Releases: EOSIO/eos
EOSIO v1.7.0 Release Candidate 2
This is a RELEASE CANDIDATE for version 1.7.0. The latest STABLE release is v1.6.3.
This release contains security bug fixes and miscellaneous fixes. These changes build on the changes outlined in the Release Candidate 1 (v1.7.0-rc1).
Security bug fixes
Consolidated Security Fixes for 1.7.0-rc2 (#6882)
- Fixed small memory leak in net_plugin.
- Added additional deadline checks to transaction authorization.
Note: These security fixes are relevant to both Producer nodes and HTTP API providers.
Other Changes
- (#6816) appbase: Block (queue) exit signals during shutdown
- (#6858) appbase: rework blocking (queuing) exit signals during shutdown
- (#6859) Update to appbase with FIFO priority queue
- (#6868) appbase: ensure ctrl-c during startup handled
- (#6871) Signature cpu usage - more correctly bill transaction signature recovery cpu usage
Disclaimer: Block.one makes its contribution on a voluntary basis as a member of the EOSIO community and is not responsible for ensuring the overall performance of the software or any applications related thereto. We make no representation, warranty, guarantee or undertaking in respect of the releases described herein, the related GitHub release, the EOSIO software or any documentation related to any of the foregoing, whether expressed or implied, and disclaim all liability that may arise from any use of the software or documentation for any purpose. Any test results or performance figures are indicative and will not reflect performance under all conditions. Any reference to any third party or third-party product, resource or service is not an endorsement or recommendation by Block.one.
EOSIO v1.6.3 Release Notes
This release contains security bug fixes and miscellaneous fixes.
Security bug fixes
Consolidated Security Fixes for 1.6.x (#6881)
- Fixed small memory leak in net_plugin.
- Added additional deadline checks to transaction authorization.
Note: These security fixes are relevant to both Producer nodes and HTTP API providers.
Other Changes
- (#6823) Wrong tag/branch name - fix Docker/README.md example version
- (#6870) Signature cpu usage - more correctly bill transaction signature recovery cpu usage
Thanks
Thanks to the following community members for their contributions:
Disclaimer: Block.one makes its contribution on a voluntary basis as a member of the EOSIO community and is not responsible for ensuring the overall performance of the software or any applications related thereto. We make no representation, warranty, guarantee or undertaking in respect of the releases described herein, the related GitHub release, the EOSIO software or any documentation related to any of the foregoing, whether expressed or implied, and disclaim all liability that may arise from any use of the software or documentation for any purpose. Any test results or performance figures are indicative and will not reflect performance under all conditions. Any reference to any third party or third-party product, resource or service is not an endorsement or recommendation by Block.one.
EOSIO v1.5.7 Release Notes
This release contains security bug fixes.
Security bug fixes
Consolidated Security Fixes for 1.5.x (#6880)
- Fixed small memory leak in net_plugin.
- Added additional deadline checks to transaction authorization.
Note: These security fixes are relevant to both Producer nodes and HTTP API providers.
Disclaimer: Block.one makes its contribution on a voluntary basis as a member of the EOSIO community and is not responsible for ensuring the overall performance of the software or any applications related thereto. We make no representation, warranty, guarantee or undertaking in respect of the releases described herein, the related GitHub release, the EOSIO software or any documentation related to any of the foregoing, whether expressed or implied, and disclaim all liability that may arise from any use of the software or documentation for any purpose. Any test results or performance figures are indicative and will not reflect performance under all conditions. Any reference to any third party or third-party product, resource or service is not an endorsement or recommendation by Block.one.
EOSIO v1.7.0 Release Candidate 1
This is a RELEASE CANDIDATE for version 1.7.0. The latest STABLE release is v1.6.2.
Deprecation and Removal Notices
Contracts directory removed
In the v1.2.0 release of EOSIO we deprecated the example contracts and the contract development libraries located in the contracts/ directory. The contract development libraries were deprecated in favor of the libraries and tools in the eosio.cdt repository that have since been updated. The eosio.* reference contract sources in the contracts/ were deprecated in favor of the ones tracked in the eosio.contracts repository which have also been updated since v1.2.0.
In this release, we have removed the contracts/ directory from this repository. Some of the contracts from that directory are still required by the EOSIO automated tests. Pre-compiled WebAssembly code of the eosio.* contracts (source code is tracked in the eosio.contracts repository) has been moved to the unittests/contracts/ directory for use by some unit and integration tests. The other relevant test contracts have been updated to work with the latest eosio.cdt release and have moved to the unittests/test-contracts/ directory. Pre-compiled WebAssembly code and ABIs of the test contracts are also included in the repository to enable the automated tests to run without requiring eosio.cdt as a dependency. (#6329, #6728, #6749)
Binaryen dependency removed
This release also removes the dependency on binaryen (#6557) which was deprecated in the v1.3.0 release and removed as a WebAssembly runtime option in the v1.4.0 release but kept around until now only to build the old test contracts.
Changes
Added get_supported_apis RPC API (#6572)
A new RPC API /v1/node/get_supported_apis has been added to allow applications to discover the current set of activated plugins on an API server. This information can then allow applications to intelligently render their UI elements customized for the capabilities provided by the API server.
Improved handling of default values in config.ini (#6620)
In previous releases of nodeos the generated config.ini would have default values specified for every configuration item. This behavior has changed in v1.7.0: default values are still noted but now commented out instead. To help encourage use of this new pattern—where the intention is the user will only explicitly set configurations in config.ini he or she actually explicitly wants to set—nodeos upon startup will print a warning if the config.ini file specifies a value for a configuration item that is already the default value. The warning will look like
APPBASE: Warning: The following configuration items in the config.ini file are redundantly set to
their default value:
bnet-peer-log-format, blocks-dir
Explicit values will override future changes to application defaults. Consider commenting out or
removing these items.
Upgraded the yubihsm wallet to use libyubihsm2 & YubiHSM 2.1 support (#6733)
Upgraded the yubihsm wallet to use libyubihsm2. This brings about two user facing features: support for newly shipping YubiHSM 2.1 firmware and support for talking to a YubiHSM directly through USB instead of through the connector (use yubihsm-url = yhusb://).
Added REX support to cleos (#6785)
Added cleos support for REX related actions by creating the cleos system rex subcommand and associated sub-subcommands that correspond to different actions.
Display shortened error messages even when --verbose-http-errors is not specified (#6769)
This PR adds shortened log_message output to the errors returned by API nodes when --verbose-http-errors is not enabled, which is the recommended operating mode for public facing API nodes. Full error messages can still be enabled by specifying the --verbose-http-errors option, though that is only recommended for local debugging purposes rather than production use.
Logging changes
Fixed startup logging when loading snapshots (#6713)
Fixed nodeos logging to not report erroneous error messages when loading snapshots and to also indicate when snapshot initialization starts and stops
Added logging for hard replay progress (#6535)
Nodeos output logging during a hard replay has been upgraded to include two new progress messages, one for reconstruction of the index file and another for reconstruction of the block log file. Both messages are output every 1000 blocks. All existing log messages are still present.
Various Performance Improvements
Several of the PRs in this release contribute to the overall goal of increasing the efficiency of the peer-to-peer networking layer and real-time transaction throughput. This has been accomplished by: creating a priority queue for the main application thread that assigns high priority for block production and block propagation and a lower priority for transaction processing (#6577), creating an efficient way for net_plugin to quickly determine known blocks (#6735), and adding multithreading improvements to net_plugin (#6725) and http_plugin (#6687) with corresponding config options to control the number of worker threads in their respective thread pools.
Other Changes
- (#6518) Added support for FC_REFLECT_DERIVED
- (#6509) Additional transaction tests
- (#6543) Verify Ctrl-C on Nodeos causes it to return an Exit Status of 0
- (#6329) EOSIO.CDT test porting/contract refactor
- (#6552) get account raw
- (#6544) Fix for mongo empty json keys
- (#6553) MongoDB eosio.system contract fix
- (#6557) Remove binaryen & other vesigigial pieces
- (#6514) Net plugin fix for sync
- (#6558) Removing unneeded contract directory
- (#6565) No longer build wasm llvm on macos & ubuntu
- (#6566) Remove WASM_ROOT from scripts & remove "install" of old tools
- (#6570) Remove cotire
- (#6568) Added Checkboxes to Pull Request Template
- (#6579) Remove the copy of the contracts directory from the Dockerfile
- (#6579) Create "base install" target
- (#6581) Unittest for old wasm host ptr fix
- (#6593) Revert ability to customize name of http_plugin options
- (#6589) Use https url for wabt submodule
- (#6583) Add support for account creation with permission level to cleos
- (#6580) Long running test fixes and better error reporting
- (#6619) update appbase submodule to point to latest master (07850236)
- (#6626) Return code_version instead of recalculating code hash
- (#6636) Merge 1.6.0 changes to develop
- (#6632) Remove link reference to old boost signals library
- (#6640) Long running test Min RAM test fix
- (#6656) Improve logging to identify why forking integration test is failing.
- (#6622) Remove obsolete poorly documented tutorial.
- (#6680) Remove some obsolete cleos help text for 'wallet stop'
- (#6681) Fix comment on max trx decompressed size
- (#6679) Fix IS #5418
- (#6633) Set minimum dependencies for Debian packages.
- (#6665) Return active producers when producerstable doesn't exist
- (#6686) Remove queued HTTP handler registration
- (#6677) Use additional docker tags for internal image repositories
- (#6691) Monitor wallet lock file and shut down if it's removed.
- (#6539) Update EOS license year 2019
- (#6526) typo: Web Assembly -> WebAssembly
- (#6701) fix signed_int pack/unpack
- (#6710) Merge 1.6.1 to develop
- (#6717) Spell fix in help
- (#6655) Fix numerous signed unsigned mismatch warnings
- (#6716) Unit Tests Now Run In Parallel
- (#6445) Regularize replay logging
- (#6728) Not building test-contracts by default
- (#6732) Add buildkite step to gather brew files for automatic update
- (#6731) txn_test_gen_plugin thread pool
- (#6690) g++ Warning fix
- (#6748) Fix net_plugin shutdown
- (#6744) Fix integration test errors in restart-scenarios-test.py
- (#6749) Updated test contract to work with v1.6.x of eosio.cdt
- (#6750) Fix segfault on shutdown
- (#6753) Fix plugin test
- (#6747) added memo to base_tester::issue
- (#6757) Remove xcode dep and duplicate gmp
- (#6756) Fix net_plugin catchup reported blocks
- (#6715) V2 build scripts for ci
- (#6772) commonize & integrate into getopts noninteractive option
- (#6779) Use -y for noninteractive builds in the CI pipeline
- (#6781) reflector_init fix
- (#6780) Fix/llvm dir path
- (#6786) Security fix ported from 1.6.2
- (#6789) cleanup centos rpm deps
- (#6787) Fix for reflector_init on derived
- (#6550) Consolidated Security Fixes ported from 1.6.0-rc2
- (#6791) Reinitialize net plugin logger on HUP
- (#6776) Add warning to --state-history-endpoint
- (#6799) Reduce max time allowed for checktime_hashing_fail test
- (#6702) Refactor BUILDKITE_TAG logic in Docker image builds
- (#6802) Remove -fno-builtin-memcmp for gcc builds
- (#6804) Replace binaryen reference to wabt
- (#6806) Enable options to print full console output
- (#6803) Net plugin use local logger
Thanks!
Special thanks to the community contributors that submitted patches for this release:
Disclaimer: Block.one makes its contribution on a voluntary basis as a member of the EOSIO community and is not responsible for ensuring the overall performance of the software or any applications related thereto. We make no representation, warranty, guarantee or undertaking in respect of the releases described herein and the related GitHub release or the EOSIO software, whether expressed or implied, and disclaim all liability that may arise fr...
EOSIO v1.6.2 Release Notes
This release contains critical security fixes and fixes that affect the successful build of nodeos on fresh VMs
Changes
(#6721) Fix boost 1.67 brew install
(#6724 ) Set proper directory for baked in macOS LLVM_DIR
(#6729) Add buildkite step to gather brew files for automatic update
(#6759) add noninteractive option for build scripts - 1.6.x
(#6771) Don't unlink what we install via brew - 1.6.x
(#6777) Make sure python-devel is installed for amazon linux builds - 1.6.x
(#6783) limit assert 1.6.x
Thank you.
EOSIO v1.5.6 Release Notes
This release contains critical security bug fixes and fixes to support the successful build of nodeos on fresh VMs
Changes
(#6722) Fix boost 1.67 brew install
(#6723) Set proper directory for baked in macOS LLVM_DIR
(#6758) add noninteractive option for build scripts - 1.5.x
(#6773) Don't unlink what we install via brew - 1.5.x
(#6778) Make sure python-devel is installed for amazon linux builds - 1.5.x
(#6782) limit assert 1.5.x
Thank you.
EOSIO v1.6.1 Release Notes
EOSIO v1.5.5 Release Notes
EOSIO v1.6.0 Release Notes
This release comprises several additional features and fixes, in addition to the cumulative patches made against v1.5.
A blog post providing more information can be found here.
Important Notices
Synchronizing Sub-Module Changes
As part of this release, some of the URLs have changed for the submodules this git repository depends on. Users who are fetching updates into a pre-existing clone of the repository are strongly encouraged to execute git submodule sync to ensure that their workflow is not interrupted.
Users who clone a fresh copy of the repository do not need to perform this additional step.
Deprecation and Removal Notices
None
Changes
(#6612) Restricting Processing Time for Scheduled Transactions
The patches will introduce a new configuration parameter max-scheduled-transaction-time-per-block-ms which defaults to 100 which determines the maximum wall-clock time a node will spend retiring scheduled transactions before processing user-signed transactions.
For more information about the motivation for this change refer to this blog post about CVE-2019-6199.
Various Performance Improvements
Several of the PRs in this release contribute to the overall goal of increasing the efficiency of the peer-to-peer networking layer and real-time transaction throughput. Internal benchmarks show considerable increases in token-transfers-per-second as a result. While this does not represent real-world usage, it does suggest that there will be noticeable improvements to transactions per second, reductions in the billable CPU time for transactions, and lower latency for block propagation.
(#6496) NOTICE: State History Plugin Fix
This was included in Release v1.5.2 however, that release's proximity to this release candidate warrants re-mentioning the following:
Serialization for permission_object failed when both it and its parent were deleted. This happened in block 31700785 of the mainnet.
If you are running the state history plugin AND has proceeded past a block with this condition, then you'll need to restore from a snapshot made prior to that block to continue.
Other Changes
- (#6372) Net plugin cleanup
- (#6370) Fix requires in spec file to resolve dependency resolution issues with rpms
- (#6397) net_plugin reduce signed_block copies
- (#6398) Update buildkite pipeline to use new queues
- (#6400) Add community plugin links
- (#6401) Stop the unix_server from listening in shutdown stage as well.
- (#6436) Use 64-bit float printing of 128-bit floats on non x86_64
- (#6435) remove x86_64 arch dep specification on AMI2 build script
- (#6459) Allow disablement of net_plugin's listen socket
- (#6430) add a test that reduces the size of the producer set
- (#6426) Reflect Validation Script
- (#6470) Update the bios-boot-tutorial.py script and readme.md
- (#6485) Spelling correction
- (#6419) Update LICENSE path
- (#6498) Fix cluster writes for mongo DB
- (#6500) Fix return codes of build scripts so that buildkite can fail properly
- (#6490) Return 400 on get_block with nonexist block number
- (#6499) mongo_db_plugin action_trace indexes
- (#6471) Optimize transaction signature recovery
- (#6501) optimization when writing shared_blob data
- (#6494) packed_transaction enhancement
- (#6549) Consolidated Security Fixes for 1.6.0-rc2
- (#6555) update developer portal link
- (#6596) Use https url for wabt submodule
- (#6612) Build WABT with support for C++ exceptions.
- (#6600) Add libtinfo5 dependency to deb package.
Thanks!
Special thanks to the community contributors that submitted patches for this release:
- @conr2d
- @evsward
- @necokeine
- @iamveritas
- @UMU618
Special thanks to PeckShield for their work related to CVE-2019-6199
EOSIO v1.5.4 Release Notes
This release comprises critical security fixes
Important Notices
Synchronizing Sub-Module Changes
As part of this release, some of the URLs have changed for the submodules this git repository depends on. Users who are fetching updates into a pre-existing clone of the repository are strongly encouraged to execute git submodule sync to ensure that their workflow is not interrupted.
Changes
(#6611) Restricting Processing Time for Scheduled Transactions
The patches will introduce a new configuration parameter max-scheduled-transaction-time-per-block-ms which defaults to 100 which determines the maximum wall-clock time a node will spend retiring scheduled transactions before processing user-signed transactions.
For more information about the motivation for this change refer to this blog post about CVE-2019-6199.