Proposal #133938
Vote: Rejected.
1 Like
proposal - 133938
This is being rejected as it duplicates proposal 133901.
proposal - 133939
Vote: ADOPT
Reason:
The build was successful, and all the commit descriptions matched the changes in the code.
Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH
51f6f4e4a
Restructuring service dependencies and clarifying systemd service configurations to ensure proper ordering during initialization. Some Before and After directives were added to synchronize services like syslog.target and systemd-networkd.target. File paths were modified for better organization, placing certain services and scripts under the guestos directory.s
c514a532a
Revert commit to read udev state
372b9a574
Security policy adjustments, dependencies in system services, and refined SELinux permissions. Notably, systemd-machine-id-setup used to ensure that the machine ID were removed in a couple of scripts. Tweaks to guestos Docker and encryption services
proposal - 133950
Vote: ADOPT
Reason:
The build was successful.
Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH
proposal - 133951
Vote: ADOPT
Reason:
The build was successful.
Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH
proposal - 133952
Vote: ADOPT
Reason:
The build was successful.
Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH
proposal - 133953
Vote: ADOPT
Reason:
The build was successful.
Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH
1 Like
Hello everyone,
We recently submitted a hotfix based on the latest release to address a crucial issue that, if left unresolved, could lead to a divergence in the execution state and potentially require subnet recovery. This hotfix was applied on all 4 versions we had this week, and it eliminates code duplication by replacing
CanisterSnapshots::delete_snapshots functionality with
CanisterSnapshots::remove.
In result, the change:
- Consolidates the functionality of canister snapshot deletion, aiming to reduce code duplication and enhance stability.
- Ensures that metrics related to canister snapshots accurately reflect the state after deletions, to avoid unintended memory usage or snapshot count mismatches.
Unfortunately, we recognize that the NNS proposal did not contain a fully detailed description of the changes, which may have caused some confusion. We apologize for this oversight and are committed to providing more comprehensive proposal descriptions in the future to ensure that all updates are communicated with clarity.
Thank you for your understanding and continued support as we work to maintain the security and stability of the IC Mainnet.
Warm regards,
DRE team
6 Likes
Proposal 133938
Vote: REJECTED.
Reason: Duplicate release.
Proposal 133939
Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.
Review:
The commits listed in the proposal match their description. They were introduced in previous proposals.
1 Like
Voted to reject proposal 133938 as this appears to be a duplicate of proposal 133901.
1 Like
Proposal 133950
Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.
Review:
72a6598aa:
Changes the delete_snapshots method of the CanisterSnapshots struct to use the remove method of the same struct instead of duplicating the logic.
Proposal 133951
Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.
Review:
c6847128f:
Same as proposal 133950.
Proposal 133952
Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.
Review:
0111c2098:
Same as proposal 133950.
Proposal 133953
Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.
Review:
1eeb4d74d:
Same as proposal 133950.
1 Like
Proposal 133939
Summary
- Build has of CDN, payload and local build matches and is “f93f1b014089db9b53e9b4d055176dd32b0ef3e987e06e8e9a250466330978b6”
- Vote: Yes
- Reason: Build hash matches, and release notes match the code commits as well. These are minor revert of previous commits.
Proposal 133950
- Build has of CDN, local and payload matches and is “afef735ddd81fca98e70bb217eb9584af749c69f418e888b0ed497d0b8c3b8ad”
- Vote: Yes
- Reason: Build hash matches and its a Hotfix ( Relaced delete_snapshot with remove snapshot functionality ).
Proposal 133951
- Build hash of local, cdn and payload matches and is “9a2cf9c6d69ebf4b3ce64a07b0e1424adeae587735dfc80e965515794da0c909”.
- Vote: Yes
- Reason: Build hash matches and code changes are same as of proposal 139950
Review:
c6847128f3a872e0e084b2920bfcd21f881c69fa
Same changes as proposal 133950
Proposal 133952
Summary
- Build hash match cdn, local and payload and is “ed40de8dc29370858543d40e8c8bedcb38977a75f11c71c594ff609020b0ccbe”
- Vote: Yes
- Reason: Build hash matches and reviewed all commits.
Review
0111c20983290bd4a338ad22855e176803e21842
Changes are same as proposal 133950
Proposal 133953
Summary
- Build hash of CDN, local build and payload match and is “c79d57e9aebb6d3c404fb0f135fc3b68f1f7ca4d082214694986a4d21dd26c91”
- Vote: Yes
- Reason: Build hash matches, and its a hotfix, reviewed all commits
Review
1eeb4d74deb00bd52739cbd6f37ce1dc72e0c76e
Changes are same as proposal 133950
Proposal 133938
Summary
- Vote: Reject
- Reasons to adopt: Duplicate of Proposal 133901
Proposal 133939
Summary
- Vote: Adopt
- Hash: All the hashes match
- Reasons to adopt: The release notes match the commits and the code changes. Builds successfully and all the hashes match
Other changes
51f6f4e4a
Notes: This reverts commit dff73c6
Review: Code changes match the commit message.
c514a532a
Notes: This reverts commit 2ce147d
Review: Code changes match the commit message.
372b9a574
Notes: This reverts commit 87ed927
Review: Code changes match the commit message.
Proposal 133950
Summary
- Vote: Adopt
- Hash: All the hashes match
- Reasons to adopt: Hotfix
Proposal 133951
Summary
- Vote: Adopt
- Hash: All the hashes match
- Reasons to adopt: Hotfix
Proposal 133952
Summary
- Vote: Adopt
- Hash: All the hashes match
- Reasons to adopt: Hotfix
Proposal 133953
Summary
- Vote: Adopt
- Hash: All the hashes match
- Reasons to adopt: Hotfix
Proposal 133938
Summary
- Vote: Reject
- Reasons to adopt: Duplicate of Proposal 133901
Proposal 133939
Summary
- Vote: Adopt
- Hash: Hashes match
- Reasons to adopt: Builds fine + hashes match + release notes match the commits
Other changes
51f6f4e4a
Notes: Reverts the changes made in commit dff73c6
Review: The description matches the code changes.
c514a532a
Notes: Reverts the changes made in commit 2ce147d
Review: The description matches the code changes.
372b9a574
Notes: Reverts the changes made in commit 87ed927
Review: The description matches the code changes.
Proposal 133950
Summary
- Vote: Adopt
- Hash: Hashes match
- Reasons to adopt: Hotfix + Builds fine + hashes match
Proposal 133951
Summary
- Vote: Adopt
- Hash: Hashes match
- Reasons to adopt: Hotfix + Builds fine + hashes match
Proposal 133952
Summary
- Vote: Adopt
- Hash: Hashes match
- Reasons to adopt: Hotfix + Builds fine + hashes match
Proposal 133953
Summary
- Vote: Adopt
- Hash: Hashes match
- Reasons to adopt: Hotfix + Builds fine + hashes match
Proposal 133900
Vote: ADOPT
Reason: Build is successful and hashes match, I’ve checked all commits in this release and they match their descriptions, therefore I’ve voted to adopt.
Reviews
Features:
[d361dd692] Increased cycles cost for update_message_execution_fee from 590_000 to 5_000_000 and ten_update_instructions_execution_fee from 4 to 10 on application subnets. Updated tests to account for the new values.
[74751adc0] Modified execute_canisters_on_thread method to keep track of total amount of instruction used by each canister and only subtract instruction_overhead_per_canister from the round instruction limit if more than zero instructions have been executed.
[71f3b769c] Extended Batch struct with replica_version field, which is used to propagate the replica version used by the last block from consensus to the execution layer.
[b29e83ac7] Set feature flag for the allowed viewers feature to true and modified a test case in test_log_visibility_of_fetch_canister_logs to expect ok as result when the log are gated by viewers and the caller is in the allow list.
[3006ab867] Already validated as part of previous release.
[39f67a628] Added Vetkd variant to KeyId enum of MasterPublicKeyId and modified signer component to ignore vetkey pre signature requests as they aren’t required. There isn’t much in terms of new functionality as this commit is just initial scaffholding that is required to implement the feature.
[0515bc380] Added MIN_SUPPORTED_CERTIFICATION_VERSION and set it to v17, all_supported_versions has been updated to return all versions between the mininum and maximum supported ones. Modified assert in replicated_state_as_lazy_tree to also check whether current version is equal or above to the min one. Left comment here
[fa22c9fa9] Defined MAX_STREAM_MESSAGES constant which is used to derive the max message index in a stream slice and modified validate_slice function to enforce the limit and return an error if it isnt respected.
[ac6c9d1e5] Reduced MAX_STREAM_MESSAGES constant from 50k to 10k.
[8c2e0c98e] Already validated as part of previous release.
[e7b16eab4] Increased DYNAMIC_DELAY_MAX_NON_RANK_0_BLOCKS and updated tests to account for the change.
[e3c408cd0] Set is_latency_sensitive to true for all ingress messages when building artifacts so all messages are pushed into the ingress pool regardless of size.
[c5e9e2af1] Reduced consensus bouncer refresh period from 3s to 1s.
[237990ccb] Removed validate_ingress_expiry check from validate_request_content and moved it to validate_request where it only occurs if the sender is not anonymous.
[161b12ce8] Added derivation logic to ecdsa_secp256r1 crate.
[993fc8586] Added metrics tool executable and set it up as a service, this will be used to process metrics and export them to prometheus.
Bugfixes:
[f306fcb8c] Added certification_share_height field to NodeMetrics struct, this is used to store the highest agreed upon height in the validated pool. Modified get_node_metrics function to extract this data from node metrics and assign it to the aforementioned field.
[3d590ec5a] Replaced Tokyo’s async locks with sync RwLocs from the standard library.
[e70f04d9f] Changed subnet recovery console logs to display an example of the expected ssh key format.
[55297ccfd] Replaced nns_url references, which were previously missed, with nns_urls.
[ec12a4eea] Increased max allowed header size for Http2 requests to 52KiB
[218fdbcaa] Removed idle future which was used to determine whether the btc adapter were idle and break its main loop if so. The reason for this change is that its implementation was fairly complex and could potentially be misused.
[52bc5275e] Calls to make_idle for connection and blockchain managers have been moved at the top of the main event loop in the bitcoin adapter and are run if the adapter is idle initially so that the managers don’t stay indefinitely in a non idle state for subnets that dont run the btc adapter.
[b56d5e1ba] Use tokyo watch channels to notify the main event loop in the btc adapter when it is no longer idle instead of sleeping 100ms between each check.
[582ce51a6] Removed console log when ipmitool exits with an error status but the MAC address can still be successfully retrieved.
[677aa6862] Bumped thiserror to v1.0.65.
[7be43416d] Bumped typenum to v1.17.0.
[53f97714f] Patch rustix to fix non deterministic builds.
[dac2f36f9] Modified regex used in get_network_settings to more strictly filter out address ranges.
[361d09aeb] Moved calls to selabel_open and selabel_close outside the parallel loop, instead the handle is shared amongst all threads and the context is closed after all threads have terminated.
[3753b4388] Updated default ipv6 prefix and gateway for setupos testnets.
Chores:
[c84916512] Preliminary changes to optimize memory consumption by removing state from previous checkpoint heights more aggressively. remove_inmemory_states_below method takes in a new parameter which is used to pass a set of heights to keep in memory, this in turn will allow to purge from a higher height than it is currently used while still preserving the ones which are still needed.
[80dc25b52] Moved notary related functions and related constants/structs from consensus_utils crate to notary.rs.
[c5e6242f5] Added allow-expect-in-tests = true allow-unwrap-in-tests = true to clippy.toml and removed redundant clippy related allow macros.
[4899bba2c] Updated tower-rs crates.
[54f0fae1c] Added tokio::sync::RwLock to the list of disallowed types in clippy.toml and added allow macros for them where their usage is justified.
[619190192] Bumped rules_rust to 0.53.0
[35a25eaf6] Bumped proc-macro2 to 1.0.89 and removed rules_rust.patch
[7dede601c] Added logs for ip6 routes/show commands outputs and dns servers in eval_command_with_retries. Slightly improved formatting in log_and_halt_installation_on_error
[60ce9d351] Removed some code introduced in the previous releases, since the old certificates have now been removed it is no longer needed.
[36cbd803b] Updated base image refs for ICOS.
Refactoring:
[6c4efce2e] Refactored load_checkpoint by splitting its logic into separate functions.
Proposal 133901
Vote: ADOPT
Reason: Build is successful and hashes match, the proposed changes are the same as 133900 but with feature flag for hashes in block feature enabled.
Proposal 133902
Vote: ADOPT
Reason: Build is successful and hashes match, the proposed changes are the same as 133900 but with docker files updated to use linux kernel version 6.11
Proposal 133938
Vote: REJECT
Reason: Duplicate of 133901
Proposal 133939
Vote: ADOPT
Reason: Build is successful and hashes match, all commits are reverts of changes from previous releases.
1 Like
Proposal 133938: Reject
Rejecting this because it is a duplicate of proposal 133901.
Proposal 133939: Adopt
Build verification passed successfully and the commits simply revert some changes from previous releases.
Proposal 133950: Adopt
Build verification passed successfully.
Proposal 133951: Adopt
Build verification passed successfully.
Proposal 133952: Adopt
Build verification passed successfully.
Proposal 133953: Adopt
Build verification passed successfully.
1 Like
Proposal 133939
Vote: Adopt
Reason: Build is successful. Hashes match.
This proposal consists of 3 commits which serve simply to reverse 3 commits from an earlier release.
1 Like
Proposal 133950
Proposal 133951
Proposal 133952
Proposal 133953
Vote: Adopt
Reason: Voted to adopt all 4 proposals are these are a critical hotfix all consisting of the one same commit, commit matches description and hashes match payloads. The reasoning for the change is clearly explained in the post above.
1 Like