diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 07da891c..88b498b0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,12 +13,12 @@ name: "CodeQL" on: push: - branches: [ "master" ] + branches: ["master"] pull_request: # The branches below must be a subset of the branches above - branches: [ "master" ] + branches: ["master"] schedule: - - cron: '30 17 * * 1' + - cron: "30 17 * * 1" jobs: analyze: @@ -32,43 +32,42 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'go' ] + language: ["go"] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: - - name: Checkout repository - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@v3 - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index b0dedc42..076688eb 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -4,7 +4,7 @@ # # Source repository: https://github.com/actions/dependency-review-action # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement -name: 'Dependency Review' +name: "Dependency Review" on: [pull_request] permissions: @@ -14,7 +14,7 @@ jobs: dependency-review: runs-on: ubuntu-latest steps: - - name: 'Checkout Repository' + - name: "Checkout Repository" uses: actions/checkout@v3 - - name: 'Dependency Review' + - name: "Dependency Review" uses: actions/dependency-review-action@v3 diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index ea959b8b..2a670357 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -1,46 +1,52 @@ -name: Go lint and test +name: Lint & test on: push: - branches: [ master ] + branches: [master] pull_request: - branches: [ master ] - workflow_dispatch: + branches: [master] + workflow_dispatch: jobs: build: - runs-on: self-hosted + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 - - name: Set up Go - uses: actions/setup-go@v4 - with: - go-version: 1.18 - - name: Build - run: go build -v ./... + - uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: 1.22 + - name: Build + run: go build -v ./... - lint: - runs-on: self-hosted + golangci: + name: lint + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Set up Go - uses: actions/setup-go@v2 - with: - go-version: 1.18 - - name: Download golangci-lint - run: wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s latest - - name: Lint - run: ./bin/golangci-lint run - - name: Vet - run: go vet - + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version: 1.22 + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 + with: + version: v1.60 + - name: Vet + run: go vet + test: - runs-on: self-hosted + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v2 - - name: Set up Go - uses: actions/setup-go@v2 - with: - go-version: 1.18 - - name: Test - run: go test -v -race ./... + - uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: 1.22 + - name: Test + run: go test -v -race ./... -timeout=15m diff --git a/go.mod b/go.mod index 088ca77e..b7109a54 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/ethereum/go-verkle -go 1.19 +go 1.22 require ( github.com/crate-crypto/go-ipa v0.0.0-20240223125850-b1e8a79f509c diff --git a/proof_ipa.go b/proof_ipa.go index e5401630..c1f20815 100644 --- a/proof_ipa.go +++ b/proof_ipa.go @@ -565,7 +565,9 @@ func Verify(vp *VerkleProof, preStateRoot []byte, postStateRoot []byte, statedif } rootC := new(Point) - rootC.SetBytes(preStateRoot) + if err := rootC.SetBytes(preStateRoot); err != nil { + return fmt.Errorf("error setting prestate root: %w", err) + } pretree, err := PreStateTreeFromProof(proof, rootC) if err != nil { return fmt.Errorf("error rebuilding the pre-tree from proof: %w", err) diff --git a/tree_test.go b/tree_test.go index 26e90627..0aace884 100644 --- a/tree_test.go +++ b/tree_test.go @@ -33,7 +33,8 @@ import ( "errors" "fmt" "io" - mRand "math/rand" + mRandV1 "math/rand" + mRand "math/rand/v2" "reflect" "runtime" "sort" @@ -688,8 +689,6 @@ func benchmarkCommitNLeaves(b *testing.B, n int) { } func BenchmarkModifyLeaves(b *testing.B) { - mRand.Seed(time.Now().UnixNano()) // skipcq: GO-S1033 - n := 200000 toEdit := 10000 val := []byte{0} @@ -714,8 +713,7 @@ func BenchmarkModifyLeaves(b *testing.B) { for i := 0; i < b.N; i++ { binary.BigEndian.PutUint32(val, uint32(i)) for j := 0; j < toEdit; j++ { - // skipcq: GSC-G404 - k := keys[mRand.Intn(n)] + k := keys[mRand.IntN(n)] if err := root.Insert(k, val, nil); err != nil { b.Error(err) } @@ -1454,8 +1452,8 @@ func TestBatchMigratedKeyValues(t *testing.T) { for i := 0; i < iterations; i++ { runtime.GC() - // ***Insert the key pairs 'naively' *** - rand := mRand.New(mRand.NewSource(42)) //skipcq: GSC-G404 + // Insert the key pairs 'naively' + rand := mRandV1.New(mRandV1.NewSource(42)) tree := genRandomTree(rand, treeInitialKeyValCount) randomKeyValues := genRandomKeyValues(rand, migrationKeyValueCount) @@ -1471,8 +1469,8 @@ func TestBatchMigratedKeyValues(t *testing.T) { } unbatchedDuration += time.Since(now) - // ***Insert the key pairs with optimized strategy & methods*** - rand = mRand.New(mRand.NewSource(42)) //skipcq: GSC-G404 + // Insert the key pairs with optimized strategy & methods + rand = mRandV1.New(mRandV1.NewSource(42)) tree = genRandomTree(rand, treeInitialKeyValCount) randomKeyValues = genRandomKeyValues(rand, migrationKeyValueCount) @@ -1528,7 +1526,7 @@ func TestBatchMigratedKeyValues(t *testing.T) { } } -func genRandomTree(rand *mRand.Rand, keyValueCount int) VerkleNode { +func genRandomTree(rand *mRandV1.Rand, keyValueCount int) VerkleNode { tree := New() for _, kv := range genRandomKeyValues(rand, keyValueCount) { if err := tree.Insert(kv.key, kv.value, nil); err != nil { @@ -1543,7 +1541,7 @@ type keyValue struct { value []byte } -func genRandomKeyValues(rand *mRand.Rand, count int) []keyValue { +func genRandomKeyValues(rand *mRandV1.Rand, count int) []keyValue { ret := make([]keyValue, count) for i := 0; i < count; i++ { keyval := make([]byte, 64) @@ -1564,7 +1562,7 @@ func BenchmarkBatchLeavesInsert(b *testing.B) { b.ResetTimer() for i := 0; i < b.N; i++ { b.StopTimer() - rand := mRand.New(mRand.NewSource(42)) //skipcq: GSC-G404 + rand := mRandV1.New(mRandV1.NewSource(42)) //skipcq: GSC-G404 tree := genRandomTree(rand, treeInitialKeyValCount) randomKeyValues := genRandomKeyValues(rand, migrationKeyValueCount) b.StartTimer() @@ -1724,7 +1722,7 @@ const ( // Generate implements the quick.Generator interface from testing/quick // to generate random test cases. -func (randTest) Generate(r *mRand.Rand, size int) reflect.Value { +func (randTest) Generate(r *mRandV1.Rand, size int) reflect.Value { var finishedFn = func() bool { if size == 0 { return true