446265f12 Runtime,Execution,Message Routing: Put chunk store max size in config
Refactoring:
9d8373bda Message Routing,Interface: Implement RequestOrResponse to CanisterMessage conversion
a0b6c5e95 Networking(bitcoin-adapter): Remove dead code in the bitcoin adapter
0b761c300 Networking,Interface: Move the adapters metrics code under a single directory
Tests:
22ade6804 Consensus(schnorr): Add unit test for scheme mismatches when building signature inputs
b9a20425f Consensus(schnorr): Generalize remaining unit tests for tSchnorr
330a625f1 Consensus(schnorr): Unit tests for tSchnorr signing phase
e002467e6 Consensus,IDX: feat(ecdsa):[,] Add system tests checking several multiple ecdsa keys scenarios & add handle the case when new keys are added to the subnet
cd6327c7c Crypto: move tECDSA integration test utils into existing crate
cd9eaf3e3 IDX,Consensus(consensus): upload results of tecdsa_performance_test to ES
1a043570f IDX,Consensus(schnorr): Generalize functions to request/verify threshold signatures/public keys in system tests
d551b49b4 Interface: mark ic_test_utilities_logger as testonly
f5eb0d507 Message Routing: Add change guard for RejectCode
23815c655 Message Routing(github-sync): PR#211 / chore: increase timeout for checkpointing in state manager tests
393f7f09e Networking(http-endpoint): Test call endpoints load shed when ingress pool is full
3685173d4 Networking(http-endpoint): Test call endpoint response when P2P is not running.
a28e7115e Networking,IDX(firewall-test): Remove NNS and system subnet from test setup
a99f8f159 NNS,Message Routing,Utopia(nns): Update governance_mem_test and install slice settings in tests
Documentation:
8a6f79c30 Node: Add link to icos_build macro in ic-os documentation
Other changes:
97a84fbc0 Consensus,DRE: Update Mainnet IC revisions file
8f1f212ed Execution,Runtime: Move match for InstallChunkedCode
3c5066a35 Node: “Merge branch ‘eero/fix-config-serialization’ into ‘master’”
The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.
The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.
I can see that now the commits listed in the proposal’s summary are the Merge Requests, which include more details and context on the changes made in that commit.
I think this helps people to better understand the changes made and brings more transparency to the proposals.
Thanks for this release DFINITY. I gather that enabling deterministic time slicing on system subnets has been motivated by the NNS subnet incident last week. Are @DRE-Team able to share which system subnets DFINITY plan to deploy this replica version to first (if only there was a canary system subnet on mainnet)? Can I ask why DTS was previously disabled for system subnets (is it due to memory overhead)?
On a separate note, I found this commit interesting (and lacking an accessible explanation). It reduces firewall_max_connections test coverage, such that it no longer covers system subnets. Are you able to share more info about the motivations behind this commit?
At the time of this comment on the forum there are still 2 days left in the voting period, which means there is still plenty of time for others to review the proposal and vote independently.
We had several very good reviews of the Release Notes on these proposals by @Zane, @cyberowl, @ZackDS, @massimoalbarello, @ilbert, and @Lorimer. The IC-OS Verification was also performed by @tiago89. I recommend folks take a look and see the excellent work that was performed on these reviews by the entire CodeGov team. Feel free to comment here or in the thread of each respective proposal in our community on OpenChat if you have any questions or suggestions about these reviews.
The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.
Hi @Lorimer, the commit does not change any coverage for the test. We noticed that we created both a system subnet and an application subnet for the firewall_max_connections system test, but we only tested the connection limit for the application subnet.
This means that the system subnet was redundant for the test, creating extra overhead in setting up and running the test.
Thanks for clarifying @dsharifi - I see what you’re saying. It looks like it’s been that way since the limit was introduced). I’m still a little curious - the test setup had the intention of testing both application and system subnets (because they behave differently?). Why not modify connection_count_test to loop over the two subnets types, instead of removing the system subnet altogether? I’m only asking to get a better handle on things (not because I think anything is wrong)
The reason we don’t loop over both subnet types is that the firewall rule that we are testing, defined here is the same for both Application and System subnets.
