Hello there!
We are happy to announce that voting is now open for a new GuestOS release.
The NNS proposal is here: IC NNS Proposal 137072.
Here is a summary of the changes since the last GuestOS release:
Release Notes for release-2025-06-19_03-24-base (035f978fb5cffaef57f73242e1bb2a56423e84c3
)
This release is based on changes since release-2025-06-12_03-23-base (3564b37939f037ba4d051ada88251c13954597d2
).
Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image.
Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.
To see a full list of commits added since last release, compare the revisions on GitHub.
Features:
678c57630
Consensus,Interface: proxy application subnet requests via the http gateway (#5597)1e49d4d21
Execution,Interface: Add System Api for environment variables (#5418)140fd8eda
Execution,Interface: Verify uploaded snapshot before loading (#5556)e90aafee4
Interface,Message Routing: Have XNetPayloadBuilder prioritize signals (#5504)40fb40a7c
Interface,Message Routing: Exclude loopback stream from the certified state (#5508)5ec9d8184
Node: Remove use ofdfinity.system
kernel arg (#5516)
Bugfixes:
6618ed24c
Execution,Interface: Do not return system state changes on errors for composite queries (#5567)56b6f0e3b
Execution,Interface: Consolidate how caller is extracted from System API (#5542)
Chores:
c95f15d32
Consensus,Interface(idkg): add a new metric for the time taken to create an IDkg payload (#5540)83173d3a8
Execution,Interface: add http outcalls cost metrics (#5562)0d4f7303e
Execution,Interface: Remove mint_cycles API (#5339)eab724998
Execution,Interface: Remove redundant allow clippy (#5555)2d4aeb95a
Execution,Interface: EXC: Updatewasmtime
to 33.0.0 (#5515)99da8cb4a
Execution,Interface(consensus): Filter for just VetKD keys when building VetKD payloads (#5513)78fed0772
Interface,Message Routing: Clarify some checkpointing log messages (#5612)3ef79155d
Interface,Message Routing: Enable incremental manifest computation on the NNS (#5573)60b0e37ea
Interface,Node(node): Remove update-config component (#5607)dce3f7254
Interface,Node: Clean up generate-guestos-config (#5590)b62d0d528
Interface,Node: Remove unused channel from GuestVM config (#5544)cf02b539d
Owners(ICRC_Ledger): Remove unused ic-cdk dependency from icrc-ledger-types (#5599)764122818
Owners(IDX): upgrade to bazel 7.6.1 (#5538)63971ea2b
Node: Update Base Image Refs [2025-06-12-0807] (#5519)df3d8c318
Node(IDX): drop unused icos targets (#5489)
Refactoring:
96cd3f914
Execution,Interface: Use CompositeQuery System Api type (#5550)5f94f7503
Execution,Interface: Drop unnecessary match in is_controller (#5551)71d1cac70
Interface,Node(node): remove old config pipeline (#5414)dc6e5f6cc
Interface,Node: Move Guest VM management script to Rust (#5435)
Other changes:
d1c34bc1e
Interface,Message Routing: “chore: Enable incremental manifest computation on the NNS” (#5586)bad23c4b4
Owners: “fix(IDX): don’t cache jemalloc build (#5174)” (#5534)
Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.
IC-OS Verification
To build and verify the IC-OS GuestOS disk image, after installing curl if necessary (sudo apt install curl
), run:
# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c 035f978fb5cffaef57f73242e1bb2a56423e84c3 --guestos
The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.
While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos
to the script above instead of --guestos
, or the SetupOS by passing --setupos
.