Instead of using lcov -r (which is extremely slow), first use a python script to perform bulk cleanup of the /usr/include/* coverage. Then use lcov -a to remove the duplicate entries. This has the same effect of lcov -r but runs significantly faster
Downloading all the binaries of all platforms can take quite long,
especially for slow connections, which may deter people from using
this script and, therefore, to disregard security altogether.
This change introduces the new possibility of specifying the
platform along with the version number, so that only the binaries
that contain the platform name are downloaded.
Add comment how further options can be added or existing ones
modified. Use /run/${RuntimeDirectory} for PID file.
Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
StartLimitBurst directives as those should be set indivdually.
Remove Group to user the bitcoin user's default group.
Changed Restart from 'always' to 'on-failure' (can also be overwritten
individually).
ac9cd95 contrib: Update location of seeds.txt (Wladimir J. van der Laan)
Tree-SHA512: c12a75787ba87f03707c21731da083b466762a7e0af9ca501107695ea1074025907cc24805c7c87f4a66daa7f4f13e574da16be1681e61deaf1acbd72176b3ff
ed1fcdc Bugfix: Detect genbuild.sh in repo correctly (Luke Dashjr)
e98e3dd Bugfix: Only use git for build info if the repository is actually the right one (Luke Dashjr)
Tree-SHA512: 510d7ec8cfeff4e8e0c7ac53631eb32c7acaada7017e7f8cc2e6f60d86afe1cd131870582e01022f961c85a783a130bcb8fef971f8b110070c9c02afda020726
91700aa Re-enable upnp support in contrib/debian (Matt Corallo)
c5071e1 Build with QT5 on Debian-based systems using contrib/debian (Matt Corallo)
a8e9286 Bump minimum boost version in contrib/debian (Matt Corallo)
9970219 Update contrib/debian to latest Ubuntu PPA upload. (Matt Corallo)
Tree-SHA512: ee4d3c5927a9cfb2794672eaca883c4af5df541383afbdbc6500714ee17518e78b58f509b2e9805bbc424ef97a5e64be0b9a977212c5002cb682f0569d28099b
This:
* Partially reverts 9f68ed6 (which fixed spelling in a changelog,
though generally changelogs should be append-only).
* Disables UPnP support (PPA has not had it for a while, and I
still don't trust miniupnpc, plus it seems uneccessary - its
been a while since we needed to care about Bitcoin-Qt home users
getting their inbound ports auto-mapped).
* Enables ZMQ.
* Forces GUI to Qt4 to fix various issues people have been seeing
on Ubuntu and elsewhere with Qt5.
* Reverts 70899d70b (Bitcoin does not enable "instant payments",
not is transaction management "carried out collectively by the
network", for whatever "transaction management" means, finally
Bitcoin Core is not the only way to use the Bitcoin currency,
as seemingly implied in the description).
b508424 contrib: github-merge improvements (Wladimir J. van der Laan)
Tree-SHA512: 56a34e887716bf6bfcd1b6520f6b9a1bb742e1ad17e75618caf982af71fceb75d50caec1bf4279cb9a2f7a74319f1bcec4c824682841bd6e994acc0991616451
Some minor github-merge improvements I've made over time:
User interface:
- Print merge details again before signing off, to refresh your memory -
usually I'll have done lots of different things in the shell so this
will have scrolled out a long time ago.
- Require a valid answer on the prompts. One of the requested answers
must be typed, if not, the prompt will re-ask. This prevents
accidentally rejecting.
Efficiency:
- Condense "accept merge" and "sign off" prompts. There's no reason to
have this as two separate prompts, both are just opportunities to skip
out on the merge, no action is performed in between.
Merging:
- Strip spaces from github title. This avoids redundant spaces
surrounding it from getting into the commit message.
b99fbad Fix init README format to render correctly on github (Jameson Lopp)
Tree-SHA512: 52b8ed9661e48e830c9e0c0e9aa670fe8d1a3848426d2d854494b477a9926f286d87e0586c2bc63f433136f8e5acd2cab3ab1f616380fb517c5a8f9d34ed52da
c0651cc Update bitcoin.conf with example for pruning (Kyle Honeycutt)
Tree-SHA512: f27180ac5d5a4bd32c7a63de156ca14eb8068509e64d386ca84ee16d0dacfa8e1bab9a8e7b88175fae12c8d823f71f8705d413f224a15d5aa7cf059f416fa023
This option is becoming more popular recently, and I propose an example to be shown in the bitcoin.conf.
pruning comments
updated and corrected pruning comments
Revised details on pruning in bitcoin.conf
Revised details on pruning in bitcoin.conf
spelling and space
spelling and space
add details on pruning in bitcoin.conf
Adds a datadir configuration option to the linearize scripts to allow the script to use the RPC cookie instead of requiring the user to set a rpcuser and rpcpassword for the rpc server.
This changes tree_sha512sum() to requests the objects for hashing from
git instead of from the working tree.
The change should make the process more deterministic (it hashes what
will be pushed) and hopefully avoids the frequent miscomputed SHA512's
that happen now.
df5bae2 Update trusted-sha512-root-commit for new bad tree hash (Matt Corallo)
efc06c2 If GNU sha512sum is missing, try perl shasum in verify-commits (Matt Corallo)
8ed849f Fix travis failing to fetch keys from the sks keyserver pool (Matt Corallo)
fd5e905 Make verify-commits.sh non-recursive (Matt Corallo)
Tree-SHA512: 457cc81d6e0a77ab32d030ecd058c59857f22cb998a1394593e115639081f3fdc74a6376035b77be0712ad5cb9143bc3f498b77e99eb66034492dbbb38c39bc6
09fe2d9 release: update docs to show basic codesigning procedure (Cory Fields)
f642753 release: create a bundle for the new signing script (Cory Fields)
0068361 release: add win detached sig creator and our cert chain (Cory Fields)
Tree-SHA512: 032ad84697c70faaf857b9187f548282722cffca95d658e36413dc048ff02d9183253373254ffcc1158afb71140753f35abfc9fc8781ea5329c04d13c98759c0
bbd7579 Fix regsig checking for subkey sigs in verify-commits (Matt Corallo)
d025bc7 Allow any subkey in verify-commits (Matt Corallo)
eddc77a Add comment re: why SHA1 is disabled (Peter Todd)
d9c450f Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1 (Matt Corallo)
be908a6 Fail merge if there are any symlinks (Matt Corallo)
Tree-SHA512: bb66c59cc1c6b1c86d7d8be7adb0769c6598c0e28ad927409941f30af87d390521e82fc13700ee22e92db1bd571db3e19a152ec7b2c0349c6e06f5de62c0b65f
This removes the option from the wallet to not pay a fee on "small"
transactions which spend "old" inputs.
This code is no longer worth keeping around, as almost all miners
prefer not to include transactions which pay no fee at all.
b471daf Adddress nits, use asyncio signal handling, create_task (Bob McElrath)
4bb7d1b Add python version checks and 3.4 example (Bob McElrath)
5406d51 Rewrite to not use Polling wrapper for asyncio, link to python2.7 example (Bob McElrath)
5ea5368 ZMQ example using python3 and asyncio (Bob McElrath)
7179e7c qt: Periodic translations update (Wladimir J. van der Laan)
5e903a5 devtools: Handle Qt formatting characters edge-case in update-translations.py (Wladimir J. van der Laan)
If both numeric format specifiers and "others" are used, assume we're
dealing with a Qt-formatted message. In the case of Qt formatting (see
https://doc.qt.io/qt-5/qstring.html#arg) only numeric formats are
replaced at all. This means "(percentage: %1%)" is valid (which was
introduced in #9461), without needing any kind of escaping that would be
necessary for strprintf. Without this, this function would wrongly
detect '%)' as a printf format specifier.
ba94426 Test that pushes to bitcoin/bitcoin are signed per verify-commits (Matt Corallo)
3e900ac Require merge commits merge branches on top of other merge commits (Matt Corallo)
Specifically, require that the left branch (first restult of git
show -s --format=format:%P) is a signed merge commit, instead of
allowing either. This is fine for now, but might need to be relaxed
in the future.
Also fixes an out-of-file-descriptors issue by holding too many
open FDs writing to /dev/null
- The last-timestamp-encountered variable wasn’t being used properly. Rewrite code to properly allow for new blockchain files to be written when split by month.
- Properly set a blockchain file’s access and modify times.
- Add a “debug output” option to quiet certain output that might not always be desirable.
- Update the README.
Also change the mac filename to match
The procedure remains the same, but now there's a nifty script to automate
the signing process.
Future steps:
- Build osslsigncode in the gitian-win descriptor so that the signer itself is
deterministic.
- Verify in the gitian-win-signer descriptor that the expected cert chain was
used.
To ensure that this is the correct chain, it is pulled from a previous release
binary.
Procedure:
$ osslsigncode extract-signature -pem -in bitcoin-0.13.2-win32-setup.exe \
-out bitcoin-0.13.2-win32-setup.exe.pem
$ openssl pkcs7 -print_certs -in bitcoin-0.13.2-win32-setup.exe.pem \
-out win-codesign.cert
Hand-edit to remove comments, as well as the timestamp cert.
Three categories of modifications:
1)
1 instance of 'The Bitcoin Core developers \n',
1 instance of 'the Bitcoin Core developers\n',
3 instances of 'Bitcoin Core Developers\n', and
12 instances of 'The Bitcoin developers\n'
are made uniform with the 443 instances of 'The Bitcoin Core developers\n'
2)
3 instances of 'BitPay, Inc\.\n' are made uniform with the other 6
instances of 'BitPay Inc\.\n'
3)
4 instances where there was no '(c)' between the 'Copyright' and the year
where it deviates from the style of the local directory.
The consistency is helpful for gauging Gitian build progress. Right now it's necessary to remember which platform builds in which order, which can be confusing if you're attempting to get a quick idea of how far along your builds are.
62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan)
9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan)
d19583f improved gen-manpages.sh, includes bitcoin-tx and strips commit tag, now also runs binaries from build dir by default, added variables for more control (nomnombtc)
09546ca regenerated all manpages with commit tag stripped, also add bitcoin-tx (nomnombtc)
ae6e754 change help string --enable-man to --disable-man (nomnombtc)
a32c102 add conditional for --enable-man, default is yes (nomnombtc)
dc84b6f add doc/man to subdir if configure flag --enable-man is set (nomnombtc)
00dba72 add doc/man/Makefile.am to include manpages (nomnombtc)
eb5643b add autogenerated manpages by help2man (nomnombtc)
6edf2fd add gen-manpages.sh description to README.md (nomnombtc)
d2cd9c0 add script to generate manpages with help2man (nomnombtc)
Three subcommands to this script:
1) ./copyright_header.py report
Examines git-tracked files with extensions that match:
INCLUDE = ['*.h', '*.cpp', '*.cc', '*.c', '*.py']
Helps to:
-> Identify source files without copyright
-> Identify source files added with something other than "The Bitcoin Core
developers" holder so we can be sure it is appropriate
-> Identify unintentional typos in the copyright line
2) ./copyright_header.py update
Replaces fix-copyright-headers.py. It does file editing in native python
rather than subprocessing out to perl as was the case with
fix-copyright-headers.py. It also shares code with the 'report' functions.
3) ./copyright_header.py insert
Inserts a copyright header into a source file with the proper format and
dates.
3fe0b68 Set defaults to gitian defaults (Andrew Chow)
6ffd6b4 Create option to detach sign gitian builds and not commit the files in the script (Andrew Chow)
498d8da Check for OSX SDK (Andrew Chow)
eda4cfb Create an easy to use gitian building script (Andrew Chow)
fafe7b3 contrib: Make fix-copyright-headers.py more portable (MarcoFalke)
fa27c0a [doc] Fix typos in comments, doxygen: Fix comment syntax (MarcoFalke)
fabfd5d [qa] pull-tester: Don't mute zmq ImportError (MarcoFalke)
67a5502 init: Fix typo in help message for -whitelistforcerelay (Wladimir J. van der Laan)
I've written a script that automates the setup and building of binaries with gitian. All of the commands are pulled from various documentation on gitian building.
C_INCLUDE_PATH and CPLUS_INCLUDE_PATH work globally as though -isystem was used
for each invocation.
Since that changes the build results, force a rebuild of x86 depends by adding
the value to $HOST_ID_SALT.
* separate completion for bitcoind and bitcoin-cli
* remove RPC support from bitcoind completion
* add completion for bitcoin-tx and bitcoin-qt
* rely on autoloading of completions
1e9aab0 Remove sipa's old revoked key from verify-commits (Peter Todd)
966151e Add README for verify-commits (Peter Todd)
11164ec Remove keys that are no longer used for merging (Peter Todd)
22421fa Remove pointless warning (Peter Todd)
9523e8a Make verify-commits path-independent (Matt Corallo)
f7d4a25 Make verify-commits POSIX-compliant (Matt Corallo)
Now that the trusted root is past all commits signed by that key we don't need
it in the trusted-keys list, nor do we need to whitelist those commits in
allow-revsig-commits
- create a script to handle split debug. This will also eventually need to check
targets, and use dsymutil for osx.
- update config.guess/config.sub for bdb for aarch64.
- temporarily disable symbol checks for arm/aarch64
- quit renaming to linux32/linux64 and use the host directly
This also adds a hack to work around an Ubuntu bug in the gcc-multilib package:
https://bugs.launchpad.net/ubuntu/+source/gcc-defaults-armhf-cross/+bug/1347820
The problem is that gcc-multilib conflicts with the aarch toolchain.
gcc-multilib installs a symlink that points
/usr/include/asm -> /usr/include/x86_64-linux-gnu/asm.
Without this link, gcc -m32 can't find asm/errno.h (and others), since
/usr/include/x86_64-linux-gnu isn't in its default include path. But
/usr/include/i386-linux-gnu is (though it doesn't exist on disk).
So work around the problem by linking
/usr/include/i386-linux-gnu/asm -> /usr/include/x86_64-linux-gnu/asm.
The symlink fix is actually quite reasonable, but echoing the password into
sudo is nasty, and should probably be addressed in gitian itself. It makes more
sense to enable passwordless sudo for the build user by default.
The -debug tarballs/zips contain detached debugging symbols. To use them, place
in the same dir as the target binary, and invoke gdb as usual.
Also, because the debug symbols add a substantial space requirement, the build
dirs are now deleted when they're no longer needed.
Any attacker who managed to make an evil commit that changed something in the
contrib/verify-commits/ directory could just as easily remove the warning
and/or modify it to not display the evil commits; telling the user to check
those commits specifically misleads them into checking just those commits
rather than the script itself.
f154470 [contrib] Remove reference to sf and add doc to verify.sh (MarcoFalke)
182bec4 contrib: remove hardcoded version from verify.sh (Wladimir J. van der Laan)
c907f4d doc: Update release process (Wladimir J. van der Laan)
This removes the following executables from the binary gitian release:
- test_bitcoin-qt[.exe]
- bench_bitcoin[.exe]
@jonasschnelli and me discussed this on IRC a few days ago - unlike the
normal `bitcoin_tests` which is useful to see if it is safe to run
bitcoin on a certain OS/environment combination, there is no good reason
to include these. Better to leave them out to reduce the download
size.
Sizes from the 0.12 release:
```
2.4M bitcoin-0.12.0/bin/bench_bitcoin.exe
22M bitcoin-0.12.0/bin/test_bitcoin-qt.exe
```
As we are already using the API to retrieve the pull request
title, also retrieve the base branch.
This makes sure that pull requests for 0.12 automatically end up in
0.12, and pull requests for master automatically end up in master,
and so on.
It is still possible to override the branch from the command line
or using the `githubmerge.branch` git option.
Ubuntu 16.04 "xenial xerus" does not come with Python 2.x by default.
It is possible to install a python-2.7 package, but this has its own
problem: no `python` or `python2` symlink (see #7717).
This fixes the following scripts to work with python 3:
- `make check` (bctest,py, bitcoin-util-test.py)
- `make translate` (extract_strings_qt.py)
- `make symbols-check` (symbol-check.py)
- `make security-check` (security-check.py)
Explicitly call the python commands using $(PYTHON) instead
of relying on the interpreter line at the top of the scripts.
This makes github-merge.py the first developer tool to go
all Python 3 (for context see #7717).
The changes are straightforward as the script already was
`from __future__ import division,print_function,unicode_literals`.
However urllib2 changed name, and json will only accept unicode data not
bytes.
This retains py2 compatibility for now: not strictly necessary
as it's not used by the build system - but it was easy.
43abb02 [Qt] Add a new chevron/arrow icon for the console prompt line (Jonas Schnelli)
56c9e66 [Qt] keep scroll position in GUI console after changing font size (Jonas Schnelli)
3a3a927 [Qt] Add option to increase/decrease font size in the console window (Jonas Schnelli)
Use 'utf-8' instead of the Python 2 default of 'ascii' to encode/decode
commit messages.
This can be removed when switching to Python 3, as 'utf-8' is the
default there.
Necessary for merging #7422 due to the ฿ in ฿tcDrak.
3b468a0 gitian: Need `ca-certificates` and `python` for LXC builds (Wladimir J. van der Laan)
99fda26 doc: Make networking work inside builder in gitian-building.md (Wladimir J. van der Laan)
This is meant to be a direct translation of the bash script,
with the difference that it retrieves the PR title from github,
thus creating pull messages like:
Merge #12345: Expose transaction temperature over RPC
------------------------------------------------------------------------
r249567 | djasper | 2015-10-07 19:00:20 +0200 (Wed, 07 Oct 2015) | 2 lines
clang-format: Add include sorting capabilities to sublime, emacs and
clang-format-diff.py.
------------------------------------------------------------------------
r231926 | djasper | 2015-03-11 15:58:38 +0100 (Wed, 11 Mar 2015) | 3 lines
clang-format: Recognize the .ts (TypeScript) extension as JavaScript.
Patch by Martin Probst. Thank you.
------------------------------------------------------------------------
r223685 | djasper | 2014-12-08 20:39:03 +0100 (Mon, 08 Dec 2014) | 1 line
clang-format: Make clang-format-diff.py format java files.
------------------------------------------------------------------------
r221990 | djasper | 2014-11-14 14:27:28 +0100 (Fri, 14 Nov 2014) | 4 lines
clang-format: Give clang-format-diff.py a -v option.
With it, it prints the file being formatted. Apparently people are
formatting thousands of files and some progress indication is helpful.
------------------------------------------------------------------------
r216945 | ed | 2014-09-02 22:59:13 +0200 (Tue, 02 Sep 2014) | 6 lines
Use /usr/bin/env python instead of /usr/bin/python.
On operating systems like the BSDs, it is typically the case that
/usr/bin/python does not exist. We should therefore use /usr/bin/env
instead. This is also done in various other scripts in tools/.
------------------------------------------------------------------------
r208766 | djasper | 2014-05-14 11:36:11 +0200 (Wed, 14 May 2014) | 1 line
clang-format: Add clang-format-diff usage examples for SVN.
------------------------------------------------------------------------
r199750 | djasper | 2014-01-21 16:40:01 +0100 (Tue, 21 Jan 2014) | 3 lines
clang-format: Enable formatting for .proto and .protodevel files.
Support for protocol buffer files seems complete enough.
------------------------------------------------------------------------
r197668 | djasper | 2013-12-19 11:21:37 +0100 (Thu, 19 Dec 2013) | 1 line
Fix usage description of clang-format-diff.py.
------------------------------------------------------------------------
r197608 | alp | 2013-12-18 22:34:07 +0100 (Wed, 18 Dec 2013) | 7 lines
clang-format-diff.py: fix -regex/-iregex matching
While debating the finer points of file extension matching, we somehow missed
the bigger problem that the current code will match anything starting with the
default or user-specified pattern (e.g. lit.site.cfg.in).
Fix this by doing what find(1) does, implicitly wrapping the pattern with ^$.
------------------------------------------------------------------------
r197542 | alp | 2013-12-18 01:58:58 +0100 (Wed, 18 Dec 2013) | 3 lines
clang-format-diff.py: add the OpenCL file extension
It's handled correctly as a C-family language.
------------------------------------------------------------------------
r197378 | alexfh | 2013-12-16 11:57:30 +0100 (Mon, 16 Dec 2013) | 14 lines
Added -iregex for case-insensitive regex to filter file names.
Summary:
-regex and -iregex both mimic options of the find utility.
Made the default list of extensions case-insensitive, so that it's not only C
and CPP extensions are accepted in upper case.
Reviewers: djasper
Reviewed By: djasper
CC: cfe-commits
Differential Revision: http://llvm-reviews.chandlerc.com/D2415
------------------------------------------------------------------------
r196917 | alp | 2013-12-10 14:51:53 +0100 (Tue, 10 Dec 2013) | 10 lines
clang-format-diff.py: Support -regex filter and more filename extensions
Add support for more filename extensions based on the list in the clang
plus JavaScript.
Also adds a -regex option so users can override defaults if they have unusual
file extensions or want to format everything in the diff.
Keeping with tradition the flag is modelled on Unix conventions, this time
matching the semantics of find(1).
------------------------------------------------------------------------
r196484 | alp | 2013-12-05 09:14:54 +0100 (Thu, 05 Dec 2013) | 4 lines
clang-format-diff.py: pass through errors to stderr, not stdout
Also use write() for unified diff output to avoid further processing by the
print function (e.g. trailing newline).
------------------------------------------------------------------------
r196336 | alp | 2013-12-04 01:48:22 +0100 (Wed, 04 Dec 2013) | 3 lines
clang-format-diff.py: Fix 'beintroduced' in help output
Also update docs to reflect recently changed -i inplace edit behaviour.
------------------------------------------------------------------------
r192505 | alexfh | 2013-10-11 23:32:01 +0200 (Fri, 11 Oct 2013) | 17 lines
Changed clang-format-diff.py to output diff by default. Added -i option to apply changes to files instead.
Summary:
"svn diff|clang-format-diff.py" will just output the diff.
Now it's possible to use:
svn diff|clang-format-diff.py|patch -p0
as an equivalent to:
svn diff|clang-format-diff.py -i
;)
Reviewers: djasper
Reviewed By: djasper
CC: cfe-commits
Differential Revision: http://llvm-reviews.chandlerc.com/D1840
------------------------------------------------------------------------
r192184 | djasper | 2013-10-08 17:54:36 +0200 (Tue, 08 Oct 2013) | 7 lines
clang-format: Don't exit with failure on empty files.
Also let clang-format-diff.py detect errors based on clang-format's
return code. Otherwise messages like "Can't find usable .clang-format,
falling back to LLVM style" can make it fail, which might be undesired.
Patch by Alp Toker. Thank you!
------------------------------------------------------------------------
r191820 | djasper | 2013-10-02 15:59:03 +0200 (Wed, 02 Oct 2013) | 18 lines
clang-format: Fix clang-format-diff.py according to diff specification.
Patch by Alp Toker. Many thanks!
Original descriptions:
clang-format-diff incorrectly modifies unchanged lines due to an error
in diff parsing.
The unified diff format has a default line change count of 1, and 0 may
be specified to indicate that no lines have been added. This patch
updates the parser to accurately reflect the diff specification.
This also has the benefit of stabilising the operation so it will
produce the same output when run multiple times on the same changeset,
which was previously not the case.
No tests added because this script is not currently tested (though we
should look into that!)
------------------------------------------------------------------------
r191137 | djasper | 2013-09-21 12:05:02 +0200 (Sat, 21 Sep 2013) | 3 lines
Fix clang-format-diff.py to accept -style again.
Copy and paste error in r190935..
------------------------------------------------------------------------
r190935 | djasper | 2013-09-18 14:14:09 +0200 (Wed, 18 Sep 2013) | 3 lines
Simplify clang-format-diff.py using new clang-format options.
clang-format's -lines parameter makes this significantly easier.
------------------------------------------------------------------------
r189765 | alexfh | 2013-09-02 18:39:23 +0200 (Mon, 02 Sep 2013) | 2 lines
Added WebKit style to the BasedOnStyle handling and to the relevant help messages.
------------------------------------------------------------------------
r182923 | djasper | 2013-05-30 13:50:20 +0200 (Thu, 30 May 2013) | 4 lines
Fix default value of clang-format-diff's -p option.
This way, it has the same default as 'patch' and also the example in the
code makes more sense as it is explicitly setting -p 1.
------------------------------------------------------------------------
r179676 | djasper | 2013-04-17 09:55:02 +0200 (Wed, 17 Apr 2013) | 2 lines
Small improvements to clang-format documentation and integration
scripts.
------------------------------------------------------------------------
r179377 | djasper | 2013-04-12 15:42:36 +0200 (Fri, 12 Apr 2013) | 1 line
Fix clang-format-diff.py script.
------------------------------------------------------------------------
r179098 | djasper | 2013-04-09 17:23:04 +0200 (Tue, 09 Apr 2013) | 5 lines
Improvements to clang-format integrations.
This adds an emacs editor integration (thanks to Ami Fischman). Also
pulls out the style into a variable for the vi integration and just
uses clang-formats defaults style in clang-format-diff.py.
------------------------------------------------------------------------
r177506 | djasper | 2013-03-20 10:53:23 +0100 (Wed, 20 Mar 2013) | 1 line
Add clang-format binary to cfe.
------------------------------------------------------------------------
s
- Add new translations (finally, after a long time)
- update-translation script was not considering new translations - oops
- fixed this, also remove (nearly) empty translations
- Update translation process, it was still describing the old repository
structure
2cecb24 doc: change suite to trusty in gitian-building.md (Wladimir J. van der Laan)
957c0fd gitian: make windows build deterministic (Wladimir J. van der Laan)
2e31d74 gitian: use trusty for building (Wladimir J. van der Laan)
0b416c6 depends: qt PIDLIST_ABSOLUTE patch (Wladimir J. van der Laan)
9f251b7 devtools: add libraries for bitcoin-qt to symbol check (Wladimir J. van der Laan)
Perform the following ELF security checks:
- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary
Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This message is to inform you that I, Paul Rabahy have rolled over GPG
keys.
My old key = EA695E0CE2D0DCB0D65167A8D1CBA2A21BCD88F6
My new key = D62A803E27E7F43486035ADBBCD04D8E9CCCAC2A
My new key now has an offline primary key with an online subkey that I
will be
using for normal communications.
I have signed this message with both the old and new key so it should show
up
as validly signed. Please add my new key to your keyring so that future
communication will be properly verified.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWB3/LAAoJENHLoqIbzYj2LBwQAMgH5u2KDuxK2gmpRjEpVXe8
XPOon+SRL5zXfu1dFInXCg8APJEVaXhSeY+/s0GmUq0INRpK4r0tvZVN84X2UoHz
y88P6BeHzQI7dsCStINhW4Hb7DVpFvkHAxsRhy05/geD56/IOXnsG+5SvsH3essJ
O6DuRQOipDWkZ9NQuQPrqzlkcBErMbL4Cs0ED5DOOYccntnt5HM909KDHfKcG8iJ
/qNTVzVFYMGbLn6MVq89reatmIOxuVBkbixsqad5M4P9rQ3iGPnUzIEp4wn7/Ssd
XDiCZypzlHkcs1GKBLtWnYWahlWHItcd/Yz3AiHLfUehcZb52p0mvIaTf4lyAR5p
kQFTXZwrrzJDaomSE2Y2IeMIATZE7/7RInkHD6okUTFSoCFgxOeAxLBI6sxLH5x5
xLIdv45iiv3P5fz1gungfzn2OYy+dHgT74bJ32N18hs+xwZM2G6AYYvVvkTSDqC0
c3AopnjEV4i+4Aq0QfDD9fXpBc0QuDN7c5GkcFCiFlhN+gffjT8hkFliiW3e2X5K
Vsycv1sYXFSS/YYZ7RCixWgTkpi18ABaLu/N1ses7hLNMxx9ovjrMIJ5gC6Nyga9
2BiumvNMh0iE9yhPiN0a4YsZZnW/tc5K1+OJxnKZvxWrXqOgIhnKZA1U1Y83COgA
6pI5uKrggGQWgQFJxTmciQEcBAEBCAAGBQJWB3/LAAoJEDJeXsBcJ6amLBwH/ib+
wiD3wDy+VeTDFvh4AgQqDRCk+CvGEKJlcoBLm3ZDwzi+/26XB/BCFoopW9h67ZmC
yMFhgvCJ3RwPcVGgZBOZ//88E2symcYRBSZJVwMN/n3McmEKBmmEH6/tTqhLeBal
2pynse7qgfZV7P/rSMcqFdhzMYq6Jt25obTl3IqTo939G1oOxRK8ORNT3Hs4/uiF
7xsx+nUBe/L6dvw2Rxr8bWm7WKi/LF7fKN/HZuBfK2qH0S4ctG49fiBw3DTV+erO
lYHdOMA9sjk90Le5sNBw75Hyr4WMLUkGFkh9SvDK1Xe3bUCfCpBTpcPnRUqnHL32
9GbqORFiaUGPRCnaWKQ=
=JR4m
-----END PGP SIGNATURE-----
Common sentiment is that the miniupnpc codebase likely contains further
vulnerabilities.
I'd prefer to get rid of the dependency completely, but a compromise for
now is to at least disable it by default.