From c97f64191e2a86f2c8b7d218f78319672278dd5a Mon Sep 17 00:00:00 2001 From: Eric Swanson <64809312+ericswanson-dfinity@users.noreply.github.com> Date: Fri, 15 Nov 2024 09:38:37 -0800 Subject: [PATCH 1/8] chore: Update changelog for dfx 0.24.3 release (#3986) --- CHANGELOG.md | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f62628890..8740bce112 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,19 +2,12 @@ # UNRELEASED +# 0.24.3 + ### feat: Bitcoin support in PocketIC `dfx start --pocketic` is now compatible with `--bitcoin-node` and `--enable-bitcoin`. -### feat: all commands will use the DFX_NETWORK from the environment - -If `DFX_NETWORK` is set in the environment, all commands will use that network by default. -The `--network` parameter will take precedence if provided. - -### fix: dfx generate now honors the --network parameter -This fixes an issue where `dfx deploy --playground` would fail if the project -had not been previously built for the local network. - ### feat: facade pull ICP, ckBTC, ckETH ledger canisters The ledger canisters can be pulled even though they are not really "pullable". From fc14680e3ca872ddf8c82979960e17d3906b14cd Mon Sep 17 00:00:00 2001 From: Eric Swanson <64809312+ericswanson-dfinity@users.noreply.github.com> Date: Mon, 18 Nov 2024 07:52:38 -0800 Subject: [PATCH 2/8] test: extension commands with extension defined canister type (#4000) Also use newer nns extension version Part of https://dfinity.atlassian.net/browse/SDK-1832 --- e2e/tests-dfx/cycles-ledger.bash | 2 +- e2e/tests-dfx/extension.bash | 54 ++++++++++++++++++++++++++++++-- 2 files changed, 52 insertions(+), 4 deletions(-) diff --git a/e2e/tests-dfx/cycles-ledger.bash b/e2e/tests-dfx/cycles-ledger.bash index 481923ec32..7c20cbf057 100644 --- a/e2e/tests-dfx/cycles-ledger.bash +++ b/e2e/tests-dfx/cycles-ledger.bash @@ -25,7 +25,7 @@ teardown() { start_and_install_nns() { dfx_start_for_nns_install - dfx extension install nns --version 0.4.3 + dfx extension install nns --version 0.4.7 dfx nns install --ledger-accounts "$(dfx ledger account-id --identity cycle-giver)" } diff --git a/e2e/tests-dfx/extension.bash b/e2e/tests-dfx/extension.bash index 0b56c07240..7aa52b2122 100644 --- a/e2e/tests-dfx/extension.bash +++ b/e2e/tests-dfx/extension.bash @@ -14,6 +14,54 @@ teardown() { standard_teardown } +@test "run an extension command with a canister type defined by another extension" { + install_shared_asset subnet_type/shared_network_settings/system + dfx_start_for_nns_install + + install_asset wasm/identity + CACHE_DIR=$(dfx cache show) + mkdir -p "$CACHE_DIR"/extensions/embera + cat > "$CACHE_DIR"/extensions/embera/extension.json < dfx.json < Date: Mon, 18 Nov 2024 11:02:21 -0800 Subject: [PATCH 3/8] feat: Update dfx project creation output (#4001) * remove dfinity logo when dfx new * CREATE log at trace level * simplify welcome message * wording: Creating git repo -> Initializing --- src/dfx/assets/dfinity-color-xterm256.aart | 16 ---------------- src/dfx/assets/dfinity-color.aart | 16 ---------------- src/dfx/assets/dfinity-nocolor.aart | 20 -------------------- src/dfx/assets/welcome.txt | 22 ---------------------- src/dfx/src/commands/new.rs | 22 ++++++++++++---------- src/dfx/src/util/assets.rs | 14 -------------- 6 files changed, 12 insertions(+), 98 deletions(-) delete mode 100644 src/dfx/assets/dfinity-color-xterm256.aart delete mode 100644 src/dfx/assets/dfinity-color.aart delete mode 100644 src/dfx/assets/dfinity-nocolor.aart delete mode 100644 src/dfx/assets/welcome.txt diff --git a/src/dfx/assets/dfinity-color-xterm256.aart b/src/dfx/assets/dfinity-color-xterm256.aart deleted file mode 100644 index 0637491adb..0000000000 --- a/src/dfx/assets/dfinity-color-xterm256.aart +++ /dev/null @@ -1,16 +0,0 @@ -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -                                                              -  diff --git a/src/dfx/assets/dfinity-color.aart b/src/dfx/assets/dfinity-color.aart deleted file mode 100644 index daae6d7392..0000000000 --- a/src/dfx/assets/dfinity-color.aart +++ /dev/null @@ -1,16 +0,0 @@ -        ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄                ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄        -      ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄          ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄     -    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   -   ▄▄▄▄▄▄▄▄▄▄▀▀▀▀▀▄▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄▄▀▀▀▀▀▀▄▄▄▄▄▄▄▄▄▄  -  ▄▄▄▄▄▄▄▄▀         ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀         ▀▄▄▄▄▄▄▄▄▄ - ▄▄▄▄▄▄▄▄▀            ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀             ▄▄▄▄▄▄▄▄ - ▄▄▄▄▄▄▄▄               ▀▄▄▄▄▄▄▄▄▄▄▄▄▀                ▄▄▄▄▄▄▄ - ▄▄▄▄▄▄▄▄                ▄▄▄▄▄▄▄▄▄▄▄▄                 ▄▄▄▄▄▄▄ - ▄▄▄▄▄▄▄▄               ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄              ▄▄▄▄▄▄▄▄ -  ▄▄▄▄▄▄▄▄           ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄          ▄▄▄▄▄▄▄▄▀ -  ▀▄▄▄▄▄▄▄▄▄▄     ▄▄▄▄▄▄▄▄▄▄▄▄▀ ▀▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄  -   ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀     ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀   -     ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀         ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄     -       ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀             ▀▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀       -          ▀▀▀▀▀▀▀▀▀▀▀                    ▀▀▀▀▀▀▀▀▀▀▀          -  diff --git a/src/dfx/assets/dfinity-nocolor.aart b/src/dfx/assets/dfinity-nocolor.aart deleted file mode 100644 index e57da0e4dc..0000000000 --- a/src/dfx/assets/dfinity-nocolor.aart +++ /dev/null @@ -1,20 +0,0 @@ - - 8HG5yoXWQ Q#DXZG$b%Q - Rf^_.--..----.'=fR 0ol!~~~~~~~~~:~>fb - Qz:---------..------._)W R{;~~~~~~~~~~~:,____'_]% - Q)'._~!++=+;!!~_--------..~y X^~~~~~~~~~~!+;~___'''''.-r& - H,~>)TTv)f6& Q2*_--.-----_}Q Qy;~~~~~~~~*40 go^'..-````y - k=)TTTv)5Q bi'.------'{ y!~~~~~~~^2Q Q/-``` c - Q)]TT))/b Q{_-------_!~~~~~~~>q $- K - ATvv)/iS C_------.'_~~~z Z!,,,_'-------.=b ] ^ - ]*<>>rry Qy!,,,,,,,^<.-------!$ v `% - Qi>rr^^=.-------_vb y' .H - Q]^^=+++;=JZRQ %X]!,,,,,,,,=X R>.-------._*S% Q&Df=` ``~R - q<+;!!!!~~~~~~:,,,,,,,,,:'--.-------------.;G - Wyi+~:,,,,,,~>zqQ bz^_.------._=c$Q - QQ8#8Q Q#WRBQ - diff --git a/src/dfx/assets/welcome.txt b/src/dfx/assets/welcome.txt deleted file mode 100644 index e14d0176d8..0000000000 --- a/src/dfx/assets/welcome.txt +++ /dev/null @@ -1,22 +0,0 @@ - -=============================================================================== - Welcome to the internet computer developer community! - You're using dfx {0} - -{1} - -To learn more before you start coding, see the documentation available online: - -- Quick Start: https://internetcomputer.org/docs/current/tutorials/deploy_sample_app -- SDK Developer Tools: https://internetcomputer.org/docs/current/developer-docs/setup/install/ -- Motoko Language Guide: https://internetcomputer.org/docs/current/motoko/main/about-this-guide -- Motoko Quick Reference: https://internetcomputer.org/docs/current/motoko/main/language-manual -- Rust CDK Guide: https://internetcomputer.org/docs/current/developer-docs/backend/rust/ - -If you want to work on programs right away, try the following commands to get started: - - cd {2} - dfx help - dfx new --help - -=============================================================================== diff --git a/src/dfx/src/commands/new.rs b/src/dfx/src/commands/new.rs index 412d8269f3..08e67b7256 100644 --- a/src/dfx/src/commands/new.rs +++ b/src/dfx/src/commands/new.rs @@ -21,7 +21,7 @@ use dialoguer::{FuzzySelect, MultiSelect}; use fn_error_context::context; use indicatif::HumanBytes; use semver::Version; -use slog::{info, warn, Logger}; +use slog::{info, trace, warn, Logger}; use std::collections::{BTreeMap, HashMap}; use std::io::{self, IsTerminal, Read}; use std::path::{Path, PathBuf}; @@ -130,7 +130,7 @@ pub fn create_file(log: &Logger, path: &Path, content: &[u8], dry_run: bool) -> .with_context(|| format!("Failed to write to {}.", path.to_string_lossy()))?; } - info!(log, "{}", Status::Create(path, content.len())); + trace!(log, "{}", Status::Create(path, content.len())); Ok(()) } @@ -184,7 +184,7 @@ pub fn create_dir>(log: &Logger, path: P, dry_run: bool) -> DfxRe .with_context(|| format!("Failed to create directory {}.", path.to_string_lossy()))?; } - info!(log, "{}", Status::CreateDir(path)); + trace!(log, "{}", Status::CreateDir(path)); Ok(()) } @@ -198,7 +198,7 @@ pub fn init_git(log: &Logger, project_name: &Path) -> DfxResult { .status(); if init_status.is_ok() && init_status.unwrap().success() { - info!(log, "Creating git repository..."); + info!(log, "Initializing git repository..."); std::process::Command::new("git") .arg("add") .current_dir(project_name) @@ -558,12 +558,14 @@ pub fn exec(env: &dyn Environment, mut opts: NewOpts) -> DfxResult { // Print welcome message. info!( log, - // This needs to be included here because we cannot use the result of a function for - // the format!() rule (and so it cannot be moved in the util::assets module). - include_str!("../../assets/welcome.txt"), - version_str, - assets::dfinity_logo(), - project_name_str + "=============================================================================== + Welcome to the internet computer developer community! + +To learn more before you start coding, check out the developer docs and samples: + +- Documentation: https://internetcomputer.org/docs/current/developer-docs +- Samples: https://internetcomputer.org/samples +===============================================================================" ); Ok(()) diff --git a/src/dfx/src/util/assets.rs b/src/dfx/src/util/assets.rs index 87ab80a8ff..aa6d032236 100644 --- a/src/dfx/src/util/assets.rs +++ b/src/dfx/src/util/assets.rs @@ -6,20 +6,6 @@ use std::io::Read; include!(concat!(env!("OUT_DIR"), "/load_assets.rs")); -pub fn dfinity_logo() -> String { - let colors = supports_color::on(supports_color::Stream::Stdout); - if let Some(colors) = colors { - //Some terminals, notably MacOS's Terminal.app, do not support Truecolor (RGB-colored characters) properly. - //Therefore we use xterm256 coloring when the program is running in such a terminal. - if colors.has_16m { - return include_str!("../../assets/dfinity-color.aart").to_string(); - } else if colors.has_256 { - return include_str!("../../assets/dfinity-color-xterm256.aart").to_string(); - } - } - include_str!("../../assets/dfinity-nocolor.aart").to_string() -} - #[context("Failed to load wallet wasm.")] pub fn wallet_wasm(logger: &slog::Logger) -> DfxResult> { if let Ok(dfx_wallet_wasm) = std::env::var("DFX_WALLET_WASM") { From ea6fd5d7c63c035b5a39034203a8b22063341aaa Mon Sep 17 00:00:00 2001 From: Linwei Shang Date: Mon, 18 Nov 2024 13:33:27 -0800 Subject: [PATCH 4/8] chore: update log related to dfx generate (#4004) * trace log when generating type instead of eprintln * debug log when frontend build succeed instead of warning * fmt --- src/dfx/src/commands/generate.rs | 2 +- src/dfx/src/lib/builders/assets.rs | 6 +++++- src/dfx/src/lib/builders/mod.rs | 15 +++++++++------ src/dfx/src/lib/models/canister.rs | 10 ++++++++-- 4 files changed, 23 insertions(+), 10 deletions(-) diff --git a/src/dfx/src/commands/generate.rs b/src/dfx/src/commands/generate.rs index 840958162d..2844db9443 100644 --- a/src/dfx/src/commands/generate.rs +++ b/src/dfx/src/commands/generate.rs @@ -77,7 +77,7 @@ pub fn exec(env: &dyn Environment, opts: GenerateOpts) -> DfxResult { } for canister in canister_pool_load.canisters_to_build(&generate_config) { - canister.generate(&canister_pool_load, &generate_config)?; + canister.generate(log, &canister_pool_load, &generate_config)?; } Ok(()) diff --git a/src/dfx/src/lib/builders/assets.rs b/src/dfx/src/lib/builders/assets.rs index 5860cbb8a0..46a6a636ae 100644 --- a/src/dfx/src/lib/builders/assets.rs +++ b/src/dfx/src/lib/builders/assets.rs @@ -239,7 +239,11 @@ fn build_frontend( ))); } else if !output.stderr.is_empty() { // Cannot use eprintln, because it would interfere with the progress bar. - slog::warn!(logger, "{}", String::from_utf8_lossy(&output.stderr)); + slog::debug!( + logger, + "Frontend build succeed:\n{}", + String::from_utf8_lossy(&output.stderr) + ); } } Ok(()) diff --git a/src/dfx/src/lib/builders/mod.rs b/src/dfx/src/lib/builders/mod.rs index 0344c27b0e..78b1c0974f 100644 --- a/src/dfx/src/lib/builders/mod.rs +++ b/src/dfx/src/lib/builders/mod.rs @@ -12,6 +12,7 @@ use dfx_core::network::provider::get_network_context; use dfx_core::util; use fn_error_context::context; use handlebars::Handlebars; +use slog::{trace, Logger}; use std::borrow::Cow; use std::collections::BTreeMap; use std::ffi::OsStr; @@ -94,6 +95,7 @@ pub trait CanisterBuilder { /// Generate type declarations for the canister fn generate( &self, + logger: &Logger, pool: &CanisterPool, info: &CanisterInfo, config: &BuildConfig, @@ -137,8 +139,9 @@ pub trait CanisterBuilder { return Ok(()); } - eprintln!( - "Generating type declarations for canister {}:", + trace!( + logger, + "Generating type declarations for canister {}", &info.get_name() ); @@ -172,7 +175,7 @@ pub trait CanisterBuilder { output_did_ts_path.to_string_lossy() ) })?; - eprintln!(" {}", &output_did_ts_path.display()); + trace!(logger, " {}", &output_did_ts_path.display()); compile_handlebars_files("ts", info, generate_output_dir)?; } @@ -191,7 +194,7 @@ pub trait CanisterBuilder { output_did_js_path.to_string_lossy() ) })?; - eprintln!(" {}", &output_did_js_path.display()); + trace!(logger, " {}", &output_did_js_path.display()); compile_handlebars_files("js", info, generate_output_dir)?; } @@ -206,7 +209,7 @@ pub trait CanisterBuilder { std::fs::write(&output_mo_path, content).with_context(|| { format!("Failed to write to {}.", output_mo_path.to_string_lossy()) })?; - eprintln!(" {}", &output_mo_path.display()); + trace!(logger, " {}", &output_mo_path.display()); } // Candid @@ -216,7 +219,7 @@ pub trait CanisterBuilder { .with_extension("did"); dfx_core::fs::copy(&did_from_build, &output_did_path)?; dfx_core::fs::set_permissions_readwrite(&output_did_path)?; - eprintln!(" {}", &output_did_path.display()); + trace!(logger, " {}", &output_did_path.display()); } Ok(()) diff --git a/src/dfx/src/lib/models/canister.rs b/src/dfx/src/lib/models/canister.rs index c49e54c2d1..77667e95e3 100644 --- a/src/dfx/src/lib/models/canister.rs +++ b/src/dfx/src/lib/models/canister.rs @@ -104,8 +104,14 @@ impl Canister { } #[context("Failed while trying to generate type declarations for '{}'.", self.info.get_name())] - pub fn generate(&self, pool: &CanisterPool, build_config: &BuildConfig) -> DfxResult { - self.builder.generate(pool, &self.info, build_config) + pub fn generate( + &self, + logger: &Logger, + pool: &CanisterPool, + build_config: &BuildConfig, + ) -> DfxResult { + self.builder + .generate(logger, pool, &self.info, build_config) } #[context("Failed to post-process wasm of canister '{}'.", self.info.get_name())] From a5e8144c4e8fd0a30fd8f4e05a0c7c50281a3584 Mon Sep 17 00:00:00 2001 From: mraszyk <31483726+mraszyk@users.noreply.github.com> Date: Wed, 20 Nov 2024 11:48:44 +0100 Subject: [PATCH 5/8] fix: address already in use error in dfx start (#4006) * fix: address already in use error in dfx start * unused dependency * lint --- Cargo.lock | 1 - src/dfx/Cargo.toml | 1 - src/dfx/src/util/mod.rs | 17 +---------------- 3 files changed, 1 insertion(+), 18 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index bf50fb84af..8acb851d04 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1590,7 +1590,6 @@ dependencies = [ "slog", "slog-async", "slog-term", - "socket2 0.5.7", "supports-color", "sysinfo", "tar", diff --git a/src/dfx/Cargo.toml b/src/dfx/Cargo.toml index 91ef990def..34a0f5480b 100644 --- a/src/dfx/Cargo.toml +++ b/src/dfx/Cargo.toml @@ -104,7 +104,6 @@ shell-words = "1.1.0" slog = { workspace = true, features = ["max_level_trace"] } slog-async.workspace = true slog-term.workspace = true -socket2 = "0.5.5" supports-color = "2.1.0" sysinfo = "0.28.4" tar.workspace = true diff --git a/src/dfx/src/util/mod.rs b/src/dfx/src/util/mod.rs index 073c4c5e14..c338b72d08 100644 --- a/src/dfx/src/util/mod.rs +++ b/src/dfx/src/util/mod.rs @@ -15,7 +15,6 @@ use idl2json::{idl2json, Idl2JsonOptions}; use num_traits::FromPrimitive; use reqwest::{Client, StatusCode, Url}; use rust_decimal::Decimal; -use socket2::{Domain, Socket}; use std::collections::BTreeMap; use std::io::{stderr, stdin, stdout, IsTerminal, Read}; use std::net::{IpAddr, SocketAddr, TcpListener}; @@ -35,22 +34,8 @@ const DECIMAL_POINT: char = '.'; // thus, we need to recreate SocketAddr with the kernel-provided dynamically allocated port here. #[context("Failed to find available socket address")] pub fn get_reusable_socket_addr(ip: IpAddr, port: u16) -> DfxResult { - let socket = if ip.is_ipv4() { - Socket::new(Domain::IPV4, socket2::Type::STREAM, None) - .context("Failed to create IPv4 socket.")? - } else { - Socket::new(Domain::IPV6, socket2::Type::STREAM, None) - .context("Failed to create IPv6 socket.")? - }; - socket - .set_linger(Some(Duration::from_secs(10))) - .context("Failed to set linger duration of tcp listener.")?; - socket - .bind(&SocketAddr::new(ip, port).into()) + let listener = TcpListener::bind(SocketAddr::new(ip, port)) .with_context(|| format!("Failed to bind socket to {}:{}.", ip, port))?; - socket.listen(128).context("Failed to listen on socket.")?; - - let listener: TcpListener = socket.into(); listener .local_addr() .context("Failed to fetch local address.") From 06afa6f6da401412c03dc2fe29d2f19d76760e9f Mon Sep 17 00:00:00 2001 From: Linwei Shang Date: Wed, 20 Nov 2024 10:55:53 -0500 Subject: [PATCH 6/8] feat: error when using insecure identity on mainnet (#4005) * error when using insecure identity on mainnet no warning on non-mainnet (playground, local replica) * changelog * surpress the error in irrelevant tests * fix typo --- CHANGELOG.md | 8 ++++++++ e2e/tests-dfx/canister_url.bash | 6 ++++-- e2e/tests-dfx/fabricate_cycles.bash | 2 ++ e2e/tests-dfx/identity.bash | 12 ++++++------ e2e/tests-dfx/network.bash | 8 ++++---- e2e/tests-dfx/sign_send.bash | 3 ++- src/dfx/src/lib/environment.rs | 22 +++++++++++++++++----- 7 files changed, 43 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8740bce112..a3ed50fef1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ # UNRELEASED +### feat: error when using insecure identity on mainnet + +This used to be a warning. A hard error can abort the command so that no insecure state will be on the mainnet. + +Users can surpress this error by setting `export DFX_WARNING=-mainnet_plaintext_identity`. + +The warning won't display when executing commands like `dfx deploy --playground`. + # 0.24.3 ### feat: Bitcoin support in PocketIC diff --git a/e2e/tests-dfx/canister_url.bash b/e2e/tests-dfx/canister_url.bash index 974c64627e..cd5f6f03d3 100644 --- a/e2e/tests-dfx/canister_url.bash +++ b/e2e/tests-dfx/canister_url.bash @@ -4,7 +4,9 @@ load ../utils/_ setup() { standard_setup - + # some of the tests run on mainnet with default plaintext identity + # so we need to set this to avoid the error + export DFX_WARNING=-mainnet_plaintext_identity dfx_new_assets hello } @@ -58,7 +60,7 @@ teardown() { echo "{}" > canister_ids.json jq '.hello_frontend.ic = "qsgof-4qaaa-aaaan-qekqq-cai"' canister_ids.json | sponge canister_ids.json frontend_id=$(dfx canister id hello_frontend --ic) - + assert_command dfx canister url hello_frontend --ic assert_match "https://${frontend_id}.icp0.io" diff --git a/e2e/tests-dfx/fabricate_cycles.bash b/e2e/tests-dfx/fabricate_cycles.bash index 82f5c61da5..6d811adb03 100644 --- a/e2e/tests-dfx/fabricate_cycles.bash +++ b/e2e/tests-dfx/fabricate_cycles.bash @@ -39,6 +39,8 @@ teardown() { @test "ledger fabricate-cycles fails on real IC" { install_asset greet + # without DFX_WARNING, the command would fail with different error (Failed to create AgentEnvironment...) + export DFX_WARNING=-mainnet_plaintext_identity assert_command_fail dfx ledger fabricate-cycles --all --network ic assert_match "Cannot run this on the real IC." assert_command_fail dfx ledger fabricate-cycles --all --ic diff --git a/e2e/tests-dfx/identity.bash b/e2e/tests-dfx/identity.bash index 291b720906..a6f8568e3a 100644 --- a/e2e/tests-dfx/identity.bash +++ b/e2e/tests-dfx/identity.bash @@ -186,15 +186,15 @@ teardown() { assert_eq '(blob "hello")' "$stdout" } -@test "using an unencrypted identity on mainnet provokes a warning" { - assert_command dfx ledger balance --network ic - assert_match "WARN: The default identity is not stored securely." "$stderr" +@test "using an unencrypted identity on mainnet provokes a hard error which can be suppressed" { + assert_command_fail dfx ledger balance --network ic + assert_match "The default identity is not stored securely." "$stderr" assert_command "${BATS_TEST_DIRNAME}/../assets/expect_scripts/init_alice_with_pw.exp" assert_command "${BATS_TEST_DIRNAME}/../assets/expect_scripts/get_ledger_balance.exp" dfx identity new bob --storage-mode plaintext - assert_command dfx ledger balance --network ic --identity bob - assert_match "WARN: The bob identity is not stored securely." "$stderr" - + assert_command_fail dfx ledger balance --network ic --identity bob + assert_match "The bob identity is not stored securely." "$stderr" + # can suppress the error export DFX_WARNING=-mainnet_plaintext_identity assert_command dfx ledger balance --network ic --identity bob assert_not_contains "not stored securely" "$stderr" diff --git a/e2e/tests-dfx/network.bash b/e2e/tests-dfx/network.bash index dcb12ac8da..857c3dfedc 100644 --- a/e2e/tests-dfx/network.bash +++ b/e2e/tests-dfx/network.bash @@ -99,13 +99,13 @@ teardown() { assert_command_fail dfx diagnose --network ic assert_contains "The test_id identity is not stored securely." - assert_contains "use it in mainnet-facing commands" - assert_contains "No wallet found; nothing to do" + assert_contains "in mainnet-facing commands" + assert_contains "you can suppress this warning" assert_command_fail dfx diagnose --ic assert_contains "The test_id identity is not stored securely." - assert_contains "use it in mainnet-facing commands" - assert_contains "No wallet found; nothing to do" + assert_contains "in mainnet-facing commands" + assert_contains "you can suppress this warning" assert_command dfx diagnose assert_not_contains "identity is not stored securely" diff --git a/e2e/tests-dfx/sign_send.bash b/e2e/tests-dfx/sign_send.bash index b266510a1e..5a828eb052 100644 --- a/e2e/tests-dfx/sign_send.bash +++ b/e2e/tests-dfx/sign_send.bash @@ -44,7 +44,8 @@ teardown() { cd "$E2E_TEMP_DIR" mkdir not-a-project-dir cd not-a-project-dir - + # suppress the error + export DFX_WARNING=-mainnet_plaintext_identity assert_command dfx canister sign --query rwlgt-iiaaa-aaaaa-aaaaa-cai read --network ic assert_match "Query message generated at \[message.json\]" } diff --git a/src/dfx/src/lib/environment.rs b/src/dfx/src/lib/environment.rs index 5b9ecc4881..6962f5d975 100644 --- a/src/dfx/src/lib/environment.rs +++ b/src/dfx/src/lib/environment.rs @@ -3,12 +3,12 @@ use crate::config::dfx_version; use crate::lib::error::DfxResult; use crate::lib::progress_bar::ProgressBar; use crate::lib::warning::{is_warning_disabled, DfxWarning::MainnetPlainTextIdentity}; -use anyhow::anyhow; +use anyhow::{anyhow, bail}; use candid::Principal; use dfx_core::config::cache::Cache; use dfx_core::config::model::canister_id_store::CanisterIdStore; use dfx_core::config::model::dfinity::{Config, NetworksConfig}; -use dfx_core::config::model::network_descriptor::NetworkDescriptor; +use dfx_core::config::model::network_descriptor::{NetworkDescriptor, NetworkTypeDescriptor}; use dfx_core::error::canister_id_store::CanisterIdStoreError; use dfx_core::error::identity::NewIdentityManagerError; use dfx_core::error::load_dfx_config::LoadDfxConfigError; @@ -17,7 +17,7 @@ use dfx_core::identity::identity_manager::{IdentityManager, InitializeIdentity}; use fn_error_context::context; use ic_agent::{Agent, Identity}; use semver::Version; -use slog::{warn, Logger, Record}; +use slog::{Logger, Record}; use std::borrow::Cow; use std::cell::RefCell; use std::path::PathBuf; @@ -288,11 +288,23 @@ impl<'a> AgentEnvironment<'a> { identity_manager.instantiate_selected_identity(&logger)? }; if network_descriptor.is_ic + && !matches!( + network_descriptor.r#type, + NetworkTypeDescriptor::Playground { .. } + ) && identity.insecure && !is_warning_disabled(MainnetPlainTextIdentity) { - warn!(logger, "The {} identity is not stored securely. Do not use it to control a lot of cycles/ICP. Create a new identity with `dfx identity new` \ - and use it in mainnet-facing commands with the `--identity` flag", identity.name()); + bail!( + "The {} identity is not stored securely. Do not use it to control a lot of cycles/ICP. +- For enhanced security, create a new identity using the command: + dfx identity new + Then, specify the new identity in mainnet-facing commands with the `--identity` flag. +- If you understand the risks and still wish to use the insecure plaintext identity, you can suppress this warning by running: + export DFX_WARNING=-mainnet_plaintext_identity + After setting this environment variable, re-run the command.", + identity.name() + ); } let url = network_descriptor.first_provider()?; let effective_canister_id = if let Some(d) = &network_descriptor.local_server_descriptor { From dd85c4e12640b12fd7519d39c307102d94fdf3cd Mon Sep 17 00:00:00 2001 From: mraszyk <31483726+mraszyk@users.noreply.github.com> Date: Wed, 20 Nov 2024 22:44:03 +0100 Subject: [PATCH 7/8] chore: stop HTTP gateway gracefully (#4009) * chore: stop HTTP gateway gracefully * windows --- src/dfx/src/actors/pocketic_proxy.rs | 60 ++++++++++++++++++++-------- 1 file changed, 44 insertions(+), 16 deletions(-) diff --git a/src/dfx/src/actors/pocketic_proxy.rs b/src/dfx/src/actors/pocketic_proxy.rs index b41a04454f..8d5cc16526 100644 --- a/src/dfx/src/actors/pocketic_proxy.rs +++ b/src/dfx/src/actors/pocketic_proxy.rs @@ -284,23 +284,26 @@ fn pocketic_proxy_start_thread( } } }; - if let Err(e) = initialize_gateway( + let instance = match initialize_gateway( format!("http://localhost:{port}").parse().unwrap(), replica_url.clone(), domains.clone(), address, logger.clone(), ) { - error!(logger, "Failed to initialize HTTP gateway: {e:#}"); - let _ = child.kill(); - let _ = child.wait(); - if receiver.try_recv().is_ok() { - debug!(logger, "Got signal to stop."); - break; - } else { - continue; + Err(e) => { + error!(logger, "Failed to initialize HTTP gateway: {e:#}"); + let _ = child.kill(); + let _ = child.wait(); + if receiver.try_recv().is_ok() { + debug!(logger, "Got signal to stop."); + break; + } else { + continue; + } } - } + Ok(i) => i, + }; info!(logger, "Replica API running on {address}"); // Send PocketIcProxyReadySignal to PocketIcProxy. @@ -314,6 +317,9 @@ fn pocketic_proxy_start_thread( logger, "Got signal to stop. Killing pocket-ic gateway process..." ); + if let Err(e) = shutdown_pocketic_proxy(port, instance, logger.clone()) { + error!(logger, "Error shutting down PocketIC gracefully: {e}"); + } let _ = child.kill(); let _ = child.wait(); break; @@ -349,7 +355,7 @@ async fn initialize_gateway( domains: Option>, addr: SocketAddr, logger: Logger, -) -> DfxResult { +) -> DfxResult { use pocket_ic::common::rest::{ CreateHttpGatewayResponse, HttpGatewayBackend, HttpGatewayConfig, }; @@ -369,11 +375,12 @@ async fn initialize_gateway( .await? .error_for_status()?; let resp = resp.json::().await?; - if let CreateHttpGatewayResponse::Error { message } = resp { - bail!("Gateway init error: {message}") - } + let instance = match resp { + CreateHttpGatewayResponse::Created(info) => info.instance_id, + CreateHttpGatewayResponse::Error { message } => bail!("Gateway init error: {message}"), + }; info!(logger, "Initialized HTTP gateway."); - Ok(()) + Ok(instance) } #[cfg(not(unix))] @@ -383,6 +390,27 @@ fn initialize_gateway( _: Option>, _: SocketAddr, _: Logger, -) -> DfxResult { +) -> DfxResult { bail!("PocketIC gateway not supported on this platform") } + +#[cfg(unix)] +#[tokio::main(flavor = "current_thread")] +async fn shutdown_pocketic_proxy(port: u16, instance: usize, logger: Logger) -> DfxResult { + use reqwest::Client; + let shutdown_client = Client::new(); + debug!(logger, "Sending shutdown request to HTTP gateway"); + shutdown_client + .post(format!( + "http://localhost:{port}/http_gateway/{instance}/stop" + )) + .send() + .await? + .error_for_status()?; + Ok(()) +} + +#[cfg(not(unix))] +fn shutdown_pocketic_proxy(_: u16, _: usize, _: Logger) -> DfxResult { + bail!("PocketIC not supported on this platform") +} From 1c22db89ac1f9f96384902c91aa27bac1c1eff36 Mon Sep 17 00:00:00 2001 From: Severin Siffert Date: Thu, 21 Nov 2024 10:53:50 +0100 Subject: [PATCH 8/8] chore: fix dfx cycles convert docs (#4010) --- docs/cli-reference/dfx-cycles.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/cli-reference/dfx-cycles.mdx b/docs/cli-reference/dfx-cycles.mdx index 788764808e..8982569289 100644 --- a/docs/cli-reference/dfx-cycles.mdx +++ b/docs/cli-reference/dfx-cycles.mdx @@ -18,8 +18,10 @@ The following subcommands are available: | Command | Description | |---------------------------------------|--------------------------------------------------------------------------------------| +| [`approve`](#dfx-cycles-approve) | Approves a principal to spend cycles on your behalf. | | [`balance`](#dfx-cycles-balance) | Prints the account balance of the user. | | [`convert`](#dfx-cycles-convert) | Convert some of the user's ICP balance into cycles. | +| [`top-up`](#dfx-cycles-top-up) | Deposit cycles into a canister. | | [`transfer`](#dfx-cycles-transfer) | Send cycles to another account. | | `help` | Displays usage information message for a specified subcommand. | @@ -135,7 +137,7 @@ You can specify the following arguments for the `dfx cycles convert` command. | `--e8s ` | Specify ICP token fractional units—called e8s—as a whole number, where one e8 is the smallest fraction of an ICP token. For example, 1.05000000 is 1 ICP and 5000000 e8s. You can use this option on its own or in conjunction with the `--icp` option. | | `--fee ` | Specify a transaction fee. The default is 10000 e8s. | | `--icp ` | Specify ICP tokens as a whole number. You can use this option on its own or in conjunction with `--e8s`. | -| `--memo ` | Memo used when depositing the minted cycles. | +| `--deposit-memo ` | Memo used when depositing the minted cycles. | | `--to-subaccount ` | Subaccount where the cycles are deposited. | ### Examples