chore: merge new changes from ipfs/kubo master#2
Open
alvin-reyes wants to merge 912 commits into
Open
Conversation
add "Understanding the Metrics" section explaining three types: - per-worker rates (multiply by active workers for total throughput) - per-region averages (do NOT multiply by worker count) - system totals (cumulative across all workers) enhance metric descriptions with: - explicit calculation examples showing which worker counts to use - warnings about when NOT to multiply by worker count - cross-references to relevant sections add "Capacity Planning" section with: - step-by-step throughput capacity calculations - diagnostic guidance for common scenarios - worked examples for estimating required vs actual capacity addresses confusion from PR #11034 comments about when to multiply metrics by worker count and how to interpret per-worker rates
adds Gateway.MaxRangeRequestFileSize configuration to protect against CDN bugs where range requests over certain sizes return entire files instead of requested byte ranges, causing unexpected bandwidth costs. - default: 0 (no limit) - returns 501 Not Implemented for oversized range requests - protects against CDNs like Cloudflare that ignore range requests over 5GiB also introduces OptionalBytes type to reduce code duplication when handling byte-size configuration values, replacing manual string parsing with humanize.ParseBytes. migrates existing byte-size configs to use this new type. Fixes: ipfs/boxo#856
Co-authored-by: Marcin Rataj <lidel@lidel.org> Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
* telemetry: collect provideDHTSweepEnabled Fixes #11055. * telemetry: track custom Provide.DHT.Interval and MaxWorkers collects whether users customize Interval and MaxWorkers from defaults to help identify if defaults need adjustment * docs: improve telemetry documentation structure and clarity restructure docs/telemetry.md into meaningful sections (routing & discovery, content providing, network configuration), add exact config field paths for all tracked settings, and establish code as source of truth by linking from LogEvent struct while removing redundant field comments --------- Co-authored-by: Marcin Rataj <lidel@lidel.org>
* feat: fast provide * Check error from provideRoot * do not provide if nil router * fix(commands): prevent panic from typed nil DHTClient interface Fixes panic when ipfsNode.DHTClient is a non-nil interface containing a nil pointer value (typed nil). This happened when Routing.Type=delegated or when using HTTP-only routing without DHT. The panic occurred because: - Go interfaces can be non-nil while containing nil pointer values - Simple `if DHTClient == nil` checks pass, but calling methods panics - Example: `(*ddht.DHT)(nil)` stored in interface passes nil check Solution: - Add HasActiveDHTClient() method to check both interface and concrete value - Update all 7 call sites to use proper check before DHT operations - Rename provideRoot → provideCIDSync for clarity - Add structured logging with "fast-provide" prefix for easier filtering - Add tests covering nil cases and valid DHT configurations Fixes: #11046 (comment) * feat(add): split fast-provide into two flags for async/sync control Renames --fast-provide to --fast-provide-root and adds --fast-provide-wait to give users control over synchronous vs asynchronous providing behavior. Changes: - --fast-provide-root (default: true): enables immediate root CID providing - --fast-provide-wait (default: false): controls whether to block until complete - Default behavior: async provide (fast, non-blocking) - Opt-in: --fast-provide-wait for guaranteed discoverability (slower, blocking) - Can disable with --fast-provide-root=false to rely on background reproviding Implementation: - Async mode: launches goroutine with detached context for fire-and-forget - Added 10 second timeout to prevent hanging on network issues - Timeout aligns with other kubo operations (ping, DNS resolve, p2p) - Sufficient for DHT with sweep provider or accelerated client - Sync mode: blocks on provideCIDSync until completion (uses req.Context) - Improved structured logging with "fast-provide-root:" prefix - Removed redundant "root CID" from messages (already in prefix) - Clear async/sync distinction in log messages - Added FAST PROVIDE OPTIMIZATION section to ipfs add --help explaining: - The problem: background queue takes time, content not immediately discoverable - The solution: extra immediate announcement of just the root CID - The benefit: peers can find content right away while queue handles rest - Usage: async by default, --fast-provide-wait for guaranteed completion Changelog: - Added highlight section for fast root CID providing feature - Updated TOC and overview - Included usage examples with clear comments explaining each mode - Emphasized this is extra announcement independent of background queue The feature works best with sweep provider and accelerated DHT client where provide operations are significantly faster. * fix(add): respect Provide config in fast-provide-root fast-provide-root should honor the same config settings as the regular provide system: - skip when Provide.Enabled is false - skip when Provide.DHT.Interval is 0 - respect Provide.Strategy (all/pinned/roots/mfs/combinations) This ensures fast-provide only runs when appropriate based on user configuration and the nature of the content being added (pinned vs unpinned, added to MFS or not). * Update core/commands/add.go --------- Co-authored-by: gammazero <11790789+gammazero@users.noreply.github.com> Co-authored-by: Marcin Rataj <lidel@lidel.org>
* fix(add): respect Provide config in fast-provide-root fast-provide-root should honor the same config settings as the regular provide system: - skip when Provide.Enabled is false - skip when Provide.DHT.Interval is 0 - respect Provide.Strategy (all/pinned/roots/mfs/combinations) This ensures fast-provide only runs when appropriate based on user configuration and the nature of the content being added (pinned vs unpinned, added to MFS or not). * feat(config): options to adjust global defaults Add Import.FastProvideRoot and Import.FastProvideWait configuration options to control default behavior of fast-provide-root and fast-provide-wait flags in ipfs add command. Users can now set global defaults in config while maintaining per-command flag overrides. - Add Import.FastProvideRoot (default: true) - Add Import.FastProvideWait (default: false) - Add ResolveBoolFromConfig helper for config resolution - Update docs with configuration details - Add log-based tests verifying actual behavior * refactor: extract fast-provide logic into reusable functions Extract fast-provide logic from add command into reusable components: - Add config.ShouldProvideForStrategy helper for strategy matching - Add ExecuteFastProvide function reusable across add and dag import commands - Move DefaultFastProvideTimeout constant to config/provide.go - Simplify add.go from 72 lines to 6 lines for fast-provide - Move fast-provide tests to dedicated TestAddFastProvide function Benefits: - cleaner API: callers only pass content characteristics - all strategy logic centralized in one place - better separation of concerns - easier to add fast-provide to other commands in future * feat(dag): add fast-provide support for dag import Adds --fast-provide-root and --fast-provide-wait flags to `ipfs dag import`, mirroring the fast-provide functionality available in `ipfs add`. Changes: - Add --fast-provide-root and --fast-provide-wait flags to dag import command - Implement fast-provide logic for all root CIDs in imported CAR files - Works even when --pin-roots=false (strategy checked internally) - Share ExecuteFastProvide implementation between add and dag import - Move ExecuteFastProvide to cmdenv package to avoid import cycles - Add logging when fast-provide is disabled - Conditional error handling: return error when wait=true, warn when wait=false - Update config docs to mention both ipfs add and ipfs dag import - Update changelog to use "provide" terminology and include dag import examples - Add comprehensive test coverage (TestDagImportFastProvide with 6 test cases) The fast-provide feature allows immediate DHT announcement of root CIDs for faster content discovery, bypassing the regular background queue. * docs: improve fast-provide documentation Refine documentation to better explain fast-provide and sweep provider working together, and highlight the performance improvement. Changelog: - add fast-provide to sweep provider features list - explain performance improvement: root CIDs discoverable in <1s vs 30+ seconds - note this uses optimistic DHT operations (faster with sweep provider) - simplify examples, point to --help for details Config docs: - fix: --fast-provide-roots should be --fast-provide-root (singular) - clarify Import.FastProvideRoot focuses on root CIDs while sweep handles all blocks - simplify Import.FastProvideWait description Command help: - ipfs add: explain sweep provider context upfront - ipfs dag import: add fast-provide explanation section - both explain the split: fast-provide for roots, sweep for all blocks * test: add tests for ShouldProvideForStrategy add tests covering all provide strategy combinations with focus on bitflag OR logic (the else-if bug fix). organized by behavior: - all strategy always provides - single strategies match only their flag - combined strategies use OR logic - zero strategy never provides * refactor: error cmd on error and wait=true change ExecuteFastProvide() to return error, enabling proper error propagation when --fast-provide-wait=true. in sync mode, provide failures now error the command as expected. in async mode (default), always returns nil with errors logged in background goroutine. also remove duplicate ExecuteFastProvide() from provide.go (75 lines), keeping single implementation in cmdenv/env.go for reuse across add and dag import commands. call sites simplified: - add.go: check and propagate error from ExecuteFastProvide - dag/import.go: return error from ForEach callback, remove confusing conditional error handling semantics: - precondition skips (DHT unavailable, etc): return nil (not failure) - async mode (wait=false): return nil, log errors in goroutine - sync mode (wait=true): return wrapped error on provide failure
PathOrCidPath was returning the error from the second path.NewPath call instead of the original error when both attempts failed. This fix preserves the first error before attempting the fallback, ensuring users get the most relevant error message about their input.
…lt (#10954) This allows Kubo to respond to the GetClosestPeers() http routing v1 endpoint as spec'ed here: ipfs/specs#476 It is based on work from ipfs/boxo#1021 We let IpfsNode implmement the contentRouter.Client interface with the new method. We use our WAN-DHT to get the closest peers. Additionally, Routing V1 HTTP API is exposed by default which enables light clients in browsers to use Kubo Gateway as delegated routing backend Co-authored-by: Marcin Rataj <lidel@lidel.org>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
(cherry picked from commit 1141220)
(cherry picked from commit 2cbf151)
(cherry picked from commit 72f4c6f)
(cherry picked from commit 21f50ac)
PR #10954 (ExposeRoutingAPI default + GetClosestPeers) was merged after v0.39.0-rc1 and depends on boxo changes not yet released.
- rewrite overview to lead with user value (self-hosting on consumer hardware) - reorder highlights: provider features together, then UPnP, then housekeeping - simplify titles (drop "Amino", "Fixed", verbose descriptions) - link to Shipyard's sweep provider blogpost
- convert from zsh to bash for portability and shellcheck support - resolve GitHub handles via multiple methods: - noreply email pattern (user@users.noreply.github.com) - merge commit messages (Merge pull request #N from user/branch) - gh CLI API for PR authors (squash merge commits) - gh CLI API for commit authors (fallback for non-PR commits) - deduplicate contributors by GitHub handle instead of author name - cache resolved mappings in ~/.cache/mkreleaselog/github-handles.json - output clickable GitHub profile links in contributor table
* refactor: migrate away from cheggaaa/pb v1
* updated changelogs
* fix: add space after comment slashes for consistency
* refactor: share terminal detection in cmdenv
Replace three duplicate TTY checks (get.go, dag/export.go, dag/stat.go)
with `cmdenv.IsTerminal(*os.File)` backed by `mattn/go-isatty`.
The helper uses `IsTerminal || IsCygwinTerminal`, which also detects
MSYS2 and Git Bash on Windows. Those terminals expose stdio as a
named pipe rather than a character device, so the previous
`ModeCharDevice` check suppressed the progress bar on real terminals.
- core/commands/cmdenv/tty.go: new helper
- core/commands/{add,cat,get}.go: drop local isStderrTTY
- core/commands/dag/{export,stat}.go: drop inline stat() block
- go.mod: promote mattn/go-isatty to direct (was indirect via pb/v3)
* refactor: cmdenv.ShouldShowProgress helper
Collapse the explicit-flag-or-TTY-default logic at four call sites
(`cat`, `get`, `dag export`, `dag stat`) into a single helper.
* refactor: dedupe `ipfs add` progress template
The full bar template (counters, bar, speed, percent, ETA) was
inlined at two call sites in add.go. Move it to a file-level
const.
* fix: progress bar shows MiB/s, not MiB p/s
pb v3's speed element defaults to suffix "%s p/s", so even with
pb.Bytes set, `ipfs add`, `ipfs cat`, `ipfs get`, and
`ipfs dag export` rendered the rate as "713.04 MiB p/s" instead
of "713.04 MiB/s".
Pass explicit format args to the speed and rtime template
elements: rate now renders as "MiB/s", and the unknown-state
fallback reads "?/s" / "ETA ?" instead of bare "?". The four
templates move to package-level consts.
* docs: rewrite v0.42 progress bar entry
Describe only the user-visible changes; skip library-migration
detail and intermediate-state claims that never shipped.
* chore: drop unused pb v1 dependabot ignore
The `github.com/cheggaaa/pb` (v1) module path is no longer in
`go.mod` after the migration to `pb/v3`, so the ignore rule
never fires.
* fix(dag): unify --progress help text
Match the wording used by `add`, `cat`, and `get`:
"Stream progress data. Defaults to true when stderr is a
terminal."
* fix(add): finalize progress bar after upload
Call `bar.Finish()` and a final `bar.Write()` after the progress
loop. Without it, fast adds (under ~500ms, where pb/v3's EWMA
never accumulates a speed sample) render `?/s ... ETA ?` in the
last frame. Finishing the bar switches the speed element to its
absolute-rate branch (total/elapsed), so the final frame now
reads e.g. `792.04 MiB/s 100.00% 100ms`.
* test(cmdenv): cover ShouldShowProgress
Exercise the explicit-true, explicit-false, unset, and non-bool
paths. Unset and non-bool fall back to IsTerminal(os.Stderr),
which the test compares against directly so it works in both
TTY and CI environments.
* refactor: share full progress bar template
Move the "total known" pb/v3 template to cmdenv.ProgressBarFullTemplate
so add.go and get.go reference the same string instead of keeping
byte-identical local copies. The add init template and dag/export
streaming template stay local because each is single-use and shaped
differently.
---------
Co-authored-by: Marcin Rataj <lidel@lidel.org>
* chore: bump go-libp2p-kad-dht to v0.40.0 * docs: changelog for kad-dht v0.40.0 --------- Co-authored-by: Marcin Rataj <lidel@lidel.org>
* feat(dag): add --local-only to dag export and import - Export: only export blocks present locally; skip missing (partial CAR). --local-only with --offline. Support both binary and base58 link keys. - Import: support partial CARs; --local-only with -- pin-roots=false (error if both --pin-roots and --local-only set). - Fix cidFromBinString to accept base58 key format from link implementations. Signed-off-by: Chayan Das <01chayandas@gmail.com> * chore(deps): update go-car/v2 to latest master - remove local replace directive for go-car/v2 - upgrade to v2.16.1-0.20260306172652-7d2f4aceb070 * fix(dag): avoid CID round-trip in export and fix ci failure Signed-off-by: Chayan Das <01chayandas@gmail.com> * dag: add validation and tests for --local-only flag Signed-off-by: Chayan Das <01chayandas@gmail.com> * chore(deps): bump go-car/v2 to latest master * feat(dag): --local-only auto-sets companion flags Pass --local-only without pairing it with --offline (export) or --pin-roots=false (import); the companion is now implicit. Explicit opposites (--offline=false, --pin-roots=true) are rejected so the intent stays unambiguous. * export: imply --offline so missing blocks are not fetched over the network, which would defeat --local-only * import: imply --pin-roots=false since a partial CAR has no full DAG to pin * tests: cover the new implications and the rejected explicit-opposite combinations; drop the brittle exec.CommandContext path in favor of the existing harness * refactor(dag): use boxo/walker for --local-only export The --local-only branch now uses walker.WalkDAG with WithLocality(bs.Has) and carstorage.NewWritable, matching the MFS+unique provider in core/node/provider.go. Semantics: any input-side read error during the walk (missing block, decode failure, post-locality race) is treated as "not available locally" and the block plus its subtree are skipped. Output-side errors (writable.Put) are still surfaced. --help is updated to call out the best-effort nature. The non-local-only path is unchanged. * test(dag): tighten --local-only tests, add subtree-skip case Pin chunker and max-file-links via a shared shallowDAGArgs so block counts are deterministic regardless of Import.* defaults or active profiles. Tighten existing assertions: * TestDagExportLocalOnly: assert exact fullCount=3 and partialCount=fullCount-1 instead of partialCount<fullCount * TestDagExportLocalOnlyImpliesOffline: assert exact partial block count, not just file Size > 0 (proves --offline was applied) Add TestDagExportLocalOnlySkipsSubtree: builds a 259-block DAG with depth>1 (256 chunks under 2 intermediates), removes an intermediate, and verifies the partial CAR is missing the intermediate plus all 174 of its descendants. Existing tests only exercised leaf removal. Extract countCARBlocks and makePartialDAG helpers used across tests. * docs: changelog entry for --local-only dag export/import * refactor(dag): wrap API explicitly for --local-only Replace the req.Options["offline"] = true mutation with an explicit api.WithOptions(options.Api.Offline(true)) wrap after GetApi, matching the pattern already used in core/commands/dag/import.go. Clarify in comments that the walker reads from the raw blockstore (not via the kubo CoreAPI or DAGService) and therefore cannot trigger a network fetch by construction. The --offline implication exists for api.Block().Stat path resolution, not for the DAG walk itself. * fix(provider): quiet context.Canceled on shutdown ResetCids returns ctx.Err() straight from its ctx-done select, so a shutdown-during-sync surfaces as err="context canceled" while the outer ctx.Err() check at the classifier sometimes races behind the propagation and logs at Error. Classify context.Canceled the same way as keystore.ErrClosed so the message lands at Debug. Applied to both the startup and periodic classifiers. DeadlineExceeded is intentionally not included: nothing in the current call chain imposes a deadline, and a future timeout would be a real failure worth logging at Error. Closes the flake in TestProviderKeystoreSyncShutdownQuiet (10/10 local soak now green; CI hit the race 3 reruns in a row). --------- Signed-off-by: Chayan Das <01chayandas@gmail.com> Co-authored-by: Marcin Rataj <lidel@lidel.org>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@57e3a13...e79a696) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marcin Rataj <lidel@lidel.org>
* chore(deps): bump github.com/ipshipyard/p2p-forge Bumps the ipfs-ecosystem group with 1 update in the / directory: [github.com/ipshipyard/p2p-forge](https://github.com/ipshipyard/p2p-forge). Updates `github.com/ipshipyard/p2p-forge` from 0.8.0 to 0.9.0 - [Release notes](https://github.com/ipshipyard/p2p-forge/releases) - [Changelog](https://github.com/ipshipyard/p2p-forge/blob/main/CHANGELOG.md) - [Commits](ipshipyard/p2p-forge@v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: github.com/ipshipyard/p2p-forge dependency-version: 0.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ipfs-ecosystem ... Signed-off-by: dependabot[bot] <support@github.com> * chore: run make mod_tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Fork builds previously announced as plain `kubo/<ver>/<commit>`, indistinguishable from upstream in ecosystem dashboards. When `Version.AgentSuffix` and `--agent-version-suffix` are both unset, kubo now derives a default from the build origin so fork traffic self-identifies in the swarm. - mk/git.mk, cmd/ipfs/Rules.mk: normalize `git remote get-url origin` to `host/org/repo` and inject as `buildOrigin` ldflag - version.go: ImplicitAgentSuffix prefers buildOrigin, falls back to debug.ReadBuildInfo Main.Path; suffixFromForkPath strips known forges (github, gitlab, codeberg, bitbucket) and trailing `/kubo` - cmd/ipfs/kubo/daemon.go: use as fallback when explicit values empty - AGENTS.md: state builds must use `make build` so ldflags are set - docs/config.md: document the implicit-suffix behavior Co-authored-by: Guillaume Michel <guillaumemichel@users.noreply.github.com>
* fix(libp2p): quieter dead-listener check Scope the v0.42 dead-listener ERROR to explicit listens in Addresses.Swarm: a server-profile node with default `/ip4/0.0.0.0` and `/ip6/::` listens otherwise logged ERROR for every loopback, Docker bridge, ULA, or other private interface the wildcard expanded into, drowning the actual gotcha (a `/ip4/127.0.0.1/tcp/.../ws` listener fronted by a local reverse proxy). Log routing: - AddrFilters + explicit listen: ERROR (whole listener unreachable). - AddrFilters + wildcard expansion: DEBUG (other interfaces still serve). - NoAnnounce match: DEBUG (operator intent, useful when tracing identify or DHT contents). * fix(libp2p): match explicit listens by full addr Explicit-ness keyed on the listener IP alone, so a wildcard listen expanding onto an interface whose IP was also bound explicitly on another port (server profile plus a /ip4/127.0.0.1/.../ws reverse proxy) was logged as a spurious ERROR. Match the full resolved multiaddr instead: InterfaceListenAddresses echoes a specific-IP listen verbatim while a wildcard never resolves to itself. * fix(libp2p): match explicit listens by socket Classify a dead listener as explicit by its bound socket (IP, transport, port) instead of the full multiaddr string. A listener is reported under a different multiaddr than its Addresses.Swarm entry once a transport rewrites trailing components: WebTransport appends /certhash, WebSocket turns /wss into /tls/ws. The string compare missed these and silently downgraded the affected explicit listeners from ERROR to DEBUG, hiding the reverse-proxy gotcha the check exists to surface. The transport is part of the key because TCP and QUIC share a port number by default (4001), so a pinned QUIC listener must not promote the same-port TCP wildcard expansion to ERROR.
* chore(deps): bump github.com/ipshipyard/p2p-forge Bumps the ipfs-ecosystem group with 1 update in the / directory: [github.com/ipshipyard/p2p-forge](https://github.com/ipshipyard/p2p-forge). Updates `github.com/ipshipyard/p2p-forge` from 0.8.0 to 0.9.0 - [Release notes](https://github.com/ipshipyard/p2p-forge/releases) - [Changelog](https://github.com/ipshipyard/p2p-forge/blob/main/CHANGELOG.md) - [Commits](ipshipyard/p2p-forge@v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: github.com/ipshipyard/p2p-forge dependency-version: 0.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ipfs-ecosystem ... Signed-off-by: dependabot[bot] <support@github.com> * chore: run make mod_tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Fork builds previously announced as plain `kubo/<ver>/<commit>`, indistinguishable from upstream in ecosystem dashboards. When `Version.AgentSuffix` and `--agent-version-suffix` are both unset, kubo now derives a default from the build origin so fork traffic self-identifies in the swarm. - mk/git.mk, cmd/ipfs/Rules.mk: normalize `git remote get-url origin` to `host/org/repo` and inject as `buildOrigin` ldflag - version.go: ImplicitAgentSuffix prefers buildOrigin, falls back to debug.ReadBuildInfo Main.Path; suffixFromForkPath strips known forges (github, gitlab, codeberg, bitbucket) and trailing `/kubo` - cmd/ipfs/kubo/daemon.go: use as fallback when explicit values empty - AGENTS.md: state builds must use `make build` so ldflags are set - docs/config.md: document the implicit-suffix behavior Co-authored-by: Guillaume Michel <guillaumemichel@users.noreply.github.com>
* fix(libp2p): quieter dead-listener check Scope the v0.42 dead-listener ERROR to explicit listens in Addresses.Swarm: a server-profile node with default `/ip4/0.0.0.0` and `/ip6/::` listens otherwise logged ERROR for every loopback, Docker bridge, ULA, or other private interface the wildcard expanded into, drowning the actual gotcha (a `/ip4/127.0.0.1/tcp/.../ws` listener fronted by a local reverse proxy). Log routing: - AddrFilters + explicit listen: ERROR (whole listener unreachable). - AddrFilters + wildcard expansion: DEBUG (other interfaces still serve). - NoAnnounce match: DEBUG (operator intent, useful when tracing identify or DHT contents). * fix(libp2p): match explicit listens by full addr Explicit-ness keyed on the listener IP alone, so a wildcard listen expanding onto an interface whose IP was also bound explicitly on another port (server profile plus a /ip4/127.0.0.1/.../ws reverse proxy) was logged as a spurious ERROR. Match the full resolved multiaddr instead: InterfaceListenAddresses echoes a specific-IP listen verbatim while a wildcard never resolves to itself. * fix(libp2p): match explicit listens by socket Classify a dead listener as explicit by its bound socket (IP, transport, port) instead of the full multiaddr string. A listener is reported under a different multiaddr than its Addresses.Swarm entry once a transport rewrites trailing components: WebTransport appends /certhash, WebSocket turns /wss into /tls/ws. The string compare missed these and silently downgraded the affected explicit listeners from ERROR to DEBUG, hiding the reverse-proxy gotcha the check exists to surface. The transport is part of the key because TCP and QUIC share a port number by default (4001), so a pinned QUIC listener must not promote the same-port TCP wildcard expansion to ERROR.
AutoTLS only issues a libp2p.direct cert once the node is publicly reachable on a TCP port, so local runs need UPnP/NAT-PMP enabled and a shortened RegistrationDelay. Clarify that a libp2p.direct relay address is not the same as the node's own AutoTLS address.
p2p-forge v0.9.0 landed in v0.42 via backport, so list it under v0.42 dependency updates and drop it from v0.43. Also annotate skipped intermediate releases (Go 1.26.3, kad-dht v0.39.2, go-fuse v2.10.0).
Bot accounts like dependabot[bot] are not human contributors, so drop entries whose GitHub handle or author name ends in the [bot] suffix from the release contributor table.
Release v0.42.0
* chore: bump boxo to test ipfs/boxo#1166 Bumps github.com/ipfs/boxo to the tip of fix/ipns-cache-control-expiry (55fd621d1872) to exercise the IPNS cache-control/TTL/EOL fixes from ipfs/boxo#1166. Root, docs/examples, and test/dependencies modules tidied via make mod_tidy. Signed-off-by: Marcin Rataj <lidel@lidel.org> * fix: validate ipns lifetime and ttl settings ipfs name publish now sanitizes its duration flags instead of emitting a record that fails verification later: a non-positive --lifetime and a negative --ttl are rejected, an explicit --ttl over --lifetime is rejected, and an omitted --ttl is capped to --lifetime. The --lifetime and --ttl defaults are applied server-side so an explicit value is distinguishable from the default. The daemon also refuses to start when Ipns.RecordLifetime is shorter than Ipns.RepublishPeriod, which would let records expire before they are republished. Signed-off-by: Marcin Rataj <lidel@lidel.org> * switch to boxo@main with fix #1166 --------- Signed-off-by: Marcin Rataj <lidel@lidel.org> Co-authored-by: gammazero <11790789+gammazero@users.noreply.github.com>
boxo's Traverse already dedups each root with its own seen set, so the command-level cid.Set held a second copy of every CID in the DAG. On a multi-hundred-GiB root that doubled the dedup memory and OOM-killed daemons mid-stat. - allocate the set only for multiple roots (cross-root dedup needs it) - single root derives UniqueBlocks from the per-root block count
Detect carrier-grade or double NAT at startup and log a one-time stderr notice, turning the recurring "running IPFS kills my home internet" symptom into a clear cause: a busy node fills the ISP's shared NAT table. - classify host addresses; a private or shared (RFC 6598 100.64.0.0/10) NAT-mapped WAN address that is not a local interface means CGNAT or double NAT. overlay addresses on a local interface (tailscale, zerotier) and publicly reachable nodes are ignored, so the notice stays quiet. - add Internal.CGNATCheck and Internal.DeadListenerCheck (both default true) to silence the CGNAT notice and the v0.42 dead-listener check. - expose the classification as the nat field of ipfs swarm addrs autonat. - docs: config.md entries and v0.43 changelog highlight. Closes #11326 Co-authored-by: Andrew Gillis <11790789+gammazero@users.noreply.github.com>
Merge release v0.42.0
* chore: upgrade to boxo v0.41.0 * use tagged release
) Bumps [github.com/tidwall/gjson](https://github.com/tidwall/gjson) from 1.18.0 to 1.19.0. - [Commits](tidwall/gjson@v1.18.0...v1.19.0) --- updated-dependencies: - dependency-name: github.com/tidwall/gjson dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.