Merge branch 'master' into dom/remove-getter-pallet-authority-discovery

paritytech · May 10, 2024 · 0090f1f · 0090f1f
2 parents 013f8df + a993513
commit 0090f1f
Show file tree

Hide file tree

Showing 137 changed files with 4,326 additions and 713 deletions.
diff --git a/.github/workflows/check-publish.yml b/.github/workflows/check-publish.yml
@@ -20,7 +20,7 @@ jobs:
           cache-on-failure: true
 
       - name: install parity-publish
-        run: cargo install parity-publish@0.3.0
+        run: cargo install parity-publish@0.5.1
 
       - name: parity-publish check
-        run: parity-publish check --allow-unpublished
+        run: parity-publish --color always check --allow-unpublished
diff --git a/.github/workflows/check-semver.yml b/.github/workflows/check-semver.yml
@@ -0,0 +1,55 @@
+name: Check semver
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    paths:
+      - prdoc/*.prdoc
+
+jobs:
+  check-semver:
+    runs-on: ubuntu-latest
+    container:
+      image: docker.io/paritytech/ci-unified:bullseye-1.77.0-2024-04-10-v20240408
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Rust Cache
+        uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
+        with:
+          cache-on-failure: true
+
+      - name: Rust compilation prerequisites
+        run: |
+          rustup default nightly-2024-03-01
+          rustup target add wasm32-unknown-unknown --toolchain nightly-2024-03-01
+          rustup component add rust-src --toolchain nightly-2024-03-01
+
+      - name: install parity-publish
+        run: cargo install [email protected]
+
+      - name: extra git setup
+        run: |
+          git config --global --add safe.directory '*'
+          git fetch --no-tags --no-recurse-submodules --depth=1 origin master
+          git branch old origin/master
+
+      - name: check semver
+        run: |
+          export CARGO_TARGET_DIR=target
+          export RUSTFLAGS='-A warnings -A missing_docs'
+          if ! parity-publish --color always prdoc --since old --validate prdoc/pr_$PR.prdoc --toolchain nightly-2024-03-01 -v; then
+            cat <<EOF
+          👋 Hello developer! The SemVer information that you declared in the prdoc file did not match what the CI detected.
+
+          Please check the output above and see the following links for more help:
+          - https://github.com/paritytech/polkadot-sdk/blob/master/docs/contributor/prdoc.md#record-semver-changes
+          - https://forum.polkadot.network/t/psa-polkadot-sdk-to-use-semver
+
+          Otherwise feel free to ask in the Merge Request or in Matrix chat.
+          EOF
+
+            exit 1
+          fi
+        env:
+          PR: ${{ github.event.pull_request.number }}
diff --git a/.github/workflows/claim-crates.yml b/.github/workflows/claim-crates.yml
@@ -18,9 +18,9 @@ jobs:
           cache-on-failure: true
 
       - name: install parity-publish
-        run: cargo install parity-publish@0.3.0
+        run: cargo install parity-publish@0.5.1
 
       - name: parity-publish claim
         env:
           PARITY_PUBLISH_CRATESIO_TOKEN: ${{ secrets.CRATESIO_PUBLISH_CLAIM_TOKEN }}
-        run: parity-publish claim
+        run: parity-publish --color always claim
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/bridges/modules/grandpa/src/call_ext.rs b/bridges/modules/grandpa/src/call_ext.rs
@@ -148,8 +148,13 @@ impl<T: Config<I>, I: 'static> SubmitFinalityProofHelper<T, I> {
 			}
 		}
 
-		// we do not check whether the header matches free submission criteria here - it is the
-		// relayer responsibility to check that
+		// let's also check whether the header submission fits the hardcoded limits. A normal
+		// relayer would check that before submitting a transaction (since limits are constants
+		// and do not depend on a volatile runtime state), but the ckeck itself is cheap, so
+		// let's do it here too
+		if !call_info.fits_limits() {
+			return Err(Error::<T, I>::HeaderOverflowLimits);
+		}
 
 		Ok(improved_by)
 	}
@@ -468,6 +473,64 @@ mod tests {
 		})
 	}
 
+	#[test]
+	fn extension_rejects_new_header_if_it_overflow_size_limits() {
+		run_test(|| {
+			let mut large_finality_target = test_header(10 + FreeHeadersInterval::get() as u64);
+			large_finality_target
+				.digest_mut()
+				.push(DigestItem::Other(vec![42u8; 1024 * 1024]));
+			let justification_params = JustificationGeneratorParams {
+				header: large_finality_target.clone(),
+				..Default::default()
+			};
+			let large_justification = make_justification_for_header(justification_params);
+
+			let bridge_grandpa_call = crate::Call::<TestRuntime, ()>::submit_finality_proof_ex {
+				finality_target: Box::new(large_finality_target),
+				justification: large_justification,
+				current_set_id: 0,
+				is_free_execution_expected: true,
+			};
+			sync_to_header_10();
+
+			// if overflow size limits => Err
+			FreeHeadersRemaining::<TestRuntime, ()>::put(2);
+			assert!(RuntimeCall::check_obsolete_submit_finality_proof(&RuntimeCall::Grandpa(
+				bridge_grandpa_call.clone(),
+			),)
+			.is_err());
+		})
+	}
+
+	#[test]
+	fn extension_rejects_new_header_if_it_overflow_weight_limits() {
+		run_test(|| {
+			let finality_target = test_header(10 + FreeHeadersInterval::get() as u64);
+			let justification_params = JustificationGeneratorParams {
+				header: finality_target.clone(),
+				ancestors: TestBridgedChain::REASONABLE_HEADERS_IN_JUSTIFICATION_ANCESTRY,
+				..Default::default()
+			};
+			let justification = make_justification_for_header(justification_params);
+
+			let bridge_grandpa_call = crate::Call::<TestRuntime, ()>::submit_finality_proof_ex {
+				finality_target: Box::new(finality_target),
+				justification,
+				current_set_id: 0,
+				is_free_execution_expected: true,
+			};
+			sync_to_header_10();
+
+			// if overflow weight limits => Err
+			FreeHeadersRemaining::<TestRuntime, ()>::put(2);
+			assert!(RuntimeCall::check_obsolete_submit_finality_proof(&RuntimeCall::Grandpa(
+				bridge_grandpa_call.clone(),
+			),)
+			.is_err());
+		})
+	}
+
 	#[test]
 	fn extension_rejects_new_header_if_free_execution_is_requested_and_improved_by_is_below_expected(
 	) {

diff --git a/bridges/modules/grandpa/src/lib.rs b/bridges/modules/grandpa/src/lib.rs
@@ -504,6 +504,9 @@ pub mod pallet {
 		/// The submitter wanted free execution, but the difference between best known and
 		/// bundled header numbers is below the `FreeHeadersInterval`.
 		BelowFreeHeaderInterval,
+		/// The header (and its finality) submission overflows hardcoded chain limits: size
+		/// and/or weight are larger than expected.
+		HeaderOverflowLimits,
 	}
 
 	/// Called when new free header is imported.