Skip to content
  1. Dec 22, 2023
    • Sachin Charakhwal's avatar
      fix overflow in `balance_to_point` conversion (#2706) · 4c0e0e07
      Sachin Charakhwal authored
      Closes #416
      
      As I mentioned in the above issue `balance_to_points` conversion
      currently overflows the `Balance` types even before computing the actual
      points for the given tokens. This fixes that,
      4c0e0e07
    • Emanuele Valzano's avatar
      incrementing sufficient accounts references with saturating_add for safety. (#2768) · 0ce506ef
      Emanuele Valzano authored
      
      
      Even though it is difficult to overflow the sufficients variable, since
      an attacker that is willing to rapidly increase the number must every
      time deposit a minimum deposit of a given asset, it is safer to use
      saturating_add().
      
      ---------
      
      Co-authored-by: default avatarBastian Köcher <[email protected]>
      Co-authored-by: default avatarjoe petrowski <[email protected]>
      0ce506ef
    • Svyatoslav Nikolsky's avatar
      Final nits for bridge-hub-test-utils (#2788) · b62df695
      Svyatoslav Nikolsky authored
      closes https://github.com/paritytech/parity-bridges-common/issues/2739
      b62df695
    • dependabot[bot]'s avatar
      Bump unsafe-libyaml from 0.2.9 to 0.2.10 (#2776) · 0686cf17
      dependabot[bot] authored
      
      
      Bumps [unsafe-libyaml](https://github.com/dtolnay/unsafe-libyaml) from
      0.2.9 to 0.2.10.
      <details>
      <summary>Release notes</summary>
      <p><em>Sourced from <a
      href="https://github.com/dtolnay/unsafe-libyaml/releases">unsafe-libyaml's
      releases</a>.</em></p>
      <blockquote>
      <h2>0.2.10</h2>
      <ul>
      <li>Fix write to improperly aligned pointer in 32-bit targets (<a
      href="https://redirect.github.com/dtolnay/unsafe-libyaml/issues/21">#21</a>)</li>
      </ul>
      </blockquote>
      </details>
      <details>
      <summary>Commits</summary>
      <ul>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/61f3ab82b271ac90d6a04f65520614ca08c58abe"><code>61f3ab8</code></a>
      Release 0.2.10</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/d90d7abc4e31d590881a055c6ade175e40cd498f"><code>d90d7ab</code></a>
      Clean up some redundant casts</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/7755559145c9cf5573639bfecc557893d4a46b0d"><code>7755559</code></a>
      Merge pull request <a
      href="https://redirect.github.com/dtolnay/unsafe-libyaml/issues/24">#24</a>
      from dtolnay/mallocalign</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/b8a0863c1bb2a0e1b3d226679e4a7bd31d14c2b4"><code>b8a0863</code></a>
      Fix insufficient alignment of malloc's return value on 32-bit</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/389373f0d99dd8726eb52199e622056aa1d4ac8f"><code>389373f</code></a>
      Merge pull request <a
      href="https://redirect.github.com/dtolnay/unsafe-libyaml/issues/23">#23</a>
      from dtolnay/malloc</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/fd41ef659dcd9eaa973771985edce227cdcfe084"><code>fd41ef6</code></a>
      Check arithmetic in malloc computations</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/9e054fbfee5523f904bd70091170ad7a0e5402a2"><code>9e054fb</code></a>
      Merge pull request <a
      href="https://redirect.github.com/dtolnay/unsafe-libyaml/issues/22">#22</a>
      from dtolnay/force</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/5b40a9e0edc5c5e87585d49f9fd34603c2c4742b"><code>5b40a9e</code></a>
      Check more arithmetic operations</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/97a4332d8d5a47478e659cb9b872ed6613eee8a9"><code>97a4332</code></a>
      Delete cast to long followed by size_t</li>
      <li><a
      href="https://github.com/dtolnay/unsafe-libyaml/commit/e5f4bbd0f0ff8c48c8df8e88f810e5d0c4143159"><code>e5f4bbd</code></a>
      Clean up duplicated casting to size_t</li>
      <li>Additional commits viewable in <a
      href="https://github.com/dtolnay/unsafe-libyaml/compare/0.2.9...0.2.10">compare
      view</a></li>
      </ul>
      </details>
      <br />
      
      
      [![Dependabot compatibility
      score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=unsafe-libyaml&package-manager=cargo&previous-version=0.2.9&new-version=0.2.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
      
      Dependabot will resolve any conflicts with this PR as long as you don't
      alter it yourself. You can also trigger a rebase manually by commenting
      `@dependabot rebase`.
      
      [//]: # (dependabot-automerge-start)
      [//]: # (dependabot-automerge-end)
      
      ---
      
      <details>
      <summary>Dependabot commands and options</summary>
      <br />
      
      You can trigger Dependabot actions by commenting on this PR:
      - `@dependabot rebase` will rebase this PR
      - `@dependabot recreate` will recreate this PR, overwriting any edits
      that have been made to it
      - `@dependabot merge` will merge this PR after your CI passes on it
      - `@dependabot squash and merge` will squash and merge this PR after
      your CI passes on it
      - `@dependabot cancel merge` will cancel a previously requested merge
      and block automerging
      - `@dependabot reopen` will reopen this PR if it is closed
      - `@dependabot close` will close this PR and stop Dependabot recreating
      it. You can achieve the same result by closing it manually
      - `@dependabot show <dependency name> ignore conditions` will show all
      of the ignore conditions of the specified dependency
      - `@dependabot ignore this major version` will close this PR and stop
      Dependabot creating any more for this major version (unless you reopen
      the PR or upgrade to it yourself)
      - `@dependabot ignore this minor version` will close this PR and stop
      Dependabot creating any more for this minor version (unless you reopen
      the PR or upgrade to it yourself)
      - `@dependabot ignore this dependency` will close this PR and stop
      Dependabot creating any more for this dependency (unless you reopen the
      PR or upgrade to it yourself)
      You can disable automated security fix PRs for this repo from the
      [Security Alerts
      page](https://github.com/paritytech/polkadot-sdk/network/alerts).
      
      </details>
      
      Signed-off-by: default avatardependabot[bot] <[email protected]>
      Co-authored-by: default avatardependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      0686cf17
    • joe petrowski's avatar
      Update Safe Call Filters (#2786) · d7ca2cb5
      joe petrowski authored
      
      
      - Updates all safe call filters to allow `system::authorize_upgrade`.
      - Updates Coretime safe call filter to allow `sudo` and
      `system_set_storage`.
      - Update Coretime teleports to allow teleportation with other system
      chains.
      
      ---------
      
      Co-authored-by: default avatarBastian Köcher <[email protected]>
      d7ca2cb5
    • Bastian Köcher's avatar
      pallet-sudo: Accept `Root` origin as valid sudo (#2783) · 96bec7a7
      Bastian Köcher authored
      This changes `pallet-sudo` to also accept `Root` origin for
      `ensure_sudo`. This can be useful for parachains who allow the relay
      chain to have superuser rights to setup the sudo pallet for example.
      96bec7a7
    • Bastian Köcher's avatar
    • Branislav Kontur's avatar
  2. Dec 21, 2023
  3. Dec 20, 2023
    • joe petrowski's avatar
      Fix Coretime Master (#2765) · d84e135b
      joe petrowski authored
      Should have merged master into #2682 before merging.
      d84e135b
    • Dónal Murray's avatar
      Fix clippy lints behind feature gates and add new CI step all features (#2569) · d68868f6
      Dónal Murray authored
      
      
      Many clippy lints usually enforced by `-Dcomplexity` and `-Dcorrectness`
      are not caught by CI as they are gated by `features`, like
      `runtime-benchmarks`, while the clippy CI job runs with only the default
      features for all targets.
      
      This PR also adds a CI step to run clippy with `--all-features` to
      ensure the code quality is maintained behind feature gates from now on.
      
      To improve local development, clippy lints are downgraded to warnings,
      but they still will result in an error at CI due to the `-Dwarnings`
      rustflag.
      
      ---------
      
      Co-authored-by: default avatarLiam Aharon <[email protected]>
      d68868f6
    • joe petrowski's avatar
      Add Authorize Upgrade Pattern to Frame System (#2682) · 280aa0b5
      joe petrowski authored
      Adds the `authorize_upgrade` -> `enact_authorized_upgrade` pattern to
      `frame-system`. This will be useful for upgrading bridged chains that
      are under the governance of Polkadot without passing entire runtime Wasm
      blobs over a bridge.
      
      Notes:
      
      - Changed `enact_authorized_upgrade` to `apply_authorized_upgrade`.
      Personal opinion, "apply" more accurately expresses what it's doing. Can
      change back if outvoted.
      - Remove `check_version` in favor of two extrinsics, so as to make
      _checked_ the default.
      - Left calls in `parachain-system` and marked as deprecated to prevent
      breaking the API. They just call into the `frame-system` functions.
      - Updated `frame-system` benchmarks to v2 syntax.
      
      ---------
      
      Co-authored-by: command-bot <>
      280aa0b5
    • André Silva's avatar
      use a single source for simple-mermaid dependency (#2760) · b51904da
      André Silva authored
      this breaks cargo vendor which is necessary for building polkadot with
      nix
      b51904da
    • Muharem Ismailov's avatar
      pallet-asset-conversion: Decoupling Native Currency Dependancy (#2031) · 4f832ea8
      Muharem Ismailov authored
      closes https://github.com/paritytech/polkadot-sdk/issues/1842
      
      Decoupling Pallet from the Concept of Native Currency
      
      Currently, the pallet is intrinsically linked with the concept of native
      currency, requiring users to provide implementations of the
      `fungible::*` and `fungibles::*` traits to interact with native and non
      native assets. This incapsulates some non-related to the pallet
      complexity and makes it less adaptable in contexts where the native
      currency concept is absent.
      
      With this PR, the dependence on `fungible::*` for liquidity-supplying
      assets has been removed. Instead, the native and non-native currencies'
      handling is now overseen by a single type that implements the
      `fungibles::*` traits. To simplify this integration, types have been
      introduced to facilitate the creation of a union between `fungible::*`
      and `fungibles::*` implementations, producing a unified `fungibles::*`
      type.
      
      One of the reasons driving these changes is the ambition to create a
      more user-friendly API for the `SwapCredit` implementation. Given that
      it interacts with two distinct credit types from `fungible` and
      `fungibles`, a unified type was introduced. Clients now manage potential
      conversion failures for those credit types. In certain contexts, it's
      vital to guarantee that operations are fail-safe, like in this impl -
      [PR](https://github.com/paritytech/polkadot-sdk/pull/1845), place in
      [code](https://github.com/paritytech/polkadot-sdk/blob/20b85a5f
      
      /cumulus/primitives/utility/src/lib.rs#L429).
      
      Additional Updates:
      - abstracted the pool ID and its account derivation logic via trait
      bounds, along with common implementation offerings;
      - removed `inc_providers` on a pool creation for the pool account;
      - benchmarks:
      -- swap complexity is N, not const;
      -- removed `From<u128> + Into<u128>` bound from `T::Balance`;
      -- removed swap/liquidity/.. amount constants, resolve them dynamically
      based on pallet configuration;
      -- migrated to v2 API;
      - `OnUnbalanced` handler for the pool creation fee, replacing direct
      transfers to a specified account ID;
      - renamed `MultiAssetId` to `AssetKind` aligning with naming across
      frame crates;
      
      related PRs:
      - (depends) https://github.com/paritytech/polkadot-sdk/pull/1677
      - (caused) https://github.com/paritytech/polkadot-sdk/pull/2033
      - (caused) https://github.com/paritytech/polkadot-sdk/pull/1876
      
      ---------
      
      Co-authored-by: default avatarjoe petrowski <[email protected]>
      Co-authored-by: default avatarLiam Aharon <[email protected]>
      4f832ea8
    • dependabot[bot]'s avatar
      Bump chrono from 0.4.27 to 0.4.31 (#2761) · d32f66fb
      dependabot[bot] authored
      
      
      Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.27 to
      0.4.31.
      <details>
      <summary>Release notes</summary>
      <p><em>Sourced from <a
      href="https://github.com/chronotope/chrono/releases">chrono's
      releases</a>.</em></p>
      <blockquote>
      <h2>0.4.31</h2>
      <p>Another maintenance release.
      It was not a planned effort to improve our support for UNIX timestamps,
      yet most PRs seem related to this.</p>
      <h3>Deprecations</h3>
      <ul>
      <li>Deprecate <code>timestamp_nanos</code> in favor of the non-panicking
      <code>timestamp_nanos_opt</code> (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li>
      </ul>
      <h3>Additions</h3>
      <ul>
      <li>Add <code>DateTime::&lt;Utc&gt;::from_timestamp</code> (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1279">#1279</a>,
      thanks <a
      href="https://github.com/demurgos"><code>@​demurgos</code></a>)</li>
      <li>Add <code>TimeZone::timestamp_micros</code> (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1285">#1285</a>,
      thanks <a
      href="https://github.com/emikitas"><code>@​emikitas</code></a>)</li>
      <li>Add <code>DateTime&lt;Tz&gt;::timestamp_nanos_opt</code> and
      <code>NaiveDateTime::timestamp_nanos_opt</code> (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li>
      <li>Add <code>UNIX_EPOCH</code> constants (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1291">#1291</a>)</li>
      </ul>
      <h3>Fixes</h3>
      <ul>
      <li>Format day of month in RFC 2822 without padding (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1272">#1272</a>)</li>
      <li>Don't allow strange leap seconds which are not on a minute boundary
      initialization methods (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1283">#1283</a>)
      This makes many methods a little more strict:
      <ul>
      <li><code>NaiveTime::from_hms_milli</code></li>
      <li><code>NaiveTime::from_hms_milli_opt</code></li>
      <li><code>NaiveTime::from_hms_micro</code></li>
      <li><code>NaiveTime::from_hms_micro_opt</code></li>
      <li><code>NaiveTime::from_hms_nano</code></li>
      <li><code>NaiveTime::from_hms_nano_opt</code></li>
      <li><code>NaiveTime::from_num_seconds_from_midnight</code></li>
      <li><code>NaiveTime::from_num_seconds_from_midnight_opt</code></li>
      <li><code>NaiveDate::and_hms_milli</code></li>
      <li><code>NaiveDate::and_hms_milli_opt</code></li>
      <li><code>NaiveDate::and_hms_micro</code></li>
      <li><code>NaiveDate::and_hms_micro_opt</code></li>
      <li><code>NaiveDate::and_hms_nano</code></li>
      <li><code>NaiveDate::and_hms_nano_opt</code></li>
      <li><code>NaiveDateTime::from_timestamp</code></li>
      <li><code>NaiveDateTime::from_timestamp_opt</code></li>
      <li><code>TimeZone::timestamp</code></li>
      <li><code>TimeZone::timestamp_opt</code></li>
      </ul>
      </li>
      <li>Fix underflow in <code>NaiveDateTime::timestamp_nanos_opt</code> (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1294">#1294</a>,
      thanks <a
      href="https://github.com/crepererum"><code>@​crepererum</code></a>)</li>
      </ul>
      <h3>Documentation</h3>
      <ul>
      <li>Add more documentation about the RFC 2822 obsolete date format (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1267">#1267</a>)</li>
      </ul>
      <h3>Internal</h3>
      <ul>
      <li>Remove internal <code>__doctest</code> feature and
      <code>doc_comment</code> dependency (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1276">#1276</a>)</li>
      <li>CI: Bump <code>actions/checkout</code> from 3 to 4 (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1280">#1280</a>)</li>
      <li>Optimize <code>NaiveDate::add_days</code> for small values (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1214">#1214</a>)</li>
      <li>Upgrade <code>pure-rust-locales</code> to 0.7.0 (<a
      href="https://redirect.github.com/chronotope/chrono/issues/1288">#1288</a>,
      thanks <a href="https://github.com/jeremija"><code>@​jeremija</code></a>
      wo did good improvements on <code>pure-rust-locales</code>)</li>
      </ul>
      <p>Thanks to all contributors on behalf of the chrono team, <a
      href="https://github.com/djc"><code>@​djc</code></a> and <a
      href="https://github.com/pitdicker"><code>@​pitdicker</code></a>!</p>
      <h2>0.4.30</h2>
      <p>In this release, we have decided to swap out the
      <code>chrono::Duration</code> type (which has been a re-export of time
      0.1 <code>Duration</code> type) with our own definition, which exposes a
      strict superset of the <code>time::Duration</code> API. This helps avoid
      warnings about the [CVE-2020-26235] and [RUSTSEC-2020-0071] advisories
      for downstream users and allows us to improve the <code>Duration</code>
      API going forward.</p>
      <!-- raw HTML omitted -->
      </blockquote>
      <p>... (truncated)</p>
      </details>
      <details>
      <summary>Commits</summary>
      <ul>
      <li><a
      href="https://github.com/chronotope/chrono/commit/e730c6ac45649a6a636abf30b796304bc46ecd15"><code>e730c6a</code></a>
      Bump version to 0.4.31</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/2afdde8f7f23f087b5027662e2882dba0663fef7"><code>2afdde8</code></a>
      fix: underflow during datetime-&gt;nanos conversion</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/46ad2c2b2c901eb20e43a7fca025aac02605bda4"><code>46ad2c2</code></a>
      Add <code>UNIX_EPOCH</code> constants</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/1df8db3a547bf50929d3d1774306f996b63e9e7c"><code>1df8db3</code></a>
      Add TimeZone::timestamp_micros</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/861d4e12487181e71744478a320db20f56bd61af"><code>861d4e1</code></a>
      Make TimeZone::timestamp_millis_opt use</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/3c4846a88235a38105a047b0acd34ce239a1cfb5"><code>3c4846a</code></a>
      Upgrade pure-rust-locales to 0.7.0</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/6665804676e55e9e2375eed7c10cc9e0910abf11"><code>6665804</code></a>
      Deny leap second if secs != 59 in
      <code>from_num_seconds_from_midnight_opt</code></li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/61b7ffbb7a95df577c308eb0f2ab5c68e1566cf1"><code>61b7ffb</code></a>
      Deny leap second if secs != 59 in <code>from_hms_nano_opt</code></li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/202af6cfda9bfdb195dc96377fcdeee7ed024b65"><code>202af6c</code></a>
      Don't generate leap seconds that are not 60 in NaiveTime's Arbitrary
      impl</li>
      <li><a
      href="https://github.com/chronotope/chrono/commit/60283ab55cbc9ea6caa86e19bf5da2c086cdf4bc"><code>60283ab</code></a>
      Don't create strange leap seconds in tests</li>
      <li>Additional commits viewable in <a
      href="https://github.com/chronotope/chrono/compare/v0.4.27...v0.4.31">compare
      view</a></li>
      </ul>
      </details>
      <br />
      
      
      [![Dependabot compatibility
      score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.27&new-version=0.4.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
      
      Dependabot will resolve any conflicts with this PR as long as you don't
      alter it yourself. You can also trigger a rebase manually by commenting
      `@dependabot rebase`.
      
      [//]: # (dependabot-automerge-start)
      [//]: # (dependabot-automerge-end)
      
      ---
      
      <details>
      <summary>Dependabot commands and options</summary>
      <br />
      
      You can trigger Dependabot actions by commenting on this PR:
      - `@dependabot rebase` will rebase this PR
      - `@dependabot recreate` will recreate this PR, overwriting any edits
      that have been made to it
      - `@dependabot merge` will merge this PR after your CI passes on it
      - `@dependabot squash and merge` will squash and merge this PR after
      your CI passes on it
      - `@dependabot cancel merge` will cancel a previously requested merge
      and block automerging
      - `@dependabot reopen` will reopen this PR if it is closed
      - `@dependabot close` will close this PR and stop Dependabot recreating
      it. You can achieve the same result by closing it manually
      - `@dependabot show <dependency name> ignore conditions` will show all
      of the ignore conditions of the specified dependency
      - `@dependabot ignore <dependency name> major version` will close this
      group update PR and stop Dependabot creating any more for the specific
      dependency's major version (unless you unignore this specific
      dependency's major version or upgrade to it yourself)
      - `@dependabot ignore <dependency name> minor version` will close this
      group update PR and stop Dependabot creating any more for the specific
      dependency's minor version (unless you unignore this specific
      dependency's minor version or upgrade to it yourself)
      - `@dependabot ignore <dependency name>` will close this group update PR
      and stop Dependabot creating any more for the specific dependency
      (unless you unignore this specific dependency or upgrade to it yourself)
      - `@dependabot unignore <dependency name>` will remove all of the ignore
      conditions of the specified dependency
      - `@dependabot unignore <dependency name> <ignore condition>` will
      remove the ignore condition of the specified dependency and ignore
      conditions
      
      
      </details>
      
      Signed-off-by: default avatardependabot[bot] <[email protected]>
      Co-authored-by: default avatardependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      d32f66fb
    • Svyatoslav Nikolsky's avatar
      Fix bridges scripts to test Rococo <> Westend bridge locally (#2752) · c9f9b4b2
      Svyatoslav Nikolsky authored
      
      
      I think I broke it in
      https://github.com/paritytech/polkadot-sdk/pull/2139 - fees has
      increased and amounts that we send are no longer enough to cover fees.
      Also changed a consts (test + 33%) using latest weights.
      
      ---------
      
      Co-authored-by: default avatarBranislav Kontur <[email protected]>
      c9f9b4b2
  4. Dec 19, 2023
    • André Silva's avatar
      Update schnorrkel to 0.11.4 (#2524) · 421af26b
      André Silva authored
      421af26b
    • Egor_P's avatar
      Add srtool GHA (#2755) · 8efaabd6
      Egor_P authored
      This PR introduces the `srtool` GHA which was used in the old `cumulus`
      repo to build and check runtimes on the weekly basis schedule. The job
      is triggered:
      - every Monday at 2AM, automatically
      - on each tag push or push to the release branch
      - can be triggered manually as well
      
      Addresses #1271
      8efaabd6
    • Muharem Ismailov's avatar
      pallet-asset-conversion: Swap Credit (#1677) · 5ce04514
      Muharem Ismailov authored
      
      
      Introduces a swap implementation that allows the exchange of a credit
      (aka Negative Imbalance) of one asset for a credit of another asset.
      
      This is particularly useful when a credit swap is required but may not
      have sufficient value to meet the ED constraint, hence cannot be
      deposited to temp account before. An example use case is when XCM fees
      are paid using an asset held in the XCM executor registry and has to be
      swapped for native currency.
      
      Additional Updates:
      - encapsulates the existing `Swap` trait impl within a transactional
      context, since partial storage mutation is possible when an error
      occurs;
      - supplied `Currency` and `Assets` impls must be implemented over the
      same `Balance` type, the `AssetBalance` generic type is dropped. This
      helps to avoid numerous type conversion and overflow cases. If those
      types are different it should be handled outside of the pallet;
      - `Box` asset kind on a pallet level, unbox on a runtime level - here
      [why](https://substrate.stackexchange.com/questions/10039/boxed-argument-of-a-dispatchable/10103#10103);
      - `path` uses `Vec` now, instead of `BoundedVec` since it is never used
      in PoV;
      - removes the `Transfer` event due to it's redundancy with the events
      emitted by `fungible/s` implementations;
      - modifies the `SwapExecuted` event type;
      
      related issue: 
      - https://github.com/paritytech/polkadot-sdk/issues/105
      
      related PRs:
      - (required for) https://github.com/paritytech/polkadot-sdk/pull/1845
      - (caused) https://github.com/paritytech/polkadot-sdk/pull/1717
      
      // DONE make the pallet work only with `fungibles` trait and make it
      free from the concept of a `native` asset -
      https://github.com/paritytech/polkadot-sdk/issues/1842
      
      ---------
      
      Co-authored-by: default avatarjoe petrowski <[email protected]>
      5ce04514
    • Bastian Köcher's avatar
      pallet-uniques/nfts: Small optimizations (#2754) · 84d6342c
      Bastian Köcher authored
      Use `contains_key` to not require decoding the actual value.
      84d6342c
    • juangirini's avatar
      SDK docs ref cli (#2741) · 7c79741e
      juangirini authored
      Closes https://github.com/paritytech/polkadot-sdk-docs/issues/53
      7c79741e
    • juangirini's avatar
      Ref docs: runtime vs contracts (#2609) · d1924013
      juangirini authored
      closes https://github.com/paritytech/polkadot-sdk-docs/issues/41
      d1924013
    • joe petrowski's avatar
      Rococo/Westend Coretime Runtime · 2e70dd3b
      joe petrowski authored
      
      
      New runtimes for the Coretime Chain (a.k.a. "Broker Chain") described in
      RFC-1.
      
      Replaces https://github.com/paritytech/cumulus/pull/2889
      
      
      - [x] Add Agile Coretime pallet
      https://github.com/paritytech/substrate/pull/14568
      - [x] Generate chain specs for local and testnets
      - [x] Deploy parachain on Rococo - Done:
      [rococo-coretime-rpc.polkadot.io](https://polkadot.js.org/apps/?rpc=wss%3A%2F%2Frococo-coretime-rpc.polkadot.io#/explorer)
      
      DevOps issue for Aura keygen:
      https://github.com/paritytech/devops/issues/2725
      
      Edit (Dónal): This PR is mainly for Rococo, the Westend runtime is a
      shell with no `Broker` pallet. The Rococo runtime has the broker calls
      filtered for initial deployment.
      
      ---------
      
      Co-authored-by: default avatarDónal Murray <[email protected]>
      Co-authored-by: default avatar0xmovses <[email protected]>
      Co-authored-by: default avatarLiam Aharon <[email protected]>
      Co-authored-by: default avatarBastian Köcher <[email protected]>
      Co-authored-by: default avatarMarcin S. <[email protected]>
      Co-authored-by: default avatarBastian Köcher <[email protected]>
      Co-authored-by: command-bot <>
      Co-authored-by: default avatarBranislav Kontur <[email protected]>
      2e70dd3b
    • Jegor Sidorenko's avatar
      [NFTs] Fix consumers issue (#2653) · 166ae5ae
      Jegor Sidorenko authored
      When we call the `set_accept_ownership` method, we increase the number
      of account consumers, but then we don't decrease it on collection
      transfer, which leads to the wrong consumers number an account has.
      166ae5ae
    • Muharem Ismailov's avatar
      `UnionOf` types for merged `fungible` and `fungibles` implementations (#2033) · 0b74812c
      Muharem Ismailov authored
      Introduces `UnionOf` types, crafted to merge `fungible` and `fungibles`
      implementations or two `fungibles` implementations into a single type
      implementing `fungibles`.
      
      This also addresses an issue where `ItemOf` initiates a double drop for
      an imbalance type, leading to inaccurate total issuance accounting.
      
      Find the application of these types in this PR -
      [link](https://github.com/paritytech/polkadot-sdk/pull/2031), places in
      code -
      [1](https://github.com/paritytech/polkadot-sdk/blob/4ec7496f/cumulus/parachains/runtimes/assets/asset-hub-kusama/src/lib.rs#L327),
      [2](https://github.com/paritytech/polkadot-sdk/blob/4ec7496f
      
      /cumulus/parachains/runtimes/assets/asset-hub-kusama/src/lib.rs#L343).
      
      ---------
      
      Co-authored-by: default avatarLiam Aharon <[email protected]>
      Co-authored-by: default avatarjoe petrowski <[email protected]>
      Co-authored-by: default avatarOliver Tale-Yazdi <[email protected]>
      Co-authored-by: default avatarjoepetrowski <[email protected]>
      0b74812c
    • dependabot[bot]'s avatar
      Bump actions/setup-node from 4.0.0 to 4.0.1 (#2746) · 81156d03
      dependabot[bot] authored
      
      
      Bumps [actions/setup-node](https://github.com/actions/setup-node) from
      4.0.0 to 4.0.1.
      <details>
      <summary>Release notes</summary>
      <p><em>Sourced from <a
      href="https://github.com/actions/setup-node/releases">actions/setup-node's
      releases</a>.</em></p>
      <blockquote>
      <h2>v4.0.1</h2>
      <h2>What's Changed</h2>
      <ul>
      <li>Ignore engines in Yarn 1 e2e-cache tests by <a
      href="https://github.com/trivikr"><code>@​trivikr</code></a> in <a
      href="https://redirect.github.com/actions/setup-node/pull/882">actions/setup-node#882</a></li>
      <li>Update setup-node references in the README.md file to setup-node@v4
      by <a href="https://github.com/jwetzell"><code>@​jwetzell</code></a> in
      <a
      href="https://redirect.github.com/actions/setup-node/pull/884">actions/setup-node#884</a></li>
      <li>Update reusable workflows to use Node.js v20 by <a
      href="https://github.com/MaksimZhukov"><code>@​MaksimZhukov</code></a>
      in <a
      href="https://redirect.github.com/actions/setup-node/pull/889">actions/setup-node#889</a></li>
      <li>Add fix for cache to resolve slow post action step by <a
      href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
      in <a
      href="https://redirect.github.com/actions/setup-node/pull/917">actions/setup-node#917</a></li>
      <li>Fix README.md by <a
      href="https://github.com/takayamaki"><code>@​takayamaki</code></a> in <a
      href="https://redirect.github.com/actions/setup-node/pull/898">actions/setup-node#898</a></li>
      <li>Add <code>package.json</code> to <code>node-version-file</code> list
      of examples. by <a
      href="https://github.com/TWiStErRob"><code>@​TWiStErRob</code></a> in <a
      href="https://redirect.github.com/actions/setup-node/pull/879">actions/setup-node#879</a></li>
      <li>Fix node-version-file interprets entire package.json as a version by
      <a
      href="https://github.com/NullVoxPopuli"><code>@​NullVoxPopuli</code></a>
      in <a
      href="https://redirect.github.com/actions/setup-node/pull/865">actions/setup-node#865</a></li>
      </ul>
      <h2>New Contributors</h2>
      <ul>
      <li><a href="https://github.com/trivikr"><code>@​trivikr</code></a> made
      their first contribution in <a
      href="https://redirect.github.com/actions/setup-node/pull/882">actions/setup-node#882</a></li>
      <li><a href="https://github.com/jwetzell"><code>@​jwetzell</code></a>
      made their first contribution in <a
      href="https://redirect.github.com/actions/setup-node/pull/884">actions/setup-node#884</a></li>
      <li><a
      href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
      made their first contribution in <a
      href="https://redirect.github.com/actions/setup-node/pull/917">actions/setup-node#917</a></li>
      <li><a
      href="https://github.com/takayamaki"><code>@​takayamaki</code></a> made
      their first contribution in <a
      href="https://redirect.github.com/actions/setup-node/pull/898">actions/setup-node#898</a></li>
      <li><a
      href="https://github.com/TWiStErRob"><code>@​TWiStErRob</code></a> made
      their first contribution in <a
      href="https://redirect.github.com/actions/setup-node/pull/879">actions/setup-node#879</a></li>
      <li><a
      href="https://github.com/NullVoxPopuli"><code>@​NullVoxPopuli</code></a>
      made their first contribution in <a
      href="https://redirect.github.com/actions/setup-node/pull/865">actions/setup-node#865</a></li>
      </ul>
      <p><strong>Full Changelog</strong>: <a
      href="https://github.com/actions/setup-node/compare/v4...v4.0.1">https://github.com/actions/setup-node/compare/v4...v4.0.1</a></p>
      </blockquote>
      </details>
      <details>
      <summary>Commits</summary>
      <ul>
      <li><a
      href="https://github.com/actions/setup-node/commit/b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8"><code>b39b52d</code></a>
      Fix node-version-file interprets entire package.json as a version (<a
      href="https://redirect.github.com/actions/setup-node/issues/865">#865</a>)</li>
      <li><a
      href="https://github.com/actions/setup-node/commit/72476173717e9fa92b08abe87e9c9dc3a42dc0c8"><code>7247617</code></a>
      Add <code>package.json</code> to <code>node-version-file</code> list of
      examples. (<a
      href="https://redirect.github.com/actions/setup-node/issues/879">#879</a>)</li>
      <li><a
      href="https://github.com/actions/setup-node/commit/f3ec4ca66feedca88150c6d39d92449ce4ca063b"><code>f3ec4ca</code></a>
      Fix README.md (<a
      href="https://redirect.github.com/actions/setup-node/issues/898">#898</a>)</li>
      <li><a
      href="https://github.com/actions/setup-node/commit/ec97f37504b0cca1fbc763cc0575585d10020c22"><code>ec97f37</code></a>
      Add fix for cache (<a
      href="https://redirect.github.com/actions/setup-node/issues/917">#917</a>)</li>
      <li><a
      href="https://github.com/actions/setup-node/commit/5ef044f9d09786428e6e895be6be17937becee3a"><code>5ef044f</code></a>
      Update reusable workflows to use Node.js v20 (<a
      href="https://redirect.github.com/actions/setup-node/issues/889">#889</a>)</li>
      <li><a
      href="https://github.com/actions/setup-node/commit/c45882a6eaaa69d42dbf1b6c7e3ae5dbb81e1f29"><code>c45882a</code></a>
      update to setup-node@v4 in docs (<a
      href="https://redirect.github.com/actions/setup-node/issues/884">#884</a>)</li>
      <li><a
      href="https://github.com/actions/setup-node/commit/ee36e8b5c0fdd6014a0398aed18ce9876360bd63"><code>ee36e8b</code></a>
      Ignore engines check in Yarn 1 e2e-cache tests (<a
      href="https://redirect.github.com/actions/setup-node/issues/882">#882</a>)</li>
      <li>See full diff in <a
      href="https://github.com/actions/setup-node/compare/v4.0.0...v4.0.1">compare
      view</a></li>
      </ul>
      </details>
      <br />
      
      
      [![Dependabot compatibility
      score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
      
      Dependabot will resolve any conflicts with this PR as long as you don't
      alter it yourself. You can also trigger a rebase manually by commenting
      `@dependabot rebase`.
      
      [//]: # (dependabot-automerge-start)
      [//]: # (dependabot-automerge-end)
      
      ---
      
      <details>
      <summary>Dependabot commands and options</summary>
      <br />
      
      You can trigger Dependabot actions by commenting on this PR:
      - `@dependabot rebase` will rebase this PR
      - `@dependabot recreate` will recreate this PR, overwriting any edits
      that have been made to it
      - `@dependabot merge` will merge this PR after your CI passes on it
      - `@dependabot squash and merge` will squash and merge this PR after
      your CI passes on it
      - `@dependabot cancel merge` will cancel a previously requested merge
      and block automerging
      - `@dependabot reopen` will reopen this PR if it is closed
      - `@dependabot close` will close this PR and stop Dependabot recreating
      it. You can achieve the same result by closing it manually
      - `@dependabot show <dependency name> ignore conditions` will show all
      of the ignore conditions of the specified dependency
      - `@dependabot ignore this major version` will close this PR and stop
      Dependabot creating any more for this major version (unless you reopen
      the PR or upgrade to it yourself)
      - `@dependabot ignore this minor version` will close this PR and stop
      Dependabot creating any more for this minor version (unless you reopen
      the PR or upgrade to it yourself)
      - `@dependabot ignore this dependency` will close this PR and stop
      Dependabot creating any more for this dependency (unless you reopen the
      PR or upgrade to it yourself)
      
      
      </details>
      
      Signed-off-by: default avatardependabot[bot] <[email protected]>
      Co-authored-by: default avatardependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      81156d03
    • dependabot[bot]'s avatar
      Bump dyn-clone from 1.0.13 to 1.0.16 (#2748) · 657fc2a6
      dependabot[bot] authored
      
      
      Bumps [dyn-clone](https://github.com/dtolnay/dyn-clone) from 1.0.13 to
      1.0.16.
      <details>
      <summary>Release notes</summary>
      <p><em>Sourced from <a
      href="https://github.com/dtolnay/dyn-clone/releases">dyn-clone's
      releases</a>.</em></p>
      <blockquote>
      <h2>1.0.16</h2>
      <ul>
      <li>Documentation improvements</li>
      </ul>
      <h2>1.0.15</h2>
      <ul>
      <li>Documentation improvements</li>
      </ul>
      <h2>1.0.14</h2>
      <ul>
      <li>Documentation improvements</li>
      </ul>
      </blockquote>
      </details>
      <details>
      <summary>Commits</summary>
      <ul>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/f2f0a02f1f7190048153e5ea8f554db7377a50a9"><code>f2f0a02</code></a>
      Release 1.0.16</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/7e5037b8242739a52e36bff94d405caede2cace8"><code>7e5037b</code></a>
      Fix crate name in html_root_url</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/e84a6e10e7185e4d050ccf466098486983b60539"><code>e84a6e1</code></a>
      Release 1.0.15</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/453e078f525aaf1afbfa17a101d166ca0061bcbe"><code>453e078</code></a>
      Fix documentation on no-std targets</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/4bcfc07bec99e002de32285bc09bc73c6a679b66"><code>4bcfc07</code></a>
      Let rustdoc see std crate</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/8bd3355c1e7607e8aa9424b39acfc080e671b32d"><code>8bd3355</code></a>
      Allow rustdoc to take care of intra-doc links</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/638fa8b1b9ca3ffd10a84cee3ca0310f10b85c5b"><code>638fa8b</code></a>
      Remove 'remember to update' reminder from Cargo.toml</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/2e6b761113dba45bcf765e6753a8a55279220750"><code>2e6b761</code></a>
      Test docs.rs documentation build in CI</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/cee99471c46f9f512640aa03c680a547ac72c22c"><code>cee9947</code></a>
      Release 1.0.14</li>
      <li><a
      href="https://github.com/dtolnay/dyn-clone/commit/7b6a70759714b5cb55ac4b763636527acb6ab2c3"><code>7b6a707</code></a>
      Delete dyn-clonable link</li>
      <li>Additional commits viewable in <a
      href="https://github.com/dtolnay/dyn-clone/compare/1.0.13...1.0.16">compare
      view</a></li>
      </ul>
      </details>
      <br />
      
      
      [![Dependabot compatibility
      score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dyn-clone&package-manager=cargo&previous-version=1.0.13&new-version=1.0.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
      
      Dependabot will resolve any conflicts with this PR as long as you don't
      alter it yourself. You can also trigger a rebase manually by commenting
      `@dependabot rebase`.
      
      [//]: # (dependabot-automerge-start)
      [//]: # (dependabot-automerge-end)
      
      ---
      
      <details>
      <summary>Dependabot commands and options</summary>
      <br />
      
      You can trigger Dependabot actions by commenting on this PR:
      - `@dependabot rebase` will rebase this PR
      - `@dependabot recreate` will recreate this PR, overwriting any edits
      that have been made to it
      - `@dependabot merge` will merge this PR after your CI passes on it
      - `@dependabot squash and merge` will squash and merge this PR after
      your CI passes on it
      - `@dependabot cancel merge` will cancel a previously requested merge
      and block automerging
      - `@dependabot reopen` will reopen this PR if it is closed
      - `@dependabot close` will close this PR and stop Dependabot recreating
      it. You can achieve the same result by closing it manually
      - `@dependabot show <dependency name> ignore conditions` will show all
      of the ignore conditions of the specified dependency
      - `@dependabot ignore <dependency name> major version` will close this
      group update PR and stop Dependabot creating any more for the specific
      dependency's major version (unless you unignore this specific
      dependency's major version or upgrade to it yourself)
      - `@dependabot ignore <dependency name> minor version` will close this
      group update PR and stop Dependabot creating any more for the specific
      dependency's minor version (unless you unignore this specific
      dependency's minor version or upgrade to it yourself)
      - `@dependabot ignore <dependency name>` will close this group update PR
      and stop Dependabot creating any more for the specific dependency
      (unless you unignore this specific dependency or upgrade to it yourself)
      - `@dependabot unignore <dependency name>` will remove all of the ignore
      conditions of the specified dependency
      - `@dependabot unignore <dependency name> <ignore condition>` will
      remove the ignore condition of the specified dependency and ignore
      conditions
      
      
      </details>
      
      Signed-off-by: default avatardependabot[bot] <[email protected]>
      Co-authored-by: default avatardependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      657fc2a6
    • Andrei Eres's avatar
      subsystem benchmarks: add cpu profiling (#2734) · 526c81b1
      Andrei Eres authored
      
      
      Ready-to-merge version of
      https://github.com/paritytech/polkadot-sdk/pull/2601
      
      - Added optional CPU profiling
      - Updated instructions how to set up Prometheus, Pyroscope and Graphana
      - Added a flamegraph dashboard
      <img width="1470" alt="image"
      src="https://github.com/paritytech/polkadot-sdk/assets/27277055/c8f3b33d-3c01-4ec0-ac34-72d52325b6e6">
      
      ---------
      
      Co-authored-by: default avatarordian <[email protected]>
      526c81b1
  5. Dec 18, 2023
    • Alexander Samusev's avatar
      [ci] Fix node-bench-regression-guard job (#2732) · f93f461a
      Alexander Samusev authored
      After GitLab update it started to remove artifacts from master if PR has
      more than 20 commits. PR fixes this for `node-bench-regression-guard`
      job
      
      cc https://github.com/paritytech/ci_cd/issues/915
      f93f461a
    • Serban Iorga's avatar
      BEEFY: expect_validator_set() small fix (#2737) · ebe2aad6
      Serban Iorga authored
      Follow-up on https://github.com/paritytech/polkadot-sdk/pull/2716
      
      Sorry, small miss
      ebe2aad6
    • Branislav Kontur's avatar
      Bridges subtree update (#2736) · 792e3743
      Branislav Kontur authored
      792e3743
    • Branislav Kontur's avatar
      Relaxed clippy fixes/nits (#2661) · d941784b
      Branislav Kontur authored
      
      
      This PR contains just a few clippy fixes and nits, which are, however,
      relaxed by workspace clippy settings here:
      https://github.com/paritytech/polkadot-sdk/blob/master/Cargo.toml#L483-L506
      
      ---------
      
      Co-authored-by: default avatarDmitry Sinyavin <[email protected]>
      Co-authored-by: default avatarordian <[email protected]>
      Co-authored-by: command-bot <>
      Co-authored-by: default avatarBastian Köcher <[email protected]>
      d941784b
    • dependabot[bot]'s avatar
      Bump async-trait from 0.1.73 to 0.1.74 (#2730) · a250652b
      dependabot[bot] authored
      
      
      Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.73
      to 0.1.74.
      <details>
      <summary>Release notes</summary>
      <p><em>Sourced from <a
      href="https://github.com/dtolnay/async-trait/releases">async-trait's
      releases</a>.</em></p>
      <blockquote>
      <h2>0.1.74</h2>
      <ul>
      <li>Documentation improvements</li>
      </ul>
      </blockquote>
      </details>
      <details>
      <summary>Commits</summary>
      <ul>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/265979b07a9af573e1edd3b2a9b179533cfa7a6c"><code>265979b</code></a>
      Release 0.1.74</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/5e677097d2e67f7a5c5e3023e2f3b99b36a9e132"><code>5e67709</code></a>
      Fix doc test when async fn in trait is natively supported</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/ef144aed28b636eb65759505b2323afc4c753fbe"><code>ef144ae</code></a>
      Update ui test suite to nightly-2023-10-15</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/9398a28d6fc977ccf8c286bd85b4b87a883f92ac"><code>9398a28</code></a>
      Test docs.rs documentation build in CI</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/8737173dafa371e5e9e491d736513be1baf697f4"><code>8737173</code></a>
      Update ui test suite to nightly-2023-09-24</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/5ba643c001a55f70c4a44690e040cdfab873ba56"><code>5ba643c</code></a>
      Test dyn Trait containing async fn</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/247c8e7b0b3ff69c9518ebf93e69fe74d47f17b6"><code>247c8e7</code></a>
      Add ui test testing the recommendation to use async-trait</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/799db66a84834c403860df4a8c0227d8fb7f9d9d"><code>799db66</code></a>
      Update ui test suite to nightly-2023-09-23</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/0e60248011f751d8ccf58219d0a79aacfe9619f1"><code>0e60248</code></a>
      Update actions/checkout@v3 -&gt; v4</li>
      <li><a
      href="https://github.com/dtolnay/async-trait/commit/7fcbc83993d5ef483d048c271a7f6c4ac8c98388"><code>7fcbc83</code></a>
      Update ui test suite to nightly-2023-08-29</li>
      <li>See full diff in <a
      href="https://github.com/dtolnay/async-trait/compare/0.1.73...0.1.74">compare
      view</a></li>
      </ul>
      </details>
      <br />
      
      
      [![Dependabot compatibility
      score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=async-trait&package-manager=cargo&previous-version=0.1.73&new-version=0.1.74)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
      
      Dependabot will resolve any conflicts with this PR as long as you don't
      alter it yourself. You can also trigger a rebase manually by commenting
      `@dependabot rebase`.
      
      [//]: # (dependabot-automerge-start)
      [//]: # (dependabot-automerge-end)
      
      ---
      
      <details>
      <summary>Dependabot commands and options</summary>
      <br />
      
      You can trigger Dependabot actions by commenting on this PR:
      - `@dependabot rebase` will rebase this PR
      - `@dependabot recreate` will recreate this PR, overwriting any edits
      that have been made to it
      - `@dependabot merge` will merge this PR after your CI passes on it
      - `@dependabot squash and merge` will squash and merge this PR after
      your CI passes on it
      - `@dependabot cancel merge` will cancel a previously requested merge
      and block automerging
      - `@dependabot reopen` will reopen this PR if it is closed
      - `@dependabot close` will close this PR and stop Dependabot recreating
      it. You can achieve the same result by closing it manually
      - `@dependabot show <dependency name> ignore conditions` will show all
      of the ignore conditions of the specified dependency
      - `@dependabot ignore <dependency name> major version` will close this
      group update PR and stop Dependabot creating any more for the specific
      dependency's major version (unless you unignore this specific
      dependency's major version or upgrade to it yourself)
      - `@dependabot ignore <dependency name> minor version` will close this
      group update PR and stop Dependabot creating any more for the specific
      dependency's minor version (unless you unignore this specific
      dependency's minor version or upgrade to it yourself)
      - `@dependabot ignore <dependency name>` will close this group update PR
      and stop Dependabot creating any more for the specific dependency
      (unless you unignore this specific dependency or upgrade to it yourself)
      - `@dependabot unignore <dependency name>` will remove all of the ignore
      conditions of the specified dependency
      - `@dependabot unignore <dependency name> <ignore condition>` will
      remove the ignore condition of the specified dependency and ignore
      conditions
      
      
      </details>
      
      Signed-off-by: default avatardependabot[bot] <[email protected]>
      Co-authored-by: default avatardependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      a250652b
  6. Dec 16, 2023
  7. Dec 15, 2023
    • Ankan's avatar
      [NPoS] Remove better solution threshold for unsigned submissions (#2694) · ffb2125f
      Ankan authored
      closes https://github.com/paritytech-secops/srlabs_findings/issues/78.
      
      Removes `BetterUnsignedThreshold` from pallet EPM. This will essentially
      mean any solution submitted by the validator that is strictly better
      than the current queued solution would be accepted.
      
      The reason for having these thresholds is to limit number of solutions
      submitted on-chain. However for unsigned submissions, the number of
      solutions that could be submitted on average is limited even without
      thresholding (calculation shown in the corresponding issue).
      ffb2125f