bitcoin/contrib
glozow 873dcc1910
Merge bitcoin/bitcoin#27058: contrib: Improve verify-commits.py to work with maintainers leaving
14fac808bd verify-commits: Mention git v2.38.0 requirement (Andrew Chow)
bb86887527 verify-commits: Skip checks for commits older than trusted roots (Andrew Chow)
5497c14830 verify-commits: Use merge-tree in clean merge check (Andrew Chow)
76923bfa09 verify-commits: Remove all allowed commit exceptions (Andrew Chow)
53b07b2b47 verify-commits: Move trusted-keys valid sig check into verify-commits itself (Andrew Chow)

Pull request description:

  Currently the `verify-commits.py` script does not work well with maintainers giving up their commit access. If a key is removed from `trusted-keys`, any commits it signed previously will fail to verify, however keys cannot be kept in the list as it would allow that person to continue to push new commits. Furthermore, the `trusted-keys` used depends on the working tree which `verify-commits.py` itself may be modifying. When the script is run, the `trusted-keys` may be the one that is intended to be used, but the script may change the tree to a different commit with a different `trusted-keys` and use that instead!

  To resolve these issues, I've updated `verify-commits.py` to load the `trusted-keys` file and check the keys itself rather than delegating that to `gpg.sh` (which previously read in `trusted-keys`). This avoids the issue with the tree changing.

  I've also updated the script so that it stops modifying the tree. It would do this for the clean merge check where it would checkout each individual commit and attempt to reapply the merges, and then checking out the commit given as a cli arg. `git merge-tree` lets us do basically that but without modifying the tree. It will give us the object id for the resulting tree which we can compare against the object id of the tree in the merge commit in question. This also appears to be quite a bit faster.

  Lastly I've removed all of the exception commits in `allow-revsig-commits`, `allow-incorrect-sha512-commits`, and `allow-unclean-merge-commits` since all of these predate the commits in `trusted-git-root` and `trusted-sha512-root`. I've also updated the script to skip verification of commits that predate `trusted-git-root`, and skip sha512 verification for those that predate `trusted-sha512-root`.

ACKs for top commit:
  Sjors:
    ACK 14fac808bd
  glozow:
    Concept ACK 14fac808bd

Tree-SHA512: f9b0c6e1f1aecb169cdd6c833b8871b15e31c2374dc589858df0523659b294220d327481cc36dd0f92e9040d868eee6a8a68502f3163e05fa751f9fc2fa8832a
2023-02-27 13:17:48 +00:00
..
completions scripted-diff: Bump copyright headers 2022-12-24 23:49:50 +00:00
debian doc: Clarify debian copyright comment 2023-01-18 10:29:24 +01:00
devtools Merge bitcoin/bitcoin#25867: lint: enable E722 do not use bare except 2023-02-22 09:28:09 +00:00
guix guix: combine glibc hardening options into hardened-glibc 2023-02-13 14:16:59 +00:00
init Merge #21418: contrib: Make systemd invoke dependencies only when ready 2021-03-22 15:15:14 +01:00
linearize script, test: fix python linter E275 errors with flake8 5.0.4 2023-01-03 10:59:56 -08:00
macdeploy scripted-diff: Use new python 3.7 keywords 2023-01-18 13:00:34 +01:00
message-capture scripted-diff: Bump copyright headers 2022-12-24 23:49:50 +00:00
qos scripted-diff: Bump copyright headers 2021-12-30 19:36:57 +02:00
seeds Merge bitcoin/bitcoin#26701: contrib: make DNS seeds file an argument in CLI (makeseeds) 2023-02-07 10:03:36 +01:00
shell guix: Add source-able bash prelude and utils 2021-04-05 11:00:21 -04:00
signet Merge bitcoin/bitcoin#25867: lint: enable E722 do not use bare except 2023-02-22 09:28:09 +00:00
testgen contrib: make gen_key_io_test_vectors deterministic 2022-04-06 17:02:50 +02:00
tracing scripted-diff: Bump copyright headers 2022-12-24 23:49:50 +00:00
verify-commits Merge bitcoin/bitcoin#27058: contrib: Improve verify-commits.py to work with maintainers leaving 2023-02-27 13:17:48 +00:00
verifybinaries doc: remove mention of "proper signing key" 2023-02-16 10:27:19 +00:00
windeploy windeploy: Renewed windows code signing certificate 2022-05-24 12:55:03 -04:00
zmq scripted-diff: Bump copyright headers 2021-12-30 19:36:57 +02:00
filter-lcov.py scripted-diff: Bump copyright headers 2020-12-31 09:45:41 +01:00
README.md contrib: remove builder keys 2022-12-19 17:21:35 +00:00
valgrind.supp contrib: remove unneeded valgrind suppressions 2022-07-21 10:16:47 +01:00

Repository Tools

Developer tools

Specific tools for developers working on this repository. Additional tools, including the github-merge.py script, are available in the maintainer-tools repository.

Verify-Commits

Tool to verify that every merge commit was signed by a developer using the github-merge.py script.

Linearize

Construct a linear, no-fork, best version of the blockchain.

Qos

A Linux bash script that will set up traffic control (tc) to limit the outgoing bandwidth for connections to the Bitcoin network. This means one can have an always-on bitcoind instance running, and another local bitcoind/bitcoin-qt instance which connects to this node and receives blocks from it.

Seeds

Utility to generate the pnSeed[] array that is compiled into the client.

Build Tools and Keys

Packaging

The Debian subfolder contains the copyright file.

All other packaging related files can be found in the bitcoin-core/packaging repository.

MacDeploy

Scripts and notes for Mac builds.

Test and Verify Tools

TestGen

Utilities to generate test vectors for the data-driven Bitcoin tests.

Verify Binaries

This script attempts to download and verify the signature file SHA256SUMS.asc from bitcoin.org.

Command Line Tools

Completions

Shell completions for bash and fish.