Cardano Updates

Add `TxBuilder.addMint({ policy, assets, redeemer })` so consumers can mint or
burn assets under a policy without dropping to the lower-level `initializeTx`.
The policy script is attached to the witness set, the asset quantities are added
to the body, and (for Plutus policies) the redeemer is included and its execution
units evaluated during `build()`. Previously `GenericTxBuilder` had no minting
support — `mint` was never forwarded to `initializeTx`.

This also fixes redeemer index reconciliation for non-spend purposes: builder
redeemers are stamped with a sentinel index by `buildRedeemers`, but
`reorgRedeemers` only reindexed spend redeemers, so mint/withdrawal/certificate
redeemers reached `updateRedeemers` with an index the evaluator could not match.
Sentinel-indexed non-spend redeemers are now reindexed by their position within
their purpose; redeemers that already carry a concrete index are left untouched.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>

Tighten Note [Names from strings] (correct the "Quote monad" wording, drop the redundant determinism note and injectivity restatement, replace the misleading "hint" terminology), and move Transform.Lib to other-modules as it is internal to the testlib.

Release: landing/theme overhaul, governance vote UX + DB-cached tallies, mobile/UX foundations, signing & infra fixes

the epoch_current was triggered for all entries

Updates the `tx3-sdk` dependency from 0.9.2 to the latest published
release, 0.13.0, and adapts to its API changes:

- `BytesEnvelope`'s `encoding: BytesEncoding` field became
  `content_type: String`; submit now passes `content_type: "hex"`
  (matching the SDK's own convention) and drops the removed
  `BytesEncoding` import.
- `MissingTxArgDiagnostic.ty` was renamed to `arg_type`.

The bump also pulls pallas up to the stable 1.x line, whose
`pallas-crypto` moved key generation to `rand_core` 0.10. cshell
otherwise stays on `rand_core` 0.9 (bip39/bip32, private-key
encryption), so the `private_key_encryption_roundtrip` test now builds
its test keys from bytes via the existing byte constructors instead of
`SecretKey::new`/`SecretKeyExtended::new`.

The `trp::Error` match and the `ParamType` match needed no changes.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>

feat(offchain): add --allow-private-offchain-urls flag

Signed-off-by: Eric Torreborre <[email protected]>

buildRedeemers, buildWitness and computeCollateral are defined in
tx-builder/utils.ts but the tx-builder barrel never re-exported them, so
they were absent from the package's public API. Consumers assembling Plutus
transactions manually (mint / script-spend / withdrawal redeemers,
collateral) had to reimplement buildRedeemers and could not use
computeCollateral. Re-export ./utils from the barrel to expose them.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>

Fix pool_relay.port signed-16-bit overflow (#2135)

* useLocalGhcLib: expose genprimopcode/deriveConstants for reinstallable lib:ghc

When `build-tool-depends` is on, lib:ghc names `genprimopcode` and
`deriveConstants` as exe build-tools.  These live in the GHC source tree, not
on hackage, so cabal could only find them by chance on PATH.  Expose them
(alongside the `compiler/` subdir) as reinstallable source-repository-packages
from the GHC source, wired through inputMap, so cabal satisfies the goals
normally.

This removes the need for the `packages.ghc...build-tools = mkForce [alex
happy]` override, so drop it from configuration-nix.nix.

* cabal-pkg-config: report freetype's pkg-config (libtool) version

FreeType's freetype2.pc advertises a libtool/ABI version (e.g. 26.2.20) that
is deliberately decoupled from the release .version (e.g. 2.13.3), per
freetype's docs/VERSIONS.TXT.  `pkg-config --modversion freetype2` returns the
libtool number, so plan-to-nix must report the same value; otherwise the v2
slice's UnitId (which folds the resolved freetype2 version into
pkgHashPkgConfigDeps) forks, taking every transitive consumer
(gi-freetype2 -> gi-harfbuzz -> gi-pango -> gi-gdk3 -> gi-gtk3 -> ...) with it.

Add a `passthru.pc-version` table (the known release->libtool rows from
VERSIONS.TXT), falling back to .version with a warning for unknown releases.
This does not alter freetype's derivation, so it neither rebuilds nor forces a
build of freetype during planning.

* wasm: give test runner filesystem access; skip subprocess check on wasm

The wasm testWrapper ran `wasmtime <test>` with no `--dir`, so WASI granted the
module zero filesystem access and any test reading its data-files
(getDataFileName, under <pkg>-data/share/...) or a source-relative file failed
with a misleading "does not exist".  Preopen `/nix/store` and `.` so those
reads work.

The check-datadir test also exercises a build-tool-depends exe via readProcess,
which WASI cannot do (no process spawning -> "unsupported operation").  Guard
that check to non-wasm targets; the datadir and source-relative-file checks
still run under wasm.

* wasm: fix zlib cross-compilation

zlib doesn't cross-compile cleanly to wasm:

  * gzguts.h only `#include <errno.h>` when NO_STRERROR is unset, but
    gzread.c / gzwrite.c use errno / EAGAIN / EWOULDBLOCK unconditionally.
    zlib's configure probes strerror by compiling *and running* a test, which
    can't run when cross-compiling to wasm, so it defines NO_STRERROR (even
    though wasi-libc has strerror) and the gz* sources fail to compile with
    "use of undeclared identifier 'errno'".  Always include errno.h.

  * zlib sets NIX_LDFLAGS = "--undefined-version" whenever the linker is lld
    (to counter lld 16+'s --no-undefined-version default for its shared-lib
    version script).  wasm-ld is lld-based but rejects that flag, and we build
    static anyway, so drop it.

* wasm: disable check-datadir v2 check (data-files unreachable under WASI)

The v2 check stages data-files as absolute /nix/store symlinks and points Cabal
at them via the <pkg>_datadir env var.  wasmtime neither forwards host env vars
to the wasm guest nor follows absolute symlinks (no CLI option for either), so
check-datadir.run-v2 cannot pass on wasm.  Gate run-v2 on a non-wasm host so
the wasi32 job isn't a permanent failure, and document why in both the test and
the wasm test wrapper.  (v1 run still runs on wasm: its data-files are real
files in a -data output.)

* check-datadir: disable on Windows and Android

The test runs the built test binary, which spawns a build-tool-depends exe
(readProcess) and reads its data-files / a source-relative file.  That can't be
reproduced when the binary runs under an emulator: Windows (wine) and Android
can't reliably spawn the build-tool.  Disable the whole test there
(meta.disabled), alongside the existing wasm run-v2 skip.

* pkgconf-pc-version: don't force a freetype cross build on wasm/musl/android

Adding a pc-version to freetype (overlays/cabal-pkg-config.nix) pulled freetype
into this test's scope on every target, but its build stack (zlib / libpng /
brotli / …) doesn't cross-compile to wasm, musl or android, so the test started
failing there.  freetype's .pc Version: is platform-independent, so gate it like
systemd — verify it on glibc / darwin / windows and drop it (leaving the test
disabled via the existing checks==[] guard) on the others.

Signed-off-by: Sasha Bogicevic <[email protected]>

Co-authored-by: Neil Mayhew <[email protected]>