* Add check for spoofed IP in ping message
* Add logging message when ping request is rejected.
Signed-off-by: David Mechler <david.mechler@consensys.net>
* rename more whitelist occurrences; change allowlisted to allowed and reword where we ended up with allowlisting
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
Upgrade to ErrorProne 2.4.0
* public constructors on abstract classes are removed
* Javadoc must have meaningfull documentation
* lambdas should not be variables
* Added to the list of confusing inner class names (Entry and Type)
* no assert keyword in tests
* Obsolete JDK classes produce errors now
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* replace whitelist/blacklist with allowlist/denylist and support both versions in CLI options
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
ProtocolContext uses a generic for the consensus state, which has a very
large footprint across the code to accomplish what it intends to
accomplish. For every call there are about 61 other lines per call that
need to be updated, over 1300 lines total.
Instead replace it with java.lang.Class#cast, which provides runtime
security, and use generics to provide the compile time sugar that
allows for chained methods of the appropriate type. Then remove its
(quite large) footprint from the rest of the code.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Some of our loggers were not private, static, and final. In a few
cases these were non-static fields in classes that were repeatedly
instantiated in core transaction logic.
This is enforced via a new ErrorProne check, so the PR includes fixes
for all of the places this was a problem, not just the performance
impacting code.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Removes as many Gradle 7.0 compatibility issues as possible
* `baseName` -> `archiveBaseName`
* `extension` -> `archiveExtension`
* `destinationDir` -> `destinationDirectory`
* `runtime` -> `runtimeOnly`
* Change some log4j-api and log4j-core dependencies
* Remove an unneeded and outdated plugin (`net.ltgt.apt`)
* tweak the plugin-api change detector's property annotations.
Warnings still exist with one external plugin used for license file
checking that we do not control the source code for.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
This was turned off a number of months ago because of long build times.
However it appears either because of code structure changes or fixed
errorprone that this finishes in a reasonable time now.
Code that violated this check is also fixed.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Update dependencies to most current version
- except picocli which is a major version update
Alphabetize dependencies
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Use UnformattedDataImpl as a DelegatingBytes class, so we can have it used throughout and reduce the churn of new objects
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* adding in spdx-license-identifier & updated check for the same; removing license check from spotless
Signed-off-by: Joshua Fernandes <joshua.fernandes@consensys.net>
* Change CheckSpdxHeader to a task.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
This reverts commit 814b36e4
The needed chantes to get rid of Instant.now (which is also needed to get rid
of the wall clock dependency) are too deep and intrusive into IBFT to try and
speed patch them in that some APIs require re-work, so in the interst of test
stability this gets sheleved until it is all ready.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
To allow us to reset the timestamp in the blockchain for Retesteth support
we need to pass a Clock to affected APIs and use that instead of the static method
System.currentTimeMillis(). The most consistent way to do this that will ensure
that the API does not sneak back in is to ban the method via ErrorProne.
TestClock.fixed() was altered to return the "now" time of the first time the fixed clock was requested, needed for many header validation tasks validating headers are not from the future.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
- Update SyncStatusNodePermissioningProvider to use URI (without discovery port) instead of EnodeURI to allow optimised permission checking of static nodes
- Add EnodeURL.toURIWithoutDiscoveryPort
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Don't copy collections if we don't need to. Change types higher up if needed.
* Don't use Guava's Object.equal, use Java's Objects.equals.
** add errorprone test to enforce the banning of Guava's Objects class.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
David Mechler
Sally MacFarlane
Danno Ferrin
Ratan Rai Sur
chaals
Antoine Toulme
Abdelhamid Bakhta
mbaxter
Joshua Fernandes
Nicolas MASSART
mark-terry
mbaxter
Danno Ferrin
Lucas Saldanha
Usman Saleem
Adrian Sutton
Chris Mckay
Lucas Saldanha