3,301 commits this week - Cardano Updates

Jun 07, 11-12 PM (2)

Jun 07, 12-1 PM (5)

Jun 07, 1-2 PM (35)

Jun 07, 2-3 PM (2)

Jun 07, 3-4 PM (4)

Jun 07, 4-5 PM (2)

Jun 07, 5-6 PM (4)

Jun 07, 6-7 PM (0)

Jun 07, 7-8 PM (0)

Jun 07, 8-9 PM (17)

Jun 07, 9-10 PM (1)

Jun 07, 10-11 PM (21)

Jun 07, 11-12 AM (9)

Jun 08, 12-1 AM (9)

Jun 08, 1-2 AM (5)

Jun 08, 2-3 AM (3)

Jun 08, 3-4 AM (4)

Jun 08, 4-5 AM (2)

Jun 08, 5-6 AM (9)

Jun 08, 6-7 AM (5)

Jun 08, 7-8 AM (25)

Jun 08, 8-9 AM (36)

Jun 08, 9-10 AM (41)

Jun 08, 10-11 AM (24)

Jun 08, 11-12 PM (22)

Jun 08, 12-1 PM (40)

Jun 08, 1-2 PM (48)

Jun 08, 2-3 PM (33)

Jun 08, 3-4 PM (27)

Jun 08, 4-5 PM (12)

Jun 08, 5-6 PM (23)

Jun 08, 6-7 PM (14)

Jun 08, 7-8 PM (3)

Jun 08, 8-9 PM (6)

Jun 08, 9-10 PM (19)

Jun 08, 10-11 PM (29)

Jun 08, 11-12 AM (8)

Jun 09, 12-1 AM (5)

Jun 09, 1-2 AM (3)

Jun 09, 2-3 AM (1)

Jun 09, 3-4 AM (3)

Jun 09, 4-5 AM (26)

Jun 09, 5-6 AM (5)

Jun 09, 6-7 AM (23)

Jun 09, 7-8 AM (51)

Jun 09, 8-9 AM (35)

Jun 09, 9-10 AM (45)

Jun 09, 10-11 AM (51)

Jun 09, 11-12 PM (46)

Jun 09, 12-1 PM (86)

Jun 09, 1-2 PM (84)

Jun 09, 2-3 PM (36)

Jun 09, 3-4 PM (38)

Jun 09, 4-5 PM (16)

Jun 09, 5-6 PM (18)

Jun 09, 6-7 PM (18)

Jun 09, 7-8 PM (19)

Jun 09, 8-9 PM (16)

Jun 09, 9-10 PM (16)

Jun 09, 10-11 PM (28)

Jun 09, 11-12 AM (10)

Jun 10, 12-1 AM (11)

Jun 10, 1-2 AM (16)

Jun 10, 2-3 AM (11)

Jun 10, 3-4 AM (19)

Jun 10, 4-5 AM (5)

Jun 10, 5-6 AM (2)

Jun 10, 6-7 AM (46)

Jun 10, 7-8 AM (82)

Jun 10, 8-9 AM (18)

Jun 10, 9-10 AM (59)

Jun 10, 10-11 AM (46)

Jun 10, 11-12 PM (134)

Jun 10, 12-1 PM (49)

Jun 10, 1-2 PM (33)

Jun 10, 2-3 PM (32)

Jun 10, 3-4 PM (28)

Jun 10, 4-5 PM (36)

Jun 10, 5-6 PM (12)

Jun 10, 6-7 PM (12)

Jun 10, 7-8 PM (38)

Jun 10, 8-9 PM (11)

Jun 10, 9-10 PM (10)

Jun 10, 10-11 PM (20)

Jun 10, 11-12 AM (7)

Jun 11, 12-1 AM (10)

Jun 11, 1-2 AM (2)

Jun 11, 2-3 AM (0)

Jun 11, 3-4 AM (2)

Jun 11, 4-5 AM (8)

Jun 11, 5-6 AM (12)

Jun 11, 6-7 AM (34)

Jun 11, 7-8 AM (106)

Jun 11, 8-9 AM (36)

Jun 11, 9-10 AM (20)

Jun 11, 10-11 AM (105)

Jun 11, 11-12 PM (25)

Jun 11, 12-1 PM (38)

Jun 11, 1-2 PM (37)

Jun 11, 2-3 PM (14)

Jun 11, 3-4 PM (20)

Jun 11, 4-5 PM (5)

Jun 11, 5-6 PM (7)

Jun 11, 6-7 PM (26)

Jun 11, 7-8 PM (90)

Jun 11, 8-9 PM (11)

Jun 11, 9-10 PM (5)

Jun 11, 10-11 PM (25)

Jun 11, 11-12 AM (5)

Jun 12, 12-1 AM (8)

Jun 12, 1-2 AM (2)

Jun 12, 2-3 AM (2)

Jun 12, 3-4 AM (4)

Jun 12, 4-5 AM (7)

Jun 12, 5-6 AM (15)

Jun 12, 6-7 AM (46)

Jun 12, 7-8 AM (19)

Jun 12, 8-9 AM (28)

Jun 12, 9-10 AM (22)

Jun 12, 10-11 AM (29)

Jun 12, 11-12 PM (42)

Jun 12, 12-1 PM (24)

Jun 12, 1-2 PM (26)

Jun 12, 2-3 PM (22)

Jun 12, 3-4 PM (38)

Jun 12, 4-5 PM (23)

Jun 12, 5-6 PM (19)

Jun 12, 6-7 PM (26)

Jun 12, 7-8 PM (12)

Jun 12, 8-9 PM (17)

Jun 12, 9-10 PM (5)

Jun 12, 10-11 PM (30)

Jun 12, 11-12 AM (6)

Jun 13, 12-1 AM (6)

Jun 13, 1-2 AM (2)

Jun 13, 2-3 AM (0)

Jun 13, 3-4 AM (3)

Jun 13, 4-5 AM (0)

Jun 13, 5-6 AM (3)

Jun 13, 6-7 AM (7)

Jun 13, 7-8 AM (5)

Jun 13, 8-9 AM (6)

Jun 13, 9-10 AM (14)

Jun 13, 10-11 AM (12)

Jun 13, 11-12 PM (2)

Jun 13, 12-1 PM (23)

Jun 13, 1-2 PM (21)

Jun 13, 2-3 PM (7)

Jun 13, 3-4 PM (0)

Jun 13, 4-5 PM (4)

Jun 13, 5-6 PM (4)

Jun 13, 6-7 PM (3)

Jun 13, 7-8 PM (3)

Jun 13, 8-9 PM (7)

Jun 13, 9-10 PM (16)

Jun 13, 10-11 PM (19)

Jun 13, 11-12 AM (24)

Jun 14, 12-1 AM (18)

Jun 14, 1-2 AM (0)

Jun 14, 2-3 AM (0)

Jun 14, 3-4 AM (0)

Jun 14, 4-5 AM (2)

Jun 14, 5-6 AM (0)

Jun 14, 6-7 AM (2)

Jun 14, 7-8 AM (3)

Jun 14, 8-9 AM (0)

Jun 14, 9-10 AM (1)

Jun 14, 10-11 AM (2)

Jun 14, 11-12 PM (4)

3,301 commits this week Jun 07, 2026 - Jun 14, 2026

scarmuega · Sun, 14 Jun 26 12:41:19 +0000 · oura

docs(v2): document the full set of published docker tags

The docker install reference only mentioned `latest` plus a single
pre-release versioned example. The Docker CI workflow
(.github/workflows/docker.yml) actually publishes: latest (main tip),
stable (newest release), v{major}, v{major}.{minor}, v{version}, and
sha-{commit}.

- add a table covering every published tag and when it updates
- clarify that `latest` tracks `main`, not the latest release
- use the v2.1.0 release (not a pre-release) as the pin example

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>

5c698733 · docs/v2-fitness-fixes · 1/18 ++ 3 --

scarmuega · Sun, 14 Jun 26 12:35:30 +0000 · oura

docs(v2): align v2 docs with actual implementation

Audit of docs/v2 against src/ surfaced several config-breaking
inaccuracies, missing components, and stale field lists. All claims
verified directly against the config structs/enums (serde `tag = "type"`,
no `rename_all`, so type tags must match variant names verbatim).

Config-breaking fixes:
- webhook: type "Webhook" -> "WebHook"; drop nonexistent error_policy
- elasticsearch: type "Elastic" -> "ElasticSearch"
- gcp_cloudfunction: authorization (string) -> authentication (bool)
- pipeline_metrics: drop nonexistent `endpoint` field
- stateful_cursor: Memory is the default; File default path is
  ./cursor.json; document max_breadcrumbs/flush_interval and Redis backend

Newly documented components:
- sinks: SqlDb, Zeromq
- filters: IntoJson, WorkStats

Backfilled fields:
- kafka: ack_timeout_secs, paritioning
- redis sink: correct default (oura-sink), add stream_max_length
- terminal: adahandle_policy
- finalize: max_block_quantity

Data dictionary:
- document the v2-native pipeline data model (ChainEvent envelope and
  Record variants) alongside the legacy v1 event catalogue

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>

f3389819 · docs/v2-fitness-fixes · 14/201 ++ 17 --

QSchlegel · Sun, 14 Jun 26 12:06:37 +0000 · multisig

Merge pull request #301 from MeshJS/claude/deps-npm-override

deps: override npm to ^11 to clear bundled brace-expansion ReDoS

a61f9a50 · preprod · 2/702 ++ 1,962 --

QSchlegel · Sun, 14 Jun 26 12:02:59 +0000 · multisig

deps: override npm to ^11 to clear bundled brace-expansion ReDoS

The last open Dependabot alert (brace-expansion <=2.0.1, GHSA-v6h2-p8h4-qcjw,
ReDoS) was a copy bundled inside [email protected], which @cardano-sdk/crypto pulls in
via `npm@^9.3.0`. That npm dependency is spurious — @cardano-sdk/crypto declares
it but never imports it in its compiled code — so it only drags in npm's vendored
dependency tree (including the vulnerable brace-expansion and the noise behind
`npm audit`'s large count).

A `brace-expansion` override can't fix this: npm overrides don't reach into a
bundled package's vendored node_modules, and a blanket brace-expansion override
instead downgrades the legitimate [email protected] that glob@11 / minimatch@10
require (named `expand` export), breaking glob.

Override `npm` to ^11 instead (resolves to 11.17.0), whose bundle ships the
patched [email protected]. Net effect:
- zero vulnerable brace-expansion instances remain in the tree
- glob / minimatch still resolve and brace-expand correctly
- safe because @cardano-sdk/crypto never executes npm

The lockfile was regenerated with npm 10.9.3 (matching CI's node:22-slim, not the
local npm 11) via `npm install --package-lock-only`, so it stays in sync for the
`npm ci` CI runs — npm 11 drops @auth/core's optional @simplewebauthn entries that
npm 10 keeps, which made `npm ci` fail. Churn is limited to the npm subtree.

The other 14 Dependabot alerts were already remediated in the committed lockfile
(next@16, [email protected], [email protected], ip/tar-fs absent, etc.) and dismissed.

Verified: `npm ci` (npm 10.9.3) succeeds; tsc --noEmit clean; next build --webpack succeeds.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>

cab9df14 · claude/deps-npm-override · 2/702 ++ 1,962 --

dependabot[bot] · Sun, 14 Jun 26 11:59:46 +0000 · after-town-hall

chore(deps): bump esbuild, @vitejs/plugin-react and vite

Removes [esbuild](https://github.com/evanw/esbuild). It's no longer used after updating ancestor dependencies [esbuild](https://github.com/evanw/esbuild), [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). These dependencies need to be updated together.


Removes `esbuild`

Updates `@vitejs/plugin-react` from 5.1.4 to 5.2.0
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/[email protected]/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/[email protected]/packages/plugin-react)

Updates `vite` from 7.3.2 to 8.0.16
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.16/packages/vite)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-version:
  dependency-type: indirect
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 5.2.0
  dependency-type: direct:development
- dependency-name: vite
  dependency-version: 8.0.16
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

02a45f4b · dependabot/npm_and_yarn/multi-eb52c55c59 · 2/245 ++ 749 --

QSchlegel · Sun, 14 Jun 26 11:54:04 +0000 · multisig

Merge pull request #300 from MeshJS/claude/ballot-ipfs-rationale

Reliable IPFS, rationale drafting/caching, and ballot CSV

9e2f72ea · preprod · 9/817 ++ 74 --

actions-user · Sun, 14 Jun 26 10:12:08 +0000 · Intersect-knowledge-base

Update recent-updates.md

af5a4ddf · main · 1/1 ++ 1 --

michalrus · Sun, 14 Jun 26 08:33:43 +0000 · blockfrost-platform-desktop

fix(mithril): Windows hash

11e53864 · chore/1.0.0-rc.2 · 1/1 ++ 1 --

github-actions[bot] · Sun, 14 Jun 26 08:19:54 +0000 · governance

Update proposal voting contexts

ce232da3 · main · 1/14 ++ 14 --

michalrus · Sun, 14 Jun 26 08:08:25 +0000 · blockfrost-platform-desktop

fix(mithril): use prebuilds on AArch64 Darwin

f9d19e18 · chore/1.0.0-rc.2 · 1/17 ++ 2 --

github-actions[bot] · Sun, 14 Jun 26 07:28:21 +0000 · blockfrost-platform

chore(nix): update `flake.lock`

Flake lock file updates:

• Updated input 'advisory-db':
    'github:rustsec/advisory-db/eaf48e7' (2026-05-29)
  → 'github:rustsec/advisory-db/09735e1' (2026-06-13)
• Updated input 'blockfrost-tests':
    'github:blockfrost/blockfrost-tests/e1f3b72' (2026-06-03)
  → 'github:blockfrost/blockfrost-tests/2a9b647' (2026-06-08)
• Updated input 'crane':
    'github:ipetkov/crane/0532eb1' (2026-05-30)
  → 'github:ipetkov/crane/59a82a1' (2026-06-04)
• Updated input 'fenix':
    'github:nix-community/fenix/2118601' (2026-05-30)
  → 'github:nix-community/fenix/aad7d8b' (2026-06-13)
• Updated input 'fenix/rust-analyzer-src':
    'github:rust-lang/rust-analyzer/5ebf65c' (2026-05-29)
  → 'github:rust-lang/rust-analyzer/3f92cd1' (2026-06-12)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/25f5383' (2026-05-26)
  → 'github:nixos/nixpkgs/e820eb4' (2026-06-08)
• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/790751f' (2026-04-08)
  → 'github:numtide/treefmt-nix/db94781' (2026-05-31)

ad620361 · chore/update-flake-lock · 1/34 ++ 25 --

github-actions[bot] · Sun, 14 Jun 26 07:27:29 +0000 · cardano-org

chore: update translation progress from Crowdin [skip ci]

67b5f4e7 · chore/update-crowdin-data · 2/2 ++ 2 --

oculusorbus · Sun, 14 Jun 26 05:15:18 +0000 · cardano-org

Merge upstream/staging, resolve apps.js conflict (keep Skulliance + DRepTalk)

2c10f066 · pull/661/head · 101/11,523 ++ 6,436 --

cardano-bot · Sun, 14 Jun 26 05:14:12 +0000 · pool_groups

Scheduled update

ef50ce4a · main · 3/30 ++ 30 --

IOHK · Sun, 14 Jun 26 01:36:04 +0000 · haskell.nix

Update Hackage and Stackage

6c5002f0 · master · 1/9 ++ 9 --

0xBora · Sun, 14 Jun 26 01:22:41 +0000 · developer-portal

Earmark a Formal Verification page (Blaster)

Add an in-development stub for formal verification in the Smart Contracts module, featuring Blaster (Lean 4 proof automation), with the Lean-blaster repo to track progress.

66911781 · docs/curriculum-spine · 2/20 ++ 0 --

github-actions[bot] · Sun, 14 Jun 26 01:21:34 +0000 · foliage

flake.lock: Update

Flake lock file updates:

• Updated input 'haskell-nix':
    'github:input-output-hk/haskell.nix/131f8cc' (2026-05-16)
  → 'github:input-output-hk/haskell.nix/7c81c09' (2026-06-13)
• Updated input 'haskell-nix/hackage':
    'github:input-output-hk/hackage.nix/a482aef' (2026-05-16)
  → 'github:input-output-hk/hackage.nix/e8eba9f' (2026-06-13)
• Updated input 'haskell-nix/hackage-for-stackage':
    'github:input-output-hk/hackage.nix/ab71329' (2026-05-16)
  → 'github:input-output-hk/hackage.nix/2683b48' (2026-06-13)
• Updated input 'haskell-nix/iserv-proxy':
    'github:stable-haskell/iserv-proxy/3f7b281' (2026-04-08)
  → 'github:stable-haskell/iserv-proxy/8cdc446' (2026-05-10)
• Updated input 'haskell-nix/stackage':
    'github:input-output-hk/stackage.nix/c1f217f' (2026-05-16)
  → 'github:input-output-hk/stackage.nix/027abdc' (2026-06-13)

6f5ab04c · update_flake_lock_action · 1/15 ++ 15 --

github-actions[bot] · Sun, 14 Jun 26 01:20:39 +0000 · cardano-up-packages

chore: tx-submit-api 0.21.0

5174cc35 · chore/tx-submit-api-0.21.0 · 1/27 ++ 0 --

github-actions[bot] · Sun, 14 Jun 26 01:20:32 +0000 · cardano-up-packages

chore: dingo 0.54.0

7343bb5a · chore/dingo-0.54.0 · 1/53 ++ 0 --

github-actions[bot] · Sun, 14 Jun 26 01:20:28 +0000 · cardano-up-packages

chore: cardano-node-api 0.10.1

52f6f67f · chore/cardano-node-api-0.10.1 · 1/33 ++ 0 --

upptime-bot · Sun, 14 Jun 26 01:19:16 +0000 · cf-summit-evoting-status

:card_file_box: Update status summary [skip ci] [upptime]

a80bdd31 · main · 1/71 ++ 67 --

upptime-bot · Sun, 14 Jun 26 01:19:16 +0000 · cf-summit-evoting-status

:pencil: Update summary in README [skip ci] [upptime]

43c10ec8 · main · 1/9 ++ 9 --

github-actions[bot] · Sun, 14 Jun 26 01:18:16 +0000 · devx

flake.lock: Update

Flake lock file updates:

• Updated input 'haskellNix':
    'github:input-output-hk/haskell.nix/cc939d0' (2026-02-23)
  → 'github:input-output-hk/haskell.nix/7c81c09' (2026-06-13)
• Removed input 'haskellNix/cabal-32'
• Updated input 'haskellNix/hackage':
    'github:input-output-hk/hackage.nix/06f38c7' (2026-02-23)
  → 'github:input-output-hk/hackage.nix/e8eba9f' (2026-06-13)
• Updated input 'haskellNix/hackage-for-stackage':
    'github:input-output-hk/hackage.nix/2d5bbb1' (2026-02-23)
  → 'github:input-output-hk/hackage.nix/2683b48' (2026-06-13)
• Updated input 'haskellNix/iserv-proxy':
    'github:stable-haskell/iserv-proxy/91ef7ff' (2026-02-04)
  → 'github:stable-haskell/iserv-proxy/8cdc446' (2026-05-10)
• Updated input 'haskellNix/nixpkgs-2511':
    'github:NixOS/nixpkgs/b0924ea' (2025-12-01)
  → 'github:NixOS/nixpkgs/74b8795' (2026-04-09)
• Updated input 'haskellNix/nixpkgs-unstable':
    'github:NixOS/nixpkgs/c1cb7d0' (2025-12-01)
  → 'github:NixOS/nixpkgs/1304392' (2026-04-11)
• Updated input 'haskellNix/stackage':
    'github:input-output-hk/stackage.nix/862226e' (2026-02-23)
  → 'github:input-output-hk/stackage.nix/027abdc' (2026-06-13)
• Updated input 'iohk-nix':
    'github:input-output-hk/iohk-nix/a704b93' (2025-11-12)
  → 'github:input-output-hk/iohk-nix/9de0011' (2026-05-05)
• Updated input 'iohk-nix/blst':
    'github:supranational/blst/8c7db7f' (2025-02-12)
  → 'github:supranational/blst/6d960cd' (2025-06-06)

de7f037d · update_flake_lock_action · 1/28 ++ 46 --

0xBora · Sun, 14 Jun 26 01:16:12 +0000 · developer-portal

Flatten Module 7, add a run-your-own-node pointer, and move Mithril to operator tools

Drop the Infrastructure and Providers wrapper and surface its children directly; add a developer run-your-own-node page that hands off to the operator curriculum; remove installing/running/topology from the developer sidebar; delete the duplicate infrastructure overview and redirect it; move Mithril out of Scaling into the operator Operator Tools.

13dd8a0c · docs/curriculum-spine · 9/59 ++ 147 --

0xBora · Sun, 14 Jun 26 01:16:12 +0000 · developer-portal

Slim the Smart Contracts overview into a real overview

Rewrite the 327-line overview into a high-level overview that links the submodules instead of duplicating them; move the collateral mechanics into lock-and-spend; keep the inbound anchors stable.

d5cc319b · docs/curriculum-spine · 2/69 ++ 206 --

Show more commits

Showing 25 of 3301 recent commits.

Yesterday's Report

New Repo Discovered

New Releases