mirrors/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-01-19 05:45:21 +01:00
Code Issues Projects Releases Wiki Activity
13,080 Commits 122 Branches 305 Tags 180 MiB
48695dd801
Commit Graph

182 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
9ec26325b5
build: update to version of neutrino w/ BIP 155 support 
Fixes #4973
 2022-05-03 15:48:37 -07:00
Oliver Gugger
be704b09b2
mod: bump btcec to MuSig2 version, require go 1.17 2022-04-29 09:34:02 +02:00
Oliver Gugger
b6e1d2ae41
mod+docs: bump btcutil/psbt library to v1.1.3 
Fixes #6386.
Bumps the btcutil/psbt library to the latest version v1.1.3 that fixes
an issue with de-serializing a PSBT that contains an unsigned
transaction with no inputs.
 2022-04-19 09:45:38 +02:00
Oliver Gugger
70c01e5bf1
mod: bump btcwallet to p2tr unused addr fix 2022-04-13 14:01:59 +02:00
Elle Mouton
2bf2939b84
go.mod: update btcd to include tor resolver fix 2022-03-31 09:49:09 +02:00
Olaoluwa Osuntokun
f8174630d8
build: update to latest btcutil/psbt version 
Updates a version of `btcutil/psbt` that has looser parsing requirements
to properly match the BIP.

Fixes: https://github.com/lightningnetwork/lnd/issues/6372
 2022-03-29 20:10:54 -05:00
Oliver Gugger
72c9582b85
multi: bump btcd to taproot aware version 2022-03-24 15:00:25 +01:00
Oliver Gugger
9ecc439266
mod: remove local replace for healthcheck module 
With the new healthcheck/v1.2.2 tag pushed, we can finally remove the
local replace directive.
 2022-03-22 14:46:19 +01:00
Oliver Gugger
2b34c1e7ed
mod+healthcheck: remove local replace directive 2022-03-22 14:06:05 +01:00
Oliver Gugger
5116cfc255
mod: bump aez library that points to GitLab 
The newest version of aez points directly to
gitlab.com/yawning/bsaes.git instead of the unreachable
git.schwanenlied.me/yawning/bsaes.git that required the replace
directive.
 2022-03-21 20:41:40 +01:00
Oliver Gugger
973c95369f
mod: remove local replaces 2022-03-21 20:41:38 +01:00
Oliver Gugger
1b48681bba
mod: remove replace for github.com/onsi/ginkgo 
With the recent PR #6285 merged that bumped the btcd dependency, we no
longer need to bump the github.com/onsi/ginkgo package with a replace
directive. Instead it was bumped indirectly by merging
https://github.com/btcsuite/btcd/pull/1780 which is included in the btcd
version we reference.
 2022-03-21 20:41:37 +01:00
Oliver Gugger
fa919781e2
mod+healthcheck: use new tor submodule 
Using the tor module instead of whole lnd in healthcheck allows us to
get rid of a lot of indirect dependencies.
 2022-03-21 20:41:34 +01:00
Oliver Gugger
c5f3110616
tor: make tor its own submodule 2022-03-21 20:41:33 +01:00
Oliver Gugger
4554c306fa
mod: bump submodules after changes to them 2022-03-09 19:05:44 +01:00
Oliver Gugger
7dfe4018ce
multi: use btcd's btcec/v2 and btcutil modules 
This commit was previously split into the following parts to ease
review:
 - 2d746f68: replace imports
 - 4008f0fd: use ecdsa.Signature
 - 849e33d1: remove btcec.S256()
 - b8f6ebbd: use v2 library correctly
 - fa80bca9: bump go modules
 2022-03-09 19:02:37 +01:00
Olaoluwa Osuntokun
4a15de05aa
build: update go-pretty v6 [skip ci] 
In this commit we update go-pretty to use the latest v6 version of the
library. The existing version we used had a reported vulnerability.
Updating to this newest version also helped to shrink our set of
indirect dependencies.

In the future we can use
https://github.com/lightningnetwork/lnd/pull/5870 to detect/flag these
issues automatically.

Fixes #6293
 2022-03-01 15:02:23 -08:00
naveen
192cee494f
mod+tools+Makefile:separate tools different module 
Separated the tools to different go module to avoid having tools
dependencies on the main module.
 2022-02-10 11:02:01 +01:00
Oliver Gugger
d1b512ff92
mod+make: replace goimports with gosimports 2022-02-10 11:02:00 +01:00
Oliver Gugger
8c77829c46
lnwallet+lntest+mod: bump btcwallet to export ScriptForOutput 2022-01-06 13:24:30 +01:00
Torkel Rogstad
c64e9c5286 Bump urfave/cli version 
urfave/cli added functionality for generating Fish shell tab-completions
a few releases ago. We bump the dependency version to get access to
this functionality.
 2021-12-13 11:07:49 +01:00
Oliver Gugger
43158b6b59
mod+tools+Makefile: use go install to fetch dependencies 
Instead of hard coding a commit to use for a binary tool that we use
during the build process, we now only use "go install" to install the
binaries and the golang builtin versioning system to pin the exact
version/commit we want to use in go.mod.
 2021-11-30 09:35:25 +01:00
Olaoluwa Osuntokun
d4ae92efb8
build: update to new btcwallet version w/ pruned node fix 
See this PR for context: https://github.com/btcsuite/btcwallet/pull/778
 2021-11-12 18:24:02 -08:00
Olaoluwa Osuntokun
cc643fc0d8
build: upgrade to neutrino v0.13.0 
Includes some bug fixes, and a measure to make some heretics more
taproot-proof.
 2021-11-04 13:59:14 -07:00
Oliver Gugger
47879d95e8
mod: update btcwallet dependency to fix crash 
Fixes #5864.
Updates the btcwallet dependency to the version that fixes the
concurrent map access crash.
 2021-10-25 09:50:58 +02:00
Oliver Gugger
a3addcc927
multi: forward SendCoins call over RPC 2021-10-14 15:42:52 +02:00
Oliver Gugger
1309c6afea
multi: allow internal wallet to be watch-only 2021-10-14 15:42:45 +02:00
Oliver Gugger
98061dfd58
mod+lntest: disable stall handler in btcd mining node 
The latest version of btcd allows its stall handler to be disabled. We
use that new config option to make sure the mining btcd node and the lnd
chain backend btcd node aren't disconnected if some test takes too long
and no new p2p messages are exchanged.
 2021-10-05 20:48:47 +02:00
naveen
844dbc08e7
mod:replace mongo driver to address CVE-2021-20329 
* The mongo driver has CVE https://github.com/advisories/GHSA-f6mq-5m25-4r72
* The mongo driver is an indirect reference and cannot be directly
upgraded.
* https://deps.dev/advisory/OSV/GO-2021-0112?from=%2Fgo%2Fgithub.com%252Flightningnetwork%252Flnd
* The fix will replace the reference of the library with the fixed
  version.
 2021-10-01 13:48:47 +00:00
naveen
d5e3302265
mod : replace gogo/protobuf for GO-2021-0053 
The gogo/protobuf has OSV GO-2021-0053
https://deps.dev/advisory/OSV/GO-2021-0053?from=%2Fgo%2Fgithub.com%252Flightningnetwork%252Flnd

This is used indirectly and has to be replaced in go.mod to avoid the
direct reference to that version.

The OSV has been addressed in v1.3.2
 2021-10-01 13:07:52 +00:00
Olaoluwa Osuntokun
8ba68ca59f
Merge pull request #5789 from naveensrinivasan/naveen/feat/fix-CVE-2021-29482 
mod: Upgraded xz library to FIX the CVE-2021-29482
 2021-09-30 20:16:13 -07:00
Olaoluwa Osuntokun
c6b250c479
Merge pull request #5807 from ellemouton/bumpNeutrinoVersion 
go.mod: latest neutrino commit
 2021-09-30 20:13:03 -07:00
Elle Mouton
9a27cd93c3
go.mod: latest neutrino commit 2021-09-30 09:30:10 +02:00
Olaoluwa Osuntokun
6b73f01683
build: set min Go version to 1.16 in go.mod 2021-09-29 17:31:45 -07:00
eugene
fdcd726f9a
multi: replace DefaultDustLimit with script-specific DustLimitForSize 
This commit updates call-sites to use the proper dust limits for
various script types. This also updates the default dust limit used
in the funding flow to be 354 satoshis instead of 573 satoshis.
 2021-09-29 13:33:10 -04:00
naveen
04f57c6f57
mod: Upgraded xz library to FIX the CVE-2021-29482 
Included a replace directive to avoid using an high severity CVE
https://github.com/advisories/GHSA-25xm-hr59-7c27

This library is indirectly referenced and cannot be upgraded directly.

The https://github.com/fergusstrange/embedded-postgres/pull/42 was
merged to fix the CVE issue.
 2021-09-29 15:16:26 +00:00
Joost Jager
daeb96fe0a
postgres: add itest 2021-09-21 10:44:23 +02:00
Joost Jager
3eb80cac97
kvdb: add postgres 2021-09-21 10:44:18 +02:00
Olaoluwa Osuntokun
6be472eb98
Merge pull request #5737 from naveensrinivasan/naveen/feat/fix-jwt-osv 
mod : Replace for OSV GO-2020-0017 JWT
 2021-09-17 16:30:06 -07:00
Oliver Gugger
63233ff66c
mod: update kvdb to kvdb/v1.0.2 [skip ci] 2021-09-17 13:08:08 +02:00
naveen
8b4bbfbf61 mod : Replace for OSV GO-2020-0017 JWT 
The github.com/dgrijalva/jwt-go is no longer maintained
has this CVE https://github.com/advisories/GHSA-w73w-5m7g-f7qc

But it is being used by https://github.com/etcd-io/etcd/issues/13254
which `lnd` uses.

The https://github.com/golang-jwt/jwt/releases/tag/v3.2.1 is a fork of
the same version which was 3.2.0 with the security fix.
 2021-09-16 11:23:28 +00:00
naveen
ae6f771443 mod: bump miekg/dns to next version 
The dns has https://deps.dev/go/github.com%2Fmiekg%2Fdns/v1.1.25 has
GO-2020-0012 https://storage.googleapis.com/go-vulndb/golang.org/x/crypto.json

Updated the dependency with the fix.
 2021-09-15 23:11:04 +00:00
Olaoluwa Osuntokun
2206eba91a
build: point to latest btcwallet w/ new cached privkey method 2021-08-25 18:55:19 -07:00
Oliver Gugger
d329655bf6
mod: update to latest btcwallet dep 2021-08-23 11:25:39 +02:00
Oliver Gugger
482f76a0f4
mod+kvdb+channeldb: use btcwallet new DB interface 
Depends on btcsuite/btcwallet#757.
Pulls in the updated version of btcwallet and walletdb that have the DB
interface enhanced by their own View() and Update() methods with the
reset callback/closure supported out of the box. That way the global
package-level View() and Update() functions now become pure redirects.
 2021-08-04 14:55:55 +02:00
Oliver Gugger
dd749fe580
lnrpc: update grpc-gateway library to v2 2021-07-27 13:09:59 +02:00
Oliver Gugger
76e1223bf2
mod+kvdb: update etcd to v3.5.0 2021-07-27 13:09:59 +02:00
Oliver Gugger
fa26657950
mod: upgrade miekg/dns library to fix dependabot alert 
We're using an old and potentially vulnerable version of the DNS
resolution library. This commit bumps the library to the latest
recommended version.
 2021-07-27 09:41:00 +02:00
Oliver Gugger
8f6b2c7c46
mod: run go mod tidy 
Remove any unused entries in the summary file by running go mod tidy.
 2021-07-22 09:47:38 +02:00
Joost Jager
3026e5a826
build: bump btcwallet 2021-07-08 14:34:16 +02:00