Proposal to elect new release rc--2025-07-03_03-27

Governance NNS proposal discussions
,
1

Hello there!

We are happy to announce that voting is now open for a new GuestOS release.
The NNS proposal is here: IC NNS Proposal 137224.

Here is a summary of the changes since the last GuestOS release:

Release Notes for release-2025-07-03_03-27-base (e915efecc8af90993ccfc499721ebe826aadba60)

This release is based on changes since release-2025-06-26_03-25-base (60fb469c46e44e6071193a3314cc442044fcf17a).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image.
Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Features:

  • b9b09f1a7 Consensus,Interface: enable non replicated outcalls (#5715)
  • 31cc277dd Interface: add CORS for websocket endpoint & limit websocket per-ip subscriptions (#5736)
  • de979d5c3 Interface,Message Routing: Compute missing manifest incrementally upon restart (#5606)
  • a5673c227 Interface,Node: Upgrade images to SEV-SNP compatible base images (#4321)
  • 6b57b1499 Interface,Node: Add new fields to GuestOSConfig for Upgrade Guest VM and extend testing (#5732)
  • 26c76265c Node: grub-upgrader component (#5654)

Bugfixes:

  • a022d7c93 Execution,Interface: ignore canister history memory usage in canister invariant checks (#5758)
  • ca4f7254f Execution,Interface: Create correct event when creating a snapshot from metadata (#5731)

Chores:

  • 70f2eb53f Consensus,Interface: Distinguish transient VetKD payload errors where NiDkgTranscript wasn’t loaded yet (#5681)
  • c61ca77e0 Consensus,Interface: Enable incremental manifest computation on the NNS (#5670)
  • 79301c37d Crypto,Interface(crypto): Add interfaces allowing interpolation setup to be infallible if node IDs can be checked unique (#5692)
  • 201f20c06 Execution,Interface: Cleanup signal_stack module (#5793)
  • 1658b33cd Execution,Interface: EXC: Bump wasmtime version to 33.0.1 (#5719)
  • 51e3dd90b Interface: remove ic-starter (#5748)
  • 19502f0c9 Interface(ic-registry-transport): Add timestamp_nanoseconds to RegistryValue (#5707)
  • 540e1f788 Interface,Message Routing: Rename serialize_protos_to_tip to reflect async protos writing (#5780)
  • 4411f8746 Interface,Message Routing: Improve checkpointing metrics (#5741)
  • 9eeb25685 Interface,Message Routing: State tool to visualize overlay files (#5726)
  • 41ba1c2de Interface,Node: Remove unused NodeType::BoundaryOS (#5735)
  • dd82c205d Node: Add grub version metric (#5693)

Refactoring:

  • dccc4854a Execution,Interface: Restructure wasmtime_embedder module (#5792)
  • e89267d2b Interface,Node(node): Organize config tool into hostos and setupos directories (#5702)
  • 81be9cfa2 Interface,Node(node): deployment_json.rs and deployment.json.template (#5407)

Tests:

  • 7ca4df627 Node: Introduce new IC-OS image target that can be used in tests (#5710)

Other changes:

Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS GuestOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c e915efecc8af90993ccfc499721ebe826aadba60 --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

2

Hello there!

We are happy to announce that voting is now open for a new HostOS release.
The NNS proposal is here: IC NNS Proposal 137226.

Here is a summary of the changes since the last HostOS release:

Release Notes for release-2025-07-03_03-27-base (e915efecc8af90993ccfc499721ebe826aadba60)

This release is based on changes since release-2025-06-26_03-25-base (60fb469c46e44e6071193a3314cc442044fcf17a).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the HostOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Features:

  • a5673c227 Interface,Node: Upgrade images to SEV-SNP compatible base images (#4321)
  • 6b57b1499 Interface,Node: Add new fields to GuestOSConfig for Upgrade Guest VM and extend testing (#5732)
  • 26c76265c Node: grub-upgrader component (#5654)

Bugfixes:

Chores:

Refactoring:

  • e89267d2b Interface,Node(node): Organize config tool into hostos and setupos directories (#5702)
  • 81be9cfa2 Interface,Node(node): deployment_json.rs and deployment.json.template (#5407)

Other changes:

Full list of changes (including the ones that are not relevant to HostOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS HostOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c e915efecc8af90993ccfc499721ebe826aadba60 --hostos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new HostOS version here, you have the option to verify the build reproducibility of the GuestOS by passing --guestos to the script above instead of --hostos, or the SetupOS by passing --setupos.

3

Proposals 137224 & 137226 | Tim - CodeGov

Screenshot 2025-07-04 215546
Screenshot 2025-07-04 2155461242×327 15.7 KB

Vote: Adopt

Reason: Build is successful, hashes match, commits match descriptions and the reasoning behind the changes is sound. I’ve reviewed commits for Consensus, Crypto and Interface as detailed below.

Review

Features:

[b9b09f1a7]
Allows http outcalls to occur in the case that CanisterHttpRequestArgs::is_replicated == Some(false), so long as nodes are available for delegation, in which case one will be selected randomly. The commit description gives a very helpful and detailed description of further associated changes.

[31cc277dd]
Adds CORS (Cross-Origin Resource Sharing) for websockets endpoints and adds a limit for subscribers allowed per topic per IP (5 by default).

[de979d5c3]
Adapts StateManagerImpl::new so that manifest data are built starting from the largest height where both the bundled_manifest and the checkpoint_layout are available.

[a5673c227]
Updates GuestOS, HostOS and SetupOS base image container references.

[6b57b1499]
Adds fields guest_vm_type and upgrade_config to type GuestOSConfig, along with changes to dependencies and related tests.

Chores:

[70f2eb53f]
Adds a label validation_failed_nidkg_transcript_not_loaded to the existing validation_failed label, to be used in the event that NiDkgTranscript is not yet loaded and to accompany the transient error that is expected to occur in the first few seconds after a summary block is formed.

[c61ca77e0]
Repeats the change in commit 3ef79155d, which changed StateManagerImpl::create_checkpoint_and_switch to allow incremental manifest computation on the NNS subnet rather than specifically disallowing it on this subnet, but also modifies system tests to account for the change.

[79301c37d]
Splits the existing InterpolationError enum into InterpolationError and InvalidNodeIndices, adapts the implementation of LagrangeCoefficients accordingly so that the methods are now infallible, and adds new type and impl NodeIndices.

[51e3dd90b]
Removes the now redundant ic-starter package and associated directory.

[19502f0c9]
Adds field timestamp_nanoseconds to type RegistryValue + associated code changes.

[540e1f788]
Renames the serialize_protos_to_tip metric to serialize_protos_to_checkpoint_readwrite and similarly renames related elements.

[4411f8746]
Renames and reorganises checkpointing metrics, as per description.

[9eeb25685]
Adds a command parse_overlay to the state tools which serves to print out the index part of an overlay file in human-readable form.

[41ba1c2de]
Removes the now unused node type BoundaryOS from the NodeType enum.

Refactoring:

[e89267d2b]
Reorganises the existing ic_os/config/ code into hostos and setupos directories.

[81be9cfa2]
Renames several elements in rs/ic_os/config/src/deployment_json.rs and related code, including some type changes.

Other changes:

[cbd09ff73]
Upgrades IC build container to Ubuntu version 24.04.

HostOS-only changes:

[d24ea60d8]
Fixes 2 mistyped lines in guest_vm_runner/BUILD.bazel.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, API Boundary Node Management, Node Admin and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neurons’ Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralisation of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
4

Proposal 137224 & 137226 - Hamish | CodeGov

Vote: Adopt
Reason: I have successfully run the build script and in my opinion all the commits listed look fine and match their descriptions.

Screenshot 2025-07-05 at 23.28.49
Screenshot 2025-07-05 at 23.28.491914×938 305 KB

Features:

  • b9b09f1a7 Consensus,Interface: enable non replicated outcalls (#5715)
    Review: Looks fine + matches description
    Notes: Implements the ability to optionally make HTTP out calls from a single node (rather than it being made from each node). When is_replicated is set to false, a (deterministically) random node is chosen to make the request, that node makes the request and inserts the response into the replicated state so that it is gossiped to the other nodes.

  • 31cc277dd Interface: add CORS for websocket endpoint & limit websocket per-ip subscriptions (#5736)
    Review: Looks fine + matches description
    Notes: Updates ic_boundary to add a CORS middleware layer to the canister logs route, so that canister logs may be accessed via cross-origin requests, and also supports limiting the number of websocket subscribers per IP for each canister’s logs.

  • de979d5c3 Interface,Message Routing: Compute missing manifest incrementally upon restart (#5606)
    Review: Looks fine + matches description
    Notes: Updates the state manager such that after a node restarts, then for each height in checkpoint_layouts_to_compute_manifest, it now attempts to find the data necessary to create a manifest delta so that the manifest can be computed incrementally, if this isn’t found it falls back to doing a complete computation.

  • a5673c227 Interface,Node: Upgrade images to SEV-SNP compatible base images (#4321)
    Review: Looks fine + matches description
    Notes: Updates the base IC-OS images to versions which are compatible with SEV-SNP.

  • 6b57b1499 Interface,Node: Add new fields to GuestOSConfig for Upgrade Guest VM and extend testing (#5732)
    Review: Looks fine + matches description
    Notes: Adds 2 new fields (guest_vm_type and upgrade_config) to the GuestOS config, and then extends the config compatibility tests to additionally cover GuestOS rather than only covering HostOS.

  • 26c76265c Node: grub-upgrader component (#5654)
    Review: Looks fine + matches description
    Notes: Implements the grub-upgrader.service which checks if the in use grub configuration matches the desired grub config, and if not, updates the grub config and reboots.

Bugfixes:

  • a022d7c93 Execution,Interface: ignore canister history memory usage in canister invariant checks (#5758)
    Review: Looks fine + matches description
    Notes: Updates CanisterState::check_invariants to exclude the canister history memory usage when checking that a canister’s memory usage has not exceeded its memory limit.

  • ca4f7254f Execution,Interface: Create correct event when creating a snapshot from metadata (#5731)
    Review: Looks fine + matches description
    Notes: Fixes the event that gets pushed to the checkpoint operations log when a snapshot is created from metadata to be UploadSnapshotMetadata rather than TakeSnapshot.

Chores:

  • 70f2eb53f Consensus,Interface: Distinguish transient VetKD payload errors where NiDkgTranscript wasn’t loaded yet (#5681)
    Review: Looks fine + matches description
    Notes: Uses a different metrics label when an error occurs validating a VetKey payload, if the validation failed because the NiDkgTranscript has not been loaded yet. This is because this scenario happens in the first few seconds after a summary block, so it is useful to distinguish them from other errors.

  • c61ca77e0 Consensus,Interface: Enable incremental manifest computation on the NNS (#5670)
    Review: Looks fine + matches description
    Notes: Re-applies the previously reverted PR to enable incremental manifest computation on the NNS subnet now that the test flakiness caused by the original PR has been resolved.

  • 79301c37d Crypto,Interface(crypto): Add interfaces allowing interpolation setup to be infallible if node IDs can be checked unique (#5692)
    Review: Looks fine + matches description
    Notes: Updates the various LagrangeCoefficients functions to be infallible (rather than returning Result) by introducing the new NodeIndices struct which can only successfully be constructed if the node indexes are all unique. Previously, the various functions would return Err if the indexes contained duplicated.

  • 201f20c06 Execution,Interface: Cleanup signal_stack module (#5793)
    Review: Looks fine + matches description
    Notes: Updates signal_stack.rs within the wasmtime embedder by simply fixing a function name in a doc comment and removing two lines of commented out code.

  • 1658b33cd Execution,Interface: EXC: Bump wasmtime version to 33.0.1 (#5719)
    Review: Looks fine + matches description
    Notes: Bumps wasmtime from 33.0.0 to 33.0.1.

  • 51e3dd90b Interface: remove ic-starter (#5748)
    Review: Looks fine + matches description
    Notes: Removes the ic-starter executable, which was previously used for spinning up local test replicas, now that it has been supplanted by PocketIC.

  • 19502f0c9 Interface(ic-registry-transport): Add timestamp_nanoseconds to RegistryValue (#5707)
    Review: Looks fine + matches description
    Notes: Adds the timestamp_nanoseconds field to each RegistryValue instance, which for now is always set to 0.

  • 540e1f788 Interface,Message Routing: Rename serialize_protos_to_tip to reflect async protos writing (#5780)
    Review: Looks fine + matches description
    Notes: Renames serialize_protos_to_tip to serialize_protos_to_checkpoint_readwrite because the serialization bypasses the tip thread and writes directly to the checkpoint.

  • 4411f8746 Interface,Message Routing: Improve checkpointing metrics (#5741)
    Review: Looks fine + matches description
    Notes: Splits some checkpoint metrics into more granular values and updates the code comments at the start of create_checkpoint_and_switch.

  • 9eeb25685 Interface,Message Routing: State tool to visualize overlay files (#5726)
    Review: Looks fine + matches description
    Notes: Extends the state tool by adding the new parse_overlay command which parses the overlay files and outputs their page indices. The plan is to use this for debugging in the future.

  • 41ba1c2de Interface,Node: Remove unused NodeType::BoundaryOS (#5735)
    Review: Looks fine + matches description
    Notes: Removes the BoundaryOS subtype from the NodeType enum now that it is no longer used.

  • dd82c205d Node: Add grub version metric (#5693)
    Review: Looks fine + matches description
    Notes: Adds the grub-version.service which runs once to write the hash of the grub config to the new grub_config_version metric and the bootx64.efi hash to the new grub_efi_version metric.

Refactoring:

  • dccc4854a Execution,Interface: Restructure wasmtime_embedder module (#5792)
    Review: Looks fine + matches description
    Notes: This makes two minor changes, the first is to move the location of the signal_handler module within embedders, then the 2nd is to rename the tests module.

  • e89267d2b Interface,Node(node): Organize config tool into hostos and setupos directories (#5702)
    Review: Looks fine + matches description
    Notes: Modifies the directory structure of the config tool by creating setupos and hostos directories and moving code specific to each OS into its own directory.

  • 81be9cfa2 Interface,Node(node): deployment_json.rs and deployment.json.template (#5407)
    Review: Looks fine + matches description
    Notes: Updates the naming of a few fields within deployment_json.rs to add more clarity now that backwards compatibility is no longer required.

Tests:

  • 7ca4df627 Node: Introduce new IC-OS image target that can be used in tests (#5710)
    Review: Looks fine + matches description
    Notes: Introduces the new disk-img-for-tests target which is similar to the published target but populate_b_partitions set to true. This is my first time encountering “B partitions” so I’m not actually 100% sure what this is doing, but it is only used for test code, and I am confident that nothing untoward is being done by this change.

Other changes:

  • cbd09ff73 Interface,Node: Upgrade build container to 24.04 (#5615)
    Review: Looks fine + matches description
    Notes: Bumps the build container back to Ubuntu 24.04. This was previously attempted a few weeks ago but had to be reverted due to issues that have subsequently been resolved.
About CodeGov - reliable, credible, and sensible NNS governance
CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron's Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.
1 Like
5

Proposal: 137224 & 137226 - Ipsita | ZenithCode

Summary:

  1. Build Hash: Build has from the proposal, local build and CDN matches and is “12e1307142126c5dffc61e57b5d77261126d12493bfab43b40a152e2598a68bc”.
  2. Summary: The release notes matches the code changes
  3. Vote: I vote to adopt the proposals
    image
    image2026×922 338 KB
Commits

Features:

  • b9b09f1a7 Consensus,Interface: enable non replicated outcalls (#5715)
    Notes: Enables non-replicated HTTP outcalls by assigning requests to a single node via NonReplicated(node_id), updating execution and validation logic accordingly, and adds a metric to track such responses.
    Review: Code changes look good and match release notes.

  • 31cc277dd Interface: add CORS for websocket endpoint & limit websocket per-ip subscriptions (#5736)
    Notes: This commit implements CORS for the /logs/canister WebSocket endpoint and enforces per-topic per-IP subscriber limits using a moka cache in LogsState, with updated CLI flags.
    Review: Code changes look good and match release notes.

  • de979d5c3 Interface,Message Routing: Compute missing manifest incrementally upon restart (#5606)
    Notes: Enables incremental manifest recomputation on restart by deriving ManifestDelta from the latest lower checkpoint with a bundled_manifest, and validates it using purge_manifest API and chunk-level hashing metrics.
    Review: Code changes look good and match release notes.

  • a5673c227 Interface,Node: Upgrade images to SEV-SNP compatible base images (#4321)
    Notes: This commit upgrades base container images to SEV-SNP compatible versions, adds the msr module to initramfs guestos and hostos modules, and updates QEMU VM XML files to use pc-q35-9.2 machine type and /usr/bin/qemu-system-x86_64 emulator paths.
    Review: Code changes look good and match release notes.

  • 6b57b1499 Interface,Node: Add new fields to GuestOSConfig for Upgrade Guest VM and extend testing (#5732)
    Notes: Adds guest_vm_type and upgrade_config fields to GuestOSConfig with updated serialization; extends compatibility tests and adds new JSON fixtures to support Guest VM upgrades and ensure backward compatibility.
    Review: Code changes look good and match release notes.

  • 26c76265c Node: grub-upgrader component (#5654)
    Notes: This commit adds grub-upgrader component with a systemd service and script that updates grub.cfg after verifying boot stability via /grub/grubenv, modifies bootloader configs with fallback, and reboots the system.
    Review: Code changes look good and match release notes.

Bugfixes:

  • a022d7c93 Execution,Interface: ignore canister history memory usage in canister invariant checks (#5758)
    Notes: Ignores canister_history_memory_usage in check_invariants() by adjusting the memory limit comparison to memory_used > memory_limit + canister_history_memory_usage, and adds a test to validate that canister invariant checks no longer fail due to canister history growth.
    Review: Code changes look good and match release notes.

  • ca4f7254f Execution,Interface: Create correct event when creating a snapshot from metadata (#5731)
    Notes: Replaces state.take_snapshot() with state.create_snapshot_from_metadata() to correctly emit an event when creating a snapshot from metadata in CanisterManager.
    Review: Code changes look good and match release notes.

Chores:

  • 70f2eb53f Consensus,Interface: Distinguish transient VetKD payload errors where NiDkgTranscript wasn’t loaded yet (#5681)
    Notes: This commit introduces a new metric label validation_failed_nidkg_transcript_not_loaded to distinguish transient VetKD payload validation errors caused by missing NiDkgTranscript.
    Review: Code changes look good and match release notes.

  • c61ca77e0 Consensus,Interface: Enable incremental manifest computation on the NNS (#5670)
    Notes: Enables incremental manifest computation on the NNS by removing the is_nns check in StateManagerImpl and updating backup tests to delete memory.bin instead of modifying a byte for reliable delta detection.
    Review: Code changes look good and match release notes.

  • 79301c37d Crypto,Interface(crypto): Add interfaces allowing interpolation setup to be infallible if node IDs can be checked unique (#5692)
    Notes: This update introduces a new NodeIndices type that guarantees node IDs are unique upfront, making the interpolation process simpler and safer by removing duplicate checks throughout the code.
    Review: Code changes look good and match release notes.

  • 201f20c06 Execution,Interface: Cleanup signal_stack module (#5793)
    Notes: Fixes signal_stack module’s doc comment by changing stack_add to stack_addr.
    Review: Code changes look good and match release notes.

  • 1658b33cd Execution,Interface: EXC: Bump wasmtime version to 33.0.1 (#5719)
    Notes: This commit updates the Wasmtime dependency to version from 33.0.0 to 33.0.1
    Review: Code changes look good and match release notes.

  • 51e3dd90b Interface: remove ic-starter (#5748)
    Notes: This commit removes the deprecated ic-starter binary, which was previously used for local replica testing, as it has been replaced by PocketIC.
    Review: Code changes look good and match release notes.

  • 19502f0c9 Interface(ic-registry-transport): Add timestamp_nanoseconds to RegistryValue (#5707)
    Notes: This commit adds a timestamp_nanoseconds field to RegistryValue across registry canister, client, and transport code, updating mutations and tests to track and handle precise mutation timestamps.
    Review: Code changes look good and match release notes.

  • 540e1f788 Interface,Message Routing: Rename serialize_protos_to_tip to reflect async protos writing (#5780)
    Notes: This commit updates the function name and related variables from serialize_protos_to_tip to serialize_protos_to_checkpoint_readwrite to better reflect that protobuf data is now written directly to the checkpoint instead of the tip.
    Review: Code changes look good and match release notes.

  • 4411f8746 Interface,Message Routing: Improve checkpointing metrics (#5741)
    Notes: This commit improves checkpointing observability by splitting and renaming timers for reset_tip_to, merge, compute_manifest, and validate_replicated_state in the code.
    Review: Code changes look good and match release notes.

  • 9eeb25685 Interface,Message Routing: State tool to visualize overlay files (#5726)
    Notes: This commit introduces a parse_overlay subcommand to the state-tool, which loads and pretty-prints LSMT OverlayFile page index ranges by exposing OverlayFile and PageIndexRange structs publicly, implementing Debug, and adding a CLI parser to display sorted range lengths for easier debugging.
    Review: Code changes look good and match release notes.

  • 41ba1c2de Interface,Node: Remove unused NodeType::BoundaryOS (#5735)
    Notes: This commit removes the unused NodeType::BoundaryOS from the codebase.
    Review: Code changes look good and match release notes.

  • dd82c205d Node: Add grub version metric (#5693)
    Notes: Introduces a systemd service that computes and exports SHA256 hashes of GRUB config and EFI binaries as Prometheus metrics (grub_config_version, grub_efi_version) for tracking GRUB version changes, with the service integrated into the boot-time monitoring stack.
    Review: Code changes look good and match release notes.

Refactoring:

  • dccc4854a Execution,Interface: Restructure wasmtime_embedder module (#5792)
    Notes: This commit refactors the wasmtime_embedder module by moving the signal_handler into it for better modular cohesion and renaming the test file to tests.rs
    Review: Code changes look good and match release notes.

  • e89267d2b Interface,Node(node): Organize config tool into hostos and setupos directories (#5702)
    Notes: This commit refactors the config tool by relocating guest OS modules to the hostos directory and setup OS modules to the setupos directory.
    Review: Code changes look good and match release notes.

  • 81be9cfa2 Interface,Node(node): deployment_json.rs and deployment.json.template (#5407)
    Notes: Refactors deployment JSON and Rust config by renaming fields for clarity, changing NNS URL from a string to a list and replaces resources with vm_resources.
    Review: Code changes look good and match release notes.

Tests:

  • 7ca4df627 Node: Introduce new IC-OS image target that can be used in tests (#5710)
    Notes: Adds a test-only IC-OS disk image target that populates B partitions by modifying Bazel build definitions and extending the Python disk image builder script with a --populate-b-partitions option to include B partition contents.
    Review: Code changes look good and match release notes.

Other changes:

  • cbd09ff73 Interface,Node: Upgrade build container to 24.04 (#5615)
    Notes: This commit upgrades the build container to Ubuntu 24.04.
    Review: Code changes look good and match release notes.
About Zenith Code

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai.

6

Proposal: 137224 & 137226 - Manvick | ZenithCode

Summary:

  1. Build Hash: The build hash matches
  2. Summary: The release notes matches the code changes
  3. Vote: Adopt

137224
1372241954×924 167 KB

Commits

Features:

  • b9b09f1a7 Consensus,Interface: enable non replicated outcalls (#5715)
    Review: Matches description + changes are appropriate
    Notes: Changes to allow non-replicated HTTP outcalls, where request is handled by a single randomly chosen node instead of all replicas. Added rules to ensure only valid, delegated responses are accepted.

  • 31cc277dd Interface: add CORS for websocket endpoint & limit websocket per-ip subscriptions (#5736)
    Review: Matches description + changes are appropriate
    Notes: Adds Cross-Origin Resource Sharing headers to the WebSocket endpoint and adds limit on number of WebSocket subscriptions for each IP.

  • de979d5c3 Interface,Message Routing: Compute missing manifest incrementally upon restart (#5606)
    Review: Matches description + changes are appropriate
    Notes: Changes to improve performance of node restart by computing the missing parts of the manifest incrementally from the last available checkpoint instead of building the entire manifest.

  • a5673c227 Interface,Node: Upgrade images to SEV-SNP compatible base images (#4321)
    Review: Matches description + changes are appropriate
    Notes: Updates guestos, hostos and setupos components to use base images compatible with SEV-SNP.

  • 6b57b1499 Interface,Node: Add new fields to GuestOSConfig for Upgrade Guest VM and extend testing (#5732)
    Review: Matches description + changes are appropriate
    Notes: Addes guest_vm_type and upgrade_config to GuestOSConfig and changes in test dependencies to cover testing for GuestOSConfig similar to HostOSConfig.

  • 26c76265c Node: grub-upgrader component (#5654)
    Review: Matches description + changes are appropriate
    Notes: Adds grub-upgraderscript which updates hostos_grub.cfg and guestos_grub.cfg on HostOS and GuestOS respectively and initiates reboot.

Bugfixes:

  • a022d7c93 Execution,Interface: ignore canister history memory usage in canister invariant checks (#5758)
    Review: Matches description + changes are appropriate
    Notes: Changes to ignore canister_history_memory_usage in canister memory limit check in CanisterState::check_invariants.

  • ca4f7254f Execution,Interface: Create correct event when creating a snapshot from metadata (#5731)
    Review: Matches description + changes are appropriate
    Notes: Updates checkpoint log to use create_snapshot_from_metadata instead of take_snapshot.

  • d24ea60d8 Interface,Node: guest_vm_runner build rules (#5725)
    Review: Matches description + changes are appropriate
    Notes: Fixes dependencies and fearures in guest_vm_runner/BUILD.bazel build rules.

Chores:

  • 70f2eb53f Consensus,Interface: Distinguish transient VetKD payload errors where NiDkgTranscript wasn’t loaded yet (#5681)
    Review: Matches description + changes are appropriate
    Notes: Adds metric label validation_failed_nidkg_transcript_not_loaded to distinguish expected errors while loading NiDkgTranscripts from actual transient errors.

  • c61ca77e0 Consensus,Interface: Enable incremental manifest computation on the NNS (#5670)
    Review: Matches description + changes are appropriate
    Notes: Reverts the revert of PR #5573 enabling incremental manifest computation on the NNS along with fixes for test failures.

  • 79301c37d Crypto,Interface(crypto): Add interfaces allowing interpolation setup to be infallible if node IDs can be checked unique (#5692)
    Review: Matches description + changes are appropriate
    Notes: Introduces infalliable NodeIndices ensuring interpolation setup never fails with Error.

  • 201f20c06 Execution,Interface: Cleanup signal_stack module (#5793)
    Review: Matches description + changes are appropriate
    Notes: Doc updates in signal_stack

  • 1658b33cd Execution,Interface: EXC: Bump wasmtime version to 33.0.1 (#5719)
    Review: Matches description + changes are appropriate
    Notes: Updates wasmtime version from 33.0.0 to 33.0.1

  • 51e3dd90b Interface: remove ic-starter (#5748)
    Review: Matches description + changes are appropriate
    Notes: Code cleanup of ic-starter which is replaced by PocketIC and no longer in use.

  • 19502f0c9 Interface(ic-registry-transport): Add timestamp_nanoseconds to RegistryValue (#5707)
    Review: Matches description + changes are appropriate
    Notes: Adds timestamp_nanoseconds to RegistryValue which is defaulted to 0.

  • 540e1f788 Interface,Message Routing: Rename serialize_protos_to_tip to reflect async protos writing (#5780)
    Review: Matches description + changes are appropriate
    Notes: Renames function serialize_protos_to_tip to serialize_protos_to_checkpoint_readwrite and related var changes.

  • 4411f8746 Interface,Message Routing: Improve checkpointing metrics (#5741)
    Review: Matches description + changes are appropriate
    Notes: Updates to code comments and refactoring/addition to checkpointing metrics.

  • 9eeb25685 Interface,Message Routing: State tool to visualize overlay files (#5726)
    Review: Matches description + changes are appropriate
    Notes: Introduces parse_overlay in state tools which parses LSMT overlay files and prints the page indices stored in the file intended to improve debugging process.

  • 41ba1c2de Interface,Node: Remove unused NodeType::BoundaryOS (#5735)
    Review: Matches description + changes are appropriate
    Notes: Code Clean-up removing NodeType::BoundaryOS.

  • dd82c205d Node: Add grub version metric (#5693)
    Review: Matches description + changes are appropriate
    Notes: Introduces grub-version.service which records the SHA-256 hash of the grub.cfg as the grub_config_version metric and the bootx64.efi hash as the grub_efi_version metric.

Refactoring:

  • dccc4854a Execution,Interface: Restructure wasmtime_embedder module (#5792)
    Review: Matches description + changes are appropriate
    Notes: Rename tests for wasmtime_embedders and code restructuring moving signal_handler under wasmtime_embedders.

  • e89267d2b Interface,Node(node): Organize config tool into hostos and setupos directories (#5702)
    Review: Matches description + changes are appropriate
    Notes: Restructuring config tool by adding setupos and hostos directories and adding relevant code to respective directory.

  • 81be9cfa2 Interface,Node(node): deployment_json.rs and deployment.json.template (#5407)
    Review: Matches description + changes are appropriate
    Notes: Clean-up and refactoring deployment_json.rs and corresponding template deployment.json.template

Tests:

  • 7ca4df627 Node: Introduce new IC-OS image target that can be used in tests (#5710)
    Review: Matches description + changes are appropriate
    Notes: Introduces new disk-img-for-tests where populate_b_partitions is set as true.

Other changes:

  • cbd09ff73 Interface,Node: Upgrade build container to 24.04 (#5615)
    Review: Matches description + changes are appropriate
    Notes: Re-revert of #1946 - Upgrade build container to 24.04.
About Zenith Code

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai.

7

Proposal: 137224 & 137226 - Yuvika | ZenithCode

Summary

  1. Vote: Adopt
  2. Hash: Hashes match
  3. Reasons to adopt: Builds fine + hashes match + release notes match the commits.

image
image1920×886 174 KB

Commits

Features:

  • b9b09f1a7
    Summary: enable non replicated outcalls.
    Notes: Implementation of HTTP requests with [is_replicated = Some(false)] from a single node. If is_replicated == Some(false), then a context with replication = NonReplicated(node_id) is added to the replicated state. The node_id is chosen by the execution environment randomly, consistently across all
    replicas.
    Review: The description matches the code changes.
  • 31cc277dd
    Summary : add CORS for websocket endpoint & limit websocket per-ip subscriptions. Add a CORS for websocket endpoint and limit up to 5 websockets per IP.
    Notes :
    Review: The description matches the code changes.
  • de979d5c3
    Summary: Compute missing manifest incrementally upon restart.
    Notes: For each height in checkpoint_layouts_to_compute_manifest after a node restart, an attempt is made to find the necessary data and a manifest delta is created and can be computed incrementally.
    Review: The description matches the code changes.
  • a5673c227
    Summary: Upgrade images to SEV-SNP compatible base images.
    Notes: Update the base image references used for IC OS, which is compatible with SEV-SNP.
    Review: The description matches the code changes.
  • 6b57b1499
    Summary: Add new fields to GuestOSConfig for Upgrade Guest VM and extend testing.
    Notes: Add guest_vm_type and upgrade_config fields to the GuestOS config, and extend config compatibility tests to cover both GuestOS and HostOS.
    Review: The description matches the code changes.
  • 26c76265c
    Summary : grub-upgrader component.
    Notes: Update the grub.cfg file on the HostOS and
    GuestOS. After grub.cfg is updated, a reboot is triggered if the in-use grub configuration and desired grub config don’t match.
    Review: The description matches the code changes.

Bugfixes:

  • a022d7c93
    Summary: ignore canister history memory usage in canister invariant checks.
    Notes: Exclude canister history memory usage in CanisterState::check_invariants when verifying if it has not exceeded its memory limit.
    Review: The description matches the code changes.
  • ca4f7254f
    Summary: Create correct event when creating a snapshot from metadata.
    Notes: Replace take_snapshot() with create_snapshot_from_metadata()
    and ensure the correct event is added when a snapshot is created from metadata in CanisterManager.
    Review: The description matches the code changes.
  • d24ea60d8
    Summary: guest_vm_runner build rules.
    Notes : Fix typos in guest_vm_runner/BUILD.bazel.
    Review: The description matches the code changes.

Chores:

  • 70f2eb53f
    Summary: Distinguish transient VetKD payload errors where NiDkgTranscript wasn’t loaded yet.
    Notes: Introduce new metric labels for certain errors, such
    that they can be more easily distinguished from other (unexpected)
    transient errors.
    Review: The description matches the code changes.
  • c61ca77e0
    Summary: Enable incremental manifest computation on the NNS.
    Notes: This change was made earlier, but system tests failed. Reapply the changes and delete a specific file rather than modifying a single bit. This
    will fix the tests while still keeping the functionality.
    Review: The description matches the code changes.
  • 79301c37d
    Summary: Add interfaces allowing interpolation setup to be infallible if node IDs can be checked unique.
    Notes: Update implementation of LagrangeCoefficients so that the methods are infallible, split enum into InterpolationError and InvalidNodeIndices, and add new type and implementation for NodeIndices.
    Review: The description matches the code changes.
  • 201f20c06
    Summary : Cleanup signal_stack module.
    Notes: Fix the doc comment and remove some unneeded/commented out code in signal_stack.rs.
    Review: The description matches the code changes.
  • 1658b33cd
    Summary : Bump wasmtime version to 33.0.1.
    Notes: Upgrade wasmtime from 33.0.0 to 33.0.1.
    Review: The description matches the code changes.
  • 51e3dd90b
    Summary : remove ic-starter.
    Notes: Remove the ic-starter binary used to start a single instance
    of the replica process for local testing. This flow has been superseded
    by PocketIC, and ic-starter is no longer used.
    Review: The description matches the code changes.
  • 19502f0c9
    Summary : Add timestamp_nanoseconds to RegistryValue.
    Notes: Add timestamp_nanoseconds to RegistryValue and set default to 0.
    Review: The description matches the code changes.
  • 540e1f788
    Summary: Rename serialize_protos_to_tip to reflect async protos writing.
    Notes: Rename serialize_protos_to_tip to serialize_protos_to_checkpoint_readwrite because protos are serialized to the checkpoint directly, bypassing the tip.
    Review: The description matches the code changes.
  • 4411f8746
    Summary: Improve checkpointing metrics.
    Notes: Split reset_tip_to and merge into individual metrics,
    rename some metrics to reflect the code changes and update code comments.
    Review: The description matches the code changes.
  • 9eeb25685
    Summary: State tool to visualize overlay files.
    Notes: This tool parses LSMT overlay files and prints out the page
    indices. It is mostly intended for debugging in the future.
    Review: The description matches the code changes.
  • 41ba1c2de
    Summary : Remove unused NodeType::BoundaryOS.
    Notes: Remove unused type NodeType::BoundaryOS.
    Review: The description matches the code changes.
  • dd82c205d
    Summary : Add grub version metric.
    Notes: Add grub-version.service which records the SHA-256 hash grub_config_version metric and bootx64.efi hash as the grub_efi_version metric.
    Review: The description matches the code changes.

Refactoring:

  • dccc4854a
    Summary : Restructure wasmtime_embedder module.
    Notes: Rename wasmtime_embedders_tests.rs to simply tests.rs and move the signal_handler module under wasmtime_embedder.
    Review: The description matches the code changes.
  • e89267d2b
    Summary: Organize config tool into hostos and setupos directories.
    Notes: To simplify the config pipeline, organize config tool into hostos and setupos directories.
    Review: The description matches the code changes.
  • 81be9cfa2
    Summary: deployment_json.rs and deployment.json.template.
    Notes: Refactor the deployment_json template file to improve the
    naming and simplify deployment_json.rs, as we no longer have to worry about deployment_json.rs backwards compatibility after the config revamp, since it’s only used in setupOS.
    Review: The description matches the code changes.

Tests:

  • 7ca4df627
    Summary: Introduce new IC-OS image target that can be used in tests.
    Notes: Add a new IC-OS image target for testing in which the B partitions are populated, unlike in the regular published image, in which they are empty.
    Review: The description matches the code changes.

Other changes:

  • cbd09ff73
    Summary: Upgrade build container to 24.04.
    Notes: Upgrade build container to Ubuntu 24.04; this change was also made earlier but reverted due to some issues.
    Review: The description matches the code changes.
About Zenith Code

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai.

8

proposals - [137224, 137226] Cyberowl | CodeGov

ic_os
ic_os1268×561 105 KB

Proposals:

137224
137226

Vote: [ADOPT, ADOPT]

Reason & Feedback:

I successfully built and verified the hash for GuestOS and HostOS. All the commit descriptions match their code changes.

Checks:

Hash Match: [PASS, PASS]
2 Urls: [PASS, PASS]
Proposer Check: [PASS, PASS]

Overall Summary:

logs_canister validates the canister ID, enforces per-IP subscriber limits (default 5), subscribes the client to that canister’s log broker topic. Looks like DDOS protection for canisters. Intro to fully_replicated and non_replicated contexts. This might help with
latency. NonReplicated(node_id), only that single node needs to fetch and sign the HTTP response (rather than waiting for a quorum), so you bypass the multi‐node consensus and signature‐gathering overhead.

Commits Summary

proposal / 137224

cbd09ff73

  • added: 0
  • modified: 53
  • removed: 2
  • total: 55

Update dfinity/ic-build image. Add new repo ansible/ansible-lint.git. New package xz-utils. Lots of deps updates. Tasks fix to include ansible.builtin. Update library/ubuntu image. The version is ref in the comment ubuntu:noble-20250415.1.Moving to noble from focal.

b9b09f1a7

  • added: 1
  • modified: 27
  • removed: 0
  • total: 28

Implement a new metric canister_http_success_delivered. Introduce additional metrics to differentiate between fully_replicated and non_replicated contexts. Within the environment for executing subnet messages, specifically HttpRequest, we now include canister_http_request_context into http_context_to_replicated_state. Improved naming for CanisterHttpRequestContext.generate_from_args previously known as try_from, now accommodating NonReplicated contexts in generate_from_args. A new random route is introduced. The RegistryExecutionSettings now contains a new field node_ids. The http_requests function now also manages NonReplicated cases. An updated filter for get_unvalidated_shares now checks the request context of shares, removing unvalidated shares when the context is missing, or marking them as invalid if the context is non-replicated and the signer is not the delegated node. Refactored get_canister_http_payload_impl to differentiate grouped_shares based on context.replication. Additional check of no duplicate responses among non-replicated requests for validate_canister_http_payload_impl. try_add_http_context_to_replicated_state now checks that the number of in-flight canister HTTP calls hasn’t exceeded the configured limit and that the caller has prepaid the required cycles, then deducts the fee, records metrics, and enqueues the HTTP request context into the replicated state. Which used to be done within Ok(mut canister_http_request_context) => .

19502f0c9

  • added: 0
  • modified: 17
  • removed: 0
  • total: 17

Adds field timestamp_nanoseconds to RegistryValue.

51e3dd90b

  • added: 0
  • modified: 12
  • removed: 4
  • total: 16

Remove package ic-starter.

31cc277dd

  • added: 1
  • modified: 13
  • removed: 0
  • total: 14

Adds dev dep tokio-tungstenite. Splits logs obs_log_websocket_max_subscribers to obs_log_websocket_max_subscribers_per_topic and obs_log_websocket_max_subscribers_per_topic_per_ip. Now there is a cors::layer() set with defaults within logs_canister_router. Updates LogsState to include ip_cache and max_subscribers_per_ip_per_topic, the cache is 114 MiB to 133 MiB. logs_canister validates the canister ID, enforces per-IP subscriber limits (default 5), subscribes the client to that canister’s log broker topic. Looks like DDOS protection for canisters.

6b57b1499

  • added: 3
  • modified: 10
  • removed: 0
  • total: 13

Update GuestOSConfig with new types guest_vm_type and upgrade_config. Currently sets both fields to default.

a5673c227

  • added: 0
  • modified: 12
  • removed: 0
  • total: 12

Upgrade images. Matches upgrade to 9.1 qemu. All the hashes match https://github.com/dfinity/ic/pull/5714/files.

81be9cfa2

  • added: 0
  • modified: 11
  • removed: 0
  • total: 11

Changed back to use nns_url from nns_urls, even though sometimes it is multiple urls "https://icp-api.io,https://icp0.io,https://ic0.app". This reverts a change that was done a few hours ago.

e89267d2b

  • added: 2
  • modified: 7
  • removed: 0
  • total: 9

Refactor import paths for config::setupos. Does make it easier to understand.

1658b33cd

  • added: 0
  • modified: 7
  • removed: 0
  • total: 7

Update wasmtime to 33.0.1.

79301c37d

  • added: 0
  • modified: 6
  • removed: 0
  • total: 6

Remove err DuplicateNodeIndex from EncryptedKeyCombinationError. New structure NodeIndices. Now implementation checks if any duplicated indices. Now supports construction of BTreeMap and BTreeSet. No longer need check_for_duplicates since all that is done within from_map now. All is unique.

26c76265c

  • added: 2
  • modified: 4
  • removed: 0
  • total: 6

Adds grub-upgrader/grub-upgrader.sh. Script waits for system to become stable to apply grub update. Copies SRC to DST.

9eeb25685

  • added: 1
  • modified: 3
  • removed: 0
  • total: 4

New file parse_overlay.rs. Prints its debug info, total pages and range count, then identifies and prints the five longest page‐ranges.

41ba1c2de

  • added: 0
  • modified: 4
  • removed: 0
  • total: 4

Remove BoundaryOS from deterministic_ips/src/node_type.rs.

dd82c205d

  • added: 2
  • modified: 2
  • removed: 0
  • total: 4

Add grub-version/grub-version.sh and grub-version/grub-version.service. New script grub-version.sh with two methods update_grub_config_version_metric and update_grub_version_metric.

7ca4df627

  • added: 0
  • modified: 4
  • removed: 0
  • total: 4

Update guest_vm_runner_integration_tests to ref data and env from disk-img-for-tests.tar. New arg --populate-b-partitions.

4411f8746

  • added: 0
  • modified: 3
  • removed: 0
  • total: 3

Update TipRequest::ResetTipAndMerge in spawn_tip_thread. It now drops the timer for reset_tip_to and adds timer for merge. Adjustments to metrics timers.

dccc4854a

  • added: 0
  • modified: 2
  • removed: 0
  • total: 2

Refactor how signal_handler::sigsegv_memory_tracker_handler is executed. No behavior change.

c61ca77e0

  • added: 0
  • modified: 2
  • removed: 0
  • total: 2

Remove the is_nns flag for generating manifest_delta.

a022d7c93

  • added: 0
  • modified: 2
  • removed: 0
  • total: 2

Adds additional check of canister_history_memory_usage for check_invariants.

de979d5c3

  • added: 0
  • modified: 2
  • removed: 0
  • total: 2

Send manifest_delta into tip_channel.send. ManifestDelta use to describe how to update from that base state to the target checkpoint.

ca4f7254f

  • added: 0
  • modified: 1
  • removed: 0
  • total: 1

Fix creation of snapshot to use create_snapshot_from_metadata instead of take_snapshot.

70f2eb53f

  • added: 0
  • modified: 1
  • removed: 0
  • total: 1

New error for self.metrics.payload_errors_inc, pass label with more info.

201f20c06

  • added: 0
  • modified: 1
  • removed: 0
  • total: 1

Removed some comments.

540e1f788

  • added: 0
  • modified: 1
  • removed: 0
  • total: 1

Renamed serialize_protos_to_tip to serialize_protos_to_checkpoint_readwrite. Pure name change, no behavior change.

proposal / 137226

d24ea60d8

  • added: 0
  • modified: 1
  • removed: 0
  • total: 1

Matches description fix: guest_vm_runner build rules .

About CodeGov
CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron's Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.
9

Proposals 137224 & 137226 – LaCosta | CodeGov

Vote: ADOPT

image
image1244×540 74 KB

Reason:
Build successful and hashes match, commits look great and match the description. Found no issues.

Features:

[b9b09f1a7]: Adds support for non replicated HTTP outcalls with is_replicated == Some(false)

[31cc277dd]: Sets up a default CORS layer for websocket enpoint. Adds two new fields to LogsState, ip_cache defaulted to 2_000_000 entries and max_subscribers_per_ip_per_topic. Implements a subscriber limit to a canister per topic and per ip per topic.

[de979d5c3]: Improves performance by sending a manifest_delta where instead of having to compute the manifest for the target height from scratch, it sends in a ManifestDelta the manifest closest to the terget height so that only differences need rehashing.

[a5673c227]: Upgrades images to SEV-SNP compatible base images

[6b57b1499]: Adds two new fields to GuestOSConfig, guest_vm_type and upgrade_config and updates the CONFIG_VERSION to 1.3.0. Extends compatibility test for GuestOSConfig and not only for HostOSConfig

[26c76265c]: Adds the service grub-upgrader.sh that waits for the system to become stable within 600 seconds, to update the grub configuration and reboot the system

Bugfixes:

[a022d7c93]: Adapts the function check_invariants check for memory usage to exclude the canister_history_memory_usage from the calculation to verify if the memory has exceeded the limit.

[ca4f7254f]: Replaces function take_snapshot with create_snapshot_from_metadata so that the event pushed to the collection of unflushed checkpoint operations is UploadSnapshotMetadata instead of TakeSnapshot

[d24ea60d8]: Fixes two mistakes in the guest_vm_runner build rules

Chores:

[70f2eb53f]: Distinguishes between transient VetKD payload errors where NiDkgTranscript wasn’t loaded yet

[c61ca77e0]: Enables incremental manifest computation on the NNS. Fixes an error in a prior commit that attempted to enable this feature aswell by removing function modify_byte_in_file that modified file memory_artifact_path. Instead now it is deleted with fs::remove_file

[79301c37d]: Splits error enum InterpolationError into InvalidNodeIndices and InterpolationError. Implements a new type struct NodeIndices and refactors LagrangeCoefficientsto be infallibale.

[201f20c06]: Fix comments in signal_stack.rs

[1658b33cd]: Bumps wasmtime version from 33.0.0 to 33.0.1

[51e3dd90b]: Removes no longer used ic-starter

[19502f0c9]: Adds the field timestamp_nanoseconds to the struct RegistryValue which represents the timestamp at which the registry mutation happened.

[540e1f788]: Renames functions, variables and metrics to reflect async protos writing

[4411f8746]: Splits metrics for reset_tip_to and merge into individual metrics by resetting the timer with the individual labels. Renames metric compute_manifest to compute_manifest_total and validate_replicated_state to validate_replicated_state_and_finalize which is more appropriate.

[9eeb25685]: Adds a new tool to visuaize overlay files, printing the pages in the file in groups of ranges PageIndexRange with the function do_parse_overlay.

[41ba1c2de]: Removes unused NodeType::BoundaryOS

[dd82c205d]: Adds a grub version metric to both gestos and hostos

Refactoring:

[dccc4854a]: Restructure wasmtime_embedder module

[e89267d2b]: Organize config tool into hostos and setupos directories

[81be9cfa2]: Refactors deployment.json.template mostly with renames, and changes the code accordingly.

Tests:

[7ca4df627]: Adds a new IC-OS image target disk-img-for-tests to be used for tests where the B partition is populated.

Other Changes:

[cbd09ff73]: Upgrades the build container to Ubuntu 24.04.

About CodeGov
CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron's Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.