Merge branch 'main' into qspi-patch

Author: seaxwi

.github/workflows/check-urls.yml

@@ -15,7 +15,7 @@ jobs:
         id: lychee
         uses: lycheeverse/lychee-action@v1
         with:
-          args: --no-progress --verbose --require-https 'content/*/*/*.md'
+          args: --no-progress --verbose --require-https --include-fragments 'content/*/*/*.md' --max-retries 0 --max-concurrency 1
           fail: true
         env:
           CLICOLOR_FORCE: 1

.github/workflows/workflow-validate.yaml

@@ -1,20 +1,24 @@
-name: validate
+name: validate content
 
 on:
   repository_dispatch:
     types: deploy
   push:
     branches:
       - master
+    paths:
+      - 'content/**'
   pull_request:
     types: [opened, synchronize, ready_for_review, reopened]
+    paths:
+      - 'content/**'
 
 jobs:
   markdown:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v1
+      - uses: actions/checkout@v4
 
       - name: Markdownlint
         run: |
@@ -31,7 +35,7 @@ jobs:
       ZENDESK_PASS: ${{ secrets.ZENDESK_TOKEN }}
 
     steps:
-      - uses: actions/checkout@v1
+      - uses: actions/checkout@v4
 
       - name: Preview changes
         run: |

.lycheeignore

@@ -21,6 +21,9 @@ https://app.arduino.cc/sketches
 https://app.arduino.cc/minors
 https://create.arduino.cc/getting-started/loragw/welcome
 https://create.arduino.cc/example/builtin/01.Basics%5CBareMinimum/BareMinimum/preview*
+https://digital-store.arduino.cc/certification/purchase/exam-type*
+https://digital-store.arduino.cc/subscriptions/plans
+
 
 # "Network error: Forbidden" despite working redirect
 https://www.arduino.cc/en/Guide/Troubleshooting
@@ -30,6 +33,13 @@ https://www.aftership.com/
 https://www.digikey.se/product-detail/en/jst-sales-america-inc/PHR-2/455-1165-ND/608607
 https://www.java.com/en/download/manual.jsp
 https://www.amazon.com/gp/help/customer/display.html*
+https://mathworks.com/store*
+https://mathworks.com/support/contact_us.html
+https://mathworks.com/matlabcentral/answers/index
+https://mathworks.com/help/install/install-products.html
+https://mathworks.com/company/aboutus/contact_us/arduino_engineering_kit.html
+https://mathworks.com/campaigns/products/arduino-kit-rev2-license.html
+https://mathworks.com/mwaccount
 
 # Returns [TIMEOUT]
 
@@ -45,4 +55,9 @@ https://www.tindie.com/products/ataradov/cmsis-dap-compliant-swd-debugger/
 # Too many redirects
 
 https://shopify.com/43847352471/account/orders
+https://shopify.com/50616893647/account/orders
 https://www.nongnu.org/avr-libc/user-manual/FAQ.html#faq_cplusplus
+
+# [429] Failed: Network error: Too Many Requests
+
+https://www.amazon.com/stores/Arduino/page/E4CD2702-3533-4B57-8BE2-6786AA74DC08

_deploy/zendesk.mjs

@@ -831,7 +831,7 @@ function getPositionRow(zendeskCategories, zendeskSections, dirPath) {
             category: positionLevels[0],
             section: positionLevels[1],
             source: clc.green(dirPath),
-            target: clc.green(zendeskCategory.html_url.split('-').slice(0, 2).join('-'))
+            target: clc.green(zendeskSection.html_url.split('-').slice(0, 2).join('-'))
         };
     }
 }
@@ -865,7 +865,7 @@ function getPositionRows(zendeskCategories, zendeskSections, localDirPaths) {
                 category: category_name,
                 section: section_name,
                 source: clc.red('Not found'),
-                target: clc.yellow(zendeskCategory.html_url.split('-').slice(0, 2).join('-'))
+                target: clc.yellow(zendeskSection.html_url.split('-').slice(0, 2).join('-'))
             })
         }
     }

content/About Arduino/Arduino Security Bulletins/ASEC-24-002-Security-incident-on-Arduino-infrastructure.md

@@ -0,0 +1,21 @@
+---
+title: ASEC-24-002 - Security incident on Arduino infrastructure
+id: 17406271222684
+---
+
+Bulletin ID: ASEC-24-002  
+Date: Dec 12, 2024  
+Product / Component: Arduino web infrastructure
+
+## Summary
+
+We have recently been made aware that a hacker published a set of information related to our infrastructure on a dark web forum. Our Security Team has investigated the claim and our incident response process has been immediately implemented.
+
+To our knowledge, a leaked API access key has briefly been used to download PDF files representing certificates of completion of Arduino courses, which is not harmful information to our users. The leak was immediately remediated.
+
+This exposure is related to a security incident that happened some months ago, to which we promptly reacted by taking adequate countermeasures. At the moment we have no evidence that the incident can result in harm to the security of our Arduino Web and Cloud services.
+We remain committed to provide the highest security standards and thank you, our community, for your trust and support.
+
+## Contact
+
+If you encounter any issues or have questions regarding this security update, please contact our security team at [email protected].

content/About Arduino/Arduino Security Bulletins/ASEC-25-001-Security-incident-on-Arduino-infrastructure.md

@@ -0,0 +1,33 @@
+---
+title: ASEC-25-001 - Security incident on Arduino infrastructure
+id: 18669669929244
+---
+
+Bulletin ID: ASEC-25-001  
+Date: Feb 24th, 2025  
+Product / Component: Arduino web infrastructure
+
+## Summary
+
+As announced in a previous bulletin [ASEC-24-002](https://support.arduino.cc/hc/en-us/articles/17406271222684-ASEC-24-002-Security-incident-on-Arduino-infrastructure), we had been made aware that a threat actor has published a set of information related to our infrastructure on a dark web forum. After a deep investigation with our Security Team we have determined that, as a consequence of an attack on our web services:
+
+* A set of data related to users of Arduino Cloud services has been exfiltrated. The data were related to a backup taken before 2018, containing user sketches and usernames; no relevant personal data (such as user’s identity information, email, passwords) have been exfiltrated.
+* Some internal infrastructure configuration information including the certificate authority of Arduino Cloud, used to verify the identity of Internet-Of-Things (IoT) devices connected to Arduino Cloud, have been exfiltrated.
+
+As a consequence, we took the following actions:
+
+* We immediately responded to the incident and identified the root cause of the attack, which was related to an API key from one of the SaaS providers involved in providing Arduino services. Furthermore, we conducted thorough internal security analysis and forensic investigations to ensure that no unmanaged risks remained from the leaked data.
+* We informed the Data Protection Authority about the exfiltrated user data.
+* We informed via email all users affected by the issue related to Arduino Cloud IoT devices. An update was provided, instructing them to regenerate device credentials for Arduino Cloud.
+
+## What happens now?
+
+* Login security has not been impacted; Arduino users can rest assured that their login credentials remain valid.
+* The secure channel for Arduino Cloud connectivity has been updated, ensuring that IoT device owners can trust their connections are secure and validated through a newly implemented identity certificate authority.
+  * If you are an Arduino Cloud user and you are unsure about your device's status, visit the Device page on Arduino Cloud at the following link: [https://app.arduino.cc/devices](https://app.arduino.cc/devices). If an update is required, the page will highlight this with an attention mark and provide all the necessary information.
+
+We remain committed to provide the highest security standards and thank you, our community, for your trust and support.
+
+## Contact
+
+If you encounter any issues or have questions regarding this security update, please contact our security team at [email protected].

content/About Arduino/Arduino Security Bulletins/ASEC-25-002-Arduino-CLI-v1-2-0-update-resolves-vulnerabilities-in-go-git-library.md

@@ -0,0 +1,43 @@
+---
+title: ASEC-25-002 - Arduino-CLI v1.2.0 update resolves vulnerabilities in go-git library
+id: 18707958449692
+---
+
+Bulletin ID: ASEC-25-002  
+Date: Feb 24, 2025  
+Product/Component: Arduino-CLI  
+Affected versions: \<= 1.1.1  
+Fixed version: 1.2.0
+
+## Summary
+
+A new release of **Arduino-CLI (v1.2.0)** is now available at the following link: [Arduino-CLI v1.2.0 Release](https://github.com/arduino/arduino-cli/releases/tag/v1.2.0). This release includes several improvements and updates, notably the upgrade of the **go-git** library to version **5.13.2**, which addresses multiple security vulnerabilities affecting earlier versions of the library. Specifically, this update mitigates the following Common Vulnerabilities and Exposures (CVEs):
+
+* **CVE-2025-21614**
+* **CVE-2025-21613**
+
+## Action Required
+
+To ensure security and stability, users are advised to **update Arduino-CLI to version v1.2.0** as soon as possible. This update automatically includes the patched version of **go-git (v5.13.2)**, eliminating the associated vulnerabilities.
+
+**Update Steps:**
+
+1. Download the latest version from the official release page: [Arduino-CLI v1.2.0](https://github.com/arduino/arduino-cli/releases/tag/v1.2.0).
+2. Follow the installation instructions provided in the documentation.
+3. Verify that the update was successful by running `arduino-cli version` to ensure it reflects v1.2.0.
+
+Additionally, Arduino-CLI version v1.2.0 will be included starting from Arduino IDE v2.3.5.
+
+## Additional Information
+
+For further details regarding the resolved vulnerabilities, refer to the following CVE reports:
+
+* [CVE-2025-21614](https://nvd.nist.gov/vuln/detail/CVE-2025-21614)
+* [CVE-2025-21613](https://nvd.nist.gov/vuln/detail/CVE-2025-21613)
+* [Arduino-CLI v1.2.0 Release](https://github.com/arduino/arduino-cli/releases/tag/v1.2.0)
+
+For any questions or support, please refer to the [Arduino-CLI GitHub repository](https://github.com/arduino/arduino-cli) or the official support channels.
+
+## Contact
+
+If you encounter any issues or have questions regarding this security update, please contact our security team at [email protected].

content/About Arduino/Arduino Security Bulletins/ASEC-25-003-Arduino-IDE-v2-3-5-Resolves-Multiple-Vulnerabilities.md

@@ -0,0 +1,53 @@
+---
+title: ASEC-25-003 - Arduino-IDE v2.3.5 Resolves Multiple Vulnerabilities
+id: 19367547630748
+---
+
+Bulletin ID: ASEC-25-003  
+Date: Apr 3, 2025  
+Product/Component: Arduino-IDE  
+Affected versions: \<= 2.3.4  
+Fixed version: \>= 2.3.5
+
+## Summary
+
+A new version of the Arduino IDE (v2.3.5) is now available at the following link: [Arduino IDE v2.3.5 Release](https://github.com/arduino/arduino-ide/releases/tag/2.3.5).
+
+This release includes several improvements and updates, notably:
+
+* Upgrading the underlying Theia IDE to version v1.57.0.
+* Updating the Arduino CLI component to version v1.2.0, which addresses multiple security vulnerabilities affecting external components.
+* Additionally, this update includes a dedicated security fix for the CVE-2025-27608 vulnerability that affects all Arduino IDE versions before version v2.3.5. Further details are available in the official security advisory at the following link: [GHSA-252h-4j5q-88pc](https://github.com/arduino/arduino-ide/security/advisories/GHSA-252h-4j5q-88pc).
+
+Specifically, this update mitigates the following Common Vulnerabilities and Exposures (CVEs):
+
+* CVE-2025-21614
+* CVE-2025-21613
+* CVE-2025-27608
+
+## Action Required
+
+To ensure security and stability, users are advised to update Arduino-IDE to version v2.3.5 as soon as possible. This update automatically includes all patches described above.
+
+**Update Steps:**
+
+1. Download the latest version from the official release page: [https://www.arduino.cc/en/software](https://www.arduino.cc/en/software)
+2. Follow the installation instructions provided in the documentation.
+3. Verify that the update was successful.
+
+## Additional Information
+
+For further details regarding the resolved vulnerabilities, refer to the following CVE reports:
+
+* [Arduino-IDE v2.3.5 Release](https://github.com/arduino/arduino-ide/releases/tag/2.3.5)
+* [CVE-2025-27608](https://nvd.nist.gov/vuln/detail/CVE-2025-27608)
+* [GHSA-252h-4j5q-88pc](https://github.com/arduino/arduino-ide/security/advisories/GHSA-252h-4j5q-88pc)
+* [Arduino-CLI v1.2.0 Release](https://github.com/arduino/arduino-cli/releases/tag/v1.2.0)
+* [CVE-2025-21614](https://nvd.nist.gov/vuln/detail/CVE-2025-21614)
+* [CVE-2025-21613](https://nvd.nist.gov/vuln/detail/CVE-2025-21613)
+
+For any questions or support, please refer to the [Arduino-IDE GitHub repository](https://github.com/arduino/arduino-ide) or the official support channels.
+
+## Contact
+
+If you encounter any issues or have questions regarding this security update, please contact our security team at [email protected].

content/About Arduino/My Arduino Account/Create-an-Arduino-account-for-juniors.md

@@ -5,64 +5,61 @@ id: 360022234360
 
 Minors under the age of 14 need parental consent to sign up for an Arduino account. This is called a **junior account**.
 
-* Adults can [create junior accounts from their profile page](#adult-create).
-* Juniors can also [request permission from their parents](#junior-request).
+In this article:
+
+* [Create a junior account for your child](#adult-create)
+* [Request an account from your parent](#junior-request)
 
 ---
 
-<h2 id="adult-create">Sign up your junior from an adult account</h2>
+## Create a junior account for your child {#adult-create}
 
-1. Go to the [Profile page](https://id.arduino.cc/). Sign in if prompted or, if you haven't done so, [create an Arduino account](https://support.arduino.cc/hc/en-us/articles/360016724040).
+1. Sign into [id.arduino.cc/minors](https://id.arduino.cc/minors).
 
-2. Under _Junior Accounts_, click on **Set Up Junior Account**.
+2. Find the _Your Junior Accounts_ section.
 
-   ![The Junior Accounts section on the profile page.](img/profile-page-without-junior-account.png)
+3. Select **Add Account**.
 
-3. Enter the following profile info:
+4. Configure the new junior account:
 
-   * Optional: Change the avatar.
-   * Optional: Regenerate the randomly assigned username.
-   * **Required:** Enter a password.
-   * **Required:** Enter the junior's date of birth.
+   * Select an avatar (optional)
+   * Regenerate the randomly assigned username (optional)
+   * Enter a password.
+   * Enter the junior's date of birth (DD/MM/YYYY).
 
    When done, click **Next**.
 
-   ![Creating a new junior account.](img/create-junior-account-as-parent.png)
-
-4. Agree to the terms of parental consent and click Create Account.
+   > [!IMPORTANT]
+   > If you are unable to proceed, ensure that the password meets the requirements.
 
-The junior account will be created and added to the Junior Accounts section.
+5. Agree to the terms of parental consent and click Create Account.
 
-![The Junior Accounts section on the profile page with one associated junior account.](img/profile-page-with-junior-account.png)
+The junior account will be created and added to the list of your junior accounts.
 
 ---
 
-<h2 id="junior-request">Request permission as a junior</h2>
-
-1. Go to [arduino.cc](https://www.arduino.cc/) and click Sign In in the top-right to open the [sign-in page](https://login.arduino.cc/login).
+## Request an account from your parent {#junior-request}
 
-   ![The sign in button on arduino.cc](img/arduino-cc-sign-in-button.png)
+1. Go to [junior.arduino.cc](https://junior.arduino.cc/).
 
-   > If another account is signed in, click the ![Profile icon](img/symbol_profile.png) profile button and select 'Sign Out' first.
+   > [!NOTE]
+   > If another account is signed in, click the profile button and select Sign Out first.
 
-2. Below the **Sign In** button, find the text "Don't have an account yet?", and click on **Create one** to proceed.
+2. Below the Sign In button, and click on **Create your account** to proceed.
 
-   ![The arduino.cc sign in page. An arrow highlights the link for signing up with email,.](img/arduino-account-sign-in-create-button.png)
+3. Enter your date of birth (DD/MM/YYYY) and click **Next**.
 
-3. Enter your date of birth, then click on Next.
+4. Configure the new junior account:
 
-   ![Entering date of birth.](img/arduino-account-sign-up-dob.png)
+   * Select an avatar (optional)
+   * Regenerate the randomly assigned username (optional)
+   * Enter a password.
 
-4. Enter the following profile info:
-
-   * Optional: Change the avatar.
-   * Optional: Regenerate your randomly assigned username.
-   * **Required:** Enter a password.
-
-   ![Signing up to Arduino.](img/create-junior-account-as-junior.png)
+   When done, click **Next**.
 
-5. Type in your parent's email address in both fields. Make sure that you provide the correct email address. Click on **Send Email**.
+   > [!IMPORTANT]
+   > If you are unable to proceed, ensure that the password meets the requirements.
 
-   ![Entering parent email address.](img/create-junior-account-parent-email.png)
+5. Type in and confirm your parent's email address.
 
 An email will be sent to your parent with instructions on how to finalize your account.

content/About Arduino/My Arduino Account/Disable-2-Step-Verification-for-your-Arduino-account.md

@@ -10,16 +10,14 @@ If you need to change your mobile device or perform a factory reset, you can dis
 
 ---
 
-1. Go to your [Arduino account profile](https://id.arduino.cc/).
+Follow these steps:
 
-2. Click on **Disable** under the Security section. A message will be displayed stating that you will receive an email. It will send the email to the address listed in the account settings section.
+1. Sign into [id.arduino.cc/security](https://id.arduino.cc/security).
 
-   ![Security section highlighted in the profile page](img/2factorAuth1.png)
+2. Find the _2 steps verification_ section.
 
-3. Check your email for a message with the subject **Disable Arduino 2-step verification**. Click the link.
+3. Click on **Disable**.
 
-   !["Disable Arduino 2-step verification" email containing deactivation link](img/2factorAuth2.png)
+4. Check the email inbox linked to your Arduino account and open the message from **noreply<!-- nolink-->@arduino.cc**.
 
-4. After clicking on the link, 2-step verification will be disabled.
-
-   !["The Two Factor authentication has been successfully disabled" written in profile page](img/2factorAuth3.png)
+5. Follow the instructions in the email to disable 2-step verification for your Arduino account.