Features:
d073bc43f
Increases sandbox limit DEFAULT_MAX_SANDBOX_COUNT to
10_000.

4070d82b7
Feature flag for canister_snapshot_download and canister_snapshot_upload.

3cdab8309
Adds support for resumable downloads through HTTP Range headers. Updated dependencies (e.g., Mockito, hyper, rand).

7099a3838
Activates the reshare_chain_key endpoint, enabling the consensus layer to perform chain key resharing for VetKeys. It factors out the handling of initial DKG requests (process_setup_initial_dkg_contexts) into a separate function. Dedicated process_reshare_chain_key_contexts for resharing, and updates the remote DKG configuration logic to optionally include a resharing transcript.

0cc84afde
Refines the canister compilation cost handling by distinguishing between full costs for a fresh compilation and reduced costs when a WASM module is cached. Updates the hypervisor to return the adjusted cost and revises tests to clear or preserve the cache as needed.

b5028d836
New timestamp_seconds field (of type uint64) to several high-capacity registry protocol messages (including HighCapacityRegistryValue, HighCapacityRegistryGetValueResponse, and HighCapacityRegistryAtomicMutateRequest).

c3f0331bc
Adds a “total volume” metric to the ICRC-1 ledger canister, tracking cumulative transaction volumes (including transfers, approvals, mints, and burns) as a normalized f64 value using token decimals.

219abad14
Transitions the ledger from heap-based block storage to stable memory using ic-stable-structures, ensuring data persists across upgrades. It removes the old BlockData trait and introduces a new BlockDataContainer trait with global block indices.

6506fe857
Asynchronous checkpoint removal in the StateLayout module by offloading file deletion to a background thread via an unbounded channel and adding detailed metrics for performance monitoring. Flush mechanism to ensure temporary directories are cleaned up before new checkpoints are created.

Bugfixes:
27c9d2b5d
Improves checkpoint file management by excluding the unverified checkpoint marker, processing files in parallel, and using Linux’s syncfs for efficient synchronization. Refactors the checkpoint read-only marking function to operate directly on the CheckpointLayout object.

Chores:
6c830bd2e
Add metrics for validated and invalidated ingress messages—tracking total size, field-level sizes, and processing latency—and refines the validation logic to specifically detect duplicate messages via a new error variant.

3a5e3ec21
Fix cost for Operator::ReturnCallIndirect.

b8ff2bc74
Relocates the Global enum to the ic-management-canister-types-private crate (which is used for management canister types), adds traits like CandidType (to expose it in public interfaces such as canister snapshot metadata), and ensures all users are updated to use the new centralized definition.

9feabf95a
Matches description remove unused dfn build dependencies.

34176db11
Replaces uninformative unwraps with expect calls that provide clear failure context. Reposition logs to capture intent earlier.

d67409872
Updated shell script to enforce maximum file size limits for canister artifacts and OS images. It ensures that file sizes remain within defined thresholds across different IC-OS environments.

7351a7e2b
Bazel to 7.6.0, updating Bazelisk to v1.25.0, and new SHA256 hash for container image.

896cd1f34
Splits the compiler_sandbox from the canister_sandbox, giving each its own SELinux domain and thereby tightening security boundaries. It removes the execmem privilege from the replica and canister_sandbox, pushing it into the newly created compiler_sandbox.

65ece1be4
Update base images.

4267d5b64
Update base images.

Refactoring:
1d63e9f6d
Reformat Rust import statements by consolidating multiple lines into single-line imports with nested braces. No functionality is altered.

7e78d5c32
Moves registry/keys and registry/subnet_type to dev-only usage. Extracts the IngressManagerMetrics struct into a dedicated metrics.rs module.

01b6a4139
Moves the certification logic out of the main rs/consensus crate into a new standalone rs/consensus/certification crate, updating dependencies and imports to match. It also relocates the MINIMUM_CHAIN_LENGTH constant to ic_consensus_utils.

ff89bb980
Removes the deprecated task_queue and on_low_wasm_memory_hook_status fields from CanisterStateBits.

Other changes:
9daac230f
Reverts chore(EXC-1837): Remove execmem permissions.

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.