mirrors/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2024-11-19 18:10:34 +01:00
Code Issues Projects Releases Wiki Activity
12,872 Commits 136 Branches 292 Tags 181 MiB
1b48681bba
Commit Graph

171 Commits

Author SHA1 Message Date
Oliver Gugger
1b48681bba
mod: remove replace for github.com/onsi/ginkgo 
With the recent PR #6285 merged that bumped the btcd dependency, we no
longer need to bump the github.com/onsi/ginkgo package with a replace
directive. Instead it was bumped indirectly by merging
https://github.com/btcsuite/btcd/pull/1780 which is included in the btcd
version we reference.
 2022-03-21 20:41:37 +01:00
Oliver Gugger
fa919781e2
mod+healthcheck: use new tor submodule 
Using the tor module instead of whole lnd in healthcheck allows us to
get rid of a lot of indirect dependencies.
 2022-03-21 20:41:34 +01:00
Oliver Gugger
c5f3110616
tor: make tor its own submodule 2022-03-21 20:41:33 +01:00
Oliver Gugger
4554c306fa
mod: bump submodules after changes to them 2022-03-09 19:05:44 +01:00
Oliver Gugger
7dfe4018ce
multi: use btcd's btcec/v2 and btcutil modules 
This commit was previously split into the following parts to ease
review:
 - 2d746f68: replace imports
 - 4008f0fd: use ecdsa.Signature
 - 849e33d1: remove btcec.S256()
 - b8f6ebbd: use v2 library correctly
 - fa80bca9: bump go modules
 2022-03-09 19:02:37 +01:00
Olaoluwa Osuntokun
4a15de05aa
build: update go-pretty v6 [skip ci] 
In this commit we update go-pretty to use the latest v6 version of the
library. The existing version we used had a reported vulnerability.
Updating to this newest version also helped to shrink our set of
indirect dependencies.

In the future we can use
https://github.com/lightningnetwork/lnd/pull/5870 to detect/flag these
issues automatically.

Fixes #6293
 2022-03-01 15:02:23 -08:00
naveen
192cee494f
mod+tools+Makefile:separate tools different module 
Separated the tools to different go module to avoid having tools
dependencies on the main module.
 2022-02-10 11:02:01 +01:00
Oliver Gugger
d1b512ff92
mod+make: replace goimports with gosimports 2022-02-10 11:02:00 +01:00
Oliver Gugger
8c77829c46
lnwallet+lntest+mod: bump btcwallet to export ScriptForOutput 2022-01-06 13:24:30 +01:00
Torkel Rogstad
c64e9c5286 Bump urfave/cli version 
urfave/cli added functionality for generating Fish shell tab-completions
a few releases ago. We bump the dependency version to get access to
this functionality.
 2021-12-13 11:07:49 +01:00
Oliver Gugger
43158b6b59
mod+tools+Makefile: use go install to fetch dependencies 
Instead of hard coding a commit to use for a binary tool that we use
during the build process, we now only use "go install" to install the
binaries and the golang builtin versioning system to pin the exact
version/commit we want to use in go.mod.
 2021-11-30 09:35:25 +01:00
Olaoluwa Osuntokun
d4ae92efb8
build: update to new btcwallet version w/ pruned node fix 
See this PR for context: https://github.com/btcsuite/btcwallet/pull/778
 2021-11-12 18:24:02 -08:00
Olaoluwa Osuntokun
cc643fc0d8
build: upgrade to neutrino v0.13.0 
Includes some bug fixes, and a measure to make some heretics more
taproot-proof.
 2021-11-04 13:59:14 -07:00
Oliver Gugger
47879d95e8
mod: update btcwallet dependency to fix crash 
Fixes #5864.
Updates the btcwallet dependency to the version that fixes the
concurrent map access crash.
 2021-10-25 09:50:58 +02:00
Oliver Gugger
a3addcc927
multi: forward SendCoins call over RPC 2021-10-14 15:42:52 +02:00
Oliver Gugger
1309c6afea
multi: allow internal wallet to be watch-only 2021-10-14 15:42:45 +02:00
Oliver Gugger
98061dfd58
mod+lntest: disable stall handler in btcd mining node 
The latest version of btcd allows its stall handler to be disabled. We
use that new config option to make sure the mining btcd node and the lnd
chain backend btcd node aren't disconnected if some test takes too long
and no new p2p messages are exchanged.
 2021-10-05 20:48:47 +02:00
naveen
844dbc08e7
mod:replace mongo driver to address CVE-2021-20329 
* The mongo driver has CVE https://github.com/advisories/GHSA-f6mq-5m25-4r72
* The mongo driver is an indirect reference and cannot be directly
upgraded.
* https://deps.dev/advisory/OSV/GO-2021-0112?from=%2Fgo%2Fgithub.com%252Flightningnetwork%252Flnd
* The fix will replace the reference of the library with the fixed
  version.
 2021-10-01 13:48:47 +00:00
naveen
d5e3302265
mod : replace gogo/protobuf for GO-2021-0053 
The gogo/protobuf has OSV GO-2021-0053
https://deps.dev/advisory/OSV/GO-2021-0053?from=%2Fgo%2Fgithub.com%252Flightningnetwork%252Flnd

This is used indirectly and has to be replaced in go.mod to avoid the
direct reference to that version.

The OSV has been addressed in v1.3.2
 2021-10-01 13:07:52 +00:00
Olaoluwa Osuntokun
8ba68ca59f
Merge pull request #5789 from naveensrinivasan/naveen/feat/fix-CVE-2021-29482 
mod: Upgraded xz library to FIX the CVE-2021-29482
 2021-09-30 20:16:13 -07:00
Olaoluwa Osuntokun
c6b250c479
Merge pull request #5807 from ellemouton/bumpNeutrinoVersion 
go.mod: latest neutrino commit
 2021-09-30 20:13:03 -07:00
Elle Mouton
9a27cd93c3
go.mod: latest neutrino commit 2021-09-30 09:30:10 +02:00
Olaoluwa Osuntokun
6b73f01683
build: set min Go version to 1.16 in go.mod 2021-09-29 17:31:45 -07:00
eugene
fdcd726f9a
multi: replace DefaultDustLimit with script-specific DustLimitForSize 
This commit updates call-sites to use the proper dust limits for
various script types. This also updates the default dust limit used
in the funding flow to be 354 satoshis instead of 573 satoshis.
 2021-09-29 13:33:10 -04:00
naveen
04f57c6f57
mod: Upgraded xz library to FIX the CVE-2021-29482 
Included a replace directive to avoid using an high severity CVE
https://github.com/advisories/GHSA-25xm-hr59-7c27

This library is indirectly referenced and cannot be upgraded directly.

The https://github.com/fergusstrange/embedded-postgres/pull/42 was
merged to fix the CVE issue.
 2021-09-29 15:16:26 +00:00
Joost Jager
daeb96fe0a
postgres: add itest 2021-09-21 10:44:23 +02:00
Joost Jager
3eb80cac97
kvdb: add postgres 2021-09-21 10:44:18 +02:00
Olaoluwa Osuntokun
6be472eb98
Merge pull request #5737 from naveensrinivasan/naveen/feat/fix-jwt-osv 
mod : Replace for OSV GO-2020-0017 JWT
 2021-09-17 16:30:06 -07:00
Oliver Gugger
63233ff66c
mod: update kvdb to kvdb/v1.0.2 [skip ci] 2021-09-17 13:08:08 +02:00
naveen
8b4bbfbf61 mod : Replace for OSV GO-2020-0017 JWT 
The github.com/dgrijalva/jwt-go is no longer maintained
has this CVE https://github.com/advisories/GHSA-w73w-5m7g-f7qc

But it is being used by https://github.com/etcd-io/etcd/issues/13254
which `lnd` uses.

The https://github.com/golang-jwt/jwt/releases/tag/v3.2.1 is a fork of
the same version which was 3.2.0 with the security fix.
 2021-09-16 11:23:28 +00:00
naveen
ae6f771443 mod: bump miekg/dns to next version 
The dns has https://deps.dev/go/github.com%2Fmiekg%2Fdns/v1.1.25 has
GO-2020-0012 https://storage.googleapis.com/go-vulndb/golang.org/x/crypto.json

Updated the dependency with the fix.
 2021-09-15 23:11:04 +00:00
Olaoluwa Osuntokun
2206eba91a
build: point to latest btcwallet w/ new cached privkey method 2021-08-25 18:55:19 -07:00
Oliver Gugger
d329655bf6
mod: update to latest btcwallet dep 2021-08-23 11:25:39 +02:00
Oliver Gugger
482f76a0f4
mod+kvdb+channeldb: use btcwallet new DB interface 
Depends on btcsuite/btcwallet#757.
Pulls in the updated version of btcwallet and walletdb that have the DB
interface enhanced by their own View() and Update() methods with the
reset callback/closure supported out of the box. That way the global
package-level View() and Update() functions now become pure redirects.
 2021-08-04 14:55:55 +02:00
Oliver Gugger
dd749fe580
lnrpc: update grpc-gateway library to v2 2021-07-27 13:09:59 +02:00
Oliver Gugger
76e1223bf2
mod+kvdb: update etcd to v3.5.0 2021-07-27 13:09:59 +02:00
Oliver Gugger
fa26657950
mod: upgrade miekg/dns library to fix dependabot alert 
We're using an old and potentially vulnerable version of the DNS
resolution library. This commit bumps the library to the latest
recommended version.
 2021-07-27 09:41:00 +02:00
Oliver Gugger
8f6b2c7c46
mod: run go mod tidy 
Remove any unused entries in the summary file by running go mod tidy.
 2021-07-22 09:47:38 +02:00
Joost Jager
3026e5a826
build: bump btcwallet 2021-07-08 14:34:16 +02:00
yyforyongyu
f5de56a40d
mod: add package stretchr/testify mock 2021-06-23 20:35:29 +08:00
Olaoluwa Osuntokun
6f051fa5ea
Merge pull request #5248 from joostjager/concurrent-onion 
htlcswitch: concurrent onion decoding
 2021-06-18 14:08:24 -07:00
Oliver Gugger
fca685a8c5
mod: update btcutil dependency 
Bumps the btcutil dependency to the latest version that fixes a bug in
parsing addresses.
 2021-05-27 19:20:09 +02:00
Olaoluwa Osuntokun
0ed72b8c6a
Merge pull request #5025 from guggero/signet 
Add basic bitcoin signet support
 2021-05-26 18:19:57 -07:00
Joost Jager
dddf0bc887 htlcswitch: concurrent onion decoding 2021-05-24 20:12:57 +02:00
Joost Jager
42f4afef75
multi: add random coin selection 2021-05-24 20:09:56 +02:00
eugene
17646b0c04
go.mod: update btcutil, btcutil/psbt commits for psbt fix 
This pulls in the latest btcutil and btcutil/psbt commits which
include a panic fix for malformed PSBT inputs.
 2021-05-20 15:56:42 -04:00
Oliver Gugger
367f2c8aa4
mod: bump btcd to version with signet deployment fix 
This commit updates the btcd version to a more recent one in which a bug
was fixed that lead to SegWit and Taproot not being activated properly
on signet.
This update is not strictly necessary for lnd to work but we include it
in case anyone wants to install btcd through lnd's Makefile.
 2021-05-18 13:08:46 +02:00
Olaoluwa Osuntokun
fb632ab4ee
build: update neutrino+btcwallet modules to latest versions 2021-05-13 17:18:20 -07:00
Olaoluwa Osuntokun
7ab5906093
Merge pull request #5245 from bhandras/kvdb_module 
kvdb: make kvdb a top level submodule to allow dependency in other projects
 2021-05-13 15:59:20 -07:00
Andras Banki-Horvath
fc139d9bb8
kvdb: add ForEachBucket implementation 2021-05-13 10:35:35 +02:00