Skip to content

v0.18.2

Latest
Latest

Choose a tag to compare

View all tags
@Lythaeon Lythaeon released this 10 Apr 22:34
· 53 commits to main since this release
v0.18.2
f75fd2d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Additions

  • Added the new internal sof-support crate to centralize shared timing, parsing, retry, and bound-check helpers reused across runtime, provider, and transaction paths.
  • Added vendored helius-laserstream integration and shared transport helper plumbing so the provider-grpc feature set remains buildable and controlled on the 0.18.2 line.
  • Added follow-up regression and CI coverage for extension validation, derived-state persistence bounds, websocket replay/ack handling, publishable archive verification, and the fuzz-smoke matrix.

Improvements

  • Improved extension-host startup safety by rejecting impossible observer-ingress/shared/dead subscription combinations, invalid websocket resource URLs, zero or oversized read buffers, and zero startup or shutdown timeouts before runtime.
  • Improved derived-state persistence correctness by bounding checkpoint loads and writes plus replay-record writes so oversized persisted artifacts fail early instead of poisoning recovery.
  • Improved websocket, gRPC, and transaction transport robustness with non-zero timeout clamping, bounded request and response bodies, redirect rejection on hardened HTTP paths, bounded connect and subscription-ack waits, and reconnect-loop protection.
  • Improved internal runtime, ingest, repair, relay, verify, shred, and provider paths by reducing clone/setup churn, consolidating helper logic, and tightening invariants without changing the public feature surface.
  • Improved release verification by fixing publishable archive validation to include sof-support and keeping the fuzz-smoke matrix green after the FEC packet ownership change.

Versioning / Docs

  • Bumped sof-gossip-tuning, sof, sof-tx, sof-types, sof-solana-compat, and sof-support to 0.18.2.
  • Refreshed the root workspace lockfile for the 0.18.2 release line.
  • Updated observer and sof-tx README dependency snippets plus affected install/docs references for 0.18.2.
  • Updated the architecture/runtime-extension docs touched by the hardening work.

Notes

  • v0.18.2 is a patch release on top of v0.18.1 focused on production hardening, invariant tightening, internal cleanup, and release readiness rather than new user-facing features.
  • Compared with v0.18.1, this release introduces exactly:
    • startup-time validation for invalid extension and resource configs that previously failed late or silently dropped work
    • bounded derived-state persistence and replay edges
    • stricter websocket, gRPC, and HTTP transport timeout, body-limit, and redirect handling
    • shared internal support helpers plus provider transport cleanup through the new sof-support crate and vendored LaserStream integration
    • follow-up release verification fixes for publishable archives and fuzz-smoke CI
  • Important behavior callouts in this release:
    • this release does not add new public SOF runtime APIs or new feature families
    • invalid extension or provider configs that were previously accepted may now fail immediately at startup
    • zero-valued timeout configs across hardened paths are clamped to safe non-zero behavior instead of being allowed to stall or spin
    • remaining cargo audit findings are still upstream in the Solana/Agave dependency chain and were not introduced by this release
  • Validation across the released work included:
    • cargo make ci
    • bash scripts/verify-publishable-archives.sh
    • cargo make fuzz-smoke
    • cargo audit --quiet
Assets 2
Loading