diff --git a/.config/flakebox/id b/.config/flakebox/id index f39c5404ab5..61a9856cd52 100644 --- a/.config/flakebox/id +++ b/.config/flakebox/id @@ -1 +1 @@ -b9b059bd4917f7871f723d03b6339848449615c05ac21e50db8c74298f396dd8ce6f39aa30b2c1cb9d172331d1f0c7d30a760a99fcb4f71e96d29abc9f40de05 +8b500e9b1668f7c2d33d46f81b90e8fdd786f16ee6c13ebbdd1b618c38d41406a419372828ca6c517ebaa9b9934bfe5b89807e680d7781d910c2e1ca6d378890 diff --git a/.config/nextest.toml b/.config/nextest.toml index b94008fc424..ac8001be8bc 100644 --- a/.config/nextest.toml +++ b/.config/nextest.toml @@ -15,3 +15,6 @@ slow-timeout = { period = "30s", terminate-after = 3 } # possibly due to writing to a shared tracing file(?) [profile.nix-ccov] slow-timeout = { period = "30s", terminate-after = 4 } + +[profile.release] +slow-timeout = { period = "30s", terminate-after = 4 } diff --git a/.github/workflows/ci-nix.yml b/.github/workflows/ci-nix.yml index c5105081dd2..2a2ceb43dde 100644 --- a/.github/workflows/ci-nix.yml +++ b/.github/workflows/ci-nix.yml @@ -67,6 +67,13 @@ jobs: - name: Check `nix flake show` run: nix flake show .# + # Since we don't have capacity to build Darwin in PRs, at least make sure it evaluates + - name: Evaluate MacOS shell + run: nix eval --system aarch64-darwin .#devShells.aarch64-darwin.default + + - name: Evaluate MacOS build + run: nix eval --system aarch64-darwin .#workspaceBuild + shell: if: github.repository == 'fedimint/fedimint' strategy: diff --git a/Cargo.toml b/Cargo.toml index 73d3fab5cbb..919960850ec 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -61,7 +61,7 @@ members = [ "modules/fedimint-wallet-common", "modules/fedimint-wallet-server", "modules/fedimint-wallet-tests", - "utils/portalloc", + "utils/portalloc" ] resolver = "2" @@ -224,6 +224,9 @@ rand_chacha = { opt-level = 3 } rand_core = { opt-level = 3 } rand = { opt-level = 3 } ring = { opt-level = 3 } +# due to some miscompilation(?) this seems actually neccessary, +# otherwise we see segfaults in Nix sandbox +librocksdb-sys = { opt-level = 3 } rustls = { opt-level = 3 } secp256k1 = { opt-level = 3 } secp256k1-sys = { opt-level = 3 } diff --git a/crypto/tbs/Cargo.toml b/crypto/tbs/Cargo.toml index 6377ab82b88..f7ee6ab7d1a 100644 --- a/crypto/tbs/Cargo.toml +++ b/crypto/tbs/Cargo.toml @@ -18,6 +18,7 @@ path = "src/lib.rs" [[bench]] name = "tbs" +path = "benches/tbs.rs" harness = false [dependencies] diff --git a/deny.toml b/deny.toml index 8c6358fa74e..78eead5303e 100644 --- a/deny.toml +++ b/deny.toml @@ -11,6 +11,9 @@ # Root options +# The graph table configures how the dependency graph is constructed and thus +# which crates the checks are performed against +[graph] # If 1 or more target triples (and optionally, target_features) are specified, # only the specified targets will be checked when running `cargo deny check`. # This means, if a particular package is only ever used as a target specific @@ -22,7 +25,7 @@ targets = [ # The triple can be any string, but only the target triples built in to # rustc (as of 1.40) can be checked against actual config expressions - #{ triple = "x86_64-unknown-linux-musl" }, + #"x86_64-unknown-linux-musl", # You can also specify which target_features you promise are enabled for a # particular target. target_features are currently not validated against # the actual valid features supported by the target architecture. @@ -46,46 +49,31 @@ no-default-features = false # If set, these feature will be enabled when collecting metadata. If `--features` # is specified on the cmd line they will take precedence over this option. #features = [] + +# The output table provides options for how/if diagnostics are outputted +[output] # When outputting inclusion graphs in diagnostics that include features, this # option can be used to specify the depth at which feature edges will be added. # This option is included since the graphs can be quite large and the addition # of features from the crate(s) to all of the graph roots can be far too verbose. # This option can be overridden via `--feature-depth` on the cmd line -feature-depth = 1 +feature-depth = 0 # This section is considered when running `cargo deny check advisories` # More documentation for the advisories section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html [advisories] -# The path where the advisory database is cloned/fetched into +# The path where the advisory databases are cloned/fetched into db-path = "~/.cargo/advisory-db" # The url(s) of the advisory databases to use -db-urls = ["https://github.com/rustsec/advisory-db"] -# The lint level for security vulnerabilities -vulnerability = "deny" -# The lint level for unmaintained crates -unmaintained = "warn" -# The lint level for crates that have been yanked from their source registry -yanked = "warn" -# The lint level for crates with security notices. Note that as of -# 2019-12-17 there are no security notice advisories in -# https://github.com/rustsec/advisory-db -notice = "warn" +#db-urls = ["https://github.com/rustsec/advisory-db"] # A list of advisory IDs to ignore. Note that ignored advisories will still # output a note when they are encountered. ignore = [ - #"RUSTSEC-0000-0000", + { id = "RUSTSEC-2024-0370", reason = "TODO" }, + { id = "RUSTSEC-2024-0388", reason = "TODO" }, + { id = "RUSTSEC-2023-0071", reason = "TODO: fix unreleased" }, ] -# Threshold for security vulnerabilities, any vulnerability with a CVSS score -# lower than the range specified will be ignored. Note that ignored advisories -# will still output a note when they are encountered. -# * None - CVSS Score 0.0 -# * Low - CVSS Score 0.1 - 3.9 -# * Medium - CVSS Score 4.0 - 6.9 -# * High - CVSS Score 7.0 - 8.9 -# * Critical - CVSS Score 9.0 - 10.0 -#severity-threshold = - # If this is true, then cargo deny will use the git executable to fetch advisory database. # If this is false, then it uses a built-in git library. # Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support. @@ -96,8 +84,6 @@ ignore = [ # More documentation for the licenses section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html [licenses] -# The lint level for crates which do not have a detectable license -unlicensed = "deny" # List of explicitly allowed licenses # See https://spdx.org/licenses/ for list of possible licenses # [possible values: any SPDX 3.11 short identifier (+ optional exception)]. @@ -113,27 +99,8 @@ allow = [ "MITNFA", "Unicode-3.0", "Zlib", + "OpenSSL" ] -# List of explicitly disallowed licenses -# See https://spdx.org/licenses/ for list of possible licenses -# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. -deny = [ - #"Nokia", -] -# Lint level for licenses considered copyleft -copyleft = "warn" -# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses -# * both - The license will be approved if it is both OSI-approved *AND* FSF -# * either - The license will be approved if it is either OSI-approved *OR* FSF -# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF -# * fsf-only - The license will be approved if is FSF *AND NOT* OSI-approved -# * neither - This predicate is ignored and the default lint level is used -allow-osi-fsf-free = "neither" -# Lint level used when no other predicates are matched -# 1. License isn't in the allow or deny lists -# 2. License isn't copyleft -# 3. License isn't OSI/FSF, or allow-osi-fsf-free = "neither" -default = "deny" # The confidence threshold for detecting a license from license text. # The higher the value, the more closely the license text must be to the # canonical license text of a valid SPDX license file. @@ -151,26 +118,32 @@ exceptions = [ { allow = [ "Unicode-DFS-2016", ], name = "unicode-ident" }, - { allow = [ - "OpenSSL", - ], name = "ring" }, ] # Some crates don't have (easily) machine readable licensing information, # adding a clarification entry for it allows you to manually specify the # licensing information -[[licenses.clarify]] -name = "ring" -# SPDX considers OpenSSL to encompass both the OpenSSL and SSLeay licenses -# https://spdx.org/licenses/OpenSSL.html -# ISC - Both BoringSSL and ring use this for their new files -# MIT - "Files in third_party/ have their own licenses, as described therein. The MIT -# license, for third_party/fiat, which, unlike other third_party directories, is -# compiled into non-test libraries, is included below." -# OpenSSL - Obviously -expression = "ISC AND MIT AND OpenSSL" -license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }] +#[[licenses.clarify]] +# The package spec the clarification applies to +#crate = "ring" +# The SPDX expression for the license requirements of the crate +#expression = "MIT AND ISC AND OpenSSL" +# One or more files in the crate's source used as the "source of truth" for +# the license expression. If the contents match, the clarification will be used +# when running the license check, otherwise the clarification will be ignored +# and the crate will be checked normally, which may produce warnings or errors +# depending on the rest of your configuration +#license-files = [ +# Each entry is a crate relative path, and the (opaque) hash of its contents +#{ path = "LICENSE", hash = 0xbd0eed23 } +#] +[[licenses.clarify]] +crate = "ring" +expression = "MIT AND ISC AND OpenSSL" +license-files = [ + { path = "LICENSE", hash = 0xbd0eed23 } +] [licenses.private] # If true, ignores workspace crates that aren't published, or are only @@ -190,7 +163,7 @@ registries = [ # https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html [bans] # Lint level for when multiple versions of the same crate are detected -multiple-versions = "warn" +multiple-versions = "allow" # Lint level for when a crate version requirement is `*` wildcards = "allow" # The graph highlighting used when creating dotgraphs for crates @@ -209,24 +182,23 @@ workspace-default-features = "allow" external-default-features = "allow" # List of crates that are allowed. Use with care! allow = [ - #{ name = "ansi_term", version = "=0.11.0" }, + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is allowed" }, ] # List of crates to deny deny = [ - # Each entry the name of a crate and a version range. If version is - # not specified, all versions will be matched. - #{ name = "ansi_term", version = "=0.11.0" }, - # + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is banned" }, # Wrapper crates can optionally be specified to allow the crate when it # is a direct dependency of the otherwise banned crate - #{ name = "ansi_term", version = "=0.11.0", wrappers = [] }, + #{ crate = "ansi_term@0.11.0", wrappers = ["this-crate-directly-depends-on-ansi_term"] }, ] # List of features to allow/deny # Each entry the name of a crate and a version range. If version is # not specified, all versions will be matched. #[[bans.features]] -#name = "reqwest" +#crate = "reqwest" # Features to not allow #deny = ["json"] # Features to allow @@ -247,14 +219,16 @@ deny = [ # Certain crates/versions that will be skipped when doing duplicate detection. skip = [ - #{ name = "ansi_term", version = "=0.11.0" }, + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason why it can't be updated/removed" }, ] # Similarly to `skip` allows you to skip certain crates during duplicate # detection. Unlike skip, it also includes the entire tree of transitive # dependencies starting at the specified crate, up to a certain depth, which is # by default infinite. skip-tree = [ - #{ name = "ansi_term", version = "=0.11.0", depth = 20 }, + #"ansi_term@0.11.0", # will be skipped along with _all_ of its direct and transitive dependencies + #{ crate = "ansi_term@0.11.0", depth = 20 }, ] # This section is considered when running `cargo deny check sources`. @@ -274,9 +248,9 @@ allow-registry = ["https://github.com/rust-lang/crates.io-index"] allow-git = [] [sources.allow-org] -# 1 or more github.com organizations to allow git sources for -github = [""] -# 1 or more gitlab.com organizations to allow git sources for -gitlab = [""] -# 1 or more bitbucket.org organizations to allow git sources for -bitbucket = [""] +# github.com organizations to allow git sources for +github = [] +# gitlab.com organizations to allow git sources for +gitlab = [] +# bitbucket.org organizations to allow git sources for +bitbucket = [] diff --git a/devimint/src/cfg/bitcoin.conf b/devimint/src/cfg/bitcoin.conf index f4cc65043a8..268c6391199 100644 --- a/devimint/src/cfg/bitcoin.conf +++ b/devimint/src/cfg/bitcoin.conf @@ -8,6 +8,10 @@ zmqpubrawblock=tcp://127.0.0.1:{zmq_pub_raw_block} zmqpubrawtx=tcp://127.0.0.1:{zmq_pub_raw_tx} rpcworkqueue=1024 rpcthreads=64 +# workaround: https://github.com/lightningnetwork/lnd/issues/9053#issuecomment-2408658986 +deprecatedrpc=warnings [regtest] port={p2p_port} +bind=[::1]:{p2p_port} rpcport={rpc_port} +rpcbind=[:1]:{rpc_port} diff --git a/fedimint-api-client/Cargo.toml b/fedimint-api-client/Cargo.toml index bc7bf07a115..dd6ed0ae38b 100644 --- a/fedimint-api-client/Cargo.toml +++ b/fedimint-api-client/Cargo.toml @@ -18,7 +18,7 @@ tor = [ "dep:curve25519-dalek", "arti-client/tokio", "arti-client/rustls", - "arti-client/onion-service-client", + "arti-client/onion-service-client" ] [lib] diff --git a/fedimint-client/src/module/init/recovery.rs b/fedimint-client/src/module/init/recovery.rs index 5fbd5b1c998..75d1eecac18 100644 --- a/fedimint-client/src/module/init/recovery.rs +++ b/fedimint-client/src/module/init/recovery.rs @@ -250,7 +250,7 @@ where ) -> impl futures::Stream), ShuttingDownError>> + 'a { // How many request for blocks to run in parallel (streaming). - const PARALLISM_LEVEL: usize = 64; + const PARALLELISM_LEVEL: usize = 64; const VERSION_THAT_INTRODUCED_GET_SESSION_STATUS: ApiVersion = ApiVersion { major: 0, minor: 1 }; @@ -294,7 +294,7 @@ where const MAX_SLEEP: Duration = Duration::from_secs(120); warn!(target: LOG_CLIENT_RECOVERY, e = %e, session_idx, "Error trying to fetch signed block"); - // We don't want PARALLISM_LEVEL tasks hammering Federation + // We don't want PARALLELISM_LEVEL tasks hammering Federation // with requests, so max sleep is significant if retry_sleep <= MAX_SLEEP { retry_sleep = retry_sleep @@ -310,7 +310,7 @@ where }).await.expect("Can't fail") }) }) - .buffered(PARALLISM_LEVEL) + .buffered(PARALLELISM_LEVEL) } /// Make enough progress to justify saving a state snapshot diff --git a/fedimint-logging/Cargo.toml b/fedimint-logging/Cargo.toml index 955882799a3..4666376bc3c 100644 --- a/fedimint-logging/Cargo.toml +++ b/fedimint-logging/Cargo.toml @@ -13,7 +13,7 @@ telemetry = [ "tracing-opentelemetry", "opentelemetry-jaeger", "console-subscriber", - "opentelemetry", + "opentelemetry" ] [lib] diff --git a/flake.lock b/flake.lock index 1c236917aec..4ac06804e3f 100644 --- a/flake.lock +++ b/flake.lock @@ -51,17 +51,17 @@ ] }, "locked": { - "lastModified": 1727381935, - "narHash": "sha256-G2fOYRZM7bXK5eBb+GK3k/WmO+q5JA/GtFwSPc3kdc8=", + "lastModified": 1732566114, + "narHash": "sha256-rgFf/qq7vR4KKRfZ55jnWN+d7WjE8Qhz6BYywsbD79w=", "owner": "tadfisher", "repo": "android-nixpkgs", - "rev": "522d86121cbd413aff922c54f38106ecf8740107", + "rev": "4ecd9e0da0a955a180a429196f59a8716d1dd138", "type": "github" }, "original": { "owner": "tadfisher", "repo": "android-nixpkgs", - "rev": "522d86121cbd413aff922c54f38106ecf8740107", + "rev": "4ecd9e0da0a955a180a429196f59a8716d1dd138", "type": "github" } }, @@ -432,17 +432,17 @@ "systems": "systems_9" }, "locked": { - "lastModified": 1732069381, - "narHash": "sha256-VxcRudAk01/4gj4o/xg7ByteA1qiUVU1HTvX10XO0vM=", + "lastModified": 1732580446, + "narHash": "sha256-A7Y0FHFVEns8m/Az3S4XT9iujTpQ//xhB3TJ6rwPZdw=", "owner": "dpc", "repo": "flakebox", - "rev": "171f3a1d83652d9db33992322f8793326a3b4df3", + "rev": "8e152e27b55df489192b86a14e946e1c983daabe", "type": "github" }, "original": { "owner": "dpc", "repo": "flakebox", - "rev": "171f3a1d83652d9db33992322f8793326a3b4df3", + "rev": "8e152e27b55df489192b86a14e946e1c983daabe", "type": "github" } }, @@ -500,6 +500,22 @@ "type": "github" } }, + "nixpkgs-old": { + "locked": { + "lastModified": 1704290814, + "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1629252929, @@ -533,16 +549,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1731797254, - "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "lastModified": 1731755305, + "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } @@ -555,7 +571,8 @@ "fenix": "fenix_2", "flake-utils": "flake-utils_5", "flakebox": "flakebox_2", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_4", + "nixpkgs-old": "nixpkgs-old" } }, "rust-analyzer-src": { diff --git a/flake.nix b/flake.nix index b570f5279a7..1d17a4c4af4 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,10 @@ { inputs = { nixpkgs = { - url = "github:nixos/nixpkgs/nixos-24.05"; + url = "github:nixos/nixpkgs/nixos-24.11"; + }; + nixpkgs-old = { + url = "github:nixos/nixpkgs/nixos-23.05"; }; flake-utils.url = "github:numtide/flake-utils"; fenix = { @@ -9,7 +12,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; flakebox = { - url = "github:dpc/flakebox?rev=171f3a1d83652d9db33992322f8793326a3b4df3"; + url = "github:dpc/flakebox?rev=8e152e27b55df489192b86a14e946e1c983daabe"; inputs.nixpkgs.follows = "nixpkgs"; inputs.fenix.follows = "fenix"; }; @@ -31,6 +34,7 @@ { self, nixpkgs, + nixpkgs-old, flake-utils, flakebox, cargo-deluxe, @@ -41,7 +45,6 @@ let # overlay combining all overlays we use overlayAll = nixpkgs.lib.composeManyExtensions [ - (import ./nix/overlays/rocksdb.nix) (import ./nix/overlays/wasm-bindgen.nix) (import ./nix/overlays/cargo-nextest.nix) (import ./nix/overlays/esplora-electrs.nix) @@ -68,12 +71,24 @@ // flake-utils.lib.eachDefaultSystem ( system: let + pkgs-old = import nixpkgs-old { + inherit system; + overlays = [ + overlayAll + ]; + }; pkgs = import nixpkgs { inherit system; overlays = [ overlayAll - (final: prev: { cargo-deluxe = cargo-deluxe.packages.${system}.default; }) + (final: prev: { + cargo-deluxe = cargo-deluxe.packages.${system}.default; + # use old CLN, until https://github.com/NixOS/nixpkgs/pull/358063 possibly + # resolves some python on darwin breakage + # https://github.com/NixOS/nixpkgs/blob/470e6e641f412894086b6df2f204847bd3905f17/pkgs/development/python-modules/jaraco-path/default.nix#L34 + clightning = pkgs-old.clightning; + }) ]; }; @@ -130,7 +145,16 @@ }; }; - toolchainArgs = { }; + toolchainArgs = lib.optionalAttrs stdenv.isLinux { + # TODO: we seem to be hitting some miscompilation(?) with + # the new (as of nixos-24.11 default: clang 18), which causes + # fedimint-cli segfault randomly, but only in Nix sandbox. + # Supper weird. + stdenv = pkgs.clang14Stdenv; + clang = pkgs.llvmPackages_14.clang; + libclang = pkgs.llvmPackages_14.libclang.lib; + clang-unwrapped = pkgs.llvmPackages_14.clang-unwrapped; + }; stdTargets = flakeboxLib.mkStdTargets { }; stdToolchains = flakeboxLib.mkStdToolchains toolchainArgs; @@ -277,6 +301,7 @@ pkgs.cargo-deny pkgs.cargo-sort pkgs.parallel + pkgs.nixfmt-rfc-style pkgs.just pkgs.time pkgs.gawk @@ -288,17 +313,6 @@ (pkgs.hiPrio pkgs.bashInteractive) pkgs.tmux pkgs.tmuxinator - (pkgs.mprocs.overrideAttrs ( - final: prev: { - patches = prev.patches ++ [ - (pkgs.fetchurl { - url = "https://github.com/pvolok/mprocs/pull/88.patch"; - name = "clipboard-fix.patch"; - sha256 = "sha256-9dx1vaEQ6kD66M+vsJLIq1FK+nEObuXSi3cmpSZuQWk="; - }) - ]; - } - )) pkgs.docker-compose pkgs.tokio-console pkgs.git @@ -379,10 +393,11 @@ libbfd_2_38 libunwind.dev libopcodes_2_38 - libblocksruntime + pkgsStatic.libblocksruntime lldb clang ]; + } ); diff --git a/misc/git-hooks/pre-commit b/misc/git-hooks/pre-commit index f6c364084a6..83b138ab737 100755 --- a/misc/git-hooks/pre-commit +++ b/misc/git-hooks/pre-commit @@ -39,7 +39,6 @@ function check_cargo_sort() { set -eo pipefail cargo sort -w -g --order package,features,bin,lib,test,bench,dependencies,dev-dependencies,build-dependencies --check >/dev/null - } export -f check_cargo_sort @@ -47,7 +46,6 @@ function check_cargo_fmt() { set -euo pipefail flakebox-in-each-cargo-workspace cargo fmt --all --check - } export -f check_cargo_fmt @@ -56,7 +54,6 @@ function check_cargo_lock() { # https://users.rust-lang.org/t/check-if-the-cargo-lock-is-up-to-date-without-building-anything/91048/5 flakebox-in-each-cargo-workspace cargo update --workspace --locked |& while read -r note ; do echo "$note (cargo)"; done - } export -f check_cargo_lock @@ -93,7 +90,6 @@ function check_check_forbidden_dependencies() { return 1 fi done - } export -f check_check_forbidden_dependencies @@ -112,10 +108,18 @@ function check_leftover_dbg() { >&2 echo "Fix the problems above or use --no-verify" 1>&2 return 1 fi - } export -f check_leftover_dbg +function check_nixfmt() { + set -euo pipefail + + # we actually rely on word splitting here + # shellcheck disable=SC2046 + nixfmt -c $(echo "$FLAKEBOX_GIT_LS_TEXT" | grep "\.nix$") +} +export -f check_nixfmt + function check_semgrep() { set -euo pipefail @@ -137,7 +141,6 @@ function check_semgrep() { env SEMGREP_ENABLE_VERSION_CHECK=0 \ semgrep -q --error --no-rewrite-rule-ids --config .config/semgrep.yaml - } export -f check_semgrep @@ -147,7 +150,6 @@ function check_shellcheck() { for path in $(echo "$FLAKEBOX_GIT_LS_TEXT" | grep -E '.*\.sh$'); do shellcheck --severity=warning "$path" done - } export -f check_shellcheck @@ -163,7 +165,6 @@ function check_trailing_whitespace() { >&2 echo "Trailing whitespace detected. Please remove them before committing." return 1 fi - } export -f check_trailing_whitespace @@ -174,7 +175,6 @@ function check_typos() { >&2 echo "Typos found: Valid new words can be added to '.typos.toml'" return 1 fi - } export -f check_typos @@ -186,6 +186,7 @@ parallel \ check_cargo_lock \ check_check_forbidden_dependencies \ check_leftover_dbg \ + check_nixfmt \ check_semgrep \ check_shellcheck \ check_trailing_whitespace \ diff --git a/modules/fedimint-mint-client/Cargo.toml b/modules/fedimint-mint-client/Cargo.toml index 1d64d392e43..d0f665cbb7b 100644 --- a/modules/fedimint-mint-client/Cargo.toml +++ b/modules/fedimint-mint-client/Cargo.toml @@ -21,6 +21,7 @@ path = "src/lib.rs" [[bench]] name = "notes" +path = "benches/notes.rs" harness = false [dependencies] diff --git a/modules/fedimint-wallet-client/src/lib.rs b/modules/fedimint-wallet-client/src/lib.rs index d205cd547f7..7488e329355 100644 --- a/modules/fedimint-wallet-client/src/lib.rs +++ b/modules/fedimint-wallet-client/src/lib.rs @@ -770,7 +770,7 @@ impl WalletClientModule { Ok(self.client_ctx.outcome_or_updates(&operation, operation_id, || { let stream_rpc = self.rpc.clone(); - let stream_cient_ctx = self.client_ctx.clone(); + let stream_client_ctx = self.client_ctx.clone(); let stream_script_pub_key = address.assume_checked().script_pubkey(); stream! { @@ -809,7 +809,7 @@ impl WalletClientModule { btc_out_point }; - let claim_data = stream_cient_ctx.module_db().wait_key_exists(&ClaimedPegInKey { + let claim_data = stream_client_ctx.module_db().wait_key_exists(&ClaimedPegInKey { peg_in_index: tweak_idx, btc_out_point, }).await; @@ -819,7 +819,7 @@ impl WalletClientModule { btc_out_point }; - match stream_cient_ctx.await_primary_module_outputs(operation_id, claim_data.change).await { + match stream_client_ctx.await_primary_module_outputs(operation_id, claim_data.change).await { Ok(_) => yield DepositStateV2::Claimed { btc_deposited, btc_out_point diff --git a/modules/fedimint-wallet-server/src/lib.rs b/modules/fedimint-wallet-server/src/lib.rs index 0ea00a14a1c..dffab769118 100644 --- a/modules/fedimint-wallet-server/src/lib.rs +++ b/modules/fedimint-wallet-server/src/lib.rs @@ -573,7 +573,7 @@ impl ServerModule for Wallet { ensure!( module_consensus_version > current_vote, - "Module consenus version vote is redundant" + "Module consensus version vote is redundant" ); dbtx.insert_entry(&ConsensusVersionVoteKey(peer), &module_consensus_version) diff --git a/nix/flakebox.nix b/nix/flakebox.nix index 4a7d782d40f..51aa52bce6e 100644 --- a/nix/flakebox.nix +++ b/nix/flakebox.nix @@ -125,7 +125,9 @@ let } // pkgs.lib.optionalAttrs (!pkgs.stdenv.isDarwin) { "ROCKSDB_${build_arch_underscores}_STATIC" = "true"; - "ROCKSDB_${build_arch_underscores}_LIB_DIR" = "${pkgs.rocksdb}/lib/"; + "ROCKSDB_${build_arch_underscores}_LIB_DIR" = "${ + pkgs.rocksdb_8_11.override { enableLiburing = false; } + }/lib/"; # does not produce static lib in most versions "SNAPPY_${build_arch_underscores}_STATIC" = "true"; @@ -489,7 +491,10 @@ in src = filterWorkspaceAuditFiles commonSrc; }; - cargoDeny = craneLib.cargoDeny { src = filterWorkspaceAuditFiles commonSrc; }; + cargoDeny = craneLib.cargoDeny { + src = filterWorkspaceAuditFiles commonSrc; + cargoDenyChecks = "--hide-inclusion-graph bans licenses sources"; + }; # Build only deps, but with llvm-cov so `workspaceCov` can reuse them cached workspaceDepsCov = craneLib.buildDepsOnly { diff --git a/nix/overlays/rocksdb.nix b/nix/overlays/rocksdb.nix deleted file mode 100644 index 391b0c014df..00000000000 --- a/nix/overlays/rocksdb.nix +++ /dev/null @@ -1,13 +0,0 @@ -final: prev: { - - rocksdb = prev.rocksdb.overrideAttrs (oldAttrs: rec { - version = "8.10.0"; - - src = final.fetchFromGitHub { - owner = "facebook"; - repo = oldAttrs.pname; - rev = "v${version}"; - hash = "sha256-KGsYDBc1fz/90YYNGwlZ0LUKXYsP1zyhP29TnRQwgjQ="; - }; - }); -}