May 26, 7-8 AM (43)
May 26, 8-9 AM (39)
May 26, 9-10 AM (42)
May 26, 10-11 AM (45)
May 26, 11-12 PM (59)
May 26, 12-1 PM (34)
May 26, 1-2 PM (50)
May 26, 2-3 PM (50)
May 26, 3-4 PM (18)
May 26, 4-5 PM (20)
May 26, 5-6 PM (13)
May 26, 6-7 PM (20)
May 26, 7-8 PM (12)
May 26, 8-9 PM (15)
May 26, 9-10 PM (15)
May 26, 10-11 PM (35)
May 26, 11-12 AM (30)
May 27, 12-1 AM (16)
May 27, 1-2 AM (8)
May 27, 2-3 AM (9)
May 27, 3-4 AM (5)
May 27, 4-5 AM (32)
May 27, 5-6 AM (9)
May 27, 6-7 AM (49)
May 27, 7-8 AM (65)
May 27, 8-9 AM (38)
May 27, 9-10 AM (74)
May 27, 10-11 AM (83)
May 27, 11-12 PM (30)
May 27, 12-1 PM (50)
May 27, 1-2 PM (39)
May 27, 2-3 PM (53)
May 27, 3-4 PM (37)
May 27, 4-5 PM (11)
May 27, 5-6 PM (18)
May 27, 6-7 PM (21)
May 27, 7-8 PM (25)
May 27, 8-9 PM (17)
May 27, 9-10 PM (15)
May 27, 10-11 PM (29)
May 27, 11-12 AM (27)
May 28, 12-1 AM (9)
May 28, 1-2 AM (3)
May 28, 2-3 AM (5)
May 28, 3-4 AM (2)
May 28, 4-5 AM (9)
May 28, 5-6 AM (34)
May 28, 6-7 AM (31)
May 28, 7-8 AM (84)
May 28, 8-9 AM (33)
May 28, 9-10 AM (54)
May 28, 10-11 AM (50)
May 28, 11-12 PM (21)
May 28, 12-1 PM (46)
May 28, 1-2 PM (50)
May 28, 2-3 PM (23)
May 28, 3-4 PM (43)
May 28, 4-5 PM (86)
May 28, 5-6 PM (13)
May 28, 6-7 PM (31)
May 28, 7-8 PM (43)
May 28, 8-9 PM (34)
May 28, 9-10 PM (17)
May 28, 10-11 PM (36)
May 28, 11-12 AM (32)
May 29, 12-1 AM (12)
May 29, 1-2 AM (13)
May 29, 2-3 AM (4)
May 29, 3-4 AM (3)
May 29, 4-5 AM (0)
May 29, 5-6 AM (2)
May 29, 6-7 AM (5)
May 29, 7-8 AM (16)
May 29, 8-9 AM (37)
May 29, 9-10 AM (34)
May 29, 10-11 AM (69)
May 29, 11-12 PM (25)
May 29, 12-1 PM (44)
May 29, 1-2 PM (66)
May 29, 2-3 PM (60)
May 29, 3-4 PM (25)
May 29, 4-5 PM (26)
May 29, 5-6 PM (79)
May 29, 6-7 PM (11)
May 29, 7-8 PM (19)
May 29, 8-9 PM (9)
May 29, 9-10 PM (8)
May 29, 10-11 PM (27)
May 29, 11-12 AM (7)
May 30, 12-1 AM (9)
May 30, 1-2 AM (2)
May 30, 2-3 AM (1)
May 30, 3-4 AM (5)
May 30, 4-5 AM (2)
May 30, 5-6 AM (11)
May 30, 6-7 AM (0)
May 30, 7-8 AM (2)
May 30, 8-9 AM (11)
May 30, 9-10 AM (13)
May 30, 10-11 AM (10)
May 30, 11-12 PM (5)
May 30, 12-1 PM (8)
May 30, 1-2 PM (5)
May 30, 2-3 PM (18)
May 30, 3-4 PM (5)
May 30, 4-5 PM (1)
May 30, 5-6 PM (9)
May 30, 6-7 PM (9)
May 30, 7-8 PM (1)
May 30, 8-9 PM (5)
May 30, 9-10 PM (4)
May 30, 10-11 PM (27)
May 30, 11-12 AM (12)
May 31, 12-1 AM (17)
May 31, 1-2 AM (0)
May 31, 2-3 AM (1)
May 31, 3-4 AM (1)
May 31, 4-5 AM (0)
May 31, 5-6 AM (0)
May 31, 6-7 AM (7)
May 31, 7-8 AM (4)
May 31, 8-9 AM (10)
May 31, 9-10 AM (3)
May 31, 10-11 AM (4)
May 31, 11-12 PM (4)
May 31, 12-1 PM (1)
May 31, 1-2 PM (2)
May 31, 2-3 PM (24)
May 31, 3-4 PM (16)
May 31, 4-5 PM (2)
May 31, 5-6 PM (1)
May 31, 6-7 PM (2)
May 31, 7-8 PM (2)
May 31, 8-9 PM (2)
May 31, 9-10 PM (7)
May 31, 10-11 PM (25)
May 31, 11-12 AM (11)
Jun 01, 12-1 AM (14)
Jun 01, 1-2 AM (7)
Jun 01, 2-3 AM (3)
Jun 01, 3-4 AM (10)
Jun 01, 4-5 AM (13)
Jun 01, 5-6 AM (16)
Jun 01, 6-7 AM (10)
Jun 01, 7-8 AM (14)
Jun 01, 8-9 AM (46)
Jun 01, 9-10 AM (50)
Jun 01, 10-11 AM (19)
Jun 01, 11-12 PM (27)
Jun 01, 12-1 PM (49)
Jun 01, 1-2 PM (39)
Jun 01, 2-3 PM (44)
Jun 01, 3-4 PM (34)
Jun 01, 4-5 PM (54)
Jun 01, 5-6 PM (5)
Jun 01, 6-7 PM (32)
Jun 01, 7-8 PM (37)
Jun 01, 8-9 PM (9)
Jun 01, 9-10 PM (12)
Jun 01, 10-11 PM (30)
Jun 01, 11-12 AM (22)
Jun 02, 12-1 AM (13)
Jun 02, 1-2 AM (8)
Jun 02, 2-3 AM (5)
Jun 02, 3-4 AM (14)
Jun 02, 4-5 AM (10)
Jun 02, 5-6 AM (43)
Jun 02, 6-7 AM (24)
Jun 02, 7-8 AM (2)
3,706 commits this week
May 26, 2026
-
Jun 02, 2026
ci: harden workflows against script injection + fix draft-PR filtering
Move untrusted ${{ github.event.* }} / step-output values out of inline
script and shell bodies and into `env:` blocks, so attacker-controlled
data (workflow/check names, added filenames, refs, etc.) is read as inert
data via process.env / "$VAR" instead of being interpolated into the
source GitHub Actions parses. This closes script-injection vectors, the
most exploitable being the changed-files filename interpolation in
changelog-label.yml.
Files:
- slack-message-broker.yml: read all event fields from env; replace
toJson(github.event) with JSON.stringify(context.payload).
- changelog-label.yml: read added_files / label flag from env.
- compare-golden-budgets.yaml, docusaurus-site.yml, haddock-site.yml:
pass event/input values via env and quote shell expansions.
Also fix draft-PR notification filtering in slack-message-broker.yml,
which never worked: the check_run/workflow_run payloads carry only a
minimal PR object with no `draft` field (and the index was wrong), so
detection was always false; a dormant control-flow bug would also have
sent a message on drafts anyway. Now fetch the PR via the API to read its
real draft status (needs pull-requests: read), and suppress the
notification for draft PRs. Fork/push (no PR) and API errors fail open.
docs: update genesis runbook for dual ceremony
feat(aggregator): add genesis 'upgrade-key-to-dual' subcommand
feat(aggregator): era flag on genesis generate-keypair
feat(client): adapt certificate verifier to genesis verifier
feat(aggregator): update genesis import command for dual-signature
feat(common): add era-aware genesis certificate producer and verifier
feat(aggregator): era-driven genesis bootstrap
feat(aggregator): adapt dependency injection and services to genesis verifier
feat(common): accept 'GenesisVerifier' in certificate verifier
feat(aggregator): era-driven genesis export and sign
feat(aggregator): era-aware genesis keypair generation
chore: update OpenAPI specifications
docs: document token format/key_id, errors, rate limits, expiry
- explain bfm_live_<key_id>_<secret> structure and what key_id is - add end-to-end request example with sample response - note PATs don't expire (rotate/revoke only) - add Errors table and Rate limits section Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&s=80)
chore: update translation progress from Crowdin [skip ci]
Generate correct headId in ServerSpec
Validate headId in aggregate to prevent cross-head event contamination
The SQLite event store accumulates events from all head lifecycles without rotation. On restart, `aggregate` replays every persisted StateChanged event but unlike the live `handleChainInput` path, never checked that an event's headId matched the current state — so a HeadClosed or HeadFannedOut event from a previous head could silently drive an unrelated Open/Closed head into the wrong state. Fix: add `eventHeadId` and `headIdOf` helpers and a single pre-check at the top of `aggregate`. Any event whose headId does not match the current state's headId is silently dropped. Events that carry no headId are always applied, preserving existing behaviour for TransactionReceived, ChainRolledBack, etc. Regression tests cover the two critical cross-phase transitions: Open→Closed via HeadClosed and Closed→Idle via HeadFannedOut from a mismatched head.
chore: moved dashboard to docs folder
Calculate utxo to fanout dynamically (#2617)
- Remove all hardcoded fanout chunk size and threshold constants; fanout sizing is now fully dynamic - findFittingFanoutTx uses a binary search (findLargestFitting) to find the largest UTxO chunk that fits within the protocol size limit and script budget, checking both tx byte size and UPLC execution units - findLargestFitting is a general-purpose monadic binary search exported from Handlers.hs and reused in the tx-cost benchmark (replacing a local copy) - Property tests added for fitsTx (short-circuit, failure modes, real Cardano protocol parameters), findLargestFitting (O(log n) call count, exception propagation, monotone correctness), and UTxO splitting (normal/overflow/empty cases with cover thresholds) --- <!-- Consider each and tick it off one way or the other --> * [x] CHANGELOG updated or not needed * [x] Documentation updated or not needed * [x] Haddocks updated or not needed * [x] No new TODOs introduced or explained herafter
bump: iohk-nix[-ng] for leios 1d epoch respin