Proposal to elect new release rc--2025-05-01_03-23

Governance NNS proposal discussions
,
1

Hello there!

We are happy to announce that voting is now open for a new GuestOS release.
The NNS proposal is here: IC NNS Proposal 136728.

Here is a summary of the changes since the last GuestOS release:

Release Notes for release-2025-05-01_03-23-base (f195ba756bc3bf170a2888699e5e74101fdac6ba)

This release is based on changes since release-2025-04-24_03-18-base (f8131bfbc2d339716a9cff06e04de49a68e5a80b).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Features:

  • d511b6665 Execution,Interface: Make CanisterModule writable for snapshot upload (#4885)
  • b0cbc5c18 Interface(ICRC_Ledger): Forbid setting fee collector to minting account (#3800)
  • 4011c442b Interface,Message Routing: Load wasms lazily (#4880)

Bugfixes:

  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)

Chores:

Refactoring:

  • f23d875cd Consensus,Interface: Move nns delegation fetching logic from lib.rs to nns_delegation_manager.rs (#4820)
  • 9ba1a3bcb Execution,Interface,Message Routing: Move unflushed_changes out of snapshots (#4854)
  • c2d568436 Interface(ic): update imports from ic_canisters_http_types to newly published ic_http_types crate (#4866)

Tests:

  • a8f222a9d Execution,Interface: Add wasm types test bazel target and align WasmHash Display implementation with tests (#4923)

Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS GuestOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c f195ba756bc3bf170a2888699e5e74101fdac6ba --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

2 Likes
2

Hello there!

We are happy to announce that voting is now open for a new HostOS release.
The NNS proposal is here: IC NNS Proposal 136729.

Here is a summary of the changes since the last HostOS release:

Release Notes for release-2025-05-01_03-23-base (f195ba756bc3bf170a2888699e5e74101fdac6ba)

This release is based on changes since release-2025-04-24_03-18-base (f8131bfbc2d339716a9cff06e04de49a68e5a80b).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the HostOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Bugfixes:

  • 8c1d16ba8 Node: HostOS upgrade failure (#4934)
  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)

Chores:

Full list of changes (including the ones that are not relevant to HostOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS HostOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c f195ba756bc3bf170a2888699e5e74101fdac6ba --hostos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new HostOS version here, you have the option to verify the build reproducibility of the GuestOS by passing --guestos to the script above instead of --hostos, or the SetupOS by passing --setupos.

1 Like
3

image
image1907×822 58.5 KB

1 Like
4

Proposal 136436 - Hamish | CodeGov

Vote: Adopt
Reason: I have successfully run the build script and in my opinion all the commits listed look fine and match their descriptions.

Screenshot 2025-05-02 at 22.24.40
Screenshot 2025-05-02 at 22.24.401914×970 219 KB

Features:

  • d511b6665 Execution,Interface: Make CanisterModule writable for snapshot upload (#4885)
    Review: Looks fine + matches description
    Notes: Implements CanisterModule::write which allows users to upload the wasm in chunks, this will be used when uploading canister snapshots in chunks.

  • b0cbc5c18 Interface(ICRC_Ledger): Forbid setting fee collector to minting account (#3800)
    Review: Looks fine + matches description
    Notes: Modifies the ICRC ledger such that it traps if the owner attempts to set the fee_collector account to the minting_account.

  • 4011c442b Interface,Message Routing: Load wasms lazily (#4880)
    Review: Looks fine + matches description
    Notes: Introduces the WasmFileStorage struct which will lazy load a wasm from a file path when needed. Then uses this to lazy load wasms within state manager, notably within switch_to_checkpoint it would previously read the bytes of every single canister which can now be skipped by lazily loading wasms and only reading the bytes if and when they are required.

Bugfixes:

  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)
    Review: Looks fine + matches description
    Notes: Updates the journald config to stop applying a rate limit and to increase the max space for the logs to 8GB.

Chores:

  • d2547393b Interface: Bump ic-management-canister-types to v0.3.0 (#4933)
    Review: Looks fine + matches description
    Notes: Bumps ic-management-canister-types from v0.2.1 to v0.3.0.

  • b8ee431b0 Owners: publish canlog and canlog_derive (#4912)
    Review: Looks fine + matches description
    Notes: Introduces the canbench and canbench_derive packages and prepares them for being published to crates.io. These packages extend the existing ic-canister-log package to support log priority levels and filtering.

  • 69fa3a774 Node: Update Base Image Refs [2025-04-25-0148] (#4899)
    Review: Looks fine + matches description
    Notes: Bumps the base IC-OS image references.

  • 0e0d903fd Node: Update Base Image Refs [2025-04-24-0808] (#4889)
    Review: Looks fine + matches description
    Notes: Bumps the base IC-OS image references.

Refactoring:

  • f23d875cd Consensus,Interface: Move nns delegation fetching logic from lib.rs to nns_delegation_manager.rs (#4820)
    Review: Looks fine + matches description
    Notes: No change in functionality, simply moves the logic for fetching NNS delegations out of lib.rs and into the nns_delegation_manager module.

  • 9ba1a3bcb Execution,Interface,Message Routing: Move unflushed_changes out of snapshots (#4854)
    Review: Looks fine + matches description
    Notes: Hoists the unflushed_changes field out of CanisterSnapshots and moves it to the more generalised SystemMetadata::unflushed_checkpoint_ops field. Then restricts the methods to take/delete snapshots so that these operations are always performed via the ReplicatedState which ensures the unflushed_checkpoint_ops field is populated with the details of these operations.

  • c2d568436 Interface(ic): update imports from ic_canisters_http_types to newly published ic_http_types crate (#4866)
    Review: Looks fine + matches description
    Notes: Deletes the ic_canisters_http_types package and switches all usages of it over to the published ic_http_types package.

Tests:

  • a8f222a9d Execution,Interface: Add wasm types test bazel target and align WasmHash Display implementation with tests (#4923)
    Review: Looks fine + matches description
    Notes: Adds wasm_types to the Bazel test targets + modifies the Display implementation of WasmHash to format bytes using {:02x} rather than {:2x}.
About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
5

proposal - [136436] Cyberowl | CodeGov

ic_os
ic_os1254×697 126 KB

Proposals:
136436

Vote: ADOPT

Reason:

We’ve had other image builds fail in the past—this time it was SetupOS, not GuestOS. In previous cases, the decision was to ADOPT, and I’m following that precedent. The build was successful, and all commit descriptions matched the code changes.

Checks

Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH

Overall Summary:

Lazy loading of Wasm files, replacing immediate deserialization with memory-maps files only when accessed. Addition of a write method to the CanisterModule and ModuleStorage types, enabling chunk-by-chunk updates to the Wasm module’s binary data.

Commits Summary

Features

d511b6665
Addition of a write method to the CanisterModule and ModuleStorage types, enabling chunk-by-chunk updates to the Wasm module’s binary data, along with corresponding unit tests to validate this functionality. The code does not enforce chunk order or detect incorrect offsets, overlaps, or gaps. The current implementation ensures correct reconstruction of the Wasm module if chunks are written with accurate offsets.

b0cbc5c18
Matches description Forbid setting the fee collector account to the minting account

4011c442b
Lazy loading of Wasm files, replacing immediate deserialization with memory-maps files only when accessed. It adds a method to enumerate all Wasm files in canisters and snapshots, validates them during checkpoint finalization, and includes metrics to track loading status.

Bugfixes

36b6bb43b
Matches description Remove journald rate limit and increase usable max space for journald logs

Chores

d2547393b
Matches description bump ic-management-canister-types to v0.3.0.

b8ee431b0
Two new Rust crates, canlog and canlog_derive, to extend logging. Enhances logging capabilities for canisters, providing structured logging with priority levels, filtering, and sorting.

69fa3a774
Update base image refs.

0e0d903fd
Update base image refs.

Refactoring

f23d875cd
Moves the load_root_delegation, try_fetch_delegation_from_nns, and get_random_node_from_nns_subnet functions from lib.rs to nns_delegation_manager.rs, along with their associated dependencies and tests. No behavior change.

9ba1a3bcb
Moves snapshot operation tracking from the CanisterSnapshots component into UnflushedCheckpointOps structure within SystemMetadata. Decouple snapshot storage from checkpoint operation tracking. No behavior change to core functionality of snapshot management.

c2d568436
Migration of the ic-canisters-http-types crate to ic-http-types. This change involves renaming the crate, moving it from rs/rust_canisters/http_types to packages/ic-http-types.

Tests

a8f222a9d
New rust_test Bazel target named wasm_types_test. Change to {:02x} in the Display impl for WasmHash ensures the output matches the formatting expected by the existing wasmhash_display test.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
6

Proposal: 136436 Manvick | ZenithCode

Summary:

  1. Build Hash: Build hash from the proposal, local build and CDN matches.
  2. Summary: The release notes matches the code changes
  3. Vote: I vote to adopt the proposal

136436
1364361920×776 150 KB

Commits

Features:

  • d511b6665 Execution,Interface: Make CanisterModule writable for snapshot upload (#4885)
    Review: Matches description + changes are appropriate
    Note: This commit adds a write method to CanisterModule which allows the module’s bytes to be uploaded in chunks which supports implementing snapshot based recovery or uploading large wasm modules.

  • b0cbc5c18 Interface(ICRC_Ledger): Forbid setting fee collector to minting account (#3800)
    Review: Matches description + changes are appropriate
    Note: This commit introduces a safety check to the ledger canister which prevents misconfiguration of ledger initialization. Previously, it was possible to initialize the ledger with fee collector account set to minting account which could potentially lead to inconsistencies.

  • 4011c442b Interface,Message Routing: Load wasms lazily (#4880)
    Review: Matches description + changes are appropriate
    Note: This commit implements lazy loading for wasm binaries which reduces the time spent during a checkpoint creation and loading. Previously, the binaries were eagerly loaded from the disk during checkpointing blocking I/O and longer critical path durations, now the binaries are accessed when explicitly needed.

Bugfixes:

  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)
    Review: Matches description + changes are appropriate
    Note: This commit removes the Journald rate limit and increases maximum space journalId is allowed to use this allows JournalId to accept unlimited burst logs and can use upto 8GB of space ensuring complete log capture.

Chores:

  • d2547393b Interface: Bump ic-management-canister-types to v0.3.0 (#4933)
    Review: Matches description + changes are appropriate
    Note: This commit also updates the ic-management-canister-types to v0.3.0 across all cargo and bezel lockfiles, it also adds a new field wasm_memory_threshold to relevant structures.

  • b8ee431b0 Owners: publish canlog and canlog_derive (#4912)
    Review: Matches description + changes are appropriate
    Note: This commit introduces 2 new crates, canlog and canlog_drive which improve logging capabilities of the system. Also this update modifies dependency versions.

  • 69fa3a774 Node: Update Base Image Refs [2025-04-25-0148] (#4899)
    Review: Matches description + changes are appropriate
    Note: Automated patch. Updates the base image reference for various IC OS components like boundary-guestos, guesos(dev) etcetera.

  • 0e0d903fd Node: Update Base Image Refs [2025-04-24-0808] (#4889)
    Review: Matches description + changes are appropriate
    Note: Automated patch. Updates the base image reference for various IC OS components like boundary-guestos, guesos(dev) etcetera.

Refactoring:

  • f23d875cd Consensus,Interface: Move nns delegation fetching logic from lib.rs to nns_delegation_manager.rs (#4820)
    Review: Matches description + changes are appropriate
    Note: This commit moves the nns delegation fetching logic from lib.rs to nns_delegation_manager.rs which simplifies the main entry point by isolating complex delegation logic into its own module encapsulating it into a reusable testable module

  • 9ba1a3bcb Execution,Interface,Message Routing: Move unflushed_changes out of snapshots (#4854)
    Review: Matches description + changes are appropriate
    Note: This commit decouples snapshot tracking logic from the CanisterSnapshots structure, centralizing unflushed checkpoints operations in SystemMetadata, and makes it cleaner for other subsystem to append operations without reaching to CanisterSnapshots.

  • c2d568436 Interface(ic): update imports from ic_canisters_http_types to newly published ic_http_types crate (#4866)
    Review: Matches description + changes are appropriate
    Note: This commit replaces internal imports from the crate ic-canisters-http-types with the now externally published and maintained crate ic-http-types available on crates.io. This simplified implementation and avoids duplication.

Tests:

  • a8f222a9d Execution,Interface: Add wasm types test bazel target and align WasmHash Display implementation with tests (#4923)
    Review: Matches description + changes are appropriate
    Note: This commit enhances testing and maintainability of wasm_types by adding a rust_test target named wasm_types_test organizing dependencies into different categories enabling unit tests to run via Bezel.
7

Proposal 136436 - Ipsita | ZenithCode

Summary

  1. Vote: Adopt
  2. Hash: All the hashes matches
  3. Reason to Adopt The release notes match the commits and the code changes.

136436
1364361920×753 142 KB

Commits

Features:

  • d511b6665 Execution,Interface: Make CanisterModule writable for snapshot upload (#4885)
    Notes: The commit adds a write method in CanisterModule to allow slice-based updates to WASM module data and automatically recompute its SHA-256 hash.
    Review: Code changes look good and match release notes.

  • b0cbc5c18 Interface(ICRC_Ledger): Forbid setting fee collector to minting account (#3800)
    Notes: A check has been added in the Ledger struct’s setup to prevent the fee_collector account from being equal to the minting_account, using ic_cdk::trap to halt if violated and a corresponding test (test_setting_fee_collector_to_minting_account) was added using the state machine framework to assert this trap triggers during canister installation.
    Review: Code changes look good and match release notes.

  • 4011c442b Interface,Message Routing: Load wasms lazily (#4880)
    Notes: Implements lazy loading for Wasm binaries by postponing disk reads until as_slice() is invoked, with methods like len() accessing only in-memory data.
    Review: Code changes look good and match release notes.

Bugfixes:

  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)
    Notes: Increases journald log retention by setting SystemMaxUse=8G and disables log rate limiting by setting RateLimitBurst=0 and RateLimitIntervalSec=0 to ensure full log capture without suppression.
    Review: Code changes look good and match release notes.

Chores:

  • d2547393b Interface: Bump ic-management-canister-types to v0.3.0 (#4933)
    Notes: The commit updates the ic-management-canister-types crate from version 0.2.1 to 0.3.0, removing the candid_parser dependency and adding a new wasm_memory_threshold field enhancing canister configuration capabilities.
    Review: Code changes look good and match release notes.

  • b8ee431b0 Owners: publish canlog and canlog_derive (#4912)
    Notes: Two new crates are created, canlog and canlog_derive to support advanced logging features like log levels and filtering for canisters and these crates will replace redundant logging code in multiple cross-chain team canisters which will enhance maintainability and uniformity.
    Review: Code changes look good and match release notes.

  • 69fa3a774 Node: Update Base Image Refs [2025-04-25-0148] (#4899)
    Notes: Updates the base container image references to newer versions to have secure container images.
    Review: Code changes look good and match release notes.

  • 0e0d903fd Node: Update Base Image Refs [2025-04-24-0808] (#4889)
    Notes: Updates the base container image references to newer versions to have secure container images.
    Review: Code changes look good and match release notes.

Refactoring:

  • f23d875cd Consensus,Interface: Move nns delegation fetching logic from lib.rs to nns_delegation_manager.rs (#4820)
    Notes: Code for fetching NNS delegation has been moved from lib.rs into a separate file, nns_delegation_manager.rs
    Review: Code changes look good and match release notes.

  • 9ba1a3bcb Execution,Interface,Message Routing: Move unflushed_changes out of snapshots (#4854)
    Notes: The commit refactors the unflushed_changes field of CanisterSnapshots by separating it into “checkpoint operations” that can be reused for snapshot as well as for upcoming canister migration tasks like renaming without affecting the present functionality.
    Review: Code changes look good and match release notes.

  • c2d568436 Interface(ic): update imports from ic_canisters_http_types to newly published ic_http_types crate (#4866)
    Notes: Replaces the internal ic_canisters_http_types crate references to the new ic_http_types crate from crates.io, removing the internal crate and remapping dependencies as a result.
    Review: Code changes look good and match release notes.

Tests:

  • a8f222a9d Execution,Interface: Add wasm types test bazel target and align WasmHash Display implementation with tests (#4923)
    Notes: WasmHash Display implementation is updated for correct formatting to ensure each byte is padded to two characters and adds a Bazel test target for wasm_types, along with test cases to verify the WasmHash output and module file operations.
    Review: Code changes look good and match release notes.
1 Like
8

Proposal 136436 | Yuvika - Zentih Code

Summary

  1. Vote: Adopt
  2. Hash: Hashes match
  3. Reasons to adopt: Builds fine + hashes match + release notes match the commits.

build-136436
build-136436720×390 107 KB

Commits

Features:

  • d511b6665
    Summary: Make CanisterModule writable for snapshot upload.
    Notes: Add a write method to CanisterModule, that can write and upload binary data in slices using the snapshot data upload endpoints.
    Review: The description matches the code changes.

  • b0cbc5c18
    Summary: Forbid setting fee collector to minting account.
    Notes: Implement a safety check in ledger initialization to prevent setting the fee collector account to the minting account.
    Review: The description matches the code changes.

  • 4011c442b
    Summary: Routing: Load wasms lazily.
    Notes: Reduce time spent in the critical path of checkpointing by implementing lazy loading for wasm files like pagemaps. Previously, it was a blocking call to switch_to_checkpoint, but this change will improve performance.
    Review: The description matches the code changes.

Bugfixes:

  • 36b6bb43b
    Summary: Remove journald rate limit and increase usable max space for journald logs.
    Notes: Update variables in journald.conf to SystemMaxUse=8G, RateLimitBurst=0, and RateLimitIntervalSec=0.
    Review: The description matches the code changes.

Chores:

  • d2547393b
    Summary: Bump ic-management-canister-types to v0.3.0.
    Notes: Upgrade ic-management-canister-types from v0.2.1 to v0.3.0.
    Review: The description matches the code changes.

  • b8ee431b0
    Summary: publish canlog and canlog_derive.
    Notes: Add canlog and canlog_derive crates in packages to be able to publish them on crates.io. And provide advanced logging features such as filtering/sorting etc. over the existing one ic-canister-log.
    Review: The description matches the code changes.

  • 69fa3a774
    Summary: Update Base Image Refs [2025-04-25-0148].
    Notes: Update the base image references used for IC OS.
    Review: The description matches the code changes.

  • 0e0d903fd
    Summary: Update Base Image Refs [2025-04-24-0808].
    Notes: Update the base image references used for IC OS.
    Review: The description matches the code changes.

Refactoring:

  • f23d875cd
    Summary: Move nns delegation fetching logic from lib.rs to nns_delegation_manager.rs.
    Notes: Refactor and move nns delegation fetching logic from lib.rs to another file nns_delegation_manager.rs
    Review: The description matches the code changes.

  • 9ba1a3bcb
    Summary: Move unflushed_changes out of snapshots.
    Notes: Refactor the concept snapshot operations to a more general concept of checkpoint operations, i.e. move unflushed_changes field from CanisterSnapshots to SystemMetadata::unflushed_checkpoint_op. There should be no behaviour change.
    Review: The description matches the code changes.

  • c2d568436
    Summary: update imports from ic_canisters_http_types to newly published ic_http_types crate.
    Notes: Rename rs/rust_canisters/http_types to packages/ic-http-types.
    Review: The description matches the code changes.

Tests:

  • a8f222a9d
    Summary: Add wasm types test bazel target and align WasmHash Display implementation with tests.
    Notes: Add rust_test, to Bazel build which is also called wasm_types_test. Update {:2x} to {:02x} in the Display implementation to format bytes.
    Review: The description matches the code changes.
9

Proposal 136436 | Tim - CodeGov

Screenshot 2025-05-05 112502
Screenshot 2025-05-05 1125021243×324 15.4 KB

Vote: Adopt

Reason: Build is successful, hashes match, commits match descriptions and the reasoning behind the changes is sound. I’ve reviewed all commits as detailed below.

Review

Features:

[d511b6665]
Adds new method CanisterModule::write, which in turn calls a new method ModuleStorage::write, serving to overwrite a portion of a wasm module and update the hash accordingly, with the intention of allowing a module to be uploaded chunk by chunk.

[b0cbc5c18]
Adapts Ledger::from_init_args method so that it will trap if the specified fee_collector_account and minting_account are the same.

[4011c442b]
Replaces WasmFile::deserialize method with WasmFile::lazy_load_with_module_hash, which includes an optional file len parameter so as to avoid the potentially expensive operation of fetching the file’s metadata. Adds _checkpoint field to WasmFile<Permissions> so that the checkpoint can be maintained and the wasm file loaded asynchronously, along with further associated code changes, additional metrics and tests.

Bugfixes:

[36b6bb43b]
Removes rate limits and sets SystemMaxUse=8G in ic-os/components/monitoring/journald.conf.

Chores:

[d2547393b]
Updates ic-management-canister-types to version 0.3.0.

[b8ee431b0]
Adds new crates canlog and canlog_derive with the eventual intention of publishing them on crates.io and replacing some of the canister logging functionality of existing crates as specified in the commit notes.

[69fa3a774] [0e0d903fd]
Update Boundary GuestOS, GuestOS, HostOS and SetupOS base image container references.

Refactoring:

[f23d875cd]
Moves NNS delegation fetching logic from lib.rs to nns_delegation_manager.rs within rs/http_endpoints/public/src/ as per description.

[9ba1a3bcb]
Removes unflushed_changes field from CanisterSnapshots and replaces it in SystemMetadata as unflushed_checkpoint_ops, representing modifications to the state that have not yet been applied to the next checkpoint. Adapts and moves the associated logic so that this field can also be used for some of the upcoming canister migration logic.

[c2d568436]
Removes the rs/rust_canisters/http_types/ directory/crate and changes imports throughout the repo to use the newly published (to crates.io) ic-http-types crate instead.

Tests:

[a8f222a9d]
Converts tests in wasm_types/src/lib.rs into a Bazel target and adapts the WasmHash display format to align with the 'wasmhash_display` test.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neurons’ Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralisation of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

2 Likes
10

Proposal: 136447 Manvick | ZenithCode

Summary:

  1. Build Hash: Build hash from the proposal, local build and CDN matches.
  2. Summary: The release notes matches the code changes
  3. Vote: I vote to adopt the proposal

136447
1364471856×704 127 KB

Commits

Bugfixes:

  • 8c1d16ba8 Node: HostOS upgrade failure (#4934)
    Review: Matches description + changes are appropriate
    Note: This commit fixes the error occurring due to addition of new field, vm_nr_of_vcpus in update-config which ran after generate-guestos-config.service, causing issues. Now,update-config runs before, fixing the issue

  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)
    Review: Matches description + changes are appropriate
    Note: This commit removes journald rate limit and increases maximum log space to 8 GB improving log retention and observatibility

Chores:

  • 910c4ac9d Node: Use get_config_value to read from config object (#4941)
    Review: Matches description + changes are appropriate
    Note: This commit modifies metric reporting by replacing direct file parsing with a get_config_value helper to retrieve the HostOS config version.

  • 69fa3a774 Node: Update Base Image Refs [2025-04-25-0148] (#4899)
    Review: Matches description + changes are appropriate
    Note: Automated patch. Updates the base image reference for various IC OS components like boundary-guestos, guesos(dev) etcetera

  • 0e0d903fd Node: Update Base Image Refs [2025-04-24-0808] (#4889)
    Review: Matches description + changes are appropriate
    Note: Automated update to refresh the base container image references for the ICOS components.

11

Proposal 136447 - Ipsita | ZenithCode

Summary

  1. Vote: Adopt
  2. Hash: All the hashes matches
  3. Reason to Adopt The release notes match the commits and the code changes.

136447
1364471918×818 149 KB

Commits

Bugfixes:

  • 8c1d16ba8 Node: HostOS upgrade failure (#4934)
    Notes: This commit fixes a HostOS upgrade issue by updating the service order so that update-config.service runs before generate-guestos-config.service which makes the new vm_nr_of_vcpus value available during config generation.
    Review: Code changes look good and match release notes.
  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)
    Notes: Increases journald log retention by setting SystemMaxUse=8G and disables log rate limiting by setting RateLimitBurst=0 and RateLimitIntervalSec=0 to ensure full log capture without suppression.
    Review: Code changes look good and match release notes.

Chores:

  • 910c4ac9d Node: Use get_config_value to read from config object (#4941)
    Notes: Updates are made to the reading of the HostOS config version by replacing direct jq parsing of /boot/config/config.json with the get_config_value helper from config.sh
    Review: Code changes look good and match release notes.
  • 69fa3a774 Node: Update Base Image Refs [2025-04-25-0148] (#4899)
    Notes: Updates the base container image references to newer versions to have secure container images.
    Review: Code changes look good and match release notes.
  • 0e0d903fd Node: Update Base Image Refs [2025-04-24-0808] (#4889)
    Notes: Updates the base container image references to newer versions to have secure container images.
    Review: Code changes look good and match release notes.
12

proposal - 136447 Cyberowl | CodeGov

host_os
host_os1253×489 89.8 KB

Vote: ADOPT

Reason:

The build was successful, and all the commit descriptions matched the changes in the code.

Checks

Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH

Bugfixes

8c1d16ba8
Added update-config.service to generate-guestos-config.service to fix HostOS upgrade failure.

36b6bb43b
Matches description Remove journald rate limit and increase usable max space for journald logs

Chores

910c4ac9d
Replaces direct file access using jq on /boot/config/config.json with a call to get_config_value (from config.sh) to retrieve .config_version.

69fa3a774
Update base image refs.

0e0d903fd
Update base image refs.

13

image
image1917×588 42.4 KB

14

Proposal 136447 | Tim - CodeGov

IMAGE

Vote: Adopt

Reason: Build is successful, hashes match (see image above), commits match descriptions and the reasoning behind the changes is sound. Three of the 5 commits have already been reviewed for proposal 136436. The remaining 2 are as follows:

[8c1d16ba8]
Adapts generate-guestos-config.service to ensure that update-config.service runs before it and sets an initial value for vm_nr_of_vcpus, thus preventing generate-guestos.sh from failing.

[910c4ac9d]
Adapts hostos-scripts/monitoring/custom-metrics.sh so that the HostOS config version is obtained from boot/config/config.json using the get_config_value function in config.sh instead of directly. This function returns an empty string if the value is not found.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neurons’ Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralisation of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

15

Proposal 136447 | Yuvika - Zentih Code

Summary

  1. Vote: Adopt
  2. Hash: Hashes match
  3. Reasons to adopt: Builds fine + hashes match + release notes match the commits.

build-136447
build-136447720×394 110 KB

Commits

Bugfixes:

  • 8c1d16ba8
    Summary: HostOS upgrade failure.
    Notes: Re-run update-config service to write the new-_new_ config version to disk to prevent generate-guestos.sh from failing, as it didn’t have the default value for vm_nr_of_vcpus since update-config service runs after generate-guestos-config.service.
    Review: The description matches the code changes.

  • 36b6bb43b
    Summary: Remove journald rate limit and increase usable max space for journald logs.
    Notes: Update variables in journald.conf to SystemMaxUse=8G, RateLimitBurst=0, and RateLimitIntervalSec=0.
    Review: The description matches the code changes.

Chores:

  • 910c4ac9d
    Summary: Use get_config_value to read from config object.
    Notes: Use get_config_value to read the config object in custom-metrics.sh.
    Review: The description matches the code changes.

  • 69fa3a774
    Summary: Update Base Image Refs [2025-04-25-0148].
    Notes: Update the base image references used for IC OS.
    Review: The description matches the code changes.

  • 0e0d903fd
    Summary: Update Base Image Refs [2025-04-24-0808].
    Notes: Update the base image references used for IC OS.
    Review: The description matches the code changes.

16

Proposal 136447 - Hamish | CodeGov

Vote: Adopt
Reason: I have successfully run the build script and in my opinion all the commits listed look fine and match their descriptions.

Screenshot 2025-05-07 at 08.58.50
Screenshot 2025-05-07 at 08.58.501914×970 205 KB

Bugfixes:

  • 8c1d16ba8 Node: HostOS upgrade failure (#4934)
    Review: Looks fine + matches description
    Notes: Forces the generate-guestos-config.service to run after update-config.service so that the newly added vm_nr_of_vcpus is first written to disk before the GuestOS config is generated.

  • 36b6bb43b Node: Remove journald rate limit and increase usable max space for journald logs (#4893)
    Review: Looks fine + matches description
    Notes: This was covered in my review of proposal 136436.

Chores:

  • 910c4ac9d Node: Use get_config_value to read from config object (#4941)
    Review: Looks fine + matches description
    Notes: Switches to using the get_config_value helper function rather than directly using jq to read the config version within HostOS.

  • 69fa3a774 Node: Update Base Image Refs [2025-04-25-0148] (#4899)
    Review: Looks fine + matches description
    Notes: This was covered in my review of proposal 136436.

  • 0e0d903fd Node: Update Base Image Refs [2025-04-24-0808] (#4889)
    Review: Looks fine + matches description
    Notes: This was covered in my review of proposal 136436.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

17

Proposal 136436 – Zane | CodeGov

Vote: ADOPT
Reason: Build completes successfully, both hashes and reviewed commits match their descriptions, so I’ve voted to adopt.

136436
1364361806×448 102 KB

Features:

d511b6665 Implement write method for both CanisterModule and ModuleStorage structs. For ModuleStorage the method works as follows: provided a buffer and an offset, it will overwrite the module’s bytes ranging from the given offset to offset + buffer’s length. A bound check is performed to ensure the range’s end doesn’t exceed module’s, then if module’s storage is in memory the existing Arc wrapped byte array is cloned, otherwise an Arc wrapped vector from the mmapped file’s content is created. The existing module’s bytes are replaced with the buffer starting from the offset and finally assigned as new value of the ModuleStorage instance. CanisterModule’s write method tries to overwrite the module storage by calling ModuleStorage’s write on it, if the operation is successful, the module_hash field is updated with the new module’s Sha256, otherwise an error is returned. 2 unit tests have been added to validate the methods work properly: test_chunk_write_to_module creates a CanisterModule instance and ensures that if it is overwritten with the same data as the original module both the module’s content and hash match and if the bound check fails an error is returned.
test_write_module_file checks whether a CanisterModule instance created from a file backed module is successfully overwritten by calling write on it.

b0cbc5c18 Added check in from_init_args icrc1 ledger’s method to prevent setting the same value for both fee collector and minting accounts. Added test_setting_fee_collector_to_minting_account test to ensure an error is returned if minting and fee collector are set to the same account and installation succeeds otherwise.

4011c442b Refactored ModuleStorage to add support for lazy loading of on disk wasm files. When an instance of ModuleStorage is created by calling new_from_file method, the file is no longer immediately mmaped, instead a thread safe, shareable, optional reference to any type of file that can be memory mapped is stored in the file field of WasmFileStorage and only when it is first accessed, the resulting mmap will be saved into the mmap field. This is particularly useful when updating the tip replicated state in switch_to_checkpoint as it no longer needs to read the wasm binary for all canisters. Snapshot and canister state loading have also been updated to use the lazy loading behavior.

Bugfixes:

36b6bb43b Disabled systemd default burst limit for log messages and rate limiting interval. Set total disk space the journal can use to 8 GiB.

Chores:

d2547393b Bumped ic-management-canister-types from 0.2.1 to v0.3.0.

b8ee431b0 Created crates canlog and canlog_derive crates in packages dir to provide more advanced logging logic and unify it across different crates.

69fa3a774, 0e0d903fd Updated ICOS image refs.

Refactoring:

f23d875cd Moved logic used to fetch nns delegations and related tests out of lib.rs to nns_delegation_manager.rs

9ba1a3bcb Refactored unflushed_changes out of CanisterSnapshots to SystemMetadata. The visibility of push, remove and delete_snapshots CanisterSnapshots methods has been restricted to be crate only instead of public, as they should no longer be used directly in the execution environment, their usage has been replaced with new methods added to SystemMetadata, which perform the snapshot push/removal action and then adds it to the list of unflushed checkpoint operations.

c2d568436 Replaced imports for ic_canisters_http_types to the published version ic-http-types.

Tests:

a8f222a9d Moved test_chunk_write_to_module and test_write_module_file to test submodule, added wasm_types_test test target and organized dependencies into variables. Slightly modified std::fmt::Display implementation for WasmHash to display a hexadecimal number with a minimum width of 2 characters and pad with zeros if needed.

Proposal 136447 – Zane | CodeGov

Vote: ADOPT
Reason: Build completes successfully, both hashes and reviewed commits match their descriptions, so I’ve voted to adopt.

136447
1364471803×449 102 KB

Bugfixes:

8c1d16ba8 Temporarily re-ordered update-config service to run before generate-guestos-config to prevent generate-guestos-config.sh failure.

36b6bb43b Disabled systemd default burst limit for log messages and rate limiting interval. Set total disk space the journal can use to 8 GiB.

Chores:

910c4ac9d In update_config_version_metric use get_config_value helper function to retrieve config version instead of jq parsing from config.json.

69fa3a774, 0e0d903fd Updated ICOS image refs.

18

We experienced an issue in our release automation, resulting in the unintended re-submission of proposals for these older IC-OS versions:

Our sincere apologies for any confusion or inconvenience caused.

The DRE team is implementing measures to ensure this does not occur again.
DFINITY will vote to reject these proposals.

4 Likes
19

Thanks @sat . Duly noted and voted to reject these accordingly.

2 Likes
20

Thank you sat for the quick clarification. I will vote to reject those proposals.

2 Likes