xmr-btc-swap/CHANGELOG.md
bors[bot] 637574af43
Merge #841 #846 #851 #880 #884 #885
841: Bump actions/checkout from 2.3.4 to 2.4.0 r=rishflab a=dependabot[bot]

Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<ul>
<li>Convert SSH URLs like <code>org-&lt;ORG_ID&gt;`@github.com:</code>` to <code>https://github.com/</code> - <a href="https://github-redirect.dependabot.com/actions/checkout/pull/621">pr</a></li>
</ul>
<h2>v2.3.5</h2>
<p>Update dependencies</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ec3a7ce113"><code>ec3a7ce</code></a> set insteadOf url for org-id (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/621">#621</a>)</li>
<li><a href="fd47087372"><code>fd47087</code></a> codeql should analyze lib not dist (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/620">#620</a>)</li>
<li><a href="3d677ac575"><code>3d677ac</code></a> script to generate license info (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/614">#614</a>)</li>
<li><a href="826ba42d6c"><code>826ba42</code></a> npm audit fix (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/612">#612</a>)</li>
<li><a href="eb8a193c1d"><code>eb8a193</code></a> update dev dependencies and react to new linting rules (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/611">#611</a>)</li>
<li><a href="c49af7ca1f"><code>c49af7c</code></a> Create codeql-analysis.yml (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/602">#602</a>)</li>
<li><a href="1e204e9a92"><code>1e204e9</code></a> update licensed check (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/606">#606</a>)</li>
<li><a href="0299a0d2b6"><code>0299a0d</code></a> update dist (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/605">#605</a>)</li>
<li><a href="be0f448456"><code>be0f448</code></a> Bump ws from 5.2.2 to 5.2.3 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/604">#604</a>)</li>
<li><a href="56c00a7b1f"><code>56c00a7</code></a> Bump tmpl from 1.0.4 to 1.0.5 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/588">#588</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/actions/checkout/compare/v2.3.4...v2.4.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=2.3.4&new-version=2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

846: Bump strum from 0.21.0 to 0.23.0 r=rishflab a=dependabot[bot]

Bumps [strum](https://github.com/Peternator7/strum) from 0.21.0 to 0.23.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum's changelog</a>.</em></p>
<blockquote>
<h2>0.23.0</h2>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/185">#185</a> Adds the <code>FromRepr</code> derive that adds a <code>from_repr(x: usize) -&gt; Option&lt;Self&gt;</code>
method to your enum. This lets you convert integer values to your enum. If you specify a #[repr(..)] attribute on your enum, or use
an explicit discriminant, this will be incorporated into the derive.</p>
<ul>
<li><code>from_repr</code> will be <code>const</code> if you use a recent rust version.</li>
<li>This cannot be a trait method currently because only inherent methods support <code>const</code>.</li>
</ul>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/186">#186</a> Automatically implement <code>TryFrom&lt;str&gt;</code> for enums that implement <code>EnumString</code>.
This is only enabled for rustc &gt;= 1.34 which is when `TryFrom was stabilized.</p>
<ul>
<li>This is a small breaking change. If you had manually implemented <code>TryFrom&lt;str&gt;</code> for your enum, this will cause a conflict. You
can probably remove your manual implementation.</li>
</ul>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/189">#189</a> Use <code>core::result::Result</code> instead of <code>std::result::Result</code>. This should be
more portable in no-std environments.</p>
</li>
</ul>
<h2>0.22.0</h2>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/180">#180</a>: Deprecates <code>ToString</code> derive. You should use <code>Display</code>
instead.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/178">#178</a>: Deprecates AsStaticStr. This has been undocumented for a while.
The recommended method is to derive <code>IntoStaticStr</code> instead.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/171">#171</a>: Improve <code>no-std</code> support.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/170">#170</a>: enable changing the path to strum traits. This is necessary
if you re-export strum as a submodule in another crate.</p>
</li>
</ul>
<h2>0.21.1</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/164">#164</a> Improve compatibility with older versions of <code>syn</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/Peternator7/strum/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum&package-manager=cargo&previous-version=0.21.0&new-version=0.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

851: Bump actions/setup-python from 2.2.2 to 2.3.1 r=rishflab a=dependabot[bot]

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.2.2 to 2.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p>
<blockquote>
<h2>Update actions/cache version to 1.0.8</h2>
<p>We have updated <a href="https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md#108">actions/cache</a> dependency version to 1.0.8 to support 10GB cache upload</p>
<h2>Support caching dependencies</h2>
<p>This release introduces dependency caching support (<a href="https://github-redirect.dependabot.com/actions/setup-python/pull/266">actions/setup-python#266</a>)</p>
<h2>Caching dependencies.</h2>
<p>The action has a built-in functionality for caching and restoring pip/pipenv dependencies. The <code>cache</code> input is optional, and caching is turned off by default.</p>
<p>Besides, this release introduces dependency caching support for mono repos and repositories with complex structure.</p>
<p>By default, the action searches for the dependency file (requirements.txt for pip or Pipfile.lock for pipenv) in the whole repository. Use the <code>cache-dependency-path</code> input for cases when you want to override current behaviour and use different file for hash generation (for example requirements-dev.txt). This input supports wildcards or a list of file names for caching multiple dependencies.</p>
<h3>Caching pip dependencies:</h3>
<pre><code>steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pip'
- run: pip install -r requirements.txt
- run: pip test
</code></pre>
<h3>Caching pipenv dependencies:</h3>
<pre><code>steps:
- uses: actions/checkout@v2
- name: Install pipenv
  run: pipx install pipenv
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pipenv'
- run: pipenv install
- run: pipenv test
</code></pre>
<h3>Change dependency file:</h3>
<pre><code>steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pip'
    cache-dependency-path: '**/requirements-dev.txt'
- run: pip install -r subdirectory/requirements-dev.txt
- run: pip test
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f382193329"><code>f382193</code></a> Update <code>`@​actions/cache</code>` version to 1.0.8 (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/283">#283</a>)</li>
<li><a href="3ef38b826b"><code>3ef38b8</code></a> Create ADR for integrating cache functionality to setup-python action (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/247">#247</a>)</li>
<li><a href="0066b88440"><code>0066b88</code></a> Add a workflow to release a new version of the action (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/274">#274</a>)</li>
<li><a href="280924fbef"><code>280924f</code></a> Implementation of python's caching (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/266">#266</a>)</li>
<li><a href="52636cf49a"><code>52636cf</code></a> Fix consistency in README (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/250">#250</a>)</li>
<li><a href="ca5c59064f"><code>ca5c590</code></a> Update version for setup-python in package.json (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/264">#264</a>)</li>
<li><a href="feeaa3ba49"><code>feeaa3b</code></a> Add issue and pull request templates (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/258">#258</a>)</li>
<li><a href="002b1e4044"><code>002b1e4</code></a> Change python version for pypy in workflow files (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/259">#259</a>)</li>
<li><a href="d12543aa2a"><code>d12543a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-python/issues/252">#252</a> from dmitry-shibanov/v-dmshib/update-dependencies</li>
<li><a href="4aa563ba8c"><code>4aa563b</code></a> update dependencies</li>
<li>Additional commits viewable in <a href="https://github.com/actions/setup-python/compare/v2.2.2...v2.3.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-python&package-manager=github_actions&previous-version=2.2.2&new-version=2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

880: Add `monero-recovery` command to print address + view/spend keys r=rishflab a=da-kami

This allows manual recovery of problems like https://github.com/comit-network/xmr-btc-swap/issues/537
Since we could not figure out what causes this issue, and it is most likely an upstream problem this is the best we can do so far to allow the user to manually interact with `monero-wallet-cli` or `monero-wallet-rpc`.

884: Bump pem from 1.0.0 to 1.0.1 r=rishflab a=dependabot[bot]

Bumps [pem](https://github.com/jcreekmore/pem-rs) from 1.0.0 to 1.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jcreekmore/pem-rs/blob/master/CHANGELOG.md">pem's changelog</a>.</em></p>
<blockquote>
<h1>1.0.1</h1>
<ul>
<li>hide the ASCII_ARMOR symbol to work around a linking issue with 32-bit windows builds</li>
</ul>
<h1>1.0</h1>
<ul>
<li><code>pem::parse_many</code> now returns a <code>Result&lt;Vec&lt;Pem&gt;&gt;</code> instead of a <code>Vec&lt;Pem&gt;</code> that silently discarded invalid sections.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="20e9699def"><code>20e9699</code></a> (cargo-release) version 1.0.1</li>
<li><a href="5fa4dbdffb"><code>5fa4dbd</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/jcreekmore/pem-rs/issues/30">#30</a> from jcreekmore/refactor-ascii-armor</li>
<li><a href="fb15d5c679"><code>fb15d5c</code></a> hide the ASCII_ARMOR symbol</li>
<li><a href="4137641d44"><code>4137641</code></a> (cargo-release) start next development iteration 1.0.1-alpha.0</li>
<li>See full diff in <a href="https://github.com/jcreekmore/pem-rs/compare/v1.0.0...v1.0.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pem&package-manager=cargo&previous-version=1.0.0&new-version=1.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

885: Bump hyper from 0.14.13 to 0.14.16 r=rishflab a=dependabot[bot]

Bumps [hyper](https://github.com/hyperium/hyper) from 0.14.13 to 0.14.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/hyperium/hyper/releases">hyper's releases</a>.</em></p>
<blockquote>
<h2>v0.14.16</h2>
<h2>Features</h2>
<ul>
<li><strong>http2:</strong> add <code>http2_max_send_buf_size</code> option to client and server (<a href="bff977b73c">bff977b7</a>)</li>
<li><strong>server:</strong> add HTTP/1 header read timeout option (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2675">#2675</a>) (<a href="842c6553a5">842c6553</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2457">#2457</a>)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><strong>http1:</strong> return 414 when URI contains more than 65534 characters (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2706">#2706</a>) (<a href="5f938fffa6">5f938fff</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2701">#2701</a>)</li>
<li><strong>http2:</strong> received <code>Body::size_hint()</code> now return 0 if implicitly empty (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2715">#2715</a>) (<a href="84b78b6c87">84b78b6c</a>)</li>
<li><strong>server:</strong> use case-insensitive comparison for Expect: 100-continue (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2709">#2709</a>) (<a href="7435cc3399">7435cc33</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2708">#2708</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/rajing"><code>`@​rajing</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2706">hyperium/hyper#2706</a></li>
<li><a href="https://github.com/JonathanMurray"><code>`@​JonathanMurray</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2709">hyperium/hyper#2709</a></li>
</ul>
<h2>v0.14.15</h2>
<h2>Bug Fixes</h2>
<ul>
<li><strong>client:</strong> cancel blocking DNS lookup if <code>GaiFuture</code> is dropped (<a href="https://github.com/hyperium/hyper/commit/174b553d">174b553d</a>)</li>
</ul>
<h2>Features</h2>
<ul>
<li><strong>http1:</strong> add <code>http1_writev(bool)</code> options to Client and Server builders, to allow forcing vectored writes (<a href="https://github.com/hyperium/hyper/commit/80627141">80627141</a>)</li>
<li><strong>upgrade:</strong> allow http upgrades with any body type (<a href="ab469eb3c6">ab469eb3</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/luqmana"><code>`@​luqmana</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2680">hyperium/hyper#2680</a></li>
<li><a href="https://github.com/whentze"><code>`@​whentze</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2688">hyperium/hyper#2688</a></li>
<li><a href="https://github.com/ahmedsobeh"><code>`@​ahmedsobeh</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2689">hyperium/hyper#2689</a></li>
</ul>
<h2>v0.14.14</h2>
<h2>Bug Fixes</h2>
<ul>
<li><strong>client:</strong>
<ul>
<li>make ResponseFuture implement Sync (<a href="bd6c35b98f">bd6c35b9</a>)</li>
<li>remove ipv6 square brackets before resolving (<a href="910e02687d">910e0268</a>)</li>
</ul>
</li>
</ul>
<h2>Features</h2>
<ul>
<li><strong>http2:</strong> always include original h2 error on broken pipe (<a href="6169db250c">6169db25</a>)</li>
<li><strong>server:</strong> Remove Send + Sync requirement for Body in with_graceful_shutdown (<a href="1d553e52c6">1d553e52</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/hyperium/hyper/blob/master/CHANGELOG.md">hyper's changelog</a>.</em></p>
<blockquote>
<h3>v0.14.16 (2021-12-09)</h3>
<h4>Bug Fixes</h4>
<ul>
<li><strong>http1:</strong> return 414 when URI contains more than 65534 characters (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2706">#2706</a>) (<a href="5f938fffa6">5f938fff</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2701">#2701</a>)</li>
<li><strong>http2:</strong> received <code>Body::size_hint()</code> now return 0 if implicitly empty (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2715">#2715</a>) (<a href="84b78b6c87">84b78b6c</a>)</li>
<li><strong>server:</strong> use case-insensitive comparison for Expect: 100-continue (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2709">#2709</a>) (<a href="7435cc3399">7435cc33</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2708">#2708</a>)</li>
</ul>
<h4>Features</h4>
<ul>
<li><strong>http2:</strong> add <code>http2_max_send_buf_size</code> option to client and server (<a href="bff977b73c">bff977b7</a>)</li>
<li><strong>server:</strong> add HTTP/1 header read timeout option (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2675">#2675</a>) (<a href="842c6553a5">842c6553</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2457">#2457</a>)</li>
</ul>
<h3>v0.14.15 (2021-11-16)</h3>
<h4>Bug Fixes</h4>
<ul>
<li><strong>client:</strong> cancel blocking DNS lookup if <code>GaiFuture</code> is dropped (<a href="https://github.com/hyperium/hyper/commit/174b553d">174b553d</a></li>
</ul>
<h4>Features</h4>
<ul>
<li><strong>http1:</strong> add <code>http1_writev(bool)</code> options to Client and Server builders, to allow forcing vectored writes (<a href="https://github.com/hyperium/hyper/commit/80627141">80627141</a>)</li>
<li><strong>upgrade:</strong> allow http upgrades with any body type (<a href="ab469eb3c6">ab469eb3</a>)</li>
</ul>
<h3>v0.14.14 (2021-10-22)</h3>
<h4>Bug Fixes</h4>
<ul>
<li><strong>client:</strong>
<ul>
<li>make ResponseFuture implement Sync (<a href="bd6c35b98f">bd6c35b9</a>)</li>
<li>remove ipv6 square brackets before resolving (<a href="910e02687d">910e0268</a>)</li>
</ul>
</li>
</ul>
<h4>Features</h4>
<ul>
<li><strong>h2:</strong> always include original h2 error on broken pipe (<a href="6169db250c">6169db25</a>)</li>
<li><strong>server:</strong> Remove Send + Sync requirement for Body in with_graceful_shutdown (<a href="1d553e52c6">1d553e52</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="41dee4a79b"><code>41dee4a</code></a> v0.14.16</li>
<li><a href="bff977b73c"><code>bff977b</code></a> feat(http2): add <code>http2_max_send_buf_size</code> option to client and server</li>
<li><a href="84b78b6c87"><code>84b78b6</code></a> fix(http2): received <code>Body::size_hint()</code> now return 0 if implicitly empty (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2">#2</a>...</li>
<li><a href="ce8242571f"><code>ce82425</code></a> refactor(lib): resolve unused warnings from server-specific code (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2710">#2710</a>)</li>
<li><a href="7435cc3399"><code>7435cc3</code></a> fix(server): use case-insensitive comparison for Expect: 100-continue (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2709">#2709</a>)</li>
<li><a href="5f938fffa6"><code>5f938ff</code></a> fix(http1): return 414 when URI contains more than 65534 characters (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2706">#2706</a>)</li>
<li><a href="1010614a0d"><code>1010614</code></a> test(client): refactor client helper macro to handle options better</li>
<li><a href="842c6553a5"><code>842c655</code></a> feat(server): add HTTP/1 header read timeout option (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2675">#2675</a>)</li>
<li><a href="d0b1d9ed3a"><code>d0b1d9e</code></a> v0.14.15</li>
<li><a href="a1502e1067"><code>a1502e1</code></a> docs(http1): clarify HTTP1 preserve case option</li>
<li>Additional commits viewable in <a href="https://github.com/hyperium/hyper/compare/v0.14.13...v0.14.16">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hyper&package-manager=cargo&previous-version=0.14.13&new-version=0.14.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Karzel <daniel@comit.network>
2021-12-22 00:19:34 +00:00

302 lines
18 KiB
Markdown

# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
### Added
- `monero-recovery` command that can be used to print the monero address, private spend and view key so one can manually recover instances where the `monero-wallet-rpc` does not pick up the Monero funds locked up by the ASB.
Related issue: https://github.com/comit-network/xmr-btc-swap/issues/537
The command takes the swap-id as parameter.
The swap has to be in a `BtcRedeemed` state.
Use `--help` for more details.
## [0.10.0] - 2021-10-15
### Removed
- Support for the old sled database.
The ASB and CLI only support the new sqlite database.
If you haven't already, you can migrate your old data using the 0.9.0 release.
### Changed
- The ASB to no longer work as a rendezvous server.
The ASB can still register with rendezvous server as usual.
### Fixed
- Mitigate CloseNotify bug #797 by retrying getting ScriptStatus if it fail and using a more stable public mainnet electrum server.
## [0.9.0] - 2021-10-07
### Changed
- Timestamping is now enabled by default even when the ASB is not run inside an interactive terminal.
- The `cancel`, `refund` and `punish` subcommands in ASB and CLI are run with the `--force` by default and the `--force` option has been removed.
The force flag was used to ignore blockheight and protocol state checks.
Users can still restart a swap with these checks using the `resume` subcommand.
- Changed log level of the "Advancing state", "Establishing Connection through Tor proxy" and "Connection through Tor established" log message from tracing to debug in the CLI.
- ASB and CLI can migrate their data to sqlite to store swaps and related data.
This makes it easier to build applications on top of xmr-btc-swap by enabling developers to read swap information directly from the database.
This resolved an issue where users where unable to run concurrent processes, for example, users could not print the swap history if another ASB or CLI process was running.
The sqlite database filed is named `sqlite` and is found in the data directory.
You can print the data directory using the `config` subcommand.
The schema can be found here [here](swap/migrations/20210903050345_create_swaps_table.sql).
#### Database migration guide
##### Delete old data
The simplest way to migrate is to accept the loss of data and delete the old database.
1. Find the location of the old database using the `config` subcommand.
2. Delete the database
3. Run xmr-btc-swap
xmr-btc swap will create a new sqlite database and use that from now on.
##### Preserve old data
It is possible to migrate critical data from the old db to the sqlite but there are many pitfalls.
1. Run xmr-btc-swap as you would normally
xmr-btc-swap will try and automatically migrate your existing data to the new database.
If the existing database contains swaps for very early releases, the migration will fail due to an incompatible schema.
2. Print out the swap history using the `history` subcommand.
3. Print out the swap history stored in the old database by also passing the `--sled` flag.
eg. `swap-cli --sled history`
4. Compare the old and new history to see if you are happy with migration.
5. If you are unhappy with the new history you can continue to use the old database by passing the `--sled flag`
### Added
- Added a `disable-timestamp` flag to the ASB that disables timestamps from logs.
- A `config` subcommand that prints the current configuration including the data directory location.
This feature should alleviate difficulties users were having when finding where xmr-btc-swap was storing data.
- Added `export-bitcoin-wallet` subcommand to the CLI and ASB, to print the internal bitcoin wallet descriptor.
This will allow users to transact and monitor using external wallets.
### Removed
- The `bitcoin-target-block` argument from the `balance` subcommand on the CLI.
This argument did not affect how the balance was calculated and was pointless.
## [0.8.3] - 2021-09-03
### Fixed
- A bug where the ASB erroneously transitioned into a punishable state upon a bitcoin transaction monitoring error.
This could lead to a scenario where the ASB was neither able to punish, nor able to refund, so the XMR could stay locked up forever while the CLI refunded the BTC.
- A bug where the CLI erroneously transitioned into a cancel-timelock-expired state upon a bitcoin transaction monitoring error.
This could lead to a scenario where the CLI is forced to wait for cancel, even though the cancel timelock is not yet expired and the swap could still be redeemed.
## [0.8.2] - 2021-09-01
### Added
- Add the ability to view the swap-cli bitcoin balance and withdraw.
See issue <https://github.com/comit-network/xmr-btc-swap/issues/694>.
### Fixed
- An issue where the connection between ASB and CLI would get closed prematurely.
The CLI expects to be connected to the ASB throughout the entire swap and hence reconnects as soon as the connection is closed.
This resulted in a loop of connections being established but instantly closed again because the ASB deemed the connection to not be necessary.
See issue <https://github.com/comit-network/xmr-btc-swap/issues/648>.
- An issue where the ASB was unable to use the Monero wallet in case `monero-wallet-rpc` has been restarted.
In case no wallet is loaded when we try to interact with the `monero-wallet-rpc` daemon, we now load the correct wallet on-demand.
See issue <https://github.com/comit-network/xmr-btc-swap/issues/652>.
- An issue where swap protocol was getting stuck trying to submit the cancel transaction.
We were not handling the error when TxCancel submission fails.
We also configured the electrum client to retry 5 times in order to help with this problem.
See issues: <https://github.com/comit-network/xmr-btc-swap/issues/709> <https://github.com/comit-network/xmr-btc-swap/issues/688>, <https://github.com/comit-network/xmr-btc-swap/issues/701>.
- An issue where the ASB withdraw one bitcoin UTXO at a time instead of the whole balance.
See issue <https://github.com/comit-network/xmr-btc-swap/issues/662>.
## [0.8.1] - 2021-08-16
### Fixed
- An occasional error where users couldn't start a swap because of `InsufficientFunds` that were off by exactly 1 satoshi.
## [0.8.0] - 2021-07-09
### Added
- Printing the deposit address to the terminal as a QR code.
To not break automated scripts or integrations with other software, this behaviour is disabled if `--json` is passed to the application.
- Configuration setting for the websocket URL that the ASB connects to in order to receive price ticker updates.
Can be configured manually by editing the config.toml file directly.
It is expected that the server behind the url follows the same protocol as the [Kraken websocket api](https://docs.kraken.com/websockets/).
- Registration and discovery of ASBs using the [libp2p rendezvous protocol](https://github.com/libp2p/specs/blob/master/rendezvous/README.md).
ASBs can register with a rendezvous node upon startup and, once registered, can be automatically discovered by the CLI using the `list-sellers` command.
The rendezvous node address (`rendezvous_point`), as well as the ASB's external addresses (`external_addresses`) to be registered, is configured in the `network` section of the ASB config file.
A rendezvous node is provided at `/dnsaddr/rendezvous.coblox.tech/p2p/12D3KooWQUt9DkNZxEn2R5ymJzWj15MpG6mTW84kyd8vDaRZi46o` for testing purposes.
Upon discovery using `list-sellers` CLI users are provided with quote and connection information for each ASB discovered through the rendezvous node.
- A mandatory `--change-address` parameter to the CLI's `buy-xmr` command.
The provided address is used to transfer Bitcoin in case of a refund and in case the user transfers more than the specified amount into the swap.
For more information see [#513](https://github.com/comit-network/xmr-btc-swap/issues/513).
### Fixed
- An issue where the ASB gives long price guarantees when setting up a swap.
Now, after sending a spot price the ASB will wait for one minute for the CLI's to trigger the execution setup, and three minutes to see the BTC lock transaction of the CLI in mempool after the swap started.
If the first timeout is triggered the execution setup will be aborted, if the second timeout is triggered the swap will be safely aborted.
- An issue where the default Monero node connection string would not work, because the public nodes were moved to a different domain.
The default monerod nodes were updated to use the [melo tool nodes](https://melo.tools/nodes.html).
### Changed
- The commandline interface of the CLI to combine `--seller-addr` and `--seller-peer-id`.
These two parameters have been merged into a parameter `--seller` that accepts a single [multiaddress](https://docs.libp2p.io/concepts/addressing/).
The multiaddress must end with a `/p2p` protocol defining the seller's peer ID.
- The `--data-dir` option to `--data-base-dir`.
Previously, this option determined the final data directory, regardless of the `--testnet` flag.
With `--data-base-dir`, a subdirectory (either `testnet` or `mainnet`) will be created under the given path.
This allows using the same command with or without `--testnet`.
### Removed
- The websocket transport from the CLI.
Websockets were only ever intended to be used for the ASB side to allow websites to retrieve quotes.
The CLI can use regular TCP connections and having both - TCP and websockets - causes problems and unnecessary overhead.
- The `--seller-addr` parameter from the CLI's `resume` command.
This information is now loaded from the database.
- The `--receive-address` parameter from the CLI's `resume` command.
This information is now loaded from the database.
## [0.7.0] - 2021-05-28
### Fixed
- An issue where long-running connections are dead without a connection closure being reported back to the swarm.
Adding a periodic ping ensures that the connection is kept alive, and a broken connection is reported back resulting in a close event on the swarm.
This fixes the error of the ASB being unable to send a transfer proof to the CLI.
- An issue where ASB Bitcoin withdrawal can be done to an address on the wrong network.
A network check was added that compares the wallet's network against the network of the given address when building the transaction.
## [0.6.0] - 2021-05-24
### Added
- Cancel command for the ASB that allows cancelling a specific swap by id.
Using the cancel command requires the cancel timelock to be expired, but `--force` can be used to circumvent this check.
- Refund command for the ASB that allows refunding a specific swap by id.
Using the refund command to refund the XMR locked by the ASB requires the CLI to first refund the BTC of the swap.
If the BTC was not refunded yet the command will print an error accordingly.
The command has a `--force` flag that allows executing the command without checking for cancel constraints.
- Punish command for the ASB that allows punishing a specific swap by id.
Includes a `--force` parameter that when set disables the punish timelock check and verifying that the swap is in a cancelled state already.
- Abort command for the ASB that allows safely aborting a specific swap.
Only swaps in a state prior to locking XMR can be safely aborted.
- Redeem command for the ASB that allows redeeming a specific swap.
Only swaps where we learned the encrypted signature are redeemable.
The command checks for expired timelocks to ensure redeeming is safe, but the timelock check can be disable using the `--force` flag.
By default we wait for finality of the redeem transaction; this can be disabled by setting `--do-not-await-finality`.
- Resume-only mode for the ASB.
When started with `--resume-only` the ASB does not accept new, incoming swap requests but only finishes swaps that are resumed upon startup.
- A minimum accepted Bitcoin amount for the ASB similar to the maximum amount already present.
For the CLI the minimum amount is enforced by waiting until at least the minimum is available as max-giveable amount.
- Added a new argument to ASB: `--json` or `-j`. If set, log messages will be printed in JSON format.
### Fixed
- An issue where both the ASB and the CLI point to the same default directory `xmr-btc-swap` for storing data.
The asb now uses `xmr-btc-swap/asb` and the CLI `xmr-btc-swap/cli` as default directory.
This is a breaking change.
If you want to access data created by a previous version you will have to rename the data folder or one of the following:
1. For the CLI you can use `--data-dir` to point to the old directory.
2. For the ASB you can change the data-dir in the config file of the ASB.
- The CLI receives proper Error messages if setting up a swap with the ASB fails.
This is a breaking change because the spot-price protocol response changed.
Expected errors scenarios that are now reported back to the CLI:
1. Balance of ASB too low
2. Buy amount sent by CLI exceeds maximum buy amount accepted by ASB
3. ASB is running in resume-only mode and does not accept incoming swap requests
- An issue where the monero daemon port used by the `monero-wallet-rpc` could not be specified.
The CLI parameter `--monero-daemon-host` was changed to `--monero-daemon-address` where host and port have to be specified.
- An issue where an ASB redeem scenario can transition to a cancel and publish scenario that will fail.
This is a breaking change for the ASB, because it introduces a new state into the database.
### Changed
- The ASB's `--max-buy` and `ask-spread` parameter were removed in favour of entries in the config file.
The initial setup includes setting these two values now.
- From this version on the CLI and ASB run on **mainnet** by default!
When running either application with `--testnet` Monero network defaults to `stagenet` and Bitcoin network to `testnet3`.
This is a breaking change.
It is recommended to run the applications with `--testnet` first and not just run the application on `mainnet` without experience.
## [0.5.0] - 2021-04-17
### Changed
- The quote protocol returns JSON encoded data instead of CBOR.
This is a breaking change in the protocol handling, old CLI versions will not be able to process quote requests of ASBs running this version.
### Fixed
- An issue where concurrent swaps with the same peer would cause the ASB to handle network communication incorrectly.
To fix this, all messages are now tagged with a unique identifier that is agreed upon at the start of the swap.
This is a breaking change in the network layer and hence old versions are not compatible with this version.
We advise to also not resume any swaps that have been created with an older version.
It is recommended to reset / delete the database after upgrading.
- An issue where the CLI would not reconnect to the ASB in case the network connection dropped.
We now attempt to re-establish the connection using an exponential backoff but will give up eventually after 5 minutes.
### Added
- Websocket support for the ASB.
The ASB is now capable to listen on both TCP and Websocket connections.
Default websocket listening port is 9940.
- Tor support as an optional feature.
If ASB detects that Tor's control port is open, a hidden service is created for
the network it is listening on (currently 2).
The Tor control port as well as Tor socks5 proxy port is configurable.
## [0.4.0] - 2021-04-06
### Added
- A changelog file.
- Automatic resume of unfinished swaps for the `asb` upon startup.
Unfinished swaps from earlier versions will be skipped.
- A configurable spread for the ASB that is applied to the asking price received from the Kraken price ticker.
The default value is 2% and can be configured using the `--ask-spread` parameter.
See `./asb --help` for details.
### Changed
- Require the buyer to specify the connection details of the peer they wish to swap with.
Throughout the public demo phase of this project, the CLI traded with us by default if the peer id and multiaddress of the seller were not specified.
Having the defaults made it easy for us to give something to the community that can easily be tested, however it is not aligned with our long-term vision of a decentralised network of sellers.
We have removed these defaults forcing the user to specify the seller they wish to trade with.
- The `resume` command of the `swap` CLI no longer require the `--seller-peer-id` parameter.
This information is now saved in the database.
### Fixed
- An [issue](https://github.com/comit-network/xmr-btc-swap/issues/353) where the `swap` CLI would fail on systems that were set to a locale different than English.
A bad readiness check when waiting for `monero-wallet-rpc` to be ready caused the CLI to hang forever, preventing users from perform a swap.
### Security
- Fixed an issue where Alice would not verify if Bob's Bitcoin lock transaction is semantically correct, i.e. pays the agreed upon amount to an output owned by both of them.
Fixing this required a **breaking change** on the network layer and hence old versions are not compatible with this version.
[Unreleased]: https://github.com/comit-network/xmr-btc-swap/compare/0.10.0...HEAD
[0.10.0]: https://github.com/comit-network/xmr-btc-swap/compare/0.9.0...0.10.0
[0.9.0]: https://github.com/comit-network/xmr-btc-swap/compare/0.8.3...0.9.0
[0.8.3]: https://github.com/comit-network/xmr-btc-swap/compare/0.8.2...0.8.3
[0.8.2]: https://github.com/comit-network/xmr-btc-swap/compare/0.8.1...0.8.2
[0.8.1]: https://github.com/comit-network/xmr-btc-swap/compare/0.8.0...0.8.1
[0.8.0]: https://github.com/comit-network/xmr-btc-swap/compare/0.7.0...0.8.0
[0.7.0]: https://github.com/comit-network/xmr-btc-swap/compare/0.6.0...0.7.0
[0.6.0]: https://github.com/comit-network/xmr-btc-swap/compare/0.5.0...0.6.0
[0.5.0]: https://github.com/comit-network/xmr-btc-swap/compare/0.4.0...0.5.0
[0.4.0]: https://github.com/comit-network/xmr-btc-swap/compare/v0.3...0.4.0