Commit Graph

540 Commits

Author SHA1 Message Date
jmacxx
1c9aff0f21
Upgrade XChange 5.0.13, remove BitBay CoinPaprika add CoinbasePro. 2022-05-30 21:42:32 -05:00
Christoph Atteneder
1a5dad0e0b
Merge pull request #6190 from ghubstan/restful-dao-node-example
2nd attempt at a tiny daonode rest service with 1 endpoint
2022-05-18 09:41:36 +02:00
ghubstan
c70810edd7
2nd attempt at a tiny daonode rest service
Based on chimp1984's https://github.com/bisq-network/bisq/pull/6184
2022-05-07 18:37:42 -03:00
Christoph Atteneder
dac6355c91
Revert to SNAPSHOT version 2022-05-03 10:06:10 +02:00
Christoph Atteneder
0e4d25f007
Bump version number for v1.9.1 2022-05-02 09:50:46 +02:00
Christoph Atteneder
ac263432cf
Revert to SNAPSHOT version 2022-04-29 10:26:57 +02:00
Christoph Atteneder
dd6c8d1c30
Bump version number for v1.9.0 2022-04-22 11:36:43 +02:00
Christoph Atteneder
80995a6212
Revert to SNAPSHOT version 2022-03-09 14:29:16 +01:00
Christoph Atteneder
8136f0a6ca
Bump version number for v1.8.4 2022-03-07 16:42:10 +01:00
Christoph Atteneder
24bd47508b
Revert to SNAPSHOT version 2022-03-03 11:32:48 +01:00
Christoph Atteneder
602101c117
Bump version number for v1.8.3 2022-02-17 10:49:55 +01:00
Christoph Atteneder
0fd1964d34
Revert to SNAPSHOT version 2022-01-24 11:43:21 +01:00
Christoph Atteneder
c4fa58db78
Bump version number for v1.8.2 2022-01-24 09:40:46 +01:00
Christoph Atteneder
9d39f16d35
Bump version number for v1.8.1 2022-01-12 10:41:29 +01:00
Chris Beams
07a139c927
Upgrade log4j 2.15.0 => 2.17.0
This change upgrades log4j to patch fixes for recently documented
CVE-2021-45046 CVE-2021-45105 vulnerabilities related to the Log4Shell
exploit.

Like the earlier fix, Bisq does not appear to be vulnerable to these
exploits because it does not use log4j directly, only transitively
depends on it. Nevertheless, the upgrade is still the safe bet.
2021-12-20 07:34:04 +01:00
Christoph Atteneder
a7c38630e8
Merge branch 'master' of github.com:bisq-network/bisq into release/v1.8.0
Conflicts:
	core/src/main/resources/i18n/displayStrings_pl.properties
2021-12-13 11:51:16 +01:00
Christoph Atteneder
3f380226fd
Revert to SNAPSHOT version 2021-12-13 11:47:14 +01:00
Chris Beams
5f0f9e8d7a
Avoid Log4J "Log4Shell" exploit
This commit upgrades our transitive dependency on Log4J 2 from 2.14.1 to
the newly-released 2.15.0 to avoid the CVE described at
https://www.lunasec.io/docs/blog/log4j-zero-day/.

We do not use log4j directly anywhere in our codebase, so our exposure
to this exploit was already mitigated if not eliminated, but Spring Boot
depends on Log4J 2 internally. This commit upgrades Spring Boot's
underlying dependency on Log4J to 2.15.0 in the manner recommended at
https://github.com/spring-projects/spring-boot/issues/28958.
2021-12-10 11:04:33 +01:00
Chris Beams
bb4ceaa238
Use Spring dependency-management plugin in pricenode
This is in preparation for addressing log4j 2 zero day exploit described
at https://www.lunasec.io/docs/blog/log4j-zero-day/. See full details
in the next commit.

Bringing in the dependency-management plugin results in many changes to
our Gradle verification metadata file, but all are BOM / POM / Module
manifests. No additional jar or code dependencies have been whitelisted
with this change.
2021-12-10 11:04:32 +01:00
Chris Beams
55becc59c0
Avoid Log4J "Log4Shell" exploit
This commit upgrades our transitive dependency on Log4J 2 from 2.14.1 to
the newly-released 2.15.0 to avoid the CVE described at
https://www.lunasec.io/docs/blog/log4j-zero-day/.

We do not use log4j directly anywhere in our codebase, so our exposure
to this exploit was already mitigated if not eliminated, but Spring Boot
depends on Log4J 2 internally. This commit upgrades Spring Boot's
underlying dependency on Log4J to 2.15.0 in the manner recommended at
https://github.com/spring-projects/spring-boot/issues/28958.
2021-12-10 10:40:36 +01:00
Chris Beams
31c6e16e63
Use Spring dependency-management plugin in pricenode
This is in preparation for addressing log4j 2 zero day exploit described
at https://www.lunasec.io/docs/blog/log4j-zero-day/. See full details
in the next commit.

Bringing in the dependency-management plugin results in many changes to
our Gradle verification metadata file, but all are BOM / POM / Module
manifests. No additional jar or code dependencies have been whitelisted
with this change.
2021-12-10 10:34:09 +01:00
ghubstan
37a6b42f74
Set gradle java src & target compat = VERSION_11
This change sets java source and class generation version targets to 11.
The Bisq distribution is built with JDK 11, but source target has remained at 1.10.
Upgrading allows devs to use some Java syntax features available @since 11, and it
might help anyone building the src avoid confusion over which JDK they should use
(minimum is JDK 11).

See https://docs.gradle.org/current/userguide/java_plugin.html#sec:java-extension
2021-11-23 17:43:12 -03:00
Chris Beams
3884e0c471
Fix guava dependency issue
Problem: a

    NoSuchMethodError: 'java.util.stream.Collector
    com.google.common.collect.ImmutableMultiset.toImmutableMultiset()'

exception was being thrown when testing the previously-merged upgrade to
Gradle 7.3, as described at keybase://chat/bisq#testing/2466.

Solution: This problem is similar to the issue reported at
jeremylong/DependencyCheck#3221. The source of the problem was multiple
conflicting guava jars on the runtime classpath. This commit upgrades to
guava 30.1.1-jre which ensures a single jar on the classpath.
2021-11-21 17:37:25 +01:00
Chris Beams
42b00b3a3e
Fix guava dependency issue
Problem: a

    NoSuchMethodError: 'java.util.stream.Collector
    com.google.common.collect.ImmutableMultiset.toImmutableMultiset()'

exception was being thrown when testing the previously-merged upgrade to
Gradle 7.3, as described at keybase://chat/bisq#testing/2466.

Solution: This problem is similar to the issue reported at
jeremylong/DependencyCheck#3221. The source of the problem was multiple
conflicting guava jars on the runtime classpath. This commit upgrades to
guava 30.1.1-jre which ensures a single jar on the classpath.
2021-11-21 17:06:10 +01:00
Christoph Atteneder
aacc1105e3
Bump version number for v1.8.0 2021-11-19 18:35:56 +01:00
Chris Beams
cb7b0e8da4
Set pricenode mainClassName explicitly
Problem: after the upgrade from 6.6.1 to 7.3, the usual invocation of,
e.g. `./bisq-pricenode 2 2` started failing as reported by @emzy at [1].

    bisq@ubuntu-4gb-fsn1-1:~$ /bisq/bisq/bisq-pricenode 2
    Error: Could not find or load main class 2
    Caused by: java.lang.ClassNotFoundException: 2

Solution: for unknown reasons, the bisq-pricenode script worked as
expected under 6.6.1, i.e. contained the fq main class name in its
scripted invocation of `java -jar ...`, but under 7.3, this main class
name was missing. Through trial and error, it turns out that setting
`mainClassName` explicitly in the :pricenode subproject configuration
solves this problem and makes the start script work as expected.
Presumably, this problem arose in conjunction with the major version
upgrade of the spring boot Gradle plugin that was necessary when
upgrading to Gradle 7.3, but this has not been verified.

[1]: https://github.com/bisq-network/bisq/pull/5824#issuecomment-968276686
2021-11-15 13:44:44 +01:00
Chris Beams
280c2aaa8e
Adapt Gradle startScript customization logic
Problem: ClassNotFoundError was getting thrown when attempting to run,
e.g. the `./bisq-desktop` or `./bisq-pricenode` start scripts.

Solution: Gradle's posix start scripts were changed significantly
between 6.6.1 and 7.3, including a change to the way the current
directory is determined. This change updates the way we customize start
script generation to allow running them from the root of the repo. This
change only affects the unix / posix variants. The Windows .bat files do
not need to be adapted similarly.
2021-11-15 13:03:49 +01:00
Chris Beams
1460914757
Organize dependency entries
As mentioned in a prior commit, the upgrade to Gradle 7.x results in
many more dependency declarations in the file, many of which are
effectively duplicates. This change does not attempt to eliminate those
duplications in any clever way, but rather just tidies up and organizes
all dependency declarations by sorting them alphabetically.
2021-11-13 14:45:14 +01:00
Chris Beams
e09d56b696
Upgrade Mockito to 4.0.0
This fixes the 'Unsupported class file major version 60' problem
documented at mockito/mockito#2065 to allow building Bisq on JDK 16+.
2021-11-13 13:53:38 +01:00
Chris Beams
990365d5b9
Upgrade Lombok to support JDK16+
This fixes the IllegalAccessError problem documented at
https://stackoverflow.com/a/66981165/622403
2021-11-13 13:43:00 +01:00
Chris Beams
6f8197b419
Migrate to Gradle's built-in dependency verification
This commit removes the use of our fork of the gradle-witness plugin in
favor of Gradle's relatively new built-in dependency verification
feature [1].

The gradle/verification-metadata.xml file was produced using the
following command:

    ./gradlew --write-verification-metadata sha256 build

Where `build` is the usual `gradle build` command. All dependency
configurations are resolved this way, and written out to the file.

The resulting file contains 273 unique dependency declarations, as
compared to just 64 in our now-removed gradle-witness.gradle file. This
means that the coverage of dependencies verified is much more complete.

The new file contains the same sha256 checksums for each dependency as
the old file. This was manually spot-checked for a significant number of
the dependencies.

Like with gradle-witness, builds will break when dependencies are
upgraded (and now also when they are added). To fix these breakages, the
`--write-verification-metadata sha256` option must be provided to the
build. Note that new entries will be added for upgraded depedencies, but
old entries are not removed automatically from the file. These must be
removed manually.

[1]: https://docs.gradle.org/current/userguide/dependency_verification.html
2021-11-13 12:59:52 +01:00
Chris Beams
6a3d2642da
Upgrade to Gradle 7.3
This commit does what is necessary to upgrade from Gradle 6.6.1 to
7.3, including:

- generating the new Gradle wrapper
- replacing uses of 'compile' with 'implementation'
- replacing uses of 'testCompile' with 'testImplementation'

Moving from *compile to *implementation results in many more duplicated
dependency declarations throughout the file. These will be tidied up in
a subsequent commit.

Several dependencies needed to be upgraded in order to support this
change. One of them was Spring Boot, from 1.5.1 to 2.5.6. This is a
major upgrade that contained some breaking changes to the Spring Boot
Actuator. These changes required the removal of the pricenode's
/getVersion endpoint.

The Gradle Witness plugin has been disabled in this commit, because it
uses the now-removed 'compile' configuration. Use of the Witness plugin
will be removed entirely in a subsequent commit in favor of using
Gradle's new built-in dependency verification feature.
2021-11-13 12:09:22 +01:00
Christoph Atteneder
1578f45ffc
Merge pull request #5812 from ghubstan/02-cli-console-formatting-api
Deprecate and replace hard-coded CLI console output formatters
2021-11-09 21:21:52 +01:00
chimp1984
62b3e51b22
Cleanups, change log levels 2021-11-09 13:01:19 +01:00
chimp1984
7c32587453
Persist bsq blocks as buckets of 1000 blocks
Improve logging

Add BsqBlockStore to protobuf

Remove DaoStateMonitoringService field

Do not persist the blocks in daoState anymore.

This improves persistence performance and reduces memory
requirements for snapshots.
2021-11-09 13:01:19 +01:00
ghubstan
1d403e7a42
Add CLI test dependency to check console output diffs, and tests 2021-11-07 14:01:36 -03:00
chimp1984
d5dfdb4a35
Merge branch 'chimp-bsq-swap-1' into bsq-swap-low-risk-refactorings-2
# Conflicts:
#	core/src/main/java/bisq/core/account/witness/AccountAgeWitnessService.java
#	core/src/main/java/bisq/core/api/CoreOffersService.java
#	core/src/main/java/bisq/core/btc/listeners/TxConfidenceListener.java
#	core/src/main/java/bisq/core/notifications/alerts/market/MarketAlerts.java
#	core/src/main/java/bisq/core/offer/OpenOfferManager.java
#	core/src/main/java/bisq/core/offer/bisq_v1/CreateOfferService.java
#	core/src/main/java/bisq/core/offer/bisq_v1/OfferPayload.java
#	core/src/main/java/bisq/core/offer/bisq_v1/TakeOfferModel.java
#	core/src/main/java/bisq/core/offer/bisq_v1/TriggerPriceService.java
#	core/src/main/java/bisq/core/proto/ProtoDevUtil.java
#	core/src/main/java/bisq/core/trade/TradeManager.java
#	core/src/main/java/bisq/core/trade/bisq_v1/TradeResultHandler.java
#	core/src/main/java/bisq/core/trade/bisq_v1/TradeUtil.java
#	core/src/main/java/bisq/core/trade/model/bisq_v1/Trade.java
#	core/src/main/java/bisq/core/trade/protocol/FluentProtocol.java
#	core/src/main/java/bisq/core/trade/protocol/Provider.java
#	core/src/main/java/bisq/core/trade/protocol/TradeProtocol.java
#	core/src/main/java/bisq/core/trade/protocol/TradeProtocolFactory.java
#	core/src/main/java/bisq/core/trade/protocol/TradeTaskRunner.java
#	core/src/main/java/bisq/core/trade/protocol/bisq_v1/DisputeProtocol.java
#	core/src/main/java/bisq/core/trade/protocol/bisq_v1/model/ProcessModel.java
#	core/src/main/java/bisq/core/trade/protocol/bisq_v1/tasks/ApplyFilter.java
#	core/src/main/java/bisq/core/trade/protocol/bisq_v1/tasks/TradeTask.java
#	core/src/main/java/bisq/core/trade/protocol/bisq_v1/tasks/maker/MakerCreateAndSignContract.java
#	core/src/main/java/bisq/core/trade/protocol/bisq_v1/tasks/taker/TakerVerifyAndSignContract.java
#	core/src/main/java/bisq/core/trade/statistics/TradeStatistics2.java
#	core/src/main/java/bisq/core/trade/statistics/TradeStatisticsManager.java
#	core/src/main/java/bisq/core/trade/txproof/xmr/XmrTxProofService.java
#	desktop/src/main/java/bisq/desktop/components/paymentmethods/PaymentMethodForm.java
#	desktop/src/main/java/bisq/desktop/main/PriceUtil.java
#	desktop/src/main/java/bisq/desktop/main/funds/transactions/TransactionAwareTradableFactory.java
#	desktop/src/main/java/bisq/desktop/main/funds/transactions/TransactionAwareTrade.java
#	desktop/src/main/java/bisq/desktop/main/market/offerbook/OfferBookChartView.java
#	desktop/src/main/java/bisq/desktop/main/market/offerbook/OfferBookChartViewModel.java
#	desktop/src/main/java/bisq/desktop/main/market/spread/SpreadViewModel.java
#	desktop/src/main/java/bisq/desktop/main/offer/BuyOfferView.java
#	desktop/src/main/java/bisq/desktop/main/offer/OfferView.java
#	desktop/src/main/java/bisq/desktop/main/offer/SellOfferView.java
#	desktop/src/main/java/bisq/desktop/main/offer/bisq_v1/MutableOfferDataModel.java
#	desktop/src/main/java/bisq/desktop/main/offer/bisq_v1/MutableOfferView.java
#	desktop/src/main/java/bisq/desktop/main/offer/bisq_v1/MutableOfferViewModel.java
#	desktop/src/main/java/bisq/desktop/main/offer/bisq_v1/takeoffer/TakeOfferDataModel.java
#	desktop/src/main/java/bisq/desktop/main/offer/bisq_v1/takeoffer/TakeOfferView.java
#	desktop/src/main/java/bisq/desktop/main/offer/bisq_v1/takeoffer/TakeOfferViewModel.java
#	desktop/src/main/java/bisq/desktop/main/offer/offerbook/OfferBook.java
#	desktop/src/main/java/bisq/desktop/main/offer/offerbook/OfferBookView.java
#	desktop/src/main/java/bisq/desktop/main/offer/offerbook/OfferBookViewModel.java
#	desktop/src/main/java/bisq/desktop/main/overlays/windows/OfferDetailsWindow.java
#	desktop/src/main/java/bisq/desktop/main/portfolio/closedtrades/ClosedTradesDataModel.java
#	desktop/src/main/java/bisq/desktop/main/portfolio/editoffer/EditOfferDataModel.java
#	desktop/src/main/java/bisq/desktop/main/portfolio/failedtrades/FailedTradesDataModel.java
#	desktop/src/main/java/bisq/desktop/main/portfolio/openoffer/OpenOffersDataModel.java
#	desktop/src/main/java/bisq/desktop/main/portfolio/openoffer/OpenOffersView.java
#	desktop/src/main/java/bisq/desktop/main/portfolio/pendingtrades/PendingTradesDataModel.java
#	desktop/src/main/java/bisq/desktop/util/DisplayUtils.java
#	desktop/src/test/java/bisq/desktop/main/offer/bisq_v1/createoffer/CreateOfferDataModelTest.java
#	desktop/src/test/java/bisq/desktop/main/offer/bisq_v1/createoffer/CreateOfferViewModelTest.java
#	desktop/src/test/java/bisq/desktop/main/offer/offerbook/OfferBookListItemMaker.java
#	desktop/src/test/java/bisq/desktop/main/portfolio/editoffer/EditOfferDataModelTest.java
#	desktop/src/test/java/bisq/desktop/maker/OfferMaker.java
#	monitor/src/main/java/bisq/monitor/metric/P2PMarketStats.java
2021-11-02 16:04:12 +01:00
Christoph Atteneder
50798f0d62
Revert to SNAPSHOT version 2021-10-29 16:06:49 +02:00
chimp1984
2f40eddae8
Use bitcoinj 42bbae9 (with fix required for bsq swaps) 2021-10-21 15:41:07 +02:00
Christoph Atteneder
8fbccb7547
Bump version number for v1.7.5 2021-10-19 11:32:09 +02:00
cd2357
455a74a4a8
chore: Bump tor to v0.4.5.10
Update netlayer and tor-binary dependencies.
2021-10-18 09:12:21 +02:00
Christoph Atteneder
f73274b0b9
Revert to SNAPSHOT version 2021-09-24 19:28:11 +02:00
Christoph Atteneder
64274cf82e
Bump version number for v1.7.4 2021-09-21 09:24:26 +02:00
Christoph Atteneder
9c411b9ba4
Update Bisq bitcoinj fork with latest commit (3186b200fff690fa51f3ebbf578f427d78242bc2)
Conflicts:
	build.gradle
	gradle/witness/gradle-witness.gradle
2021-09-13 11:33:12 +02:00
Christoph Atteneder
704333f133
Add bitcoinj Tor v3 support 2021-09-09 11:41:01 +02:00
Christoph Atteneder
0e4278012b
Revert to SNAPSHOT version 2021-08-30 14:16:11 +02:00
Christoph Atteneder
ad95e5b3be
Bump version number for v1.7.3 2021-08-23 11:20:09 +02:00
Christoph Atteneder
4c451ebc11
Revert to SNAPSHOT version 2021-07-23 14:02:37 +02:00
Christoph Atteneder
0cd20d6cc5
Increase MaxRam setting to 8g 2021-07-22 15:01:11 +02:00
Christoph Atteneder
6648ab04f7
Add new JVM arguments also to build script 2021-07-22 15:01:11 +02:00