Merge branch 'main' of https://github.com/ZcashFoundation/frost into change-randomizer-generation

Author: conradoplg

.github/dependabot.yml

@@ -3,12 +3,15 @@ updates:
 - package-ecosystem: github-actions
   directory: "/"
   schedule:
-    interval: daily
+    interval: monthly
     timezone: America/New_York
   open-pull-requests-limit: 10
 - package-ecosystem: cargo
   directory: "/"
+  # Update only the lockfile. We shouldn't update Cargo.toml unless it's for
+  # a security issue, or if we need a new feature of the dependency.
+  versioning-strategy: lockfile-only
   schedule:
-    interval: daily
+    interval: monthly
     timezone: America/New_York
   open-pull-requests-limit: 10

.github/workflows/coverage.yaml

@@ -23,16 +23,13 @@ jobs:
       RUST_BACKTRACE: full
 
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
 
-      - uses: actions-rs/toolchain@v1.0.7
+      - uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: stable
-          override: true
-          profile: minimal
-          components: llvm-tools-preview
+          components: llvm-tools
 
       - name: Install cargo-llvm-cov cargo command
         run: cargo install cargo-llvm-cov
@@ -44,4 +41,4 @@ jobs:
         run: cargo llvm-cov report --lcov --ignore-filename-regex '.*(tests).*|benches.rs|gencode|helpers.rs|interoperability_tests.rs' --output-path lcov.info
 
       - name: Upload coverage report to Codecov
-        uses: codecov/codecov-action@v4.5.0
+        uses: codecov/codecov-action@v5.5.1

.github/workflows/docs.yml

@@ -36,16 +36,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the source code
-        uses: actions/checkout@v4.1.7
+        uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
 
       - name: Install latest beta
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: beta
-          components: rust-docs
-          override: true
+        uses: dtolnay/rust-toolchain@beta
 
       - uses: Swatinem/rust-cache@v2
 

.github/workflows/main.yml

@@ -9,27 +9,30 @@ on:
       - main
 
 jobs:
-
   build_default:
     name: build with default features
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.7
-      - uses: actions-rs/toolchain@v1.0.7
-        with:
-          toolchain: beta
-          override: true
-      - uses: actions-rs/cargo@v1.0.3
-        with:
-          command: build
+      - uses: actions/checkout@v6.0.0
+      - uses: dtolnay/rust-toolchain@beta
+      - run: cargo build
+
+  build_latest:
+    name: build with latest versions of dependencies
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v6.0.0
+      - uses: dtolnay/rust-toolchain@stable
+      - run: cargo update && cargo build --all-features
 
   build_msrv:
-    name: build with MSRV (1.66.1)
+    name: build with MSRV (1.81)
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v6.0.0
       # Re-resolve Cargo.lock with minimal versions.
       # This only works with nightly. We pin to a specific version because
       # newer versions use lock file version 4, but the MSRV cargo does not
@@ -40,7 +43,7 @@ jobs:
       - run: cargo update -Z minimal-versions
       # Now check that `cargo build` works with respect to the oldest possible
       # deps and the stated MSRV
-      - uses: dtolnay/rust-toolchain@1.66.1
+      - uses: dtolnay/rust-toolchain@1.81
       - run: cargo build --all-features
 
   # TODO: this is filling up the disk space in CI. See if there is a way to
@@ -51,7 +54,7 @@ jobs:
   #   runs-on: ubuntu-latest
 
   #   steps:
-  #     - uses: actions/checkout@v4.1.7
+  #     - uses: actions/checkout@v6.0.0
   #     - uses: dtolnay/rust-toolchain@stable
   #     - run: cargo install cargo-all-features
   #     # We check and then test because some test dependencies could help
@@ -69,9 +72,9 @@ jobs:
     # Skip ed448 which does not support it.
     strategy:
       matrix:
-        crate: [ristretto255, ed25519, p256, secp256k1, rerandomized]
+        crate: [ristretto255, ed25519, p256, secp256k1, secp256k1-tr, rerandomized]
     steps:
-    - uses: actions/checkout@v4.1.7
+    - uses: actions/checkout@v6.0.0
     - uses: dtolnay/rust-toolchain@master
       with:
         toolchain: stable
@@ -84,29 +87,22 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.7
-      - uses: actions-rs/toolchain@v1.0.7
-        with:
-          toolchain: beta
-          override: true
-      - uses: actions-rs/cargo@v1.0.3
-        with:
-          command: test
-          args: --release --all-features
+      - uses: actions/checkout@v6.0.0
+      - uses: dtolnay/rust-toolchain@beta
+      - run: cargo test --release --all-features
 
   clippy:
     name: Clippy
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
 
-      - uses: actions-rs/toolchain@v1.0.7
+      - uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: stable
-          override: true
+          components: clippy
 
       - name: Check workflow permissions
         id: check_permissions
@@ -117,12 +113,9 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Run clippy action to produce annotations
-        uses: actions-rs/clippy-check@v1.0.7
+        uses: clechasseur/rs-clippy-check@v5
         if: ${{ steps.check_permissions.outputs.has-permission }}
         with:
-          # GitHub displays the clippy job and its results as separate entries
-          name: Clippy (stable) Results
-          token: ${{ secrets.GITHUB_TOKEN }}
           args: --all-features --all-targets -- -D warnings
 
       - name: Run clippy manually without annotations
@@ -134,44 +127,34 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
 
-      - uses: actions-rs/toolchain@v1.0.7
+      - uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: stable
           components: rustfmt
-          override: true
 
       - uses: Swatinem/rust-cache@v2
 
-      - uses: actions-rs/cargo@v1.0.3
-        with:
-          command: fmt
-          args: --all -- --check
+      - run: cargo fmt --all -- --check
 
   gencode:
     name: Check if automatically generated code is up to date
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
 
-      - uses: actions-rs/toolchain@v1.0.7
+      - uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: stable
           components: rustfmt
-          override: true
 
       - uses: Swatinem/rust-cache@v2
 
-      - uses: actions-rs/cargo@v1.0.3
-        with:
-          command: run
-          args: --bin gencode -- --check
+      - run: cargo run --bin gencode -- --check
 
   docs:
     name: Check Rust doc
@@ -180,27 +163,20 @@ jobs:
       RUSTDOCFLAGS: -D warnings
 
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
 
-      - uses: actions-rs/toolchain@v1.0.7
-        with:
-          toolchain: stable
-          profile: minimal
-          override: true
+      - uses: dtolnay/rust-toolchain@stable
 
-      - uses: actions-rs/cargo@v1.0.3
-        with:
-          command: doc
-          args: --no-deps --document-private-items --all-features
+      - run: cargo doc --no-deps --document-private-items --all-features
 
   actionlint:
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
-      - uses: actions/checkout@v4.1.7
-      - uses: reviewdog/action-actionlint@v1.54.0
+      - uses: actions/checkout@v6.0.0
+      - uses: reviewdog/action-actionlint@v1.69.0
         with:
           level: warning
-          fail_on_error: false
+          fail_level: none

.gitignore

@@ -1,6 +1,5 @@
 /target
 **/*.rs.bk
-Cargo.lock
 *~
 **/.DS_Store
 .vscode/*

.mergify.yml

@@ -1,28 +1,32 @@
 queue_rules:
   - name: main
-    allow_inplace_checks: True
-    allow_checks_interruption: True
-    speculative_checks: 1
-    batch_size: 2
-    # Wait for a few minutes to embark 2 tickets together in a merge train
-    batch_max_wait_time: "3 minutes"
-    conditions:
+    queue_conditions:
+      - base=main
+      - -draft
+      - label!=do-not-merge
+    merge_conditions:
       # Mergify automatically applies status check, approval, and conversation rules,
       # which are the same as the GitHub main branch protection rules
       # https://docs.mergify.com/conditions/#about-branch-protection
       - base=main
+    batch_size: 2
+    # Wait for a few minutes to embark 2 tickets together in a merge train
+    batch_max_wait_time: "3 minutes"
+    merge_method: squash
 
 pull_request_rules:
   - name: main queue triggered when CI passes with 1 review
+    conditions: []
+    actions:
+      queue:
+
+priority_rules:
+  - name: Priority rule from queue `main`
     conditions:
-      # This queue handles a PR if:
-      # - it targets main
-      # - is not in draft
-      #   including automated dependabot PRs.
       - base=main
       - -draft
       - label!=do-not-merge
-    actions:
-      queue:
-        name: main
-        method: squash
+    allow_checks_interruption: true
+
+merge_queue:
+  max_parallel_checks: 1

CONTRIBUTING.md

@@ -0,0 +1,33 @@
+# Contributing
+
+* [Running and Debugging](#running-and-debugging)
+* [Bug Reports](#bug-reports)
+* [Pull Requests](#pull-requests)
+
+## Running and Debugging
+[running-and-debugging]: #running-and-debugging
+
+See the [user documentation](https://frost.zfnd.org/user.html) for details on
+how to build, run, and use the FROST Rust reference implementation.
+
+## Bug Reports
+[bug-reports]: #bug-reports
+
+Please [create an issue](https://github.com/ZcashFoundation/frost/issues/new) on the FROST issue tracker.
+
+## Pull Requests
+[pull-requests]: #pull-requests
+
+PRs are welcome for small and large changes, but please don't make large PRs
+without coordinating with us via the [issue tracker](https://github.com/ZcashFoundation/frost/issues) or [Discord](https://discord.gg/muKwd2F83D). This helps
+increase development coordination and makes PRs easier to merge. Low-effort PRs, including but not limited to fixing typos and grammatical corrections, will generally be redone by us to dissuade metric farming.
+
+Check out the [help wanted][hw] label if you're looking for a place to get started!
+
+FROST follows the [conventional commits][conventional] standard for the commits
+merged to main. Since PRs are squashed before merging to main, the PR titles
+should follow the conventional commits standard so that the merged commits
+are conformant.
+
+[hw]: https://github.com/ZcashFoundation/frost/labels/E-help-wanted
+[conventional]: https://www.conventionalcommits.org/en/v1.0.0/#specification