🕶 Assorted checks and validations for writing safer Solana programs.

Overview

vipers 😎

Crates.io License Build Status Contributors

Assorted checks and validations for writing safer Solana programs.

Motivation

Solana's fee mechanism is unlike Ethereum's, in that the number of bytecode instructions executed does not add to the cost of a transaction. Due to this, it is wise to design Solana code with excessive safety checks in order to minimize the chance of exploits.

This library provides several utilities for Anchor programs to validate account structs and check for invariants.

Support

For support, join the Saber Discord at chat.saber.so!

License

Apache 2.0

Comments
  • Bump cachix/cachix-action from 10 to 11

    Bump cachix/cachix-action from 10 to 11

    Bumps cachix/cachix-action from 10 to 11.

    Release notes

    Sourced from cachix/cachix-action's releases.

    cachix-action-v11

    • Allow pushFilter regex to start with a dash
    • Add pathsToPush and cachixArgs
    • Avoid pushing .drv.chroot files
    • Self-hosted runner support improvements
    Commits
    • 75d46f5 Merge pull request #123 from cachix/install-globally
    • b65c184 Allow installing cachix globally for self-hosted runners
    • b5a076c Merge pull request #122 from jfroche/feat/update-node
    • 9f3d463 feat: support node.js 16
    • f5f67ba avoid pushing .drv.chroot files
    • bfb6415 Merge pull request #115 from cachix/dependabot/github_actions/cachix/install-...
    • e90ca86 chore(deps): bump cachix/install-nix-action from 16 to 17
    • f1ca312 Merge pull request #110 from cachix/dependabot/github_actions/actions/checkout-3
    • 257f7af Merge pull request #112 from league/fix-typo
    • 06107da Merge pull request #113 from cachix/dependabot/npm_and_yarn/minimist-1.2.6
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump codecov/codecov-action from 2.1.0 to 3

    Bump codecov/codecov-action from 2.1.0 to 3

    Bumps codecov/codecov-action from 2.1.0 to 3.

    Release notes

    Sourced from codecov/codecov-action's releases.

    v3.0.0

    Breaking Changes

    • #689 Bump to node16 and small fixes

    Features

    • #688 Incorporate gcov arguments for the Codecov uploader

    Dependencies

    • #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
    • #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
    • #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
    • #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
    • #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
    • #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
    • #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
    • #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
    • #667 build(deps): bump actions/checkout from 2 to 3
    • #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
    • #683 build(deps): bump minimist from 1.2.5 to 1.2.6
    • #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
    • #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
    • #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
    • #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
    • #675 build(deps): bump openpgp from 5.1.0 to 5.2.1
    Changelog

    Sourced from codecov/codecov-action's changelog.

    3.0.0

    Breaking Changes

    • #689 Bump to node16 and small fixes

    Features

    • #688 Incorporate gcov arguments for the Codecov uploader

    Dependencies

    • #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
    • #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
    • #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
    • #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
    • #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
    • #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
    • #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
    • #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
    • #667 build(deps): bump actions/checkout from 2 to 3
    • #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
    • #683 build(deps): bump minimist from 1.2.5 to 1.2.6
    • #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
    • #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
    • #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
    • #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
    • #675 build(deps): bump openpgp from 5.1.0 to 5.2.1
    Commits
    • e3c5604 Merge pull request #689 from codecov/feat/gcov
    • 174efc5 Update package-lock.json
    • 6243a75 bump to 3.0.0
    • 0d6466f Bump to node16
    • d4729ee fetch.default
    • 351baf6 fix: bash
    • d8cf680 Merge pull request #675 from codecov/dependabot/npm_and_yarn/openpgp-5.2.1
    • b775e90 Merge pull request #676 from codecov/dependabot/npm_and_yarn/actions/exec-1.1.1
    • 2ebc2f0 Merge pull request #682 from codecov/dependabot/npm_and_yarn/typescript-4.6.3
    • 8e2ef2b Merge pull request #681 from codecov/dependabot/npm_and_yarn/types/node-17.0.23
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump anchor-spl from 0.20.1 to 0.21.0

    Bump anchor-spl from 0.20.1 to 0.21.0

    Bumps anchor-spl from 0.20.1 to 0.21.0.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 2
  • Bump spl-associated-token-account from 1.0.3 to 1.0.5

    Bump spl-associated-token-account from 1.0.3 to 1.0.5

    Bumps spl-associated-token-account from 1.0.3 to 1.0.5.

    Release notes

    Sourced from spl-associated-token-account's releases.

    SPL Associated Token Program - v1.0.5

    Summary

    • Restore rent sysvar to create_associated_token_account for backward compatibility

    Verify

    Program verification uses the Anchor command-line interface, which can be installed by following the documentation.

    The verification process builds the program in an Ubuntu container which contains the Solana CLI tools and its dependencies. More information can be found on the verifiable builds documentation.

    From associated-token-account/program, run:

    $ anchor verify --solana-version 1.9.5 -b debian -d ubuntu:20.04 --provider.cluster devnet ATaYDmFSp5AgaJRGUcHeys4uF1wzCroXPeDgT7AcU82L
    

    SPL Associated Token Program - v1.0.4

    Summary of changes

    • Use InitializeAccount3, which does not require the rent sysvar to be explicitly passed in
    • Compatibility with spl-token v3.3.0
    Commits
    • c309e10 Restore rent sysvar to create_associated_token_account
    • 533f767 Revert ATA to spl-token v3.3 (#2796)
    • cc8826a token-2022: plumb program_id through instruction builders (#2792)
    • 3e1dd7c Validate proposal owner for tipped vote (#2793)
    • bc00009 Governance: Realm authority validation (#2787)
    • a98977f token-2022: add more tests (#2783)
    • c03c1fc token-2022: make extension instruction builders consistent with vanilla token...
    • 28e779d Bump thread_local (#2789)
    • 2ae2f5f Governance Chat: Voter weight (#2778)
    • 44b338f Temp. ignore thread_local 1.1.3 security warning (#2788)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump cachix/install-nix-action from 16 to 17

    Bump cachix/install-nix-action from 16 to 17

    Bumps cachix/install-nix-action from 16 to 17.

    Release notes

    Sourced from cachix/install-nix-action's releases.

    install-nix-action-v17

    Commits
    • d64e055 Merge pull request #133 from Artturin/nixciupdate
    • 0d8fd4b workflows/test.yml use macos-latest again and use nix release with
    • d8ecd38 workflows/test.yml: remove trailing whitespaces
    • 8e09c9a Merge pull request #129 from cachix/dependabot/npm_and_yarn/minimist-1.2.6
    • 9cc5350 Merge pull request #124 from cachix/dependabot/github_actions/actions/checkout-3
    • 9d24e62 Merge pull request #130 from ncfavier/user-profile
    • 1f78d39 Merge pull request #132 from lovesegfault/fix-nix-conf-copy
    • 0c1cffe chore(deps): bump actions/checkout from 2.4.0 to 3
    • 106f85d Merge pull request #131 from lovesegfault/curl-quiet
    • 83e7d63 Merge pull request #128 from cachix/fix-ci
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump anchor-spl from 0.22.0 to 0.22.1

    Bump anchor-spl from 0.22.0 to 0.22.1

    Bumps anchor-spl from 0.22.0 to 0.22.1.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump actions/checkout from 2 to 3

    Bump actions/checkout from 2 to 3

    Bumps actions/checkout from 2 to 3.

    Release notes

    Sourced from actions/checkout's releases.

    v3.0.0

    • Update default runtime to node16

    v2.4.0

    • Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

    v2.3.5

    Update dependencies

    v2.3.4

    v2.3.3

    v2.3.2

    Add Third Party License Information to Dist Files

    v2.3.1

    Fix default branch resolution for .wiki and when using SSH

    v2.3.0

    Fallback to the default branch

    v2.2.0

    Fetch all history for all tags and branches when fetch-depth=0

    v2.1.1

    Changes to support GHES (here and here)

    v2.1.0

    Changelog

    Sourced from actions/checkout's changelog.

    Changelog

    v2.3.1

    v2.3.0

    v2.2.0

    v2.1.1

    • Changes to support GHES (here and here)

    v2.1.0

    v2.0.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump anchor-lang from 0.22.0 to 0.22.1

    Bump anchor-lang from 0.22.0 to 0.22.1

    Bumps anchor-lang from 0.22.0 to 0.22.1.

    Release notes

    Sourced from anchor-lang's releases.

    v0.22.1

    For a list of changes in this release, see the Change Log.

    Changelog

    Sourced from anchor-lang's changelog.

    [0.22.1] - 2022-02-28

    Fixes

    • cli: Fix rust template (#1488).
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump anchor-spl from 0.21.0 to 0.22.0

    Bump anchor-spl from 0.21.0 to 0.22.0

    Bumps anchor-spl from 0.21.0 to 0.22.0.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump anchor-lang from 0.21.0 to 0.22.0

    Bump anchor-lang from 0.21.0 to 0.22.0

    Bumps anchor-lang from 0.21.0 to 0.22.0.

    Release notes

    Sourced from anchor-lang's releases.

    v0.22.0

    For a list of changes in this release, see the Change Log.

    Changelog

    Sourced from anchor-lang's changelog.

    [0.22.0] - 2022-02-20

    Features

    • lang: Add check that declared id == program id (#1451).
    • ts: Added float types support (#1425).
    • cli: Add --skip-lint option to disable check linting introduced in (#1452) for rapid prototyping (#1482).

    Fixes

    • ts: Allow nullable types for Option<T> mapped types (#1428).

    Breaking

    • lang: Enforce that the payer for an init-ed account be marked mut (#1271).
    • lang: All error-related code is now in the error module (#1426).
    • lang: Require doc comments when using AccountInfo or UncheckedAccount types (#1452).
    • lang: add error! and err! macro and Result type (#1462). This change will break most programs. Do the following to upgrade:
      • change all ProgramResult's to Result<()>
      • change #[error] to #[error_code]
      • change all Err(MyError::SomeError.into()) to Err(error!(MyError::SomeError)) and all Err(ProgramError::SomeProgramError) to Err(ProgramError::SomeProgramError.into()) or Err(Error::from(ProgramError::SomeProgramError).with_source(source!())) to provide file and line source of the error (with_source is most useful with ProgramErrors. error! already adds source information for custom and anchor internal errors).
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump anchor-lang from 0.20.1 to 0.21.0

    Bump anchor-lang from 0.20.1 to 0.21.0

    Bumps anchor-lang from 0.20.1 to 0.21.0.

    Release notes

    Sourced from anchor-lang's releases.

    v0.21.0

    For a list of changes in this release, see the Change Log.

    Changelog

    Sourced from anchor-lang's changelog.

    [0.21.0] - 2022-02-07

    Fixes

    • ts: Fix the root type declaration of the Wallet / NodeWallet class (#1363).
    • ts: Improve type mapping of Account fields into Typescript with additional support for Option<T> and Vec<String> types (#1393).

    Features

    • lang: Add seeds::program constraint for specifying which program_id to use when deriving PDAs (#1197).
    • lang: Context now has a new bumps: BTree<String, u8> argument, mapping account name to bump seed "found" by the accounts context. This allows one to access bump seeds without having to pass them in from the client or recalculate them in the handler (#1367).
    • lang, ts: Automatically infer PDA addresses (#1331).
    • ts: Remove error logging in the event parser when log websocket encounters a program error (#1313).
    • ts: Add new methods namespace to the program client, introducing a more ergonomic builder API (#1324).
    • ts: Add registry utility for fetching the latest verified build (#1371).
    • cli: Expose the solana-test-validator --account flag in Anchor.toml via [[test.validator.account]] (#1366).
    • cli: Add avm, a tool for managing anchor-cli versions (#1385).

    Breaking

    • lang: Put init_if_needed behind a feature flag to decrease wrong usage (#1258).
    • lang: rename loader_account module to account_loader module (#1279)
    • lang: The Accounts trait's try_accounts method now has an additional bumps: &mut BTreeMap<String, u8> argument, which accumulates bump seeds (#1367).
    • lang: Providing bump = <target> targets with init will now error. On init only, it is required to use bump without a target and access the seed inside function handlers via ctx.bumps.get("<pda-account-name"). For subsequent seeds constraints (without init), it is recommended to store the bump on your account and use it as a bump = <target> target to minimize compute units used (#1380).
    • ts: Coder is now an interface and the existing class has been renamed to BorshCoder. This change allows the generation of Anchor clients for non anchor programs (#1259).
    • cli: [[test.clone]] key in Anchor.toml is renamed to [[test.validator.clone]] (#1366).
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump Swatinem/rust-cache from 1 to 2

    Bump Swatinem/rust-cache from 1 to 2

    Bumps Swatinem/rust-cache from 1 to 2.

    Release notes

    Sourced from Swatinem/rust-cache's releases.

    v2.0.0

    • The action code was refactored to allow for caching multiple workspaces and different target directory layouts.
    • The working-directory and target-dir input options were replaced by a single workspaces option that has the form of $workspace -> $target.
    • Support for considering env-vars as part of the cache key.
    • The sharedKey input option was renamed to shared-key for consistency.

    v1.4.0

    • Clean both debug and release target directories.

    v1.3.0

    • Use Rust toolchain file as additional cache key.
    • Allow for a configurable target-dir.

    v1.2.0

    • Cache ~/.cargo/bin.
    • Support for custom $CARGO_HOME.
    • Add a cache-hit output.
    • Add a new sharedKey option that overrides the automatic job-name based key.

    v1.1.0

    • Add a new working-directory input.
    • Support caching git dependencies.
    • Lots of other improvements.

    v1.0.1

    • Improved logging output.
    • Make sure to consider all-features dependencies when pruning.
    • Work around macOS cache corruption.
    • Remove git-db cache for now.
    Changelog

    Sourced from Swatinem/rust-cache's changelog.

    Changelog

    2.2.0

    • Add new save-if option to always restore, but only conditionally save the cache.

    2.1.0

    • Only hash Cargo.{lock,toml} files in the configured workspace directories.

    2.0.2

    • Avoid calling cargo metadata on pre-cleanup.
    • Added prefix-key, cache-directories and cache-targets options.

    2.0.1

    • Primarily just updating dependencies to fix GitHub deprecation notices.

    2.0.0

    • The action code was refactored to allow for caching multiple workspaces and different target directory layouts.
    • The working-directory and target-dir input options were replaced by a single workspaces option that has the form of $workspace -> $target.
    • Support for considering env-vars as part of the cache key.
    • The sharedKey input option was renamed to shared-key for consistency.

    1.4.0

    • Clean both debug and release target directories.

    1.3.0

    • Use Rust toolchain file as additional cache key.
    • Allow for a configurable target-dir.

    1.2.0

    • Cache ~/.cargo/bin.
    • Support for custom $CARGO_HOME.
    • Add a cache-hit output.
    • Add a new sharedKey option that overrides the automatic job-name based key.

    1.1.0

    • Add a new working-directory input.
    • Support caching git dependencies.
    • Lots of other improvements.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump cachix/cachix-action from 10 to 12

    Bump cachix/cachix-action from 10 to 12

    Bumps cachix/cachix-action from 10 to 12.

    Release notes

    Sourced from cachix/cachix-action's releases.

    cachix-action-v12

    Fix save-state deprecation warning.

    cachix-action-v11

    • Allow pushFilter regex to start with a dash
    • Add pathsToPush and cachixArgs
    • Avoid pushing .drv.chroot files
    • Self-hosted runner support improvements
    Commits
    • 6a9a34c Merge pull request #126 from sigprof/save-state-deprecated
    • 3fea4e0 Use core.saveState instead of raw 'save-state' command
    • d035f0e Merge pull request #124 from cachix/test-install-action-v18
    • 6f2a21d bump install-nix-action
    • 75d46f5 Merge pull request #123 from cachix/install-globally
    • b65c184 Allow installing cachix globally for self-hosted runners
    • b5a076c Merge pull request #122 from jfroche/feat/update-node
    • 9f3d463 feat: support node.js 16
    • f5f67ba avoid pushing .drv.chroot files
    • bfb6415 Merge pull request #115 from cachix/dependabot/github_actions/cachix/install-...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump cachix/install-nix-action from 17 to 18

    Bump cachix/install-nix-action from 17 to 18

    Bumps cachix/install-nix-action from 17 to 18.

    Release notes

    Sourced from cachix/install-nix-action's releases.

    install-nix-action-v18

    • Fix nodejs warnings & simplify maintenance
    • Use python3 when determining number of cores
    • Collapse installer log messages
    Commits
    • daddc62 Merge pull request #144 from cachix/fix-ci
    • 8500bf7 try to fix act test
    • 4024cf0 Merge pull request #143 from ggreif/patch-1
    • 3d1155e readme: don't perpetuate old versions
    • e17a164 fix #140: python -> python3
    • 92d3622 Merge pull request #139 from sigprof/collapse-log-output
    • 6c5ba55 install-nix.sh: Collapse log messages
    • 451e611 Merge pull request #134 from lovesegfault/composite-action
    • 112054f refactor: replace with a simpler composite action
    • 24e801e Merge pull request #123 from cachix/dependabot/github_actions/actions/setup-go-3
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 1
  • Bump spl-token from 3.3.0 to 3.3.1

    Bump spl-token from 3.3.0 to 3.3.1

    Bumps spl-token from 3.3.0 to 3.3.1.

    Commits
    • e0ff9ad Bump spl-token (#3418)
    • 22faa05 check that unpack is tolerant of small sizes (#3416)
    • c986098 token-2022: merge instruction data for confidential Transfer and TransferWith...
    • 8f75f59 stake-pool-py: Clean up dependencies (#3412)
    • 8f74ba5 token-cli: Run fewer tests at once (#3414)
    • 5d8cb55 lending: Add instruction for changing reserve configuration after initializat...
    • 271d235 Confidential transfer encryption doc (#3399)
    • 674b0ac token-cli: Add token-client dependency for token-2022 support (#3386)
    • 80b8ff3 token-cli: Run tests in batches (#3396)
    • 3a7914c stake-pool-py: Fix tests for Solana 1.10.33 (#3395)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump num-traits from 0.2.14 to 0.2.15

    Bump num-traits from 0.2.14 to 0.2.15

    Bumps num-traits from 0.2.14 to 0.2.15.

    Changelog

    Sourced from num-traits's changelog.

    Release 0.2.15 (2022-05-02)

    Contributors: @​alion02, @​clarfonthey, @​cuviper, @​ElectronicRU, @​ibraheemdev, @​SparrowLii, @​sshilovsky, @​tspiteri, @​XAMPPRocky, @​Xiretza

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
Owner
Saber
Stable swapping between stablecoins and other identical assets
Saber
Checks Crusader Kings 3 user mod files for common mistakes and warns about them.

ck3-tiger Pounces on bugs. Checks Crusader Kings 3 user mod files for common mistakes and warns about them. For example: missing localizations, or usi

Richard Braakman 8 Jan 5, 2023
Recipes for avoiding bounds checks in Rust, without unsafe!

Recipes for avoiding bounds checks in Rust This repository showcases various approaches to avoiding bounds checks in Rust code, without unsafe code. E

Sergey 4 Dec 13, 2022
Visualization for Timely Dataflow and Differential Dataflow programs

DDShow Visualization for Timely Dataflow and Differential Dataflow programs Getting started with ddshow First, install ddshow via cargo. As of now dds

Chase Wilson 61 Nov 25, 2022
Cogo is a high-performance library for programming stackful coroutines with which you can easily develop and maintain massive concurrent programs.

Cogo is a high-performance library for programming stackful coroutines with which you can easily develop and maintain massive concurrent programs.

co-rs 47 Nov 17, 2022
Rust library for compiling and running other programs.

Exers ?? Exers is a rust library for compiling and running code in different languages and runtimes. Usage example fn main() { // Imports...

olix3001 5 Jun 10, 2023
Rust programs written entirely in Rust

mustang Programs written entirely in Rust Mustang is a system for building programs built entirely in Rust, meaning they do not depend on any part of

Dan Gohman 561 Dec 26, 2022
Complete code for the larger example programs from the book.

Code Examples for Programming Rust This repository contains complete code for the larger example programs from the book “Programming Rust”, by Jim Bla

Programming Rust 670 Jan 1, 2023
Small programs written in Rust. Warm up for the upcoming Selenium Manager

Rust Examples This repository contains several example programs written in Rust. Selenium Manager These examples are used as warm up for the upcoming

Boni García 5 Dec 30, 2022
A additional Rust compiler pass to detect memory safe bugs of Rust programs.

SafeDrop A additional Rust compiler pass to detect memory safe bugs of Rust programs. SafeDrop performs path-sensitive and field-sensitive inter-proce

Artisan-Lab  (Fn*) 5 Nov 25, 2022
Gain intuition about the goings-on of your multithreaded/multicomponent programs

Intuition: a super simple profiler with a terminal ui based on tui-rs. Gain intuition about the goings-on of your multithreaded/multicomponent program

GenesysGo 9 Mar 2, 2023
:crab: Small exercises to get you used to reading and writing Rust code!

rustlings ?? ❤️ Greetings and welcome to rustlings. This project contains small exercises to get you used to reading and writing Rust code. This inclu

The Rust Programming Language 33.1k Jan 2, 2023
S-expression parsing and writing in Rust

rsexp S-expression parsing and writing in Rust using nom parser combinators. This implemantion aims at being compatible with OCaml's sexplib. The main

Laurent Mazare 12 Oct 18, 2022
This project contains small exercises to get you used to reading and writing Rust code

rustlings ?? ❤️ Greetings and welcome to rustlings. This project contains small exercises to get you used to reading and writing Rust code. This inclu

Cynthia Tran 1 May 24, 2022
Thread-safe clone-on-write container for fast concurrent writing and reading.

sync_cow Thread-safe clone-on-write container for fast concurrent writing and reading. SyncCow is a container for concurrent writing and reading of da

null 40 Jan 16, 2023
A simple heads or tails (cross and pile) on Solana

cross-pile (Coin flip) A heads or tails (cross and pile) on Solana. It's meant to serve as an example of how to use solrand, a randomness Oracle: http

Evan Marshall 22 Nov 19, 2022
A Rust macro for writing nested loop expressions

loop_chain A Rust macro for writing nested loop expressions Usage | Examples | Docs Dependencies [dependencies] loop_chain = "0.1.1" Usage For express

Takayuki Maeda 5 Jul 30, 2021
Take your first step in writing a compiler. Implemented in Rust.

first-step-rust Take your first step in writing a compiler, using Rust. Building from Source Make sure the Rust toolchain is installed on your compute

PKU Compiler Course 13 Aug 28, 2022
Writing Interpreters in Rust: a Guide

Writing Interpreters in Rust: a Guide This is an online book covering the lower level topics involved in writing an interpreter in Rust including: mem

Languages Hosted in Rust Working Groups 254 Jan 5, 2023
Learn Rust by writing Entirely Too Many linked lists

Learn Rust by writing Entirely Too Many Linked Lists Read the pretty version at https://rust-unofficial.github.io/too-many-lists/. Building Building r

null 2.4k Jan 3, 2023