704: Allow withdrawing and viewing of the bitcoin balance on swap-cli r=rishflab a=devbordecraft
Same mechanics of the ASB but on swap-cli as discussed in #694
Co-authored-by: devbordecraft <devbordecraft>
Bob was timing out if the encrypted signature could not be sent in 60
seconds. This behaviour is unnecessary because we are racing against
the cancel timelock anyway. By timing out before this, we remove the
opportunity for bob and alice to re-establish a connection.
Previously, we relied on the wallet in the `monero-wallet-rpc` daemon
to be loaded as we do on startup. As a consequence of this expectation,
restarting `monero-wallet-rpc` to fix bugs like #652 resulted in the
ASB no longer operating correctly.
To fix this, we now load the wallet on-demand in case the daemon responds
with the error code -13.
Ideally, we would implement this behaviour generically using the proxy
pattern on the `MoneroWalletRpc` trait. Unfortunately, when attempting
to do so we uncover a limitation in the design of `jsonrpc_client`.
This limitation is tracked in https://github.com/thomaseizinger/rust-jsonrpc-client/issues/47.
Once fixed, we can implement this logic in a more robust way that is not
tied to the `check_tx_key` RPC call but applies to any RPC call automatically.
Per #660, moving the log line on a peer closing connection outside of a swap to DEBUG instead of WARN, as there is no action that can be taken by the ASB owner.
631: Bump tokio-tungstenite from 0.14.0 to 0.15.0 r=thomaseizinger a=dependabot[bot]
Bumps [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite) from 0.14.0 to 0.15.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md">tokio-tungstenite's changelog</a>.</em></p>
<blockquote>
<h1>0.15.0</h1>
<ul>
<li>Update the <code>tungstenite-rs</code> version to <code>0.14.0</code>,
<a href="https://github.com/snapview/tungstenite-rs/blob/master/CHANGELOG.md#0140">check <code>tungstenite-rs</code> release for more details</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="614a4b12eb"><code>614a4b1</code></a> Update the changelog</li>
<li><a href="6e1005f968"><code>6e1005f</code></a> Bump version</li>
<li><a href="44190cfef2"><code>44190cf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/snapview/tokio-tungstenite/issues/174">#174</a> from SyedAhkam/master</li>
<li><a href="bed60c753d"><code>bed60c7</code></a> Derive <code>Debug</code> trait for <code>MaybeTlsStream</code></li>
<li><a href="6ce3591789"><code>6ce3591</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/snapview/tokio-tungstenite/issues/164">#164</a> from torlenor/document_tls_features</li>
<li><a href="4686ae0041"><code>4686ae0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/snapview/tokio-tungstenite/issues/165">#165</a> from snapview/fix-autobahn</li>
<li><a href="e861b1be06"><code>e861b1b</code></a> ci: do not use Travis, superseded by GH Actions</li>
<li><a href="12e3dca65a"><code>12e3dca</code></a> tests: fix confusing wrong paths in the scripts</li>
<li><a href="639b106739"><code>639b106</code></a> tests: use autobahn test suite as docker image</li>
<li><a href="c9b886ea72"><code>c9b886e</code></a> Add documentation about TLS features to README</li>
<li>Additional commits viewable in <a href="https://github.com/snapview/tokio-tungstenite/compare/v0.14.0...v0.15.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio-tungstenite&package-manager=cargo&previous-version=0.14.0&new-version=0.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
641: Bump thomaseizinger/create-pull-request from 1.1.0 to 1.2.1 r=thomaseizinger a=dependabot[bot]
Bumps [thomaseizinger/create-pull-request](https://github.com/thomaseizinger/create-pull-request) from 1.1.0 to 1.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/thomaseizinger/create-pull-request/releases">thomaseizinger/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>1.2.1</h2>
<p>No release notes provided.</p>
<h2>1.2.0</h2>
<h3>Added</h3>
<ul>
<li>Support for adding labels by setting <code>labels</code></li>
<li>Check for existing pull request and <code>created</code> action output</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/thomaseizinger/create-pull-request/blob/master/CHANGELOG.md">thomaseizinger/create-pull-request's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.</p>
<p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>,
and this project adheres to <a href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<h2>[Unreleased]</h2>
<h2>[1.2.0] - 2021-07-26</h2>
<h3>Added</h3>
<ul>
<li>Support for adding labels by setting <code>labels</code></li>
<li>Check for existing pull request and <code>created</code> action output</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="603900158e"><code>6039001</code></a> Use github.actor instead of hardcoded name</li>
<li><a href="f3b6912a65"><code>f3b6912</code></a> Added labels to action.yml (<a href="https://github-redirect.dependabot.com/thomaseizinger/create-pull-request/issues/75">#75</a>)</li>
<li><a href="8aa44c8cb5"><code>8aa44c8</code></a> Update CHANGELOG.md</li>
<li><a href="0afa85c37f"><code>0afa85c</code></a> Added support for labels and existing PR check (v2 from master) (<a href="https://github-redirect.dependabot.com/thomaseizinger/create-pull-request/issues/61">#61</a>)</li>
<li><a href="1737745289"><code>1737745</code></a> Add missing links to changelog</li>
<li><a href="2d426a48b7"><code>2d426a4</code></a> Create CONTRIBUTING.md</li>
<li><a href="296164f67d"><code>296164f</code></a> Misc (<a href="https://github-redirect.dependabot.com/thomaseizinger/create-pull-request/issues/52">#52</a>)</li>
<li>See full diff in <a href="https://github.com/thomaseizinger/create-pull-request/compare/1.1.0...1.2.1">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thomaseizinger/create-pull-request&package-manager=github_actions&previous-version=1.1.0&new-version=1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
615: Update default Monero node URLs and info r=thomaseizinger a=da-kami
xmr.to nodes are not served at the xmr.to domain but moved to melo.tools
Co-authored-by: Daniel Karzel <daniel@comit.network>
The Rust compiler doesn't guarantee in which order field initialization
are executed. By extracting them, we can make sure they run in a certain
order. This will be important as we add more validations that can
fail.
For builds made directly on the tag, the output of `--version` will
not change. For builds not made on a tagged commit, the output will
look something like this:
```
> swap --version
swap 0.7.0-117-g93161f9
```
Fixes#409.
We emit an `info!` log for every peer that we discover but only ever
emitted a `debug!` log if we fail to connect. This leads to a situation
where the user would run `swap list-sellers`, the logs would say
"Discovered XYZ at ABC" but then get a potentially empty table.
To not confuse the user, we include unreachable nodes in the table output.
For example:
```
Connected to rendezvous point, discovering nodes in 'xmr-btc-swap-testnet' namespace ...
Discovered peer 12D3KooWPZ69DRp4wbGB3wJsxxsg1XW1EVZ2evtVwcARCF3a1nrx at /dns4/ac4hgzmsmekwekjbdl77brufqqbylddugzze4tel6qsnlympgmr46iid.onion/tcp/8765
+-------+--------------+--------------+-------------+----------------------------------------------------------------------------------------------------------------------------------------+
| PRICE | MIN_QUANTITY | MAX_QUANTITY | STATUS | ADDRESS |
+============================================================================================================================================================================================+
| ??? | ??? | ??? | Unreachable | /dns4/ac4hgzmsmekwekjbdl77brufqqbylddugzze4tel6qsnlympgmr46iid.onion/tcp/8765/p2p/12D3KooWPZ69DRp4wbGB3wJsxxsg1XW1EVZ2evtVwcARCF3a1nrx |
+-------+--------------+--------------+-------------+----------------------------------------------------------------------------------------------------------------------------------------+
```
1. Clearly separate the log messages from any fields that are
captured. The log message itself should be meaningful because it
depends on the underlying formatter, how/if the fields are displayed.
2. Some log messages had very little context, expand that.
3. Wording of errors was inconsistent, hopefully all errors should
now start with `Failed to ...`.
4. Some log messages were duplicated across multiple layers (like opening
the database).
5. Some log messages were split into two where one part is now an `error!`
and the 2nd part is an `info!` on what is happening next.
6. Where appropriate, punctuation has been removed to not interrupt
the reader's flow.
Log statements end up getting changed constantly and having to clean
up imports after that is annoying, for example, if the last `info!`
in a file disappears, you end up with an unused import warning.
Fully qualifying tracing's macros prevents that and also communicates
clearly that we are using tracing and not log.
Sorting `psbt.output` by `witness_script` is at times pointless
because it might be set to `None`. To be more robust, we pattern
match against the produced transaction.
The CLI's transport doesn't support memory addresses and it also shouldn't support those by default. To be able to use it in tests, we extend the `SwarmExt` trait with the ability to listen on local TCP addresses with a random port.
The rendezvous protocol allows us to register all of our external
addresses. Hence, the first step is to allow the user to configure
external addresses as part of the config. In the future, there might
be an automated way of determining these.
To register with a rendezvous node, the user needs to configure which
one. CoBloX is running a rendezvous node that acts as the default by
every spec-compliant node will do the job just fine. This behaviour
is optional which is why our custom behaviour is wrapped in a `Toggle`.
We also want our node to re-register after half the time of the
registration has passed. To make this simpler and allow for testing in
isolation, we create a custom behaviour that wraps the libp2p rendezvous
behaviour.
This command uses a rendezvous node to find sellers (i.e. ASBs) and query them for quotes.
Sellers, that can be dialed and queried for a quote will be listed.
604: Bump torut from 0.1.9 to 0.1.10 r=thomaseizinger a=dependabot[bot]
Bumps [torut](https://github.com/teawithsand/torut) from 0.1.9 to 0.1.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/teawithsand/torut/releases">torut's releases</a>.</em></p>
<blockquote>
<h2>Release 0.1.10</h2>
<p>Deprecated onion services V2 and all stuff associated with it.
Updated tokio version.
Implemented std::error::Error for error types in this crate, support for these errors is very basic and all that was done was implementing Error trait for existing error types. No error structure refactoring was done.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8a26ddde79"><code>8a26ddd</code></a> Implemented std::error::Error for error types</li>
<li><a href="c5cee8a369"><code>c5cee8a</code></a> Implemented std::error::Error for error types</li>
<li><a href="caed51d697"><code>caed51d</code></a> Deprecated v2 onion service stuff</li>
<li><a href="87bcde20bb"><code>87bcde2</code></a> Updated tokio version</li>
<li>See full diff in <a href="https://github.com/teawithsand/torut/compare/v0.1.9...v0.1.10">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=torut&package-manager=cargo&previous-version=0.1.9&new-version=0.1.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
605: Merge `--seller-addr` and `--seller-peer-id` into `--seller` parameter r=thomaseizinger a=thomaseizinger
This simplifies the CLI's interface.
It wills also play nicely with https://github.com/comit-network/xmr-btc-swap/pull/593.
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Instead of formatting to a string right away, we parse the multiaddress
into a stricter data structure that only allows the kind of addresses
we can dial through Tor.
This will allow us to perform further checks on the parsed address.
585: Configurable kraken websocket url via the ASB config r=thomaseizinger a=cimble-code
- Allows the ASB operator to configure a custom kraken websocket url via the ASB config.
- Addresses the issue of price control first brought up [here](https://github.com/comit-network/xmr-btc-swap/discussions/571)
> Gotya.
There is a relatively easy to implement (but temporary) solution for that. We could let the user configure the kraken websocket url via the ASB config. That way you can plug in your own service. The only requirement is that your service publishes prices updates in the same format as [kraken](https://docs.kraken.com/websockets/), e.g. :
_Originally posted by @bonomat in https://github.com/comit-network/xmr-btc-swap/discussions/571#discussioncomment-885535_
Co-authored-by: Your Name <you@example.com>
Closing the connection upon completing the `swap_setup` protocol caused problems on the ASB side, because the CLI would close the connection before the last message was properly processed. This would result in swaps going into execution on the CLI side, but not on the ASB side.
The CLI ensures an open connection to the ASB over the complete course of a swap. So it does not make much sense to allow a protocol to close the connection (the CLI would immediately redial).
For the Alice we set the initial `KeepAlive` to `10` seconds because Bob is expected to request a spot price in reasonable time after opening a connection on the protocol. Since Tor connections can take some time we set 10 seconds fow now for resilience.
Given that we combined the `spot_price` and the `execution_setup` messaging into one protocol we should allow the protocol to take longer than 60 seconds to complete.
This is especially important for connections over Tor, where messaging can take significantly longer than over clearnet.
I ran some tests with Tor and did not run into issues with the 60 seconds, but we get very close to the timeout, so we better make it more resilient by adding more time.
When swapping on testnet we ran into a problem where the CLI started the swap after sending all messages successfully, but the ASB ran into a `connection closed` error at the end of the `swap_setup` and the swap state machine was never actually triggered.
Flushing and closing the stream on both sides should ensure that we don't run into this problem and both parties gracefully exit the protocol.
Some network and application specific code does not belong in the protocol module and was moved.
Eventloop, recovery and the outside behaviour were moved to the respective application module because they are application specific.
The `swap_setup` was moved into the network module because upon change both sides will have to be changed and should thus stay close together.
Having `spot_price` and `execution_setup` as separate protocols did not bring any advantages, but was problematic because we had to ensure that `execution_setup` would be triggered after `spot_price`. Because of this dependency it is better to combine the protocols into one.
Combining the protocols also allows a refactoring to get rid of the `libp2p-async-await` dependency.
Alice always listens for the `swap_setup` protocol. When Bob opens a substream on that protocol the spot price is communicated, and then all execution setup messages (swap-id and signature exchange).
Includes a new state that is used to await BTC lock tx finality. Upon starting the swap we initially only wait for the BTC lock tx to be seen in the mempool.
This is guarded by a short timeout (3 mins), because it is assumed that in the current setup (sport_price + execution_setup only triggered upon funds being available already) the lock transaction should be picked up almost instanly after the execution setup succeeded.
Similar to the CLI the ASB has to ensure that the execution_setup is executed within a certain time.
Without a timeout the price (returned by `spot_price` would be guaranteed with the CLI indefinitely.
It seems the current chosen channel timeouts are still not optimal.
I ran into issues with swapping over Tor and traced them down to the CLI timeout of the bmrng channel.
It appears that the ASB was not running as quick as the CLI, which caused a timeout on the CLI side (in addition to the delay when sending messages over Tor).
Only `execution_setup` caused the problem so far, but I would recommend changing all the channel timeouts to one minute to avoid this problem.
581: Remove dead code r=thomaseizinger a=da-kami
583: Bump reqwest from 0.11.3 to 0.11.4 r=thomaseizinger a=dependabot[bot]
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.3 to 0.11.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p>
<blockquote>
<h2>v0.11.4</h2>
<ul>
<li>Add <code>ClientBuilder::resolve()</code> option to override DNS resolution for specific domains.</li>
<li>Add <code>native-tls-alpn</code> Cargo feature to use ALPN with the native-tls backend.</li>
<li>Add <code>ClientBuilder::deflate()</code> option and <code>deflate</code> Cargo feature to support decoding response bodies using deflate.</li>
<li>Add <code>RequestBuilder::version()</code> to allow setting the HTTP version of a request.</li>
<li>Fix allowing "invalid" certificates with the <code>rustls-tls</code> backend, when the server uses TLS v1.2 or v1.3.</li>
<li>(wasm) Add <code>try_clone</code> to <code>Request</code> and <code>RequestBuilder</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p>
<blockquote>
<h2>v0.11.4</h2>
<ul>
<li>Add <code>ClientBuilder::resolve()</code> option to override DNS resolution for specific domains.</li>
<li>Add <code>native-tls-alpn</code> Cargo feature to use ALPN with the native-tls backend.</li>
<li>Add <code>ClientBuilder::deflate()</code> option and <code>deflate</code> Cargo feature to support decoding response bodies using deflate.</li>
<li>Add <code>RequestBuilder::version()</code> to allow setting the HTTP version of a request.</li>
<li>Fix allowing "invalid" certificates with the <code>rustls-tls</code> backend, when the server uses TLS v1.2 or v1.3.</li>
<li>(wasm) Add <code>try_clone</code> to <code>Request</code> and <code>RequestBuilder</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f5fe17876a"><code>f5fe178</code></a> v0.11.4</li>
<li><a href="8e5af459e5"><code>8e5af45</code></a> Allow overriding of DNS resolution to specified IP addresses(<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/561">#561</a>) (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1277">#1277</a>)</li>
<li><a href="c4388fcff9"><code>c4388fc</code></a> WASM: Add <code>try_clone</code> implementations to <code>Request</code> and <code>RequestBuilder</code> (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1286">#1286</a>)</li>
<li><a href="b48cb4a5aa"><code>b48cb4a</code></a> Add native-tls-alpn feature (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1283">#1283</a>)</li>
<li><a href="bbeb1ede4e"><code>bbeb1ed</code></a> Bump ssri from 6.0.1 to 6.0.2 in /examples/wasm_github_fetch (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1262">#1262</a>)</li>
<li><a href="841d47c6a2"><code>841d47c</code></a> Bump url-parse from 1.4.7 to 1.5.1 in /examples/wasm_github_fetch (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1267">#1267</a>)</li>
<li><a href="33bc7939b4"><code>33bc793</code></a> Bump lodash from 4.17.19 to 4.17.21 in /examples/wasm_github_fetch (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1269">#1269</a>)</li>
<li><a href="b0af278f78"><code>b0af278</code></a> Implement "default" functions of the trait to fix "insecure" mode (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1259">#1259</a>)</li>
<li><a href="8d3e27966c"><code>8d3e279</code></a> use ZlibDecoder for deflate responses (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1257">#1257</a>)</li>
<li><a href="b88f309339"><code>b88f309</code></a> Fix small typos in <code>Client</code> docs (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1253">#1253</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.11.3...v0.11.4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.11.3&new-version=0.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: Daniel Karzel <daniel@comit.network>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
566: Bump rand_chacha from 0.3.0 to 0.3.1 r=thomaseizinger a=dependabot[bot]
Bumps [rand_chacha](https://github.com/rust-random/rand) from 0.3.0 to 0.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand_chacha's changelog</a>.</em></p>
<blockquote>
<h2>[0.3.19] - 2017-12-27</h2>
<h3>Changed</h3>
<ul>
<li>Require <code>log <= 0.3.8</code> for dev builds</li>
<li>Update <code>fuchsia-zircon</code> dependency to 0.3</li>
<li>Fix broken links in docs (to unblock compiler docs testing CI)</li>
</ul>
<h2>[0.3.18] - 2017-11-06</h2>
<h3>Changed</h3>
<ul>
<li><code>thread_rng</code> is seeded from the system time if <code>OsRng</code> fails</li>
<li><code>weak_rng</code> now uses <code>thread_rng</code> internally</li>
</ul>
<h2>[0.3.17] - 2017-10-07</h2>
<h3>Changed</h3>
<ul>
<li>Fuchsia: Magenta was renamed Zircon</li>
</ul>
<h2>[0.3.16] - 2017-07-27</h2>
<h3>Added</h3>
<ul>
<li>Implement Debug for mote non-public types</li>
<li>implement <code>Rand</code> for (i|u)i128</li>
<li>Support for Fuchsia</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Add inline attribute to SampleRange::construct_range.
This improves the benchmark for sample in 11% and for shuffle in 16%.</li>
<li>Use <code>RtlGenRandom</code> instead of <code>CryptGenRandom</code></li>
</ul>
<h2>[0.3.15] - 2016-11-26</h2>
<h3>Added</h3>
<ul>
<li>Add <code>Rng</code> trait method <code>choose_mut</code></li>
<li>Redox support</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Use <code>arc4rand</code> for <code>OsRng</code> on FreeBSD.</li>
<li>Use <code>arc4random(3)</code> for <code>OsRng</code> on OpenBSD.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix filling buffers 4 GiB or larger with <code>OsRng::fill_bytes</code> on Windows</li>
</ul>
<h2>[0.3.14] - 2016-02-13</h2>
<h3>Fixed</h3>
<ul>
<li>Inline definitions from winapi/advapi32, which decreases build times</li>
</ul>
<h2>[0.3.13] - 2016-01-09</h2>
<h3>Fixed</h3>
<ul>
<li>Compatible with Rust 1.7.0-nightly (needed some extra type annotations)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="98a0339f99"><code>98a0339</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1135">#1135</a> from dhardy/work</li>
<li><a href="a7f8fb72d7"><code>a7f8fb7</code></a> Prepare rand_chacha v0.3.1 release</li>
<li><a href="09d3df3119"><code>09d3df3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1130">#1130</a> from dhardy/work</li>
<li><a href="d167dd25d2"><code>d167dd2</code></a> Deprecate ReadRng</li>
<li><a href="e3bc4a1357"><code>e3bc4a1</code></a> Do not impl serde for ReadRng or ReseedingRng</li>
<li><a href="66b163632e"><code>66b1636</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1132">#1132</a> from rust-random/readme-wasm-note</li>
<li><a href="d9c6a76048"><code>d9c6a76</code></a> README: add note regarding wasm32-unknown-unknown</li>
<li><a href="4726d328d6"><code>4726d32</code></a> Update minimum version of packed_simd_2</li>
<li><a href="f6bbfcfa89"><code>f6bbfcf</code></a> serde for BlockRng, ReseedingRng and ReadRng</li>
<li><a href="2732f2d6a8"><code>2732f2d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1116">#1116</a> from vks/criterion</li>
<li>Additional commits viewable in <a href="https://github.com/rust-random/rand/compare/rand_chacha-0.3.0...rand_chacha-0.3.1">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rand_chacha&package-manager=cargo&previous-version=0.3.0&new-version=0.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
568: Bump bdk from 0.7.0 to 0.8.0 r=thomaseizinger a=dependabot[bot]
Bumps [bdk](https://github.com/bitcoindevkit/bdk) from 0.7.0 to 0.8.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/bitcoindevkit/bdk/blob/master/CHANGELOG.md">bdk's changelog</a>.</em></p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="33b45ebe82"><code>33b45eb</code></a> Bump version to 0.8.0</li>
<li><a href="2faed425ed"><code>2faed42</code></a> Update CHANGELOG</li>
<li><a href="2cc05c07a5"><code>2cc05c0</code></a> Bump version in <code>src/lib.rs</code></li>
<li><a href="9205295332"><code>9205295</code></a> Merge commit 'refs/pull/365/head' of github.com:bitcoindevkit/bdk into releas...</li>
<li><a href="3b446c9e14"><code>3b446c9</code></a> Use no_run instead of ignore</li>
<li><a href="378167efca"><code>378167e</code></a> Remove explicit <code>feature(external_doc)</code></li>
<li><a href="224be27aa8"><code>224be27</code></a> Fix example/doctests format</li>
<li><a href="4a23070cc8"><code>4a23070</code></a> [ci] Check fmt for examples/doctests</li>
<li><a href="f8117c0f9f"><code>f8117c0</code></a> Bump version to 0.8.0-rc.1</li>
<li><a href="0ec064ef13"><code>0ec064e</code></a> Use AddressInfo in private methods</li>
<li>Additional commits viewable in <a href="https://github.com/bitcoindevkit/bdk/compare/v0.7.0...v0.8.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bdk&package-manager=cargo&previous-version=0.7.0&new-version=0.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Instead of splitting up the transports into capabilities, we compose
them directly for each application. This allows us to remove the
websocket transport for the CLI which is really only needed for the
ASB to allow retrieval of quotes via the browser.