chore: merge new changes from ipfs/kubo master#2
Open
alvin-reyes wants to merge 928 commits into
Open
Conversation
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
(cherry picked from commit 1141220)
(cherry picked from commit 2cbf151)
(cherry picked from commit 72f4c6f)
(cherry picked from commit 21f50ac)
PR #10954 (ExposeRoutingAPI default + GetClosestPeers) was merged after v0.39.0-rc1 and depends on boxo changes not yet released.
- rewrite overview to lead with user value (self-hosting on consumer hardware) - reorder highlights: provider features together, then UPnP, then housekeeping - simplify titles (drop "Amino", "Fixed", verbose descriptions) - link to Shipyard's sweep provider blogpost
- convert from zsh to bash for portability and shellcheck support - resolve GitHub handles via multiple methods: - noreply email pattern (user@users.noreply.github.com) - merge commit messages (Merge pull request #N from user/branch) - gh CLI API for PR authors (squash merge commits) - gh CLI API for commit authors (fallback for non-PR commits) - deduplicate contributors by GitHub handle instead of author name - cache resolved mappings in ~/.cache/mkreleaselog/github-handles.json - output clickable GitHub profile links in contributor table
Release v0.39.0
resolve version.go conflict by keeping -dev version from master
Merge release v0.39.0
stop publishing to ipfs/go-ipfs entirely - the deprecation stub introduced in v0.39 is no longer needed. only ipfs/kubo is published. - remove legacy-name job from docker-image.yml workflow - remove .github/legacy/ (Dockerfile.goipfs-stub, goipfs_stub.sh) - update bin scripts to use ipfs/kubo as default
Signed-off-by: rifeplight <rifeplight@outlook.com>
document known 0.39 limitation where sweep provider may fail to estimate DHT size when accelerated client is still crawling the network, resulting in single-region mode without efficiency gains. also remove accelerated client recommendation from changelog since it may mislead users into enabling both together.
add link to Shipyard's "Provide Sweep: Solving the DHT Provide Bottleneck" blogpost and remove stale TODO placeholder
* Add bytes progress tracker for ipfs pin add * upgrade to boxo that has ipfs/boxo#1071
* ipfswatch: fix loading datastore plugins * test: add CLI tests for ipfswatch --------- Co-authored-by: Marcin Rataj <lidel@lidel.org>
* fix: update go-libp2p to v0.46.0 - reduced WebRTC log noise (go-libp2p#3426) - fixed mDNS discovery on Windows/macOS (go-libp2p#3434) - includes quic-go v0.57.1 (v0.56.0 + v0.57.0) * fix(example): kubo-as-a-library test timeout - use custom ports (4010/4011) to avoid conflicts with default 4001 - add 2-minute context timeout to fail fast - get peer addresses dynamically instead of hardcoding wrong port - wait for peer connection synchronously instead of fire-and-forget - update comments to reference autoconf.FallbackBootstrapPeers * chore: update p2p-forge to v0.7.0 * fix(test): wait for DHT readiness in GetClosestPeers test the test was failing for `routing_type=auto` because it only waited for swarm connections but not for the DHT routing table to be populated. added a separate probe loop that waits for GetClosestPeers to succeed before running the actual test assertions.
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* datastore: upgrade go-ds-pebble to v0.5.8 - update 'go-ds-pebble` to [v0.5.8](https://github.com/ipfs/go-ds-pebble/releases/tag/v0.5.8) - updates github.com/cockroachdb/pebble to [v2.1.3](https://github.com/cockroachdb/pebble/releases/tag/v2.1.3) - enables Go 1.26 support
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v6...v7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
addresses https://discuss.ipfs.tech/t/19933 - add docs/developer-guide.md with prerequisites, build, test, and troubleshooting - link from README.md, docs/README.md, and CONTRIBUTING.md - document test suite differences (unit vs e2e, test/cli vs test/sharness) - include tips for running specific tests during development
Change the `ipfs key list` behavior to log an error and continue listing keys when a key cannot be read from the keystore or decoded. Closes: #11102
p2p-forge v0.9.0 landed in v0.42 via backport, so list it under v0.42 dependency updates and drop it from v0.43. Also annotate skipped intermediate releases (Go 1.26.3, kad-dht v0.39.2, go-fuse v2.10.0).
Bot accounts like dependabot[bot] are not human contributors, so drop entries whose GitHub handle or author name ends in the [bot] suffix from the release contributor table.
Release v0.42.0
* chore: bump boxo to test ipfs/boxo#1166 Bumps github.com/ipfs/boxo to the tip of fix/ipns-cache-control-expiry (55fd621d1872) to exercise the IPNS cache-control/TTL/EOL fixes from ipfs/boxo#1166. Root, docs/examples, and test/dependencies modules tidied via make mod_tidy. Signed-off-by: Marcin Rataj <lidel@lidel.org> * fix: validate ipns lifetime and ttl settings ipfs name publish now sanitizes its duration flags instead of emitting a record that fails verification later: a non-positive --lifetime and a negative --ttl are rejected, an explicit --ttl over --lifetime is rejected, and an omitted --ttl is capped to --lifetime. The --lifetime and --ttl defaults are applied server-side so an explicit value is distinguishable from the default. The daemon also refuses to start when Ipns.RecordLifetime is shorter than Ipns.RepublishPeriod, which would let records expire before they are republished. Signed-off-by: Marcin Rataj <lidel@lidel.org> * switch to boxo@main with fix #1166 --------- Signed-off-by: Marcin Rataj <lidel@lidel.org> Co-authored-by: gammazero <11790789+gammazero@users.noreply.github.com>
boxo's Traverse already dedups each root with its own seen set, so the command-level cid.Set held a second copy of every CID in the DAG. On a multi-hundred-GiB root that doubled the dedup memory and OOM-killed daemons mid-stat. - allocate the set only for multiple roots (cross-root dedup needs it) - single root derives UniqueBlocks from the per-root block count
Detect carrier-grade or double NAT at startup and log a one-time stderr notice, turning the recurring "running IPFS kills my home internet" symptom into a clear cause: a busy node fills the ISP's shared NAT table. - classify host addresses; a private or shared (RFC 6598 100.64.0.0/10) NAT-mapped WAN address that is not a local interface means CGNAT or double NAT. overlay addresses on a local interface (tailscale, zerotier) and publicly reachable nodes are ignored, so the notice stays quiet. - add Internal.CGNATCheck and Internal.DeadListenerCheck (both default true) to silence the CGNAT notice and the v0.42 dead-listener check. - expose the classification as the nat field of ipfs swarm addrs autonat. - docs: config.md entries and v0.43 changelog highlight. Closes #11326 Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
Merge release v0.42.0
* chore: upgrade to boxo v0.41.0 * use tagged release
) Bumps [github.com/tidwall/gjson](https://github.com/tidwall/gjson) from 1.18.0 to 1.19.0. - [Commits](tidwall/gjson@v1.18.0...v1.19.0) --- updated-dependencies: - dependency-name: github.com/tidwall/gjson dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* docs: optimistic provide is on by default Optimistic provide has been enabled by default since v0.39, when the sweep provider became the default, so it has not really been off for typical nodes. Rewrite the State section in plain language, note that the Experimental.OptimisticProvide flag only affects the legacy provider, and link the ProbeLab explainer. * docs: use non-default ports for experiments Manual experiments and benchmark daemons must bind non-default ports and use their own IPFS_PATH so they do not collide with a node already running on the defaults (4001/5001/8080).
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e79a696...fb8b358) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…lang-x group across 1 directory (#11346) * chore(deps): bump golang.org/x/crypto Bumps the golang-x group with 1 update in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto). Updates `golang.org/x/crypto` from 0.51.0 to 0.52.0 - [Commits](golang/crypto@v0.51.0...v0.52.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.52.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com> * chore: run make mod_tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
* fix(l1): return error instead of log.Fatal in HolePunching Signed-off-by: reflecttypefor <reflecttypefor@outlook.com> * test: cover HolePunching flag combinations * docs: highlight clearer hole punching error The Changelog section is generated at release time, so hand-written notes belong under Highlights instead. --------- Signed-off-by: reflecttypefor <reflecttypefor@outlook.com> Co-authored-by: Marcin Rataj <lidel@lidel.org>
Pulls the AutoTLS DNS-01 registration fix: the client now keeps a cookie jar so a load-balanced forge endpoint (registration.libp2p.direct) keeps both PeerID-auth requests on one backend, instead of the second request hitting a backend that never issued the challenge and failing with a 401.
* commands: derive peer ID on config replace Signed-off-by: morning-verlu <258725120+morning-verlu@users.noreply.github.com> * feat: validate Identity.PeerID against node key Setting Identity.PeerID to a value that disagrees with the node's private key produces a config the node refuses to start with. The config command now validates the field against the stored key, the same way config replace re-derives it. - reject a mismatched Identity.PeerID and point at `ipfs key rotate`; accept the node's own PeerID in any base58 or CIDv1 form and store the canonical base58 string - share the PeerID derivation between the set path and config replace - document the identity fields and `ipfs key rotate` in docs/config.md - cover the set-path guard and base36 normalization in test/cli - switch the t0070 sharness probe off Identity.PeerID, now validated --------- Signed-off-by: morning-verlu <258725120+morning-verlu@users.noreply.github.com> Co-authored-by: morning-verlu <258725120+morning-verlu@users.noreply.github.com> Co-authored-by: Guillaume Michel <guillaumemichel@users.noreply.github.com> Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com> Co-authored-by: Marcin Rataj <lidel@lidel.org>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 5 to 6. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v5...v6) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* test: cover ipfs get paths containing closing bracket * test: move get punctuation coverage to test/cli ipfs get must retrieve UnixFS paths whose segments contain punctuation that is valid on Linux, macOS, and Windows but is sensitive to a POSIX shell (issue #9369, where a "]" segment failed). AGENTS.md prefers test/cli for new integration tests, and driving ipfs directly avoids the shell-quoting limits of the sharness loop. - add test/cli/get_test.go: add a directory with one file per segment, then get each "<cid>/<segment>" and compare bytes, exercised both offline and against a daemon - cover the apostrophe segment, which the single-quoted sharness test body could not include - drop the now-redundant punctuation block from t0090-get.sh --------- Co-authored-by: Guillaume Michel <guillaumemichel@users.noreply.github.com> Co-authored-by: Marcin Rataj <lidel@lidel.org>
* fix(daemon): return config errors instead of calling log.Fatal Signed-off-by: blackflytech <blackflytech@outlook.com> * Update cmd/ipfs/kubo/daemon_config_test.go --------- Signed-off-by: blackflytech <blackflytech@outlook.com> Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
The hole-punching and daemon-config highlights describe the same user-facing change, a named startup error instead of an abrupt exit, so fold them into one entry and drop the internal `log.Fatal` wording.
* feat: make telemetry opt-in Telemetry no longer runs by default. It stays off unless an operator sets the mode to `on` and configures an `Endpoint`, and Kubo ships with no built-in telemetry URL, so a default node never phones home. - plugin: default mode is off; the legacy `auto` and any unrecognized value also stay off - plugin: the implicit default does no work, not even disk IO; only an explicit `off` removes a stored telemetry identifier - plugin: enabling without an endpoint warns and sends nothing; the destination comes only from config - docs: note the opt-in default in the `IPFS_TELEMETRY` reference, the plugins table, and the changelog - tests: cover off-by-default, the auto alias, missing-endpoint, and explicit opt-out cleanup, and opt in where the send path runs * docs: rewrite telemetry.md for opt-in Rework the telemetry page around the opt-in plugin: how to enable it and point it at your own collector, the modes and config reference, the HTTP endpoint API and payload schema, and the privacy model. Match the plainer style of the sibling docs, with no emoji headers and a table of contents. * chore(telemetry): log opt-in enable event Log when telemetry is enabled, since that's the notable event. The opt-out branch already logs UUID removal, so the redundant disable log is dropped. Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com> --------- Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
* feat: accept native ipfs:// and ipns:// URIs Commands that take a content path or CID now also accept native IPFS URIs (ipfs://cid, ipns://name, and the schemeless ipfs:/ipns: forms), so a URI copied from a browser or another tool works as-is. - cmdutils: PathOrCidPath parses via boxo NewPathFromURI; new CidFromArg for raw-CID commands takes the root CID and rejects sub-paths and mutable IPNS. - files: cp/stat sources and getNodeFromPath accept URIs and content paths; chroot takes its CID via CidFromArg. - resolve and name resolve normalize URIs before the namespace checks; name resolve stays IPNS-only. - routing, provide, filestore, pin remote: raw-CID args via CidFromArg. Depends on boxo NewPathFromURI (ipfs/boxo#1182); go.mod pins the PR commit until it is released. * depend on boxo@main * test: fix telemetry opt-out assertions #11374 made telemetry opt-in and rewrote the explicit "off" mode to no longer log "telemetry disabled via opt-out", but the opt-out subtests still assert that string, so TestTelemetry is red on master. Assert the "telemetry collection skipped: opted out" message the daemon emits whenever telemetry is off. * ci: inject .aegir.js for helia interop @helia/interop v11.0.0+ ships without .aegir.js (ipfs/helia#1049), so aegir test finds no specs and the interop job fails. Inject a minimal config pointing at the prebuilt dist specs when it is missing. Helia's own .aegir.js can't be reused as-is: it globs source .ts specs that Node won't run from node_modules. The same omission regressed before (ipfs/helia#1001, fixed by ipfs/helia#1003); see the comment. * ci: force mocha exit after helia interop run The node interop specs leave kubo daemon and libp2p handles open, so mocha prints "N passing" and then hangs until the job timeout instead of exiting. Pass --exit so mocha quits once the run completes. --------- Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
* chore(deps): bump go-libp2p-kad-dht to v0.41.0 Cuts peak memory during reprovides on nodes announcing many CIDs, so low-memory consumer devices are less likely to be out-of-memory killed (libp2p/go-libp2p-kad-dht#1259). Pulls quic-go v0.59.1 transitively. * chore: tidy secondary go modules for kad-dht 0.41 * ci: fix helia-interop for @helia/interop 11.0.3 The .aegir.js restored upstream in ipfs/helia#1066 globs the TypeScript sources, which node refuses to run from inside node_modules, so the inject-if-missing workaround skipped it and the job failed. Replace the config whenever it is missing or globs .ts files, and leave a usable one untouched so the step self-heals once upstream ships a node_modules-safe config. Also drop the IPIP-499 --grep/--invert exclusion: helia implemented the missing MFS features (ipfs/helia#972) and the test passes now.
#11380) * chore(deps): bump the golang-x group across 1 directory with 5 updates Bumps the golang-x group with 2 updates in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto) and [golang.org/x/mod](https://github.com/golang/mod). Updates `golang.org/x/crypto` from 0.52.0 to 0.53.0 - [Commits](golang/crypto@v0.52.0...v0.53.0) Updates `golang.org/x/mod` from 0.36.0 to 0.37.0 - [Commits](golang/mod@v0.36.0...v0.37.0) Updates `golang.org/x/sync` from 0.20.0 to 0.21.0 - [Commits](golang/sync@v0.20.0...v0.21.0) Updates `golang.org/x/sys` from 0.45.0 to 0.46.0 - [Commits](golang/sys@v0.45.0...v0.46.0) Updates `golang.org/x/term` from 0.43.0 to 0.44.0 - [Commits](golang/term@v0.43.0...v0.44.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/mod dependency-version: 0.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sync dependency-version: 0.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sys dependency-version: 0.46.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/term dependency-version: 0.44.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com> * chore: run make mod_tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.