{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":144076009,"defaultBranch":"master","name":"subzero","ownerLogin":"square","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2018-08-08T22:58:11.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/82592?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1696308001.0","currentOid":""},"activityList":{"items":[{"before":"f8ac3843012afae674448a629ce65e3b5923b4ee","after":"bbcdee555a7299fde3a96b76662db1d306ff0816","ref":"refs/heads/master","pushedAt":"2023-12-15T20:33:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"Increase the MSAN test timeout to 15 seconds (#695)\n\nWe've seen occasional failures of the MSAN build only.\r\nLooks like 10 seconds is not always long enough for MSAN-enabled subzero\r\nto fully start up and start accepting traffic.\r\n\r\nLeaving the other timeouts at 10 seconds because I haven't seen any\r\nsuch failures with ASAN or UBSAN so far.","shortMessageHtmlLink":"Increase the MSAN test timeout to 15 seconds (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2044312680\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/695\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/695/hovercard\" href=\"https://github.com/square/subzero/pull/695\">#695</a>)"}},{"before":"010aa5a6c2ba7f095814ed42d8fc76ac1264a2c3","after":"f8ac3843012afae674448a629ce65e3b5923b4ee","ref":"refs/heads/master","pushedAt":"2023-11-02T19:59:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] print a summary of self checks if any of them failed (#694)","shortMessageHtmlLink":"[core] print a summary of self checks if any of them failed (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1964078505\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/694\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/694/hovercard\" href=\"https://github.com/square/subzero/pull/694\">#694</a>)"}},{"before":"e164ecfdaad1fd3dcccd863c9182fbba78c89cb4","after":"010aa5a6c2ba7f095814ed42d8fc76ac1264a2c3","ref":"refs/heads/master","pushedAt":"2023-10-18T21:09:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] set the currency field correctly when finalizing wallet (#693)\n\nWe can determine the currency (MAIN_NET or TEST_NET) by looking at the Base58-checked encoding of the public key returned from subzero core.\r\n\r\nThis addresses https://github.com/square/subzero/issues/254\r\n\r\nManually tested with a core binary built with both CURRENCY=btc-testnet and CURRENCY=btc-mainnet.\r\n\r\nTest plan for TEST_NET:\r\n1. `cd core && rm -rf build && mkdir build && cd build && TARGET=dev CURRENCY=btc-testnet cmake ../ && ./subzero` (leave this running)\r\n2. `cd java && rm -rf test-wallets && mkdir test-wallets && touch test-wallets/.subzero_702e63a9 && ./gradlew clean build && java -jar ./gui/build/libs/gui-1.0.0-SNAPSHOT-shaded.jar --wallet-dir ./test-wallets --generate-wallet-files-test` (then type \"yes\" a bunch of times, ctrl-C when done)\r\n3. Check that the wallet files in `test-wallets/finalized/` have a currency field with the value \"TEST_NET\"\r\n\r\nTest plan for MAIN_NET:\r\n1. Edit core/src/checks/self_checks.c and disable the verify_sign_tx check (it appears to be broken with `CURRENCY=btc-mainnet`).\r\n2. `cd core && rm -rf build && mkdir build && cd build && TARGET=dev CURRENCY=btc-mainnet cmake ../ && ./subzero` (leave this running)\r\n3. `cd java && rm -rf test-wallets && mkdir test-wallets && touch test-wallets/.subzero_702e63a9 && ./gradlew clean build && java -jar ./gui/build/libs/gui-1.0.0-SNAPSHOT-shaded.jar --wallet-dir ./test-wallets --generate-wallet-files-test` (then type \"yes\" a bunch of times, ctrl-C when done)\r\n4. Check that the wallet files in `test-wallets/finalized/` have a currency field with the value \"MAIN_NET\"","shortMessageHtmlLink":"[java] set the currency field correctly when finalizing wallet (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1940730402\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/693\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/693/hovercard\" href=\"https://github.com/square/subzero/pull/693\">#693</a>)"}},{"before":"4b05348b4bab8d04397c63ea4566e5bdfede5252","after":"e164ecfdaad1fd3dcccd863c9182fbba78c89cb4","ref":"refs/heads/master","pushedAt":"2023-10-06T16:48:43.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] check that the QR signature field is present before using its contents (#692)","shortMessageHtmlLink":"[core] check that the QR signature field is present before using its …"}},{"before":"840816293932691464ca1d478d788ad29e8432c4","after":"4b05348b4bab8d04397c63ea4566e5bdfede5252","ref":"refs/heads/master","pushedAt":"2023-10-06T16:48:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] minor cleanup in sign.c (#691)\n\n- mark a constant with `const`\r\n- don't copy read-only TxOutput structs in a loop in compute_output_hash()","shortMessageHtmlLink":"[core] minor cleanup in sign.c (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1929180363\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/691\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/691/hovercard\" href=\"https://github.com/square/subzero/pull/691\">#691</a>)"}},{"before":"5d95bb9bc6a574a653a1f16b8c44faaf10b4581a","after":"840816293932691464ca1d478d788ad29e8432c4","ref":"refs/heads/master","pushedAt":"2023-10-06T16:47:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] validate destination enum in handle_sign_tx() (#690)\n\nThe core logic should not assume that the destination field is always one of GATEWAY or CHANGE. Trust but verify.","shortMessageHtmlLink":"[core] validate destination enum in handle_sign_tx() (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1929174969\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/690\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/690/hovercard\" href=\"https://github.com/square/subzero/pull/690\">#690</a>)"}},{"before":"ef0aebaa0b1cb9663e50db331e6a65085e5f3627","after":"5d95bb9bc6a574a653a1f16b8c44faaf10b4581a","ref":"refs/heads/master","pushedAt":"2023-10-05T00:25:17.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] replace spongycastle dependency with bouncycastle (#687)\n\nSpongycastle is an unmaintained fork of bouncycastle which hasn't seen a release for 6 years.\r\nThe BC release that the latest spongycastle is forked from has 5 known CVEs, so spongycastle presumably has them too.\r\nLet's not use abandonware, known-vulnerable libraries for our crypto primitives.","shortMessageHtmlLink":"[java] replace spongycastle dependency with bouncycastle (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1918302614\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/687\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/687/hovercard\" href=\"https://github.com/square/subzero/pull/687\">#687</a>)"}},{"before":null,"after":"addcd36af12fa87828ecc116d6cbcf1ff10694dd","ref":"refs/heads/dependabot/pip/utils/urllib3-1.26.17","pushedAt":"2023-10-03T04:40:01.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump urllib3 from 1.26.5 to 1.26.17 in /utils\n\nBumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.17.\n- [Release notes](https://github.com/urllib3/urllib3/releases)\n- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)\n- [Commits](https://github.com/urllib3/urllib3/compare/1.26.5...1.26.17)\n\n---\nupdated-dependencies:\n- dependency-name: urllib3\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump urllib3 from 1.26.5 to 1.26.17 in /utils"}},{"before":"a351b5564c29a2d47a2aaa87d1073592a3be69f5","after":"ef0aebaa0b1cb9663e50db331e6a65085e5f3627","ref":"refs/heads/master","pushedAt":"2023-09-29T18:35:07.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] add missing entry to verification-metadata.xml (#688)\n\nFor some reason the entry for junit-bom 5.7.2 was missing the module artifact, which is breaking some of our automated builds.","shortMessageHtmlLink":"[java] add missing entry to verification-metadata.xml (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1918465043\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/688\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/688/hovercard\" href=\"https://github.com/square/subzero/pull/688\">#688</a>)"}},{"before":"1fbe9898b05c9f61c03d8df44979fde26b7593b2","after":"a351b5564c29a2d47a2aaa87d1073592a3be69f5","ref":"refs/heads/master","pushedAt":"2023-09-25T19:28:26.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] add a FATAL() logging macro and use it (#686)","shortMessageHtmlLink":"[core] add a FATAL() logging macro and use it (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1911988032\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/686\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/686/hovercard\" href=\"https://github.com/square/subzero/pull/686\">#686</a>)"}},{"before":"a2cf00ce0e528c133b52232284cc55be4dc7ff05","after":"1fbe9898b05c9f61c03d8df44979fde26b7593b2","ref":"refs/heads/master","pushedAt":"2023-09-25T17:34:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] no need to statically allocate 128 slots for self-check functions (#685)\n\nThe `self_checks` array in self_checks.c doesn't need to have 128 slots\r\nwhen only 12 are being used. We can just set MAX_SELF_CHECKS to the\r\nold value of EXPECTED_SELF_CHECKS_COUNT and remove the latter.","shortMessageHtmlLink":"[core] no need to statically allocate 128 slots for self-check functi…"}},{"before":"690faea6c599d52cd4d79a3565142c56940fcfd2","after":"a2cf00ce0e528c133b52232284cc55be4dc7ff05","ref":"refs/heads/master","pushedAt":"2023-09-21T20:41:44.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[docs] fix incorrect gui jar path (#684)","shortMessageHtmlLink":"[docs] fix incorrect gui jar path (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1907596875\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/684\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/684/hovercard\" href=\"https://github.com/square/subzero/pull/684\">#684</a>)"}},{"before":"f752bd20af837aaa1d887a4c1ffb7dacd04cd108","after":"690faea6c599d52cd4d79a3565142c56940fcfd2","ref":"refs/heads/master","pushedAt":"2023-09-21T18:06:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] fix bad indentation in verification-metadata.xml (#683)","shortMessageHtmlLink":"[java] fix bad indentation in verification-metadata.xml (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1907472566\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/683\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/683/hovercard\" href=\"https://github.com/square/subzero/pull/683\">#683</a>)"}},{"before":"850a4eb2ae998dc7074756c00ecbf533d46ebbf8","after":"f752bd20af837aaa1d887a4c1ffb7dacd04cd108","ref":"refs/heads/master","pushedAt":"2023-09-21T17:44:48.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] update guava to 32.0.1-jre (#682)\n\nThe guava 31.1-jre dependency has 2 CVEs, which are fixed in 32.0.1-jre.\r\nThis version was also already a transitive dependency via dropwizard, so\r\ndepending on it directly doesn't actually introduce any new dependencies.","shortMessageHtmlLink":"[java] update guava to 32.0.1-jre (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1907307416\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/682\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/682/hovercard\" href=\"https://github.com/square/subzero/pull/682\">#682</a>)"}},{"before":"d62136b779ceec95785b6f5443e8a4c75cd2e398","after":"850a4eb2ae998dc7074756c00ecbf533d46ebbf8","ref":"refs/heads/master","pushedAt":"2023-09-21T15:55:19.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] upgrade dropwizard dependencies to 2.1.7 (#681)\n\nThe dropwizard 2.1.1 dependency had some vulnerable transitive dependencies.\r\nMost of them are mitigated with the 2.1.7 upgrade, with the exception of snakeyaml 1.31,\r\nwhich we manually exclude and override with non-vulnerable snakeyaml 2.0.","shortMessageHtmlLink":"[java] upgrade dropwizard dependencies to 2.1.7 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1905717017\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/681\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/681/hovercard\" href=\"https://github.com/square/subzero/pull/681\">#681</a>)"}},{"before":"dd1459c84f74bb064f164930279f8cbe5c4bcff1","after":"d62136b779ceec95785b6f5443e8a4c75cd2e398","ref":"refs/heads/master","pushedAt":"2023-09-20T20:54:28.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] upgrade snakeyaml dependency to 2.0 (#680)\n\nSnakeyaml 1.33 has 1 CVE, which is fixed in 2.0","shortMessageHtmlLink":"[java] upgrade snakeyaml dependency to 2.0 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1905510098\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/680\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/680/hovercard\" href=\"https://github.com/square/subzero/pull/680\">#680</a>)"}},{"before":"f3092d6a756c244e522feeaa8839abe7192e555e","after":"dd1459c84f74bb064f164930279f8cbe5c4bcff1","ref":"refs/heads/master","pushedAt":"2023-09-20T18:21:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] upgrade protobuf dependencies to 3.21.7 (#679)\n\nVersions 3.21.5 and 3.21.6 have 3 CVEs, all of which are fixed in 3.21.7.","shortMessageHtmlLink":"[java] upgrade protobuf dependencies to 3.21.7 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1903809191\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/679\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/679/hovercard\" href=\"https://github.com/square/subzero/pull/679\">#679</a>)"}},{"before":"2737511b4e90c53fb330ab27a1c575b370929639","after":"f3092d6a756c244e522feeaa8839abe7192e555e","ref":"refs/heads/master","pushedAt":"2023-09-19T21:57:21.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] refactor gradle dependencies so IntelliJ can analyze them (#678)\n\nDue to a limitation of IntelliJ's Gradle integration, the IDE doesn't\r\nunderstand gradle dependencies when they are declared in a separate file\r\nand then referenced from build.gradle.kts. However, if only the dependency\r\nversion is declared in another file and string interpolation is used, then\r\nthe IDE can see the dependencies without any issue. This change refactors\r\nthe gradle dependencies to make the IntelliJ integration work.\r\n\r\nThis is a prerequsite for detecting vulnerable dependencies with IntelliJ\r\nand upgrading them.","shortMessageHtmlLink":"[java] refactor gradle dependencies so IntelliJ can analyze them (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1903687381\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/678\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/678/hovercard\" href=\"https://github.com/square/subzero/pull/678\">#678</a>)"}},{"before":"71c9f449fbe4f7536380d8477896a6bb86b0704c","after":"2737511b4e90c53fb330ab27a1c575b370929639","ref":"refs/heads/master","pushedAt":"2023-09-15T05:00:33.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] make gradle dependency verification work with IntelliJ (#668)\n\nThere are 2 parts to this:\r\n1. Disable dependency verification of sources and javadoc jars, per https://docs.gradle.org/8.1.1/userguide/dependency_verification.html#sec:skipping-javadocs\r\n2. Manually add some artifacts (`groovy-*-3.0.15.pom` and `gradle-8.1.1-src.zip`) to `verification-metadata.xml`.","shortMessageHtmlLink":"[java] make gradle dependency verification work with IntelliJ (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1814940986\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/668\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/668/hovercard\" href=\"https://github.com/square/subzero/pull/668\">#668</a>)"}},{"before":"93cd11f2cd5188bb4cc4e8b3e4f8456b01673912","after":"71c9f449fbe4f7536380d8477896a6bb86b0704c","ref":"refs/heads/master","pushedAt":"2023-09-14T17:58:19.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"Split the SignTx test github action into 4 separate actions (#676)\n\nNow we have 4 separate actions:\r\n- unsanitized build\r\n- ASAN build\r\n- UBSAN build\r\n- MSAN build\r\n\r\nThis has two benefits. First, if an action fails it will be more clear if it\r\nfailed due to a particular sanitizer. Second, the actions should finish faster\r\nafter a PR is submitted due to parallelism.","shortMessageHtmlLink":"Split the SignTx test github action into 4 separate actions (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1831728412\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/676\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/676/hovercard\" href=\"https://github.com/square/subzero/pull/676\">#676</a>)"}},{"before":"f4f4d86dec3bc5bf27d7b88cefc79537000ce013","after":"93cd11f2cd5188bb4cc4e8b3e4f8456b01673912","ref":"refs/heads/master","pushedAt":"2023-09-11T15:17:59.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[java] don't echo the ACS password when running the --init-nvram command (#677)\n\nI discovered that the ACS password is echoed to the screen when running the GUI with the --init-nvram option.\r\nThis is obviously bad as anyone present in the room would be able to see the password.\r\nFixed by using System.console().readPassword() instead of reading from System.in.\r\n\r\nTested on my at-home HSM machine, both with and without a framebuffer, works as expected.","shortMessageHtmlLink":"[java] don't echo the ACS password when running the --init-nvram comm…"}},{"before":"5f8c57b8510ca3790f3caf4867e676fb33dac390","after":"f4f4d86dec3bc5bf27d7b88cefc79537000ce013","ref":"refs/heads/master","pushedAt":"2023-08-01T16:22:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] Add a fuzzing regression test github action (#674)\n\nWhile fuzzing subzero core before the nanopb 0.4.5 upgrade,\r\nthe fuzzer found a bunch of inputs which triggered UBSAN.\r\n\r\nThis PR creates a regression test that runs the fuzzer with these inputs\r\nand verifies that none of them fail now that we're on nanopb 0.4.5.\r\n\r\nIf more bad inputs are discovered later, they can be added to this directory\r\nafter the corresponding bugs are fixed.","shortMessageHtmlLink":"[core] Add a fuzzing regression test github action (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1830364660\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/674\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/674/hovercard\" href=\"https://github.com/square/subzero/pull/674\">#674</a>)"}},{"before":"0375387abb98c58fb3ca6d1e812c2eed157e1f4f","after":"5f8c57b8510ca3790f3caf4867e676fb33dac390","ref":"refs/heads/master","pushedAt":"2023-08-01T16:07:55.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[docs] fix bullet point list at the end of fuzzing docs (#675)","shortMessageHtmlLink":"[docs] fix bullet point list at the end of fuzzing docs (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1831527182\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/675\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/675/hovercard\" href=\"https://github.com/square/subzero/pull/675\">#675</a>)"}},{"before":"5d82fc081940e0a9a2e094ff2efd3f69472801de","after":"0375387abb98c58fb3ca6d1e812c2eed157e1f4f","ref":"refs/heads/master","pushedAt":"2023-07-31T22:17:43.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"Update nanopb submodule to release 0.4.5. (#672)\n\nAlso fix some self-check code that broke due to the update.","shortMessageHtmlLink":"Update nanopb submodule to release 0.4.5. (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1816528700\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/672\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/672/hovercard\" href=\"https://github.com/square/subzero/pull/672\">#672</a>)"}},{"before":"7c6eb1fffe884d0393783143e9d2a2aaca6e98a1","after":null,"ref":"refs/heads/dependabot/pip/utils/certifi-2022.12.7","pushedAt":"2023-07-25T17:11:35.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"624b44dc4d5dd49f62eea8d2b622233732d00f41","ref":"refs/heads/dependabot/pip/utils/certifi-2023.7.22","pushedAt":"2023-07-25T17:11:30.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump certifi from 2020.12.5 to 2023.7.22 in /utils\n\nBumps [certifi](https://github.com/certifi/python-certifi) from 2020.12.5 to 2023.7.22.\n- [Commits](https://github.com/certifi/python-certifi/compare/2020.12.05...2023.07.22)\n\n---\nupdated-dependencies:\n- dependency-name: certifi\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump certifi from 2020.12.5 to 2023.7.22 in /utils"}},{"before":null,"after":"5052e9fa45cb3b60d5673bc2fada3ceee3d050f6","ref":"refs/heads/dependabot/gradle/java/com.google.protobuf-0.9.4","pushedAt":"2023-07-21T23:26:51.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump com.google.protobuf from 0.9.3 to 0.9.4 in /java\n\nBumps com.google.protobuf from 0.9.3 to 0.9.4.\n\n---\nupdated-dependencies:\n- dependency-name: com.google.protobuf\n  dependency-type: direct:production\n  update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump com.google.protobuf from 0.9.3 to 0.9.4 in /java"}},{"before":"5ffa78a890fa034cbcf39b0d8354b42083158ee1","after":"5d82fc081940e0a9a2e094ff2efd3f69472801de","ref":"refs/heads/master","pushedAt":"2023-07-21T21:44:01.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] remove unused code to print master seed (#670)\n\nAs requested by @oreparaz","shortMessageHtmlLink":"[core] remove unused code to print master seed (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1816401515\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/670\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/670/hovercard\" href=\"https://github.com/square/subzero/pull/670\">#670</a>)"}},{"before":"59233e406db200dca0146acb67d2d1d41989e21c","after":"5ffa78a890fa034cbcf39b0d8354b42083158ee1","ref":"refs/heads/master","pushedAt":"2023-07-21T21:04:29.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ivmaykov","name":"Ilya Maykov","path":"/ivmaykov","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/682290?s=80&v=4"},"commit":{"message":"[core] rewrite fuzzing logic (#663)\n\nRewrite the bit-rotted fuzzing code. Summary of changes:\r\n1. Fuzzing is now enabled similar to sanitizers, with -DENABLE_FUZZER=ON parameter to cmake\r\n2. When fuzzing is enabled, the output binary is `subzero_fuzzer` rather than `subzero`.\r\n3. When fuzzing is enabled, all log output is suppressed, per recommendation from libfuzzer docs.\r\n4. When fuzzing is enabled, debug symbols are included, per recommendation from libfuzzer docs.\r\n5. When fuzzing is enabled, -O1 optimization level is used, per recommendation from libfuzzer docs.\r\n6. When fuzzing is enabled, QR signature check failures are ignored, so we can fuzz the post-signature-check code paths.\r\n7. When fuzzing is enabled, ignore AES-GCM decryption errors, so we can fuzz the post-decryption code paths.\r\n8. Added new options --generate-fuzzing-corpus and --fuzzing-corpus-output-dir to the GUI.\r\n   These can be used to generate an initial fuzzing corpus (together with --signtx-test and --generate-wallet-files-test).\r\n9. Fixed a bug with --generate-wallet-files-test - it needs to initialize screens in order to work.\r\n10. Added a new fuzz testing section to documentation page.\r\n\r\nPotential future work:\r\n- use google's libprotobuf-mutator for structure-aware fuzzing","shortMessageHtmlLink":"[core] rewrite fuzzing logic (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1801879493\" data-permission-text=\"Title is private\" data-url=\"https://github.com/square/subzero/issues/663\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/square/subzero/pull/663/hovercard\" href=\"https://github.com/square/subzero/pull/663\">#663</a>)"}},{"before":"3bb6e21566830ced7580ef039459a7bf98f4c8b9","after":null,"ref":"refs/heads/dependabot/gradle/java/com.google.protobuf-protoc-3.23.4","pushedAt":"2023-07-21T18:02:58.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADy4xdjAA","startCursor":null,"endCursor":null}},"title":"Activity · square/subzero"}