Merge branch 'bn-develop' into merge-pascal

.github/CODEOWNERS

@@ -1,21 +1,36 @@
 # Lines starting with '#' are comments.
 # Each line is a file pattern followed by one or more owners.
-accounts/usbwallet              @karalabe
-accounts/scwallet               @gballet
-accounts/abi                    @gballet @MariusVanDerWijden
-cmd/clef                        @holiman
-consensus                       @karalabe
-core/                           @karalabe @holiman @rjl493456442
-eth/                            @karalabe @holiman @rjl493456442
-eth/catalyst/                   @gballet
+
+accounts/usbwallet/             @gballet
+accounts/scwallet/              @gballet
+accounts/abi/                   @gballet @MariusVanDerWijden
+beacon/engine/                  @MariusVanDerWijden @lightclient @fjl
+beacon/light/                   @zsfelfoldi
+beacon/merkle/                  @zsfelfoldi 
+beacon/types/                   @zsfelfoldi @fjl
+beacon/params/                  @zsfelfoldi @fjl
+cmd/clef/                       @holiman
+cmd/evm/                        @holiman @MariusVanDerWijden @lightclient
+core/state/                     @rjl493456442 @holiman
+crypto/                         @gballet @jwasinger @holiman @fjl
+core/                           @holiman @rjl493456442
+eth/                            @holiman @rjl493456442
+eth/catalyst/                   @MariusVanDerWijden @lightclient @fjl @jwasinger
 eth/tracers/                    @s1na
+ethclient/                      @fjl
+ethdb/                          @rjl493456442
+event/                          @fjl
+trie/                           @rjl493456442
+triedb/                         @rjl493456442
+core/tracing/                   @s1na
 graphql/                        @s1na
-les/                            @zsfelfoldi @rjl493456442
-light/                          @zsfelfoldi @rjl493456442
+internal/ethapi/                @fjl @s1na @lightclient
+internal/era/                   @lightclient
+metrics/                        @holiman
+miner/                          @MariusVanDerWijden @holiman @fjl @rjl493456442
 node/                           @fjl
 p2p/                            @fjl @zsfelfoldi
+rlp/                            @fjl
+params/                         @fjl @holiman @karalabe @gballet @rjl493456442 @zsfelfoldi
 rpc/                            @fjl @holiman
-p2p/simulations                 @fjl
-p2p/protocols                   @fjl
-p2p/testing                     @fjl
 signer/                         @holiman

.github/workflows/build-test.yml

@@ -15,7 +15,7 @@ jobs:
   unit-test:
     strategy:
       matrix:
-        go-version: [1.21.x]
+        go-version: [1.23.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:
@@ -45,5 +45,7 @@ jobs:
 
     - name: Test Build
       run: |
-        go mod download
-        make geth
+        go run build/ci.go check_tidy
+        go run build/ci.go check_generate
+        go run build/ci.go check_baddeps
+        go mod download && make geth

.github/workflows/evm-tests.yml

@@ -15,7 +15,7 @@ jobs:
   evm-test:
     strategy:
       matrix:
-        go-version: [1.21.x]
+        go-version: [1.23.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/lint.yml

@@ -15,7 +15,7 @@ jobs:
   golang-lint:
     strategy:
       matrix:
-        go-version: [1.21.x]
+        go-version: [1.23.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:
@@ -47,12 +47,9 @@ jobs:
         go mod tidy
 
     - name: golangci-lint
-      uses: golangci/golangci-lint-action@v3
-      with:
-        # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-        version: v1.55.2
-        working-directory: ./
-        skip-pkg-cache: true
-        skip-cache: true
-        skip-build-cache: true
-        args: --timeout=99m --config ./.golangci.yml
+      env:
+        CGO_CFLAGS: "-O -D__BLST_PORTABLE__"
+        CGO_CFLAGS_ALLOW: "-O -D__BLST_PORTABLE__"
+        ANDROID_HOME: "" # Skip android test
+      run: |
+        make lint

.github/workflows/nancy.yml

@@ -13,7 +13,7 @@ jobs:
   build:
     strategy:
         matrix:
-          go-version: [1.21.x]
+          go-version: [1.23.x]
           os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/pre-release.yml

@@ -15,7 +15,7 @@ jobs:
     name: Build Release
     strategy:
       matrix:
-        go-version: [1.21.x]
+        go-version: [1.23.x]
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/release.yml

@@ -14,7 +14,7 @@ jobs:
     name: Build Release
     strategy:
       matrix:
-        go-version: [1.21.x]
+        go-version: [1.23.x]
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/unit-test.yml

@@ -15,7 +15,7 @@ jobs:
   unit-test:
     strategy:
       matrix:
-        go-version: [1.21.x]
+        go-version: [1.23.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:

.gitignore

@@ -4,16 +4,11 @@
 # or operating system, you probably want to add a global ignore instead:
 #   git config --global core.excludesfile ~/.gitignore_global
 
-/tmp
 */**/*un~
 */**/*.test
 *un~
 .DS_Store
 */**/.DS_Store
-.ethtest
-*/**/*tx_database*
-*/**/*dapps*
-build/_vendor/pkg
 
 #*
 .#*
@@ -28,29 +23,28 @@ build/_vendor/pkg
 /build/bin/
 /geth*.zip
 
+# used by the build/ci.go archive + upload tool
+/geth*.tar.gz
+/geth*.tar.gz.sig
+/geth*.tar.gz.asc
+/geth*.zip.sig
+/geth*.zip.asc
+
+
 # travis
 profile.tmp
 profile.cov
 
 # IdeaIDE
 .idea
+*.iml
 
 # VS Code
 .vscode
 
-# dashboard
-/dashboard/assets/flow-typed
-/dashboard/assets/node_modules
-/dashboard/assets/stats.json
-/dashboard/assets/bundle.js
-/dashboard/assets/bundle.js.map
-/dashboard/assets/package-lock.json
-
-**/yarn-error.log
 cmd/geth/node/
 cmd/geth/__debug_bin
 cmd/bootnode/bootnode
 graphql/__debug_bin
-logs/
 
 tests/spec-tests/

.golangci.yml

@@ -6,8 +6,6 @@ run:
   # default is true. Enables skipping of directories:
   #   vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
   skip-dirs-use-default: true
-  skip-files:
-    - core/genesis_alloc.go
 
 output:
   format: colored-line-number
@@ -26,9 +24,16 @@ linters:
     - staticcheck
     - bidichk
     - durationcheck
-    - exportloopref
+    - copyloopvar
     - whitespace
-
+    - revive # only certain checks enabled
+    - durationcheck
+    - gocheckcompilerdirectives
+    - reassign
+    - mirror
+    - tenv
+    ### linters we tried and will not be using:
+    ###
     # - structcheck # lots of false positives
     # - errcheck #lot of false positives
     # - contextcheck
@@ -41,23 +46,37 @@ linters:
 linters-settings:
   gofmt:
     simplify: true
+  revive:
+    enable-all-rules: false
+    # here we enable specific useful rules
+    # see https://golangci-lint.run/usage/linters/#revive for supported rules
+    rules:
+      - name: receiver-naming
+        severity: warning
+        disabled: false
+        exclude: [""]
 
 issues:
+  exclude-files:
+    - core/genesis_alloc.go
   exclude-rules:
     - path: core/state/metrics.go
       linters:
         - unused
     - path: core/txpool/legacypool/list.go
       linters:
         - staticcheck
+    - path: crypto/bn256/
+      linters:
+        - revive
+    - path: cmd/utils/flags.go
+      text: "SA1019: cfg.TxLookupLimit is deprecated: use 'TransactionHistory' instead."
+    - path: cmd/utils/flags.go
+      text: "SA1019: ethconfig.Defaults.TxLookupLimit is deprecated: use 'TransactionHistory' instead."
     - path: internal/build/pgp.go
       text: 'SA1019: "golang.org/x/crypto/openpgp" is deprecated: this package is unmaintained except for security fixes.'
     - path: core/vm/contracts.go
       text: 'SA1019: "golang.org/x/crypto/ripemd160" is deprecated: RIPEMD-160 is a legacy hash and should not be used for new applications.'
-    - path: accounts/usbwallet/trezor.go
-      text: 'SA1019: "github.com/golang/protobuf/proto" is deprecated: Use the "google.golang.org/protobuf/proto" package instead.'
-    - path: accounts/usbwallet/trezor/
-      text: 'SA1019: "github.com/golang/protobuf/proto" is deprecated: Use the "google.golang.org/protobuf/proto" package instead.'
   exclude:
     - 'SA1019: event.TypeMux is deprecated: use Feed'
     - 'SA1019: strings.Title is deprecated'

.mailmap

@@ -56,7 +56,6 @@ Diederik Loerakker <[email protected]>
 Dimitry Khokhlov <[email protected]>
 
 Domino Valdano <[email protected]>
-Domino Valdano <[email protected]> <[email protected]>
 
 Edgar Aroutiounian <[email protected]>
 

.nancy-ignore

@@ -1,3 +1,4 @@
 CVE-2024-34478 # "CWE-754: Improper Check for Unusual or Exceptional Conditions." This vulnerability is BTC only, BSC does not have the issue.
 CVE-2024-6104 # "CWE-532: Information Exposure Through Log Files" This is caused by the vulnerabilities [email protected], it is only used in cmd devp2p, impact is limited. will upgrade to v0.7.7 later
-CVE-2024-8421 # "CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion)" This vulnerability is caused by issues in the golang.org/x/net package. Even the latest version(v0.29.0) has not yet addressed it, but we will continue to monitor updates closely.
+CVE-2024-8421 # "CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion)" This vulnerability is caused by issues in the golang.org/x/net package. Even the latest version(v0.29.0) has not yet addressed it, but we will continue to monitor updates closely.
+CVE-2024-51744 # "CWE-347: Improper Verification of Cryptographic Signature" & "CWE-755: Improper Handling of Exceptional Conditions" This vulnerability is caused mishandling of JWT error code, BSC does not have the issue as it does not check the detail error code.