Skip to content

Commit 8160730

Browse files
authored
Release 1.230.0
See release notes.
2 parents fed3955 + 3eb1893 commit 8160730

500 files changed

Lines changed: 26542 additions & 6565 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.cargo/audit.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ ignore = [
2020
"RUSTSEC-2025-0090",
2121
"RUSTSEC-2025-0098",
2222
"RUSTSEC-2025-0100",
23-
# bincode unmaintained, transitive via hypersync-client
23+
# bincode unmaintained, dev-only via madsim
2424
"RUSTSEC-2025-0141",
2525
# capnp unsound APIs, transitive via hypersync-client, awaiting upstream fix
2626
"RUSTSEC-2025-0143",

.codespellrc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,4 @@
33

44
[codespell]
55
# Comma-separated list of words to ignore
6-
ignore-words-list = ACN,ALO,Alo,allTime,BadAloPx,CapTable,arange,crate,datas,deques,disjointness,HIGHTER,Implementors,intoto,ot,pre,ser,socio-economic,Superseed,SUPERSEED,te,ThirdParty,trough,usIn,zar
6+
ignore-words-list = ACN,ALO,Alo,allTime,BadAloPx,CapTable,arange,crate,datas,deques,disjointness,FO,HIGHTER,Implementors,intoto,ot,pre,ser,socio-economic,Superseed,SUPERSEED,te,ThirdParty,trough,usIn,zar

.docker/DockerfileUbuntu

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ ENV CARGO_HOME="/usr/local/cargo" \
5050
WORKDIR /workspace
5151

5252
# Install uv
53-
COPY --from=ghcr.io/astral-sh/uv:0.11.23@sha256:d0a0a753ab981624b49c97abc98821c1c09f4ca69d1ef5cee69c501be3d88479 \
53+
COPY --from=ghcr.io/astral-sh/uv:0.11.25@sha256:1e3808aa9023d0980e7c15b1fa7c1ac16ff35925780cf5c459858b2d693f01a9 \
5454
/uv /uvx /root/.local/bin/
5555
ENV PATH="/root/.local/bin:${PATH}"
5656

.docker/jupyterlab.dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ RUN curl -fsSL --retry 3 \
2929
mv /tmp/eurusd_instrument.parquet /catalog/data/currency_pair/EURUSD.SIM/part-0.parquet
3030

3131
# Install UV
32-
COPY --from=ghcr.io/astral-sh/uv:0.11.23@sha256:d0a0a753ab981624b49c97abc98821c1c09f4ca69d1ef5cee69c501be3d88479 \
32+
COPY --from=ghcr.io/astral-sh/uv:0.11.25@sha256:1e3808aa9023d0980e7c15b1fa7c1ac16ff35925780cf5c459858b2d693f01a9 \
3333
/uv /uvx /root/.local/bin/
3434

3535
RUN uv pip install --system jupyterlab datafusion

.docker/nautilus_trader.dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ COPY --from=rust-toolchain /usr/local/cargo /usr/local/cargo
3131
COPY --from=rust-toolchain /usr/local/rustup /usr/local/rustup
3232

3333
# Install UV
34-
COPY --from=ghcr.io/astral-sh/uv:0.11.23@sha256:d0a0a753ab981624b49c97abc98821c1c09f4ca69d1ef5cee69c501be3d88479 \
34+
COPY --from=ghcr.io/astral-sh/uv:0.11.25@sha256:1e3808aa9023d0980e7c15b1fa7c1ac16ff35925780cf5c459858b2d693f01a9 \
3535
/uv /uvx /root/.local/bin/
3636

3737
# Install package requirements

.github/OVERVIEW.md

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ CI/CD, testing, publishing, and automation within the NautilusTrader repository.
2424

2525
- **build.yml**: main CI pipeline - plan, pre-commit, cargo-deny, Rust tests, Python tests,
2626
wheel builds, artifact uploads, release asset uploads, Trusted Publishing to PyPI and crates.io,
27-
release attestations, registry verification, release checksum publication, and final GitHub
28-
release publication and attestation verification. Uses Depot 8-core runners for Linux and Windows
29-
builds. Includes a plan step that skips builds on docs-only changes and skips Rust tests on
30-
Python-only changes.
27+
release preflights, release attestations, registry verification, release checksum publication,
28+
final release asset verification, and final GitHub release publication and attestation
29+
verification. Uses Depot 8-core runners for Linux and Windows builds. Includes a plan step that
30+
skips builds on docs-only changes and skips Rust tests on Python-only changes.
3131
- **build-v2.yml**: CI pipeline for the v2 Rust-native system. Runs Linux builds on the self-hosted `build-v2` pool.
3232
- **build-docs.yml**: dispatches documentation build on `master` and `nightly` pushes.
3333
- **cli-binaries.yml**: builds and publishes CLI binaries for multiple platforms.
@@ -108,17 +108,18 @@ CI/CD, testing, publishing, and automation within the NautilusTrader repository.
108108
OIDC trusted publishing. The trusted publisher on crates.io must be configured per crate for
109109
repo `nautechsystems/nautilus_trader`, workflow `build.yml`, and environment `release`; the
110110
job uses a short-lived token from `rust-lang/crates-io-auth-action` and no long-lived cargo token.
111-
- **Post-publish verification**: `publish-release-integrity` verifies PyPI files against
112-
`dist-manifest.json`, verifies PyPI provenance publisher metadata, and verifies crates.io entries
113-
were trusted-published by this repository. These verifier calls retry transient
114-
Sigstore/Rekor/TUF lag, while provenance and identity mismatches fail fast. The job records
115-
whether each crate matches the release commit, was already published, or matched an explicit
116-
`CRATES_IO_MANUAL_PUBLISH_EXCEPTIONS` `crate@version` entry for emergency token-publish
117-
recovery. Manual entries are recorded in `crates-manifest.json` with
111+
- **Post-publish verification**: `publish-release-integrity` generates the release manifest, then
112+
verifies PyPI files against `dist-manifest.json`, verifies PyPI provenance publisher metadata, and
113+
verifies crates.io entries were trusted-published by this repository before attaching checksum
114+
assets to the draft release. These verifier calls retry transient Sigstore/Rekor/TUF lag, while
115+
provenance and identity mismatches fail fast. The job records whether each crate matches the
116+
release commit, was already published, or matched an explicit
117+
`CRATES_IO_MANUAL_PUBLISH_EXCEPTIONS` `crate@version` entry for emergency token-publish recovery.
118+
Manual entries are recorded in `crates-manifest.json` with
118119
`release_status: "manual_token_publish"`. Malformed or unused exception entries fail the job. The
119120
job uploads `crates-manifest.json`, attaches attestation siblings, and cleans up release workflow
120-
artifacts. `publish-github-release` then publishes the draft release and verifies GitHub's
121-
release attestation.
121+
artifacts. `publish-github-release` verifies the final draft asset set, publishes the draft
122+
release, and verifies GitHub's release attestation.
122123
- **Caching**: Rust target directory cache (`Swatinem/rust-cache`), prek hook environments, and test
123124
data caches speed up workflows while preserving hermetic builds. Rust cache saves are restricted
124125
to push events to prevent PR cache pollution.

.github/actions/cargo-tool-install/action.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ runs:
3131

3232
# https://github.com/actions-rust-lang/setup-rust-toolchain
3333
- name: Set up Rust toolchain
34-
uses: actions-rust-lang/setup-rust-toolchain@2b1f5e9b395427c92ee4e3331786ca3c37afe2d7 # v1.16.0
34+
uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1
3535
with:
3636
toolchain: ${{ env.TOOLCHAIN }}
3737
override: true

.github/actions/common-setup/action.yml

Lines changed: 27 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,30 @@ runs:
7878
docker-images: true
7979
swap-storage: true
8080

81+
# Extra unused SDKs beyond jlumbroso; only GitHub-hosted runners are disk-bound
82+
- name: Free additional disk space (Linux)
83+
if: >-
84+
inputs.free-disk-space == 'true'
85+
&& runner.os == 'Linux'
86+
&& runner.environment == 'github-hosted'
87+
shell: bash
88+
run: |
89+
echo "=== Disk usage before extra cleanup ==="
90+
df -h /
91+
for path in \
92+
/usr/share/swift \
93+
/usr/local/lib/swift \
94+
/usr/local/share/powershell \
95+
/usr/local/share/boost \
96+
/usr/local/share/chromium \
97+
/opt/google/chrome \
98+
/opt/microsoft \
99+
/usr/local/julia*; do
100+
sudo rm -rf $path || true
101+
done
102+
echo "=== Disk usage after extra cleanup ==="
103+
df -h /
104+
81105
- name: Free disk space (macOS)
82106
if: inputs.free-disk-space == 'true' && runner.os == 'macOS'
83107
shell: bash
@@ -155,7 +179,7 @@ runs:
155179
156180
# https://github.com/actions-rust-lang/setup-rust-toolchain
157181
- name: Set up Rust toolchain
158-
uses: actions-rust-lang/setup-rust-toolchain@2b1f5e9b395427c92ee4e3331786ca3c37afe2d7 # v1.16.0
182+
uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1
159183
with:
160184
toolchain: ${{ env.TOOLCHAIN }}
161185
components: clippy,rustfmt
@@ -186,7 +210,7 @@ runs:
186210
- name: Install cargo-nextest
187211
if: inputs.build-type != 'pre-commit' && runner.os != 'macOS'
188212
# https://github.com/taiki-e/install-action
189-
uses: taiki-e/install-action@db5fb34fa772531a3ece57ca434f579eb334e0fb # v2.75.30
213+
uses: taiki-e/install-action@7a79fe8c3a13344501c80d99cae481c1c9085912 # v2.81.10
190214
with:
191215
tool: cargo-nextest@${{ env.CARGO_NEXTEST_VERSION }}
192216

@@ -249,7 +273,7 @@ runs:
249273
250274
- name: Install uv
251275
# https://github.com/astral-sh/setup-uv
252-
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
276+
uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
253277
with:
254278
version: ${{ env.UV_VERSION }}
255279
enable-cache: ${{ inputs.uv-cache-enabled }}

.github/actions/upload-artifact-wheel/action.yml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,12 @@
11
name: Upload wheel artifact to GitHub Actions
22
description: Upload wheel artifact to GitHub Actions
33

4+
inputs:
5+
retention-days:
6+
description: Number of days to retain the uploaded wheel artifact
7+
required: false
8+
default: "1"
9+
410
runs:
511
using: "composite"
612
steps:
@@ -40,4 +46,4 @@ runs:
4046
name: ${{ env.ASSET_NAME }}
4147
path: dist/nautilus_trader-*.whl
4248
if-no-files-found: error
43-
retention-days: 1
49+
retention-days: ${{ inputs.retention-days }}

.github/workflows/build-docs.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
runs-on: ubuntu-latest
1414
steps:
1515
# https://github.com/step-security/harden-runner
16-
- uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
16+
- uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
1717
with:
1818
egress-policy: ${{ vars.STEP_SECURITY_EGRESS_POLICY || 'block' }}
1919
allowed-endpoints: >-

0 commit comments

Comments
 (0)