-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add dependency audit contract #33
Add dependency audit contract #33
Conversation
013e2ad
to
5e8737e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
contracts/DependencyAudit.cdc
Outdated
access(all) event PanicOnUnstagedDependenciesChanged(shouldPanic: Bool) | ||
|
||
// checkDependencies is called from the FlowServiceAccount contract | ||
access(self) fun checkDependencies(_ dependenciesAddresses: [Address], _ dependenciesNames: [String], _ authorizers: [Address]) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like this param is unused, can this be removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is injected by the FVM. I added this incase we need to do some special handling according to authorizers.
tests/dependency_audit_tests.cdc
Outdated
) | ||
Test.expect(commitResult, Test.beFailed()) | ||
// not sure how to test this: | ||
// Test.expect(commitResult.error!.message, Test.contain("panic: Found unstaged dependencies: A.0x0000000000000008.Foo") ) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't able to find docs or prior art on how to implement and pass a custom handler to Test.expect
, but I also validated locally that this is the reason the txn fails here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
I think excluding addresses is okay assuming excluded contracts will be core contracts in which case all contracts at those addresses would be excluded
I guess that depends on
IMO if contracts that fail to update are simply removed from execution state and all dependencies migrate without dependency on this contract, it's probably not a problem to continue without staging. If however we're leaving garbage by not staging it and/or dependencies will fail their migration without staging this contract, we should stage this contract. |
They would be left as garbage.
No-one should depend on this contract. The only contract that depends on this contract is the service account, but that dependency will be removed during the upgrade itself. I think it might be best to still stage it, so that it is functional after the upgrade and can be gracefully cleaned up if needed. I will work on preparing and staging the contract. |
I opened #34 for cadence 1.0 port |
ref: onflow/flow-go#5858
ref: onflow/flow-core-contracts#430
Description
This is intended to work together with this FVM PR onflow/flow-go#5908 which is already deployed on testnet, so this can be deployed when it is ready. The contract is going to get called from the FlowServiceAccount. The PR for that is here: onflow/flow-core-contracts#430
This is only needed pre-1.0 and the
checkDependencies
function can (and will) be removed post-1.0. At that point the DependenciesAudit contract also becomes useless.When deploying
DependenciesAudit
the service accounts (those containing service account contracts) will be listed as excluded addresses. More can be added later.Open questions:
For contributor use:
main
branchFiles changed
in the Github PR explorer