4,655 commits this week - Cardano Updates

May 05, 5-6 AM (50)

May 05, 6-7 AM (16)

May 05, 7-8 AM (37)

May 05, 8-9 AM (81)

May 05, 9-10 AM (68)

May 05, 10-11 AM (34)

May 05, 11-12 PM (72)

May 05, 12-1 PM (115)

May 05, 1-2 PM (118)

May 05, 2-3 PM (66)

May 05, 3-4 PM (91)

May 05, 4-5 PM (41)

May 05, 5-6 PM (26)

May 05, 6-7 PM (28)

May 05, 7-8 PM (73)

May 05, 8-9 PM (31)

May 05, 9-10 PM (18)

May 05, 10-11 PM (25)

May 05, 11-12 AM (17)

May 06, 12-1 AM (10)

May 06, 1-2 AM (5)

May 06, 2-3 AM (9)

May 06, 3-4 AM (23)

May 06, 4-5 AM (7)

May 06, 5-6 AM (13)

May 06, 6-7 AM (30)

May 06, 7-8 AM (11)

May 06, 8-9 AM (106)

May 06, 9-10 AM (27)

May 06, 10-11 AM (41)

May 06, 11-12 PM (46)

May 06, 12-1 PM (86)

May 06, 1-2 PM (53)

May 06, 2-3 PM (43)

May 06, 3-4 PM (33)

May 06, 4-5 PM (18)

May 06, 5-6 PM (8)

May 06, 6-7 PM (12)

May 06, 7-8 PM (26)

May 06, 8-9 PM (13)

May 06, 9-10 PM (9)

May 06, 10-11 PM (30)

May 06, 11-12 AM (23)

May 07, 12-1 AM (7)

May 07, 1-2 AM (2)

May 07, 2-3 AM (1)

May 07, 3-4 AM (10)

May 07, 4-5 AM (4)

May 07, 5-6 AM (33)

May 07, 6-7 AM (97)

May 07, 7-8 AM (235)

May 07, 8-9 AM (42)

May 07, 9-10 AM (29)

May 07, 10-11 AM (55)

May 07, 11-12 PM (40)

May 07, 12-1 PM (59)

May 07, 1-2 PM (48)

May 07, 2-3 PM (47)

May 07, 3-4 PM (44)

May 07, 4-5 PM (58)

May 07, 5-6 PM (10)

May 07, 6-7 PM (24)

May 07, 7-8 PM (30)

May 07, 8-9 PM (12)

May 07, 9-10 PM (18)

May 07, 10-11 PM (65)

May 07, 11-12 AM (20)

May 08, 12-1 AM (6)

May 08, 1-2 AM (19)

May 08, 2-3 AM (19)

May 08, 3-4 AM (8)

May 08, 4-5 AM (3)

May 08, 5-6 AM (20)

May 08, 6-7 AM (19)

May 08, 7-8 AM (53)

May 08, 8-9 AM (34)

May 08, 9-10 AM (12)

May 08, 10-11 AM (32)

May 08, 11-12 PM (40)

May 08, 12-1 PM (30)

May 08, 1-2 PM (45)

May 08, 2-3 PM (46)

May 08, 3-4 PM (26)

May 08, 4-5 PM (23)

May 08, 5-6 PM (29)

May 08, 6-7 PM (15)

May 08, 7-8 PM (10)

May 08, 8-9 PM (15)

May 08, 9-10 PM (16)

May 08, 10-11 PM (23)

May 08, 11-12 AM (12)

May 09, 12-1 AM (4)

May 09, 1-2 AM (1)

May 09, 2-3 AM (0)

May 09, 3-4 AM (6)

May 09, 4-5 AM (6)

May 09, 5-6 AM (2)

May 09, 6-7 AM (6)

May 09, 7-8 AM (4)

May 09, 8-9 AM (4)

May 09, 9-10 AM (3)

May 09, 10-11 AM (9)

May 09, 11-12 PM (6)

May 09, 12-1 PM (21)

May 09, 1-2 PM (24)

May 09, 2-3 PM (12)

May 09, 3-4 PM (14)

May 09, 4-5 PM (7)

May 09, 5-6 PM (0)

May 09, 6-7 PM (2)

May 09, 7-8 PM (3)

May 09, 8-9 PM (1)

May 09, 9-10 PM (8)

May 09, 10-11 PM (33)

May 09, 11-12 AM (16)

May 10, 12-1 AM (15)

May 10, 1-2 AM (0)

May 10, 2-3 AM (0)

May 10, 3-4 AM (5)

May 10, 4-5 AM (0)

May 10, 5-6 AM (4)

May 10, 6-7 AM (0)

May 10, 7-8 AM (17)

May 10, 8-9 AM (8)

May 10, 9-10 AM (1)

May 10, 10-11 AM (26)

May 10, 11-12 PM (4)

May 10, 12-1 PM (49)

May 10, 1-2 PM (18)

May 10, 2-3 PM (8)

May 10, 3-4 PM (13)

May 10, 4-5 PM (26)

May 10, 5-6 PM (10)

May 10, 6-7 PM (7)

May 10, 7-8 PM (23)

May 10, 8-9 PM (12)

May 10, 9-10 PM (10)

May 10, 10-11 PM (29)

May 10, 11-12 AM (19)

May 11, 12-1 AM (12)

May 11, 1-2 AM (5)

May 11, 2-3 AM (5)

May 11, 3-4 AM (7)

May 11, 4-5 AM (3)

May 11, 5-6 AM (12)

May 11, 6-7 AM (28)

May 11, 7-8 AM (60)

May 11, 8-9 AM (34)

May 11, 9-10 AM (69)

May 11, 10-11 AM (55)

May 11, 11-12 PM (78)

May 11, 12-1 PM (81)

May 11, 1-2 PM (102)

May 11, 2-3 PM (41)

May 11, 3-4 PM (27)

May 11, 4-5 PM (24)

May 11, 5-6 PM (26)

May 11, 6-7 PM (42)

May 11, 7-8 PM (53)

May 11, 8-9 PM (57)

May 11, 9-10 PM (22)

May 11, 10-11 PM (49)

May 11, 11-12 AM (19)

May 12, 12-1 AM (2)

May 12, 1-2 AM (2)

May 12, 2-3 AM (3)

May 12, 3-4 AM (3)

May 12, 4-5 AM (8)

May 12, 5-6 AM (0)

4,655 commits this week May 05, 2026 - May 12, 2026

hamishmack · Tue, 12 May 26 05:35:47 +0000 · haskell.nix

v2 builder: accept backpack instantiations in the captured-unit set

The exe slice that consumes an indefinite backpack library ends up
materialising the instantiated form (a `+`-suffixed unit-id, e.g.
`bckpck-0.1.0.0-55b00c8f+Dwq5ijz...`) alongside the exe itself,
because the indefinite consumer's own slice produced no compiled
artifacts to compose in (cabal v2-build for an indefinite library
is "Up to date" and writes no `.conf`).  v1 handles this with a
per-instantiation derivation (`lib/default.nix:369`'s
`components.library.override { inherit instantiations; }`); v2
doesn't yet have a slice-per-instantiation, so the instantiated
unit rides along inside the consuming slice's $out.

Three captured-unit changes:
  * Read pkg-name from cabal's `dist-newstyle/cache/plan.json`
    for bin-only units (no `.conf`).  Falling back to uid parsing
    misclassified OS-prefix-shortened names like `bckpck-...` as
    a package called `bckpck` instead of `backpack`.
  * Allow 0 target-package units (indefinite libraries register
    nothing).
  * Skip `+`-suffixed unit-ids when counting target-package units
    — they're cabal-emitted instantiation byproducts, not the
    slice's own target.  The "no foreign package" invariant
    (everything outside `expectedPackage` ∪ `allowedBuildToolPackages`
    is rejected) still applies and is what catches an accidentally
    rebuilt lib dep.

c37e4fdc · hkm/builder-v2 · 1/41 ++ 8 --

williamdemeo · Tue, 12 May 26 05:25:32 +0000 · formal-ledger-specifications

[Dijkstra] CIP-159-11b: Prove UTxO and UTxOW preservation of value (#1186)

3663f4f3 · 1186-dijkstra-utxo-and-utxow-pov · 5/880 ++ 0 --

williamdemeo · Tue, 12 May 26 05:25:32 +0000 · formal-ledger-specifications

adopt improvements from PR #1169

60167eae · 1186-dijkstra-utxo-and-utxow-pov · 1/33 ++ 10 --

williamdemeo · Tue, 12 May 26 05:24:30 +0000 · formal-ledger-specifications

simplify and improve Conway Certs PoV proofs

09490758 · 1185-dijkstra-certs-pov · 3/51 ++ 71 --

williamdemeo · Tue, 12 May 26 05:24:30 +0000 · formal-ledger-specifications

[Dijkstra] CIP-159-11a: Prove Certs preservation of value (#1185)

bb57f920 · 1185-dijkstra-certs-pov · 8/616 ++ 45 --

williamdemeo · Tue, 12 May 26 05:24:30 +0000 · formal-ledger-specifications

Update Certs PoV proofs for direct-deposit application in POST-CERT (CIP-159)

After direct-deposit application moved from LEDGER-V/SUBLEDGER-V into the
POST-CERT rule, the Certs preservation-of-value proofs needed to account for
the `getCoin (DirectDepositsOf Γ)` increase that POST-CERT now produces via
`rewards ∪⁺ directDeposits`.

Statement changes:
- POST-CERT-pov:  getCoin s ≡ getCoin s'
              →  getCoin s + getCoin (DirectDepositsOf Γ) ≡ getCoin s'
- sts-pov:        gains a `+ getCoin (DirectDepositsOf Γ)` term on the LHS
- CERTS-pov:      becomes the symmetric "consumed = produced" form
                  getCoin s₁ + getCoin (DirectDepositsOf Γ)
                  ≡ getCoin sₙ + getCoin (WithdrawalsOf Γ)

Structural changes:
- POST-CERT-pov and sts-pov move into the parameterized `Certs-Pov-lemmas`
  sub-module (alongside PRE-CERT-pov), since they now require a fourth
  module parameter:
    indexedSumᵛ'-∪⁺ : ∀ (m m' : Rewards) → getCoin (m ∪⁺ m') ≡ getCoin m + getCoin m'
  This is the natural ∪⁺ analogue of the existing `indexedSumᵛ'-∪` lemma for
  `∪ˡ` on disjoint domains, but unconditional because `∪⁺` adds (rather than
  drops) values at shared keys.  TODO: upstream to agda-sets.
- `Certs-PoV` (in PoV.lagda.md) gains the same parameter and forwards it.

CERT-pov and PRE-CERT-pov are unchanged: the CERT and PRE-CERT rules did
not change in this refactor.

Closes part of #1185.

70c993ae · 1185-dijkstra-certs-pov · 5/133 ++ 34 --

williamdemeo · Tue, 12 May 26 05:24:30 +0000 · formal-ledger-specifications

adopt improvements from PR #1169

a2963c60 · 1185-dijkstra-certs-pov · 1/5 ++ 11 --

hamishmack · Tue, 12 May 26 05:05:02 +0000 · haskell.nix

v2 builder: handle sublib pkg-name + drop backpack nix-tools override

Three related cleanups:

* `build-cabal-slice.nix`: prefer `package-name:` over `name:` in
  the captured-unit `.conf` parser.  For sublibs cabal records
  `name: z-<pkg>-z-<sublib>` (z-encoded) but also
  `package-name: <pkg>` — the latter is what the slice's expected
  package check should match against.

* `test/backpack/default.nix`: drop
  `inherit (evalPackages.haskell-nix) nix-tools;`.  The line was
  needed when backpack PR (#2467, 2026-03-17) added a new
  `make-install-plan` flag that wasn't yet in the prebuilt
  `nix-tools-static` tarball.  The tarball has been updated since
  (febad32e4 on 2026-03-24, and subsequently), so the default
  `nix-tools-unchecked` picks up backpack support; the override
  forces an unnecessary from-source build that on aarch64-darwin
  cascades into a v2 slice mismatch on `cabal-install`'s
  `pkg-src.repo.type` (`secure-repo` vs `remote-repo`).

* `test/cabal.project.local`: bump the pinned
  `head.hackage.ghc.haskell.org` `--sha256` to match the current
  index tarball — the previous hash was stale and would fail
  the fixed-output hash check during plan-to-nix.

9d708f9e · hkm/builder-v2 · 3/14 ++ 7 --

dependabot[bot] · Tue, 12 May 26 04:51:37 +0000 · cdnsd

chore(deps): bump github.com/blinklabs-io/gouroboros

Bumps [github.com/blinklabs-io/gouroboros](https://github.com/blinklabs-io/gouroboros) from 0.153.1 to 0.168.0.
- [Release notes](https://github.com/blinklabs-io/gouroboros/releases)
- [Changelog](https://github.com/blinklabs-io/gouroboros/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/blinklabs-io/gouroboros/compare/v0.153.1...v0.168.0)

---
updated-dependencies:
- dependency-name: github.com/blinklabs-io/gouroboros
  dependency-version: 0.168.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

024fcb0b · dependabot/go_modules/github.com/blinklabs-io/gouroboros-0.168.0 · 2/47 ++ 47 --

dependabot[bot] · Tue, 12 May 26 04:51:24 +0000 · cdnsd

chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.51.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.48.0 to 0.51.0.
- [Commits](https://github.com/golang/crypto/compare/v0.48.0...v0.51.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

1f9a8403 · dependabot/go_modules/golang.org/x/crypto-0.51.0 · 2/21 ++ 21 --

cardano-bot · Tue, 12 May 26 04:12:11 +0000 · pool_groups

Scheduled update

440a131a · main · 3/44 ++ 8 --

claude · Tue, 12 May 26 03:50:37 +0000 · cardano-rosetta-java

fix: update preview config for cardano-node 11.0.1

- Remove MinNodeVersion (no longer needed for 11.x)
- Enable UseTraceDispatcher for better logging
- Add uppercase Options key for upstream compatibility
- Update peer-snapshot with current relays from upstream

Co-Authored-By: Claude Opus 4.7 <[email protected]>

f52ed458 · release/1_x_x_hf · 2/385 ++ 786 --

claude · Tue, 12 May 26 03:49:14 +0000 · cardano-rosetta-java

fix: add --allow-override flag for Mithril 2617.0 v2 backend

Mithril 2617.0 removed v1 backend support and requires v2 backend.
The --allow-override flag is needed to replace existing db files when
downloading fresh snapshots.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

3a2af2ec · release/1_x_x_hf · 1/1 ++ 1 --

floor-licker · Tue, 12 May 26 03:23:09 +0000 · cardano-ibc-incubator

fix(cardano): reduce connection ack redeemer payload

d3988d22 · fix/connection-ack-payload-size · 6/70 ++ 330 --

actions-user · Tue, 12 May 26 02:51:48 +0000 · governance

Sync README from source repository [skip ci]

4b4aa293 · main · 1/1 ++ 1 --

erikd · Tue, 12 May 26 02:18:27 +0000 · cardano-base

Work around QuickCheck deprcation

In version `2.18` of `QuickCheck` the function `withMaxSuccess` was
renamed to `withNumTests` with the former being immediately
deprecated.

The solution is to add a new exposed module `Test.Cardano.Base.QuickCheck`
containing just a function named `withNumTests`.

35f893d1 · erikd/updates · 3/35 ++ 3 --

dependabot[bot] · Tue, 12 May 26 01:08:50 +0000 · adder

chore(deps): bump github.com/blinklabs-io/gouroboros

Bumps [github.com/blinklabs-io/gouroboros](https://github.com/blinklabs-io/gouroboros) from 0.166.1 to 0.168.0.
- [Release notes](https://github.com/blinklabs-io/gouroboros/releases)
- [Changelog](https://github.com/blinklabs-io/gouroboros/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/blinklabs-io/gouroboros/compare/v0.166.1...v0.168.0)

---
updated-dependencies:
- dependency-name: github.com/blinklabs-io/gouroboros
  dependency-version: 0.168.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

62ef5f4b · dependabot/go_modules/github.com/blinklabs-io/gouroboros-0.168.0 · 2/3 ++ 3 --

dependabot[bot] · Tue, 12 May 26 01:08:45 +0000 · adder

chore(deps): bump github.com/utxorpc/go-sdk from 0.0.2 to 0.0.4

Bumps [github.com/utxorpc/go-sdk](https://github.com/utxorpc/go-sdk) from 0.0.2 to 0.0.4.
- [Release notes](https://github.com/utxorpc/go-sdk/releases)
- [Commits](https://github.com/utxorpc/go-sdk/compare/v0.0.2...v0.0.4)

---
updated-dependencies:
- dependency-name: github.com/utxorpc/go-sdk
  dependency-version: 0.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

74c2495f · dependabot/go_modules/github.com/utxorpc/go-sdk-0.0.4 · 2/6 ++ 6 --

dependabot[bot] · Tue, 12 May 26 00:59:36 +0000 · atala-prism-mediator

chore(deps): bump the actions-deps group across 1 directory with 3 updates

Bumps the actions-deps group with 3 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner), [github/codeql-action](https://github.com/github/codeql-action) and [actions/dependency-review-action](https://github.com/actions/dependency-review-action).


Updates `step-security/harden-runner` from 2.19.0 to 2.19.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/8d3c67de8e2fe68ef647c8db1e6a09f647780f40...a5ad31d6a139d249332a2605b85202e8c0b78450)

Updates `github/codeql-action` from 4.35.2 to 4.35.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...68bde559dea0fdcac2102bfdf6230c5f70eb485e)

Updates `actions/dependency-review-action` from 4.9.0 to 5.0.0
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: actions/dependency-review-action
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <[email protected]>

69dd4704 · dependabot/github_actions/actions-deps-e959cdafdc · 9/15 ++ 15 --