aboutsummaryrefslogtreecommitdiff
path: root/contrib
AgeCommit message (Collapse)Author
2021-09-21Merge bitcoin/bitcoin#22993: build: set OSX_MIN_VERSION to 10.15fanquake
a43b8e955558483d8893996cc3a67bc74cbaf358 build: set OSX_MIN_VERSION to 10.15 (fanquake) Pull request description: Taken out of #20744, as splitting up some of the build changes was mentioned [here](https://github.com/bitcoin/bitcoin/pull/22937#discussion_r707303172). This is required to use `std::filesystem` on macOS, as support for it only landed in the libc++.dylib shipped with 10.15. So if we want to move to using `std::filesystem` for `23.0`, this bump is required. See also: https://developer.apple.com/documentation/xcode-release-notes/xcode-11-release-notes > Clang now supports the C++17 \<filesystem\> library for iOS 13, macOS 10.15, watchOS 6, and tvOS 13. macOS 10.15 was released in October 2019. macOS OS's seem to have a life of about 3 years, so it's possible that 10.14 will become officially unsupported by the end of 2021 and prior to the release of 23.0. Guix builds: ```bash bash-5.1# find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum abc8b749be65f1339dcdf44bd1ed6ade2533b8e3b5030ad1dde0ae0cede78136 guix-build-a43b8e955558/output/dist-archive/bitcoin-a43b8e955558.tar.gz 1edcc301eb4c02f3baa379beb8d4c78e661abc24a293813bc9d900cf7255b790 guix-build-a43b8e955558/output/x86_64-apple-darwin19/SHA256SUMS.part e9dbb5594a664519da778dde9ed861c3f0f631525672e17a67eeda599f16ff44 guix-build-a43b8e955558/output/x86_64-apple-darwin19/bitcoin-a43b8e955558-osx-unsigned.dmg 11b23a17c630dddc7594c25625eea3de42db50f355733b9ce9ade2d8eba3a8f3 guix-build-a43b8e955558/output/x86_64-apple-darwin19/bitcoin-a43b8e955558-osx-unsigned.tar.gz 257ba64a327927f94d9aa0a68da3a2695cf880b3ed1a0113c5a966dcc426eb5e guix-build-a43b8e955558/output/x86_64-apple-darwin19/bitcoin-a43b8e955558-osx64.tar.gz ``` ACKs for top commit: hebasto: ACK a43b8e955558483d8893996cc3a67bc74cbaf358 jarolrod: ACK a43b8e9 Tree-SHA512: 9ac77be7cb56c068578860a3b2b8b7487c9e18b71b14aedd77a9c663f5d4bb19756d551770c02ddd12f1797beea5757b261588e7b67fb53509bb998ee8022369
2021-09-16Enable TLS in links in documentationJeremy Rand
2021-09-16build: set OSX_MIN_VERSION to 10.15fanquake
This is required to use std::filesystem on macOS as support for it only landed in the libc++ dylib shipped with 10.15. See also: https://developer.apple.com/documentation/xcode-release-notes/xcode-11-release-notes Clang now supports the C++17 <filesystem> library for iOS 13, macOS 10.15, watchOS 6, and tvOS 13.
2021-09-02Merge bitcoin/bitcoin#22418: release: Remove gitianMarcoFalke
ab9c34237ab7b056394e0bd1f7cb131ffd95754c release: remove gitian (fanquake) Pull request description: Note that this doesn't yet touch any glibc back compat related code. ACKs for top commit: laanwj: Code review ACK ab9c34237ab7b056394e0bd1f7cb131ffd95754c Tree-SHA512: 8e2fe3ec1097f54bb11ab9136b43818d90eab5dbb0a663ad6a552966ada4bdb49cc12ff4e66f0ec0ec5400bda5c81f3a3ce70a9ebb6fe1e0db612da9f00a51a7
2021-09-02Merge bitcoin/bitcoin#22847: guix/prelude: Override `VERSION` with ↵fanquake
`FORCE_VERSION` 96cc6bb04f7e173e1f7637b780ac00fc75486671 guix/prelude: Override VERSION with FORCE_VERSION (Carl Dong) Pull request description: ``` Previously, if the builder exported $VERSION in their environment (as past Gitian-building docs told them to), but their HEAD does not actually point to v$VERSION, their build outputs will differ from those of other builders. This is because the contrib/guix/guix-* scripts only ever act on the current git worktree, and does not try to check out $VERSION if $VERSION is set in the environment. Setting $VERSION only makes the scripts pretend like the current worktree is $VERSION. This problem was seen in jonatack's attestation for all.SHA256SUMS, where only his bitcoin-22.0rc3-osx-signed.dmg differed from everyone else's. Here is my deduced sequence of events: 1. Aug 27th: He guix-builds 22.0rc3 and uploads his attestations up to guix.sigs 2. Aug 30th, sometime after POSIX time 1630310848: he pulls the latest changes from master in the same worktree where he guix-built 22.0rc3 and ends up at 7be143a960e2 3. Aug 30th, sometime before POSIX time 1630315907: With his worktree still on 7be143a960e2, he guix-codesigns. Normally, this would result in outputs going in guix-build-7be143a960e2, but he had VERSION=22.0rc3 in his environment, so the guix-* scripts pretended like he was building 22.0rc3, and used 22.0rc3's guix-build directory to locate un-codesigned outputs and dump codesigned ones. However, our SOURCE_DATE_EPOCH defaults to the POSIX time of HEAD (7be143a960e2), which made all timestamps in the resulting codesigned DMG 1630310848, 7be143a960e2's POSIX timestamp. This differs from the POSIX timestamp of 22.0rc3, which is 1630348517. Note that the windows codesigning procedure does not consider SOURCE_DATE_EPOCH. We resolve this by only allowing VERSION overrides via the FORCE_VERSION environment variable. ``` Please ignore the branch name, it's not relevant to the change. ACKs for top commit: fanquake: ACK 96cc6bb04f7e173e1f7637b780ac00fc75486671 - Also makes sense given there are Guix build guides recommending to set `VERSION` as part of the process. i.e https://gist.github.com/hebasto/7293726cbfcd0b58e1cfd5418316cee3. Tree-SHA512: 9dca3fc637ce11049286a3ebee3cd61cce2125fc51d31cf472fbed7f659e1846fc44062753e0e71bfaec9e7fbab6f040bb88d9d4bc4f8acb28c6890563584acf
2021-08-31guix/prelude: Override VERSION with FORCE_VERSIONCarl Dong
Previously, if the builder exported $VERSION in their environment (as past Gitian-building docs told them to), but their HEAD does not actually point to v$VERSION, their build outputs will differ from those of other builders. This is because the contrib/guix/guix-* scripts only ever act on the current git worktree, and does not try to check out $VERSION if $VERSION is set in the environment. Setting $VERSION only makes the scripts pretend like the current worktree is $VERSION. This problem was seen in jonatack's attestation for all.SHA256SUMS, where only his bitcoin-22.0rc3-osx-signed.dmg differed from everyone else's. Here is my deduced sequence of events: 1. Aug 27th: He guix-builds 22.0rc3 and uploads his attestations up to guix.sigs 2. Aug 30th, sometime after POSIX time 1630310848: he pulls the latest changes from master in the same worktree where he guix-built 22.0rc3 and ends up at 7be143a960e2 3. Aug 30th, sometime before POSIX time 1630315907: With his worktree still on 7be143a960e2, he guix-codesigns. Normally, this would result in outputs going in guix-build-7be143a960e2, but he had VERSION=22.0rc3 in his environment, so the guix-* scripts pretended like he was building 22.0rc3, and used 22.0rc3's guix-build directory to locate un-codesigned outputs and dump codesigned ones. However, our SOURCE_DATE_EPOCH defaults to the POSIX time of HEAD (7be143a960e2), which made all timestamps in the resulting codesigned DMG 1630310848, 7be143a960e2's POSIX timestamp. This differs from the POSIX timestamp of 22.0rc3, which is 1630348517. Note that the windows codesigning procedure does not consider SOURCE_DATE_EPOCH. We resolve this by only allowing VERSION overrides via the FORCE_VERSION environment variable.
2021-08-31builder-keys: add kristapskKristaps Kaupe
https://keys.openpgp.org/search?q=70A1D47DD44F59DF8B22244333E472FE870C7E5D https://github.com/JoinMarket-Org/joinmarket-clientserver/blob/master/pubkeys/KristapsKaupe.asc
2021-08-31release: remove gitianfanquake
2021-08-26Merge bitcoin/bitcoin#22660: contrib: catch bitcoin-cli RPC call errors in ↵MarcoFalke
getcoins.py 42dbd9025adc200012c103d2c091cf026f1d50b1 contrib: return non-zero status if getcoins.py errors (Sebastian Falbesoner) 8c203cf0e1b9558b54030c284ddf7706d64cdde2 contrib: catch bitcoin-cli RPC call errors in getcoins.py (Sebastian Falbesoner) 0eca5ebaced264d041de815316eaca8cf6fef92f contrib: refactor: introduce bitcoin-cli RPC call helper in getcoins.py (Sebastian Falbesoner) Pull request description: This PR is based on #22565 ("[script] signet's getcoins.py improvements"), which should be reviewed first. The signet faucet script `contrib/signet/getcoins.py` currently issues bitcoin-cli RPC calls without catching errors -- the only case tackled is if there is no `bitcoin-cli` file found. Instead of crashing with a stack-trace on a failed RPC call, the changes in this PR aim to produce a more user-friendly output (see also https://github.com/bitcoin/bitcoin/pull/22565#discussion_r683754875). Additionally, in case of any error, a non-zero status is now returned (instead of 0, indicating success), which could be useful for other scripts taking use of signet faucet script. The most straight-forward way to test this is invoking the script without a `bitcoind` running on signet: PR22565 branch: ``` $ ./contrib/signet/getcoins.py error: Could not connect to the server 127.0.0.1:8332 Make sure the bitcoind server is running and that you are connecting to the correct RPC port. Traceback (most recent call last): File "./contrib/signet/getcoins.py", line 26, in <module> curr_signet_hash = subprocess.check_output([args.cmd] + args.bitcoin_cli_args + ['getblockhash', '1']).strip().decode() File "/usr/local/lib/python3.8/subprocess.py", line 415, in check_output return run(*popenargs, stdout=PIPE, timeout=timeout, check=True, File "/usr/local/lib/python3.8/subprocess.py", line 516, in run raise CalledProcessError(retcode, process.args, subprocess.CalledProcessError: Command '['bitcoin-cli', 'getblockhash', '1']' returned non-zero exit status 1. ``` this PR branch: ``` $ ./contrib/signet/getcoins.py error: Could not connect to the server 127.0.0.1:38332 Make sure the bitcoind server is running and that you are connecting to the correct RPC port. ----- Error while calling "bitcoin-cli -signet getblockhash 1" (see output above). ``` ACKs for top commit: kallewoof: Code ACK 42dbd9025adc200012c103d2c091cf026f1d50b1 Zero-1729: tACK 42dbd90 🧪 Tree-SHA512: 912240a4ed03c87035e370602f4095c7ffe26806421bbbd6cf86588126f2310a01a6a61606e9e2918fb2c1a0debdd0ce768c69ba2e4b8e7750fa3474a56d01a0
2021-08-23Merge bitcoin/bitcoin#22565: [script] signet's getcoins.py improvementsW. J. van der Laan
b0c8246cac97b7792a50afc22ef1fe39c5028e00 Add cleaner errors for unsuccessful faucet transactions (NikhilBartwal) 1c612b274b1587c43ee6e6a486aed653b9ca5f70 [script] Update signet getcoins.py for custom network (NikhilBartwal) Pull request description: Currently, using the getcoins.py with a custom signet executes successfully and shows the transfer of 0.001 testBTC as complete, however for obvious reasons, it should not. In fact, upon verification it does not actually execute the transaction, but rather gives the output that it did, as shown below which can be misleading: ``` [nikhilb@nikhil-PC bitcoin]$ echo $datadir /home/nikhilb/signet-custom [nikhilb@nikhil-PC bitcoin]$ contrib/signet/getcoins.py -- -datadir=$datadir Payment of 0.00100000 BTC sent with txid dd22c7d996e95f3e5baf20f73140d517ff48f1b26d0e4fefd61e3c37991b8f86 [nikhilb@nikhil-PC bitcoin]$ bitcoin-cli -datadir=$datadir getrawtransaction dd22c7d996e95f3e5baf20f73140d517ff48f1b26d0e4fefd61e3c37991b8f86 error code: -5 error message: No such mempool or blockchain transaction. Use gettransaction for wallet transactions. [nikhilb@nikhil-PC bitcoin]$ bitcoin-cli -datadir=$datadir gettransaction dd22c7d996e95f3e5baf20f73140d517ff48f1b26d0e4fefd61e3c37991b8f86 error code: -5 error message: Invalid or non-wallet transaction id ``` This PR adds a sanity check for custom signet by comparing the current network's first block hash (the block after the genesis block) with global signet's respective block hash (since all signet networks share the same genesis block) and if a custom network is detected, the user is prompted to either work on the global signet or setup their own faucet. The PR was checked to be working successfully, giving the output as below: ``` [nikhilb@nikhil-PC bitcoin]$ git checkout update_signet_getcoins Switched to branch 'update_signet_getcoins' Your branch is ahead of 'upstream/master' by 1 commit. (use "git push" to publish your local commits) [nikhilb@nikhil-PC bitcoin]$ contrib/signet/getcoins.py -- -datadir=$datadir The global faucet cannot be used with a custom Signet network. Please use the global signet or setup your custom faucet for the same. You can have a look here for setting up your own faucet: https://en.bitcoin.it/wiki/Signet ``` ACKs for top commit: prayank23: utACK https://github.com/bitcoin/bitcoin/pull/22565/commits/b0c8246cac97b7792a50afc22ef1fe39c5028e00 kallewoof: ACK b0c8246cac97b7792a50afc22ef1fe39c5028e00 arnabsen1729: utACK b0c8246 prakash1512: utACK b0c8246 0xB10C: Tested ACK b0c8246cac97b7792a50afc22ef1fe39c5028e00 theStack: Tested ACK b0c8246cac97b7792a50afc22ef1fe39c5028e00 Zero-1729: crACK b0c8246 🧉 Tree-SHA512: 144b47a83008521a5cda13f4c1b12809a125a744f865a8e0f792132d52fdb88926d4f4f4d7230452c2e129b5879892cdbeda981b8af10b789e9fc0cda2905a5d
2021-08-21Merge bitcoin/bitcoin#22633: refactor: Replace remaining binascii method callsMarcoFalke
021daedfa100defad553d69cd3d628aaa5bc7caf refactor: replace remaining binascii method calls (Zero-1729) Pull request description: This PR removes the remaining `binascii` method calls outside `test/functional` and `test_framework`, as pointed out here https://github.com/bitcoin/bitcoin/pull/22619#pullrequestreview-722153458. Follow-up to #22593 and #22619 Closes #22605 ACKs for top commit: josibake: re-ACK https://github.com/bitcoin/bitcoin/pull/22633/commits/021daedfa100defad553d69cd3d628aaa5bc7caf theStack: re-ACK 021daedfa100defad553d69cd3d628aaa5bc7caf Tree-SHA512: 2ae9fee8917112c91a5406f219ca70f24cd8902b903db5a61fc2de85ad640d669a772f5c05970be0fcee6ef1cdd32fae2ca5d1ec6dc9798b43352c8160ddde6f
2021-08-20Merge bitcoin/bitcoin#22654: guix: Don't include directory name in SHA256SUMSfanquake
132cae44f2d031bdaa1e459b92ec89ad585dfc9f doc: Mention the flat directory structure for uploads (Andrew Chow) fb17c99e35e72f3b21ec3b5473e84c21dc964776 guix: Don't include directory name in SHA256SUMS (Andrew Chow) Pull request description: The SHA256SUMS file can be used in a sha256sum -c command to verify downloaded binaries. However users are likely to download just a single file and not place this file in the correct directory relative to the SHA256SUMS file for the simple verification command to work. By not including the directory name in the SHA256SUMS file, it will be easier for users to verify downloaded binaries. ACKs for top commit: Zero-1729: re-ACK 132cae44f2d031bdaa1e459b92ec89ad585dfc9f fanquake: ACK 132cae44f2d031bdaa1e459b92ec89ad585dfc9f Tree-SHA512: c9ff416b8dfb2f3ceaf4d63afb84aac9fcaefbbf9092f9e095061b472884ec92c7a809e6530c7132a82cfe3ab115a7328e47994a412072e1d4feb26fc502c8c5
2021-08-18guix: Don't include directory name in SHA256SUMSAndrew Chow
The SHA256SUMS file can be used in a sha256sum -c command to verify downloaded binaries. However users are likely to download just a single file and not place this file in the correct directory relative to the SHA256SUMS file for the simple verification command to work. By not including the directory name in the SHA256SUMS file, it will be easier for users to verify downloaded binaries. Co-authored-by: Carl Dong <contact@carldong.me>
2021-08-18Merge bitcoin/bitcoin#22645: scripts: prevent GCC optimising test symbols in ↵W. J. van der Laan
test-symbol-check 5449d44e37982fcd5251fd47873c5f7d34c39fc9 scripts: prevent GCC optimising test symbols in test-symbol-check (fanquake) Pull request description: I noticed in #22381 that when the test-symbol-check target was being built with Clang and run in the CI it would fail due to using a too-new version of `pow` (used [here](https://github.com/bitcoin/bitcoin/blob/d67330d11245b11fbdd5e2dd5343ee451186931e/contrib/devtools/test-symbol-check.py#L85)). Our CIs use Focal (glibc 2.31) and the version of `pow` was the optimized version introduced in [glibc 2.29](https://lwn.net/Articles/778286/): ```bash * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf. ``` This made sense, except for that if it was failing when built using Clang, why hadn't it also been failing when being built with GCC? Turns out GCC is optimizing away that call to `pow` at all optimization levels, including `-O0`, see: https://godbolt.org/z/53MhzMxT7, and this has been the case forever, or at least since GCC 5.x. Clang on the other hand, will only optimize away the `pow` call at `-O1` and `-O2`, not `-O0`: https://godbolt.org/z/Wbnqj3q6c. Thus when this test was built with Clang (we don't pass `-O` so we default to `-O0`) it was failing in the CI environment, because it would actually have a call to the "new" `pow`. Avoid this issue by using a symbol that won't be optimized away, or that we are unlikely to ever have versioning issues with. ACKs for top commit: laanwj: ACK 5449d44e37982fcd5251fd47873c5f7d34c39fc9 Tree-SHA512: 3a26c5c3a5f2905fd0dd90892470e241ba625c0af3be2629d06d5da3a97534c1d6a55b796bbdd41e2e6a26a8fab7d981b98c45d4238565b0eb7edf3c5da02007
2021-08-16refactor: replace remaining binascii method calls Zero-1729
2021-08-17contrib: use hkps://keys.openpgp.org to retrieve builder keysfanquake
hkps://hkps.pool.sks-keyservers.net is essentially no-longer functional, and a number of distributions and GPG tools have since switched to using this key server as their default. See this Debian patch for additional context: https://salsa.debian.org/debian/gnupg2/-/blob/debian/main/debian/patches/Use-hkps-keys.openpgp.org-as-the-default-keyserver.patch Switch to using keys.openpgp.org in the CI as well.
2021-08-16Merge bitcoin/bitcoin#22700: builder-keys: Add dongcarlfanquake
7d95777417709d827e42e87a951fcf29824583b3 builder-keys: Add dongcarl (Carl Dong) Pull request description: https://keys.openpgp.org/search?q=04017A2A6D9A0CCDC81D8EC296AB007F1A7ED999 This is my master key, will be bumping the expiration of subkeys or rotating when necessary. ACKs for top commit: fanquake: ACK 7d95777417709d827e42e87a951fcf29824583b3 - matches what I've got. Tree-SHA512: 3a76b8eda81821b3221402501cf8191bce73118624b932aa80a7fc1a32a91e3825aeb2b03ed261bbf284b088e927c384f92e08eadddf7f94ed4de579d9f6d2b7
2021-08-13builder-keys: Add dongcarlCarl Dong
2021-08-12builder-keys: add jamesobJames O'Beirne
http://keyserver.ubuntu.com/pks/lookup?search=0x25F27A38A47AD566&fingerprint=on&hash=on&op=vindex This is also the key I sign GitHub commits with.
2021-08-09Merge bitcoin/bitcoin#22642: release: Release with separate SHA256SUMS and ↵fanquake
sig files 90b3e482e911fde73133a157c3b354471682275a release: Release with separate SHA256SUMS and sig files (Carl Dong) Pull request description: This allows us to: - remove the rfc4880 EOL hacks, and - release with a SHA256SUMS.asc file that's a combination of all signer signatures ACKs for top commit: achow101: ACK 90b3e482e911fde73133a157c3b354471682275a laanwj: Concept and code review ACK 90b3e482e911fde73133a157c3b354471682275a Tree-SHA512: 5d5086063d303aa0cbd590e5fdf2ae8f555e25f4e43bf67545e33384449b990e94834c711622530ad0eb3dcc83f52746884a5081dadb0acff8dd799cfadafac7
2021-08-09scripts: prevent GCC optimising test symbols in test-symbol-checkfanquake
2021-08-07contrib: return non-zero status if getcoins.py errorsSebastian Falbesoner
2021-08-07contrib: catch bitcoin-cli RPC call errors in getcoins.pySebastian Falbesoner
2021-08-07contrib: refactor: introduce bitcoin-cli RPC call helper in getcoins.pySebastian Falbesoner
2021-08-05guix-verify: Non-zero exit code when anything failsCarl Dong
Previously, if verification fails, the correct message will be printed, but the exit code would still be 0.
2021-08-05release: Release with separate SHA256SUMS and sig filesCarl Dong
This allows us to remove the rfc4880 EOL hacks and release with a SHA256SUMS.asc file that's a combination of all signer signatures.
2021-08-05Add cleaner errors for unsuccessful faucet transactionsNikhilBartwal
2021-08-05[script] Update signet getcoins.py for custom networkNikhilBartwal
Currently, using the getcoins.py with a custom signet executes successfully and shows the transaction as complete, however for obvious reasons, it should not. This PR adds a sanity check for custom signet by comparing the current network's first block hash with global signet's respective hash.
2021-07-30contrib, p2p: update I2P hardcoded seedsJon Atack
2021-07-29Merge bitcoin/bitcoin#22516: macdeploy: alternative info to download the ↵fanquake
macOS SDK f8f772dc495f7d3ee02d75d42ee22ceb90c3a693 macdeploy: alternative info to download the macOS SDK (Antoine Poinsot) Pull request description: The previous link wasn't accessible for me, this adds some instructions given to me by Hebasto on #bitcoin-core-builds as well as a shasum for the archive to quickly check the downloaded one is the right one before processing with the entire Guix build. ACKs for top commit: fanquake: ACK f8f772dc495f7d3ee02d75d42ee22ceb90c3a693 Tree-SHA512: 620160b593ed8fa4ae4a748b8e72d67b93ff0ec9e6b8ef3c3ac5402c1c48ec0ac325a527b6278cdf84aaf51ba8194d4c366c412ffad141d0412add2710efcff5
2021-07-29macdeploy: alternative info to download the macOS SDKAntoine Poinsot
The previous link wasn't accessible for me, this adds some instructions given to me by Hebasto on #bitcoin-core-builds as well as a shasum for the archive to quickly check the downloaded one is the right one before processing with the entire Guix build. This also corrects a link to an older version of the SDK currently in use. Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2021-07-29Merge bitcoin/bitcoin#22531: guix: Fixes to guix-{attest,verify}fanquake
9b313dfef18792fcc36e78ef3caa693fafcce04e guix: Ensure EPOCH_SOURCE_DATE does not include GPG information (Andrew Chow) 43225f0a2a517ccd79dc49279b979ffd2eca6b85 guix: Remove extra \r from all.SHA256SUMS line ending (Andrew Chow) d080c27066449f76bc8709fc50e422757971d2cf guix, doc: Add a note that codesigners need to rebuild after tagging (Andrew Chow) 4a466388a0092fbdf5f8969c6bfb65bf8cc962e1 guix: Allow changing the base manifest in guix-verify (Andrew Chow) 33455c76964b9e27b33e970d9722cc47657b291b guix: Make all.SHA256SUMS rather than codesigned.SHA256SUMS (Andrew Chow) Pull request description: `guix-verify` expects `all.SHA256SUMS` but `guix-attest` produces `codesigned.SHA256SUMS`. Since `all.SHA256SUMS` makes more sense (as the file contains all the sha256sums, not just the codesigned ones), `guix-attest` has been changed to output a file of that name. As a quality of life improvement, `guix-verify` can take `SIGNER` and use the signer's manifest as the base to compare against. This makes it easier to compare a single person's attestations with everyone else's and can make it more obvious when one builder is clearly mismatching with everyone else. Lastly `release-process.md` is updated with a note about a gotcha that can cause a mismatch in the codesigned attestation. ACKs for top commit: fanquake: ACK 9b313dfef18792fcc36e78ef3caa693fafcce04e Tree-SHA512: 0d60627def38288dbd3059ad1e72cad224f9205da11b1a561c082ef28250a074df5cc5f2797c91a7be027bc486a3fda3319c2e496a8724e5b539337236c6f990
2021-07-29Merge bitcoin/bitcoin#22538: doc: fix command typo in guix READMEfanquake
198ceb82f91bfdeac6e143ca7433f4a524f6f36f script, doc: guix touchups (jonatack) d7b7f610a53aa62bd82f6704a9c518a93c896963 Updated Readme, Corrected the codesign typo (h) Pull request description: ACKs for top commit: jamesob: ACK https://github.com/bitcoin/bitcoin/pull/22538/commits/198ceb82f91bfdeac6e143ca7433f4a524f6f36f jonatack: ACK 198ceb82f91bfdeac6e143ca7433f4a524f6f36f Tree-SHA512: 408360cebb51cff330fdd5d5d8ae91a168cdc99fb1377913fd9119e6eba536e58f87ff5c5b479e21a21fa3403323b137c338005bbd67e6fd24314929cdff9325
2021-07-28guix: Ensure EPOCH_SOURCE_DATE does not include GPG informationAndrew Chow
If the user has set log.showSignature=true in their git config, then the git log will always output GPG signature information. Since git log is used to set EPOCH_SOURCE_DATE, this will mistakenly have GPG signature information in it which causes issues for the build. To avoid this issue, we override the config and force log.showSignature=false.
2021-07-28guix: Remove extra \r from all.SHA256SUMS line endingAndrew Chow
guix-attest mistakenly added an extra \r to the line endings in all.SHA256SUMS, causing guix-verify to erroneously fail. Co-Authored-By: Carl Dong <contact@carldong.me>
2021-07-27tracing: Tracepoint for connected blocks0xb10c
Can, for example, be used to benchmark block connections.
2021-07-27tracing: Tracepoints for in- and outbound P2P msgs0xb10c
Can be used to monitor in- and outbound node traffic. Based on ealier work by jb55. Co-authored-by: William Casarin <jb55@jb55.com>
2021-07-27doc: Add initial USDT documentation0xb10c
Both added files are extended in the following commits. doc/usdt.md is based on earlier work by laanwj. Co-authored-by: W. J. van der Laan <laanwj@protonmail.com>
2021-07-27Fix typo in commentCuong V. Nguyen
2021-07-23script, doc: guix touchupsjonatack
2021-07-23Updated Readme, Corrected the codesign typoh
2021-07-23Merge bitcoin/bitcoin#22533: guix/build: Remove vestigial SKIPATTEST.TAGfanquake
9f01feda0ad99d8600f9edee1f37594c5166a7b8 guix/build: Remove vestigial SKIPATTEST.TAG (Carl Dong) Pull request description: No longer needed or referenced by anything. A relic from prior to the great hierarchy overhaul of #22182 ACKs for top commit: achow101: ACK 9f01feda0ad99d8600f9edee1f37594c5166a7b8 fanquake: ACK 9f01feda0ad99d8600f9edee1f37594c5166a7b8 Tree-SHA512: a94cf63f0c5cb8dbacf1025b6c0e81b219c2a3c93b3cbcefc239ccde29e602ecd4b717b1d93dbe53cb791a5017236fb09823c034aec42b0c31894fc9e0ab8b21
2021-07-23Merge bitcoin/bitcoin#22511: guix: Silence `getent(1)` invocation, doc fixupsfanquake
a884a1edcd1b795799f1be65df17462041741dc3 guix/INSTALL: Misc fixups (Carl Dong) 3c4d2c418e62d421a8bd7640ef5384251c892406 guix: Silence getent(1) invocation (Carl Dong) Pull request description: Otherwise the `getent(1)` checks will print out the default http, https, and ftp ports, making it seem like something is being spawned that is listening on those ports, which is not the case. ACKs for top commit: fanquake: ACK a884a1edcd1b795799f1be65df17462041741dc3 Tree-SHA512: 7706a98fe5f2bcd766fd3a16bfffab899ec45e80d72c485b7bed2a83d2024eddbb44ae4a77e2352e308740ca203c163421a11a5a2327fa94d2032ecceef4d63f
2021-07-22guix: Allow changing the base manifest in guix-verifyAndrew Chow
When verifying guix attestations, it is useful to set a particular signer's manifest as the base to compare against.
2021-07-22guix: Make all.SHA256SUMS rather than codesigned.SHA256SUMSAndrew Chow
2021-07-22guix/build: Remove vestigial SKIPATTEST.TAGCarl Dong
2021-07-22guix/INSTALL: Misc fixupsCarl Dong
2021-07-22contrib: use newer config.guess & config.sub in install_db4.shfanquake
2021-07-20guix: Silence getent(1) invocationCarl Dong
2021-07-20Merge bitcoin/bitcoin#22465: guix: Pin kernel-header version, time-machine ↵fanquake
to upstream 1.3.0 commit e6a94d44469f90f4dc88a07a5a8587730811c705 guix: Bump to version-1.3.0 from upstream (Carl Dong) 90fd13b954a364963f58e6cd12962c6f1986f79b guix: Pin kernel header version (Carl Dong) Pull request description: ``` - Use 4.19 for riscv64 (earliest LTS release w/ riscv64 support) - Use 4.9 for all others (second-oldest LTS release, released in combination with glibc glibc 2.24 in Debian stretch) ``` ``` The chosen commit is the HEAD of Guix's version-1.3.0 branch as of July 15th, 2021. Also fix visual indenting. ``` ----- This + the documentation PR should make our Guix system ready for release! ACKs for top commit: MarcoFalke: review ACK e6a94d44469f90f4dc88a07a5a8587730811c705 to change to vanilla guix. Did not review the kernel change. laanwj: ACK e6a94d44469f90f4dc88a07a5a8587730811c705 fanquake: ACK e6a94d44469f90f4dc88a07a5a8587730811c705 Tree-SHA512: a175e4ddb3ee786a39f5e800ce336932ad2f6797a3a28400a6f723875d0f19833fd36cedc41b3580e4604110517211bd9f557be36adf7265fd8e591c434ae032