-GuestOS-

Features:
-e36d9f53c Execution,Interface: Updates the canister status to expose canister environment_variables and moves EnvironmentVariables struct to types. The added canister_status_with_environment_variables test checks for accepted environment variables during canister creation if the environment_variables_flag is enabled, persists them as part of the canister’s configuration and then exposes them correctly when queried via the canister_status API.
-ee83c4bb5 Execution,Interface: Updates the update_settings to keep track of environment variable changes that are recorded in the canister’s change history when the feature flag is enabled.
Interesting to see the derivation of new_controllers from canister.system_state.controllers when validated_settings.controllers() is Some when the flag is disabled.
-18d7278ba Execution,Interface,Message Routing: Creates a collection in replicated state which will be holding delivered pre-signatures to be used in the future, currently they are stored in the block payload.
Adds PreSignature enum over all existing pre-signature types that will be stored in replicated state.
-eeacd880a Execution,Interface,Message Routing(registry-client): Use the new canister_ranges_ key family in RegistryClient as part of migration to sharded routing table.
-f8a10ffff Interface(ICP-Ledger): Adds candid tip_of_chain endpoint, while CANISTERS_MAX_SIZE_COMPRESSED_E5_BYTES is increased to 901_184 bytes for the ledger-canister.wasm.gz.
-648c31145 Interface: Adds canister_cycles_cost_schedule to SubnetRecord with a Normal charge as default for SubnetType and the Free to be used by Subnet rental where canisters are not charged cycles.
-910548cc4 Interface(ICP-Ledger): Adds the get_allowances endpoint for retrieving a maximum of 500 allowances at once that can be limited using the take argumnet and there is also the prev_spender_id argument for pagination.
-3f26fb05c Interface,Node: Adds Command::StartUpgradeGuestVM for starting the Upgrade Guest VM with the function start_upgrade_guest_vm that attempts to initiate an upgrade process for Guest VM by interacting with the systemd service manager.
-2f87fe952 Interface,Node: Implement Upgrade Guest VM taht can be used with --type=upgrade to the guest_vm_runner and also adds a systemd service which allows running the VM by issuing
systemd start upgrade-guestos.
-1787e4e66 Interface,Node: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS. OVMF is a port of Intel’s tianocore firmware to the qemu virtual machine. This allows easy debugging and experimentation with UEFI firmware. Searching for AMD SEV-SNP in Open Source helps learn more about this.
It gets reverted in following commit 5128134d2.

Bugfixes:
-7c52fa197 Owners(IDX): Updates github artifact by switching to the mirrored github image to unblock CI.

Chores:
-333217fe0 Consensus,Interface: Simplify artifact_pool build graph by moving consensus_pool_util to bin/ , removes unused Aliases and dependecies to exclude them when building test.
-fa6080b7b Execution,Interface: Add more fine grained metrics for the http outcalls price by enforcing Response Size Limits: It ensures that the outgoing HTTP response does not exceed a hardcoded maximum or a user-defined limit.
-967f2d362 Execution,Interface: Adds test_timeout argument to benchmark targets and with_test is replaced by test_name and adds a comment to the rust_bench script on why --bench is passed.
-3a2bc2e8c Interface: Removes WASM validation and canister history tests from now deprecated Haskell test suite and adds lots of validation tests along with Notes about constants from the Public Interface Specs used in the configuration settings and parameters related to the “embedder” (component responsible for loading, initializing, and running WebAssembly (Wasm) modules).
-44a0b9108 Owners(icrc-ledger-types): Removes unused dependencies ic-cdkandserde from icrc-ledger-client. -7d377c34c Node: Update Base Image Refs [2025-07-10-0804]. -079ae336a` Node: Update Base Image Refs [2025-07-03-0812].

Tests:
-8c0981290 Interface: Write the routing table entries in the new sharded format that is canister_ranges_*in addition to the old routing_table for testing as part of migration.

Other changes:
-5128134d2 Interface,Node: Revert "feat: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS.

-HostOS-

Features:
-3f26fb05c Interface,Node: Duplicate.
-2f87fe952 Interface,Node: Duplicate.

Bugfixes:
-2e1c7650a Interface,Node: Fix the reboot behavior of GuestVM , done by Destroying the VM in all three cases (on_poweoff, on_reboot and on_crash) and let the guest_vm_runner restart it.

Performance improvements:
-d4d277289 Interface,Node: Optimize guest_vm_runner tests, by unpacking the GuestOS image only once for the entire test suite and also use the dd command to copy the specific range, with sparse file support.

Chores:
-7d377c34c Node: Duplicate.
-079ae336a Node: Duplicate.

Features:

• e36d9f53c Execution,Interface: Update canister status to include environment variables (#5843)
  Review: Matches description + changes are appropriate
  Notes: Code restructuring to expose EnvironmentVariables as a base_type, removed it from CanisterSettings and related changes dependent classes. Also exposes system_state.environment_variable as part of the get_canister_status api response.

• ee83c4bb5 Execution,Interface: Update update_settings to keep track of environment variables via canister history (#5801)
  Review: Matches description + changes are appropriate
  Notes: Updates to canister change tracking logic. Introduces a feature flag, which when enabled tracks both controllers_change and environment_variables_hash change as part of CanisterChangeDetails otherwise it just tracks controllers_change.

• 18d7278ba Execution,Interface,Message Routing: Create a collection of pre-signatures in replicated state (#5768)
  Review: Matches description + changes are appropriate
  Notes: Introduces PreSignature enum and dependent changes. Changes to store pre-signatures in the replicated state instead of the block payload. Introduces a PreSignatureStash collection within SubnetCallContextManager, including both pre-signatures and the associated key transcript. These changes will later allow more efficient signature computation and automatic purging upon key changes.

• eeacd880a Execution,Interface,Message Routing(registry-client): Use the new canister_ranges_ key family in RegistryClient (#5808)
  Review: Matches description + changes are appropriate
  Notes: Changes in get_routing_table function to read routing data from sharded registry keys canister_ranges/ instead of a single record. This impoves efficiency of retrieval of routing information as the number of canisters scale up.

• f8a10ffff nterface(ICP-Ledger): add candid tip_of_chain endpoint (#5871)
  Review: Matches description + changes are appropriate
  Notes: Introduces tip_of_chain candid_method in ICP Ledger canister to retrieve the latest block index, with a consistency check between the Protobuf and Candid interfaces of the ledger’s tip. Also changes CANISTERS_MAX_SIZE_COMPRESSED_E5_BYTES for ledger-canister.wasm.gz from 841_234 to 901_184.

• 648c31145 Interface: Added canister_cycles_cost_schedule to SubnetRecord (#5816)
  Review: Matches description + changes are appropriate
  Notes: Introduces tracking of CanisterCyclesCostSchedule as part of the subnet configuration and addition of canister_cycles_cost_schedule to SubnetRecord. Updates to do_create_subnet.rs to accept and initialize the canister_cycles_cost_schedule field and changes to other dependent classes.

• 910548cc4 Interface(ICP-Ledger): Implement endpoint to retrieve approvals (#5680)
  Review: Matches description + changes are appropriate
  Notes: Adds new get_allowances query endpoint that returns a paginated list of active allowances granted by a specific account.

• 3f26fb05c Interface,Node: Add new VSOCK command for starting the Upgrade Guest VM (#5838)
  Review: Matches description + changes are appropriate
  Notes: Introduces StartUpgradeGuestVM command that restarts the upgrade-guestos.service. If restart fails then returns the service status with Error.

• 2f87fe952 Interface,Node: Implement Upgrade Guest VM (#5729)
  Review: Matches description + changes are appropriate
  Notes: Adds a new upgrade type upgrade-guestos.service which introduces support for upgrading the Guest VM within the HostOS. Additional updates to HostOS and Guest VM configurations to specify the Guest VM type.

• 1787e4e66 Interface,Node: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS (#5776)
  Review: Matches description + changes are appropriate
  Notes: Adds custom OVMF firmware to the GuestOS to support SEV-SNP secure virtualization. Includes updates to CI workflows, container configurations, and other related components to support the integration of this custom OVMF. Default to using the OVMF from the HostOS if the GuestOS does not include its own.

Bugfixes:

• 7c52fa197 Owners(IDX): update to github artifact (#5873)
  Review: Matches description + changes are appropriate
  Notes: Changes gitlab instance from git.openldap.org to github.com as the former is down.

• 2e1c7650a Interface,Node: Fix the reboot behavior of GuestVM (#5876)
  Review: Matches description + changes are appropriate
  Notes: Fixes the GuestVM reboot behaviour by replacing the traditional QEMU reboot with a full VM recreation using updated configuration and boot parameters instead of existing logic where the VM is restarted using the same boot parameters as it was started with.

Chores:

• 333217fe0 Consensus,Interface: simplify artifact_pool build graph (#5883)
  Review: Matches description + changes are appropriate
  Notes: Code refactoring and Clean-up of artifact_pool build by moving consensus_pool_util out of the main library build.

• fa6080b7b Execution,Interface: Add more fine grained metrics for the http outcalls price (#5609)
  Review: Matches description + changes are appropriate
  Notes: Improves HTTP outcall pricing metrics by logging all parameters used in the cost calculation.

• 967f2d362 Execution,Interface: add test_timeout to benchmark targets (#5821)
  Review: Matches description + changes are appropriate
  Notes: Adds a test_timeout parameter to the rust_bench setup, allowing each benchmark test to have a customizable timeout duration and some refactoring.

• 3a2bc2e8c Interface: remove WASM validation and canister history tests in Haskell (#5852)
  Review: Matches description + changes are appropriate
  Notes: Code Clean-up to remove test suite for WASM validation and canister history and migration to Rust.

• 44a0b9108 Owners(icrc-ledger-types): Remove unused dependencies from icrc-ledger-client (#5827)
  Review: Matches description + changes are appropriate
  Notes: Code Clean-up from icrc-ledger-client.

• 7d377c34c Node: Update Base Image Refs [2025-07-10-0804] (#5879)
  Review: Matches description + changes are appropriate
  Notes: Updates base container image references.

• 079ae336a Node: Update Base Image Refs [2025-07-03-0812] (#5814)
  Review: Matches description + changes are appropriate
  Notes: Updates base container image references.

Performance improvements:

• d4d277289 Interface,Node: Optimize guest_vm_runner tests (#5834)
  Review: Matches description + changes are appropriate
  Notes: Optimises the guest_vm_runner tests. The GuestOS image is now unpacked once for the entire test suite, reducing redundant IO intensive operations.

Tests:

• 8c0981290 Interface: Write the routing table entries in the new format in addition to the old (#5740)
  Review: Matches description + changes are appropriate
  Notes: Updates tests to write to both older monolithic routing_table format and the new canister_ranges/ format. Which will help in smooth transition to the new format.

Other changes:

• 5128134d2 Interface,Node: Revert "feat: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS (#5776), (#5894)
  Review: Matches description + changes are appropriate
  Notes: Reverts the commit 1787e4e66 (described in chores) as it has problems with direct boot and boots with GRUB instead.

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai.

Features:

• e36d9f53c
  Summary: Update canister status to include environment variables.
  Notes: Add new type EnvironmentVariables in ic_base_types, update canister status to expose canister environment variables and refactor relevant tests.
  Review: The description matches the code changes.
• ee83c4bb5
  Summary: Update update_settings to keep track of environment variables via canister history.
  Notes: Refactor update_settings function to support modifying
  environment variables through canister settings. When the environment_variables_flag flag is enabled, environment variable changes are recorded in the canister’s change history alongside controller changes.
  Review: The description matches the code changes.
• 18d7278ba
  Summary: Create a collection of pre-signatures in replicated state.
  Notes: Create a collection in replicated state, which holds the
  delivered pre-signatures. It also holds the current key transcript in the “pre-signature stash”.
  Review: The description matches the code changes.
• eeacd880a
  Summary: Use the new canister_ranges_ key family in RegistryClient.
  Notes: Migrate routing table to sharded ones keyed by
  canister_ranges_* keys. Replace the get_routing_table
  method on the registry client with the sharded routing table.
  Review: The description matches the code changes.
• f8a10ffff
  Summary: add candid tip_of_chain endpoint.
  Notes: Expose tip_of_chain endpoint, and increase CANISTERS_MAX_SIZE_COMPRESSED_E5_BYTES from 841_234 to 901_184.
  Review: The description matches the code changes.
• 648c31145
  Summary: Added canister_cycles_cost_schedule to SubnetRecord.
  Notes: Add canister_cycles_cost_schedule to each SubnetRecord, and set all subnets created via the “subnet rental” to Free.
  Review: The description matches the code changes.
• 910548cc4
  Summary: Implement endpoint to retrieve approvals.
  Notes: Add get_allowances to query a given account identifier, for a page of allowances.
  Review: The description matches the code changes.
• 3f26fb05c
  Summary: Add new VSOCK command for starting the Upgrade Guest VM.
  Notes: Add a new VSOCK command, start-upgrade-guest-vm
  Review: The description matches the code changes.
• 2f87fe952
  Summary: Implement Upgrade Guest VM.
  Notes: Add systemd services to allow running the VM by issuing
  systemd start upgrade-guestos. Add new config options for specifying the Guest VM
  type (Default or Upgrade) and some metadata about peer GuestVM during
  upgrades to help the VMs set up an IP connection with each
  other.
  Review: The description matches the code changes.
• 1787e4e66
  Summary: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS.
  Notes: Include OVMF in the GuestOS to get consistent measurements for each
  GuestOS release.
  Review: The description matches the code changes.

Bugfixes:

• 7c52fa197
  Summary: update to github artifact.
  Notes: Switch to the mirrored github image to unblock CI since gitlab instance openldap was down.
  Review: The description matches the code changes.
• 2e1c7650a
  Summary: Fix the reboot behavior of GuestVM.
  Notes: Replace QEMU reboot with a full VM recreation using update config and boot parameters to fix the reboot behavior of GuestVM.
  Review: The description matches the code changes.

Performance improvements:

• d4d277289
  Summary: Optimize guest_vm_runner tests.
  Notes: Optimize partition_tools and use dd instead of std::io::copy because dd supports sparse files. Unpack the guest os image only once for the entire test suite since it is IO sensitive.
  Review: The description matches the code changes.

Chores:

• 333217fe0
  Summary: simplify artifact_pool build graph.
  Notes: Move consensus_pool_util to a different directory, fix typo in CLI output, remove unnecessary ALIASES and extract bench-only dependencies so that they are not unnecessarily included when building tests.
  Review: The description matches the code changes.
• fa6080b7b
  Summary: Add more fine grained metrics for the http outcalls price.
  Notes: Log parameters needed for the cost formula to be able to quickly adjust the weights in the formula during analysis, to improve HTTP outcall pricing metrics.
  Review: The description matches the code changes.
• 967f2d362
  Summary: add test_timeout to benchmark targets.
  Notes: Update rust_bench implementation to test_name = <string> instead of with_test = <bool> and add a new argument, test_timeout to set the corresponding timeout to the test. Change the compilation_bench_test timeout to “long”.
  Review: The description matches the code changes.
• 3a2bc2e8c
  Summary: remove WASM validation and canister history tests in Haskell.
  Notes: Remove WASM validation and canister history tests from the Haskell test suite as part of the cleanup and migration to Rust.
  Review: The description matches the code changes.
• 44a0b9108
  Summary: Remove unused dependencies from icrc-ledger-client.
  Notes: Remove the unused ic-cdk dependency from the icrc-ledger-client crate since it prevents users from upgrading and causes issues.
  Review: The description matches the code changes.
• 7d377c34c
  Summary: Update Base Image Refs [2025-07-10-0804].
  Notes: Update the base image references used for IC OS.
  Review: The description matches the code changes.
• 079ae336a
  Summary: Update Base Image Refs [2025-07-03-0812].
  Notes: Update the base image references used for IC OS.
  Review: The description matches the code changes.

Tests:

• 8c0981290
  Summary: Write the routing table entries in the new format in addition to the old.
  Notes: Update test infrastructure for the routing table format, add call to make_canister_ranges_key(CanisterId::from_u64(0)) wherever make_routing_table_record_key() is used to insert routing tables for easier transition to the newer format.
  Review: The description matches the code changes.

Other changes:

• 5128134d2
  Summary: Revert “feat: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS (#5776)”.
  Notes: Revert the commit 1787e4e66 due to direct boot issues.
  Review: The description matches the code changes.

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai

Features:

• e36d9f53c Execution,Interface: Update canister status to include environment variables (#5843)
  Notes: This commit adds environment variables to canister_status by introducing the EnvironmentVariables struct in ic_base_types, updating SystemState, CanisterManager, and DefiniteCanisterSettingsArgs, and refactoring related tests to replace BTreeMap<String, String> with the new type.
  Review: Code changes look good and match release notes.
• ee83c4bb5 Execution,Interface: Update update_settings to keep track of environment variables via canister history (#5801)
  Notes: Environment variables are updated via update_settings, those changes are recorded in the canister’s history as settings_change entries which only applies when the environment_variables feature flag is turned on.
  Review: Code changes look good and match release notes.
• 18d7278ba Execution,Interface,Message Routing: Create a collection of pre-signatures in replicated state (#5768)
  Notes: Adds an unused pre_signature_stash to replicated state to store tECDSA and tSchnorr pre-signatures with key transcripts, enabling future scalability and key rotation support.
  Review: Code changes look good and match release notes.
• eeacd880a Execution,Interface,Message Routing(registry-client): Use the new canister_ranges_ key family in RegistryClient (#5808)
  Notes: This commit updates get_routing_table in the registry client to use the new canister_ranges_* key family, replacing the monolithic routing table with sharded routing table keys and combing them into a unified RoutingTable.
  Review: Code changes look good and match release notes.
• f8a10ffff Interface(ICP-Ledger): add candid tip_of_chain endpoint (#5871)
  Notes: This commit adds a new Candid tip_of_chain query endpoint, implements its handler tip_of_chain_candid() and defines the TipOfChainRes struct with certification.
  Review: Code changes look good and match release notes.
• 648c31145 Interface: Added canister_cycles_cost_schedule to SubnetRecord. (#5816)
  Notes: Adds canister_cycles_cost_schedule enum to SubnetRecord protobuf, updates subnet creation and update logic to include this field, and modifies tests to set it as Normal by default.
  Review: Code changes look good and match release notes.
• 910548cc4 Interface(ICP-Ledger): Implement endpoint to retrieve approvals (#5680)
  Notes: Implements a new ledger endpoint to retrieve approvals for a given AccountIdentifier, supporting pagination via prev_spender_id and limiting results with a take parameter; adds request and response types, handler logic, and tests for this functionality.
  Review: Code changes look good and match release notes.
• 3f26fb05c Interface,Node: Add new VSOCK command for starting the Upgrade Guest VM (#5838)
  Notes: Implements a new VSOCK command StartUpgradeGuestVM to restart the Upgrade Guest VM service by invoking systemctl.
  Review: Code changes look good and match release notes.
• 2f87fe952 Interface,Node: Implement Upgrade Guest VM (#5729)
  Notes: Implements support for the Upgrade Guest VM by adding a --type=upgrade option to the guest_vm_runner, introduces a systemd service to manage the upgrade VM lifecycle, and adds configuration options and metadata to handle Guest VM types and peer communication during upgrades.
  Review: Code changes look good and match release notes.
• 1787e4e66 Interface,Node: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS (#5776)
  Notes: Adds a custom SEV-compatible OVMF to the GuestOS for reliable SEV-SNP support, with a fallback to the HostOS version when needed.
  Review: Code changes look good and match release notes.

Bugfixes:

• 7c52fa197 Owners(IDX): update to github artifact (#5873)
  Notes: This commit fixes CI by updating the openldap dependency to use the GitHub mirror instead of the down GitLab URL, changing the archive URL, strip prefix, and SHA256 checksum in the Bazel repository definition.
  Review: Code changes look good and match release notes.

Chores:

• 333217fe0 Consensus,Interface: simplify artifact_pool build graph (#5883)
  Notes: Simplifies the artifact_pool Bazel build by moving ic-consensus-pool-util from src/bin to bin/, removing the unused ALIASES variable, extracting criterion into separate BENCH_DEPENDENCIES.
  Review: Code changes look good and match release notes.
• fa6080b7b Execution,Interface: Add more fine grained metrics for the http outcalls price (#5609)
  Notes: Implements detailed logging of HTTP outcall parameters, including variable_parts_size, payload_size_bytes, optional max_response_bytes and subnet_size from registry settings within the ExecutionEnvironment to enable fine-grained metrics.
  Review: Code changes look good and match release notes.
• 967f2d362 Execution,Interface: add test_timeout to benchmark targets (#5821)
  Notes: Implements Bazel rust_bench rule enhancements by replacing with_test with test_name for better test naming, adding a configurable test_timeout parameter, updating benchmarks to use these options, and including a clarifying comment on --bench flag handling in the bench runner script.
  Review: Code changes look good and match release notes.
• 3a2bc2e8c Interface: remove WASM validation and canister history tests in Haskell (#5852)
  Notes: This commit removes deprecated WASM validation and canister history tests from the Haskell suite, ports missing WASM validation tests to Rust, and notes a ticket for system testing edge cases in query names.
  Review: Code changes look good and match release notes.
• 44a0b9108 Owners(icrc-ledger-types): Remove unused dependencies from icrc-ledger-client (#5827)
  Notes: Removes unused dependencies ic-cdk and serde from the icrc-ledger-client crate to avoid upgrade issues, and updates the CODEOWNERS file to assign ownership to the FI team.
  Review: Code changes look good and match release notes.
• 7d377c34c Node: Update Base Image Refs [2025-07-10-0804] (#5879)
  Notes: Updates the base container image references to newer versions to have secure container images.
  Review: Code changes look good and match release notes.
• 079ae336a Node: Update Base Image Refs [2025-07-03-0812] (#5814)
  Notes: Updates the base container image references to newer versions to have secure container images.
  Review: Code changes look good and match release notes.

Tests:

• 8c0981290 Interface: Write the routing table entries in the new format in addition to the old (#5740)
  Notes: Updates test utilities and registry setup to write routing table entries in both the old monolithic format (make_routing_table_record_key) and the new sharded format (make_canister_ranges_key), ensuring tests cover both formats during the transition.
  Review: Code changes look good and match release notes.

Other changes:

• 5128134d2 Interface,Node: Revert “feat: Build custom SEV-compatible OVMF from source and distribute it with the GuestOS (#5776)” (#5894)
  Notes: This commit rollbacks the custom SEV-compatible OVMF because it had issues with direct booting and ended up booting through GRUB instead.
  Review: Code changes look good and match release notes.

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai.

proposal / 137345

e36d9f53c
Replaces raw BTreeMap<String, String> usage with a dedicated EnvironmentVariables struct, makes changes for canister creation and status queries to snapshot serialization. Adds environment-variable exposure in canister-status responses.

ee83c4bb5
Refactors update_settings so that when the EnvironmentVariables flag is enabled it logs a single settings_change entry, containing the new controllers list and/or the hash of updated environment variables. This is to keep history of the changes now that canisters can now have their environment variables edited via update_settings.

18d7278ba

New protobuf definitions (ECDSA quadruple & Schnorr transcript, PreSignature, PreSignatureStashTree) and matching Rust types/conversions, plus extra crypto test-utils crates, so the codebase can serialise/deserialise threshold-signature pre-signatures. SubnetCallContextManager now maintains a pre_signature_stashes map.

eeacd880a

get_routing_table no longer reads one mono routing-table value; it now lists all keys under the CANISTER_RANGES_PREFIX, loads each routing-table shard stored there, and then re-assembles them into a single RoutingTable.

f8a10ffff

New tip_of_chain query that returns the chain’s latest block index plus optional certification, and adds a corresponding struct to the public ICP-ledger interface along with a test ensuring both interfaces yield identical results.

648c31145

Adds the canister_cycles_cost_schedule enum/field to SubnetRecord, protobufs, payloads, creation / update flows, test helpers, and integration tests—defaulting to NORMAL and mapping it into registry mutations. No behavioural changes yet. Prepares subnets for future rental pricing modes.

910548cc4

New get_allowances query (with pagination and a 500-item cap) to the ICP Ledger, adds all supporting types/logic in the core crate, and removes an unused regex dependency.

3f26fb05c

Cleans up vsock_lib by dropping the unused regex crate and extends the vsock protocol/host-agent with a new start-upgrade-guest-vm command that simply runs systemctl restart upgrade-guestos.service, to launch the new Upgrade-GuestOS VM.

1787e4e66

Switches every GitHub Action, dev-container, and CI job to the newest ic-build container image and introduces an in-repo Bazel rule that builds an SEV-capable OVMF firmware (edk2-stable202505), packages it into GuestOS images. Adds the new OVMF.fd path through the guest-VM runner so direct-boot—including SEV/SNP machines—uses EFI firmware instead of GRUB.

7c52fa197

Pulls LMDB from the official OpenLDAP 2.5.9 tag on GitHub instead of a specific commit on git.openldap.org, so the strip_prefix, archive URL, and SHA-256 checksum are all updated to match that release.

fa6080b7b

Logs metric that records the byte size of a canister-HTTP request’s variable parts, its body payload, the maximum response size allowed, and the subnet’s replica count.

967f2d362

Old with_test = True flag is replaced by test_name = "<name>" plus an optional test_timeout, so a benchmark generates a companion shell test only when a name is given and can set a custom timeout.

3a2bc2e8c

Delete the wabt-tests crate and all Bazel/Cargo plumbing that produced hundreds of pre-baked .wasm test artefacts, plus the Haskell spec-compliance suite sections that consumed them.The removed coverage is replaced by new, focused Rust unit-tests inside embedders/tests/validation.rs. Also canister history tests are all already covered by the Rust test suite.

44a0b9108

Removes the now-unused ic-cdk and serde dependencies from Cargo.toml, BUILD.bazel, and Cargo.lock for icrc-ledger-client

7d377c34c

Update base image refs.

079ae336a

Update base image refs.

8c0981290

Migrates registry and test code to the sharded canister_ranges record, inserting each shard’s routing-table protobuf under a key derived from its first canister ID.

5128134d2
Reverts commit.

proposal / 137350

2e1c7650a

Moves restart responsibility from libvirt to guest_vm_runner: all VM XML templates now use <on_* >destroy</on_* >, the runner’s main function loops so it can recreate the domain when it exits.

d4d277289

Use dd for efficient sparse copy of partition ranges and share a single extracted guest-OS image across tests to speed them up.