aboutsummaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rw-r--r--contrib/debian/copyright2
-rw-r--r--contrib/devtools/README.md20
-rwxr-xr-xcontrib/devtools/clang-format-diff.py2
-rwxr-xr-xcontrib/devtools/copyright_header.py2
-rwxr-xr-xcontrib/devtools/github-merge.py25
-rwxr-xr-xcontrib/devtools/update-translations.py2
-rwxr-xr-xcontrib/gitian-build.py4
-rwxr-xr-xcontrib/install_db4.sh2
-rwxr-xr-xcontrib/linearize/linearize-data.py1
-rwxr-xr-xcontrib/linearize/linearize-hashes.py8
-rwxr-xr-xcontrib/macdeploy/custom_dsstore.py2
-rw-r--r--contrib/verify-commits/README.md17
-rwxr-xr-xcontrib/verify-commits/verify-commits.py2
13 files changed, 61 insertions, 28 deletions
diff --git a/contrib/debian/copyright b/contrib/debian/copyright
index e5b9cbaa40..2d5b0188d2 100644
--- a/contrib/debian/copyright
+++ b/contrib/debian/copyright
@@ -5,7 +5,7 @@ Upstream-Contact: Satoshi Nakamoto <satoshin@gmx.com>
Source: https://github.com/bitcoin/bitcoin
Files: *
-Copyright: 2009-2018, Bitcoin Core Developers
+Copyright: 2009-2019, Bitcoin Core Developers
License: Expat
Comment: The Bitcoin Core Developers encompasses the current developers listed on bitcoin.org,
as well as the numerous contributors to the project.
diff --git a/contrib/devtools/README.md b/contrib/devtools/README.md
index a0b6225345..6ee65f40be 100644
--- a/contrib/devtools/README.md
+++ b/contrib/devtools/README.md
@@ -119,7 +119,25 @@ Configuring the github-merge tool for the bitcoin repository is done in the foll
git config githubmerge.repository bitcoin/bitcoin
git config githubmerge.testcmd "make -j4 check" (adapt to whatever you want to use for testing)
- git config --global user.signingkey mykeyid (if you want to GPG sign)
+ git config --global user.signingkey mykeyid
+
+Authentication (optional)
+--------------------------
+
+The API request limit for unauthenticated requests is quite low, but the
+limit for authenticated requests is much higher. If you start running
+into rate limiting errors it can be useful to set an authentication token
+so that the script can authenticate requests.
+
+- First, go to [Personal access tokens](https://github.com/settings/tokens).
+- Click 'Generate new token'.
+- Fill in an arbitrary token description. No further privileges are needed.
+- Click the `Generate token` button at the bottom of the form.
+- Copy the generated token (should be a hexadecimal string)
+
+Then do:
+
+ git config --global user.ghtoken "pasted token"
Create and verify timestamps of merge commits
---------------------------------------------
diff --git a/contrib/devtools/clang-format-diff.py b/contrib/devtools/clang-format-diff.py
index 77e845a9b4..f322b3a880 100755
--- a/contrib/devtools/clang-format-diff.py
+++ b/contrib/devtools/clang-format-diff.py
@@ -109,7 +109,7 @@ def main():
match = re.search('^\+\+\+\ (.*?/){%s}(\S*)' % args.p, line)
if match:
filename = match.group(2)
- if filename == None:
+ if filename is None:
continue
if args.regex is not None:
diff --git a/contrib/devtools/copyright_header.py b/contrib/devtools/copyright_header.py
index 2d539ffe43..6d7a592f01 100755
--- a/contrib/devtools/copyright_header.py
+++ b/contrib/devtools/copyright_header.py
@@ -491,7 +491,7 @@ def get_git_change_year_range(filename):
def file_already_has_core_copyright(file_lines):
index, _ = get_updatable_copyright_line(file_lines)
- return index != None
+ return index is not None
################################################################################
# insert header execution
diff --git a/contrib/devtools/github-merge.py b/contrib/devtools/github-merge.py
index 4e90f85f50..ab834b7623 100755
--- a/contrib/devtools/github-merge.py
+++ b/contrib/devtools/github-merge.py
@@ -14,7 +14,6 @@
# In case of a clean merge that is accepted by the user, the local branch with
# name $BRANCH is overwritten with the merged result, and optionally pushed.
-from __future__ import division,print_function,unicode_literals
import os
from sys import stdin,stdout,stderr
import argparse
@@ -23,10 +22,8 @@ import subprocess
import sys
import json
import codecs
-try:
- from urllib.request import Request,urlopen
-except:
- from urllib2 import Request,urlopen
+from urllib.request import Request, urlopen
+from urllib.error import HTTPError
# External tools (can be overridden using environment)
GIT = os.getenv('GIT','git')
@@ -50,17 +47,24 @@ def git_config_get(option, default=None):
except subprocess.CalledProcessError:
return default
-def retrieve_pr_info(repo,pull):
+def retrieve_pr_info(repo,pull,ghtoken):
'''
Retrieve pull request information from github.
Return None if no title can be found, or an error happens.
'''
try:
req = Request("https://api.github.com/repos/"+repo+"/pulls/"+pull)
+ if ghtoken is not None:
+ req.add_header('Authorization', 'token ' + ghtoken)
result = urlopen(req)
reader = codecs.getreader('utf-8')
obj = json.load(reader(result))
return obj
+ except HTTPError as e:
+ error_message = e.read()
+ print('Warning: unable to retrieve pull information from github: %s' % e)
+ print('Detailed error: %s' % error_message)
+ return None
except Exception as e:
print('Warning: unable to retrieve pull information from github: %s' % e)
return None
@@ -138,6 +142,7 @@ def parse_arguments():
In addition, you can set the following git configuration variables:
githubmerge.repository (mandatory),
user.signingkey (mandatory),
+ user.ghtoken (default: none).
githubmerge.host (default: git@github.com),
githubmerge.branch (no default),
githubmerge.testcmd (default: none).
@@ -156,6 +161,7 @@ def main():
host = git_config_get('githubmerge.host','git@github.com')
opt_branch = git_config_get('githubmerge.branch',None)
testcmd = git_config_get('githubmerge.testcmd')
+ ghtoken = git_config_get('user.ghtoken')
signingkey = git_config_get('user.signingkey')
if repo is None:
print("ERROR: No repository configured. Use this command to set:", file=stderr)
@@ -166,14 +172,17 @@ def main():
print("git config --global user.signingkey <key>",file=stderr)
sys.exit(1)
- host_repo = host+":"+repo # shortcut for push/pull target
+ if host.startswith(('https:','http:')):
+ host_repo = host+"/"+repo+".git"
+ else:
+ host_repo = host+":"+repo
# Extract settings from command line
args = parse_arguments()
pull = str(args.pull[0])
# Receive pull information from github
- info = retrieve_pr_info(repo,pull)
+ info = retrieve_pr_info(repo,pull,ghtoken)
if info is None:
sys.exit(1)
title = info['title'].strip()
diff --git a/contrib/devtools/update-translations.py b/contrib/devtools/update-translations.py
index f0098cfcdf..1b9d3a4c27 100755
--- a/contrib/devtools/update-translations.py
+++ b/contrib/devtools/update-translations.py
@@ -125,7 +125,7 @@ def escape_cdata(text):
return text
def contains_bitcoin_addr(text, errors):
- if text != None and ADDRESS_REGEXP.search(text) != None:
+ if text is not None and ADDRESS_REGEXP.search(text) is not None:
errors.append('Translation "%s" contains a bitcoin address. This will be removed.' % (text))
return True
return False
diff --git a/contrib/gitian-build.py b/contrib/gitian-build.py
index faf8b014aa..fc7fbb764d 100755
--- a/contrib/gitian-build.py
+++ b/contrib/gitian-build.py
@@ -51,8 +51,10 @@ def build():
os.chdir('gitian-builder')
os.makedirs('inputs', exist_ok=True)
- subprocess.check_call(['wget', '-N', '-P', 'inputs', 'http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz'])
+ subprocess.check_call(['wget', '-N', '-P', 'inputs', 'https://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz'])
subprocess.check_call(['wget', '-N', '-P', 'inputs', 'https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch'])
+ subprocess.check_call(["echo 'a8c4e9cafba922f89de0df1f2152e7be286aba73f78505169bc351a7938dd911 inputs/osslsigncode-Backports-to-1.7.1.patch' | sha256sum -c"], shell=True)
+ subprocess.check_call(["echo 'f9a8cdb38b9c309326764ebc937cba1523a3a751a7ab05df3ecc99d18ae466c9 inputs/osslsigncode-1.7.1.tar.gz' | sha256sum -c"], shell=True)
subprocess.check_call(['make', '-C', '../bitcoin/depends', 'download', 'SOURCES_PATH=' + os.getcwd() + '/cache/common'])
if args.linux:
diff --git a/contrib/install_db4.sh b/contrib/install_db4.sh
index 4f74e67f2f..e90b8af7e1 100755
--- a/contrib/install_db4.sh
+++ b/contrib/install_db4.sh
@@ -51,7 +51,7 @@ http_get() {
if [ -f "${2}" ]; then
echo "File ${2} already exists; not downloading again"
elif check_exists curl; then
- curl --insecure "${1}" -o "${2}"
+ curl --insecure --retry 5 "${1}" -o "${2}"
else
wget --no-check-certificate "${1}" -O "${2}"
fi
diff --git a/contrib/linearize/linearize-data.py b/contrib/linearize/linearize-data.py
index b6ead4a166..56c1fbfc92 100755
--- a/contrib/linearize/linearize-data.py
+++ b/contrib/linearize/linearize-data.py
@@ -7,7 +7,6 @@
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
#
-from __future__ import print_function, division
import struct
import re
import os
diff --git a/contrib/linearize/linearize-hashes.py b/contrib/linearize/linearize-hashes.py
index 911c3c959d..e10b46d831 100755
--- a/contrib/linearize/linearize-hashes.py
+++ b/contrib/linearize/linearize-hashes.py
@@ -7,11 +7,7 @@
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
#
-from __future__ import print_function
-try: # Python 3
- import http.client as httplib
-except ImportError: # Python 2
- import httplib
+from http.client import HttpConnection
import json
import re
import base64
@@ -31,7 +27,7 @@ class BitcoinRPC:
authpair = "%s:%s" % (username, password)
authpair = authpair.encode('utf-8')
self.authhdr = b"Basic " + base64.b64encode(authpair)
- self.conn = httplib.HTTPConnection(host, port=port, timeout=30)
+ self.conn = HttpConnection(host, port=port, timeout=30)
def execute(self, obj):
try:
diff --git a/contrib/macdeploy/custom_dsstore.py b/contrib/macdeploy/custom_dsstore.py
index c29f83a91e..dc1c1882dd 100755
--- a/contrib/macdeploy/custom_dsstore.py
+++ b/contrib/macdeploy/custom_dsstore.py
@@ -1,5 +1,5 @@
#!/usr/bin/env python3
-# Copyright (c) 2013-2017 The Bitcoin Core developers
+# Copyright (c) 2013-2018 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
import biplist
diff --git a/contrib/verify-commits/README.md b/contrib/verify-commits/README.md
index aa805ad1b9..27ca15acb4 100644
--- a/contrib/verify-commits/README.md
+++ b/contrib/verify-commits/README.md
@@ -3,7 +3,7 @@ Tooling for verification of PGP signed commits
This is an incomplete work in progress, but currently includes a pre-push hook
script (`pre-push-hook.sh`) for maintainers to ensure that their own commits
-are PGP signed (nearly always merge commits), as well as a script to verify
+are PGP signed (nearly always merge commits), as well as a Python 3 script to verify
commits against a trusted keys list.
@@ -17,9 +17,11 @@ be backdoored. Instead, you need to use a trusted version of verify-commits
prior to checkout to make sure you're checking out only code signed by trusted
keys:
- git fetch origin && \
- ./contrib/verify-commits/verify-commits.py origin/master && \
- git checkout origin/master
+ ```sh
+ git fetch origin && \
+ ./contrib/verify-commits/verify-commits.py origin/master && \
+ git checkout origin/master
+ ```
Note that the above isn't a good UI/UX yet, and needs significant improvements
to make it more convenient and reduce the chance of errors; pull-reqs
@@ -33,6 +35,13 @@ Configuration files
* `trusted-keys`: This file should contain a \n-delimited list of all PGP fingerprints of authorized commit signers (primary, not subkeys).
* `allow-revsig-commits`: This file should contain a \n-delimited list of git commit hashes. See next section for more info.
+Import trusted keys
+-------------------
+In order to check the commit signatures you must add the trusted PGP keys to your machine. This can be done in Linux by running
+```sh
+gpg --recv-keys $(<contrib/verify-commits/trusted-keys)
+```
+
Key expiry/revocation
---------------------
diff --git a/contrib/verify-commits/verify-commits.py b/contrib/verify-commits/verify-commits.py
index 544f4dc48d..b3c8064ec2 100755
--- a/contrib/verify-commits/verify-commits.py
+++ b/contrib/verify-commits/verify-commits.py
@@ -139,7 +139,7 @@ def main():
if len(parents) == 2 and check_merge and not allow_unclean:
current_tree = subprocess.check_output([GIT, 'show', '--format=%T', current_commit], universal_newlines=True, encoding='utf8').splitlines()[0]
subprocess.call([GIT, 'checkout', '--force', '--quiet', parents[0]])
- subprocess.call([GIT, 'merge', '--no-ff', '--quiet', parents[1]], stdout=subprocess.DEVNULL)
+ subprocess.call([GIT, 'merge', '--no-ff', '--quiet', '--no-gpg-sign', parents[1]], stdout=subprocess.DEVNULL)
recreated_tree = subprocess.check_output([GIT, 'show', '--format=format:%T', 'HEAD'], universal_newlines=True, encoding='utf8').splitlines()[0]
if current_tree != recreated_tree:
print("Merge commit {} is not clean".format(current_commit), file=sys.stderr)