[pull] main from dfinity:main#549
Merged
pull[bot] merged 3 commits intomikeyhodl:mainfrom Apr 22, 2026
Merged
Conversation
## Summary `HACKING.md` lists **Node.js v16+** as a build prerequisite, but the project actually requires **Node.js v24**: | Source | Value | |---|---| | `.nvmrc` | `24.15.0` | | `package.json` engines | `>=24.0.0 <25.0.0` | New contributors following the current docs would install a Node version that's eight major versions behind and incompatible with the project. ## Changes - `HACKING.md` line 15: `Node.js v16+` → `Node.js v24+ (see .nvmrc for the exact version)` This is a one-line documentation fix with no code changes. --------- Co-authored-by: Tim Aterton <timothyaterton@users.noreply.github.com>
#3797) `deploy-pr-to-beta` and `deploy-local-to-beta` had accumulated copy-pasted CLI parsing, staging config, and `dfx install` glue. The install-arg handling in particular prompted the user for every field in `InternetIdentityFrontendInit` without enforcing any consistency between the frontend's `backend_canister_id` / `backend_origin` / `related_origins` and the selected staging — which is how we ended up shipping a frontend on Staging C that pointed at Staging B's backend (canister `jqajs-...` instead of `y2aaj-...`) and spent a session debugging the `Canister has no update method 'add_discoverable_oidc_config'` error. Factored out into a shared library and added explicit per-end build controls, reachability / consistency checks, and dry-run support. # Changes ## New: `scripts/deploy-common.bash` Shared library sourced by both deploy scripts. Responsibilities: - Staging-letter → canister-id/URL lookups. - `parse_common_args`: single parser for `-sa/-sb/-sc` / `--staging custom`, `-fe/-be` / `--end`, `-rfe/-rbe` / `--rebuild fe be`, `--dry-run`, `--no-checks`. - `resolve_staging_config`: fills the shared quad `(BE_ID, FE_ID, BE_URL, FE_URL)` — baked in for A/B/C, prompted for `custom`. - `is_interactive` / `die_non_interactive`: prompts fail loudly when `/dev/tty` isn't openable (CI) instead of hanging. Uses `/dev/tty` rather than `[ -t 0/1 ]` so it behaves correctly inside `$(...)` subshells (which `prompt_default` is always called from). - `check_fe_reachable` / `check_be_reachable`: best-effort HTTP probes. FE check confirms the URL serves an II frontend (has `data-canister-id="..."` attribute); BE check fetches `/.config.did.bin` and validates it decodes as Candid when `didc` is available. - `run_consistency_checks`: compares the FE's injected `data-canister-id` against the expected `BE_ID` for the staging and interactively prompts to override on mismatch. This is the check that would have caught the Staging C → Staging B misconfig. - `prompt_fe_extra_args`: interactive prompts for the small set of FE-only fields that don't follow from the shared quad (`dev_csp`, `dummy_auth`, `analytics_config`). `fetch_root_key` is auto-set to `opt false` for mainnet. - `build_fe_install_arg` / `build_be_install_arg`: emit Candid install args. FE arg is a required record (non-opt). BE arg is a tight `opt record { backend_canister_id; backend_origin; related_origins; }` — every other field is left `opt null` so the upgrade preserves existing state. - `run_dfx_install`: one entry point that either runs or prints the `dfx canister install` command based on `DRY_RUN`. ## Refactored: `scripts/deploy-local-to-beta` Thin wrapper around the common lib. - Does **not** accept a PR number anymore (it deploys your working tree). - Rebuild is opt-in per end: `-rfe` / `-rbe` / `--rebuild fe be`. Default is to reuse existing `wasm.gz` files at the repo root. - Prepends `~/.cargo/bin` to `PATH` when present so `scripts/build`'s pinned `ic-wasm 0.8.5` wins over newer versions installed elsewhere (e.g. via nvm's node `bin` dir). ## Refactored: `scripts/deploy-pr-to-beta` Thin wrapper around the common lib. - CI artifact validation (workflow run exists, required jobs succeeded, artifact URLs resolvable) is performed **before** the FE extra-args prompts, so we fail fast on missing/broken CI runs instead of wasting the user's time at the prompts. - `--dry-run` prints the `dfx canister install` command after the artifacts have been downloaded and extracted, so the exact command (including `--argument`) is copy-pasteable. ## Not changed `scripts/frontend-arg-helpers.bash` is untouched — still sourced by `scripts/make-upgrade-proposal`, which has a different prompt model and isn't in scope here. # Tests Both scripts shellcheck clean (only `SC1091 info` for the sourced lib, same as the prior `frontend-arg-helpers.bash`). Manually verified: - `-sa/-sb/-sc` resolution → correct canister ids / URLs. - `--staging custom` → prompts for all four values. - `--dry-run` → prints the exact `dfx canister install` command that would run, with both install args formatted correctly. - Reachability check against Staging C: FE HTML probe OK, BE `/.config.did.bin` decodes as Candid (when `didc` is installed). - Consistency check against Staging C: would have caught the Staging C → Staging B misconfig (FE injected `data-canister-id` vs. expected `BE_ID`). - Error paths: missing `--staging`, missing `--end`, unexpected positional args, non-interactive prompt attempt (errors out with a clear message). Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
## Summary Adds 10 integration test vectors for ICRC-3 certified attributes, covering every combination of attribute selection and encoding that the II backend canister can produce. Each vector exercises the full pipeline — `prepare_icrc3_attributes` → `get_icrc3_attributes` → signature verification — and captures: - Candid-encoded ICRC-3 message bytes - Domain-separated signed message (`[0x0e] || "ic-sender-info" || message`) - Full CBOR certificate from the canister signature - Human-readable ICRC-3 map representation **Scenarios covered:** | # | Label | |---|---| | 1 | Single email, scoped key | | 2 | Single email, unscoped key (`omit_scope = true`) | | 3 | Single name, scoped key | | 4 | Email + name, both scoped | | 5 | Email + name, both unscoped | | 6 | Mixed scoping (email unscoped, name scoped) | | 7 | Email with value validation | | 8 | Email with specific nonce | | 9 | Mixed scoping with specific nonce | | 10 | No user attributes (only implicit entries) | ## Tests - `icrc3_test_vectors` integration test in `attributes.rs` — generates all 10 vectors, verifies every CBOR signature, and compares the result against the committed `docs/icrc3-test-vectors.json` snapshot. The snapshot is regenerated on demand with `UPDATE_ICRC3_VECTORS=1 cargo test ...` (see `docs/icrc3-test-vectors.md`). - `docs/icrc3-test-vectors.md` — reference doc explaining the encoding pipeline and how to regenerate. - `docs/icrc3-test-vectors.json` — machine-readable snapshot committed alongside the test. 🤖 Generated with Claude Code < [Previous PR](#3770) | --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )