Merge pull request #7030 from daira/nicer-bip0039-language-handling

Make the handling of bip0039 languages nicer
Make the handling of bip0039 languages nicer.
2025-05-20 16:31:44 +01:00 · 2025-05-20 10:40:28 +01:00 · 2025-05-19 13:21:37 +01:00 · 2025-05-19 13:20:17 +01:00 · 2025-05-15 13:51:45 -03:00 · 2025-05-09 00:27:58 +00:00
67 changed files with 2152 additions and 793 deletions
--- a/.github/workflows/audits.yml
+++ b/.github/workflows/audits.yml
@ -17,7 +17,7 @@ jobs:
      - uses: dtolnay/rust-toolchain@stable
        id: toolchain
      - run: rustup override set ${{steps.toolchain.outputs.name}}
-      - run: cargo install cargo-vet --version ~0.9
+      - run: cargo install cargo-vet --version ~0.10
      - run: cargo vet --locked
  cargo-deny:
--- a/.github/workflows/ci-skip.yml
+++ b/.github/workflows/ci-skip.yml
@ -45,9 +45,9 @@ jobs:
          fetch-depth: 0
      - name: Fetch the commits for the PR branch
-        run: git fetch $HEAD_REPO $HEAD_SHA
+        run: git fetch "${HEAD_REPO}" "${HEAD_SHA}"
        env:
-          HEAD_REPO: ${{ github.event.pull_request.head.repo }}
+          HEAD_REPO: ${{ github.event.pull_request.head.repo.clone_url }}
          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
      - name: Check whether the changes are only to the set of filtered paths
@ -74,7 +74,11 @@ jobs:
          ]
          paths_regex = '(?:%s)' % '|'.join(paths)
-          changed_files = shlex.split(os.environ["CHANGED_FILES"])
+          lex = shlex.shlex(posix = True)
          lex.whitespace = '\n\r'
          lex.whitespace_split = True
          lex.commenters = ''
          changed_files = list(lex)
          if len(changed_files) == 0:
              sys.exit(1)
@ -85,9 +89,8 @@ jobs:
          print('result=verified' if verified else 'result=skipped')
          EOF
-          CHANGED_FILES=$(git diff --name-only ${{ github.sha }}...$HEAD_SHA --)
+
-          echo $CHANGED_FILES
+          git diff --name-only ${{ github.sha }}...$HEAD_SHA -- | python3 ./subclass.py >> $GITHUB_OUTPUT
          CHANGED_FILES=$CHANGED_FILES python3 ./subclass.py >> $GITHUB_OUTPUT
        env:
          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -51,33 +51,33 @@ jobs:
            - name: Debian-bookworm
              tier: 1
              platform: Debian Bookworm
-              build_os: ubuntu-20.04-8cores
+              build_os: ubuntu-22.04-8cores
-              test_os: ubuntu-20.04
+              test_os: ubuntu-22.04
              container: electriccoinco/debian-helper:bookworm
              host: x86_64-pc-linux-gnu
            - name: Debian-bullseye
              tier: 1
              platform: Debian bullseye
-              build_os: ubuntu-20.04-8cores
+              build_os: ubuntu-22.04-8cores
-              test_os: ubuntu-20.04
+              test_os: ubuntu-22.04
              container: electriccoinco/debian-helper:bullseye
              host: x86_64-pc-linux-gnu
            - name: ubuntu-20.04
              tier: 1
              platform: Ubuntu 20.04
              build_os: ubuntu-20.04-8cores
              test_os: ubuntu-20.04
              host: x86_64-pc-linux-gnu
            - name: ubuntu-22.04
-              tier: 3
+              tier: 1
              platform: Ubuntu 22.04
              build_os: ubuntu-22.04-8cores
              test_os: ubuntu-22.04
              host: x86_64-pc-linux-gnu
            - name: ubuntu-24.04
              tier: 3
              platform: Ubuntu 24.04
              build_os: ubuntu-24.04
              test_os: ubuntu-24.04
              host: x86_64-pc-linux-gnu
            # - name: macos-12
            #   tier: 3
            #   platform: macOS 12 Monterey
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -35,7 +35,7 @@ path = "src/rust/bin/wallet_tool.rs"
 [dependencies]
 bellman = "0.14"
-bip0039 = { version = "0.10.1", features = ["std", "all-languages"] }
+bip0039 = { version = "0.12", features = ["std", "all-languages"] }
 blake2b_simd = "1"
 blake2s_simd = "1"
 bls12_381 = "0.8"
@ -51,7 +51,7 @@ jubjub = "0.10"
 memuse = "0.2"
 nonempty = "0.7"
 orchard = "0.10"
-sapling = { package = "sapling-crypto", version = "0.3", features = ["temporary-zcashd"] }
+sapling = { package = "sapling-crypto", version = "0.4", features = ["temporary-zcashd"] }
 secp256k1 = "0.27"
 subtle = "2.2"
 rand_core = "0.6"
@ -59,12 +59,13 @@ redjubjub = "0.7"
 tracing = "0.1"
 tracing-core = "0.1"
 tracing-appender = "0.2"
 transparent = { package = "zcash_transparent", version = "0.1" }
 zcash_address = "0.6"
 zcash_encoding = "0.2.1"
 zcash_history = "0.4"
 zcash_note_encryption = "0.4"
-zcash_primitives = { version = "0.19", features = ["temporary-zcashd", "transparent-inputs"] }
+zcash_primitives = { version = "0.21", features = ["temporary-zcashd", "transparent-inputs"] }
-zcash_proofs = { version = "0.19", features = ["directories"] }
+zcash_proofs = { version = "0.21", features = ["directories"] }
 zcash_protocol = { version = "0.4", features = ["local-consensus"] }
 ed25519-zebra = "4"
 zeroize = "1.4.2"
@ -72,7 +73,7 @@ wagyu-zcash-parameters = "0.2"
 # Rust/C++ interop
 # The version needs to match depends/packages/native_cxxbridge.mk
-cxx = { version = "=1.0.128", features = ["c++17"] }
+cxx = { version = "=1.0.158", features = ["c++17"] }
 # Rust threading
 rayon = "1.5"
@ -91,16 +92,19 @@ gumdrop = "0.8"
 # (also depends on tracing, and tracing-subscriber with "env-filter" and "fmt" features)
 anyhow = "1.0"
 backtrace = "0.3"
-clearscreen = "3"
+clearscreen = "4"
 rand = "0.8"
 secrecy = "0.8"
-thiserror = "1"
+thiserror = "2"
 time = { version = "0.3", features = ["formatting", "macros"] }
 # Macros
 macro_find_and_replace = "1"
 [dev-dependencies]
 incrementalmerkletree = { version = "0.7", features = ["test-dependencies"] }
 proptest = "1.0.0"
-zcash_primitives = { version = "0.19", features = ["temporary-zcashd", "transparent-inputs", "test-dependencies"] }
+zcash_primitives = { version = "0.21", features = ["temporary-zcashd", "transparent-inputs", "test-dependencies"] }
 [dependencies.tracing-subscriber]
 version = "0.3"
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-Zcash 6.0.0
+Zcash 6.2.0
 <img align="right" width="120" height="80" src="doc/imgs/logo.png">
 ===========
@ -60,8 +60,8 @@ for instructions on joining the main Zcash network.
 * :blue_book: See the documentation at the [ReadTheDocs](https://zcash.readthedocs.io)
  for help and more information.
-* :incoming_envelope: Ask for help on the [Zcash](https://forum.z.cash/) forum.
+* :incoming_envelope: Ask for help on the [Zcash forum](https://forum.zcashcommunity.com/).
-* :speech_balloon: Join our community on [Discord](https://discord.com/invite/zcash) 
+* :speech_balloon: Join our community on the [Zcash Global Discord](https://discord.com/invite/zcash).
 * 🧑‍🎓: Learn at [ZecHub](https://zechub.wiki/)
 Participation in the Zcash project is subject to a
@ -76,7 +76,7 @@ Build Zcash along with most dependencies from source by running the following co
 ```
 Currently, Zcash is only officially supported on Debian and Ubuntu. See the
-[Debian / Ubuntu build](https://zcash.readthedocs.io/en/latest/rtd_pages/Debian-Ubuntu-build.html)
+[Debian / Ubuntu build page](https://zcash.readthedocs.io/en/latest/rtd_pages/Debian-Ubuntu-build.html)
 for detailed instructions.
 License
--- a/configure.ac
+++ b/configure.ac
@ -1,7 +1,7 @@
 dnl require autoconf 2.60 (AS_ECHO/AS_ECHO_N)
 AC_PREREQ([2.60])
 define(_CLIENT_VERSION_MAJOR, 6)
-define(_CLIENT_VERSION_MINOR, 0)
+define(_CLIENT_VERSION_MINOR, 2)
 define(_CLIENT_VERSION_REVISION, 0)
 define(_CLIENT_VERSION_BUILD, 50)
 define(_ZC_BUILD_VAL, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, m4_incr(_CLIENT_VERSION_BUILD), m4_eval(_CLIENT_VERSION_BUILD < 50), 1, m4_eval(_CLIENT_VERSION_BUILD - 24), m4_eval(_CLIENT_VERSION_BUILD == 50), 1, , m4_eval(_CLIENT_VERSION_BUILD - 50)))
--- a/contrib/debian/changelog
+++ b/contrib/debian/changelog
@ -1,3 +1,21 @@
 zcash (6.2.0) stable; urgency=medium
  * 6.2.0 release.
 -- Electric Coin Company <team@electriccoin.co>  Wed, 16 Apr 2025 23:59:38 +0100
 zcash (6.2.0~rc1) stable; urgency=medium
  * 6.2.0-rc1 release.
 -- Electric Coin Company <team@electriccoin.co>  Thu, 10 Apr 2025 18:44:12 +0100
 zcash (6.1.0) stable; urgency=medium
  * 6.1.0 release.
 -- Electric Coin Company <team@electriccoin.co>  Thu, 02 Jan 2025 19:21:42 +0000
 zcash (6.0.0) stable; urgency=high
  * 6.0.0 release.
--- a/contrib/debian/copyright
+++ b/contrib/debian/copyright
@ -190,6 +190,10 @@ Copyright: 2016-2021 isis agora lovecruft
 2012 The Go Authors
 License: BSD-3-clause and BSD-3-clause-Google
 Files: depends/*/vendored-sources/foldhash/*
 Copyright: 2024 Orson Peters
 License: Zlib
 Files: depends/*/vendored-sources/instant/*
 Copyright: 2019 Sébastien Crozet
 License: BSD-3-clause
@ -235,8 +239,8 @@ Copyright: 2016-2020 meh <meh@schizofreni.co>
 License: WTFPL
 Files: depends/*/vendored-sources/unicode-ident/src/tables.rs
-Copyright: 1991-2022 Unicode, Inc
+Copyright: 1991-2023 Unicode, Inc.
-License: Unicode-DFS-2016
+License: Unicode-3.0
 Comment: This entry is for code in the unicode-ident crate generated from Unicode data tables.
 The license of the unicode-ident crate itself is MIT/Expat or Apache-2.0.
@ -2031,50 +2035,62 @@ License: Ring-BoringSSL
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
-License: Unicode-DFS-2016
+License: Unicode-3.0
- UNICODE, INC. LICENSE AGREEMENT - DATA FILES AND SOFTWARE
+ UNICODE LICENSE V3
 .
 See Terms of Use <https://www.unicode.org/copyright.html>
 for definitions of Unicode Inc.’s Data Files and Software.
 .
 NOTICE TO USER: Carefully read the following legal agreement.
 BY DOWNLOADING, INSTALLING, COPYING OR OTHERWISE USING UNICODE INC.'S
 DATA FILES ("DATA FILES"), AND/OR SOFTWARE ("SOFTWARE"),
 YOU UNEQUIVOCALLY ACCEPT, AND AGREE TO BE BOUND BY, ALL OF THE
 TERMS AND CONDITIONS OF THIS AGREEMENT.
 IF YOU DO NOT AGREE, DO NOT DOWNLOAD, INSTALL, COPY, DISTRIBUTE OR USE
 THE DATA FILES OR SOFTWARE.
 .
 COPYRIGHT AND PERMISSION NOTICE
 .
- Copyright © 1991-2022 Unicode, Inc. All rights reserved.
+ Copyright © 1991-2023 Unicode, Inc.
 Distributed under the Terms of Use in https://www.unicode.org/copyright.html.
 .
- Permission is hereby granted, free of charge, to any person obtaining
+ NOTICE TO USER: Carefully read the following legal agreement. BY
- a copy of the Unicode data files and any associated documentation
+ DOWNLOADING, INSTALLING, COPYING OR OTHERWISE USING DATA FILES, AND/OR
- (the "Data Files") or Unicode software and any associated documentation
+ SOFTWARE, YOU UNEQUIVOCALLY ACCEPT, AND AGREE TO BE BOUND BY, ALL OF THE
- (the "Software") to deal in the Data Files or Software
+ TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU DO NOT AGREE, DO NOT
- without restriction, including without limitation the rights to use,
+ DOWNLOAD, INSTALL, COPY, DISTRIBUTE OR USE THE DATA FILES OR SOFTWARE.
 copy, modify, merge, publish, distribute, and/or sell copies of
 the Data Files or Software, and to permit persons to whom the Data Files
 or Software are furnished to do so, provided that either
 (a) this copyright and permission notice appear with all copies
 of the Data Files or Software, or
 (b) this copyright and permission notice appear in associated
 Documentation.
 .
- THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF
+ Permission is hereby granted, free of charge, to any person obtaining a
- ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
+ copy of data files and any associated documentation (the "Data Files") or
- WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ software and any associated documentation (the "Software") to deal in the
- NONINFRINGEMENT OF THIRD PARTY RIGHTS.
+ Data Files or Software without restriction, including without limitation
- IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS
+ the rights to use, copy, modify, merge, publish, distribute, and/or sell
- NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL
+ copies of the Data Files or Software, and to permit persons to whom the
- DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
+ Data Files or Software are furnished to do so, provided that either (a)
- DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
+ this copyright and permission notice appear with all copies of the Data
- TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ Files or Software, or (b) this copyright and permission notice appear in
- PERFORMANCE OF THE DATA FILES OR SOFTWARE.
+ associated Documentation.
 .
- Except as contained in this notice, the name of a copyright holder
+ THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
- shall not be used in advertising or otherwise to promote the sale,
+ KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- use or other dealings in these Data Files or Software without prior
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF
- written authorization of the copyright holder.
+ THIRD PARTY RIGHTS.
 .
 IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS NOTICE
 BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES,
 OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
 WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
 ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE DATA
 FILES OR SOFTWARE.
 .
 Except as contained in this notice, the name of a copyright holder shall
 not be used in advertising or otherwise to promote the sale, use or other
 dealings in these Data Files or Software without prior written
 authorization of the copyright holder.
 License: Zlib
 This software is provided 'as-is', without any express or implied warranty. In
 no event will the authors be held liable for any damages arising from the use of
 this software.
 .
 Permission is granted to anyone to use this software for any purpose, including
 commercial applications, and to alter it and redistribute it freely, subject to
 the following restrictions:
 .
 1. The origin of this software must not be misrepresented; you must not claim
     that you wrote the original software. If you use this software in a product,
     an acknowledgment in the product documentation would be appreciated but is
     not required.
 .
 2. Altered source versions must be plainly marked as such, and must not be
     misrepresented as being the original software.
 .
 3. This notice may not be removed or altered from any source distribution.
--- a/contrib/devtools/symbol-check.py
+++ b/contrib/devtools/symbol-check.py
@ -18,50 +18,50 @@ import re
 import sys
 import os
-# Ubuntu 20.04 LTS (Focal Fossa; End of Support April 2025) has:
+# Ubuntu 22.04 LTS (Jammy Jellyfish; End of Support April 2027) has:
 #
-# - g++ version 9.3.0 (https://packages.ubuntu.com/search?suite=all&searchon=names&keywords=g%2B%2B)
+# - g++ version 11.2.0 (https://packages.ubuntu.com/search?suite=all&searchon=names&keywords=g%2B%2B)
-# - libc6 version 2.31 (https://packages.ubuntu.com/search?suite=all&searchon=names&keywords=libc6)
+# - libc6 version 2.35 (https://packages.ubuntu.com/search?suite=all&searchon=names&keywords=libc6)
 #
-# Debian 10 (Buster; LTS EOL June 2024) has:
+# Debian 11 (Bullseye; LTS EOL August 2026) has:
 #
-# - g++ version 8.3.0 (https://packages.debian.org/search?suite=default&section=all&arch=any&searchon=names&keywords=g%2B%2B)
+# - g++ version 10.2.1 (https://packages.debian.org/search?suite=default&section=all&arch=any&searchon=names&keywords=g%2B%2B)
-# - libc6 version 2.28 (https://packages.debian.org/search?suite=default&section=all&arch=any&searchon=names&keywords=libc6)
+# - libc6 version 2.31 (https://packages.debian.org/search?suite=default&section=all&arch=any&searchon=names&keywords=libc6)
 #
-# RedHat Enterprise Linux 8 (EOL: long and complicated) is based on Fedora 28 (EOL 2019-05-28) and uses the same base packages:
+# RedHat Enterprise Linux 9 (EOL some time in 2032) is based on Fedora 34 (EOL 2022-06-07) and uses the same base packages:
 #
-# - g++ version 8.0.1 (https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/28/Everything/x86_64/os/Packages/g/ search for gcc-)
+# - g++ version 11.0.1 (https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/34/Everything/x86_64/os/Packages/g/ search for gcc-)
-# - libc6 version 2.27 (https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/28/Everything/x86_64/os/Packages/g/ search for glibc)
+# - libc6 version 2.33 (https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/34/Everything/x86_64/os/Packages/g/ search for glibc)
 #
-# Fedora 31 (EOL ~November 2020) has:
+# Fedora 40 (EOL ~May 2025) has:
 #
-# - g++ version 9.2.1 (https://dl.fedoraproject.org/pub/fedora/linux/releases/31/Everything/x86_64/os/Packages/g/ search for gcc-)
+# - g++ version 14.0.1 (https://dl.fedoraproject.org/pub/fedora/linux/releases/40/Everything/x86_64/os/Packages/g/ search for gcc-)
-# - libc6 version 2.30 (https://dl.fedoraproject.org/pub/fedora/linux/releases/31/Everything/x86_64/os/Packages/g/ search for glibc)
+# - libc6 version 2.39 (https://dl.fedoraproject.org/pub/fedora/linux/releases/40/Everything/x86_64/os/Packages/g/ search for glibc)
 #
-# Arch is a rolling release, and as of October 2020 has packages for:
+# Arch is a rolling release, and as of April 2025 has packages for:
 #
-# - g++ version 8.4.0 / 9.3.0 / 10.2.0 (https://www.archlinux.org/packages/?q=gcc)
+# - g++ version 13.3.1 / 14.2.1 (https://www.archlinux.org/packages/?q=gcc)
-# - libc6 version 2.32 (https://www.archlinux.org/packages/?q=glibc)
+# - libc6 version 2.41 (https://www.archlinux.org/packages/?q=glibc)
 #
-# We take the minimum of these as our target. In practice, if we build on Buster without
+# We take the minimum of these as our target. In practice, if we build on Bullseye without
 # upgrading GCC or libc, then we should get a binary that works for all these systems, and
 # later ones.
 #
-# According to the GNU ABI document (https://gcc.gnu.org/onlinedocs/libstdc++/manual/abi.html) this corresponds to:
+# According to the GNU ABI document (https://gcc.gnu.org/onlinedocs/libstdc++/manual/abi.html) this corresponds to libstdc++.so.6.0.28:
-#   GCC 8.0.0: GCC_8.0.0, GLIBCXX_3.4.24, CXXABI_1.3.11
+#   GCC 10.1.0: GCC_9.0.0, GLIBCXX_3.4.28, CXXABI_1.3.12
-#   libc6:     GLIBC_2_27
+#   libc6:      GLIBC_2_31
 # We statically link libc++ and libc++abi in our builds. Set this to allow dynamic linking to libstdc++.
 ALLOW_DYNAMIC_LIBSTDCXX = False
 MAX_VERSIONS = {
-    'GCC':   (8,0,0),
+    'GCC':   (10,2,1),
-    'GLIBC': (2,27),
+    'GLIBC': (2,31),
 }
 if ALLOW_DYNAMIC_LIBSTDCXX:
    MAX_VERSIONS.update({
-        'GLIBCXX': (3,4,14),
+        'GLIBCXX': (3,4,28),
-        'CXXABI':  (1,3,4),
+        'CXXABI':  (1,3,12),
    })
 # See here for a description of _IO_stdin_used:
--- a/contrib/gitian-descriptors/gitian-linux-parallel.yml
+++ b/contrib/gitian-descriptors/gitian-linux-parallel.yml
@ -1,5 +1,5 @@
 ---
-name: "zcash-6.0.0"
+name: "zcash-6.2.0"
 enable_cache: true
 distro: "debian"
 suites:
--- a/contrib/gitian-descriptors/gitian-linux.yml
+++ b/contrib/gitian-descriptors/gitian-linux.yml
@ -1,5 +1,5 @@
 ---
-name: "zcash-6.0.0"
+name: "zcash-6.2.0"
 enable_cache: true
 distro: "debian"
 suites:
--- a/contrib/gitian-downloader/daira-emma-old.asc
+++ b/contrib/gitian-downloader/daira-emma-old.asc
--- a/contrib/gitian-downloader/daira-emma.asc
+++ b/contrib/gitian-downloader/daira-emma.asc
@ -0,0 +1,78 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 mQGNBF0AKGMBDAC7aZY600aU58klU+ot+i84rSPfhBvqXUlg8kfd5bG5jGGfVFY0
 a1iOzMKL4KKhIbmifCCrIRap+fQV7UXaFsGP6+cmhoxWFK6T49iXi1ZdNYBhVWLD
 ELdguZgeIDEJyukgN/99nAqMXIDcTLL7Cf+OQJM56JzzHIvCZqSNmp6zypL0BIUF
 3Xx/AUQjENx+1AAO1nOwKIzV3v7JZ9L2e4YKV/LJIctqi+GIjcIvLsLzZL30A6ru
 oSmaJNyDdcfMPSUosJ+32jWhFwLcHXCRLMVRKgr0TGqLcGYt3Es4BmteHpPSBhpq
 bOSXjc8Sx3vKmo5JDDXK1EoRwLN4pX7G6y17BLcdWbkH5rEFaB7Nw+H3rxNQ77ZY
 qWWZ8NrfORiwplYJG5FejpcsGyk8mL2J3qG2Dx0Sqvlc4Ve4tskBuUtPxhn2IGeT
 fnlbAMSpV6z/JTUmNfYCO2MlokbtqILVDwSJLtUYVDF7GJK70elbk4QoZZKOZjO2
 smRZVF4ZtlnL0b0AEQEAAbQ0RGFpcmEgSG9wd29vZCAoemNhc2ggZ2l0aWFuKSA8
 ZGFpcmFAZWxlY3RyaWNjb2luLmNvPokB1AQTAQgAPgIbAwULCQgHAgYVCAkKCwIE
 FgIDAQIeAQIXgBYhBF/DXfKZ2HH9KaGxC/RV6bkgI6GLBQJnBnAzBQkNyK7QAAoJ
 EPRV6bkgI6GLTkkL/0i9ulDoPJ0qfRwJw3odiRO4VI/b8Bj4+fabaojkHCcYiZL+
 lc5fSNJOmlT069kLo+v0gQF6JufqyFPrUvpXzLHMAfjJptanQJiD0q1YykxdqTFs
 WbjR6DB7HR3nounO4H9BpNLw6MSDnfGyY36URSsabWQWRDjgQNCw6ZwiYe0dFvhV
 Bmd756/jKH+n3rKlFimdkAgqPVg6oWvC27yuGusjpGD9MeF31O7p85FR/AdJzQJ5
 GaQ1K/UvjMWzdnF0ejij6XOfl4sHP5bG7ctLTHVUja7YjLhxsCjgM9SnhR4STSyP
 ATGApSANMB7YlByfbJCtvm3x8d+zg5sX8YaIAzaYTUFLMaNgEbCRU/SF6sv/uFpx
 eVJyrKdJyQrmhoCgynsqCW8Eg9pinLyumuJCwXOdEbJBwPpcEOJJv6lKicNnVBAe
 6SiizkwS0mlUnvBl/HVIlUaWUiHNktBucoAf9bXlZkCgPiT4Q+YWvlLLkYaBIGOc
 GrVPIuJXmvJ+EOAlELQyRGFpcmEgSG9wd29vZCAoemNhc2ggZ2l0aWFuKSA8ZGFp
 cmFAamFjYXJhbmRhLm9yZz6JAdQEEwEIAD4CGwMFCwkIBwIGFQgJCgsCBBYCAwEC
 HgECF4AWIQRfw13ymdhx/SmhsQv0Vem5ICOhiwUCZwZwMwUJDciu0AAKCRD0Vem5
 ICOhi1qwC/45inPXEI8nbzLg4Z5JPzIjw75e+2SiLFbEJ3u40vWP0WEqVWLqSy93
 VhRjgT8Sk99clvqhTGSvpbY8RMsExzPLgxRhqsk851lvb5KnRODIi7IyGPtwAanI
 3zadoQPvkjV/d4ly/b/Gsxt5uymbn6viJPQfCz5dDUVBvaQf6q9QZWiAZarR2x36
 sLesBymfRwZhWT2Rh4yPwkwhGJNcmCdWbe6j1BmVgWLQpbFkDbhv1iJN4M24AIoA
 cQlpiHgrjxIVEJca4WCpXJ3YbGgMv3SVoprkJW3dxEUdv77JA2DIuJTVJN4YRHfa
 voibA8B5sdayfMrKmi1YuLC35NCnsF4v5i6UdoW0PHvYiUQTlF9uFbTt32OA2HPv
 U+Jhok/s/o1chaU71GUUN2j9qz7dZHLbb/5oA+QaNl/Rppsn5SUqfBdM2FVe7XT7
 ajcIIzhGYkqjwnw3jQZqT+wxU3kQFDZn0pB7vp/6Igfvn0purEpxw4azGXiif6OF
 tUZWfc040dS5AY0EXQAoYwEMAPiAjOzLsTF8w4ifNAbDulp9yEJakLUyyewXSFeZ
 bnl5SADvDQuyXEAksrONtrxtm1rZ0KG938wGiV16NqPhAqcBJjH+MrvsoLf5itDm
 AMmQUFOXaJD+sBu9qMMGyLL08xHinCOklBEjmDsJXY3IhEZpV9PO+VmhMH7llMzo
 nyv4LReJ8sRRqQMbepphbaCtbHu3MYLSzo4EkJCKT1e7onjCEVmdc2amLvq4ozBK
 eEsGz0/vRB8/9OsAYiaeTKJ8TOt8xzG8d/Pacy8rSWAxd1TDxCuFjtwagJAOAi5n
 Nn0sKOopXF8cfCdfIRP2ySijjmgH9ooxNIpkS0byYM0sfUkq6fGQL7/V3AcMTMj9
 iEbv00wJE3gLOlFcePVh6qEdrHWclKZv0N6Nw33BoXwHO34bMmDmIHaa0nDkCXyt
 gyrAbxpQspjeJ4ttH/+JEcKmPRMNus6ptD3AV+ADsJNYjgqzgr1CrmI3W+WCHOHf
 Ynz5FinpP93UBCuWBeWmfs5h3QARAQABiQG8BBgBCAAmAhsMFiEEX8Nd8pnYcf0p
 obEL9FXpuSAjoYsFAmcGcGEFCQ3Irv4ACgkQ9FXpuSAjoYub+AwAlPk32l3lLyPz
 mBr9dNbQMrH06Dm024AdXXOFssTIDpKdvDaAMufagFX58LaMVm02XVpP4vAj7K45
 R5JxhbQrGj4oE1EZjtmW9TdqNU+iMSH2z+eFl86dURWDMa2Vzobq94QtJUOhRHpf
 IFRbNrrUdUweBqsByq4Vx4v8KeiWlpY0Gh9gJN9AehjLMCPLihRkHvxQp/HykO8G
 oGrUk8fpKcHoMj8Us0OViscQAVgOgzfSi+pmNKYTLX+rxDA3w4dncwTDEm1bNJhh
 xNJkQKDXbwYHKuiCSBceS0Dh1XWQYY6Dk9V+N6AzPE9lyJUwmSUD6fTz/iVPEcVh
 vDjvr5YKnb0hU7rCpyEqSl6voQev4rm6borncehDioNvtGuAtCVyRXFpY8qRsjXA
 wMr3cU9mftZC+oZNMBrL7vT1DHmWnQYQoN8YnFMNWl9uP0/d0Rzq06zE1yUWsKW0
 JbeQynvtX0i8bojj0F2ORHODZEB7o8iQitR/ehyMzxG61uo2xd73uQMNBGMgcfEQ
 DACaiZO6UKA1B9TAlS8JeaPlQgyLEmaWRCKbc8XK62fqYMfM8ateNV+0KHCpYCxo
 2De2HejZn16mDErYXqtLJL6HadfVWKwsJB2Ptgmo8pO8QjxNWJpO1RzRYekO+n/S
 77ivHlWIkgo6nWGTtYBgUjc7IEYi2cNoV65yS+znIxXOm8HA3llYV1zJjHhOl9Tg
 PxGj/qOXCFt+mf6AaoF68msqsdqm4inrjok4HOLhhI19LhlXQSUkZXcOD/TDwwG5
 idwK9dMUHjhsFgxlPZ5VubiNSNJ+O/5JBPQNKxXrDpF0WCRFH6gEXSzX09f18wsk
 Y+EKOVDa4Cf9pGv6VbRmxaykk7kibGfYhllPsTNlYmKdVn+A6nFyIcYQONKIN8/L
 pxtBn0Kyzv80YZPfz6TQocVmCKqdiekTvCVrBnjHgdeOLEhHhMcOFr9Mch3RqjkN
 I+7eeNC6taZ2XvPKJWaGeCn122RyY0VZ1MVhr69RuTHDHM/JDVvoj/AeocJJEsNd
 3hMAAwUL/3cjN7ns6V5hw32s+OXTt5ouP17Jid0tuJODyVJbfw6ToAgS8BK8xROD
 MvVQGR30PHslhKUecCXr5kRBO6q8vMAjjvPP8P6LyyluR/+xEXmOyqUOEQofYDkn
 yqPg1hrxfvzbehXB6D8oz8coZhy5CDhsWpFnudKzTc6d1RHfX8VRyA05HDbedTey
 hb6X+IuIbUWwvoqdnFyllvUeCwVDkJlP2hlCWbh+QNQAYdhiol0wSFxGSVvM/rFx
 d9GxHZ+8280QfbejScP7RN4SGIEA6d/oKkg8IbGE0BP/u9P+s8ZMaqUJc9IIlHyX
 zKZEMvKYafmWKA7GrSBM3TdwbWN8yN+JiGgi/M/0HOj3I2eoj1YSz+D4uzqLzAw2
 U1jJtvOFW9wGmgOsOuw2LGmSokDC7h/RFhuTtm0XBDtmlE8Act4z2javYXK6G+8f
 QUETOTJhuXPbkAaMGOMnrUqcAIftPzhb60gdwK+ksUCiWaUjoVo32XuMC3bGwDYO
 khpQZCx8ZIkBvAQYAQoAJgIbDBYhBF/DXfKZ2HH9KaGxC/RV6bkgI6GLBQJnBnBh
 BQkHqGVwAAoJEPRV6bkgI6GLJsIL/RPwrtgFnLg1+hX5f5huU8t8YwfsYmYgzHFl
 aLVIJC8Jov4//UEuLr8ff/Tig0RviyAE8Pw/mqISOsmcvoDH+7Pg4EA2c156I3Ea
 PUzZU3RolW8hRfy6wVBdfSl15Nj4ChB5Zk72VkGi4Gl9/utNGA0/GOuds0RNrLJs
 qpZuFY7VnOXfBxc5fO7DL/HOrLuUUF22lK6Q8To5SdJ8tpEzOH3MZS68QY1+1vQi
 UC3Wzb3t8bvOWJYiA832tO8ZZNuQqbWSk3YupdnamQ1/1NTtVPoIxY1dcw2mHnLR
 n3O7MYEJ/U2rFy10gUDgvxgwqqon2wYKnHmsdRB5Yoqp87f/Z+xZVfk9jGusioTm
 pr3/oIJnGMGlFmhB2nnzbtPF6zBlAXxSq90tSyVZtxhywie3WmN8MQ5vG7LyWbQq
 E+RbFqJuY0F0jY0feAl+q2iWTgsQ0JayLhRYJDjvhqgr28A1obQgTHiA0Ct8UxN1
 Y9xe1BwXNuPn29YN+3cLqZXeczInWg==
 =q07c
 -----END PGP PUBLIC KEY BLOCK-----
--- a/deny.toml
+++ b/deny.toml
@ -25,9 +25,10 @@ allow = [
 exceptions = [
    { name = "arrayref", allow = ["BSD-2-Clause"] },
    { name = "curve25519-dalek", allow = ["BSD-3-Clause"] },
    { name = "foldhash", allow = ["Zlib"] },
    { name = "secp256k1", allow = ["CC0-1.0"] },
    { name = "secp256k1-sys", allow = ["CC0-1.0"] },
    { name = "subtle", allow = ["BSD-3-Clause"] },
    { name = "terminfo", allow = ["WTFPL"] },
-    { name = "unicode-ident", allow = ["Unicode-DFS-2016"] },
+    { name = "unicode-ident", allow = ["Unicode-3.0"] },
 ]
--- a/depends/packages/native_cmake.mk
+++ b/depends/packages/native_cmake.mk
@ -1,8 +1,8 @@
 package=native_cmake
-$(package)_version=3.30.4
+$(package)_version=3.31.3
 $(package)_download_path=https://github.com/Kitware/CMake/releases/download/v$($(package)_version)
 $(package)_file_name=cmake-$($(package)_version).tar.gz
-$(package)_sha256_hash=c759c97274f1e7aaaafcb1f0d261f9de9bf3a5d6ecb7e2df616324a46fe704b2
+$(package)_sha256_hash=fac45bc6d410b49b3113ab866074888d6c9e9dc81a141874446eb239ac38cb87
 define $(package)_set_vars
 $(package)_config_opts += -DCMAKE_BUILD_TYPE:STRING=Release
--- a/depends/packages/native_cxxbridge.mk
+++ b/depends/packages/native_cxxbridge.mk
@ -1,14 +1,14 @@
 package=native_cxxbridge
 # The version needs to match cxx in Cargo.toml
-$(package)_version=1.0.128
+$(package)_version=1.0.158
 $(package)_download_path=https://github.com/dtolnay/cxx/archive/refs/tags
 $(package)_file_name=native_cxxbridge-$($(package)_version).tar.gz
 $(package)_download_file=$($(package)_version).tar.gz
-$(package)_sha256_hash=7aa61d128d75cbfb4713e0c0803efb4da6c88180327f9e2f095641b55a5d0e06
+$(package)_sha256_hash=58a3c7b28033caeeb8a5e1f74c5124d63b1bfc8a67a5740c475c6d12d1bc7f4b
 $(package)_build_subdir=gen/cmd
 $(package)_dependencies=native_rust
 # This file is somewhat annoying to update, but can be done like so from the repo base:
-# $ export VERSION=1.0.128
+# $ export VERSION=1.0.158
 # $ rm .cargo/config.toml .cargo/.configured-for-offline
 # $ mkdir tmp
 # $ cd tmp
--- a/depends/packages/native_fmt.mk
+++ b/depends/packages/native_fmt.mk
@ -1,9 +1,9 @@
 package=native_fmt
-$(package)_version=11.0.2
+$(package)_version=11.1.1
 $(package)_download_path=https://github.com/fmtlib/fmt/archive/refs/tags
 $(package)_download_file=$($(package)_version).tar.gz
 $(package)_file_name=fmt-$($(package)_version).tar.gz
-$(package)_sha256_hash=6cb1e6d37bdcb756dbbe59be438790db409cdb4868c66e888d5df9f13f7c027f
+$(package)_sha256_hash=482eed9efbc98388dbaee5cb5f368be5eca4893456bb358c18b7ff71f835ae43
 $(package)_build_subdir=build
 $(package)_dependencies=native_cmake
--- a/depends/packages/native_xxhash.mk
+++ b/depends/packages/native_xxhash.mk
@ -1,9 +1,9 @@
 package=native_xxhash
-$(package)_version=0.8.2
+$(package)_version=0.8.3
 $(package)_download_path=https://github.com/Cyan4973/xxHash/archive/refs/tags
 $(package)_download_file=v$($(package)_version).tar.gz
 $(package)_file_name=xxhash-$($(package)_version).tar.gz
-$(package)_sha256_hash=baee0c6afd4f03165de7a4e67988d16f0f2b257b51d0e3cb91909302a26a79c4
+$(package)_sha256_hash=aae608dfe8213dfd05d909a57718ef82f30722c392344583d3f39050c7f29a80
 define $(package)_build_cmds
  $(MAKE) libxxhash.a
--- a/depends/packages/utfcpp.mk
+++ b/depends/packages/utfcpp.mk
@ -1,9 +1,9 @@
 package=utfcpp
-$(package)_version=4.0.5
+$(package)_version=4.0.6
 $(package)_download_path=https://github.com/nemtrif/$(package)/archive/refs/tags
 $(package)_file_name=$(package)-$($(package)_version).tar.gz
 $(package)_download_file=v$($(package)_version).tar.gz
-$(package)_sha256_hash=ffc668a310e77607d393f3c18b32715f223da1eac4c4d6e0579a11df8e6b59cf
+$(package)_sha256_hash=6920a6a5d6a04b9a89b2a89af7132f8acefd46e0c2a7b190350539e9213816c0
 define $(package)_stage_cmds
  mkdir -p $($(package)_staging_dir)$(host_prefix)/include && \
--- a/depends/patches/native_cxxbridge/Cargo.lock
+++ b/depends/patches/native_cxxbridge/Cargo.lock
@ -10,15 +10,21 @@ checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627"
 [[package]]
 name = "anstyle"
-version = "1.0.8"
+version = "1.0.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1"
+checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9"
 [[package]]
 name = "bitflags"
 version = "2.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5c8214115b7bf84099f1309324e63141d4c5d7cc26862f97a0a857dbefe165bd"
 [[package]]
 name = "cc"
-version = "1.1.21"
+version = "1.2.21"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "07b1695e2c7e8fc85310cde85aeaab7e3097f593c91d209d3f9df76c928100f0"
+checksum = "8691782945451c1c383942c4874dbe63814f61cb57ef773cda2972682b7bb3c0"
 dependencies = [
 "jobserver",
 "libc",
@ -33,28 +39,28 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 [[package]]
 name = "clang-ast"
-version = "0.1.26"
+version = "0.1.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "577457f7ace079a595017e4307c6e480902664ede6e4a0760747c4f498b7c996"
+checksum = "0f215fa69fa4265fc39aef0b1a1e724e62392da3dcc8c08f892dd323107e9a8d"
 dependencies = [
- "rustc-hash",
+ "foldhash",
 "serde",
 ]
 [[package]]
 name = "clap"
-version = "4.5.18"
+version = "4.5.37"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b0956a43b323ac1afaffc053ed5c4b7c1f1800bacd1683c353aabbb752515dd3"
+checksum = "eccb054f56cbd38340b380d4a8e69ef1f02f1af43db2f0cc817a4774d80ae071"
 dependencies = [
 "clap_builder",
 ]
 [[package]]
 name = "clap_builder"
-version = "4.5.18"
+version = "4.5.37"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4d72166dd41634086d5803a47eb71ae740e61d84709c36f3c34110173db3961b"
+checksum = "efd9466fac8543255d3b1fcad4762c5e116ffe808c8a3043d4263cd4fd4862a2"
 dependencies = [
 "anstyle",
 "clap_lex",
@ -63,16 +69,17 @@ dependencies = [
 [[package]]
 name = "clap_lex"
-version = "0.7.2"
+version = "0.7.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97"
+checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6"
 [[package]]
 name = "codespan-reporting"
-version = "0.11.1"
+version = "0.12.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e"
+checksum = "fe6d2e5af09e8c8ad56c969f2157a3d4238cebc7c55f0a517728c38f7b200f81"
 dependencies = [
 "serde",
 "termcolor",
 "unicode-width",
 ]
@ -88,14 +95,16 @@ dependencies = [
 [[package]]
 name = "cxx"
-version = "1.0.128"
+version = "1.0.158"
 dependencies = [
 "cc",
 "cxx-build",
 "cxx-gen",
 "cxx-test-suite",
 "cxxbridge-cmd",
 "cxxbridge-flags",
 "cxxbridge-macro",
 "foldhash",
 "link-cplusplus",
 "rustversion",
 "trybuild",
@ -103,13 +112,12 @@ dependencies = [
 [[package]]
 name = "cxx-build"
-version = "1.0.128"
+version = "1.0.158"
 dependencies = [
 "cc",
 "codespan-reporting",
 "cxx",
 "cxx-gen",
 "once_cell",
 "pkg-config",
 "proc-macro2",
 "quote",
@ -119,7 +127,7 @@ dependencies = [
 [[package]]
 name = "cxx-gen"
-version = "0.7.128"
+version = "0.7.158"
 dependencies = [
 "codespan-reporting",
 "proc-macro2",
@ -138,7 +146,7 @@ dependencies = [
 [[package]]
 name = "cxxbridge-cmd"
-version = "1.0.128"
+version = "1.0.158"
 dependencies = [
 "clap",
 "codespan-reporting",
@ -149,11 +157,11 @@ dependencies = [
 [[package]]
 name = "cxxbridge-flags"
-version = "1.0.128"
+version = "1.0.158"
 [[package]]
 name = "cxxbridge-macro"
-version = "1.0.128"
+version = "1.0.158"
 dependencies = [
 "clang-ast",
 "cxx",
@ -161,6 +169,7 @@ dependencies = [
 "memmap",
 "proc-macro2",
 "quote",
 "rustversion",
 "serde",
 "serde_derive",
 "serde_json",
@ -177,43 +186,61 @@ dependencies = [
 [[package]]
 name = "dissimilar"
-version = "1.0.9"
+version = "1.0.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "59f8e79d1fbf76bdfbde321e902714bf6c49df88a7dda6fc682fc2979226962d"
+checksum = "8975ffdaa0ef3661bfe02dbdcc06c9f829dfafe6a3c474de366a8d5e44276921"
 [[package]]
 name = "equivalent"
-version = "1.0.1"
+version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5"
+checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
 [[package]]
 name = "flate2"
-version = "1.0.33"
+version = "1.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "324a1be68054ef05ad64b861cc9eaf1d623d2d8cb25b4bf2cb9cdd902b4bf253"
+checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece"
 dependencies = [
 "crc32fast",
 "miniz_oxide",
 ]
 [[package]]
-name = "glob"
+name = "foldhash"
-version = "0.3.1"
+version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b"
+checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 [[package]]
 name = "getrandom"
 version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "73fea8450eea4bac3940448fb7ae50d91f034f941199fcd9d909a5a07aa455f0"
 dependencies = [
 "cfg-if",
 "libc",
 "r-efi",
 "wasi",
 ]
 [[package]]
 name = "glob"
 version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a8d1add55171497b4705a648c6b583acafb01d58050a51727785f0b2c8e0a2b2"
 [[package]]
 name = "hashbrown"
-version = "0.14.5"
+version = "0.15.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1"
+checksum = "84b26c544d002229e640969970a2e74021aadf6e2f96372b9c58eff97de08eb3"
 [[package]]
 name = "indexmap"
-version = "2.5.0"
+version = "2.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "68b900aa2f7301e21c36462b170ee99994de34dff39a4a6a528e80e7376d07e5"
+checksum = "cea70ddb795996207ad57735b50c5982d8844f38ba9ee5f1aedcfb708a2aa11e"
 dependencies = [
 "equivalent",
 "hashbrown",
@ -221,30 +248,31 @@ dependencies = [
 [[package]]
 name = "itoa"
-version = "1.0.11"
+version = "1.0.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b"
+checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
 [[package]]
 name = "jobserver"
-version = "0.1.32"
+version = "0.1.33"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "48d1dbcbbeb6a7fec7e059840aa538bd62aaccf972c7346c4d9d2059312853d0"
+checksum = "38f262f097c174adebe41eb73d66ae9c06b2844fb0da69969647bbddd9b0538a"
 dependencies = [
 "getrandom",
 "libc",
 ]
 [[package]]
 name = "libc"
-version = "0.2.159"
+version = "0.2.172"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5"
+checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa"
 [[package]]
 name = "link-cplusplus"
-version = "1.0.9"
+version = "1.0.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9d240c6f7e1ba3a28b0249f774e6a9dd0175054b52dfbb61b16eb8505c3785c9"
+checksum = "4a6f6da007f968f9def0d65a05b187e2960183de70c160204ecfccf0ee330212"
 dependencies = [
 "cc",
 ]
@ -267,81 +295,75 @@ dependencies = [
 [[package]]
 name = "miniz_oxide"
-version = "0.8.0"
+version = "0.8.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1"
+checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a"
 dependencies = [
 "adler2",
 ]
 [[package]]
 name = "once_cell"
 version = "1.19.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
 [[package]]
 name = "pkg-config"
-version = "0.3.31"
+version = "0.3.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "953ec861398dccce10c670dfeaf3ec4911ca479e9c02154b3a215178c5f566f2"
+checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"
 [[package]]
 name = "proc-macro2"
-version = "1.0.86"
+version = "1.0.95"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77"
+checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778"
 dependencies = [
 "unicode-ident",
 ]
 [[package]]
 name = "quote"
-version = "1.0.37"
+version = "1.0.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
+checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d"
 dependencies = [
 "proc-macro2",
 ]
 [[package]]
-name = "rustc-hash"
+name = "r-efi"
-version = "2.0.0"
+version = "5.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "583034fd73374156e66797ed8e5b0d5690409c9226b22d87cb7f19821c05d152"
+checksum = "74765f6d916ee2faa39bc8e68e4f3ed8949b48cccdac59983d287a7cb71ce9c5"
 [[package]]
 name = "rustversion"
-version = "1.0.17"
+version = "1.0.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "955d28af4278de8121b7ebeb796b6a45735dc01436d898801014aced2773a3d6"
+checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2"
 [[package]]
 name = "ryu"
-version = "1.0.18"
+version = "1.0.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"
+checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f"
 [[package]]
 name = "scratch"
-version = "1.0.7"
+version = "1.0.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a3cf7c11c38cb994f3d40e8a8cde3bbd1f72a435e4c49e85d6553d8312306152"
+checksum = "9f6280af86e5f559536da57a45ebc84948833b3bee313a7dd25232e09c878a52"
 [[package]]
 name = "serde"
-version = "1.0.210"
+version = "1.0.219"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a"
+checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6"
 dependencies = [
 "serde_derive",
 ]
 [[package]]
 name = "serde_derive"
-version = "1.0.210"
+version = "1.0.219"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f"
+checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00"
 dependencies = [
 "proc-macro2",
 "quote",
@ -350,9 +372,9 @@ dependencies = [
 [[package]]
 name = "serde_json"
-version = "1.0.128"
+version = "1.0.140"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8"
+checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373"
 dependencies = [
 "itoa",
 "memchr",
@ -383,15 +405,21 @@ checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
 [[package]]
 name = "syn"
-version = "2.0.77"
+version = "2.0.101"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9f35bcdf61fd8e7be6caf75f429fdca8beb3ed76584befb503b1569faee373ed"
+checksum = "8ce2b7fc941b3a24138a0a7cf8e858bfc6a992e7978a068a5c760deb0ed43caf"
 dependencies = [
 "proc-macro2",
 "quote",
 "unicode-ident",
 ]
 [[package]]
 name = "target-triple"
 version = "0.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1ac9aa371f599d22256307c24a9d748c041e548cbf599f35d890f9d365361790"
 [[package]]
 name = "termcolor"
 version = "1.4.1"
@ -403,9 +431,9 @@ dependencies = [
 [[package]]
 name = "toml"
-version = "0.8.19"
+version = "0.8.22"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a1ed1f98e3fdc28d6d910e6737ae6ab1a93bf1985935a1193e68f93eeb68d24e"
+checksum = "05ae329d1f08c4d17a59bed7ff5b5a769d062e64a62d34a3261b219e62cd5aae"
 dependencies = [
 "serde",
 "serde_spanned",
@ -415,52 +443,69 @@ dependencies = [
 [[package]]
 name = "toml_datetime"
-version = "0.6.8"
+version = "0.6.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0dd7358ecb8fc2f8d014bf86f6f638ce72ba252a2c3a2572f2a795f1d23efb41"
+checksum = "3da5db5a963e24bc68be8b17b6fa82814bb22ee8660f192bb182771d498f09a3"
 dependencies = [
 "serde",
 ]
 [[package]]
 name = "toml_edit"
-version = "0.22.22"
+version = "0.22.26"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4ae48d6208a266e853d946088ed816055e556cc6028c5e8e2b84d9fa5dd7c7f5"
+checksum = "310068873db2c5b3e7659d2cc35d21855dbafa50d1ce336397c666e3cb08137e"
 dependencies = [
 "indexmap",
 "serde",
 "serde_spanned",
 "toml_datetime",
 "toml_write",
 "winnow",
 ]
 [[package]]
-name = "trybuild"
+name = "toml_write"
-version = "1.0.99"
+version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "207aa50d36c4be8d8c6ea829478be44a372c6a77669937bb39c698e52f1491e8"
+checksum = "bfb942dfe1d8e29a7ee7fcbde5bd2b9a25fb89aa70caea2eba3bee836ff41076"
 [[package]]
 name = "trybuild"
 version = "1.0.104"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6ae08be68c056db96f0e6c6dd820727cca756ced9e1f4cc7fdd20e2a55e23898"
 dependencies = [
 "dissimilar",
 "glob",
 "serde",
 "serde_derive",
 "serde_json",
 "target-triple",
 "termcolor",
 "toml",
 ]
 [[package]]
 name = "unicode-ident"
-version = "1.0.13"
+version = "1.0.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe"
+checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512"
 [[package]]
 name = "unicode-width"
-version = "0.1.14"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7dd6e30e90baa6f72411720665d41d89b9a3d039dc45b8faea1ddd07f617f6af"
+checksum = "1fc81956842c57dac11422a97c3b8195a1ff727f06e85c84ed2e8aa277c9a0fd"
 [[package]]
 name = "wasi"
 version = "0.14.2+wasi-0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3"
 dependencies = [
 "wit-bindgen-rt",
 ]
 [[package]]
 name = "winapi"
@ -568,9 +613,18 @@ checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
 [[package]]
 name = "winnow"
-version = "0.6.20"
+version = "0.7.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "36c1fec1a2bb5866f07c25f68c26e565c4c200aebb96d7e55710c19d3e8ac49b"
+checksum = "c06928c8748d81b05c9be96aad92e1b6ff01833332f281e8cfca3be4b35fc9ec"
 dependencies = [
 "memchr",
 ]
 [[package]]
 name = "wit-bindgen-rt"
 version = "0.39.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1"
 dependencies = [
 "bitflags",
 ]
--- a/doc/authors.md
+++ b/doc/authors.md
@ -1,9 +1,9 @@
 Zcash Contributors
 ==================
-* Jack Grigg (2181)
+* Jack Grigg (2194)
 * Kris Nuttycombe (751)
-* Daira-Emma Hopwood (492)
+* Daira-Emma Hopwood (526)
 * Simon Liu (464)
 * Sean Bowe (413)
 * Eirik Ogilvie-Wigley (273)
@ -15,8 +15,8 @@ Zcash Contributors
 * Taylor Hornby (118)
 * Ying Tong Lai (99)
 * Marco Falke (91)
 * Larry Ruane (91)
 * Jonas Schnelli (90)
 * Larry Ruane (89)
 * Jay Graber (89)
 * sasha (80)
 * Cory Fields (78)
@ -34,8 +34,8 @@ Zcash Contributors
 * Jorge Timón (25)
 * John Newbery (24)
 * Yasser Isa (21)
 * Marius Kjærstad (21)
 * Suhas Daftuar (20)
 * Marius Kjærstad (20)
 * Jonathan "Duke" Leto (19)
 * furszy (18)
 * syd (16)
@ -210,6 +210,7 @@ Zcash Contributors
 * Maxwell Gubler (1)
 * Matt Quinn (1)
 * Marko Bencun (1)
 * Maciej S. Szmigiero (1)
 * Luv Khemani (1)
 * Louis Nyffenegger (1)
 * LongShao007 (1)
--- a/doc/book/src/dev/platform-tier-policy.md
+++ b/doc/book/src/dev/platform-tier-policy.md
@ -3,7 +3,7 @@
 ## General
 ECC provides three tiers of platform support, modeled after the
-[Rust Target Tier Policy](https://doc.rust-lang.org/stable/rustc/platform-tier-policy.html):
+[Rust Target Tier Policy](https://doc.rust-lang.org/stable/rustc/target-tier-policy.html):
 - The Zcash developers provide no guarantees about tier 3 platforms; they exist in the
  codebase, but may or may not build.
--- a/doc/book/src/user/deprecation.md
+++ b/doc/book/src/user/deprecation.md
@ -37,10 +37,19 @@ the node, or if an `allowdeprecated=none` line is added to `zcash.conf`.
 | `feature`                           | Deprecated | Feature details
 |-------------------------------------|------------|----------------
 | `z_getbalance`                      | 5.0.0      | The `z_getbalance` RPC method.
 | `z_gettotalbalance`                 | 5.0.0      | The `z_gettotalbalance` RPC method.
-| `gbt_oldhashes`                     | 5.4.0      | The `finalsaplingroothash`, `lightclientroothash`, and `blockcommitmentshash` fields in the output of `getblocktemplate`, which are replaced by the `defaultroots` field.
+| `createrawtransaction`              | 6.2.0      | The `createrawtransaction` RPC method.
-| `deprecationinfo_deprecationheight` | 5.5.0      | The `deprecationheight` field returned by the `getdeprecationinfo` RPC method has been replaced by the `end_of_service` object.
+| `fundrawtransaction`                | 6.2.0      | The `fundrawtransaction` RPC method.
 | `signrawtransaction`                | 6.2.0      | The `signrawtransactions` RPC method.
 | `keypoolrefill`                     | 6.2.0      | The `keypoolrefill` RPC method.
 | `settxfee`                          | 6.2.0      | The `settxfee` RPC method.
 The `createrawtransaction`, `fundrawtransaction`, and `signrawtransaction` RPC methods are intended to be replaced
 by PCZT-based functionality implemented in Zallet [zcash/wallet#99](https://github.com/zcash/wallet/issues/99).
 The experimental RPC methods `z_getpaymentdisclosure` and `z_validatepaymentdisclosure` (which only supported
 Sprout) are also deprecated.
 Stage 2
 -------
@ -49,12 +58,18 @@ Each feature in the table below may be enabled by adding `-allowdeprecated=<feat
 to the CLI arguments when starting the node, or by adding an `allowdeprecated=<feature>`
 line to `zcash.conf`.
-| `feature`             | Deprecated | Feature details
+| `feature`                           | Deprecated | Default-disabled | Feature details
-|-----------------------|------------|----------------
+|-------------------------------------|------------|------------------|----------------
-| `legacy_privacy`      | 5.0.0      | The default "legacy" privacy policy for `z_sendmany` has been replaced by the `FullPrivacy` directive.
+| `legacy_privacy`                    | 5.0.0      | 5.4.0            | The default "legacy" privacy policy for `z_sendmany` has been replaced by the `FullPrivacy` directive.
-| `getnewaddress`       | 5.0.0      | The `getnewaddress` RPC method.
+| `getnewaddress`                     | 5.0.0      | 5.4.0            | The `getnewaddress` RPC method.
-| `getrawchangeaddress` | 5.0.0      | The `getrawchangeaddress` RPC method.
+| `getrawchangeaddress`               | 5.0.0      | 5.4.0            | The `getrawchangeaddress` RPC method.
-| `z_getnewaddress`     | 5.0.0      | The `z_getnewaddress` RPC method.
+| `z_getnewaddress`                   | 5.0.0      | 5.4.0            | The `z_getnewaddress` RPC method.
-| `z_listaddresses`     | 5.0.0      | The `z_listaddresses` RPC method.
+| `z_listaddresses`                   | 5.0.0      | 5.4.0            | The `z_listaddresses` RPC method.
-| `addrtype`            | 5.0.0      | The `type` attribute is deprecated in the results of RPC methods that return address metadata. It is recommended that applications using this metadata be updated to use the `pool` or `address_type` attributes, which have replaced the `type` attribute, as appropriate.
+| `addrtype`                          | 5.0.0      | 5.4.0 `*`        | The `type` attribute is deprecated in the results of RPC methods that return address metadata. It is recommended that applications using this metadata be updated to use the `pool` or `address_type` attributes, which have replaced the `type` attribute, as appropriate.
-| `wallettxvjoinsplit`  | 5.1.0      | The `vjoinsplit` attribute returned by the `gettransaction` RPC method.
+| `wallettxvjoinsplit`                | 5.1.0      | 5.4.0            | The `vjoinsplit` attribute returned by the `gettransaction` RPC method.
 | `z_getbalance`                      | 5.0.0      | 6.2.0            | The `z_getbalance` RPC method.
 | `gbt_oldhashes`                     | 5.4.0      | 6.2.0            | The `finalsaplingroothash`, `lightclientroothash`, and `blockcommitmentshash` fields in the output of `getblocktemplate`, which are replaced by the `defaultroots` field.
 | `deprecationinfo_deprecationheight` | 5.5.0      | 6.2.0            | The `deprecationheight` field returned by the `getdeprecationinfo` RPC method has been replaced by the `end_of_service` object.
 | `getnetworkhashps`                  | 6.2.0      | 6.2.0            | The `getnetworkhashps` RPC method (use `getnetworksolps` instead).
 `*` As of version 6.2.0, `addrtype` is default-disabled even when zcashd is compiled without the `ENABLE_WALLET` flag.
--- a/doc/book/src/user/platform-support.md
+++ b/doc/book/src/user/platform-support.md
@ -17,7 +17,7 @@ be removed from tier 1. These dates are subject to change.
 | ----------------------- | ------------ | -------------- |
 | `x86_64-pc-linux-gnu`   | Debian 11    | June 2026      |
 |                         | Debian 12    | June 2028      |
-|                         | Ubuntu 20.04 | April 2025     |
+|                         | Ubuntu 22.04 | April 2027     |
 ## Tier 2
@ -43,7 +43,7 @@ available.
 | target                  | OS           | notes |
 | ----------------------- | ------------ | ----- |
 | `x86_64-pc-linux-gnu`   | Arch         |
-|                         | Ubuntu 22.04 |
+|                         | Ubuntu 24.04 |
 | `x86_64-unknown-freebsd`| FreeBSD      |
 | `x86_64-w64-mingw32`    | Windows      | 64-bit MinGW |
 | `x86_64-apple-darwin16` | macOS 10.14+ |
--- a/doc/book/src/user/release-support.md
+++ b/doc/book/src/user/release-support.md
@ -42,8 +42,7 @@ time, and may shift due to changes in network solution power.
 <!-- RELEASE_SCRIPT_START_MARKER - If you make changes here, check make-release.py -->
 | `zcashd` version | Release date | Halt height | End of Support |
 | ---------------- | ------------ | ----------- | -------------- |
-| 5.10.0-rc1 | 2024-08-22 | 2700600 | 2024-10-31 |
+| 6.1.0 | 2025-01-02 | 2901800 | 2025-04-24 |
-| 5.10.0 | 2024-08-27 | 2706540 | 2024-11-05 |
+| 6.2.0-rc1 | 2025-04-10 | 3013824 | 2025-07-31 |
-| 6.0.0-rc1 | 2024-09-27 | 2710272 | 2024-11-08 |
+| 6.2.0 | 2025-04-16 | 3021100 | 2025-08-06 |
 | 6.0.0 | 2024-10-02 | 2796400 | 2025-01-22 |
 <!-- RELEASE_SCRIPT_END_MARKER -->
--- a/doc/man/zcash-cli.1
+++ b/doc/man/zcash-cli.1
@ -1,9 +1,9 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.1.
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
-.TH ZCASH-CLI "1" "October 2024" "zcash-cli v6.0.0" "User Commands"
+.TH ZCASH-CLI "1" "April 2025" "zcash-cli v6.2.0" "User Commands"
 .SH NAME
-zcash-cli \- manual page for zcash-cli v6.0.0
+zcash-cli \- manual page for zcash-cli v6.2.0
 .SH DESCRIPTION
-Zcash RPC client version v6.0.0
+Zcash RPC client version v6.2.0
 .PP
 In order to ensure you are adequately protecting your privacy when using Zcash,
 please see <https://z.cash/support/security/>.
--- a/doc/man/zcash-tx.1
+++ b/doc/man/zcash-tx.1
@ -1,9 +1,9 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.1.
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
-.TH ZCASH-TX "1" "October 2024" "zcash-tx v6.0.0" "User Commands"
+.TH ZCASH-TX "1" "April 2025" "zcash-tx v6.2.0" "User Commands"
 .SH NAME
-zcash-tx \- manual page for zcash-tx v6.0.0
+zcash-tx \- manual page for zcash-tx v6.2.0
 .SH DESCRIPTION
-Zcash zcash\-tx utility version v6.0.0
+Zcash zcash\-tx utility version v6.2.0
 .SS "Usage:"
 .TP
 zcash\-tx [options] <hex\-tx> [commands]
--- a/doc/man/zcashd-wallet-tool.1
+++ b/doc/man/zcashd-wallet-tool.1
@ -1,7 +1,7 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.1.
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
-.TH ZCASHD-WALLET-TOOL "1" "October 2024" "zcashd-wallet-tool v6.0.0" "User Commands"
+.TH ZCASHD-WALLET-TOOL "1" "April 2025" "zcashd-wallet-tool v6.2.0" "User Commands"
 .SH NAME
-zcashd-wallet-tool \- manual page for zcashd-wallet-tool v6.0.0
+zcashd-wallet-tool \- manual page for zcashd-wallet-tool v6.2.0
 .SH SYNOPSIS
 .B zcashd-wallet-tool
 [\fI\,OPTIONS\/\fR]
--- a/doc/man/zcashd.1
+++ b/doc/man/zcashd.1
@ -1,9 +1,9 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.1.
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
-.TH ZCASHD "1" "October 2024" "zcashd v6.0.0" "User Commands"
+.TH ZCASHD "1" "April 2025" "zcashd v6.2.0" "User Commands"
 .SH NAME
-zcashd \- manual page for zcashd v6.0.0
+zcashd \- manual page for zcashd v6.2.0
 .SH DESCRIPTION
-Zcash Daemon version v6.0.0
+Zcash Daemon version v6.2.0
 .PP
 In order to ensure you are adequately protecting your privacy when using Zcash,
 please see <https://z.cash/support/security/>.
@ -34,10 +34,12 @@ long fork (%s in cmd is replaced by message)
 .IP
 Explicitly allow the use of the specified deprecated feature. Multiple
 instances of this parameter are permitted; values for <feature> must be
-selected from among {"none", "deprecationinfo_deprecationheight",
+selected from among {"none", "createrawtransaction",
-"gbt_oldhashes", "z_getbalance", "z_gettotalbalance", "addrtype",
+"fundrawtransaction", "getnetworkhashps", "keypoolrefill", "settxfee",
-"getnewaddress", "getrawchangeaddress", "legacy_privacy",
+"signrawtransaction", "z_gettotalbalance", "addrtype",
-"wallettxvjoinsplit", "z_getnewaddress", "z_listaddresses"}
+"deprecationinfo_deprecationheight", "gbt_oldhashes", "getnewaddress",
 "getrawchangeaddress", "legacy_privacy", "wallettxvjoinsplit",
 "z_getbalance", "z_getnewaddress", "z_listaddresses"}
 .HP
 \fB\-blocknotify=\fR<cmd>
 .IP
@ -98,7 +100,7 @@ Keep at most <n> unconnectable transactions in memory (default: 100)
 .HP
 \fB\-par=\fR<n>
 .IP
-Set the number of script verification threads (\fB\-16\fR to 16, 0 = auto, <0 =
+Set the number of script verification threads (\fB\-6\fR to 16, 0 = auto, <0 =
 leave that many cores free, default: 0)
 .HP
 \fB\-pid=\fR<file>
@ -429,8 +431,8 @@ optional). If <category> is not supplied or if <category> = 1, output
 all debugging information. <category> can be: addrman, alert, bench,
 coindb, db, http, libevent, lock, mempool, mempoolrej, net,
 partitioncheck, pow, proxy, prune, rand, receiveunsafe, reindex, rpc,
-selectcoins, tor, zmq, zrpc, zrpcunsafe (implies zrpc). For multiple
+selectcoins, tor, valuepool, zmq, zrpc, zrpcunsafe (implies zrpc). For
-specific categories use \fB\-debug=\fR<category> multiple times.
+multiple specific categories use \fB\-debug=\fR<category> multiple times.
 .HP
 \fB\-experimentalfeatures\fR
 .IP
--- a/doc/release-notes/release-notes-6.1.0.md
+++ b/doc/release-notes/release-notes-6.1.0.md
@ -0,0 +1,23 @@
 This is a maintenance release that sets a new end-of-service height to help
 ensure continuity of services.
 Changelog
 =========
 Daira-Emma Hopwood (6):
      Funding streams: Rename INSUFFICIENT_ADDRESSES to INSUFFICIENT_RECIPIENTS.
      sapling::Builder: add funding stream outputs in a more predictable order. Previously it was deterministic, but depended on details of the `operator<` implementations of `FundingStreamRecipient`, `SaplingPaymentAddress`, and `CScript`. Now it is just the same order as in `vFundingStreams`.
      Simplify `GetActiveFundingStreamElements`.
      gtest/test_checkblock.cpp: fix a bug in MockCValidationState that was causing a test warning.
      Miner tests: correct a comment, and add another similar comment where it applies. Doc-only.
      Update Daira-Emma Hopwood's gpg keys.
 Jack Grigg (4):
      qa: Fix line wrapping in `show_help`
      qa: Postpone all dependency updates until after 6.1.0
      make-release.py: Versioning changes for 6.1.0.
      make-release.py: Updated manpages for 6.1.0.
 Larry Ruane (1):
      move Lockbox value logging behind category valuepool
--- a/doc/release-notes/release-notes-6.2.0-rc1.md
+++ b/doc/release-notes/release-notes-6.2.0-rc1.md
@ -0,0 +1,80 @@
 Notable changes
 ===============
 zcashd is being deprecated in 2025. Full nodes are being migrated to zebrad,
 and the Zallet wallet is being built as a replacement for the zcashd wallet.
 For some of zcashd's JSON-RPC methods, zebrad or Zallet should be a drop-in
 replacement. Other JSON-RPC methods may require modified usage, and some
 JSON-RPC methods will not be supported.
 You can find all information about the zcashd deprecation process on this
 webpage, which you can monitor for future updates:
 <https://z.cash/support/zcashd-deprecation/>
 We are collecting information about how zcashd users are currently using the
 existing JSON-RPC methods. The above webpage has a link to a spreadsheet
 containing the information we have collected so far, and the planned status
 for each JSON-RPC method based on that information. If you have not provided
 feedback to us about how you are using the zcashd JSON-RPC interface, please
 do so as soon as possible.
 To confirm that you are aware that zcashd is being deprecated and that you
 will need to migrate to zebrad and/or Zallet in 2025, add the following
 option to your config file:
 i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025=1
 RPC Changes
 -----------
 * The RPC methods `keypoolrefill`, `settxfee`, `createrawtransaction`,
  `fundrawtransaction`, and `signrawtransaction` have been deprecated, but
  are still enabled by default.
 * The RPC methods `z_getbalance` (which was previously deprecated), and
  `getnetworkhashps`, and the features `deprecationinfo_deprecationheight`
  and `gbt_oldhashes`, have been disabled by default. The `addrtype` feature
  is now disabled by default even when zcashd is compiled without the
  `ENABLE_WALLET` flag.
 Changelog
 =========
 Daira-Emma Hopwood (16):
      [doc] user/deprecation.md: add the version in which each feature was default-disabled.
      Deprecate RPC methods { `getnetworkhashps`, `keypoolrefill`, `settxfee`, `createrawtransaction`, `fundrawtransaction`, `signrawtransaction` }.
      Cosmetics in deprecation messages.
      Document that `z_getpaymentdisclosure` and `z_validatepaymentdisclosure` are deprecated.
      Default-disable the RPC methods { `z_getbalance`, `getnetworkhashps` }, and the features { `gbt_oldhashes`, `deprecationinfo_deprecationheight` }. Also make sure that the `addrtype` feature is default-disabled regardless of the `ENABLE_WALLET` flag.
      Wording changes to address review comments.
      Fix RPC tests broken by deprecations.
      Allow the RPC help to be displayed for disabled methods.
      Add `i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025` to release notes.
      Postpone native updates (after thorough checking with @y4ssi).
      Fix URL to the Rust Target Tier Policy.
      Update links in the README.
      Update crossbeam-channel and tokio in `Cargo.lock` to avoid vulnerable versions and pass `cargo audit`.
      Correction to the 6.2.0-rc1 release notes.
      make-release.py: Versioning changes for 6.2.0-rc1.
      make-release.py: Updated manpages for 6.2.0-rc1.
 Jack Grigg (9):
      depends: utfcpp 4.0.6
      depends: native_fmt 11.1.1
      depends: native_xxhash 0.8.3
      depends: native_cmake 3.31.3
      cargo vet prune
      depends: cxx 1.0.136
      cargo update
      CI: Migrate to `cargo-vet 0.10`
      Add a warning modal for zcashd deprecation
 Larry Ruane (1):
      fix CI lint error
 Maciej S. Szmigiero (1):
      dbwrapper: Bump max file size to 32 MiB
 Marius Kjærstad (1):
      New checkpoint at block 2800000 for mainnet
--- a/doc/release-notes/release-notes-6.2.0.md
+++ b/doc/release-notes/release-notes-6.2.0.md
@ -0,0 +1,100 @@
 Notable changes
 ===============
 zcashd is being deprecated in 2025. Full nodes are being migrated to zebrad,
 and the Zallet wallet is being built as a replacement for the zcashd wallet.
 For some of zcashd's JSON-RPC methods, zebrad or Zallet should be a drop-in
 replacement. Other JSON-RPC methods may require modified usage, and some
 JSON-RPC methods will not be supported.
 You can find all information about the zcashd deprecation process on this
 webpage, which you can monitor for future updates:
 <https://z.cash/support/zcashd-deprecation/>
 We are collecting information about how zcashd users are currently using the
 existing JSON-RPC methods. The above webpage has a link to a spreadsheet
 containing the information we have collected so far, and the planned status
 for each JSON-RPC method based on that information. If you have not provided
 feedback to us about how you are using the zcashd JSON-RPC interface, please
 do so as soon as possible.
 To confirm that you are aware that zcashd is being deprecated and that you
 will need to migrate to zebrad and/or Zallet in 2025, add the following
 option to your config file:
 i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025=1
 Platform Support
 ----------------
 - Ubuntu 20.04 LTS has been removed from the list of supported platforms. It
  will reach End of Support on May 31st 2025, but it no longer satisfies our
  Tier 2 policy requirements because GitHub no longer supports Ubuntu 20.04
  runners.
 RPC Changes
 -----------
 * The RPC methods `keypoolrefill`, `settxfee`, `createrawtransaction`,
  `fundrawtransaction`, and `signrawtransaction` have been deprecated, but
  are still enabled by default.
 * The RPC methods `z_getbalance` (which was previously deprecated), and
  `getnetworkhashps`, and the features `deprecationinfo_deprecationheight`
  and `gbt_oldhashes`, have been disabled by default. The `addrtype` feature
  is now disabled by default even when zcashd is compiled without the
  `ENABLE_WALLET` flag.
 Changelog
 =========
 Daira-Emma Hopwood (28):
      [doc] user/deprecation.md: add the version in which each feature was default-disabled.
      Deprecate RPC methods { `getnetworkhashps`, `keypoolrefill`, `settxfee`, `createrawtransaction`, `fundrawtransaction`, `signrawtransaction` }.
      Cosmetics in deprecation messages.
      Document that `z_getpaymentdisclosure` and `z_validatepaymentdisclosure` are deprecated.
      Default-disable the RPC methods { `z_getbalance`, `getnetworkhashps` }, and the features { `gbt_oldhashes`, `deprecationinfo_deprecationheight` }. Also make sure that the `addrtype` feature is default-disabled regardless of the `ENABLE_WALLET` flag.
      Wording changes to address review comments.
      Fix RPC tests broken by deprecations.
      Allow the RPC help to be displayed for disabled methods.
      Add `i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025` to release notes.
      Postpone native updates (after thorough checking with @y4ssi).
      Fix URL to the Rust Target Tier Policy.
      Update links in the README.
      Update crossbeam-channel and tokio in `Cargo.lock` to avoid vulnerable versions and pass `cargo audit`.
      Correction to the 6.2.0-rc1 release notes.
      make-release.py: Versioning changes for 6.2.0-rc1.
      make-release.py: Updated manpages for 6.2.0-rc1.
      make-release.py: Updated release notes and changelog for 6.2.0-rc1.
      make-release.py: Updated book for 6.2.0-rc1.
      Trivial doc update to poke CI.
      Update audits.
      Postpone C++ dependency updates for the v6.2.0 release.
      Remove Ubuntu 20.04 from the list of supported platforms because GitHub no longer supports CI runners for it.
      contrib/devtools/symbol-check.py: Update allowed library versions and documentation.
      CI: Bump the Ubuntu runner version used for Debian.
      Move Ubuntu 22.04 support to Tier 1.
      CI: Test on Ubuntu 24.04 as Tier 3.
      make-release.py: Versioning changes for 6.2.0.
      make-release.py: Updated manpages for 6.2.0.
 Jack Grigg (9):
      depends: utfcpp 4.0.6
      depends: native_fmt 11.1.1
      depends: native_xxhash 0.8.3
      depends: native_cmake 3.31.3
      cargo vet prune
      depends: cxx 1.0.136
      cargo update
      CI: Migrate to `cargo-vet 0.10`
      Add a warning modal for zcashd deprecation
 Larry Ruane (1):
      fix CI lint error
 Maciej S. Szmigiero (1):
      dbwrapper: Bump max file size to 32 MiB
 Marius Kjærstad (1):
      New checkpoint at block 2800000 for mainnet
--- a/qa/rpc-tests/getblocktemplate.py
+++ b/qa/rpc-tests/getblocktemplate.py
@ -44,6 +44,7 @@ class GetBlockTemplateTest(BitcoinTestFramework):
            nuparams(NU5_BRANCH_ID, 230),
            "-allowdeprecated=getnewaddress",
            "-allowdeprecated=z_getbalance",
            "-allowdeprecated=gbt_oldhashes",
        ]
        self.nodes = start_nodes(self.num_nodes, self.options.tmpdir, [args] * self.num_nodes)
        self.is_network_split = False
--- a/qa/rpc-tests/mempool_packages.py
+++ b/qa/rpc-tests/mempool_packages.py
@ -32,6 +32,8 @@ class MempoolPackagesTest(BitcoinTestFramework):
            '-maxorphantx=%d' % (self.limitdescendantcount,),
            '-debug',
            '-allowdeprecated=getnewaddress',
            '-allowdeprecated=createrawtransaction',
            '-allowdeprecated=signrawtransaction',
        ]
        self.nodes = []
        self.nodes.append(start_node(0, self.options.tmpdir, base_args))
@ -195,6 +197,7 @@ class MempoolPackagesTest(BitcoinTestFramework):
        value = utxo[0]['amount']
        vout = utxo[0]['vout']
        fee = conventional_fee(8)
        send_value = satoshi_round((value - fee)/2)
        inputs = [ {'txid' : txid, 'vout' : vout} ]
        outputs = {}
--- a/qa/rpc-tests/show_help.py
+++ b/qa/rpc-tests/show_help.py
@ -40,10 +40,12 @@ Options:
  -allowdeprecated=<feature>
       Explicitly allow the use of the specified deprecated feature. Multiple
       instances of this parameter are permitted; values for <feature> must be
-       selected from among {"none", "deprecationinfo_deprecationheight",
+       selected from among {"none", "createrawtransaction",
-       "gbt_oldhashes", "z_getbalance", "z_gettotalbalance", "addrtype",
+       "fundrawtransaction", "getnetworkhashps", "keypoolrefill", "settxfee",
-       "getnewaddress", "getrawchangeaddress", "legacy_privacy",
+       "signrawtransaction", "z_gettotalbalance", "addrtype",
-       "wallettxvjoinsplit", "z_getnewaddress", "z_listaddresses"}
+       "deprecationinfo_deprecationheight", "gbt_oldhashes", "getnewaddress",
       "getrawchangeaddress", "legacy_privacy", "wallettxvjoinsplit",
       "z_getbalance", "z_getnewaddress", "z_listaddresses"}
  -blocknotify=<cmd>
       Execute command when the best block changes (%s in cmd is replaced by
@ -430,8 +432,8 @@ Debugging/Testing options:
       all debugging information. <category> can be: addrman, alert, bench,
       coindb, db, http, libevent, lock, mempool, mempoolrej, net,
       partitioncheck, pow, proxy, prune, rand, receiveunsafe, reindex, rpc,
-       selectcoins, tor, zmq, zrpc, zrpcunsafe (implies zrpc). For multiple
+       selectcoins, tor, valuepool, zmq, zrpc, zrpcunsafe (implies zrpc). For
-       specific categories use -debug=<category> multiple times.
+       multiple specific categories use -debug=<category> multiple times.
  -experimentalfeatures
       Enable use of experimental features
--- a/qa/rpc-tests/test_framework/util.py
+++ b/qa/rpc-tests/test_framework/util.py
@ -260,6 +260,7 @@ def initialize_chain(test_dir, num_nodes, cachedir, cache_behavior='current'):
            datadir = initialize_datadir(cachedir, i)
            args = [ zcashd_binary(), "-keypool=1", "-datadir="+datadir, "-discover=0" ]
            args.extend([
                '-i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025',
                '-nuparams=5ba81b19:1', # Overwinter
                '-nuparams=76b809bb:1', # Sapling
                '-mocktime=%d' % block_time
@ -482,6 +483,7 @@ def start_node(i, dirname, extra_args=None, rpchost=None, timewait=None, binary=
        binary = zcashd_binary()
    args = [ binary, "-datadir="+datadir, "-keypool=1", "-discover=0", "-rest" ]
    args.extend([
        '-i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025',
        '-nuparams=5ba81b19:1', # Overwinter
        '-nuparams=76b809bb:1', # Sapling
    ])
--- a/qa/rpc-tests/wallet_deprecation.py
+++ b/qa/rpc-tests/wallet_deprecation.py
@ -74,7 +74,7 @@ class WalletDeprecationTest(BitcoinTestFramework):
        except JSONRPCException as e:
            errorString = e.error['message']
        assert_true(
-            "DEPRECATED" in errorString,
+            "DISABLED" in errorString,
            "'%s' not disabled (%s)" % (
                function,
                "failed with '%s'" % errorString if len(errorString) > 0 else "succeeded",
--- a/qa/supply-chain/audits.toml
+++ b/qa/supply-chain/audits.toml
@ -579,6 +579,11 @@ via its methods (one of which is now usable with the new MSRV) instead of via
 casting.
 """
 [[audits.crossbeam-utils]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "0.8.20 -> 0.8.21"
 [[audits.crypto-common]]
 who = "Jack Grigg <jack@z.cash>"
 criteria = ["crypto-reviewed", "safe-to-deploy"]
@ -712,6 +717,18 @@ notes = """
 used as the ZST `SyncUnsafeCell<PhantomData<()>>` to fix an LLVM miscompilation.
 """
 [[audits.cxx]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.128 -> 1.0.136"
 notes = """
 - Change to build script is to raise MSRV.
 - Changes to `unsafe` blocks are a refactor to expose pointers from `UniquePtr`.
  The existing usages are effectively unaltered.
 - The hasher is changed from SipHash-1-3 to foldhash-q. This means the hasher is
  faster, but no longer resistant to HashDoS.
 """
 [[audits.cxxbridge-flags]]
 who = "Daira Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
@ -778,6 +795,16 @@ who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.121 -> 1.0.122"
 [[audits.cxxbridge-flags]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.135 -> 1.0.136"
 [[audits.cxxbridge-flags]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.146 -> 1.0.158"
 [[audits.cxxbridge-macro]]
 who = "Daira Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
@ -873,6 +900,15 @@ who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.126 -> 1.0.128"
 [[audits.cxxbridge-macro]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.128 -> 1.0.136"
 notes = """
 Changes to generated `unsafe` code are to add the new `unsafe` annotations added
 in Rust 1.82 to the `extern` blocks.
 """
 [[audits.der]]
 who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
@ -1062,6 +1098,15 @@ criteria = "safe-to-deploy"
 delta = "0.3.29 -> 0.3.30"
 notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute."
 [[audits.futures-channel]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "0.3.30 -> 0.3.31"
 notes = """
 Changes to `unsafe` code are only to wrap the internals of some `unsafe fn`s int
 `unsafe` blocks for added clarity.
 """
 [[audits.futures-core]]
 who = "Jack Grigg <jack@z.cash>"
 criteria = "safe-to-deploy"
@ -1369,6 +1414,11 @@ who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "2.9.0 -> 2.10.0"
 [[audits.ipnet]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "2.10.0 -> 2.10.1"
 [[audits.itoa]]
 who = "Jack Grigg <jack@z.cash>"
 criteria = "safe-to-deploy"
@ -1519,6 +1569,12 @@ who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
 delta = "0.4.20 -> 0.4.21"
 [[audits.macro_find_and_replace]]
 who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
 version = "1.0.0"
 notes = "Fully reviewed. No problems found other than a few typos in documentation (filed https://github.com/lord-ne/rust-macro-find-and-replace/pull/1 )."
 [[audits.maybe-rayon]]
 who = "Sean Bowe <ewillbefull@gmail.com>"
 criteria = "safe-to-deploy"
@ -1560,6 +1616,12 @@ criteria = "safe-to-deploy"
 delta = "0.2.0 -> 0.2.1"
 notes = "Exposes an existing macro. Note that I am the author of the crate."
 [[audits.memuse]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "0.2.1 -> 0.2.2"
 notes = "Adds no-std support; no other changes. Note that I am the author of the crate."
 [[audits.metrics]]
 who = "Jack Grigg <jack@z.cash>"
 criteria = "safe-to-deploy"
@ -2172,6 +2234,11 @@ criteria = "safe-to-deploy"
 delta = "0.38.28 -> 0.38.32"
 notes = "Cursory review."
 [[audits.rustversion]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.18 -> 1.0.19"
 [[audits.ryu]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
@ -2265,6 +2332,11 @@ who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.193 -> 1.0.194"
 [[audits.serde]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.216 -> 1.0.217"
 [[audits.serde_derive]]
 who = "Jack Grigg <jack@z.cash>"
 criteria = "safe-to-deploy"
@ -2306,6 +2378,11 @@ who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.193 -> 1.0.194"
 [[audits.serde_derive]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.0.216 -> 1.0.217"
 [[audits.serde_json]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
@ -2738,6 +2815,22 @@ criteria = "safe-to-deploy"
 delta = "1.35.1 -> 1.37.0"
 notes = "Cursory review, but new and changed uses of `unsafe` code look fine, as far as I can see."
 [[audits.tokio]]
 who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
 delta = "1.40.0 -> 1.42.0"
 notes = """
 Changes to unsafe code look reasonable. There are new unsafe APIs but their safety requirements are documented.
 This release has a vulnerability (https://rustsec.org/advisories/RUSTSEC-2025-0023) but it is not a regression relative
 to 1.40.0. Update to 1.42.1 to fix that.
 """
 [[audits.tokio]]
 who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
 delta = "1.42.0 -> 1.42.1"
 notes = "Plausible fix to https://rustsec.org/advisories/RUSTSEC-2025-0023 ."
 [[audits.toml_datetime]]
 who = "Jack Grigg <jack@z.cash>"
 criteria = "safe-to-deploy"
@ -3056,7 +3149,7 @@ end = "2024-09-21"
 criteria = ["safe-to-deploy", "crypto-reviewed"]
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-09-22"
-end = "2024-09-21"
+end = "2026-01-02"
 [[trusted.halo2_gadgets]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
@ -3064,12 +3157,24 @@ user-id = 1244 # ebfull
 start = "2022-05-10"
 end = "2024-09-21"
 [[trusted.halo2_gadgets]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
 user-id = 6289 # Jack Grigg (str4d)
 start = "2022-02-15"
 end = "2026-01-02"
 [[trusted.halo2_legacy_pdqsort]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
-user-id = 199950 # Daira Emma Hopwood (daira)
+user-id = 199950 # Daira-Emma Hopwood (daira)
 start = "2023-02-24"
 end = "2024-09-21"
 [[trusted.halo2_poseidon]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
 user-id = 6289 # Jack Grigg (str4d)
 start = "2024-12-13"
 end = "2026-01-02"
 [[trusted.halo2_proofs]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
 user-id = 1244 # ebfull
@ -3078,14 +3183,14 @@ end = "2024-09-21"
 [[trusted.incrementalmerkletree]]
 criteria = "safe-to-deploy"
-user-id = 6289 # Jack Grigg (str4d)
+user-id = 1244 # ebfull
-start = "2021-12-17"
+start = "2021-06-24"
 end = "2024-09-21"
 [[trusted.incrementalmerkletree]]
 criteria = "safe-to-deploy"
-user-id = 1244 # ebfull
+user-id = 6289 # Jack Grigg (str4d)
-start = "2021-06-24"
+start = "2021-12-17"
 end = "2024-09-21"
 [[trusted.incrementalmerkletree]]
@ -3101,10 +3206,10 @@ start = "2024-09-25"
 end = "2025-10-02"
 [[trusted.orchard]]
-criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
+criteria = "safe-to-deploy"
-user-id = 6289 # Jack Grigg (str4d)
+user-id = 169181 # Kris Nuttycombe (nuttycom)
-start = "2021-01-07"
+start = "2024-08-12"
-end = "2024-09-21"
+end = "2025-10-02"
 [[trusted.orchard]]
 criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
@ -3113,7 +3218,13 @@ start = "2022-10-19"
 end = "2024-09-21"
 [[trusted.orchard]]
-criteria = "safe-to-deploy"
+criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-01-07"
 end = "2024-09-21"
 [[trusted.sapling-crypto]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
 user-id = 169181 # Kris Nuttycombe (nuttycom)
 start = "2024-08-12"
 end = "2025-10-02"
@ -3124,11 +3235,11 @@ user-id = 6289 # Jack Grigg (str4d)
 start = "2024-01-26"
 end = "2025-03-18"
-[[trusted.sapling-crypto]]
+[[trusted.sinsemilla]]
 criteria = ["safe-to-deploy", "crypto-reviewed"]
-user-id = 169181 # Kris Nuttycombe (nuttycom)
+user-id = 6289 # Jack Grigg (str4d)
-start = "2024-08-12"
+start = "2024-12-13"
-end = "2025-10-02"
+end = "2026-01-02"
 [[trusted.windows-sys]]
 criteria = "safe-to-deploy"
@ -3214,6 +3325,12 @@ user-id = 1244 # ebfull
 start = "2022-10-19"
 end = "2024-09-21"
 [[trusted.zcash_encoding]]
 criteria = "safe-to-deploy"
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-08-31"
 end = "2026-01-02"
 [[trusted.zcash_history]]
 criteria = "safe-to-deploy"
 user-id = 1244 # ebfull
@ -3233,10 +3350,16 @@ start = "2023-03-22"
 end = "2024-09-21"
 [[trusted.zcash_primitives]]
-criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
+criteria = "safe-to-deploy"
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-03-26"
-end = "2024-09-21"
+end = "2025-10-02"
 [[trusted.zcash_primitives]]
 criteria = "safe-to-deploy"
 user-id = 169181 # Kris Nuttycombe (nuttycom)
 start = "2024-08-20"
 end = "2025-08-26"
 [[trusted.zcash_primitives]]
 criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
@ -3245,23 +3368,17 @@ start = "2019-10-08"
 end = "2024-09-21"
 [[trusted.zcash_primitives]]
 criteria = "safe-to-deploy"
 user-id = 169181 # Kris Nuttycombe (nuttycom)
 start = "2024-08-20"
 end = "2025-08-26"
 [[trusted.zcash_primitives]]
 criteria = "safe-to-deploy"
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-03-26"
 end = "2025-10-02"
 [[trusted.zcash_proofs]]
 criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-03-26"
 end = "2024-09-21"
 [[trusted.zcash_proofs]]
 criteria = "safe-to-deploy"
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-03-26"
 end = "2025-10-02"
 [[trusted.zcash_proofs]]
 criteria = "safe-to-deploy"
 user-id = 169181 # Kris Nuttycombe (nuttycom)
@ -3269,10 +3386,10 @@ start = "2024-08-20"
 end = "2025-08-26"
 [[trusted.zcash_proofs]]
-criteria = "safe-to-deploy"
+criteria = ["safe-to-deploy", "crypto-reviewed", "license-reviewed"]
 user-id = 6289 # Jack Grigg (str4d)
 start = "2021-03-26"
-end = "2025-10-02"
+end = "2024-09-21"
 [[trusted.zcash_protocol]]
 criteria = "safe-to-deploy"
@ -3286,6 +3403,12 @@ user-id = 6289 # Jack Grigg (str4d)
 start = "2023-12-07"
 end = "2025-03-18"
 [[trusted.zcash_transparent]]
 criteria = "safe-to-deploy"
 user-id = 169181 # Kris Nuttycombe (nuttycom)
 start = "2024-12-17"
 end = "2026-05-08"
 [[trusted.zip32]]
 criteria = "safe-to-deploy"
 user-id = 6289 # Jack Grigg (str4d)
--- a/qa/supply-chain/config.toml
+++ b/qa/supply-chain/config.toml
@ -2,7 +2,7 @@
 # cargo-vet config file
 [cargo-vet]
-version = "0.9"
+version = "0.10"
 [imports.bytecode-alliance]
 url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"
@ -55,7 +55,7 @@ version = "1.0.1"
 criteria = "safe-to-deploy"
 [[exemptions.bech32]]
-version = "0.8.1"
+version = "0.11.0"
 criteria = "safe-to-deploy"
 [[exemptions.bellman]]
@ -63,7 +63,7 @@ version = "0.13.0"
 criteria = "safe-to-deploy"
 [[exemptions.bip0039]]
-version = "0.9.0"
+version = "0.12.0"
 criteria = "safe-to-deploy"
 [[exemptions.bip32]]
@ -106,18 +106,18 @@ criteria = "safe-to-deploy"
 version = "0.9.0"
 criteria = "safe-to-deploy"
 [[exemptions.cipher]]
 version = "0.3.0"
 criteria = "safe-to-deploy"
 [[exemptions.clearscreen]]
-version = "1.0.9"
+version = "4.0.1"
 criteria = "safe-to-deploy"
 [[exemptions.const-oid]]
 version = "0.9.6"
 criteria = "safe-to-deploy"
 [[exemptions.core2]]
 version = "0.3.3"
 criteria = "safe-to-deploy"
 [[exemptions.cpufeatures]]
 version = "0.2.13"
 criteria = "safe-to-deploy"
@ -127,7 +127,7 @@ version = "0.5.6"
 criteria = "safe-to-deploy"
 [[exemptions.crossbeam-deque]]
-version = "0.8.2"
+version = "0.8.6"
 criteria = "safe-to-deploy"
 [[exemptions.crossbeam-epoch]]
@ -147,11 +147,11 @@ version = "0.1.0"
 criteria = "safe-to-deploy"
 [[exemptions.cxx]]
-version = "1.0.126"
+version = "1.0.158"
 criteria = "safe-to-deploy"
 [[exemptions.cxxbridge-macro]]
-version = "1.0.126"
+version = "1.0.158"
 criteria = "safe-to-deploy"
 [[exemptions.der]]
@ -162,14 +162,6 @@ criteria = "safe-to-deploy"
 version = "0.9.0"
 criteria = "safe-to-deploy"
 [[exemptions.dirs]]
 version = "2.0.2"
 criteria = "safe-to-deploy"
 [[exemptions.dirs-sys]]
 version = "0.3.7"
 criteria = "safe-to-deploy"
 [[exemptions.ed25519]]
 version = "2.2.1"
 criteria = "safe-to-deploy"
@ -178,6 +170,10 @@ criteria = "safe-to-deploy"
 version = "3.0.0"
 criteria = "safe-to-deploy"
 [[exemptions.env_home]]
 version = "0.1.0"
 criteria = "safe-to-deploy"
 [[exemptions.ff]]
 version = "0.12.0"
 criteria = "safe-to-deploy"
@ -210,8 +206,8 @@ criteria = "safe-to-deploy"
 version = "0.2.6"
 criteria = "safe-to-deploy"
-[[exemptions.gimli]]
+[[exemptions.getset]]
-version = "0.29.0"
+version = "0.1.4"
 criteria = "safe-to-deploy"
 [[exemptions.group]]
@ -270,24 +266,20 @@ criteria = "safe-to-deploy"
 version = "0.9.0"
 criteria = "safe-to-deploy"
 [[exemptions.known-folders]]
 version = "1.2.0"
 criteria = "safe-to-deploy"
 [[exemptions.libc]]
-version = "0.2.159"
+version = "0.2.172"
 criteria = "safe-to-deploy"
 [[exemptions.libm]]
 version = "0.2.2"
 criteria = "safe-to-deploy"
-[[exemptions.libredox]]
+[[exemptions.linux-raw-sys]]
-version = "0.0.1"
+version = "0.4.14"
 criteria = "safe-to-deploy"
 [[exemptions.linux-raw-sys]]
-version = "0.4.14"
+version = "0.9.4"
 criteria = "safe-to-deploy"
 [[exemptions.memchr]]
@ -351,7 +343,7 @@ version = "0.22.0"
 criteria = "safe-to-deploy"
 [[exemptions.password-hash]]
-version = "0.3.2"
+version = "0.5.0"
 criteria = "safe-to-deploy"
 [[exemptions.pasta_curves]]
@ -359,7 +351,7 @@ version = "0.4.0"
 criteria = "safe-to-deploy"
 [[exemptions.pbkdf2]]
-version = "0.9.0"
+version = "0.12.2"
 criteria = "safe-to-deploy"
 [[exemptions.phf]]
@ -398,8 +390,16 @@ criteria = "safe-to-deploy"
 version = "0.12.2"
 criteria = "safe-to-deploy"
 [[exemptions.proc-macro-error-attr2]]
 version = "2.0.0"
 criteria = "safe-to-deploy"
 [[exemptions.proc-macro-error2]]
 version = "2.0.1"
 criteria = "safe-to-deploy"
 [[exemptions.proptest]]
-version = "1.5.0"
+version = "1.6.0"
 criteria = "safe-to-deploy"
 [[exemptions.quanta]]
@ -414,10 +414,6 @@ criteria = "safe-to-deploy"
 version = "0.7.0"
 criteria = "safe-to-deploy"
 [[exemptions.rand]]
 version = "0.8.5"
 criteria = "safe-to-deploy"
 [[exemptions.raw-cpuid]]
 version = "10.6.0"
 criteria = "safe-to-deploy"
@ -426,10 +422,6 @@ criteria = "safe-to-deploy"
 version = "0.3.0"
 criteria = "safe-to-deploy"
 [[exemptions.redox_users]]
 version = "0.4.6"
 criteria = "safe-to-deploy"
 [[exemptions.regex]]
 version = "1.10.6"
 criteria = "safe-to-deploy"
@ -458,6 +450,10 @@ criteria = "safe-to-deploy"
 version = "0.38.34"
 criteria = "safe-to-deploy"
 [[exemptions.rustix]]
 version = "1.0.7"
 criteria = "safe-to-deploy"
 [[exemptions.rusty-fork]]
 version = "0.3.0"
 criteria = "safe-to-deploy"
@ -474,14 +470,6 @@ criteria = "safe-to-deploy"
 version = "0.8.0"
 criteria = "safe-to-deploy"
 [[exemptions.sha2]]
 version = "0.10.8"
 criteria = "safe-to-deploy"
 [[exemptions.shlex]]
 version = "1.3.0"
 criteria = "safe-to-deploy"
 [[exemptions.siphasher]]
 version = "0.3.10"
 criteria = "safe-to-deploy"
@ -502,16 +490,12 @@ criteria = "safe-to-deploy"
 version = "0.7.3"
 criteria = "safe-to-deploy"
 [[exemptions.subtle]]
 version = "2.4.1"
 criteria = "safe-to-deploy"
 [[exemptions.syn]]
 version = "1.0.102"
 criteria = "safe-to-deploy"
 [[exemptions.syn]]
-version = "2.0.75"
+version = "2.0.94"
 criteria = "safe-to-deploy"
 [[exemptions.tempfile]]
@ -519,7 +503,15 @@ version = "3.12.0"
 criteria = "safe-to-deploy"
 [[exemptions.terminfo]]
-version = "0.8.0"
+version = "0.9.0"
 criteria = "safe-to-deploy"
 [[exemptions.thiserror]]
 version = "2.0.12"
 criteria = "safe-to-deploy"
 [[exemptions.thiserror-impl]]
 version = "2.0.12"
 criteria = "safe-to-deploy"
 [[exemptions.time]]
@ -595,7 +587,7 @@ version = "0.3.70"
 criteria = "safe-to-deploy"
 [[exemptions.which]]
-version = "6.0.3"
+version = "7.0.3"
 criteria = "safe-to-deploy"
 [[exemptions.winapi]]
@ -633,11 +625,3 @@ criteria = "safe-to-deploy"
 [[exemptions.zerocopy-derive]]
 version = "0.7.35"
 criteria = "safe-to-deploy"
 [[exemptions.zeroize]]
 version = "1.8.1"
 criteria = "safe-to-deploy"
 [[exemptions.zeroize_derive]]
 version = "1.3.2"
 criteria = "safe-to-deploy"
--- a/qa/supply-chain/imports.lock
+++ b/qa/supply-chain/imports.lock
@ -23,24 +23,32 @@ user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.f4jumble]]
-version = "0.1.0"
+version = "0.1.1"
-when = "2022-05-10"
+when = "2024-12-13"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.halo2_gadgets]]
-version = "0.3.0"
+version = "0.3.1"
-when = "2023-03-22"
+when = "2024-12-16"
-user-id = 1244
+user-id = 6289
-user-login = "ebfull"
+user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.halo2_legacy_pdqsort]]
 version = "0.1.0"
 when = "2023-03-10"
 user-id = 199950
 user-login = "daira"
-user-name = "Daira Emma Hopwood"
+user-name = "Daira-Emma Hopwood"
 [[publisher.halo2_poseidon]]
 version = "0.1.0"
 when = "2024-12-16"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.halo2_proofs]]
 version = "0.3.0"
@ -49,33 +57,40 @@ user-id = 1244
 user-login = "ebfull"
 [[publisher.incrementalmerkletree]]
-version = "0.7.0"
+version = "0.7.1"
-when = "2024-09-25"
+when = "2024-12-16"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.incrementalmerkletree-testing]]
-version = "0.1.0"
+version = "0.2.0"
-when = "2024-09-25"
+when = "2024-10-04"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.orchard]]
-version = "0.10.0"
+version = "0.10.2"
-when = "2024-10-02"
+when = "2025-05-08"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.sapling-crypto]]
-version = "0.3.0"
+version = "0.4.0"
-when = "2024-10-02"
+when = "2024-12-17"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.sinsemilla]]
 version = "0.1.0"
 when = "2024-12-14"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.unicode-normalization]]
 version = "0.1.23"
 when = "2024-02-20"
@ -154,17 +169,18 @@ user-login = "kennykerr"
 user-name = "Kenny Kerr"
 [[publisher.zcash_address]]
-version = "0.6.0"
+version = "0.6.2"
-when = "2024-10-02"
+when = "2024-12-13"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.zcash_encoding]]
-version = "0.2.0"
+version = "0.2.2"
-when = "2022-10-19"
+when = "2024-12-13"
-user-id = 1244
+user-id = 6289
-user-login = "ebfull"
+user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.zcash_history]]
 version = "0.4.0"
@ -173,44 +189,44 @@ user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
-[[publisher.zcash_note_encryption]]
+[[publisher.zcash_primitives]]
-version = "0.4.0"
+version = "0.21.0"
-when = "2023-06-06"
+when = "2024-12-17"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.zcash_primitives]]
 version = "0.19.0"
 when = "2024-10-02"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.zcash_proofs]]
-version = "0.19.0"
+version = "0.21.0"
-when = "2024-10-02"
+when = "2024-12-17"
-user-id = 6289
+user-id = 169181
-user-login = "str4d"
+user-login = "nuttycom"
-user-name = "Jack Grigg"
+user-name = "Kris Nuttycombe"
 [[publisher.zcash_protocol]]
-version = "0.4.0"
+version = "0.4.3"
-when = "2024-10-02"
+when = "2024-12-17"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.zcash_spec]]
-version = "0.1.1"
+version = "0.1.2"
-when = "2024-09-20"
+when = "2024-10-22"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 [[publisher.zcash_transparent]]
 version = "0.1.0"
 when = "2024-12-17"
 user-id = 169181
 user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 [[publisher.zip32]]
-version = "0.1.1"
+version = "0.1.3"
-when = "2024-03-14"
+when = "2024-12-13"
 user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
@ -292,6 +308,12 @@ criteria = "safe-to-deploy"
 version = "1.0.0"
 notes = "I am the author of this crate."
 [[audits.bytecode-alliance.audits.cipher]]
 who = "Andrew Brown <andrew.brown@intel.com>"
 criteria = "safe-to-deploy"
 version = "0.4.4"
 notes = "Most unsafe is hidden by `inout` dependency; only remaining unsafe is raw-splitting a slice and an unreachable hint. Older versions of this regularly reach ~150k daily downloads."
 [[audits.bytecode-alliance.audits.constant_time_eq]]
 who = "Nick Fitzgerald <fitzgen@gmail.com>"
 criteria = "safe-to-deploy"
@ -320,6 +342,20 @@ criteria = "safe-to-deploy"
 delta = "0.3.0 -> 0.3.1"
 notes = "Just a dependency version bump and a bug fix for redox"
 [[audits.bytecode-alliance.audits.errno]]
 who = "Dan Gohman <dev@sunfishcode.online>"
 criteria = "safe-to-deploy"
 delta = "0.3.9 -> 0.3.10"
 [[audits.bytecode-alliance.audits.foldhash]]
 who = "Alex Crichton <alex@alexcrichton.com>"
 criteria = "safe-to-deploy"
 version = "0.1.3"
 notes = """
 Only a minor amount of `unsafe` code in this crate related to global per-process
 initialization which looks correct to me.
 """
 [[audits.bytecode-alliance.audits.futures-channel]]
 who = "Pat Hickey <phickey@fastly.com>"
 criteria = "safe-to-deploy"
@ -332,6 +368,22 @@ criteria = "safe-to-deploy"
 version = "0.3.27"
 notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
 [[audits.bytecode-alliance.audits.futures-core]]
 who = "Pat Hickey <pat@moreproductive.org>"
 criteria = "safe-to-deploy"
 delta = "0.3.28 -> 0.3.31"
 [[audits.bytecode-alliance.audits.futures-task]]
 who = "Pat Hickey <pat@moreproductive.org>"
 criteria = "safe-to-deploy"
 delta = "0.3.27 -> 0.3.31"
 [[audits.bytecode-alliance.audits.futures-util]]
 who = "Pat Hickey <pat@moreproductive.org>"
 criteria = "safe-to-deploy"
 delta = "0.3.27 -> 0.3.31"
 notes = "New waker_ref module contains \"FIXME: panics on Arc::clone / refcount changes could wreak havoc...\" comment, but this corner case feels low risk."
 [[audits.bytecode-alliance.audits.gimli]]
 who = "Alex Crichton <alex@alexcrichton.com>"
 criteria = "safe-to-deploy"
@ -452,6 +504,12 @@ criteria = "safe-to-deploy"
 version = "0.1.4"
 notes = "I always really enjoy reading eliza's code, she left perfect comments at every use of unsafe."
 [[audits.bytecode-alliance.audits.shlex]]
 who = "Alex Crichton <alex@alexcrichton.com>"
 criteria = "safe-to-deploy"
 version = "1.1.0"
 notes = "Only minor `unsafe` code blocks which look valid and otherwise does what it says on the tin."
 [[audits.bytecode-alliance.audits.static_assertions]]
 who = "Andrew Brown <andrew.brown@intel.com>"
 criteria = "safe-to-deploy"
@ -649,6 +707,65 @@ criteria = "safe-to-deploy"
 delta = "1.0.126 -> 1.0.128"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Liza Burakova <liza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.128 -> 1.0.129"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.129 -> 1.0.130"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.130 -> 1.0.131"
 notes = "no grep hits for cipher, crypto, fs, net, or unsafe"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.131 -> 1.0.135"
 notes = "No code changes in the delta"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.136 -> 1.0.137"
 notes = "The delta just removes `#![allow(clippy::let_and_return)]` from `lib.rs`."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Dustin J. Mitchell <djmitche@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.137 -> 1.0.140"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Takuto Ikuta <tikuta@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.140 -> 1.0.141"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Daniel Cheng <dcheng@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.141 -> 1.0.143"
 notes = "Only changes for rustdoc generation."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.cxxbridge-flags]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.143 -> 1.0.146"
 notes = "No actual changes in this delta - just a version bump."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.fastrand]]
 who = "George Burgess IV <gbiv@google.com>"
 criteria = "safe-to-deploy"
@ -659,6 +776,13 @@ that the RNG here is not cryptographically secure.
 """
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 [[audits.google.audits.foldhash]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "0.1.3 -> 0.1.4"
 notes = "No changes to safety-relevant code"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.httpdate]]
 who = "George Burgess IV <gbiv@google.com>"
 criteria = "safe-to-deploy"
@ -694,6 +818,15 @@ Straightforward diff between 1.0.10 and 1.0.11 - only 3 commits:
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.itoa]]
 who = "Liza Burakova <liza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.11 -> 1.0.14"
 notes = """
 Unsafe review at https://crrev.com/c/6051067
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.lazy_static]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
@ -725,6 +858,12 @@ are made about the safety of either of those libraries. :)
 """
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 [[audits.google.audits.miniz_oxide]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "0.8.0 -> 0.8.2"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.nom]]
 who = "danakj@chromium.org"
 criteria = "safe-to-deploy"
@ -811,6 +950,35 @@ Config-related changes in `test_size.rs`.
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.proc-macro2]]
 who = "danakj <danakj@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.86 -> 1.0.87"
 notes = "No new unsafe interactions."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.proc-macro2]]
 who = "Liza Burakova <liza@chromium.org"
 criteria = "safe-to-deploy"
 delta = "1.0.87 -> 1.0.89"
 notes = """
 Biggest change is adding error handling in build.rs.
 Some config related changes in wrapper.rs.
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.proc-macro2]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.89 -> 1.0.92"
 notes = """
 I looked at the delta and the previous discussion at
 https://chromium-review.googlesource.com/c/chromium/src/+/5385745/3#message-a8e2813129fa3779dab15acede408ee26d67b7f3
 and the changes look okay to me (including the `unsafe fn from_str_unchecked`
 changes in `wrapper.rs`).
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.quote]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
@ -837,6 +1005,69 @@ The delta just 1) inlines/expands `impl ToTokens` that used to be handled via
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.rand]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 version = "0.8.5"
 notes = """
 For more detailed unsafe review notes please see https://crrev.com/c/6362797
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.rustversion]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 version = "1.0.14"
 notes = """
 Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
 and there were no hits except for:
 * Using trivially-safe `unsafe` in test code:
    ```
    tests/test_const.rs:unsafe fn _unsafe() {}
    tests/test_const.rs:const _UNSAFE: () = unsafe { _unsafe() };
    ```
 * Using `unsafe` in a string:
    ```
    src/constfn.rs:            \"unsafe\" => Qualifiers::Unsafe,
    ```
 * Using `std::fs` in `build/build.rs` to write `${OUT_DIR}/version.expr`
  which is later read back via `include!` used in `src/lib.rs`.
 Version `1.0.6` of this crate has been added to Chromium in
 https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.rustversion]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.14 -> 1.0.15"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.rustversion]]
 who = "danakj <danakj@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.15 -> 1.0.16"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.rustversion]]
 who = "Dustin J. Mitchell <djmitche@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.16 -> 1.0.17"
 notes = "Just updates windows compat"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.rustversion]]
 who = "Liza Burakova <liza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.17 -> 1.0.18"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
@ -918,6 +1149,32 @@ delta = "1.0.209 -> 1.0.210"
 notes = "Almost no new code - just feature rearrangement"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde]]
 who = "Liza Burakova <liza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.210 -> 1.0.213"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde]]
 who = "Dustin J. Mitchell <djmitche@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.213 -> 1.0.214"
 notes = "No unsafe, no crypto"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.214 -> 1.0.215"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.215 -> 1.0.216"
 notes = "The delta makes minor changes in `build.rs` - switching to the `?` syntax sugar."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde_derive]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
@ -976,6 +1233,34 @@ delta = "1.0.209 -> 1.0.210"
 notes = "Almost no new code - just feature rearrangement"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde_derive]]
 who = "Liza Burakova <liza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.210 -> 1.0.213"
 notes = "Grepped for 'unsafe', 'crypt', 'cipher', 'fs', 'net' - there were no hits"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde_derive]]
 who = "Dustin J. Mitchell <djmitche@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.213 -> 1.0.214"
 notes = "No changes to unsafe, no crypto"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde_derive]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.214 -> 1.0.215"
 notes = "Minor changes should not impact UB risk"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.serde_derive]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.215 -> 1.0.216"
 notes = "The delta adds `#[automatically_derived]` in a few places.  Still no `unsafe`."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.tinyvec]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
@ -994,6 +1279,12 @@ criteria = "safe-to-deploy"
 delta = "1.7.0 -> 1.8.0"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.tinyvec]]
 who = "Adrian Taylor <adetaylor@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.8.0 -> 1.8.1"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.unicode-ident]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
@ -1017,6 +1308,13 @@ delta = "1.0.12 -> 1.0.13"
 notes = "Lots of table updates, and tables are assumed correct with unsafe `.get_unchecked()`, so ub-risk-2 is appropriate"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.google.audits.unicode-ident]]
 who = "Lukasz Anforowicz <lukasza@chromium.org>"
 criteria = "safe-to-deploy"
 delta = "1.0.13 -> 1.0.14"
 notes = "Minimal delta in `.rs` files: new test assertions + doc changes."
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 [[audits.isrg.audits.base64]]
 who = "Tim Geoghegan <timg@letsencrypt.org>"
 criteria = "safe-to-deploy"
@ -1183,6 +1481,11 @@ who = "Brandon Pitman <bran@bran.land>"
 criteria = "safe-to-deploy"
 delta = "1.18.0 -> 1.19.0"
 [[audits.isrg.audits.once_cell]]
 who = "David Cook <dcook@divviup.org>"
 criteria = "safe-to-deploy"
 delta = "1.19.0 -> 1.20.1"
 [[audits.isrg.audits.opaque-debug]]
 who = "David Cook <dcook@divviup.org>"
 criteria = "safe-to-deploy"
@ -1228,6 +1531,16 @@ who = "Ameer Ghani <inahga@divviup.org>"
 criteria = "safe-to-deploy"
 version = "1.12.1"
 [[audits.isrg.audits.sha2]]
 who = "David Cook <dcook@divviup.org>"
 criteria = "safe-to-deploy"
 version = "0.10.2"
 [[audits.isrg.audits.subtle]]
 who = "David Cook <dcook@divviup.org>"
 criteria = "safe-to-deploy"
 delta = "2.5.0 -> 2.6.1"
 [[audits.isrg.audits.thiserror]]
 who = "Brandon Pitman <bran@bran.land>"
 criteria = "safe-to-deploy"
@ -1263,7 +1576,7 @@ who = "Manish Goregaokar <manishsmail@gmail.com>"
 criteria = "safe-to-deploy"
 user-id = 1139 # Manish Goregaokar (Manishearth)
 start = "2019-11-06"
-end = "2024-05-03"
+end = "2026-02-01"
 notes = "All code written or reviewed by Manish"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
@ -1293,6 +1606,18 @@ criteria = "safe-to-deploy"
 delta = "0.5.2 -> 0.5.3"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.bit-set]]
 who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.5.3 -> 0.6.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.bit-set]]
 who = "Jim Blandy <jimb@red-bean.com>"
 criteria = "safe-to-deploy"
 delta = "0.6.0 -> 0.8.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.bit-vec]]
 who = "Aria Beingessner <a.beingessner@gmail.com>"
 criteria = "safe-to-deploy"
@ -1300,6 +1625,18 @@ version = "0.6.3"
 notes = "Another crate I own via contain-rs that is ancient and in maintenance mode but otherwise perfectly fine."
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.bit-vec]]
 who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.6.3 -> 0.7.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.bit-vec]]
 who = "Jim Blandy <jimb@red-bean.com>"
 criteria = "safe-to-deploy"
 delta = "0.7.0 -> 0.8.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.block-buffer]]
 who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
@ -1318,6 +1655,13 @@ criteria = "safe-to-deploy"
 delta = "1.0.78 -> 1.0.83"
 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
 [[audits.mozilla.audits.cfg_aliases]]
 who = "Alex Franchuk <afranchuk@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.1.1 -> 0.2.1"
 notes = "Very minor changes."
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.crossbeam-channel]]
 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
 criteria = "safe-to-deploy"
@ -1338,6 +1682,19 @@ delta = "0.5.11 -> 0.5.12"
 notes = "Minimal change fixing a memory leak."
 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
 [[audits.mozilla.audits.crossbeam-channel]]
 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.5.13 -> 0.5.14"
 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
 [[audits.mozilla.audits.crossbeam-channel]]
 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.5.14 -> 0.5.15"
 notes = "Fixes a regression from an earlier version which could lead to a double free"
 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
 [[audits.mozilla.audits.crossbeam-epoch]]
 who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
@ -1447,6 +1804,23 @@ criteria = "safe-to-deploy"
 delta = "0.2.7 -> 0.2.8"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.gimli]]
 who = "Alex Franchuk <afranchuk@mozilla.com>"
 criteria = "safe-to-deploy"
 version = "0.30.0"
 notes = """
 Unsafe code blocks are sound. Minimal dependencies used. No use of
 side-effectful std functions.
 """
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.gimli]]
 who = "Chris Martin <cmartin@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.30.0 -> 0.29.0"
 notes = "No unsafe code, mostly algorithms and parsing. Very unlikely to cause security issues."
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.hashbrown]]
 who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
@ -1514,6 +1888,12 @@ libc, but the usage looks correct.
 """
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.nix]]
 who = "Alex Franchuk <afranchuk@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.28.0 -> 0.29.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.num-integer]]
 who = "Josh Stone <jistone@redhat.com>"
 criteria = "safe-to-deploy"
@ -1527,6 +1907,13 @@ criteria = "safe-to-deploy"
 delta = "1.13.1 -> 1.14.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.once_cell]]
 who = "Erich Gubler <erichdongubler@gmail.com>"
 criteria = "safe-to-deploy"
 delta = "1.20.1 -> 1.20.2"
 notes = "This update works around a Cargo bug that forces the addition of `portable-atomic` into a lockfile, which we have never needed to use."
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.powerfmt]]
 who = "Alex Franchuk <afranchuk@mozilla.com>"
 criteria = "safe-to-deploy"
@ -1562,12 +1949,42 @@ criteria = "safe-to-deploy"
 delta = "0.6.27 -> 0.6.28"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.sha2]]
 who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
 delta = "0.10.2 -> 0.10.6"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.sha2]]
 who = "Jeff Muizelaar <jmuizelaar@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.10.6 -> 0.10.8"
 notes = """
 The bulk of this is https://github.com/RustCrypto/hashes/pull/490 which adds aarch64 support along with another PR adding longson.
 I didn't check the implementation thoroughly but there wasn't anything obviously nefarious. 0.10.8 has been out for more than a year
 which suggests no one else has found anything either.
 """
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.shlex]]
 who = "Max Inden <mail@max-inden.de>"
 criteria = "safe-to-deploy"
 delta = "1.1.0 -> 1.3.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.socket2]]
 who = "Kershaw Chang <kershaw@mozilla.com>"
 criteria = "safe-to-deploy"
 delta = "0.5.5 -> 0.5.7"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.subtle]]
 who = "Simon Friedberger <simon@mozilla.com>"
 criteria = "safe-to-deploy"
 version = "2.5.0"
 notes = "The goal is to provide some constant-time correctness for cryptographic implementations. The approach is reasonable, it is known to be insufficient but this is pointed out in the documentation."
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.time-core]]
 who = "Kershaw Chang <kershaw@mozilla.com>"
 criteria = "safe-to-deploy"
@ -1609,6 +2026,22 @@ criteria = "safe-to-deploy"
 delta = "1.15.0 -> 1.16.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.zeroize]]
 who = "Benjamin Beurdouche <beurdouche@mozilla.com>"
 criteria = "safe-to-deploy"
 version = "1.8.1"
 notes = """
 This code DOES contain unsafe code required to internally call volatiles
 for deleting data. This is expected and documented behavior.
 """
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.mozilla.audits.zeroize_derive]]
 who = "Benjamin Beurdouche <beurdouche@mozilla.com>"
 criteria = "safe-to-deploy"
 version = "1.4.2"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 [[audits.zcash.audits.autocfg]]
 who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
@ -1621,6 +2054,19 @@ criteria = "safe-to-deploy"
 delta = "1.11.0 -> 1.13.0"
 aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
 [[audits.zcash.audits.errno]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "0.3.10 -> 0.3.11"
 notes = "The `__errno` location for vxworks and cygwin looks correct from a quick search."
 aggregated-from = "https://raw.githubusercontent.com/zcash/wallet/main/supply-chain/audits.toml"
 [[audits.zcash.audits.getset]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "0.1.4 -> 0.1.5"
 aggregated-from = "https://raw.githubusercontent.com/zcash/wallet/main/supply-chain/audits.toml"
 [[audits.zcash.audits.hashbrown]]
 who = "Daira-Emma Hopwood <daira@jacaranda.org>"
 criteria = "safe-to-deploy"
@ -1628,6 +2074,13 @@ delta = "0.14.2 -> 0.14.5"
 notes = "I did not thoroughly check the safety argument for fold_impl, but it at least seems to be well documented."
 aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
 [[audits.zcash.audits.known-folders]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
 delta = "1.1.0 -> 1.2.0"
 notes = "Change to `unsafe` block is adapting to the `windows-sys` crate's API change."
 aggregated-from = "https://raw.githubusercontent.com/zcash/wallet/main/supply-chain/audits.toml"
 [[audits.zcash.audits.memchr]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
@ -1709,9 +2162,9 @@ notes = """
 """
 aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
-[[audits.zcash.audits.zcash_encoding]]
+[[audits.zcash.audits.zcash_note_encryption]]
 who = "Kris Nuttycombe <kris@nutty.land>"
 criteria = "safe-to-deploy"
-delta = "0.2.0 -> 0.2.1"
+version = "0.4.1"
-notes = "This release adds minor convenience methods and involves no unsafe code."
+notes = "Additive-only change that exposes the ability to decrypt by pk_d and esk. No functional changes."
 aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
--- a/qa/zcash/postponed-updates.txt
+++ b/qa/zcash/postponed-updates.txt
@ -5,21 +5,67 @@
 #
 # Boost 1.84.0 causes gtests to fail on macOS.
-boost 1.84.0 2024-12-15
+boost 1.84.0 2025-12-31
-boost 1.85.0 2024-12-15
+boost 1.85.0 2025-12-31
-boost 1.86.0 2024-12-15
+boost 1.86.0 2025-12-31
-native_b2 1.84.0 2024-12-15
+boost 1.87.0 2025-12-31
-native_b2 1.85.0 2024-12-15
+boost 1.88.0 2025-12-31
-native_b2 1.86.0 2024-12-15
+native_b2 1.84.0 2025-12-31
 native_b2 1.85.0 2025-12-31
 native_b2 1.86.0 2025-12-31
 native_b2 1.87.0 2025-12-31
 native_b2 1.88.0 2025-12-31
 # Clang and Rust are currently pinned to LLVM 18
-libcxx 19.1.0 2024-12-15
+libcxx 19.1.0 2025-12-31
-libcxx 19.1.1 2024-12-15
+libcxx 19.1.1 2025-12-31
-native_clang 19.1.0 2024-12-15
+libcxx 19.1.2 2025-12-31
-native_clang 19.1.1 2024-12-15
+libcxx 19.1.3 2025-12-31
 libcxx 19.1.4 2025-12-31
 libcxx 19.1.5 2025-12-31
 libcxx 19.1.6 2025-12-31
 libcxx 19.1.7 2025-12-31
 libcxx 20.1.0 2025-12-31
 libcxx 20.1.1 2025-12-31
 libcxx 20.1.2 2025-12-31
 libcxx 20.1.3 2025-12-31
 native_clang 19.1.0 2025-12-31
 native_clang 19.1.1 2025-12-31
 native_clang 19.1.2 2025-12-31
 native_clang 19.1.3 2025-12-31
 native_clang 19.1.4 2025-12-31
 native_clang 19.1.5 2025-12-31
 native_clang 19.1.6 2025-12-31
 native_clang 19.1.7 2025-12-31
 native_clang 20.1.0 2025-12-31
 native_clang 20.1.1 2025-12-31
 native_clang 20.1.2 2025-12-31
 native_clang 20.1.3 2025-12-31
 native_rust 1.82.0 2025-12-31
 native_rust 1.83.0 2025-12-31
 native_rust 1.84.0 2025-12-31
 native_rust 1.84.1 2025-12-31
 native_rust 1.85.0 2025-12-31
 native_rust 1.85.1 2025-12-31
 native_rust 1.86.0 2025-12-31
 # We follow upstream Bitcoin Core's LevelDB updates
-leveldb 1.23 2024-12-15
+leveldb 1.23 2025-12-31
 # We're never updating to this version
-bdb 18.1.40 2025-03-01
+bdb 18.1.40 2026-03-01
 # These have no important security or critical stability issues.
 native_zstd 1.5.7 2025-12-31
 native_ccache 4.11 2025-12-31
 native_ccache 4.11.1 2025-12-31
 native_ccache 4.11.2 2025-12-31
 native_fmt 11.1.2 2025-12-31
 native_fmt 11.1.3 2025-12-31
 native_fmt 11.1.4 2025-12-31
 native_cmake 3.31.4 2025-12-31
 native_cmake 3.31.5 2025-12-31
 native_cmake 3.31.6 2025-12-31
 native_cmake 3.31.7 2025-12-31
 native_cmake 4.0.0 2025-12-31
 native_cmake 4.0.1 2025-12-31
--- a/src/bitcoind.cpp
+++ b/src/bitcoind.cpp
@ -127,6 +127,41 @@ bool AppInit(int argc, char* argv[])
            fprintf(stderr,"Error reading configuration file: %s\n", e.what());
            return false;
        }
        // Check that the node operator is aware of `zcashd` deprecation.
        if (!GetBoolArg("-i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025", false)) {
            auto confFilename = GetArg("-conf", BITCOIN_CONF_FILENAME);
            fprintf(stderr,
                _("zcashd is being deprecated in 2025. Full nodes are being migrated to zebrad,\n"
                  "and the Zallet wallet is being built as a replacement for the zcashd wallet.\n"
                  "\n"
                  "For some of zcashd's JSON-RPC methods, zebrad or Zallet should be a drop-in\n"
                  "replacement. Other JSON-RPC methods may require modified usage, and some\n"
                  "JSON-RPC methods will not be supported.\n"
                  "\n"
                  "You can find all information about the zcashd deprecation process on this\n"
                  "webpage, which you can monitor for future updates:\n"
                  "%s\n"
                  "\n"
                  "We are collecting information about how zcashd users are currently using the\n"
                  "existing JSON-RPC methods. The above webpage has a link to a spreadsheet\n"
                  "containing the information we have collected so far, and the planned status\n"
                  "for each JSON-RPC method based on that information. If you have not provided\n"
                  "feedback to us about how you are using the zcashd JSON-RPC interface, please\n"
                  "do so as soon as possible.\n"
                  "\n"
                  "To confirm that you are aware that zcashd is being deprecated and that you\n"
                  "will need to migrate to zebrad and/or Zallet in 2025, add the following\n"
                  "option:\n"
                  "%s\n"
                  "to your config file:\n"
                  "%s\n").c_str(),
                "https://z.cash/support/zcashd-deprecation/",
                "i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025=1",
                GetConfigFile(confFilename).string().c_str());
            return false;
        }
        // Check for -testnet or -regtest parameter (Params() calls are only valid after this clause)
        try {
            SelectParams(ChainNameFromCommandLine());
--- a/src/chainparams.cpp
+++ b/src/chainparams.cpp
@ -1,6 +1,6 @@
 // Copyright (c) 2010 Satoshi Nakamoto
 // Copyright (c) 2009-2014 The Bitcoin Core developers
-// Copyright (c) 2015-2023 The Zcash developers
+// Copyright (c) 2015-2025 The Zcash developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or https://www.opensource.org/licenses/mit-license.php .
@ -268,7 +268,7 @@ public:
        }
        // The best chain should have at least this much work.
-        consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000000011be8336c45e2dd4");
+        consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000000013859078e5bbacd3");
        /**
         * The message start string should be awesome! ⓩ❤
@ -330,10 +330,11 @@ public:
            (2000000, uint256S("0x00000000010accaf2f87934765dc2e0bf4823a2b1ae2c1395b334acfce52ad68"))
            (2200000, uint256S("0x0000000001a0139c4c4d0e8f68cc562227c6003f4b1b640a3d921aeb8c3d2e3d"))
            (2400000, uint256S("0x0000000000294d1c8d87a1b6566d302aa983691bc3cab0583a245389bbb9d285"))
-            (2600000, uint256S("0x0000000000b5ad92fcec0069d590f674d05ec7d96b1ff727863ea390950c4e49")),
+            (2600000, uint256S("0x0000000000b5ad92fcec0069d590f674d05ec7d96b1ff727863ea390950c4e49"))
-            1722834204,     // * UNIX timestamp of last checkpoint block
+            (2800000, uint256S("0x00000000011a226fb25d778d65b055605a82da016989b7788e0ce83c4f8d64f7")),
-            14608885,       // * total number of transactions between genesis and last checkpoint
+            1737908795,     // * UNIX timestamp of last checkpoint block
-            6473            // * estimated number of transactions per day after checkpoint
+            15140822,       // * total number of transactions between genesis and last checkpoint
            6229            // * estimated number of transactions per day after checkpoint
                            //   (total number of tx * 48 * 24) / checkpoint block height
        };
--- a/src/clientversion.h
+++ b/src/clientversion.h
@ -16,7 +16,7 @@
 //! These need to be macros, as clientversion.cpp's and bitcoin*-res.rc's voodoo requires it
 #define CLIENT_VERSION_MAJOR 6
-#define CLIENT_VERSION_MINOR 0
+#define CLIENT_VERSION_MINOR 2
 #define CLIENT_VERSION_REVISION 0
 #define CLIENT_VERSION_BUILD 50
--- a/src/consensus/params.cpp
+++ b/src/consensus/params.cpp
@ -194,7 +194,7 @@ namespace Consensus {
        const auto expectedRecipients = params.FundingPeriodIndex(startHeight, endHeight - 1) + 1;
        if (expectedRecipients > recipients.size()) {
-            return FundingStreamError::INSUFFICIENT_ADDRESSES;
+            return FundingStreamError::INSUFFICIENT_RECIPIENTS;
        }
        // Lockbox output periods must not start before NU6
@ -221,8 +221,8 @@ namespace Consensus {
                    throw std::runtime_error("Canopy network upgrade not active at funding stream start height.");
                case FundingStreamError::ILLEGAL_RANGE:
                    throw std::runtime_error("Illegal start/end height combination for funding stream.");
-                case FundingStreamError::INSUFFICIENT_ADDRESSES:
+                case FundingStreamError::INSUFFICIENT_RECIPIENTS:
-                    throw std::runtime_error("Insufficient payment addresses to fully exhaust funding stream.");
+                    throw std::runtime_error("Insufficient recipient identifiers to fully exhaust funding stream.");
                case FundingStreamError::NU6_NOT_ACTIVE:
                    throw std::runtime_error("NU6 network upgrade not active at lockbox period start height.");
                default:
@ -349,7 +349,11 @@ namespace Consensus {
        // Funding streams are disabled if Canopy is not active.
        if (NetworkUpgradeActive(nHeight, Consensus::UPGRADE_CANOPY)) {
            for (uint32_t idx = Consensus::FIRST_FUNDING_STREAM; idx < Consensus::MAX_FUNDING_STREAMS; idx++) {
                // The following indexed access is safe as Consensus::MAX_FUNDING_STREAMS is used
                // in the definition of vFundingStreams.
                auto fs = vFundingStreams[idx];
                // Funding period is [startHeight, endHeight).
                if (fs && nHeight >= fs.value().GetStartHeight() && nHeight < fs.value().GetEndHeight()) {
                    activeStreams.push_back(std::make_pair(FundingStreamInfo[idx], fs.value()));
                }
@ -372,16 +376,10 @@ namespace Consensus {
        // Funding streams are disabled if Canopy is not active.
        if (NetworkUpgradeActive(nHeight, Consensus::UPGRADE_CANOPY)) {
-            for (uint32_t idx = Consensus::FIRST_FUNDING_STREAM; idx < Consensus::MAX_FUNDING_STREAMS; idx++) {
+            for (const auto& [fsinfo, fs] : GetActiveFundingStreams(nHeight)) {
-                // The following indexed access is safe as Consensus::MAX_FUNDING_STREAMS is used
+                requiredElements.insert(std::make_pair(
-                // in the definition of vFundingStreams.
+                    fs.Recipient(*this, nHeight),
-                auto fs = vFundingStreams[idx];
+                    fsinfo.Value(blockSubsidy)));
                // Funding period is [startHeight, endHeight)
                if (fs && nHeight >= fs.value().GetStartHeight() && nHeight < fs.value().GetEndHeight()) {
                    requiredElements.insert(std::make_pair(
                        fs.value().Recipient(*this, nHeight),
                        FundingStreamInfo[idx].Value(blockSubsidy)));
                }
            }
        }
--- a/src/consensus/params.h
+++ b/src/consensus/params.h
@ -134,7 +134,7 @@ extern const struct FSInfo FundingStreamInfo[];
 enum FundingStreamError {
    CANOPY_NOT_ACTIVE,
    ILLEGAL_RANGE,
-    INSUFFICIENT_ADDRESSES,
+    INSUFFICIENT_RECIPIENTS,
    NU6_NOT_ACTIVE,
 };
--- a/src/dbwrapper.cpp
+++ b/src/dbwrapper.cpp
@ -29,6 +29,7 @@ static leveldb::Options GetOptions(size_t nCacheSize)
        // on corruption in later versions.
        options.paranoid_checks = true;
    }
    options.max_file_size = std::max(options.max_file_size, DBWRAPPER_MAX_FILE_SIZE);
    return options;
 }
--- a/src/dbwrapper.h
+++ b/src/dbwrapper.h
@ -18,6 +18,7 @@
 static const size_t DBWRAPPER_PREALLOC_KEY_SIZE = 64;
 static const size_t DBWRAPPER_PREALLOC_VALUE_SIZE = 1024;
 static const size_t DBWRAPPER_MAX_FILE_SIZE = 32 << 20; // 32 MiB
 class dbwrapper_error : public std::runtime_error
 {
--- a/src/deprecation.cpp
+++ b/src/deprecation.cpp
@ -14,6 +14,9 @@
 bool fEnableGbtOldHashes = true;
 bool fEnableDeprecationInfoDeprecationHeight = true;
 bool fEnableAddrTypeField = true;
 bool fEnableGetNetworkHashPS = true;
 bool fEnableCreateRawTransaction = true;
 bool fEnableSignRawTransaction = true;
 #ifdef ENABLE_WALLET
 bool fEnableGetNewAddress = true;
 bool fEnableGetRawChangeAddress = true;
@ -23,6 +26,9 @@ bool fEnableZGetTotalBalance = true;
 bool fEnableZListAddresses = true;
 bool fEnableLegacyPrivacyStrategy = true;
 bool fEnableWalletTxVJoinSplit = true;
 bool fEnableFundRawTransaction = true;
 bool fEnableKeyPoolRefill = true;
 bool fEnableSetTxFee = true;
 #endif
 static const std::string CLIENT_VERSION_STR = FormatVersion(CLIENT_VERSION);
@ -125,3 +131,16 @@ std::string GetAllowableDeprecatedFeatures() {
    return result;
 }
 std::string Deprecated(bool enabled, std::string method, std::string instead) {
    auto status = enabled ? "DEPRECATED" : "DISABLED";
    auto reenable = enabled
            ? std::string("")
            : (std::string("You can restart the node with `-allowdeprecated=") + method + "`\n"
               "to re-enable this method during its deprecation period.\n");
    return std::string("\n")
           + method + " is " + status + " and will be removed in a future release.\n"
           + instead + "\n"
           + reenable
           + "See https://zcash.github.io/zcash/user/deprecation.html for more information.\n";
 }
--- a/src/deprecation.h
+++ b/src/deprecation.h
@ -14,7 +14,7 @@
 // Shut down nodes running this version of code, `RELEASE_TO_DEPRECATION_WEEKS` weeks' worth
 // of blocks after the estimated release block height. A warning is shown during the 14 days'
 // worth of blocks prior to shut down.
-static const int APPROX_RELEASE_HEIGHT = 2667376;
+static const int APPROX_RELEASE_HEIGHT = 2892076;
 static const int RELEASE_TO_DEPRECATION_WEEKS = 16;
 static const int EXPECTED_BLOCKS_PER_HOUR = 3600 / Consensus::POST_BLOSSOM_POW_TARGET_SPACING;
 static_assert(EXPECTED_BLOCKS_PER_HOUR == 48, "The value of Consensus::POST_BLOSSOM_POW_TARGET_SPACING was chosen such that this assertion holds.");
@ -27,26 +27,32 @@ static const int DEPRECATION_WARN_LIMIT = 14 * 24 * EXPECTED_BLOCKS_PER_HOUR;
 //! Defaults for -allowdeprecated
 static const std::set<std::string> DEFAULT_ALLOW_DEPRECATED{{
    // Node-level features
-    "gbt_oldhashes",
+    "createrawtransaction",
-    "deprecationinfo_deprecationheight",
+    "signrawtransaction",
    "getnetworkhashps",
    // Wallet-level features
 #ifdef ENABLE_WALLET
    "z_getbalance",
    "z_gettotalbalance",
    "fundrawtransaction",
    "keypoolrefill",
    "settxfee",
 #endif
 }};
 static const std::set<std::string> DEFAULT_DENY_DEPRECATED{{
    // Node-level features
    "gbt_oldhashes",
    "deprecationinfo_deprecationheight",
    "addrtype",
    // Wallet-level features
 #ifdef ENABLE_WALLET
    "legacy_privacy",
    "getnewaddress",
    "getrawchangeaddress",
    "z_getnewaddress",
    "z_getbalance",
    "z_listaddresses",
-    "addrtype",
+    "legacy_privacy",
    "wallettxvjoinsplit",
 #endif
 }};
@ -55,6 +61,9 @@ static const std::set<std::string> DEFAULT_DENY_DEPRECATED{{
 extern bool fEnableGbtOldHashes;
 extern bool fEnableDeprecationInfoDeprecationHeight;
 extern bool fEnableAddrTypeField;
 extern bool fEnableGetNetworkHashPS;
 extern bool fEnableCreateRawTransaction;
 extern bool fEnableSignRawTransaction;
 #ifdef ENABLE_WALLET
 extern bool fEnableGetNewAddress;
 extern bool fEnableGetRawChangeAddress;
@ -64,6 +73,9 @@ extern bool fEnableZGetTotalBalance;
 extern bool fEnableZListAddresses;
 extern bool fEnableLegacyPrivacyStrategy;
 extern bool fEnableWalletTxVJoinSplit;
 extern bool fEnableFundRawTransaction;
 extern bool fEnableKeyPoolRefill;
 extern bool fEnableSetTxFee;
 #endif
 /**
@ -97,4 +109,9 @@ std::optional<std::string> LoadAllowedDeprecatedFeatures();
 */
 std::string GetAllowableDeprecatedFeatures();
 /**
 * Returns a string to be included in the help text of a deprecated RPC method.
 */
 std::string Deprecated(bool enabled, std::string method, std::string instead);
 #endif // ZCASH_DEPRECATION_H
--- a/src/gtest/test_checkblock.cpp
+++ b/src/gtest/test_checkblock.cpp
@ -10,7 +10,7 @@
 class MockCValidationState : public CValidationState {
 public:
    MOCK_METHOD6(DoS, bool(int level, bool ret,
-             unsigned int chRejectCodeIn, const std::string strRejectReasonIn,
+             unsigned int chRejectCodeIn, const std::string &strRejectReasonIn,
             bool corruptionIn,
             const std::string &strDebugMessageIn));
    MOCK_METHOD4(Invalid, bool(bool ret,
--- a/src/init.cpp
+++ b/src/init.cpp
@ -452,7 +452,7 @@ std::string HelpMessage(HelpMessageMode mode)
                "Use given addresses for block subsidy share paid to the funding stream with id <streamId> (regtest-only)");
    }
    std::string debugCategories = "addrman, alert, bench, coindb, db, http, libevent, lock, mempool, mempoolrej, net, partitioncheck, pow, proxy, prune, "
-                             "rand, receiveunsafe, reindex, rpc, selectcoins, tor, zmq, zrpc, zrpcunsafe (implies zrpc)"; // Don't translate these
+                             "rand, receiveunsafe, reindex, rpc, selectcoins, tor, valuepool, zmq, zrpc, zrpcunsafe (implies zrpc)"; // Don't translate these
    strUsage += HelpMessageOpt("-debug=<category>", strprintf(_("Output debugging information (default: %u, supplying <category> is optional)"), 0) + ". " +
        _("If <category> is not supplied or if <category> = 1, output all debugging information.") + " " + _("<category> can be:") + " " + debugCategories + ". " +
        _("For multiple specific categories use -debug=<category> multiple times."));
--- a/src/main.cpp
+++ b/src/main.cpp
@ -4673,7 +4673,7 @@ void SetChainPoolValues(
            lockboxValue += elem.second;
        }
    }
-    LogPrintf("%s: Lockbox value is %d at height %d", __func__, lockboxValue, pindex->nHeight);
+    LogPrint("valuepool", "%s: Lockbox value is %d at height %d", __func__, lockboxValue, pindex->nHeight);
    for (auto tx : block.vtx) {
        // For the genesis block only, compute the chain supply delta and the transparent
--- a/src/miner.cpp
+++ b/src/miner.cpp
@ -115,39 +115,38 @@ public:
    }
    CAmount SetFoundersRewardAndGetMinerValue(sapling::Builder& saplingBuilder) const {
-        auto block_subsidy = chainparams.GetConsensus().GetBlockSubsidy(nHeight);
+        const auto& consensus = chainparams.GetConsensus();
        const auto block_subsidy = consensus.GetBlockSubsidy(nHeight);
        auto miner_reward = block_subsidy; // founders' reward or funding stream amounts will be subtracted below
        if (nHeight > 0) {
            if (chainparams.GetConsensus().NetworkUpgradeActive(nHeight, Consensus::UPGRADE_CANOPY)) {
                auto fundingStreamElements = chainparams.GetConsensus().GetActiveFundingStreamElements(
                    nHeight,
                    block_subsidy);
                LogPrint("pow", "%s: Constructing funding stream outputs for height %d", __func__, nHeight);
-                for (Consensus::FundingStreamElement fselem : fundingStreamElements) {
+                for (const auto& [fsinfo, fs] : consensus.GetActiveFundingStreams(nHeight)) {
-                    miner_reward -= fselem.second;
+                    const auto amount = fsinfo.Value(block_subsidy);
-                    examine(fselem.first, match {
+                    miner_reward -= amount;
                    examine(fs.Recipient(consensus, nHeight), match {
                        [&](const libzcash::SaplingPaymentAddress& pa) {
-                            LogPrint("pow", "%s: Adding Sapling funding stream output of value %d", __func__, fselem.second);
+                            LogPrint("pow", "%s: Adding Sapling funding stream output of value %d", __func__, amount);
                            saplingBuilder.add_recipient(
                                {},
                                pa.GetRawBytes(),
-                                fselem.second,
+                                amount,
                                libzcash::Memo::ToBytes(std::nullopt));
                        },
                        [&](const CScript& scriptPubKey) {
-                            LogPrint("pow", "%s: Adding transparent funding stream output of value %d", __func__, fselem.second);
+                            LogPrint("pow", "%s: Adding transparent funding stream output of value %d", __func__, amount);
-                            mtx.vout.emplace_back(fselem.second, scriptPubKey);
+                            mtx.vout.emplace_back(amount, scriptPubKey);
                        },
                        [&](const Consensus::Lockbox& lockbox) {
-                            LogPrint("pow", "%s: Noting lockbox output of value %d", __func__, fselem.second);
+                            LogPrint("pow", "%s: Noting lockbox output of value %d", __func__, amount);
                        }
                    });
                }
            } else if (nHeight <= chainparams.GetConsensus().GetLastFoundersRewardBlockHeight(nHeight)) {
                // Founders reward is 20% of the block subsidy
-                auto vFoundersReward = miner_reward / 5;
+                const auto vFoundersReward = miner_reward / 5;
                // Take some reward away from us
                miner_reward -= vFoundersReward;
                // And give it to the founders
--- a/src/rpc/mining.cpp
+++ b/src/rpc/mining.cpp
@ -125,10 +125,12 @@ UniValue getnetworksolps(const UniValue& params, bool fHelp)
 UniValue getnetworkhashps(const UniValue& params, bool fHelp)
 {
-    if (fHelp || params.size() > 2)
+    if (!fEnableGetNetworkHashPS || fHelp || params.size() > 2)
        throw runtime_error(
            "getnetworkhashps ( blocks height )\n"
-            "\nDEPRECATED - left for backwards-compatibility. Use getnetworksolps instead.\n"
+            + Deprecated(fEnableGetNetworkHashPS,
                         "getnetworkhashps",
                         "Please use getnetworksolps instead.") +
            "\nReturns the estimated network solutions per second based on the last n blocks.\n"
            "Pass in [blocks] to override # of blocks, -1 specifies over difficulty averaging window.\n"
            "Pass in [height] to estimate the network speed at the time when a certain block was found.\n"
@ -140,7 +142,7 @@ UniValue getnetworkhashps(const UniValue& params, bool fHelp)
            "\nExamples:\n"
            + HelpExampleCli("getnetworkhashps", "")
            + HelpExampleRpc("getnetworkhashps", "")
-       );
+        );
    LOCK(cs_main);
    return GetNetworkHashPS(params.size() > 0 ? params[0].get_int() : 120, params.size() > 1 ? params[1].get_int() : -1);
--- a/src/rpc/rawtransaction.cpp
+++ b/src/rpc/rawtransaction.cpp
@ -672,9 +672,13 @@ UniValue verifytxoutproof(const UniValue& params, bool fHelp)
 UniValue createrawtransaction(const UniValue& params, bool fHelp)
 {
-    if (fHelp || params.size() < 2 || params.size() > 4)
+    if (!fEnableCreateRawTransaction || fHelp || params.size() < 2 || params.size() > 4)
        throw runtime_error(
            "createrawtransaction [{\"txid\":\"id\",\"vout\":n},...] {\"address\":amount,...} ( locktime ) ( expiryheight )\n"
            + Deprecated(fEnableCreateRawTransaction,
                         "createrawtransaction",
                         "Zallet will instead provide new RPC methods that operate on PCZTs:\n"
                         "https://github.com/zcash/wallet/issues/99") +
            "\nCreate a transaction spending the given inputs and sending to the given addresses.\n"
            "Returns hex-encoded raw transaction.\n"
            "Note that the transaction's inputs are not signed, and\n"
@ -948,9 +952,13 @@ static void TxInErrorToJSON(const CTxIn& txin, UniValue& vErrorsRet, const std::
 UniValue signrawtransaction(const UniValue& params, bool fHelp)
 {
-    if (fHelp || params.size() < 1 || params.size() > 5)
+    if (!fEnableSignRawTransaction || fHelp || params.size() < 1 || params.size() > 5)
        throw runtime_error(
            "signrawtransaction \"hexstring\" ( [{\"txid\":\"id\",\"vout\":n,\"scriptPubKey\":\"hex\",\"redeemScript\":\"hex\"},...] [\"privatekey1\",...] sighashtype )\n"
            + Deprecated(fEnableSignRawTransaction,
                         "signrawtransaction",
                         "Zallet will instead provide new RPC methods that operate on PCZTs:\n"
                         "https://github.com/zcash/wallet/issues/99") +
            "\nSign inputs for raw transaction (serialized, hex-encoded).\n"
            "The second optional argument (may be null) is an array of previous transaction outputs that\n"
            "this transaction depends on but may not yet be in the block chain.\n"
--- a/src/rust/src/sapling.rs
+++ b/src/rust/src/sapling.rs
@ -11,6 +11,7 @@ use bls12_381::Bls12;
 use group::GroupEncoding;
 use memuse::DynamicUsage;
 use rand_core::{OsRng, RngCore};
 use sapling::keys::EphemeralSecretKey;
 use sapling::{
    builder::BundleType,
    circuit::{self, OutputParameters, SpendParameters},
@ -344,7 +345,7 @@ impl OutputProver for StaticTxProver {
    type Proof = Proof<Bls12>;
    fn prepare_circuit(
-        esk: jubjub::Fr,
+        esk: &EphemeralSecretKey,
        payment_address: PaymentAddress,
        rcm: jubjub::Fr,
        value: NoteValue,
@ -366,7 +367,7 @@ impl OutputProver for StaticTxProver {
 pub(crate) struct SaplingBuilder {
    builder: sapling::builder::Builder,
-    signing_keys: Vec<SpendAuthorizingKey>,
+    extsks: Vec<ExtendedSpendingKey>,
 }
 pub(crate) fn new_sapling_builder(
@ -390,7 +391,7 @@ pub(crate) fn new_sapling_builder(
            bundle_type,
            anchor,
        ),
-        signing_keys: vec![],
+        extsks: vec![],
    }))
 }
@ -425,9 +426,13 @@ impl SaplingBuilder {
            .map_err(|e| format!("Invalid Sapling Merkle path: {}", e))?;
        self.builder
-            .add_spend(&extsk, note, merkle_path)
+            .add_spend(
                extsk.to_diversifiable_full_viewing_key().fvk().clone(),
                note,
                merkle_path,
            )
            .map_err(|e| format!("Failed to add Sapling spend: {}", e))?;
-        self.signing_keys.push(extsk.expsk.ask);
+        self.extsks.push(extsk);
        Ok(())
    }
@ -450,19 +455,16 @@ impl SaplingBuilder {
    }
    fn build(self) -> Result<SaplingUnauthorizedBundle, String> {
-        let Self {
+        let Self { builder, extsks } = self;
            builder,
            signing_keys,
        } = self;
        let prover = crate::sapling::StaticTxProver;
        let rng = OsRng;
        let bundle = builder
-            .build::<StaticTxProver, StaticTxProver, _, Amount>(rng)
+            .build::<StaticTxProver, StaticTxProver, _, Amount>(&extsks, rng)
            .map_err(|e| format!("Failed to build Sapling bundle: {}", e))?
            .map(|(bundle, _)| bundle.create_proofs(&prover, &prover, rng, ()));
        Ok(SaplingUnauthorizedBundle {
            bundle,
-            signing_keys,
+            signing_keys: extsks.into_iter().map(|extsk| extsk.expsk.ask).collect(),
        })
    }
 }
--- a/src/rust/src/tests/zip339.rs
+++ b/src/rust/src/tests/zip339.rs
@ -1,21 +1,11 @@
 use libc::c_char;
-use std::{
+use std::{ffi::CStr, ptr};
    convert::{TryFrom, TryInto},
    ffi::CStr,
    ptr,
 };
 use crate::zip339_ffi::{
    zip339_entropy_to_phrase, zip339_free_phrase, zip339_phrase_to_seed, zip339_validate_phrase,
    Language,
 };
 #[test]
 fn test_try_from_language() {
    assert_eq!(Language(0).try_into(), Ok(bip0039::Language::English));
    assert!(bip0039::Language::try_from(Language(1234)).is_err());
 }
 #[test]
 fn test_free_null_phrase_is_noop() {
    zip339_free_phrase(ptr::null_mut());
--- a/src/rust/src/transaction_ffi.rs
+++ b/src/rust/src/transaction_ffi.rs
@ -1,4 +1,4 @@
-use std::convert::TryInto;
+use std::convert::{TryFrom, TryInto};
 use std::io::Cursor;
 use std::{ptr, slice};
@ -11,7 +11,6 @@ use zcash_primitives::{
    consensus::BranchId,
    legacy::Script,
    transaction::{
        components::transparent,
        sighash::{SignableInput, TransparentAuthorizingContext},
        sighash_v5::v5_signature_hash,
        txid::TxIdDigester,
@ -62,10 +61,10 @@ pub extern "C" fn zcash_transaction_digests(
 #[derive(Clone, Debug)]
 pub(crate) struct TransparentAuth {
-    all_prev_outputs: Vec<transparent::TxOut>,
+    all_prev_outputs: Vec<transparent::bundle::TxOut>,
 }
-impl transparent::Authorization for TransparentAuth {
+impl transparent::bundle::Authorization for TransparentAuth {
    type ScriptSig = Script;
 }
@ -92,7 +91,7 @@ pub(crate) struct MapTransparent {
 impl MapTransparent {
    pub(crate) fn parse(all_prev_outputs: &[u8], tx: &Transaction) -> Result<Self, String> {
        let mut cursor = Cursor::new(all_prev_outputs);
-        match Vector::read(&mut cursor, transparent::TxOut::read) {
+        match Vector::read(&mut cursor, transparent::bundle::TxOut::read) {
            Err(e) => Err(format!("Invalid all_prev_outputs field: {}", e)),
            Ok(_) if (cursor.position() as usize) != all_prev_outputs.len() => {
                Err("all_prev_outputs had trailing data".into())
@ -131,15 +130,17 @@ impl MapTransparent {
    }
 }
-impl transparent::MapAuth<transparent::Authorized, TransparentAuth> for MapTransparent {
+impl transparent::bundle::MapAuth<transparent::bundle::Authorized, TransparentAuth>
    for MapTransparent
 {
    fn map_script_sig(
        &self,
-        s: <transparent::Authorized as transparent::Authorization>::ScriptSig,
+        s: <transparent::bundle::Authorized as transparent::bundle::Authorization>::ScriptSig,
-    ) -> <TransparentAuth as transparent::Authorization>::ScriptSig {
+    ) -> <TransparentAuth as transparent::bundle::Authorization>::ScriptSig {
        s
    }
-    fn map_authorization(&self, _: transparent::Authorized) -> TransparentAuth {
+    fn map_authorization(&self, _: transparent::bundle::Authorized) -> TransparentAuth {
        // TODO: This map should consume self, so we can move self.auth
        self.auth.clone()
    }
@ -261,6 +262,21 @@ pub extern "C" fn zcash_transaction_zip244_signature_digest(
    let signable_input = if index == NOT_AN_INPUT {
        SignableInput::Shielded
    } else {
        // This conversion to `u8` is always fine:
        // - We only call this FFI method once we already know we are using ZIP 244.
        // - Even if we weren't, `hash_type` is one byte tacked onto the end of a
        //   signature, so it always fits into a `u8` (and TBH I don't know why we
        //   ever set it to `u32`).
        let hash_type = u8::try_from(hash_type).unwrap();
        let hash_type = match transparent::sighash::SighashType::parse(hash_type) {
            Some(hash_type) => hash_type,
            None => {
                error!("hash_type violates the ZIP 244 rules");
                return false;
            }
        };
        let prevout = match precomputed_tx.tx.transparent_bundle() {
            Some(bundle) => match bundle.authorization.all_prev_outputs.get(index) {
                Some(prevout) => prevout,
@ -275,22 +291,17 @@ pub extern "C" fn zcash_transaction_zip244_signature_digest(
            }
        };
-        SignableInput::Transparent {
+        SignableInput::Transparent(transparent::sighash::SignableInput::from_parts(
-            // This conversion to `u8` is always fine:
+            hash_type,
            // - We only call this FFI method once we already know we are using ZIP 244.
            // - Even if we weren't, `hash_type` is one byte tacked onto the end of a
            //   signature, so it always fits into a `u8` (and TBH I don't know why we
            //   ever set it to `u32`).
            hash_type: hash_type.try_into().unwrap(),
            index,
            // `script_code` is unused by `v5_signature_hash`, so instead of passing the
            // real `script_code` across the FFI (and paying the serialization and parsing
            // cost for no benefit), we set it to the prevout's `script_pubkey`. This
            // happens to be correct anyway for every output script kind except P2SH.
-            script_code: &prevout.script_pubkey,
+            &prevout.script_pubkey,
-            script_pubkey: &prevout.script_pubkey,
+            &prevout.script_pubkey,
-            value: prevout.value,
+            prevout.value,
-        }
+        ))
    };
    let sighash = v5_signature_hash(
--- a/src/rust/src/zip339_ffi.rs
+++ b/src/rust/src/zip339_ffi.rs
@ -1,6 +1,7 @@
 use libc::{c_char, size_t};
 use macro_find_and_replace::replace_token_sequence;
 use std::{
-    convert::{TryFrom, TryInto},
+    borrow::Cow,
    ffi::{CStr, CString},
    ptr, slice,
 };
@ -13,27 +14,90 @@ use zeroize::Zeroize;
 #[derive(Copy, Clone)]
 pub struct Language(pub u32);
-impl TryFrom<Language> for bip0039::Language {
+impl Language {
-    type Error = ();
+    #[allow(clippy::too_many_arguments)]
-
+    fn handle<Ctx, T>(
-    fn try_from(language: Language) -> Result<Self, ()> {
+        self,
        ctx: Ctx,
        en: impl FnOnce(Ctx) -> Option<T>,
        zh_cn: impl FnOnce(Ctx) -> Option<T>,
        zh_tw: impl FnOnce(Ctx) -> Option<T>,
        cs: impl FnOnce(Ctx) -> Option<T>,
        fr: impl FnOnce(Ctx) -> Option<T>,
        it: impl FnOnce(Ctx) -> Option<T>,
        ja: impl FnOnce(Ctx) -> Option<T>,
        ko: impl FnOnce(Ctx) -> Option<T>,
        pt: impl FnOnce(Ctx) -> Option<T>,
        es: impl FnOnce(Ctx) -> Option<T>,
    ) -> Option<T> {
        // These must match `src/rust/include/zip339.h`.
-        match language {
+        match self {
-            Language(0) => Ok(bip0039::Language::English),
+            Language(0) => en(ctx),
-            Language(1) => Ok(bip0039::Language::SimplifiedChinese),
+            Language(1) => zh_cn(ctx),
-            Language(2) => Ok(bip0039::Language::TraditionalChinese),
+            Language(2) => zh_tw(ctx),
-            Language(3) => Ok(bip0039::Language::Czech),
+            Language(3) => cs(ctx),
-            Language(4) => Ok(bip0039::Language::French),
+            Language(4) => fr(ctx),
-            Language(5) => Ok(bip0039::Language::Italian),
+            Language(5) => it(ctx),
-            Language(6) => Ok(bip0039::Language::Japanese),
+            Language(6) => ja(ctx),
-            Language(7) => Ok(bip0039::Language::Korean),
+            Language(7) => ko(ctx),
-            Language(8) => Ok(bip0039::Language::Portuguese),
+            Language(8) => pt(ctx),
-            Language(9) => Ok(bip0039::Language::Spanish),
+            Language(9) => es(ctx),
-            Language(_) => Err(()),
+            Language(_) => None,
        }
    }
 }
 macro_rules! all_languages {
    ($self:expr, $ctx:expr, $e:expr) => {
        $self.handle(
            $ctx,
            replace_token_sequence!{[LANGUAGE], [bip0039::English], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::ChineseSimplified], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::ChineseTraditional], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::Czech], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::French], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::Italian], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::Japanese], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::Korean], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::Portuguese], $e},
            replace_token_sequence!{[LANGUAGE], [bip0039::Spanish], $e},
        )
    };
 }
 impl Language {
    fn with_mnemonic_phrase_from_entropy<E: Into<Vec<u8>>, T>(
        self,
        entropy: E,
        f: impl FnOnce(&str) -> Option<T>,
    ) -> Option<T> {
        all_languages!(self, (entropy, f), |(entropy, f)| {
            bip0039::Mnemonic::<LANGUAGE>::from_entropy(entropy)
                .ok()
                .and_then(|mnemonic| f(mnemonic.phrase()))
        })
    }
    fn with_seed_from_mnemonic_phrase<'a, P: Into<Cow<'a, str>>, T>(
        self,
        phrase: P,
        passphrase: &str,
        f: impl FnOnce([u8; 64]) -> Option<T>,
    ) -> Option<T> {
        all_languages!(self, (phrase, passphrase, f), |(phrase, passphrase, f)| {
            bip0039::Mnemonic::<LANGUAGE>::from_phrase(phrase)
                .ok()
                .and_then(|mnemonic| f(mnemonic.to_seed(passphrase)))
        })
    }
    fn validate_mnemonic<'a, P: Into<Cow<'a, str>>>(self, phrase: P) -> Option<()> {
        all_languages!(self, phrase, |phrase| {
            bip0039::Mnemonic::<LANGUAGE>::validate(phrase).ok()
        })
    }
 }
 /// Creates a phrase with the given entropy, in the given `Language`. The phrase is represented as
 /// a pointer to a null-terminated C string that must not be written to, and must be freed by
 /// `zip339_free_phrase`.
@ -45,15 +109,14 @@ pub extern "C" fn zip339_entropy_to_phrase(
 ) -> *const c_char {
    assert!(!entropy.is_null());
-    if let Ok(language) = language.try_into() {
+    let entropy = unsafe { slice::from_raw_parts(entropy, entropy_len) }.to_vec();
-        let entropy = unsafe { slice::from_raw_parts(entropy, entropy_len) }.to_vec();
+    language
-        if let Ok(mnemonic) = bip0039::Mnemonic::from_entropy_in(language, entropy) {
+        .with_mnemonic_phrase_from_entropy(entropy, |phrase| {
-            if let Ok(phrase) = CString::new(mnemonic.phrase()) {
+            CString::new(phrase)
-                return phrase.into_raw() as *const c_char;
+                .ok()
-            }
+                .map(|phrase| phrase.into_raw() as *const c_char)
-        }
+        })
-    }
+        .unwrap_or(ptr::null())
    ptr::null()
 }
 /// Frees a phrase returned by `zip339_entropy_to_phrase`.
@ -74,10 +137,8 @@ pub extern "C" fn zip339_free_phrase(phrase: *const c_char) {
 pub extern "C" fn zip339_validate_phrase(language: Language, phrase: *const c_char) -> bool {
    assert!(!phrase.is_null());
-    if let Ok(language) = language.try_into() {
+    if let Ok(phrase) = unsafe { CStr::from_ptr(phrase) }.to_str() {
-        if let Ok(phrase) = unsafe { CStr::from_ptr(phrase) }.to_str() {
+        return language.validate_mnemonic(phrase).is_some();
            return bip0039::Mnemonic::validate_in(language, phrase).is_ok();
        }
    }
    false
 }
@ -93,20 +154,23 @@ pub extern "C" fn zip339_phrase_to_seed(
    assert!(!phrase.is_null());
    assert!(!buf.is_null());
-    if let Ok(language) = language.try_into() {
+    let phrase = unsafe { CStr::from_ptr(phrase) };
-        if let Ok(phrase) = unsafe { CStr::from_ptr(phrase) }.to_str() {
+    phrase
-            if let Ok(mnemonic) = bip0039::Mnemonic::from_phrase_in(language, phrase) {
+        .to_str()
-                // Use the empty passphrase.
+        .ok()
-                let seed = mnemonic.to_seed("");
+        .and_then(|phrase| {
            // Use the empty passphrase.
            language.with_seed_from_mnemonic_phrase(phrase, "", |seed| {
                unsafe {
                    ptr::copy(seed.as_ptr(), buf, 64);
                }
-                return true;
+                Some(true)
            })
        })
        .unwrap_or_else(|| {
            unsafe {
                ptr::write_bytes(buf, 0, 64);
            }
-        }
+            false
-    }
+        })
    unsafe {
        ptr::write_bytes(buf, 0, 64);
    }
    false
 }
--- a/src/test/miner_tests.cpp
+++ b/src/test/miner_tests.cpp
@ -375,8 +375,9 @@ BOOST_AUTO_TEST_CASE(CreateNewBlock_validity)
    auto nTime = pblocktemplate->block.nTime;
    delete pblocktemplate;
-    // Set the clock to be just ahead of the last "mined" block, to ensure we satisfy the
+    // Set the clock to the timestamp of the last "mined" block, to ensure we satisfy the
-    // future timestamp soft fork rule.
+    // future timestamp soft fork rule. We use a fixed clock here because the time should
    // not advance from `nTime` for the calls to `CreateNewBlock`.
    FixedClock::SetGlobal();
    FixedClock::Instance()->Set(std::chrono::seconds(nTime));
@ -406,6 +407,9 @@ BOOST_AUTO_TEST_CASE(CreateNewBlock_validity)
    BOOST_CHECK_EQUAL(pblocktemplate->block.nTime, minTime);
    delete pblocktemplate;
    // Set the clock back to the timestamp of the last "mined" block (and allow it to advance
    // from that point), to ensure we satisfy both the rule that it is after the MTP, and the
    // future timestamp soft fork rule.
    auto curTime = GetTime();
    OffsetClock::SetGlobal();
    OffsetClock::Instance()->Set(std::chrono::seconds(-curTime + nTime));
--- a/src/test/sighash_tests.cpp
+++ b/src/test/sighash_tests.cpp
@ -31,7 +31,7 @@ uint256 static SignatureHashOld(CScript scriptCode, const CTransaction& txTo, un
    static const uint256 one(uint256S("0000000000000000000000000000000000000000000000000000000000000001"));
    if (nIn >= txTo.vin.size())
    {
-        printf("ERROR: SignatureHash(): nIn=%d out of range\n", nIn);
+        printf("ERROR: SignatureHash(): nIn=%u out of range\n", nIn);
        return one;
    }
    CMutableTransaction txTmp(txTo);
@ -58,7 +58,7 @@ uint256 static SignatureHashOld(CScript scriptCode, const CTransaction& txTo, un
        unsigned int nOut = nIn;
        if (nOut >= txTmp.vout.size())
        {
-            printf("ERROR: SignatureHash(): nOut=%d out of range\n", nOut);
+            printf("ERROR: SignatureHash(): nOut=%u out of range\n", nOut);
            return one;
        }
        txTmp.vout.resize(nOut+1);
--- a/src/wallet/asyncrpcoperation_common.cpp
+++ b/src/wallet/asyncrpcoperation_common.cpp
@ -8,6 +8,7 @@
 extern UniValue signrawtransaction(const UniValue& params, bool fHelp);
 // This is only a helper for tests.
 std::pair<CTransaction, UniValue> SignSendRawTransaction(UniValue obj, std::optional<std::reference_wrapper<CReserveKey>> reservekey, bool testmode) {
    // Sign the raw transaction
    UniValue rawtxnValue = find_value(obj, "rawtxn");
--- a/src/wallet/rpcdisclosure.cpp
+++ b/src/wallet/rpcdisclosure.cpp
@ -52,8 +52,8 @@ UniValue z_getpaymentdisclosure(const UniValue& params, bool fHelp)
    if (fHelp || params.size() < 3 || params.size() > 4 )
        throw runtime_error(
            "z_getpaymentdisclosure \"txid\" js_index output_index (\"message\") \n"
-            "\nGenerate a payment disclosure for a given joinsplit output.\n"
+            "\nGenerate a payment disclosure for a given joinsplit output. This only supports Sprout.\n"
-            "\nEXPERIMENTAL FEATURE\n"
+            "\nEXPERIMENTAL, DEPRECATED FEATURE\n"
            + disabledMsg +
            "\nArguments:\n"
            "1. \"txid\"            (string, required) \n"
@ -157,8 +157,8 @@ UniValue z_validatepaymentdisclosure(const UniValue& params, bool fHelp)
    if (fHelp || params.size() != 1)
        throw runtime_error(
            "z_validatepaymentdisclosure \"paymentdisclosure\"\n"
-            "\nValidates a payment disclosure.\n"
+            "\nValidates a payment disclosure. This only supports Sprout.\n"
-            "\nEXPERIMENTAL FEATURE\n"
+            "\nEXPERIMENTAL, DEPRECATED FEATURE\n"
            + disabledMsg +
            "\nArguments:\n"
            "1. \"paymentdisclosure\"     (string, required) Hex data string, with \"zpd:\" prefix.\n"
--- a/src/wallet/rpcwallet.cpp
+++ b/src/wallet/rpcwallet.cpp
@ -85,12 +85,19 @@ std::string HelpRequiringPassphrase()
 bool EnsureWalletIsAvailable(bool avoidException)
 {
-    if (!pwalletMain)
+    if (!pwalletMain) {
-    {
+        if (!avoidException) {
-        if (!avoidException)
+            throw JSONRPCError(
-            throw JSONRPCError(RPC_METHOD_NOT_FOUND, "Method not found (disabled)");
+                    RPC_METHOD_NOT_FOUND,
-        else
+#if ENABLE_WALLET
                    "This wallet method is disabled because the `disablewallet` flag was used."
 #else
                    "This wallet method is disabled because the node was not built with wallet support."
 #endif
            );
        } else {
            return false;
        }
    }
    return true;
 }
@ -165,17 +172,12 @@ UniValue getnewaddress(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (!fEnableGetNewAddress)
+    if (!fEnableGetNewAddress || fHelp || params.size() > 1)
        throw runtime_error(
            "getnewaddress is DEPRECATED and will be removed in a future release\n"
            "\nUse z_getnewaccount and z_getaddressforaccount instead, or restart \n"
            "with `-allowdeprecated=getnewaddress` if you require backward compatibility.\n"
            "See https://zcash.github.io/zcash/user/deprecation.html for more information.");
    if (fHelp || params.size() > 1)
        throw runtime_error(
            "getnewaddress ( \"\" )\n"
-            "\nDEPRECATED. Use z_getnewaccount and z_getaddressforaccount instead.\n"
+            + Deprecated(fEnableGetNewAddress,
                         "getnewaddress",
                         "Please use z_getnewaccount and z_getaddressforaccount instead.") +
            "\nReturns a new transparent Zcash address.\n"
            "Payments received by this API are visible on-chain and do not otherwise\n"
            "provide privacy protections; they should only be used in circumstances \n"
@ -250,19 +252,13 @@ UniValue getrawchangeaddress(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (!fEnableGetRawChangeAddress)
+    if (!fEnableGetRawChangeAddress || fHelp || params.size() > 1)
        throw runtime_error(
            "getrawchangeaddress is DEPRECATED and will be removed in a future release\n"
            "\nChange addresses are a wallet-internal feature. Use a unified address for\n"
            "a dedicated change account instead, or restart with `-allowdeprecated=getrawchangeaddress` \n"
            "if you require backward compatibility.\n"
            "See https://zcash.github.io/zcash/user/deprecation.html for more information.");
    if (fHelp || params.size() > 1)
        throw runtime_error(
            "getrawchangeaddress\n"
-            "\nDEPRECATED. Change addresses are a wallet-internal feature. Use a unified"
+            + Deprecated(fEnableGetRawChangeAddress,
-            "\naddress for a dedicated change account instead.\n"
+                         "getrawchangeaddress",
                         "Change addresses are a wallet-internal feature. Use a unified address\n"
                         "for a dedicated change account instead.") +
            "\nReturns a new transparent Zcash address for receiving change.\n"
            "This is for use with raw transactions, NOT normal use. Additionally,\n"
            "the resulting address does not correspond to the \"change\" HD derivation\n"
@ -272,7 +268,7 @@ UniValue getrawchangeaddress(const UniValue& params, bool fHelp)
            "\nExamples:\n"
            + HelpExampleCli("getrawchangeaddress", "")
            + HelpExampleRpc("getrawchangeaddress", "")
-       );
+        );
    LOCK2(cs_main, pwalletMain->cs_wallet);
@ -2057,9 +2053,12 @@ UniValue keypoolrefill(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (fHelp || params.size() > 1)
+    if (!fEnableKeyPoolRefill || fHelp || params.size() > 1)
        throw runtime_error(
            "keypoolrefill ( newsize )\n"
            + Deprecated(fEnableKeyPoolRefill,
                         "keypoolrefill",
                         "It will not be needed for Zallet.") +
            "\nFills the keypool associated with the legacy transparent value pool. This should only be\n"
            "used when interoperability with legacy Bitcoin infrastructure is required.\n"
            + HelpRequiringPassphrase() + "\n"
@ -2492,9 +2491,13 @@ UniValue settxfee(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (fHelp || params.size() < 1 || params.size() > 1)
+    if (!fEnableSetTxFee || fHelp || params.size() < 1 || params.size() > 1)
        throw runtime_error(
            "settxfee amount\n"
            + Deprecated(fEnableSetTxFee,
                         "settxfee",
                         "It is strongly recommended to use the default ZIP 317 fee, which is not\n"
                         "expressible using settxfee.") +
            "\nSet the preferred transaction fee rate per 1000 bytes. This is only used by legacy transaction creation APIs (sendtoaddress, sendmany, and fundrawtransaction). Overwrites the paytxfee parameter.\n"
            "\nArguments:\n"
            "1. amount         (numeric, required) The transaction fee rate in " + CURRENCY_UNIT + " per 1000 bytes rounded to the nearest 0.00000001\n"
@ -2952,9 +2955,13 @@ UniValue fundrawtransaction(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (fHelp || params.size() < 1 || params.size() > 2)
+    if (!fEnableFundRawTransaction || fHelp || params.size() < 1 || params.size() > 2)
        throw runtime_error(
            "fundrawtransaction \"hexstring\" includeWatching\n"
            + Deprecated(fEnableFundRawTransaction,
                         "fundrawtransaction",
                         "Zallet will instead provide new RPC methods that operate on PCZTs:\n"
                         "https://github.com/zcash/wallet/issues/99") +
            "\nAdd transparent inputs to a transaction until it has enough in value to meet its out value.\n"
            "This will not modify existing inputs, and will add one change output to the outputs.\n"
            "Note that inputs which were signed may need to be resigned after completion since in/outputs have been added.\n"
@ -3187,21 +3194,17 @@ UniValue z_getnewaddress(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
    if (!fEnableZGetNewAddress)
        throw runtime_error(
            "z_getnewaddress is DEPRECATED and will be removed in a future release\n"
            "\nUse z_getnewaccount and z_getaddressforaccount instead, or restart \n"
            "with `-allowdeprecated=z_getnewaddress` if you require backward compatibility.\n"
            "See https://zcash.github.io/zcash/user/deprecation.html for more information.");
    std::string defaultType = ADDR_TYPE_SAPLING;
-    if (fHelp || params.size() > 1)
+    if (!fEnableZGetNewAddress || fHelp || params.size() > 1)
        throw runtime_error(
            "z_getnewaddress ( type )\n"
-            "\nDEPRECATED. Use z_getnewaccount and z_getaddressforaccount instead.\n"
+            + Deprecated(fEnableZGetNewAddress,
                         "z_getnewaddress",
                         "Please use z_getnewaccount and z_getaddressforaccount instead.") +
            "\nReturns a new shielded address for receiving payments.\n"
-            "\nWith no arguments, returns a Sapling address.\n"
+            "\nWith no arguments, this currently returns a Sapling address (but that\n"
            "should not be relied on).\n"
            "Generating a Sprout address is not allowed after Canopy has activated.\n"
            "\nArguments:\n"
            "1. \"type\"         (string, optional, default=\"" + defaultType + "\") The type of address. One of [\""
@ -3509,17 +3512,12 @@ UniValue z_listaddresses(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (!fEnableZListAddresses)
+    if (!fEnableZListAddresses || fHelp || params.size() > 1)
        throw runtime_error(
            "z_listaddresses is DEPRECATED and will be removed in a future release\n"
            "\nUse listaddresses or restart with `-allowdeprecated=z_listaddresses`\n"
            "if you require backward compatibility.\n"
            "See https://zcash.github.io/zcash/user/deprecation.html for more information.");
    if (fHelp || params.size() > 1)
        throw runtime_error(
            "z_listaddresses ( includeWatchonly )\n"
-            "\nDEPRECATED. Use `listaddresses` instead.\n"
+            + Deprecated(fEnableZListAddresses,
                         "z_listaddresses",
                         "Please use `listaddresses` instead.") +
            "\nReturns the list of shielded addresses belonging to the wallet.\n"
            "\nThis never returns Unified Addresses; see 'listaddresses' for them.\n"
            "\nArguments:\n"
@ -3951,19 +3949,13 @@ UniValue z_getbalance(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (!fEnableZGetBalance)
+    if (!fEnableZGetBalance || fHelp || params.size() == 0 || params.size() > 3)
        throw runtime_error(
            "z_getbalance is DEPRECATED and will be removed in a future release\n\n"
            "Use z_getbalanceforaccount, z_getbalanceforviewingkey, or getbalance (for\n"
            "legacy transparent balance) instead, or restart with `-allowdeprecated=z_getbalance`\n"
            "if you require backward compatibility.\n"
            "See https://zcash.github.io/zcash/user/deprecation.html for more information.");
    if (fHelp || params.size() == 0 || params.size() > 3)
        throw runtime_error(
            "z_getbalance \"address\" ( minconf inZat )\n"
-            "\nDEPRECATED; please use z_getbalanceforaccount, z_getbalanceforviewingkey,\n"
+            + Deprecated(fEnableZGetBalance,
-            "or getbalance (for legacy transparent balance) instead.\n"
+                         "z_getbalance",
                         "Please use z_getbalanceforaccount, z_getbalanceforviewingkey, or getbalance (for legacy\n"
                         "transparent balance) instead.") +
            "\nReturns the balance of a taddr or zaddr belonging to the node's wallet.\n"
            "\nCAUTION: If the wallet has only an incoming viewing key for this address, then spends cannot be"
            "\ndetected, and so the returned balance may be larger than the actual balance."
@ -4254,17 +4246,12 @@ UniValue z_gettotalbalance(const UniValue& params, bool fHelp)
    if (!EnsureWalletIsAvailable(fHelp))
        return NullUniValue;
-    if (!fEnableZGetTotalBalance)
+    if (!fEnableZGetTotalBalance || fHelp || params.size() > 2)
        throw runtime_error(
            "z_gettotalbalance is DEPRECATED and will be removed in a future release\n\n"
            "Use z_getbalanceforaccount, or getbalance (for legacy transparent balance) instead, or\n"
            "restart with `-allowdeprecated=z_gettotalbalance if you require backward compatibility.\n"
            "See https://zcash.github.io/zcash/user/deprecation.html for more information.");
    if (fHelp || params.size() > 2)
        throw runtime_error(
            "z_gettotalbalance ( minconf includeWatchonly )\n"
-            "\nDEPRECATED. Please use z_getbalanceforaccount or getbalance (for legacy transparent balance) instead.\n"
+            + Deprecated(fEnableZGetTotalBalance,
                         "z_gettotalbalance",
                         "Please use z_getbalanceforaccount, or getbalance (for legacy transparent balance) instead.") +
            "\nReturn the total value of funds stored in the node's wallet.\n"
            "\nCAUTION: If the wallet contains any addresses for which it only has incoming viewing keys,"
            "\nthe returned private balance may be larger than the actual balance, because spends cannot"
--- a/zcutil/libfuzzer/libfuzzer-build.sh
+++ b/zcutil/libfuzzer/libfuzzer-build.sh
@ -64,7 +64,6 @@ case $key in
    ;;
    -h|--help)
    usage
    shift
    ;;
    *)
    POSITIONAL+=("$1")
Author	SHA1	Message	Date
Jack Grigg	2352fbc1ed	Merge pull request #7030 from daira/nicer-bip0039-language-handling Make the handling of bip0039 languages nicer	2025-05-20 16:31:44 +01:00
Daira-Emma Hopwood	78695a7d63	Make the handling of bip0039 languages nicer. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-05-20 10:40:28 +01:00
Jack Grigg	4256156874	Merge pull request #7029 from pacu/fix-test-compiler-error Fixes test/sighash_tests.cpp compiler error	2025-05-19 13:21:37 +01:00
Jack Grigg	3b5ecb2b5d	Merge pull request #7027 from str4d/rust-updates-6.3.0 Rust updates for 6.3.0	2025-05-19 13:20:17 +01:00
pacu	9c593754c9	Fixes test/sighash_tests.cpp compiler error closes #7028	2025-05-15 13:51:45 -03:00
Jack Grigg	dfec26eb1d	rust: thiserror 2	2025-05-09 00:27:58 +00:00
Jack Grigg	7cdc7457a4	depends: cxx 1.0.158	2025-05-09 00:21:54 +00:00
Jack Grigg	2403a0aed9	rust: clearscreen 4	2025-05-08 23:39:55 +00:00
Jack Grigg	be5ff646dc	rust: Migrate to `zcash_primitives 0.21`	2025-05-08 23:33:04 +00:00
Jack Grigg	e90508083e	rust: Migrate to `bip0039 0.12`	2025-05-08 23:33:04 +00:00
Kris Nuttycombe	1f1f7a385a	Merge pull request #7018 from zcash/version-6.2.0 Merge 6.2.0 back into the main branch	2025-04-21 12:00:53 -06:00
Kris Nuttycombe	e3119e5b72	ci: Use the `clone_url` field of the `repo` object for `git fetch` to check a PR This also modifies changed file list parsing to avoid the need for a shell variable.	2025-04-17 14:29:32 -06:00
Daira-Emma Hopwood	c2cbbc3ae2	Merge remote-tracking branch 'origin' into version-6.2.0	2025-04-17 13:47:00 +01:00
Kris Nuttycombe	a78675000b	Merge pull request #7021 from zcash/release-v6.2.0 Release v6.2.0	2025-04-17 06:16:07 -06:00
y4ssi	ff279fdb6a	Update ci.yml Remove CI for ubuntu 20.04	2025-04-16 22:22:51 -06:00
Kris Nuttycombe	76db11eba1	Merge pull request #7020 from zcash/remove_ubuntu2004_build Remove CI for ubuntu 20.04	2025-04-16 22:17:51 -06:00
y4ssi	bb59677ec9	Update ci.yml Remove CI for ubuntu 20.04	2025-04-16 21:51:21 -06:00
Daira-Emma Hopwood	654a8be227	make-release.py: Updated book for 6.2.0.	2025-04-16 23:59:38 +01:00
Daira-Emma Hopwood	07ef131cfe	make-release.py: Updated release notes and changelog for 6.2.0.	2025-04-16 23:59:38 +01:00
Daira-Emma Hopwood	dfa67a9939	make-release.py: Updated manpages for 6.2.0.	2025-04-16 23:59:37 +01:00
Daira-Emma Hopwood	9032e57fdd	make-release.py: Versioning changes for 6.2.0.	2025-04-16 23:53:22 +01:00
Daira-Emma Hopwood	95d70e77e4	CI: Test on Ubuntu 24.04 as Tier 3. Co-authored-by: Jack Grigg <jack@electriccoin.co> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-16 23:49:30 +01:00
Daira-Emma Hopwood	aa55bdcaae	Move Ubuntu 22.04 support to Tier 1. Co-authored-by: Jack Grigg <jack@electriccoin.co> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-16 23:44:51 +01:00
Daira-Emma Hopwood	07059a8ad9	CI: Bump the Ubuntu runner version used for Debian. Co-authored-by: Jack Grigg <jack@electriccoin.co> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-16 23:41:51 +01:00
Daira-Emma Hopwood	b3c9ae5455	contrib/devtools/symbol-check.py: Update allowed library versions and documentation. Co-authored-by: Jack Grigg <jack@electriccoin.co> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-16 23:40:55 +01:00
Daira-Emma Hopwood	884dfe49c9	Remove Ubuntu 20.04 from the list of supported platforms because GitHub no longer supports CI runners for it. Co-authored-by: Jack Grigg <jack@electriccoin.co> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-16 23:09:43 +01:00
Daira-Emma Hopwood	bee8d1df45	Postpone C++ dependency updates for the v6.2.0 release. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-16 22:24:27 +01:00
Kris Nuttycombe	abf417ef22	Merge pull request #7017 from daira/release-v6.2.0-rc1 Release v6.2.0-rc1	2025-04-14 14:48:14 -06:00
Daira-Emma Hopwood	99557f8a3d	Update audits. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 21:28:06 +01:00
Daira-Emma Hopwood	024d47011f	Trivial doc update to poke CI. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 20:54:24 +01:00
Daira-Emma Hopwood	bfb620e47e	make-release.py: Updated book for 6.2.0-rc1.	2025-04-10 18:44:12 +01:00
Daira-Emma Hopwood	87661dcfbc	make-release.py: Updated release notes and changelog for 6.2.0-rc1.	2025-04-10 18:44:12 +01:00
Daira-Emma Hopwood	912da4bfb6	make-release.py: Updated manpages for 6.2.0-rc1.	2025-04-10 18:44:11 +01:00
Daira-Emma Hopwood	ab7ddaa963	make-release.py: Versioning changes for 6.2.0-rc1.	2025-04-10 18:39:55 +01:00
Daira-Emma Hopwood	3f3cc10672	Correction to the 6.2.0-rc1 release notes. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 18:39:09 +01:00
Daira-Emma Hopwood	ece9c517fe	Update crossbeam-channel and tokio in `Cargo.lock` to avoid vulnerable versions and pass `cargo audit`. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 18:39:09 +01:00
Daira-Emma Hopwood	52c8856ce6	Update links in the README. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 18:39:09 +01:00
Daira-Emma Hopwood	ed718d0773	Fix URL to the Rust Target Tier Policy. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 18:39:09 +01:00
Daira-Emma Hopwood	a8aa33152c	Postpone native updates (after thorough checking with @y4ssi). Co-authored-by: Yasser <yasser@electriccoin.co> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-10 18:39:09 +01:00
Kris Nuttycombe	7ac250c93b	Merge pull request #7015 from daira/deprecations-for-6.2.0 Deprecations for 6.2.0	2025-04-08 21:32:52 -06:00
Daira-Emma Hopwood	bfb2cf9255	Add `i-am-aware-zcashd-will-be-replaced-by-zebrad-and-zallet-in-2025` to release notes. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 03:32:53 +01:00
Daira-Emma Hopwood	638ea507be	Allow the RPC help to be displayed for disabled methods. Co-authored-by: Kris Nuttycombe <kris@nutty.land> Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 03:32:53 +01:00
Daira-Emma Hopwood	f8a5d39464	Fix RPC tests broken by deprecations. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 03:32:53 +01:00
Daira-Emma Hopwood	f8a2c46094	Wording changes to address review comments. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 03:32:53 +01:00
Daira-Emma Hopwood	50b2d2c6c3	Default-disable the RPC methods { `z_getbalance`, `getnetworkhashps` }, and the features { `gbt_oldhashes`, `deprecationinfo_deprecationheight` }. Also make sure that the `addrtype` feature is default-disabled regardless of the `ENABLE_WALLET` flag. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 03:32:53 +01:00
Daira-Emma Hopwood	ba867612af	Document that `z_getpaymentdisclosure` and `z_validatepaymentdisclosure` are deprecated. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 02:31:45 +01:00
Daira-Emma Hopwood	8c965df2fd	Cosmetics in deprecation messages. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 02:31:45 +01:00
Daira-Emma Hopwood	2767e56801	Deprecate RPC methods { `getnetworkhashps`, `keypoolrefill`, `settxfee`, `createrawtransaction`, `fundrawtransaction`, `signrawtransaction` }. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 02:31:45 +01:00
Daira-Emma Hopwood	6cef229226	[doc] user/deprecation.md: add the version in which each feature was default-disabled. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2025-04-09 02:31:45 +01:00
Daira-Emma Hopwood	dacad3704a	Merge pull request #7014 from str4d/6982-deprecation-awareness Add a warning modal for zcashd deprecation	2025-04-08 20:11:01 +01:00
Jack Grigg	48ba891366	Add a warning modal for zcashd deprecation Closes zcash/zcash#6982.	2025-04-07 19:19:36 +00:00
Daira-Emma Hopwood	e818c7dbd8	Merge pull request #6997 from LarryRuane/2025-01-leveldb-index-performance dbwrapper: Bump max file size to 32 MiB (lightwalletd sync performance)	2025-04-07 16:53:17 +01:00
Jack Grigg	9714aa4cec	Merge pull request #7000 from LarryRuane/2025-01-shell-lint fix CI lint error	2025-04-07 16:14:55 +01:00
Daira-Emma Hopwood	5c4fe92ef8	Merge pull request #7001 from sandakersmann/master New checkpoint at block 2800000 for mainnet	2025-04-07 16:13:33 +01:00
Marius Kjærstad	f9bc542925	New checkpoint at block 2800000 for mainnet	2025-01-27 06:17:01 +01:00
Larry Ruane	8013e2eb65	fix CI lint error CI results: Run ./test/lint/lint-shell.sh In zcutil/libfuzzer/libfuzzer-build.sh line 67: shift ^---^ SC2317 (info): Command appears to be unreachable. Check usage (or ignore if invoked indirectly). For more information: https://www.shellcheck.net/wiki/SC2317 -- Command appears to be unreachable...	2025-01-23 12:08:42 -07:00
Maciej S. Szmigiero	d48c5a9ec1	dbwrapper: Bump max file size to 32 MiB The default max file size for LevelDB is 2 MiB, which results in the LevelDB compaction code generating ~4 disk cache flushes per second when syncing with the Bitcoin network. These disk cache flushes are triggered by fdatasync() syscall issued by the LevelDB compaction code when reaching the max file size. If the database is on a HDD this flush rate brings the whole system to a crawl. It also results in very slow throughput since 2 MiB * 4 flushes per second is about 8 MiB / second max throughput, while even an old HDD can pull 100 - 200 MiB / second streaming throughput. Increase the max file size for LevelDB to 32 MiB instead so the flush rate drops significantly and the system no longer gets so sluggish. The new max file size value chosen is a compromise between the one that works best for HDD and SSD performance, as determined by benchmarks done by various people. (cherry picked from commit bitcoin/bitcoin@b73d331937)	2025-01-09 12:05:40 -07:00
Jack Grigg	a3435336b0	Merge pull request #6996 from zcash/update-deps Update dependencies for 6.2.0	2025-01-07 21:25:42 +00:00
Jack Grigg	400dcdf83e	CI: Migrate to `cargo-vet 0.10`	2025-01-07 20:33:39 +00:00
Jack Grigg	907a477c7f	cargo update	2025-01-07 20:33:39 +00:00
Jack Grigg	d21cb5409f	depends: cxx 1.0.136	2025-01-07 20:33:39 +00:00
Jack Grigg	0aac0db813	cargo vet prune	2025-01-07 20:33:39 +00:00
Jack Grigg	9c0a8ad776	depends: native_cmake 3.31.3	2025-01-07 20:33:39 +00:00
Jack Grigg	90ef1beea4	depends: native_xxhash 0.8.3	2025-01-07 20:33:39 +00:00
Jack Grigg	bf4c198e6b	depends: native_fmt 11.1.1	2025-01-07 20:33:39 +00:00
Jack Grigg	8e68e5b181	depends: utfcpp 4.0.6	2025-01-07 20:33:39 +00:00
Jack Grigg	e0c8daed68	Merge pull request #6995 from zcash/version-6.1.0 Merge 6.1.0 back into the main branch	2025-01-07 20:32:33 +00:00
Jack Grigg	eea3d68e57	Merge pull request #6993 from zcash/release-v6.1.0 Release v6.1.0	2025-01-05 16:10:39 +00:00
Jack Grigg	3c3c6ae85b	Update release notes with maintenance purpose	2025-01-02 19:25:26 +00:00
Jack Grigg	1847ee1b17	make-release.py: Updated book for 6.1.0.	2025-01-02 19:21:43 +00:00
Jack Grigg	64a32e0110	make-release.py: Updated release notes and changelog for 6.1.0.	2025-01-02 19:21:43 +00:00
Jack Grigg	d66219bb03	make-release.py: Updated manpages for 6.1.0.	2025-01-02 19:21:41 +00:00
Jack Grigg	50c2ce6abb	make-release.py: Versioning changes for 6.1.0.	2025-01-02 19:18:11 +00:00
Jack Grigg	26bdfcf9f0	qa: Postpone all dependency updates until after 6.1.0	2025-01-02 19:15:43 +00:00
Jack Grigg	4f9fb43a3d	Merge pull request #6987 from LarryRuane/2024-12-lockbox-value-logging move Lockbox value logging behind category valuepool	2025-01-02 18:39:25 +00:00
Jack Grigg	44f6202c72	qa: Fix line wrapping in `show_help`	2025-01-02 17:23:22 +00:00
Larry Ruane	7b5029eb9f	move Lockbox value logging behind category valuepool	2024-12-16 23:07:08 -07:00
Jack Grigg	99ad6fdc3a	Merge pull request #6964 from daira/mining-test-comment-offbyone Miner tests: correct a comment, and add another similar comment where it applies	2024-10-24 06:27:41 +01:00
Jack Grigg	7fbb055123	Merge pull request #6965 from daira/fix-getblocksubsidy-suggestions Fix getblocksubsidy suggestions	2024-10-24 06:26:28 +01:00
Jack Grigg	1e5eb36466	Merge pull request #6967 from daira/fix-test_checkblock gtest/test_checkblock.cpp: fix a bug in MockCValidationState that was causing a test warning	2024-10-24 06:14:32 +01:00
Jack Grigg	c6dfd89530	Merge pull request #6968 from daira/update-daira-emma-keys Update Daira-Emma's gpg keys	2024-10-24 06:12:51 +01:00
Daira-Emma Hopwood	f6540856d2	Update Daira-Emma Hopwood's gpg keys. The key referred to by `daira-emma-old.asc` was used to sign the tags for zcashd v1.0.0-rc1, v1.0.0-rc2, and v1.0.0-rc3. All other zcashd signatures made by Daira-Emma used the key referred to by `daira-emma.asc`. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2024-10-09 15:12:17 +01:00
Daira-Emma Hopwood	7505afc78e	Miner tests: correct a comment, and add another similar comment where it applies. Doc-only. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2024-10-07 23:13:46 +01:00
Daira-Emma Hopwood	a2f63ffcf4	gtest/test_checkblock.cpp: fix a bug in MockCValidationState that was causing a test warning. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2024-10-07 22:48:47 +01:00
Daira-Emma Hopwood	4ddd3405c5	Simplify `GetActiveFundingStreamElements`. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2024-10-07 22:00:27 +01:00
Daira-Emma Hopwood	d60c51eb8d	sapling::Builder: add funding stream outputs in a more predictable order. Previously it was deterministic, but depended on details of the `operator<` implementations of `FundingStreamRecipient`, `SaplingPaymentAddress`, and `CScript`. Now it is just the same order as in `vFundingStreams`. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2024-10-07 22:00:27 +01:00
Daira-Emma Hopwood	e44be4f1f4	Funding streams: Rename INSUFFICIENT_ADDRESSES to INSUFFICIENT_RECIPIENTS. Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>	2024-10-07 21:52:51 +01:00
Daira-Emma Hopwood	238ffa4bec	Merge pull request #6966 from zcash/version-6.0.0 Version 6.0.0 post-release merge.	2024-10-07 21:44:58 +01:00
Kris Nuttycombe	857bd0d398	Merge pull request #6958 from zcash/release-v6.0.0 Release v6.0.0	2024-10-04 15:58:36 -06:00