Merge branch 'tsv-disabling' into ao-disabling-statement-distribution

* tsv-disabling: (39 commits)
  Handling of disabled validators in backing subsystem (#1259)
  Switch trie cache random seed (#1935)
  Expose prometheus metrics for minimal-relay-chain node in collators (#1942)
  Do not force collators to update after enabling async backing (#1920)
  Pin PRDoc image to v0.0.5 until we are ready for v0.0.6 (#1947)
  [prdoc] Start BEEFY gadget by default for Polkadot nodes (#1945)
  Update bridges subtree  (#1944)
  bump zombienet version (#1931)
  [FRAME] Message Queue use proper overweight limit (#1873)
  Cumulus: Allow aura to use initialized collation request receiver (#1911)
  Use prebuilt try-runtime binary in CI (#1898)
  Update kusama/polkadot bootnodes (#1895)
  Introduce XcmFeesToAccount fee manager (#1234)
  upgraded review bot to v2.1.0 (#1908)
  Trading trait and deal with metadata in Mutate trait for nonfungibles_v2 (#1561)
  Add Runtime Missing Crate Descriptions (#1909)
  Switch to the release env (#1910)
  Bump paritytech/review-bot from 2.0.1 to 2.1.0 (#1924)
  Bump actions/checkout from 4.1.0 to 4.1.1 (#1925)
  Start BEEFY client by default for Polkadot nodes (#1913)
  ...

Author: ordian

.cargo/config.toml

@@ -37,3 +37,8 @@ rustflags = [
   "-Aclippy::extra-unused-type-parameters", # stylistic
   "-Aclippy::default_constructed_unit_structs", # stylistic
 ]
+
+[env]
+# Needed for musl builds so user doesn't have to install musl-tools.
+CC_x86_64_unknown_linux_musl = { value = ".cargo/musl-gcc", force = true, relative = true }
+CXX_x86_64_unknown_linux_musl = { value = ".cargo/musl-g++", force = true, relative = true }

.cargo/musl-g++

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Wrapper for building with musl.
+#
+# See comments for musl-gcc in this repo.
+
+g++ "$@"

.cargo/musl-gcc

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Wrapper for building with musl.
+#
+# musl unfortunately requires a musl-enabled C compiler (musl-gcc) to be
+# installed, which can be kind of a pain to get installed depending on the
+# distro. That's not a very good user experience.
+#
+# The real musl-gcc wrapper sets the correct system include paths for linking
+# with musl libc library. Since this is not actually used to link any binaries
+# it should most likely work just fine.
+
+gcc "$@"

.config/lychee.toml

@@ -0,0 +1,50 @@
+# Config file for lychee link checker: <https://github.com/lycheeverse/lychee>
+# Run with `lychee -c .config/lychee.toml ./**/*.rs ./**/*.prdoc`
+
+cache = true
+max_cache_age = "1d"
+max_redirects = 10
+max_retries = 6
+
+# Exclude localhost et.al.
+exclude_all_private = true
+
+# Treat these codes as success condition:
+accept = [
+	# Ok
+	200,
+
+	# Rate limited - GitHub likes to throw this.
+	429
+]
+
+exclude_path = [ "./target" ]
+
+exclude = [
+  # Place holders (no need to fix these):
+  "http://visitme/",
+  "https://visitme/",
+  
+  # TODO <https://github.com/paritytech/polkadot-sdk/issues/134>
+  "https://docs.substrate.io/main-docs/build/custom-rpc/#public-rpcs",
+  "https://docs.substrate.io/rustdocs/latest/sp_api/macro.decl_runtime_apis.html",
+  "https://github.com/ipfs/js-ipfs-bitswap/blob/",
+  "https://github.com/paritytech/polkadot-sdk/substrate/frame/timestamp",
+  "https://github.com/paritytech/substrate/frame/fast-unstake",
+  "https://github.com/zkcrypto/bls12_381/blob/e224ad4ea1babfc582ccd751c2bf128611d10936/src/test-data/mod.rs",
+  "https://polkadot.network/the-path-of-a-parachain-block/",
+  "https://research.web3.foundation/en/latest/polkadot/BABE/Babe/#6-practical-results",
+  "https://research.web3.foundation/en/latest/polkadot/block-production/Babe.html",
+  "https://research.web3.foundation/en/latest/polkadot/block-production/Babe.html#-6.-practical-results",
+  "https://research.web3.foundation/en/latest/polkadot/networking/3-avail-valid.html#topology",
+  "https://research.web3.foundation/en/latest/polkadot/NPoS/3.%20Balancing.html",
+  "https://research.web3.foundation/en/latest/polkadot/overview/2-token-economics.html",
+  "https://research.web3.foundation/en/latest/polkadot/overview/2-token-economics.html#inflation-model",
+  "https://research.web3.foundation/en/latest/polkadot/slashing/npos.html",
+  "https://research.web3.foundation/en/latest/polkadot/Token%20Economics.html#inflation-model",
+  "https://rpc.polkadot.io/",
+  "https://w3f.github.io/parachain-implementers-guide/node/approval/approval-distribution.html",
+  "https://w3f.github.io/parachain-implementers-guide/node/index.html",
+  "https://w3f.github.io/parachain-implementers-guide/protocol-chain-selection.html",
+  "https://w3f.github.io/parachain-implementers-guide/runtime/session_info.html",
+]

.github/workflows/check-licenses.yml

@@ -14,13 +14,13 @@ jobs:
       NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - name: Checkout sources
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - uses: actions/setup-node@v3.8.1
         with:
           node-version: "18.x"
           registry-url: "https://npm.pkg.github.com"
           scope: "@paritytech"
-        
+
       - name: Check the licenses in Polkadot
         run: |
           shopt -s globstar

.github/workflows/check-links.yml

@@ -0,0 +1,40 @@
+name: Check links
+
+on:
+  pull_request:
+    paths:
+      - "*.rs"
+      - "*.prdoc"
+      - ".github/workflows/check-links.yml"
+      - ".config/lychee.toml"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+permissions:
+  packages: read
+
+jobs:
+  link-checker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Restore lychee cache
+        uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 (7. Sep 2023)
+        with:
+          path: .lycheecache
+          key: cache-lychee-${{ github.sha }}
+          # This should restore from the most recent one:
+          restore-keys: cache-lychee-
+
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.0 (22. Sep 2023)
+
+      - name: Lychee link checker
+        uses: lycheeverse/lychee-action@2ac9f030ccdea0033e2510a23a67da2a2da98492 # for v1.8.0 (15. May 2023)
+        with:
+          args: >-
+            --config .config/lychee.toml
+            --no-progress
+            './**/*.rs'
+            './**/*.prdoc'
+          fail: true
+        env:
+          # To bypass GitHub rate-limit:
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/check-markdown.yml

@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout sources
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - uses: actions/setup-node@v3.8.1
         with:

.github/workflows/check-prdoc.yml

@@ -5,7 +5,7 @@ on:
     types: [labeled, opened, synchronize, unlabeled]
 
 env:
-  IMAGE: paritytech/prdoc:latest
+  IMAGE: paritytech/prdoc:v0.0.5
   API_BASE: https://api.github.com/repos
   REPO: ${{ github.repository }}
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -40,7 +40,7 @@ jobs:
 
       - name: Checkout repo
         if: ${{ !contains(steps.get-labels.outputs.labels, 'R0') }}
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 #v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
 
       - name: PRdoc check for PR#${{ github.event.pull_request.number }}
         if: ${{ !contains(steps.get-labels.outputs.labels, 'R0') }}

.github/workflows/fmt-check.yml

@@ -16,7 +16,7 @@ jobs:
     container:
       image: paritytech/ci-unified:bullseye-1.70.0-2023-05-23-v20230706
     steps:
-      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Cargo fmt
         run: cargo +nightly fmt --all -- --check

.github/workflows/release-50_publish-docker.yml

@@ -79,7 +79,7 @@ jobs:
 
     steps:
       - name: Checkout sources
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       #TODO: this step will be needed when automated triggering will work
         #this step runs only if the workflow is triggered automatically when new release is published
@@ -114,10 +114,11 @@ jobs:
     if: ${{ inputs.binary == 'polkadot-parachain' || inputs.image_type == 'rc' }}
     runs-on: ubuntu-latest
     needs: fetch-artifacts
+    environment: release
 
     steps:
       - name: Checkout sources
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Get artifacts from cache
         uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
@@ -237,9 +238,10 @@ jobs:
     if: ${{ inputs.binary == 'polkadot' && inputs.image_type == 'release' }}
     runs-on: ubuntu-latest
     needs: fetch-latest-debian-package-version
+    environment: release
     steps:
       - name: Checkout sources
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0

.github/workflows/review-bot.yml

@@ -1,14 +1,10 @@
-name: Review PR
+name: Review Bot
 on:
-  pull_request_target:
+  workflow_run:
+    workflows:
+      - Review-Trigger
     types:
-      - opened
-      - reopened
-      - synchronize
-      - review_requested
-      - review_request_removed
-      - ready_for_review
-  pull_request_review:
+      - completed
 
 permissions:
   contents: read
@@ -17,15 +13,21 @@ jobs:
   review-approvals:
     runs-on: ubuntu-latest
     steps:
+      - name: Extract content of artifact
+        id: number
+        uses: Bullrich/extract-text-from-artifact@v1.0.0
+        with:
+          artifact-name: pr_number
       - name: Generate token
         id: team_token
         uses: tibdex/github-app-token@v1
         with:
           app_id: ${{ secrets.REVIEW_APP_ID }}
           private_key: ${{ secrets.REVIEW_APP_KEY }}
       - name: "Evaluates PR reviews and assigns reviewers"
-        uses: paritytech/review-bot@v2.0.1
+        uses: paritytech/review-bot@v2.1.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           team-token: ${{ steps.team_token.outputs.token }}
           checks-token: ${{ steps.team_token.outputs.token }}
+          pr-number: ${{ steps.number.outputs.content }}

.github/workflows/review-trigger.yml

@@ -0,0 +1,31 @@
+name: Review-Trigger
+
+on: 
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - review_requested
+      - review_request_removed
+      - ready_for_review
+  pull_request_review:
+
+jobs:
+  trigger-review-bot:
+    runs-on: ubuntu-latest
+    name: trigger review bot
+    steps:
+      - name: Get PR number
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          echo "Saving PR number: $PR_NUMBER"
+          mkdir -p ./pr
+          echo $PR_NUMBER > ./pr/pr_number
+      - uses: actions/upload-artifact@v3
+        name: Save PR number
+        with:
+          name: pr_number
+          path: pr/
+          retention-days: 5

.gitignore

@@ -5,6 +5,7 @@
 .env*
 .idea
 .local
+.lycheecache
 .vscode
 .wasm-binaries
 *.adoc

.gitlab-ci.yml

@@ -30,7 +30,7 @@ variables:
   RUSTY_CACHIER_COMPRESSION_METHOD: zstd
   NEXTEST_FAILURE_OUTPUT: immediate-final
   NEXTEST_SUCCESS_OUTPUT: final
-  ZOMBIENET_IMAGE: "docker.io/paritytech/zombienet:v1.3.69"
+  ZOMBIENET_IMAGE: "docker.io/paritytech/zombienet:v1.3.71"
   DOCKER_IMAGES_VERSION: "${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}"
 
 default:

.gitlab/pipeline/check.yml

@@ -30,7 +30,6 @@ cargo-fmt-manifest:
     - cargo install zepter --locked --version 0.11.0 -q -f --no-default-features && zepter --version
     - echo "👉 Hello developer! If you see this CI check failing then it means that one of the your changes in a Cargo.toml file introduced ill-formatted or unsorted features. Please take a look at 'docs/STYLE_GUIDE.md#manifest-formatting' to find out more."
     - zepter format features --check
-  allow_failure: true # Experimental
 
 # FIXME
 .cargo-deny-licenses:
@@ -113,12 +112,16 @@ test-rust-feature-propagation:
   script:
     - |
       export RUST_LOG=remote-ext=debug,runtime=debug
-      echo "---------- Installing try-runtime-cli ----------"
-      time cargo install --locked --git https://github.com/paritytech/try-runtime-cli --tag v0.3.0
+
+      echo "---------- Downloading try-runtime CLI ----------"
+      curl -sL https://github.com/paritytech/try-runtime-cli/releases/download/v0.3.3/try-runtime-x86_64-unknown-linux-musl -o try-runtime
+      chmod +x ./try-runtime
+
       echo "---------- Building ${PACKAGE} runtime ----------"
       time cargo build --release --locked -p "$PACKAGE" --features try-runtime
+
       echo "---------- Executing `on-runtime-upgrade` for ${NETWORK} ----------"
-      time try-runtime \
+      time ./try-runtime \
           --runtime ./target/release/wbuild/"$PACKAGE"/"$WASM" \
           on-runtime-upgrade --checks=pre-and-post ${EXTRA_ARGS} live --uri ${URI}
 

.gitlab/pipeline/short-benchmarks.yml

@@ -59,6 +59,11 @@ short-benchmark-asset-hub-kusama:
   variables:
     RUNTIME_CHAIN: asset-hub-kusama-dev
 
+short-benchmark-asset-hub-rococo:
+  <<: *short-bench-cumulus
+  variables:
+    RUNTIME_CHAIN: asset-hub-rococo-dev
+
 short-benchmark-asset-hub-westend:
   <<: *short-bench-cumulus
   variables:

.gitlab/pipeline/test.yml

@@ -183,7 +183,6 @@ test-rustdoc:
     SKIP_WASM_BUILD: 1
   script:
     - time cargo doc --workspace --all-features --no-deps
-  allow_failure: true
 
 cargo-check-all-benches:
   stage: test
@@ -504,3 +503,23 @@ cargo-hfuzz:
     - cargo hfuzz build
     - for target in $(cargo read-manifest | jq -r '.targets | .[] | .name'); do
       cargo hfuzz run "$target" || { printf "fuzzing failure for %s\n" "$target"; exit 1; }; done
+
+# cf https://github.com/paritytech/polkadot-sdk/issues/1652
+test-syscalls:
+  stage: test
+  extends:
+    - .docker-env
+    - .common-refs
+    - .run-immediately
+  variables:
+    SKIP_WASM_BUILD: 1
+  script:
+    - cargo build --locked --profile production --target x86_64-unknown-linux-musl --bin polkadot-execute-worker --bin polkadot-prepare-worker
+    - cd polkadot/scripts/list-syscalls
+    - ./list-syscalls.rb ../../../target/x86_64-unknown-linux-musl/production/polkadot-execute-worker --only-used-syscalls | diff -u execute-worker-syscalls -
+    - ./list-syscalls.rb ../../../target/x86_64-unknown-linux-musl/production/polkadot-prepare-worker --only-used-syscalls | diff -u prepare-worker-syscalls -
+  after_script:
+    - if [[ "$CI_JOB_STATUS" == "failed" ]]; then
+        printf "The x86_64 syscalls used by the worker binaries have changed. Please review if this is expected and update polkadot/scripts/list-syscalls/*-worker-syscalls as needed.\n";
+      fi
+  allow_failure: true # TODO: remove this once we have an idea how often the syscall lists will change