Drop Python 3.9, use 3.10 for dist, bump Ledger#819
Conversation
8489c74 to
57f6690
Compare
57f6690 to
a608ea3
Compare
|
Rebased after #818 landed, ready for review. I lightly tested the dist builds on Ubuntu (x86_64, including qt) and macOS (only command line). I ran the GUI in Wine, but that doesn't have USB access so not very informative. I also ran it on a native Windows machine. Windows Defender wasn't happy about it, but I didn't do any code signing. There it detected a connected device, so that's good. I wonder if it makes sense for the deterministic binary releases to jump straight ahead to a more modern Python? Also, would it make sense to do one final HWI release with Python 3.9 before merging this? |
|
Added commit to re-enable the Ledger tests. |
a4e3a84 to
ae9e49d
Compare
|
Rebased just in case after recent merges. |
|
Does the dist build work on in an arm docker container, as described in the release process? |
ae9e49d to
f473a2e
Compare
I built inside an arm64 docker container on the x86 linux machine. I also made it do an Rebased again, this time using The first time I ran that command, it moved I also built and tested the x86 macOS build on a native machine. I was able to run the QT application and it connected to a test deviced and fetch the descriptors. Checksums: |
|
The spurious Ledger failure appears to be the result of the test suite occasionally hitting the Cancel / Reject button. Where Added a commit to drop that rule, since it's unused anyway. |
3ac16e0 to
5197ac2
Compare
|
Rebased just in case.
I briefly tested the x86 linux gui. |
|
Added a commit here to fix Trezor CI. Unrelated so can be its own PR if it works. |
c85d39c to
a8bd342
Compare
|
The one bitbox01 and one ledger failures seem spurious. But the jade test failures were real, so I'm pushing a new fix shortly (basically #832). |
d2093d9 to
d21b545
Compare
The rolling nightly toolchain has drifted past what trezor-firmware core/v2.9.6 supports: recent nightlies reject its reexport_test_harness_main attribute with error E0658. Pin the nightly to 2025-04-15, matching the firmware's own shell.nix. Co-authored-by: Claude (Fable 5) <noreply@anthropic.com>
cache_unsigned_tx_pieces() decided whether to call setup_from_tx() by checking if self.tx is None. But it never is: __init__ sets it to an empty CTransaction. So for PSBTv2, which has no global transaction, setup_from_tx() replaced the deserialized tx version and fallback locktime with the empty transaction's defaults (version 1, locktime 0). This silently modified any PSBTv2 transaction with a different version or locktime, such as those made by Bitcoin Core (version 2 and an anti-fee-sniping locktime), invalidating signatures created before the round-trip through HWI. Check the PSBT version instead, as the docstring already describes. Co-authored-by: Claude (Fable 5) <noreply@anthropic.com>
Also drops Python 3.6 dataclasses leftover.
|
Actually #832 did not do the trick. This time I ran the simulator locally to reproduce the issue. It was the PSBTv2 change on Bitcoin Core's master (again, this change bit me multiple times). I dropped the cbor commits, because they're not needed here, but based on local testing they should not be a problem. I opened a fresh PR for just the CI fixes: #836 |
This reduces churn when running this command again for the upcoming commits.
Most device simulators accept arbitrary keypool paths, so keep testing that behavior by default. Some devices enforce their own derivation path policies. Let those emulators opt out of the arbitrary-path portion while still running the remaining keypool checks.
Also demote discarded-qualifiers warnings in Speculos' bundled deps so -Werror builds keep working with the updated simulator.
d21b545 to
712823a
Compare
|
The one failing ledger just is spurious. @andreasgriffin much of this was written with the help of Claude and Codex, so I wouldn't expect it to find anything. Unless you give it a more specific prompt based on your own review, of something that might be incorrect. In general for this Python bump it would be great if someone can test the binaries on every supported platform. I did that before the rebase, so I don't expect anything new to have broken, but still. |
The Speculos automation file advances through screens by matching
text fragments. The rule for the "To" screen matched any fragment
starting with "To", including parts of the destination address
shown below that title.
This is what failed in CI run 28680592019 (job 85066632783). The
address mzmauywUy3WF1TX3YxzQMA5PR4zXqJVLTo was split on the device
screen into "mzmauywUy3WF1TX", "3YxzQMA5PR4zXqJVL" and "To". The
latter confused the automation rule for "To", which pressed an
extra right button:
automation: getting actions for "To" (57, 3)
automation: getting actions for "mzmauywUy3WF1TX" (9, 19)
automation: getting actions for "3YxzQMA5PR4zXqJVL" (8, 33)
automation: getting actions for "To" (57, 47)
seproxyhal: applying automation ['button', 2, True]
seproxyhal: applying automation ['button', 2, False]
From there every press landed one screen late; the approval hit
"Reject transaction" and the app returned 0x6985, so signtx
reported a canceled error. "T" and "o" are both valid base58
characters, and bitcoind generates fresh addresses on every run,
which makes this a rare and random failure. Bech32 addresses
cannot trigger it ("o" is not in the bech32 character set).
Limit the "To" rule to the title row (y=3), where address text
never appears. The rule file format does not allow comments, so a
warning about short words in automation rules goes in the README.
Co-authored-by: Claude (Fable 5) <noreply@anthropic.com>
It's unused and occasionally trips up a test.
712823a to
887843c
Compare
|
Fable discovered that the one flaky failure here was due to a base58 address ending in It's a pre-existing bug, but I kept the fix be87c6e here, because it only impacts tests that were disabled before this PR. |
Tested (and they work) https://github.com/bitcoin-core/HWI/actions/runs/28703459171/artifacts/8080924437 (from tests) wheel file on
|
This PR first switches the deterministic builds to Python 3.10. It then drops the end-of-life 3.9.
Then it bumps Speculos and Ledger and enables the tests that were previously disabled.
There's also a few minor cleanup commits, plus changes to make the Docker containers Podman friendly so I can easily run them locally.