Skip to content

chore(release): v1.7.1#14640

Merged
zerosnacks merged 22 commits into
release-1.7.1from
zerosnacks/prepare-release
May 8, 2026
Merged

chore(release): v1.7.1#14640
zerosnacks merged 22 commits into
release-1.7.1from
zerosnacks/prepare-release

Conversation

@zerosnacks

@zerosnacks zerosnacks commented May 7, 2026

Copy link
Copy Markdown
Contributor

Cherry-picks for v1.7.1 release, applied on top of release-1.7.1 (f83bad912, "chore(release): apply fixes for v1.7.0").

Cherry-picked PRs

# Title
#14509 fix(cheatcodes): fix solc 0.8.35 error keyword warning
#14524 chore: bump compiler version to 0.8.35 for tests
#14528 feat(forge): use network = "tempo" and add rpc_endpoints in tempo template
#14534 fix(config): suppress spurious unknown-key warning for network
#14546 fix(ci): use PATH_USD fallback fee token in Mail templates
#14555 fix(forge): ignore ETH_RPC_URL for test forking
#14562 fix(cli): fix jsonwebtoken panic
#14563 ci: sign release archives, docker images, and publish SBOMs
#14584 fix(ci): increase permissions for the enhanced attestation writing
#14585 fix(forge): encode Tempo creates as AA calls
#14496 fix(cli): fix release version strings for immutable tags, bump to 1.7.1
#14007 fix(evm): query state_snapshot.storage in ForkDbStateSnapshot::storage_ref
#14590 fix(cast): consistent --json output for keychain subcommands
#14547 fix(cheatcodes): transfer value for payable mock calls
#14610 fix(forge): --fuzz-seed parameter is not effective in forge coverage
#14615 fix(cheatcodes): enforce expectRevert reverter address for CREATE frames
#14619 fix(cheatcodes): preserve reverts with expectEmit
#14637 fix(evm): preserve CREATE address on revert in isolation mode

Additional pulled-in fixes for CI

# Title Reason
#14554 chore(clippy): fix for_kv_map and useless_borrows_in_formatting clippy CI fails on v1.7.0 base under newer toolchain
#14504 fix(ext): bump forge-std commit in external integration tests ext_integration::forge_std test compares against newer forge-std rev
#14510 chore(tests): bump forge-std version numerous forge build/cmd tests assert against newer forge-std rev

Manual modifications

#14590 — partial cherry-pick

Upstream patch touched three sites; only run_remaining_limit exists on this branch.

  • Kept the { "remaining": ... } JSON output object change.
  • Did not include the new crates/cast/tests/cli/keychain.rs test file. The added keychain_rl_json_is_object test calls cast keychain rl against anvil::NodeConfig::test_tempo(), which on the v1.7.0 Tempo dependency rev returns Method not found for the keychain precompile RPC. The original keychain_authorize_sponsor_hash_json_is_object was already dropped (depends on --tempo.print-sponsor-hash on keychain authorize, which doesn't exist on this branch).

ci(tempo): align CI Tempo workflow with master

Backport of CI Tempo workflow updates (#14501, #14537, #14556) so v1.7.1 matches master's structure:

  • Devnet checks run on PR and push
  • Devnet wallet tests run on PR and push
  • Testnet/mainnet checks moved to nightly schedule only
  • Nightly failure issue creation

The Check Tempo fork schedule compatibility step from master is intentionally omitted — the underlying tempo::tests::test_fork_schedule_parses_configured_rpcs test was introduced by #14485 (Tempo deps bump), which is not part of v1.7.1.

Skipped PRs

figtracer and others added 10 commits May 7, 2026 11:41
fix(cheatcodes): avoid solc error keyword warning

(cherry picked from commit f0bd9bb)
* bump compiler version for tests

* fix CI: update gas snapshots and bump svm-rs to 0.5.25

Amp-Thread-ID: https://ampcode.com/threads/T-019dddbd-7f28-72cc-965b-d5a23ecb37ce
Co-authored-by: Amp <amp@ampcode.com>

* make fmt

Amp-Thread-ID: https://ampcode.com/threads/T-019dddbd-7f28-72cc-965b-d5a23ecb37ce
Co-authored-by: Amp <amp@ampcode.com>

* fix: add blockTimestamp to LegacyTransactionResult for testRpcTransactionByHash

DRPC now returns a blockTimestamp field, which shifts ABI decoding offsets
and breaks the test.

Amp-Thread-ID: https://ampcode.com/threads/T-019dddbd-7f28-72cc-965b-d5a23ecb37ce
Co-authored-by: Amp <amp@ampcode.com>

---------

Co-authored-by: Amp <amp@ampcode.com>
(cherry picked from commit 470d048)
Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
(cherry picked from commit 6c9bbea)
`cast` panicked with this message coming from jsonwebtoken:

```
Call CryptoProvider::install_default() before this point to select a provider manually, or make sure exactly one of the
'rust_crypto' and 'aws_lc_rs' features is enabled.
See the documentation of the CryptoProvider type for more information.
```

This seemingly was introduced with the bump of jsonwebtoken to 10. Now
it requires you to pick one backend used by default controlled by the
compile time cargo features or call `CryptoProvider::install_default()`
at the beginning.

I realized that probably it would be better to just select the feature
and I picked `aws_lc_rs` as it seems to be increasingly a default and
we already are using the C toolchain.

Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
(cherry picked from commit 6e40f56)
- release.yml: emit per-archive sha256 + SPDX SBOM (Syft), cosign
  keyless sign-blob of the archive, and use actions/attest@v4 for both
  build provenance and SBOM attestations. Upload all artifacts to the
  draft release.
- docker-publish.yml: enable BuildKit SBOM, capture the build digest,
  cosign keyless sign each pushed tag, and publish a Sigstore-signed
  SLSA provenance attestation via actions/attest with push-to-registry.
- SECURITY.md: document how external users verify archives and the
  docker image (gh attestation, cosign, plain sha256, buildx imagetools).
- README.md: link to the new verification section.

(cherry picked from commit 3e7f0ed)
…14584)

* increase permissions for artifact writing

* apply write permissions to release-docker

(cherry picked from commit 1fd6466)
….1 (#14496)

* Fix release version metadata for immutable tags

Amp-Thread-ID: https://ampcode.com/threads/T-019dd617-b29f-7409-8523-9858a1504f17
Co-authored-by: Amp <amp@ampcode.com>

* Derive nightly release suffix from commit SHA

Amp-Thread-ID: https://ampcode.com/threads/T-019dd617-b29f-7409-8523-9858a1504f17
Co-authored-by: Amp <amp@ampcode.com>

* Apply suggestion from @zerosnacks

* Apply suggestion from @zerosnacks

* Apply suggestion from @zerosnacks

* bump to v1.7.1

* avoid appending whole sha hash, not necessary, handle version cmp correctly. after v1.7.1 release we need to bump to v1.7.2 for nightlies following it to compare correctly

* Make foundryVersionCmp tolerate new version format and add tests

- Strip both pre-release ('-nightly', '-dev') and build metadata ('+<sha>.<ts>.<profile>') from SEMVER_VERSION before comparison so the cheatcode keeps working for tagged releases (which have no '-' separator).
- Extract strip_semver_metadata helper and add Rust unit tests covering all SEMVER_VERSION shapes, version_cmp ordering, and parse_version rejection of pre-release/build/garbage input.
- Extend the Solidity test suite for vm.getFoundryVersion()/foundryVersionCmp/foundryVersionAtLeast: validate MAJOR.MINOR.PATCH parseability, build profile value, cmp/atLeast invariant, and error paths for invalid user-supplied versions.

Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c
Co-authored-by: Amp <amp@ampcode.com>

* fix(test): drop view from solidity tests using assert helpers and fix fmt

- assertTrue/assertEq aren't view, so testGetFoundryVersionBuildProfile and testFoundryVersionCmpAndAtLeastAreConsistent can't be view either.
- Collapse the buildType assertion onto one line to satisfy forge fmt.

Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c
Co-authored-by: Amp <amp@ampcode.com>

* test(version): assert build profile is non-empty instead of debug|release

The dist profile (used for distributed release binaries) is also valid; just require non-empty so any future profile works.

Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c
Co-authored-by: Amp <amp@ampcode.com>

* Normalize nightly-<sha> to nightly in release_version

Ensures tarball and Docker nightly artifacts produce the same version
string. The commit identifier is already included in the SemVer build
metadata (after `+`), so collapsing `nightly-<sha>` to `nightly`
avoids duplicating the SHA in the pre-release tag.

Co-authored-by: Amp <amp@ampcode.com>
Amp-Thread-ID: https://ampcode.com/threads/T-019df79e-d4c9-707c-85eb-2efbf59160b3

---------

Co-authored-by: Centaur AI <ai@centaur.local>
Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: zerosnacks <zerosnacks@protonmail.com>
(cherry picked from commit a70d4aa)
…rage_ref` (#14007)

* fix(evm): query `state_snapshot.storage` in `ForkDbStateSnapshot::storage_ref`

* test(evm): cover `ForkDbStateSnapshot::storage_ref` snapshot lookup

(cherry picked from commit fa5429a)
@zerosnacks zerosnacks force-pushed the zerosnacks/prepare-release branch 2 times, most recently from ae69bb2 to 0085a57 Compare May 7, 2026 10:12
mablr and others added 9 commits May 7, 2026 13:07
)

- `keychain rl`: wrap remaining limit in `{"remaining":"..."}` object
  instead of emitting a bare JSON string
- `keychain policy add-call`: emit
  `{"status":"already_present","target":"..."}`
  when the rule already exists, instead of plain text
- `send_keychain_tx`: wrap sponsor hash in `{"sponsor_hash":"0x..."}`
  object when --tempo.print-sponsor-hash is used with --json

Add CLI tests covering the rl and sponsor-hash JSON output shapes.

(cherry picked from commit 7916719)
* test: updated tests

* fix: execute value transfer

* test: improve

* imp: review item

* test: vm.prank test

* imp: moved mocked-call handling after prank application

---------

Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
(cherry picked from commit f2e09d2)
…ge` (#14610)

fix --fuzz-seed not effective in forge coverage

(cherry picked from commit bd9cf55)
…rames (#14615)

* fix(cheatcodes): enforce `expectRevert` reverter address for CREATE
frames

The reverter address argument to `vm.expectRevert` was silently ignored
when the innermost reverting frame was a CREATE (top-level or nested),
because create_end never populated `expected_revert.reverted_by`.

Mirror call_end's logic in create_end: when the outcome reverts and a
reverter address is expected, record outcome.address (revm guarantees
this is Some(would-be address) whenever the constructor executed).

Adds positive regression tests for top-level and nested-CREATE reverts,
and a negative regression test asserting wrong-reverter now fails.

Co-authored-by: Amp <amp@ampcode.com>

* improve coverage

* add Derek's suggested test cases

* fix: forge fmt for ExpectRevert.t.sol

Amp-Thread-ID: https://ampcode.com/threads/T-019dfdc5-5414-70b6-9f49-cb5797a37a29
Co-authored-by: Amp <amp@ampcode.com>

---------

Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
(cherry picked from commit 85cd75c)
* test: added regression test

* fix: re-order revert handling

* refactor: simplify

* lint: fmt

* polish: tighten comment, extend test with revert reason and custom error

Amp-Thread-ID: https://ampcode.com/threads/T-019dfd96-7a03-7249-8c10-af20ee2729f5
Co-authored-by: Amp <amp@ampcode.com>

---------

Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: Amp <amp@ampcode.com>
(cherry picked from commit 2e8ae6c)
* chore(clippy): fix for_kv_map and useless_borrows_in_formatting

Amp-Thread-ID: https://ampcode.com/threads/T-019df0f9-62e7-74b8-bd5e-da2acce678fb
Co-authored-by: Amp <amp@ampcode.com>

* chore(clippy): drop redundant borrows in cheatcodes assert formatters

Amp-Thread-ID: https://ampcode.com/threads/T-019df0f9-62e7-74b8-bd5e-da2acce678fb
Co-authored-by: Amp <amp@ampcode.com>

---------

Co-authored-by: Amp <amp@ampcode.com>
(cherry picked from commit 84d3873)
chore: bump forge-std version used for tests

Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
(cherry picked from commit 5766929)
@zerosnacks zerosnacks force-pushed the zerosnacks/prepare-release branch from 0085a57 to 3154998 Compare May 7, 2026 11:08
)

* fix(config): suppress spurious unknown-key warning for `network`

The `network` field in `NetworkConfigs` had `skip_serializing_if =
"Option::is_none"`, so it was missing from the serialized default
`Config`. The warnings provider builds its allowed-keys set from that
serialized default, so a valid `network = "tempo"` entry in
foundry.toml triggered:

    Warning: Found unknown `network` config for profile `default`
    defined in foundry.toml.

Replace `skip_serializing_if` with `#[serde(default)]` so `network`
appears (as null) in the default config and is recognized as a known
profile key. TOML output is unchanged (None is omitted by toml-rs);
only the JSON snapshot in `test_default_config` needed updating.

Amp-Thread-ID: https://ampcode.com/threads/T-019ddec8-2f04-7255-b8bf-70c1ce2a996d
Co-authored-by: Amp <amp@ampcode.com>

* test(config): add regression tests for network/tempo unknown-key warnings

Cover both the new `network = "tempo"` form and the legacy
`tempo = true` alias to ensure neither triggers UnknownKey warnings.

Amp-Thread-ID: https://ampcode.com/threads/T-019ddec8-2f04-7255-b8bf-70c1ce2a996d
Co-authored-by: Amp <amp@ampcode.com>

* fix(config): canonicalize network field on serialization

Previously, with `network = "tempo"` set, `forge config` would emit
both:

    network = "tempo"
    tempo = false

which is misleading — the legacy boolean alias contradicts the resolved
network. Conversely, with `tempo = true` (legacy), the output omitted
`network` entirely, hiding the actual resolved network.

Make `NetworkConfigs` use a custom `Serialize` impl that:

- Always emits the *resolved* network as the canonical `network = "..."`
  field.
- Never emits the legacy `tempo` / `optimism` boolean aliases (they are
  still accepted as deserialize-only aliases for backward compatibility).
- Continues to emit `celo` and `bypass_prevrandao` as before.

This ensures consistent output regardless of input form:

    network = "tempo"  (canonical)   →  network = "tempo"
    tempo = true        (legacy)       →  network = "tempo"
    optimism = true     (legacy)       →  network = "optimism"

Both legacy keys are added to `BACKWARD_COMPATIBLE_KEYS` in the
warnings provider so they don't trigger unknown-key warnings on input.
Test snapshots updated accordingly.

Amp-Thread-ID: https://ampcode.com/threads/T-019ddec8-2f04-7255-b8bf-70c1ce2a996d
Co-authored-by: Amp <amp@ampcode.com>

* style: cargo fmt

Amp-Thread-ID: https://ampcode.com/threads/T-019ddec8-2f04-7255-b8bf-70c1ce2a996d
Co-authored-by: Amp <amp@ampcode.com>

---------

Co-authored-by: Amp <amp@ampcode.com>
(cherry picked from commit 95bf101)
@zerosnacks zerosnacks changed the title chore(release): apply fixes for v1.7.1 chore(release): v1.7.1 May 7, 2026
zerosnacks and others added 2 commits May 7, 2026 13:41
…plate (#14528)

* feat(forge): use network = "tempo" and add rpc_endpoints in tempo template

Amp-Thread-ID: https://ampcode.com/threads/T-019dddff-1855-752f-b136-bd0465462ac8
Co-authored-by: Amp <amp@ampcode.com>

* feat(forge): add eth_rpc_url = "tempo" to tempo template

Amp-Thread-ID: https://ampcode.com/threads/T-019dddff-1855-752f-b136-bd0465462ac8
Co-authored-by: Amp <amp@ampcode.com>

* style: cargo fmt

Amp-Thread-ID: https://ampcode.com/threads/T-019dddff-1855-752f-b136-bd0465462ac8
Co-authored-by: Amp <amp@ampcode.com>

* fix: drop eth_rpc_url from tempo template (would silently fork all tests)

Amp-Thread-ID: https://ampcode.com/threads/T-019dddff-1855-752f-b136-bd0465462ac8
Co-authored-by: Amp <amp@ampcode.com>

* refactor: build tempo template foundry.toml in a single toml serialize

Amp-Thread-ID: https://ampcode.com/threads/T-019dddff-1855-752f-b136-bd0465462ac8
Co-authored-by: Amp <amp@ampcode.com>

---------

Co-authored-by: Amp <amp@ampcode.com>
(cherry picked from commit 323bceb)
…st step

Backport of CI Tempo workflow updates (#14501, #14537, #14556) so the
v1.7.1 release branch matches master:

- Devnet checks run on PR and push (re-enabled)
- Devnet wallet tests run on PR and push
- Testnet/mainnet checks moved to nightly schedule only
- Nightly failure issue creation

The 'Check Tempo fork schedule compatibility' step is intentionally
omitted: the underlying tempo::tests::test_fork_schedule_parses_configured_rpcs
test was added in #14485 (Tempo deps bump) which is not part of v1.7.1.

Amp-Thread-ID: https://ampcode.com/threads/T-019e01cd-cea5-72e8-8338-5f0594e06335
Co-authored-by: Amp <amp@ampcode.com>
@zerosnacks zerosnacks marked this pull request as ready for review May 7, 2026 13:42

@mablr mablr left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@figtracer figtracer left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lg! ✨

@zerosnacks zerosnacks merged commit 4072e48 into release-1.7.1 May 8, 2026
18 checks passed
@zerosnacks zerosnacks deleted the zerosnacks/prepare-release branch May 8, 2026 07:44
@github-project-automation github-project-automation Bot moved this to Done in Foundry May 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

10 participants