90fe9b2430 Fix pyaes dependency, should be in jmbase, not jmbitcoin (Kristaps Kaupe)
Pull request description:
Mistake was made while merging #1512.
ACKs for top commit:
AdamISZ:
ACK 90fe9b2430
Tree-SHA512: 30bc461bf7055bf8af81fc4165492c7f06bb6b923b7e92878dccbfb6d8e14d15950a7d3c5b9b5d681fbd8701cc3a028ad1f10bbc3b56346e387092c3eb88178b
Prior to this commit, an attempt to change the gap limit used in wallet
syncing, by setting gaplimit in the config via configset, would fail,
since gaplimit was only being read from command line options. After this
commit, the value of gaplimit in the POLICY section of the config,
defaulting to 6, will be read and used in Wallet object creation, either
via the createwallet or recoverwallet endpoints, or via the wallet
opening operation in the unlockwallet endpoint. This can be used in
combination with the rescanblockchain endpoint to allow discovery of
funds in addresses beyond the default gap.
9f4da21172 Document requirement of Python 3.7 or newer (Kristaps Kaupe)
63890eef66 Drop Python 3.6 support (Kristaps Kaupe)
Pull request description:
It's EOL since end of 2021 and 3.7+ will be minimum for #1484.
Top commit has no ACKs.
Tree-SHA512: abbb230c54c2657b83c52817d5afeae8d24110553200e54a5789c708958e8405e3fe93b3b84ddceb126dfa474548260bad6b227bd2b03acca914e431bd066dd2
e4f74b56f3 Deduplicate AES code (Kristaps Kaupe)
Pull request description:
There was almost identical code in `jmbitcoin/jmbitcoin/secp256k1_ecies.py` and `jmclient/jmclient/storage.py`, moved it to `jmbase`.
ACKs for top commit:
AdamISZ:
tACK e4f74b56f3
Tree-SHA512: 6dfe347b9a9c1efc126f42fa4e7f55587cb142454f349256c30bc4a2224ee62263bb6635d5bbe8ccd0d1d32ece5f554ab55cdf3bb7b61adde6bce2ae2d0a5108
d5c240b12e Refactor fee estimation code (Kristaps Kaupe)
Pull request description:
Part of splitting #1462 into smaller PRs for easier reviewing and testing.
Top commit has no ACKs.
Tree-SHA512: af1d75881ac7736c46ae8ac96a50808558b626c92f52ee290e68eb19d2e317d0e46c553f7087ed609788611c00de3c3783bf8246e7286da63673212a7f102b25
6cf2237ef8 Add space between address and comma for added utxos msg for easier selection by double clicking (Kristaps Kaupe)
Pull request description:
So that double clicking in terminal selects "address", not "address," in some terminal apps, for example, xfce4-terminal.
Before:
```
2023-07-17 19:25:38,528 [INFO] Added utxos=
xxx:0 - path: m/84'/0'/2'/0/y, address: bc1qsomething, value: 123456
```
After:
```
2023-07-17 19:25:38,528 [INFO] Added utxos=
xxx:0 - path: m/84'/0'/2'/0/y, address: bc1qsomething , value: 123456
```
Top commit has no ACKs.
Tree-SHA512: 59cc3cf245eef0d2747b419c23c396920b3bdb67f8fe95c05652194b0b1068dd0778b327f5e26fe5338b0747fa5f10c923f118cd0529a316231b02b8a6fd97db
9ce4e98aff JM requires Python 3.6+ currently (Kristaps Kaupe)
a85832a20c Remove deprecated check for Python 3+ (Kristaps Kaupe)
Pull request description:
Python 2 is not supported anymore, so no need to check for Python 3+ and JM currently requires 3.6+ not 3.3+.
Top commit has no ACKs.
Tree-SHA512: 611e7da4ddc9198e9794bf8c733ccd1fe57ccecbe8230081a143738da7b1cc7b59d36ea393791abc60b923b94cd926ec36edfbd0ff3180196fe7c886c86fce94
8255c1824f Alphabetical order of imports and add typehints (Kristaps Kaupe)
Pull request description:
Starting to look at #721, want to add typehints and other minor stuff to touched files, but will be easier for reviewers to have refactoring changes in separate PRs.
No typehints for `BlockchainInterface`, could not figure out how to solve circular import problem, flake8 doesn't like forward references.
Top commit has no ACKs.
Tree-SHA512: 60f5a39f460125da39ed27ce882ba1f77d436d7b15a0a0ccc880244d44115a378a3821b4fa21e22616189aba00559a84ee7688bddc35a6a76a5e9ef0c404900f
c7b59ae7c9 Bump werkzeug from 2.2.0 to 2.2.3 in /jmclient (dependabot[bot])
Pull request description:
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.2.0 to 2.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/pallets/werkzeug/releases">werkzeug's releases</a>.</em></p>
<blockquote>
<h2>2.2.3</h2>
<p>This is a fix release for the 2.2.x release branch.</p>
<ul>
<li>Changes: <a href="https://werkzeug.palletsprojects.com/en/2.2.x/changes/#version-2-2-3">https://werkzeug.palletsprojects.com/en/2.2.x/changes/#version-2-2-3</a></li>
<li>Milestone: <a href="https://github.com/pallets/werkzeug/milestone/26?closed=1">https://github.com/pallets/werkzeug/milestone/26?closed=1</a></li>
</ul>
<p>This release contains security fixes for:</p>
<ul>
<li><a href="https://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323">https://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323</a></li>
<li><a href="https://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q">https://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q</a></li>
</ul>
<h2>2.2.2</h2>
<p>This is a fix release for the <a href="https://github.com/pallets/werkzeug/releases/tag/2.2.0">2.2.0</a> feature release.</p>
<ul>
<li>Changes: <a href="https://werkzeug.palletsprojects.com/en/2.2.x/changes/#version-2-2-2">https://werkzeug.palletsprojects.com/en/2.2.x/changes/#version-2-2-2</a></li>
<li>Milestone: <a href="https://github.com/pallets/werkzeug/milestone/25?closed=1">https://github.com/pallets/werkzeug/milestone/25?closed=1</a></li>
</ul>
<h2>2.2.1</h2>
<p>This is a fix release for the <a href="https://github.com/pallets/werkzeug/releases/tag/2.2.0">2.2.0</a> feature release.</p>
<ul>
<li>Changes: <a href="https://werkzeug.palletsprojects.com/en/2.2.x/changes/#version-2-2-1">https://werkzeug.palletsprojects.com/en/2.2.x/changes/#version-2-2-1</a></li>
<li>Milestone: <a href="https://github.com/pallets/werkzeug/milestone/24?closed=1">https://github.com/pallets/werkzeug/milestone/24?closed=1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pallets/werkzeug/blob/main/CHANGES.rst">werkzeug's changelog</a>.</em></p>
<blockquote>
<h2>Version 2.2.3</h2>
<p>Released 2023-02-14</p>
<ul>
<li>Ensure that URL rules using path converters will redirect with strict slashes when
the trailing slash is missing. :issue:<code>2533</code></li>
<li>Type signature for <code>get_json</code> specifies that return type is not optional when
<code>silent=False</code>. :issue:<code>2508</code></li>
<li><code>parse_content_range_header</code> returns <code>None</code> for a value like <code>bytes */-1</code>
where the length is invalid, instead of raising an <code>AssertionError</code>. :issue:<code>2531</code></li>
<li>Address remaining <code>ResourceWarning</code> related to the socket used by <code>run_simple</code>.
Remove <code>prepare_socket</code>, which now happens when creating the server. :issue:<code>2421</code></li>
<li>Update pre-existing headers for <code>multipart/form-data</code> requests with the test
client. :issue:<code>2549</code></li>
<li>Fix handling of header extended parameters such that they are no longer quoted.
:issue:<code>2529</code></li>
<li><code>LimitedStream.read</code> works correctly when wrapping a stream that may not return
the requested size in one <code>read</code> call. :issue:<code>2558</code></li>
<li>A cookie header that starts with <code>=</code> is treated as an empty key and discarded,
rather than stripping the leading <code>==</code>.</li>
<li>Specify a maximum number of multipart parts, default 1000, after which a
<code>RequestEntityTooLarge</code> exception is raised on parsing. This mitigates a DoS
attack where a larger number of form/file parts would result in disproportionate
resource use.</li>
</ul>
<h2>Version 2.2.2</h2>
<p>Released 2022-08-08</p>
<ul>
<li>Fix router to restore the 2.1 <code>strict_slashes == False</code> behaviour
whereby leaf-requests match branch rules and vice
versa. :pr:<code>2489</code></li>
<li>Fix router to identify invalid rules rather than hang parsing them,
and to correctly parse <code>/</code> within converter arguments. :pr:<code>2489</code></li>
<li>Update subpackage imports in :mod:<code>werkzeug.routing</code> to use the
<code>import as</code> syntax for explicitly re-exporting public attributes.
:pr:<code>2493</code></li>
<li>Parsing of some invalid header characters is more robust. :pr:<code>2494</code></li>
<li>When starting the development server, a warning not to use it in a
production deployment is always shown. :issue:<code>2480</code></li>
<li><code>LocalProxy.__wrapped__</code> is always set to the wrapped object when
the proxy is unbound, fixing an issue in doctest that would cause it
to fail. :issue:<code>2485</code></li>
<li>Address one <code>ResourceWarning</code> related to the socket used by
<code>run_simple</code>. :issue:<code>2421</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="22a254fca2"><code>22a254f</code></a> release version 2.2.3</li>
<li><a href="517cac5a80"><code>517cac5</code></a> Merge pull request from GHSA-xg9f-g7g7-2323</li>
<li><a href="babc8d9e8c"><code>babc8d9</code></a> rewrite docs about request data limits</li>
<li><a href="09449ee779"><code>09449ee</code></a> clean up docs</li>
<li><a href="fe899d0cdf"><code>fe899d0</code></a> limit the maximum number of multipart form parts</li>
<li><a href="cf275f42ac"><code>cf275f4</code></a> Merge pull request from GHSA-px8h-6qxv-m22q</li>
<li><a href="8c2b4b82d0"><code>8c2b4b8</code></a> don't strip leading = when parsing cookie</li>
<li><a href="7c7ce5cb73"><code>7c7ce5c</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/pallets/werkzeug/issues/2585">#2585</a>)</li>
<li><a href="19ae03e6a3"><code>19ae03e</code></a> [pre-commit.ci] auto fixes from pre-commit.com hooks</li>
<li><a href="a83d3b8bf0"><code>a83d3b8</code></a> [pre-commit.ci] pre-commit autoupdate</li>
<li>Additional commits viewable in <a href="https://github.com/pallets/werkzeug/compare/2.2.0...2.2.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/JoinMarket-Org/joinmarket-clientserver/network/alerts).
</details>
Top commit has no ACKs.
Tree-SHA512: 8df32d7fedba00b343d6a281f01bf6600e33927aa37b2910dfa9c44f1f24e0198c023ffbfd31f928307824fe06024e47bcf39fa08161e4c4d104e46640c9beee
53a9af5797 Add **/build/ to .gitignore (Kristaps Kaupe)
Pull request description:
These are created when editable installs are manually removed (`-e` in `requirements/base.txt`).
Top commit has no ACKs.
Tree-SHA512: 2bcb68548db4e4ba57b95f3d9cd7e3e3ebd4dca6913d73a53df55a9ca260630976c9aec99acd3925a59268c84036e0f28a2fff3b4632e30797d890e5b73a2ad8
2cc7f215a2 Refactor: alphabetical order of imports and `abc` changes (Kristaps Kaupe)
Pull request description:
Part of splitting #1462 into smaller PRs for easier reviewing and testing. This is really simple change.
Top commit has no ACKs.
Tree-SHA512: 8335e1bf7e64907609d92e5df4f5833e472a7ebae4764f34d32ba96cc7f3b69084de1b246e0ebadbb8fde1c1e3c68b954ed52638145ce70bd1afca8f34d05d85
* Add support for testing against multiple Bitcoin Core versions, add
0.18.0 (oldest officially support for test suite) and 25.0 (latest
stable release). Previously we tested against hardcoded 0.19.1. IMO
testing against oldest supported and latest makes sense, if tests pass
on both, they should pass on releases inbetween too, unless there is
some behaviour affecting us changed twice.
* Update actions/cache from v2 to v3.
Also changed Core downloads from bitcoin.org to bitcoincore.org.
9072e10d91 Don't alter LD_LIBRARY_PATH, PKG_CONFIG_PATH and C_INCLUDE_PATH in tests (Kristaps Kaupe)
Pull request description:
Fixes#1430.
Problem was that, with altered `LD_LIBRARY_PATH`, for system wide installed `bitcoind`, `libsecp256k1.so.0` from jmvenv was loaded, not the one from `/usr/lib64`.
<del>I assume changes for `C_INCLUDE_PATH` may be needed to build miniircd, but don't see why `LD_LIBRARY_PATH` should be changed at all.</del>
Top commit has no ACKs.
Tree-SHA512: f31d4c5e0c4bbdb41d83a8ed79a86794e6985f0e92a538485e28ee828dc16e9b1cd46884ed7f37c8453a526489ac82ad146ad72d398e208d19ca59f4e2165285
3c0b508f0e Remove unnecessary commands from setup joinmarket + virtualenv step (Kristaps Kaupe)
Pull request description:
They are run by `install.sh`, no need to run them additionally afterwards.
If #1475 gets merged, `./jmvenv/bin/pip install -r requirements/testing.txt` can also be removed.
Top commit has no ACKs.
Tree-SHA512: 662cfcfde0ac07f6460a0e59af3af4742eb32aa1adc7846c41b9596d4ae87eb0ac2231d438a8b3aed99a34f73d7e470dab1f7af95ba4a4bdbef35046fd75a56f
67ff868614 Randomize transaction fees only upwards (Kristaps Kaupe)
Pull request description:
Resolves#1429.
This becomes more important in current high fee environment. For example, `estimatesmartfee 3` currently returns feerate around 164 sat/vB. With 20% default `tx_fee_factor` it means actual feerate used can go as low as 132 sat/vB, which is big difference. With simple non-cj sends people could bump fee with RBF if tx is not confirmed for too long, but not so with coinjoins, including payjoins. We are already randomizing only upwards `mempoolminfee`.
I wanted to do this after #1462, but that may take a lot of time and this seems urgent to me.
Top commit has no ACKs.
Tree-SHA512: b3682acdcbd8c7b49a5a19df0efa5aab95d5e9306b39ae1d0800006341bc75a643bf573b8807554ee9a22bdb0d454ccbad975182050b21c301b6b334856b837e
198117f14a CI: Remove editable installs (Kristaps Kaupe)
3641f1e1a4 Disable venv caching (Kristaps Kaupe)
Pull request description:
See https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/1479#issuecomment-1536741199. This seems to be at least increasing chances of CI to succeed. I commented out not removed venv cache part as a reminder that this is not what we want in a long term.
`sed -i.bak` not just `sed -i` is to be compatible with both GNU (Linux) and macOS sed.
ACKs for top commit:
AdamISZ:
utACK 198117f14a
Tree-SHA512: 53c2135589be5e24df234e2d168d49a6d841769c4e4ec52227b7fb39c8c043400a9c402dea58fc28c6a1cc394fb580b32cda201f7289b6eb3bd33c8e70846822
4b2cbe9b34 Pin werkzeug dependency to 2.2.0 (Adam Gibson)
Pull request description:
Fixes#1483.
Prior to this commit, running the RPC API server using Klein failed due to a recent change in Werkzeug 2.3+, preventing any endpoint from returning anything but a 405 error. See
https://github.com/twisted/klein/pull/575.
After this commit we pin to 2.2.0 until such time as updated versions of werkzeug/Klein are reviewed by us.
ACKs for top commit:
kristapsk:
re-ACK 4b2cbe9b34
Tree-SHA512: ae6b256aabba2a6317c9cac1b00b164c8339046b891420d03cc11405590bb9dbb6663059ca4feb4c1081074b202c33e1212052ddd0713e995be3f627aa90f795
Fixes#1483.
Prior to this commit, running the RPC API server using Klein failed
due to a recent change in Werkzeug 2.3+, preventing any endpoint from
returning anything but a 405 error. See
https://github.com/twisted/klein/pull/575.
After this commit we pin to 2.2.0 until such time as updated versions of
werkzeug/Klein are reviewed by us.
e31e839c1d Add get_wallet_rescan_status() instead of getwalletinfo() for bci (Kristaps Kaupe)
Pull request description:
Noticed this when tried to rebase #1462 after merging of #1477. #1461 added public `getwalletinfo()` method to `BitcoinCoreInterface`, which was used by code outside of `jmclient/jmclient/blockchaininterface.py`. This is bad approach, as it relies on Bitcoin Core RPC `getwalletinfo` returned `dict`, which contains a lots of different stuff too, could lead to more problems in future introducing other blockchain interface classes. Let's instead have generic method returning just wallet rescan status. Also it now returns `Tuple[bool, Optional[Decimal]]` with rescan status percentage, if rescan is in progress, although that's not used by any other code for now.
ACKs for top commit:
AdamISZ:
utACK e31e839c1d , very much agree with the thinking here.
Tree-SHA512: 2d8c9b8157847e713838099d0f62dfcd5321c9498cf8453a9087407e2cd9c32906739c8e71460fc6ac6426662d2ac501261080fea08388d928933f788bda9a8d
3805c7af11 Remove ElectrumWalletInterface (Kristaps Kaupe)
Pull request description:
Remove broken `ElectrumWalletInterface` (we can re-introduce it later from history if somebody wants to fix it).
Part of splitting #1462 into smaller PRs for easier testing and reviews.
ACKs for top commit:
AdamISZ:
tACK 3805c7af11
Tree-SHA512: 8d11f3488c5e16058be187212b49e2cf11787b5fb9a1bb87f8949f76fa1569358932bea5bcf4fa3d0b0640534d87681d762b6e595f85a8e02584c9e438960c66
abbffefda0 ignore matched txs with invalid sPKs when scanning (openoms)
Pull request description:
Fixes the second edge case in #1471
completes #1473
ACKs for top commit:
AdamISZ:
tACK abbffefda0
kristapsk:
utACK abbffefda0
Tree-SHA512: 2789a1e604820726fc3261b9611e42ac19968f1ba8272512a715ace885672bca7692cc5ccfd59aa1469961660f2f410f437b406ce2dec319f52505750d9b7d7b
Kristaps Kaupe
Adam Gibson
roshii
dependabot[bot]
openoms