Skip to content

Display Driver Enhancement (after credential rework) #142

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
marcelrru wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Display Driver Enhancement (after credential rework) #142

marcelrru wants to merge 2 commits into from

Conversation

@marcelrru
Copy link
Contributor

@marcelrru marcelrru commented May 13, 2025

What are the changes?

  • Created a new folder for development work of the display driver. included a readme.md file for the dev folder
  • Cleaned the code structure by components/modules of the code into different header files. This is done to make the code more readable and make development easier by assigning different functionalities to its respective header file.
  • Code comments enhancements in the header files outlining its functions/procedures use case and its related parameters, making development easier.
  • WiFi implementation is included, which will allow wireless data transfers which is an important function of the device, connection is working and stable.
  • Clock functionality development is included, which will allow users to see time data and integrate other analysis with time data which is essential for a health-centric wearable. There are some inaccuracies which will be looked into, however there is no build error. The inaccuracies is noted and will be looked into.

Who worked on the changes?

  • Marcel

TODOs

  • Rename files to lowercase

@marcelrru marcelrru requested review from a team as code owners May 13, 2025 04:04
@github-actions
Copy link

github-actions bot commented May 13, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-05-13 04:05:17.121291

Test results:
>> Issue: [B113:request_without_timeout] Call to requests without timeout
   Severity: Medium   Confidence: Low
   CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
   More Info: https://bandit.readthedocs.io/en/1.8.3/plugins/b113_request_without_timeout.html
   Location: ./data_science/voice_assistant/generate_response.py:19:10
18	def get_request(query):
19	    req = requests.get(f'https://www.google.com/search?q={query}')
20	

--------------------------------------------------
>> Issue: [B404:blacklist] Consider possible security implications associated with the subprocess module.
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.3/blacklists/blacklist_imports.html#b404-import-subprocess
   Location: ./data_science/voice_assistant/text_to_speech.py:5:0
4	import os
5	import subprocess
6	# Function to generate a response using our NLP model

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.3/plugins/b607_start_process_with_partial_path.html
   Location: ./data_science/voice_assistant/text_to_speech.py:15:4
14	    time.sleep(2)
15	    subprocess.run(['say', response], check=True)
16	

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.3/plugins/b603_subprocess_without_shell_equals_true.html
   Location: ./data_science/voice_assistant/text_to_speech.py:15:4
14	    time.sleep(2)
15	    subprocess.run(['say', response], check=True)
16	

--------------------------------------------------

Code scanned:
	Total lines of code: 991
	Total lines skipped (#nosec): 0
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 3
		Medium: 1
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 1
		Medium: 0
		High: 3
Files skipped (0):

No critical security issues detected.

The code has passed all critical security checks.

Mouse933
Mouse933 requested changes Jan 18, 2026
View reviewed changes
Copy link

@Mouse933 Mouse933 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, please see my comment regarding the WIFI credentials. This should be changed as it could leave to credentials being exposed in plaintext.

IoT_Wearable/Codebase/Complete_Code/dev_display_driver/wifi_time.h
Copy link

@Mouse933 Mouse933 Jan 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The way the WIFI credentials are setup here may lead to possible data breaches or unauthorised access to networks. While it is a placeholder and needs to be replaced by a user, it could possibly lead to someone having their information exposed once they add their credentials in.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mouse933 Mouse933 Mouse933 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@marcelrru @Mouse933