WebAssembly Micro Runtime (WAMR)
Go to file
Brian a86eeb273c
Add CodeQL Workflow for Code Security Analysis (#2812)
Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository.
CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in
our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify
and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on nightly-run, and consider runs on every pull request to the main branch in the future.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for third-party code, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and
reviewed the results. The workflow successfully compiles the project, identifies issues, and provides
actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on
every push and pull request to the main branch. To view the results of these code scans, please
follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation
and the CodeQL documentation.

Signed-off-by: Brian <bayuan@purdue.edu>
2024-03-21 12:37:47 +08:00
.devcontainer Update Docker image for latest version of external libraries & tools (#2374) 2023-07-24 17:43:13 +08:00
.github Add CodeQL Workflow for Code Security Analysis (#2812) 2024-03-21 12:37:47 +08:00
build-scripts Add esp32c6 support (#3234) 2024-03-19 08:15:46 +08:00
ci Separate app-manager and app-framework from WAMR (#3129) 2024-02-20 18:12:36 +08:00
core GC: Add wasm_struct_obj_get_field_count API (#3236) 2024-03-18 16:26:30 +08:00
doc trans_wasm_func_name.py: Correct function index during translation (#3232) 2024-03-18 10:32:55 +08:00
language-bindings Small refactor on WASMModuleInstance and fix Go/Python language bindings (#3227) 2024-03-14 15:30:28 +08:00
product-mini Make android platform's cmake flags configurable (#3239) 2024-03-21 11:08:40 +08:00
samples Remove unused argument in wasm_runtime_lookup_function and refactor WASMModuleInstance (#3218) 2024-03-13 12:28:45 +08:00
test-tools trans_wasm_func_name.py: Correct function index during translation (#3232) 2024-03-18 10:32:55 +08:00
tests Download jetstream src from github instead of browserbench.org (#3196) 2024-03-04 14:20:07 +08:00
wamr-compiler Separate app-manager and app-framework from WAMR (#3129) 2024-02-20 18:12:36 +08:00
wamr-sdk Separate app-manager and app-framework from WAMR (#3129) 2024-02-20 18:12:36 +08:00
zephyr zephyr: add module.yml and fix riscv compile error (#763) 2021-09-24 17:43:02 +08:00
.clang-format Customize clang-format coding styles based on Mozilla template (#770) 2021-10-06 09:54:36 +08:00
.clang-tidy Customize clang-format coding styles based on Mozilla template (#770) 2021-10-06 09:54:36 +08:00
.gitignore Separate app-manager and app-framework from WAMR (#3129) 2024-02-20 18:12:36 +08:00
ATTRIBUTIONS.md Separate app-manager and app-framework from WAMR (#3129) 2024-02-20 18:12:36 +08:00
CMakeLists.txt Fix compilation errors on MinGW (#3217) 2024-03-12 17:38:07 +08:00
CODE_OF_CONDUCT.md Restore some files and fix minor issues of SGX platform (#144) 2019-11-21 10:30:57 +08:00
CONTRIBUTING.md Fix LLVM assertion failure and update CONTRIBUTING.md (#3197) 2024-03-04 09:01:40 +08:00
LICENSE Remove unused files and update license header of some files (#138) 2019-11-11 20:38:49 -06:00
ORG_CODE_OF_CONDUCT.md Recover files deleted accidentally in last commit (#143) 2019-11-20 21:31:43 +08:00
README.md Update document to add wamr-rust-sdk introduction (#3204) 2024-03-06 09:29:40 +08:00
RELEASE_NOTES.md Fix read and validation of misc/simd/atomic sub opcodes (#3115) 2024-02-02 12:03:58 +08:00
SConscript Add ia32 support and fix compiling issue for RT-Thread (#730) 2021-09-07 10:20:14 +08:00
SECURITY.md Refer to BA security policy (#635) 2021-05-19 19:59:23 +08:00
TSC_Charter.md Implement most missing wasm-c-api APIs (#303) (#676) 2021-07-28 21:53:37 +08:00

WebAssembly Micro Runtime

A Bytecode Alliance project

GuideWebsiteChat

Build WAMR | Build AOT Compiler | Embed WAMR | Export Native API | Build Wasm Apps | Samples

WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime with small footprint, high performance and highly configurable features for applications cross from embedded, IoT, edge to Trusted Execution Environment (TEE), smart contract, cloud native and so on. It includes a few parts as below:

  • VMcore: A set of runtime libraries for loading and running Wasm modules. It supports several execution modes including interpreter, Ahead-of-Time compilation(AoT) and Just-in-Time compilation (JIT). The WAMR supports two JIT tiers - Fast JIT, LLVM JIT, and dynamic tier-up from Fast JIT to LLVM JIT.
  • iwasm: The executable binary built with WAMR VMcore supports WASI and command line interface.
  • wamrc: The AOT compiler to compile Wasm file into AOT file
  • Useful components and tools for building real solutions with WAMR vmcore:
    • App-framework: A framework for supporting APIs for the Wasm applications
    • App-manager: a framework for dynamical loading the Wasm module remotely
    • WAMR-IDE: An experimental VSCode extension for developping WebAssembly applications with C/C++

Key features

Wasm post-MVP features

Supported architectures and platforms

The WAMR VMcore supports the following architectures:

  • X86-64, X86-32
  • ARM, THUMB (ARMV7 Cortex-M7 and Cortex-A15 are tested)
  • AArch64 (Cortex-A57 and Cortex-A53 are tested)
  • RISCV64, RISCV32 (RISC-V LP64 and RISC-V LP64D are tested)
  • XTENSA, MIPS, ARC

The following platforms are supported, click each link below for how to build iwasm on that platform. Refer to WAMR porting guide for how to port WAMR to a new platform.

Getting started

Performance and memory

Project Technical Steering Committee

The WAMR PTSC Charter governs the operations of the project TSC. The current TSC members:

License

WAMR uses the same license as LLVM: the Apache 2.0 license with the LLVM exception. See the LICENSE file for details. This license allows you to freely use, modify, distribute and sell your own products based on WAMR. Any contributions you make will be under the same license.

More resources