Bumps [aes-gcm](https://github.com/RustCrypto/AEADs) from 0.10.2 to
0.10.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/7e82b01cd4901f6a35b5153536f11b87f5e4e622"><code>7e82b01</code></a>
aes-gcm v0.10.3 (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/552">#552</a>)</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/b587b27270cc300d39c496a1ab06be80d72ac107"><code>b587b27</code></a>
aes-gcm: avoid exposing plaintext on tag verification failure (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/551">#551</a>)</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/2209bcaa9edc65e9a60498e7ece5b50e66f32ebf"><code>2209bca</code></a>
build(deps): bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/548">#548</a>)</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/035ec25362886735a0f44098f85ba0501a9b4038"><code>035ec25</code></a>
build(deps): bump ascon from 0.3.1 to 0.4.0 (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/545">#545</a>)</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/e94ba5ab9fb2c7f3a18c92fb9dc8df14ac36f06b"><code>e94ba5a</code></a>
xsalsa20poly1305: remove source code (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/543">#543</a>)</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/31240c1285144aeabef3e80eb9a1b4137dc2b43f"><code>31240c1</code></a>
Update Cargo.lock</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/40240c4a852df21048830de4eed4782c0fbddaef"><code>40240c4</code></a>
Update Cargo.lock</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/be4ea6fd3bcc1c8a5a23974a43e0fc35104d8cba"><code>be4ea6f</code></a>
Update Cargo.lock</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/2aef39e90d39c247cc89ccc31628468c9a9f60de"><code>2aef39e</code></a>
Update Clippy version (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/534">#534</a>)</li>
<li><a
href="https://github.com/RustCrypto/AEADs/commit/50710da0cbd47a4614b6d37119877f206c207e95"><code>50710da</code></a>
Update Cargo.lock</li>
<li>Additional commits viewable in <a
href="https://github.com/RustCrypto/AEADs/compare/aes-gcm-v0.10.2...aes-gcm-v0.10.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aes-gcm&package-manager=cargo&previous-version=0.10.2&new-version=0.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/paritytech/polkadot-sdk/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

in-progress PR adding new tests and solving bugs

---------

Co-authored-by: Bradley Olson <[email protected]>
Co-authored-by: eskimor <[email protected]>
Co-authored-by: eskimor <[email protected]>
Co-authored-by: Andrei Sandu <[email protected]>

This PR addresses several minor issues:
- Fixes the symlink for `asset-hub-rococo.json` chainspec.
- Corrects the `asset-hub-rococo-genesis` invulnerables setup.
- Relocates common bash functions for bridge testing to a separate file
`bridges_common.sh`.

This reverts https://github.com/paritytech/polkadot-sdk/pull/1812 until
we know why it causes syncing issues reported in
https://github.com/subspace/subspace/issues/2122.

The `xcm` crate was renamed to `staging-xcm` to be able to publish it to
crates.io as someone as squatted `xcm`. The problem with this rename is
that the `TypeInfo` includes the crate name which ultimately lands in
the metadata. The metadata is consumed by downstream users like
`polkadot-js` or people building on top of `polkadot-js`. These people
are using the entire `path` to find the type in the type registry. Thus,
their code would break as the type path would now be [`staging_xcm`,
`VersionedXcm`] instead of [`xcm`, `VersionedXcm`]. This pull request
fixes this by renaming the path segment `staging_xcm` to `xcm`.

This requires: https://github.com/paritytech/scale-info/pull/197

---------

Co-authored-by: Francisco Aguirre <[email protected]>

Removed some debug logs

Use a more secure seed for hashsets of cache.

Until now prometheus metrics were not exposed by the minimal relay chain
node.
Also slight cleanups.

The validators are checking if async backing is enabled by checking the
version of the runtime api. If the runtime api is upgraded by a runtime
upgrade, the validators start to also enable the async backing logic.
However, just because async backing is enabled, it doesn't mean that all
collators and parachain runtimes have upgraded. This pull request fixes
an issue about advertising collations to the relay chain when it has
async backing enabled, but the collator is still using the old
networking protocol. The implementation is actually backwards compatible
as we can not expect that everyone directly upgrades. However, the
collation advertisement logic was requiring V2 networking messages after
async backing was enabled, which was wrong. This is now fixed by this
pull request.

Closes: https://github.com/paritytech/polkadot-sdk/issues/1923

---------

Co-authored-by: eskimor <[email protected]>

This PR prevents failures until #1946 is merged.

Just adding a prdoc for
https://github.com/paritytech/polkadot-sdk/pull/1913

---------

Co-authored-by: Adrian Catangiu <[email protected]>

Includes:
-  PoC for new `spot instance` infra for jobs.
- Fixes in test-runner/cli

Changes:
- Use a sensible limit for the overweight-cutoff of a single messages
instead of the full configured `ServiceWeight`.
- Add/Update tests

---------

Signed-off-by: Oliver Tale-Yazdi <[email protected]>

When launching our [small
network](https://github.com/paritytech/polkadot-sdk/blob/master/cumulus/zombienet/examples/small_network.toml)
for testing the node was crashing here shortly after launch:

https://github.com/paritytech/polkadot-sdk/blob/5cdd819e/polkadot/node/collation-generation/src/lib.rs#L140

After changes in #1788 for the asset hub collator we are waiting for
blocks of the shell runtime to pass before we initialize aura. However,
this means that we attempted to initialize the collation related relay
chain subsystems twice, leading to the error.

I modified Aura to let it optionally take an already initialized stream
of collation requests.

`cargo install` takes a long time in CI. We want to run it relatively
frequently without chewing through so much compute (see
https://github.com/paritytech/ci_cd/issues/771) so I added automatic
binary releases to the try-runtime-cli repo.

A small added benefit is we can use it in our existing
`on-runtime-upgrade` checks, which should cut their execution time by
about half.

closes: https://github.com/paritytech/devops/issues/2090

## Changes
1. Updated the list of bootnodes.
2. Merged the Connect node and bootnode into a single node.
3. Decreased the number of nodes.
4. Updated the DNS name.

## Description
The initial 8 bootnodes were planned to be replaced by community
bootnodes, the community node was added but we did not bother to reduce
the Parity managed bootnodes. Fixing it now.

Combination of paritytech/polkadot#7005, its addon PR
paritytech/polkadot#7585 and its companion paritytech/cumulus#2433.

This PR introduces a new XcmFeesToAccount struct which implements the
`FeeManager` trait, and assigns this struct as the `FeeManager` in the
XCM config for all runtimes.

The struct simply deposits all fees handled by the XCM executor to a
specified account. In all runtimes, the specified account is configured
as the treasury account.

XCM __delivery__ fees are now being introduced (unless the root origin
is sending a message to a system parachain on behalf of the originating
chain).

# Note for reviewers

Most file changes are tests that had to be modified to account for the
new fees.
Main changes are in:
- cumulus/pallets/xcmp-queue/src/lib.rs <- To make it track the delivery
fees exponential factor
- polkadot/xcm/xcm-builder/src/fee_handling.rs <- Added. Has the
FeeManager implementation
- All runtime xcm_config files <- To add the FeeManager to the XCM
configuration

# Important note

After this change, instructions that create and send a new XCM (Query*,
Report*, ExportMessage, InitiateReserveWithdraw, InitiateTeleport,
DepositReserveAsset, TransferReserveAsset, LockAsset and RequestUnlock)
will require the corresponding origin account in the origin register to
pay for transport delivery fees, and the onward message will fail to be
sent if the origin account does not have the required amount. This
delivery fee is on top of what we already collect as tx fees in
pallet-xcm and XCM BuyExecution fees!

Wallet UIs that want to expose the new delivery fee can do so using the
formula:

```
delivery_fee_factor * (base_fee + encoded_msg_len * per_byte_fee)
```

where the delivery fee factor can be obtained from the corresponding
pallet based on which transport you are using (UMP, HRMP or bridges),
the base fee is a constant, the encoded message length from the message
itself and the per byte fee is the same as the configured per byte fee
for txs (i.e. `TransactionByteFee`).

---------

Co-authored-by: Branislav Kontur <[email protected]>
Co-authored-by: joe petrowski <[email protected]>
Co-authored-by: Giles Cope <[email protected]>
Co-authored-by: command-bot <>
Co-authored-by: Francisco Aguirre <[email protected]>
Co-authored-by: Liam Aharon <[email protected]>
Co-authored-by: Kian Paimani <[email protected]>

Upgraded to version 2.1.0 which has paritytech/review-bot#94, a change
in the logic of the action to overcome some problems with permissions
coming from PRs from forks

For this, we needed to divide the actions into two files:
- A first action that triggers on PRs and reviews and uploads the PR
number.
- A second action which is triggered under the completion of the first
one and runs as the action normally runs (but won't have any problems
regarding permissions because it is triggered from the master branch)

I have added some Traits that are missing and are useful for dealing
with non-fungible tokens on other pallets and their implementations for
NFTs pallet.

- In the Mutate trait, added methods for dealing with the metadata:
`set_metadata`, `set_collection_metadata`, `clear_metadata` and
`clear_collection_metadata`.
The motivation of adding this methods coming from a StackExchange
question asking for it: [Setting metadata of an item of the Nfts pallet
in a custom
pallet](https://substrate.stackexchange.com/questions/9974/setting-metadata-of-an-item-of-the-nfts-pallet-in-a-custom-pallet)

- A Trait for trading non-fungible items. The methods in that Trait are
`buy_item`, `set_price` and `item_price`
An example of where this Trait can be useful is a pallet that deals with
[NFT
Royalties](https://forum.polkadot.network/t/nfts-royalty-pallet/3766)
and needs to perform this actions.

---------

Co-authored-by: Jegor Sidorenko <[email protected]>

Adds descriptions needed for publishing to crates.io.

Follow up of #1892, this PR now switches the env for release related
workflows from `master` to `release`.

Bumps [paritytech/review-bot](https://github.com/paritytech/review-bot) from 2.0.1 to 2.1.0.

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1.

Fellowship companion:
https://github.com/polkadot-fellows/runtimes/pull/65

This starts the BEEFY client by default for Polkadot nodes.

Governance/sudo call is later required to enable/start consensus.

Part of https://github.com/paritytech/parity-bridges-common/issues/2420

cumulus: add asset-hub-rococo runtime based on asset-hub-kusama and add asset-bridging support to it (#1215)

This commit adds Rococo Asset Hub dedicated runtime so we can test new
features here, before merging them in Kusama Asset Hub.
Also adds one such feature: asset transfer over bridge (Rococo AssetHub
<> Wococo AssetHub)

- clone `asset-hub-kusama-runtime` -> `asset-hub-rococo-runtime`
- make it use Rococo primitives, names, assets, constants, etc
- add asset-transfer-over-bridge support to Rococo AssetHub <> Wococo
AssetHub

Fixes #1128

---------

Co-authored-by: Branislav Kontur <[email protected]>
Co-authored-by: joe petrowski <[email protected]>
Co-authored-by: Francisco Aguirre <[email protected]>

Remove `publish = false` to publish the crate

Adds descriptions needed for publishing bridges crates to crates.io.

see https://forum.parity.io/t/crates-need-descriptions/2115

Signed-off-by: Adrian Catangiu <[email protected]>

Closes https://github.com/paritytech/polkadot-sdk/issues/1916

Changes:
- Trivially wrap the migration into a version migration to enforce
idempotency.
- Opinionated logging nits

@liamaharon maybe we can add a check to the `try-runtime-cli` that
migrations are idempotent? It should be possible to check that the
storage root is identical after executing a second time (and that it
does not panic like it did here 😆

).

---------

Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Co-authored-by: Liam Aharon <[email protected]>
Co-authored-by: Francisco Aguirre <[email protected]>

Partially addresses #1638

Still need a better solution to allow devs to have better control of
this.

---------

Co-authored-by: Keith Yeung <[email protected]>
Co-authored-by: joe petrowski <[email protected]>

Co-authored-by: Mira Ressel <[email protected]>

These two jobs are now required by github branch protection settings.

Slightly less verbose use of fungible(s).

---------

Co-authored-by: Liam Aharon <[email protected]>

## Summary

This PR introduces several enhancements.

The current implementation of `NetworkExportTable` lacks remote location
filtering support beyond `NetworkId` lookup. To provide more control and
granularity, it's essential to allow configuration for bridging to
different consensus `NetworkId` while restricting access e.g. to
particular remote parachains.

Additionally, the `StartsWith` and `Equals` and
`StartsWithExplicitGlobalConsensus` helper functions, which are in
active use, are moved to the `xcm-builder` and `frame_support` modules
for better code organization.

Adds a new `LocationWithAssetFilters` filter to enable location-based
and asset-related filtering. This filter is useful for configuring the
`pallet_xcm` filter for
[XcmTeleportFilter](https://github.com/paritytech/polkadot-sdk/blob/master/polkadot/xcm/pallet-xcm/src/lib.rs#L212)
and
[XcmReserveTransferFilter](https://github.com/paritytech/polkadot-sdk/blob/master/polkadot/xcm/pallet-xcm/src/lib.rs#L216)
to restrict specific assets.

Furthermore, the `BridgeMessage` fields are not accessible outside of
`xcm-builder`, limiting the ability to create custom logic dependent on
it.

---------

Co-authored-by: Francisco Aguirre <[email protected]>

Just making a few hidden imports cleaner and hidden in docs.

---------

Co-authored-by: Keith Yeung <[email protected]>

Allow Locks/Holds/Reserves/Freezes by default when using `pallet_balances` `TestDefaultConfig` (#1880)

Allow Locks/Holds/Reserves/Freezes by default when using
`pallet_balances` `TestDefaultConfig`.

Changes:
- Add missing crate to the workspace
- Remove versions from local dependency links

Maybe it is finally worth it to add this scrip to the CI to find these
things earlier:
[check-deps.py](https://github.com/ggwpez/substrate-scripts/blob/master/import-runtime-repos/check-deps.py).

@paritytech/ci what would be the best location for that check?  
It takes only a second to run, so maybe we can squeeze it into one of
the existing checks?
Otherwise creating a new GH workflow feels a bit wasteful... maybe i can
group it with https://github.com/paritytech/polkadot-sdk/pull/1831

---------

Signed-off-by: Oliver Tale-Yazdi <[email protected]>

Make System Parachain trusted Teleporters of each other.

Migration of https://github.com/paritytech/cumulus/pull/2842

---------

Co-authored-by: command-bot <>
Co-authored-by: joe petrowski <[email protected]>

This PR adds a missing env to allow publishing the Docker image.

Introduces an `extract` amount method for `fungible/s` `Imbalance`.