existing code.
• The parameters for ota_component_block_write_cb() have changed to include block_buffer_len for the actual length of data and negotiated_block_size to indicate the maximum block size (may be used along with block_idx to calculate a byte offset).
• golioth_ota_component->hash is now stored as an array of bytes instead of as a hex string.

Highlights:

• Zephyr port updated to Zephyr v4.0
• NCS port updated to NCS v2.8
• Improved OTA stablility

Added:

• ESP-IDF: optional ipv6 support enabled by CONFIG_LIBCOAP_ENABLE_IPV6_SUPPORT
• LightDB/OTA/RPC: log message when an error response is received from server
• CoAP: Server-negotiated block size for blockwise uploads
• CoAP: optionally call a set_cb callback at the end of a blockwise upload operation
• OTA: ability to resume a component download
• golioth_sys_sha256_*() API for calculating OTA component hash
• CONFIG_GOLIOTH_OTA to enable OTA component separately from fw_update component
• Numerous hardware-in-the-loop (HIL) testing improvements for both code samples and integration tests

Changed:

• Certificates: Replace ISRG Root X2 CA certificate with Golioth Root X1 CA certificate.
• Zephyr: Samples: kconfig and devicetree settings common to an SoC moved from boards directory to socs directory.

Fixed:

• Zephyr: Golioth coap client log messages now honor changes to the logging level.
• Zephyr: Fixed off-by-one error in Golioth backend logging message length limit.
• Zephyr: Connection ID is now properly enabled by Kconfig setting.
• Zephyr: Run user callbacks when cancelling requests.
• Linux: Error checks and max PEM size for certificate_auth sample.

Removed:

• OTA compression was removed as the feature is currently unsupported on the servers side.
• Golioth Basics sample removed from Zephyr and ESP-IDF. Existing per-feature sample code for these platforms covers everything demonstrated in that sample.

Known Issues:

• [Zephyr only] examples won't build for esp32_devkitc_wrover with support for certificates due to bugs in Zephyr that prevent all RAM banks from being made available to the application.