fix(forge): adjust gas assertion CounterWithFallback (foundry-rs#14465 ) by Dargon789 · Pull Request #498 · Dargon789/foundry

Dargon789 · 2026-04-27T23:15:42Z

Motivation

Solution

PR Checklist

Added Tests
Added Documentation
Breaking changes

Summary by Sourcery

Add per-repository extra benchmark arguments support, refresh benchmark configuration/results, and adjust CI workflows accordingly.

New Features:

Allow benchmark repository specs to include optional extra arguments that are appended to all benchmark commands for that repo.

Bug Fixes:

Adjust the expected gas value for the CounterWithFallback deployment test fixture.

Enhancements:

Propagate per-repository extra arguments through benchmark projects so all forge benchmark commands can be selectively customized.
Expand and update the default benchmark repository sets and versions used in automation, including new aave-v4 coverage.
Improve CLI and workflow documentation for how to specify benchmark repositories and extra arguments.
Rename the Tempo CI job and split out the MPP e2e test into its own workflow.
Enable Docker publish workflow builds with cache disabled to ensure fresh images.

CI:

Update benchmark and core CI workflows to use a newer pinned version of the mold setup action.
Refine benchmark workflows to use dedicated repo lists per benchmark type and support passing extra per-repo forge arguments.
Reintroduce the MPP e2e test as a separate CI workflow with proper caching configuration while simplifying the original Tempo workflow.
Simplify docs and release workflows by removing sccache setup where no longer needed and updating linker setup.

…6495c0564878 to 9c9c13bf4c3f1adef0cc596abc155580bcb04444 (#14442) chore(deps): bump rui314/setup-mold Bumps [rui314/setup-mold](https://github.com/rui314/setup-mold) from 725a8794d15fc7563f59595bd9556495c0564878 to 9c9c13bf4c3f1adef0cc596abc155580bcb04444. - [Commits](rui314/setup-mold@725a879...9c9c13b) --- updated-dependencies: - dependency-name: rui314/setup-mold dependency-version: 9c9c13bf4c3f1adef0cc596abc155580bcb04444 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* ci: split MPP e2e into its own workflow Move the MPP e2e step from ci-tempo.yml into a standalone ci-mpp.yml workflow so transient HTTP 402 failures from the MPP RPC do not block the Tempo CI workflow. Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> * ci: rename sanity-check job to tempo-check Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> * ci: rename mpp-e2e job to mpp-check Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com>

…rs (#14470) * fix(benches): add repos + extra args support to prevent blocking errors * fix(ci): set `inputs.repos` default to empty * fix: remove `--verbose` flags * fix: exclude `uniswap/v4-core` `TickMathTestTest`

codesandbox · 2026-04-27T23:15:45Z

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

vercel · 2026-04-27T23:15:47Z

@mablr is attempting to deploy a commit to the Foundry development Team on Vercel.

A member of the Team first needs to authorize it.

sourcery-ai · 2026-04-27T23:15:49Z

Reviewer's Guide

Extends the benchmarking harness and CI workflows to support per-repo extra forge arguments (e.g. skipping specific tests), refreshes benchmark data and repository/version sets, adjusts a forge gas snapshot, and makes several CI workflow cleanups including mold version bumps and isolating MPP checks into their own workflow.

Sequence diagram for parsing repo specs and running forge with extra args

sequenceDiagram
    actor Dev
    participant GithubWorkflow as Github_workflow
    participant FoundryBench as foundry_bench_binary
    participant RepoConfig as RepoConfig_from_str
    participant BenchmarkProject as BenchmarkProject
    participant Forge as forge_cli

    Dev->>GithubWorkflow: Configure REPOS env (e.g. vectorized/solady:v0.1.26 --nmc LifebuoyTest)
    GithubWorkflow->>FoundryBench: Run foundry-bench --repos "$REPOS"
    FoundryBench->>FoundryBench: Split REPOS by comma into repo_specs
    loop For each repo_spec
        FoundryBench->>RepoConfig: from_str(spec)
        RepoConfig-->>FoundryBench: RepoConfig { org, repo, rev, extra_args }
        FoundryBench->>BenchmarkProject: setup_from_repo(config)
        BenchmarkProject-->>FoundryBench: BenchmarkProject { extra_args }
        FoundryBench->>BenchmarkProject: bench_forge_test(version, runs)
        BenchmarkProject->>BenchmarkProject: cmd("forge test")
        BenchmarkProject-->>FoundryBench: "forge test --nmc LifebuoyTest"
        FoundryBench->>Forge: Execute benchmark command
        Forge-->>FoundryBench: Timing and results
    end
    FoundryBench-->>GithubWorkflow: Generate benchmark markdown files

Class diagram for updated benchmarking config and project types

classDiagram
    class RepoConfig {
        +String name
        +String org
        +String repo
        +String rev
        +Option_String extra_args
        +from_str(spec String) Result_RepoConfig
    }

    class BenchmarkProject {
        +String name
        +TempProject temp_project
        +PathBuf root_path
        +Option_String extra_args
        +setup_from_repo(config RepoConfig) Result_BenchmarkProject
        +install_npm_dependencies(root_path PathBuf) Result_Unit
        +cmd(base String) String
        +hyperfine(benchmark_name String, version String, command String, runs usize, prepare Option_String, cleanup Option_String) Result_Unit
        +bench_forge_test(version String, runs usize) Result_Unit
        +bench_forge_build_with_cache(version String, runs usize) Result_Unit
        +bench_forge_build_no_cache(version String, runs usize) Result_Unit
        +bench_forge_fuzz_test(version String, runs usize) Result_Unit
        +bench_forge_coverage(version String, runs usize) Result_Unit
        +bench_forge_isolate_test(version String, runs usize) Result_Unit
    }

    class BENCHMARK_REPOS {
        +Vec_RepoConfig repos
        +iter() Iter_RepoConfig
        +find(predicate Fn_RepoConfig_bool) Option_RepoConfig
    }

    RepoConfig "1" <-- "*" BENCHMARK_REPOS : contains
    RepoConfig "1" --> "1" BenchmarkProject : configures

    class Cli {
        +Option_Vec_String benchmarks
        +Option_Vec_String repos
    }

    Cli "1" --> "*" RepoConfig : parses_from_strings

Flow diagram for CI benchmarks with per-repo extra forge arguments

flowchart TD
    subgraph Inputs
        A_REPOS_INPUT["GitHub input.repos (optional)"]
        A_DEFAULT_TEST["env.TEST_REPOS (comma-separated specs)"]
        A_ISOLATE["env.ISOLATE_TEST_REPOS"]
        A_BUILD["env.BUILD_REPOS"]
        A_COVERAGE["env.COVERAGE_REPOS"]
    end

    subgraph Jobs
        J_test["Job forge_test_bench"]
        J_isolate["Job forge_isolate_test_bench"]
        J_build["Job forge_build_bench"]
        J_coverage["Job forge_coverage_bench"]
    end

    A_REPOS_INPUT -->|If set| J_test
    A_DEFAULT_TEST -->|If input.repos empty| J_test

    A_REPOS_INPUT -->|If set| J_isolate
    A_ISOLATE -->|If input.repos empty| J_isolate

    A_REPOS_INPUT -->|If set| J_build
    A_BUILD -->|If input.repos empty| J_build

    A_REPOS_INPUT -->|If set| J_coverage
    A_COVERAGE -->|If input.repos empty| J_coverage

    subgraph FoundryBenchCalls
        FB_test["foundry-bench --benchmarks forge_test"]
        FB_isolate["foundry-bench --benchmarks forge_isolate_test"]
        FB_build["foundry-bench --benchmarks forge_build_with_cache,forge_build_no_cache"]
        FB_coverage["foundry-bench --benchmarks forge_coverage"]
    end

    J_test -->|REPOS env| FB_test
    J_isolate -->|REPOS env| FB_isolate
    J_build -->|REPOS env| FB_build
    J_coverage -->|REPOS env| FB_coverage

    subgraph RepoSpecParsing
        P1["RepoConfig.from_str: split on whitespace into head and extra_args"]
        P2["Split head on ':' into repo_path and optional rev"]
        P3["Split repo_path into org and repo"]
        P4["Lookup defaults in BENCHMARK_REPOS or create new"]
        P5["Attach extra_args to RepoConfig and BenchmarkProject"]
    end

    FB_test --> P1
    FB_isolate --> P1
    FB_build --> P1
    FB_coverage --> P1

    P5 --> C1["BenchmarkProject.cmd(base) appends extra_args"]
    C1 --> C2["Hyperfine runs forge commands with per-repo flags"]

File-Level Changes

Change	Details	Files
Add support for per-repo extra forge CLI arguments in the benchmarking tool and wire them into benchmark commands.	Extend RepoConfig and BenchmarkProject with an optional extra_args field propagating from repo parsing to runtime execution. Update RepoConfig::from_str to parse specs of the form org/repo[:rev][ ] and inherit defaults from BENCHMARK_REPOS while allowing overrides for rev and extra_args. Introduce BenchmarkProject::cmd helper to append extra_args to base commands and update all forge-related benchmark invocations to use it. Clarify CLI help text for the --repos option to describe the new extended format and usage examples.	`benches/src/lib.rs` `benches/src/main.rs`
Refresh benchmark baselines and benchmark configuration to cover more repos and newer Foundry versions, while selectively skipping problematic tests.	Update LATEST.md with new benchmark date, repo list (including aave-v4), Foundry versions, timings across benchmarks, and system information. Redefine benchmark repo environment variables in benchmarks.yml into per-benchmark lists (TEST_REPOS, ISOLATE_TEST_REPOS, BUILD_REPOS, COVERAGE_REPOS) using the extended repo spec with per-repo --nmc filters to skip flaky/broken tests. Change benchmark workflow steps to consume the new env lists and adjust the forge_coverage step to use the COVERAGE_REPOS list instead of a single hard-coded repo.	`benches/LATEST.md` `.github/workflows/benchmarks.yml`
Tidy and restructure CI workflows, including mold action version bumps, MPP e2e isolation, and cache tweaks.	Rename the Tempo job in ci-tempo.yml from sanity-check to tempo-check and remove the inlined MPP e2e test from this workflow. Introduce a dedicated ci-mpp.yml workflow to run the MPP e2e test with sccache and rust-cache on depot runners, gated on the TEMPO_KEYS_TOML_B64 secret. Bump rui314/setup-mold action SHA to a newer version across multiple workflows and simplify docs, release, and other workflows by pruning some sccache-related setup where no longer needed. Update docker-publish to pass no-cache: true to docker/build-push-action.	`.github/workflows/ci-tempo.yml` `.github/workflows/ci-mpp.yml` `.github/workflows/release.yml` `.github/workflows/ci.yml` `.github/workflows/docs.yml` `.github/workflows/crate-checks.yml` `.github/workflows/test-flaky.yml` `.github/workflows/test-isolate.yml` `.github/workflows/test.yml` `.github/workflows/docker-publish.yml`
Adjust a forge CLI snapshot to match updated deployment gas for CounterWithFallback.	Update the expected deployment gas value for test contract CounterWithFallback in the CLI tests JSON snapshot.	`crates/forge/tests/cli/cmd.rs`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

snyk-io · 2026-04-27T23:15:53Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

gemini-code-assist

Code Review

This pull request introduces support for per-repository extra arguments in benchmark commands, allowing users to customize forge commands (e.g., skipping specific tests). It also updates the latest benchmark results and system information. A review comment suggests refining the repository configuration parsing to ensure that default extra arguments are not unintentionally overwritten when they are not explicitly provided in the input string.

sourcery-ai

Hey - I've left some high level feedback:

In RepoConfig::from_str, the error message still says Expected 'org/repo' or 'org/repo:rev' even though the parser now accepts extra args (e.g. org/repo:rev --nmc ...), so it would be clearer to update the message to reflect the full supported format.
The four separate env lists in benchmarks.yml (TEST_REPOS, ISOLATE_TEST_REPOS, BUILD_REPOS, COVERAGE_REPOS) repeat many of the same entries; consider factoring out a shared base list or adding a brief comment near each to reduce the risk of them drifting out of sync over time.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In `RepoConfig::from_str`, the error message still says `Expected 'org/repo' or 'org/repo:rev'` even though the parser now accepts extra args (e.g. `org/repo:rev --nmc ...`), so it would be clearer to update the message to reflect the full supported format.
- The four separate env lists in `benchmarks.yml` (TEST_REPOS, ISOLATE_TEST_REPOS, BUILD_REPOS, COVERAGE_REPOS) repeat many of the same entries; consider factoring out a shared base list or adding a brief comment near each to reduce the risk of them drifting out of sync over time.

Fix all in Cursor

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

vercel · 2026-04-27T23:20:47Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
next	Ready	Preview, Comment	Apr 27, 2026 11:21pm
react	Ready	Preview, Comment	Apr 27, 2026 11:21pm

* chore(deps): bump strum from 0.27.2 to 0.28.0 Bumps [strum](https://github.com/Peternator7/strum) from 0.27.2 to 0.28.0. - [Release notes](https://github.com/Peternator7/strum/releases) - [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md) - [Commits](https://github.com/Peternator7/strum/compare/v0.27.2...v0.28.0) --- updated-dependencies: - dependency-name: strum dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update crates/script/src/simulate.rs Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update crates/anvil/server/src/handler.rs Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix(forge): adjust gas assertion CounterWithFallback (foundry-rs#14465 ) (#498) * chore(deps): bump rui314/setup-mold from 725a8794d15fc7563f59595bd9556495c0564878 to 9c9c13bf4c3f1adef0cc596abc155580bcb04444 (#14442) chore(deps): bump rui314/setup-mold Bumps [rui314/setup-mold](https://github.com/rui314/setup-mold) from 725a8794d15fc7563f59595bd9556495c0564878 to 9c9c13bf4c3f1adef0cc596abc155580bcb04444. - [Commits](https://github.com/rui314/setup-mold/compare/725a8794d15fc7563f59595bd9556495c0564878...9c9c13bf4c3f1adef0cc596abc155580bcb04444) --- updated-dependencies: - dependency-name: rui314/setup-mold dependency-version: 9c9c13bf4c3f1adef0cc596abc155580bcb04444 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update flake.lock (#14458) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * fix(forge): adjust gas assertion `CounterWithFallback` (#14465) * chore: update latest benchmarks (#14467) * ci: split MPP e2e into its own workflow (#14468) * ci: split MPP e2e into its own workflow Move the MPP e2e step from ci-tempo.yml into a standalone ci-mpp.yml workflow so transient HTTP 402 failures from the MPP RPC do not block the Tempo CI workflow. Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> * ci: rename sanity-check job to tempo-check Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> * ci: rename mpp-e2e job to mpp-check Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> * Improve GH actions (#14473) * fix(benches): add repos + extra args support to prevent blocking errors (#14470) * fix(benches): add repos + extra args support to prevent blocking errors * fix(ci): set `inputs.repos` default to empty * fix: remove `--verbose` flags * fix: exclude `uniswap/v4-core` `TickMathTestTest` --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> * chore(deps): bump strum from 0.27.2 to 0.28.0 (#509) Bumps [strum](https://github.com/Peternator7/strum) from 0.27.2 to 0.28.0. - [Release notes](https://github.com/Peternator7/strum/releases) - [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md) - [Commits](https://github.com/Peternator7/strum/compare/v0.27.2...v0.28.0) --- updated-dependencies: - dependency-name: strum dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * gas-snapshot * chore(deps): bump similar-asserts from 1.7.0 to 2.0.0 (#508) Bumps [similar-asserts](https://github.com/mitsuhiko/similar-asserts) from 1.7.0 to 2.0.0. - [Changelog](https://github.com/mitsuhiko/similar-asserts/blob/main/CHANGELOG.md) - [Commits](https://github.com/mitsuhiko/similar-asserts/compare/1.7.0...2.0.0) --- updated-dependencies: - dependency-name: similar-asserts dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: sign release archives, docker images, and publish SBOMs (#520) * anvil: unify Tempo nonce markers across send RPCs (#14536) Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: steven <corderosteven6@gmail.com> Co-authored-by: stevencartavia <112043913+stevencartavia@users.noreply.github.com> Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de> * fix(forge): `flaky_gas_report_fallback_with_calldata` deployment cost (#14545) * chore(lint): add missing lints to README (#14551) * chore(bench): update `benchmark.sh` (#14548) Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de> * chore(clippy): fix for_kv_map and useless_borrows_in_formatting (#14554) * chore(clippy): fix for_kv_map and useless_borrows_in_formatting Amp-Thread-ID: https://ampcode.com/threads/T-019df0f9-62e7-74b8-bd5e-da2acce678fb Co-authored-by: Amp <amp@ampcode.com> * chore(clippy): drop redundant borrows in cheatcodes assert formatters Amp-Thread-ID: https://ampcode.com/threads/T-019df0f9-62e7-74b8-bd5e-da2acce678fb Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> * fix(ci): use `PATH_USD` fallback fee token in Mail templates (#14546) * chore(deps): bump the actions-weekly group with 3 updates (#14497) * refactor(chisel): migrate to solar (#14532) * feat(lint): add too-many-digits lint (#14549) * feat: feature-gate optimism deps in common-fmt, common, cast (#14539) * feat(forge): support per-test network selection via inline config (#14530) * feat(cli): `--tempo.expires` retry-safe mode (TIP-1009 expiring nonces) (#14521) * fix(forge): `per_test_network_routing` match undeterministic order (#14557) output * chore(ci): run tempo mainnet and testnet checks before devnet (#14556) * Update flake.lock (#14553) flake.lock: Update Flake lock file updates: • Updated input 'fenix': 'github:nix-community/fenix/f374034' (2026-04-25) → 'github:nix-community/fenix/74c1591' (2026-05-02) • Updated input 'fenix/rust-analyzer-src': 'github:rust-lang/rust-analyzer/8954b66' (2026-04-21) → 'github:rust-lang/rust-analyzer/64cdaeb' (2026-05-01) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/01fbdee' (2026-04-23) → 'github:NixOS/nixpkgs/c6d6588' (2026-05-01) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * chore(bench): update benchmark results (#14552) * fix(forge): ignore ETH_RPC_URL for test forking (#14555) Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * feat(cast): add Tempo keychain policy commands (#14531) * feat(cast): add tempo keychain policy commands * fix(cast): address keychain policy review * fix(cli): fix jsonwebtoken panic (#14562) `cast` panicked with this message coming from jsonwebtoken: ``` Call CryptoProvider::install_default() before this point to select a provider manually, or make sure exactly one of the 'rust_crypto' and 'aws_lc_rs' features is enabled. See the documentation of the CryptoProvider type for more information. ``` This seemingly was introduced with the bump of jsonwebtoken to 10. Now it requires you to pick one backend used by default controlled by the compile time cargo features or call `CryptoProvider::install_default()` at the beginning. I realized that probably it would be better to just select the feature and I picked `aws_lc_rs` as it seems to be increasingly a default and we already are using the C toolchain. Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * chore(cli): tidy ETH_RPC_URL handling and add forge regression test (#14559) Follow-up to #14555: - Drop the redundant flashbots branch in RpcOpts::dict; self.url(None) already returns FLASHBOTS_URL when --flashbots is set, so the subsequent overwrite was dead code. - Inline the resolve_rpc_url helper back into RpcCommonOpts::url; it was only called from one place and added unneeded surface area. - Restore the doc comment on RpcCommonOpts and document why ETH_RPC_URL is intentionally not a clap env on the shared field (so EvmArgs cannot inherit it). - Add an integration test that runs forge config with ETH_RPC_URL set in the environment and asserts that eth_rpc_url stays None, directly exercising the regression scenario from #14538. Amp-Thread-ID: https://ampcode.com/threads/T-019df243-267f-7779-93e1-5d6686082444 Co-authored-by: zerosnacks <zerosnacks@protonmail.com> Co-authored-by: Amp <amp@ampcode.com> * feat(cast): open Tempo wallet fund flow for MPP failures (#14505) * feat(cast): open Tempo wallet fund flow for MPP failures * ci(tempo): skip network checks without rpc secrets * Revert "ci(tempo): skip network checks without rpc secrets" This reverts commit f8dd70163f850b854888fd1c962174e1663284f4. * fix(common): address mpp funding review --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * ci: sign release archives, docker images, and publish SBOMs (#14563) - release.yml: emit per-archive sha256 + SPDX SBOM (Syft), cosign keyless sign-blob of the archive, and use actions/attest@v4 for both build provenance and SBOM attestations. Upload all artifacts to the draft release. - docker-publish.yml: enable BuildKit SBOM, capture the build digest, cosign keyless sign each pushed tag, and publish a Sigstore-signed SLSA provenance attestation via actions/attest with push-to-registry. - SECURITY.md: document how external users verify archives and the docker image (gh attestation, cosign, plain sha256, buildx imagetools). - README.md: link to the new verification section. * perf(common): short-circuit `find_by_name_or_identifier` instead of `collect` (#14514) * feat(foundryup): retry GitHub API fetches on transient errors (#14566) GitHub api.github.com occasionally returns transient 403s on certain VMs (per-IP rate limiting / WAF hiccups), causing foundryup to fail to resolve the latest stable / nightly release tag, e.g.: foundryup: fetching latest nightly releases from foundry-rs/foundry... Error: curl: (56) The requested URL returned error: 403 foundryup: failed to fetch releases from GitHub API Add curl/wget retry logic to the `fetch` helper (used exclusively for GitHub API releases endpoints): - curl: --retry 5 --retry-delay 2 --retry-max-time 60, plus --retry-all-errors when supported (curl 7.71+, feature-detected so older curl does not hard-fail). --retry-all-errors is required to retry HTTP 403, which is not in curl's default retryable set. - wget fallback: --tries=5 --waitretry=2 --retry-on-http-error=403,408,429,5xx. `fetch` now buffers to a temp file before emitting to stdout, since curl's --retry-all-errors is unsafe with piped consumers (mid-stream retries can duplicate bytes). Existing callers pipe into awk/grep. Tunable via FOUNDRYUP_MAX_RETRIES (default 5). `download` (binary tarballs, attestations, manpages) is intentionally left unchanged — those rarely fail and changing them affects the attestation existence check semantics. Bumps installer version 1.8.1 -> 1.8.2. Amp-Thread-ID: https://ampcode.com/threads/T-019df2f5-9b97-717a-b959-cf7cbc7ca3bb Co-authored-by: Amp <amp@ampcode.com> * feat(lint): project-wide passes + pragma-inconsistent (#14543) * feat(lint): project-wide passes + pragma-inconsistent * rm hashset, msg * test(lint): exhaustive pragma-inconsistent coverage + clearer testdata names (#14561) * test(lint): exhaustive coverage for pragma-inconsistent Follow-up to #14543 expanding test coverage for the cross-file `pragma-inconsistent` lint across the syntax variants users encounter in real Solidity projects. Multi-file scenarios (added as `forgetest!` cases in `crates/forge/tests/cli/lint.rs`, since they cannot be expressed in a single `.sol` testdata file): - Negative (must NOT warn): - all files use the same exact pragma (`0.8.20`) - all files use the same caret pragma (`^0.8.20`) - single file in the project - Positive (must warn): - duplicates among a conflict -- two identical files plus one different pragma still emits three warnings - Mixed: - file without an explicit pragma uses the test-utils default (`add_raw_source` is used to bypass the auto-injected pragma) Source bodies are pulled out into module-level `const` raw strings so rustfmt does not collapse the inline `\n`-escaped strings into wide horizontal blobs. Single-file scenarios (added as `.sol` files under `crates/lint/testdata/` in the existing `//~NOTE:` annotation style): - `PragmaInconsistentCaretVsTilde.sol`: `^0.8.20` vs `~0.8.20` - `PragmaInconsistentRangeVsExact.sol`: `>=0.8.0 <0.9.0` vs `0.8.20` -- range satisfies exact but lint is intentionally string-based, matching SLITHER-W1078 - `PragmaInconsistentOrVsExact.sol`: `0.8.20 || 0.8.21` vs `0.8.20` - `PragmaInconsistentThreeDistinct.sol`: `>=0.8.0`, `^0.8.0`, `~0.8.0` -- verifies the `others` list contains every other variant * test(lint): rename pragma-inconsistent testdata to describe the case under test The two testdata files added in #14543 were named `PragmaInconsistent.sol` and `PragmaInconsistent2.sol`, which made them look like duplicates. They actually exercise distinct edge cases of the same string-based detection: - `PragmaInconsistentCaretAboveExact.sol` (was `PragmaInconsistent.sol`): caret range whose lower bound is strictly below the exact version (`^0.8.0` + `0.8.18`). - `PragmaInconsistentCaretMatchesExact.sol` (was `PragmaInconsistent2.sol`): caret range whose lower bound equals the exact version (`^0.8.20` + `0.8.20`) -- the looks-the-same-but-still-distinct case that guards SLITHER-W1078 parity (no semver intersection). Amp-Thread-ID: https://ampcode.com/threads/T-019df243-267f-7779-93e1-5d6686082444 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> * refactor(script): reuse shared Tempo CLI opts (#14558) * deps: bump tempo to 6bf9903 (T6 hardfork) + fix alloy-evm 0.34 compat (#14567) * deps: bump tempo to 6bf9903 (T6 hardfork) Bumps tempo crates to 6bf9903d, adding the T6 hardfork variant to TempoHardfork. Without this, cast's tempo_forkSchedule lookup parses the chain's reported active fork ("T6") into TempoHardfork::FromStr, fails because T6 was unknown to the enum, and silently returns is_hardfork_active(T3) = false. That made 'cast keychain auth' fall back to the legacy authorizeKey selector and revert with LegacyAuthorizeKeySelectorChanged on any T6 chain. Also bumps alloy-evm to 0.34 and the optimism git pin to develop (e3b59e7) so alloy-op-evm picks up an EvmFactory impl built against alloy-evm 0.34. Removes the now-unused paradigmxyz/reth-core [patch] entries. No source changes; lockfile churn is transitive only. * fix: adapt AnvilBlockExecutor to alloy-evm 0.34.0 breaking changes - Add Send + 'static bounds to TxResult impl for AnvilTxResult<H> - Change commit_transaction return type from Result<GasOutput, BlockExecutionError> to GasOutput - Remove .expect() on commit_transaction call site Amp-Thread-ID: https://ampcode.com/threads/T-019df322-c0f1-73e7-858c-5ca2d242ddb4 * style: rustfmt commit_transaction signature Amp-Thread-ID: https://ampcode.com/threads/T-019df322-c0f1-73e7-858c-5ca2d242ddb4 --------- Co-authored-by: Centaur AI <ai@centaur.local> * docs: add forge lint rule docs (#14571) * feat(forge): add fuzz run selection (#14522) * feat(forge): add fuzz run selection * fix(fuzz): make metadata builder const * test(fuzz): cover generated seed replay * fix(forge): persist fuzz worker for run replay * fix(evm): satisfy clippy in fuzz replay * fix(fuzz): reuse fuzz run metadata * forge(lint/docs): validate deployed forge lint docs (#14573) test: validate deployed forge lint docs * feat: gate foundry-primitives behind optimism feature (#14572) * fix(ci): increase permissions for the enhanced attestation writing (#14584) * increase permissions for artifact writing * apply write permissions to release-docker * feat(hardforks, networks): gate optimism behind cargo feature (#14581) * fix(forge): encode Tempo creates as AA calls (#14585) * feat(anvil): gate optimism behind cargo feature (#14577) Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * feat(cast): introduce `vaddr` cmd for TIP-1022 (#14508) * feat(cast): introduce `vaddr` cmd for tip-1022 * fix: doc * chore: touch-ups * add tests * chore: move tests to tempo ci * feat: add vaddr watch test * feat: count 0 hadling, add `no_register` flag * fix: remove sweep subcommand * fix: make clippy happy * feat(bench): nightly regression tracking workflow (#14586) * fix(cli): fix release version strings for immutable tags, bump to 1.7.1 (#14496) * Fix release version metadata for immutable tags Amp-Thread-ID: https://ampcode.com/threads/T-019dd617-b29f-7409-8523-9858a1504f17 Co-authored-by: Amp <amp@ampcode.com> * Derive nightly release suffix from commit SHA Amp-Thread-ID: https://ampcode.com/threads/T-019dd617-b29f-7409-8523-9858a1504f17 Co-authored-by: Amp <amp@ampcode.com> * Apply suggestion from @zerosnacks * Apply suggestion from @zerosnacks * Apply suggestion from @zerosnacks * bump to v1.7.1 * avoid appending whole sha hash, not necessary, handle version cmp correctly. after v1.7.1 release we need to bump to v1.7.2 for nightlies following it to compare correctly * Make foundryVersionCmp tolerate new version format and add tests - Strip both pre-release ('-nightly', '-dev') and build metadata ('+<sha>.<ts>.<profile>') from SEMVER_VERSION before comparison so the cheatcode keeps working for tagged releases (which have no '-' separator). - Extract strip_semver_metadata helper and add Rust unit tests covering all SEMVER_VERSION shapes, version_cmp ordering, and parse_version rejection of pre-release/build/garbage input. - Extend the Solidity test suite for vm.getFoundryVersion()/foundryVersionCmp/foundryVersionAtLeast: validate MAJOR.MINOR.PATCH parseability, build profile value, cmp/atLeast invariant, and error paths for invalid user-supplied versions. Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c Co-authored-by: Amp <amp@ampcode.com> * fix(test): drop view from solidity tests using assert helpers and fix fmt - assertTrue/assertEq aren't view, so testGetFoundryVersionBuildProfile and testFoundryVersionCmpAndAtLeastAreConsistent can't be view either. - Collapse the buildType assertion onto one line to satisfy forge fmt. Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c Co-authored-by: Amp <amp@ampcode.com> * test(version): assert build profile is non-empty instead of debug|release The dist profile (used for distributed release binaries) is also valid; just require non-empty so any future profile works. Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c Co-authored-by: Amp <amp@ampcode.com> * Normalize nightly-<sha> to nightly in release_version Ensures tarball and Docker nightly artifacts produce the same version string. The commit identifier is already included in the SemVer build metadata (after `+`), so collapsing `nightly-<sha>` to `nightly` avoids duplicating the SHA in the pre-release tag. Co-authored-by: Amp <amp@ampcode.com> Amp-Thread-ID: https://ampcode.com/threads/T-019df79e-d4c9-707c-85eb-2efbf59160b3 --------- Co-authored-by: Centaur AI <ai@centaur.local> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: zerosnacks <zerosnacks@protonmail.com> * fix(evm): query `state_snapshot.storage` in `ForkDbStateSnapshot::storage_ref` (#14007) * fix(evm): query `state_snapshot.storage` in `ForkDbStateSnapshot::storage_ref` * test(evm): cover `ForkDbStateSnapshot::storage_ref` snapshot lookup * fix(cast): consistent `--json` output for `keychain` subcommands (#14590) - `keychain rl`: wrap remaining limit in `{"remaining":"..."}` object instead of emitting a bare JSON string - `keychain policy add-call`: emit `{"status":"already_present","target":"..."}` when the rule already exists, instead of plain text - `send_keychain_tx`: wrap sponsor hash in `{"sponsor_hash":"0x..."}` object when --tempo.print-sponsor-hash is used with --json Add CLI tests covering the rl and sponsor-hash JSON output shapes. * feat(tempo): add sponsored transaction plumbing (#14560) * feat(tempo): add sponsored transaction plumbing * addressing mablr comments * fix tempo sponsor signer future layout * preserve json output for tempo sponsor preview * fix(cast): `--json` output support for `vaddr` (#14591) * feat(tempo): add named nonce lanes (#14527) * fix(cheatcodes): transfer value for payable mock calls (#14547) * test: updated tests * fix: execute value transfer * test: improve * imp: review item * test: vm.prank test * imp: moved mocked-call handling after prank application --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * feat(lint): add inline-assembly lint (#14575) * feat(lint): add inline-assembly lint * lint(inline-assembly): also recognize `/// @solidity memory-safe-assembly` NatSpec Amp-Thread-ID: https://ampcode.com/threads/T-019df4b6-1b76-734c-9a9b-29db9fb7d461 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> * refactor(script): remove `ScriptConfig::{fee_token,expires_at}` in favour of `TempoOpts` (#14594) * feat(evm-core): gate optimism behind cargo feature (#14593) * fix(cli): resolve Tempo expires once (#14595) fix(cli): resolve tempo expires once * feat(cli): gate optimism behind cargo feature (#14596) * fix(anvil): classify EVM halts as transaction rejections (#14592) Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * feat: drop optimism deps under no-default-features (#14600) * fix(forge): `--fuzz-seed` parameter is not effective in `forge coverage` (#14610) fix --fuzz-seed not effective in forge coverage * fix(foundryup): mirror tag resolution for install & use (#14611) * fix(foundryup): mirror tag resolution for install & use * fix(foundryup): mirror semver version normalization in `use` `install` auto-prepends `v` to bare semver versions (e.g. `1.7.0` -> `v1.7.0`) so the on-disk directory is always `v`-prefixed. `use` was doing a literal lookup, so `foundryup -u 1.7.0` failed even though `foundryup -i 1.7.0` had succeeded. Broaden the channel `case` in `use()` to also match bare semver inputs (`MAJOR.MINOR.PATCH[-prerelease]`) so they go through the same `resolve_version_and_tag` normalizer. The pattern is intentionally tighter than `install`'s `[[:digit:]]*` so locally-built versions whose names happen to start with a digit are still looked up literally. Amp-Thread-ID: https://ampcode.com/threads/T-019dfc78-8557-712b-9944-bbff9a4a3b76 Co-authored-by: Amp <amp@ampcode.com> * chore(foundryup): clarify tag-resolution log and error messages Distinguish the GitHub API tag-resolution phase from the actual binary download by consistently referring to "release tag(s)" in the `resolve_version_and_tag` helper's `say` and `err` messages. Amp-Thread-ID: https://ampcode.com/threads/T-019dfc78-8557-712b-9944-bbff9a4a3b76 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> * fix(ci): keep no-default builds free of op deps (#14612) * feat: cast unauthorized flow → wallet.tempo access-key authorization (#14517) * feat: cast unauthorized flow → wallet.tempo access-key authorization Amp-Thread-ID: https://ampcode.com/threads/T-019df174-9538-713b-b8c9-5001b1ad4719 Co-authored-by: Amp <amp@ampcode.com> * fmt * feat(cast): replace TEMPO_NO_BROWSER env with flag * revert token addresses --------- Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * docs(expect-emit): clarify next-call semantics and warn about caught-revert leak (#14620) docs(cheatcodes): clarify expectEmit next-call semantics and caught-revert leak expectEmit is a 'next call' assertion. If the call immediately after expectEmit reverts and the revert is swallowed by the caller (low-level call or try/catch), the unmatched expectation can leak forward and be satisfied by a later unrelated emission, silently turning a broken test green. Document the constraint on the natspec for both no-arg and topic-checking overloads, and regenerate cheatcodes.json. Refs: https://github.com/foundry-rs/foundry/issues/14618 Amp-Thread-ID: https://ampcode.com/threads/T-019dfd96-7a03-7249-8c10-af20ee2729f5 Co-authored-by: Amp <amp@ampcode.com> * fix(cheatcodes): enforce `expectRevert` reverter address for CREATE frames (#14615) * fix(cheatcodes): enforce `expectRevert` reverter address for CREATE frames The reverter address argument to `vm.expectRevert` was silently ignored when the innermost reverting frame was a CREATE (top-level or nested), because create_end never populated `expected_revert.reverted_by`. Mirror call_end's logic in create_end: when the outcome reverts and a reverter address is expected, record outcome.address (revm guarantees this is Some(would-be address) whenever the constructor executed). Adds positive regression tests for top-level and nested-CREATE reverts, and a negative regression test asserting wrong-reverter now fails. Co-authored-by: Amp <amp@ampcode.com> * improve coverage * add Derek's suggested test cases * fix: forge fmt for ExpectRevert.t.sol Amp-Thread-ID: https://ampcode.com/threads/T-019dfdc5-5414-70b6-9f49-cb5797a37a29 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * fix(script): keep plain Tempo broadcasts non-AA (#14616) * fix(script): don't force Tempo AA fee_token from --network tempo alone Plain --network tempo (or any selection that just sets the network to Tempo) does not by itself imply a Tempo AA / type 0x76 transaction. Defaulting tempo.common.fee_token to PATH_USD_ADDRESS solely from evm_opts.networks.is_tempo() caused every unsigned broadcast tx to flow through TempoOpts::apply, which set fee_token on the request and promoted it to the Tempo AA tx envelope. Signers that only know how to sign ordinary Ethereum transactions (e.g. the Ledger Ethereum app) then rejected the transaction with 'received an unexpected empty response'. Gate the default on an actual Tempo AA opt-in: - --batch (Tempo batch txs are themselves AA and need a fee token), or - any explicit --tempo.* flag (sponsor, expiring nonce, nonce key/lane, ...) which already forces an AA tx and benefits from a default fee token. Explicit --tempo.fee-token continues to win over the default in all cases, and non-Tempo networks never default the fee token. Add unit tests for each scenario. Amp-Thread-ID: https://ampcode.com/threads/T-019dfd37-2354-712f-95b1-2584fd47ad5e Co-authored-by: Amp <amp@ampcode.com> * fix(script): don't force eth_estimateGas on plain Tempo broadcasts Plain --network tempo produces an ordinary EIP-1559/legacy transaction (see tempo-alloy::TempoTransactionRequest::output_tx_type), so the local simulation gas estimate is sufficient. Forcing RPC re-estimation in this case can surface node-side errors such as 'gas required exceeds allowance (0)' (Geth-style balance/gasPrice cap from eth_estimateGas) on flows that previously worked, including Ledger-signed broadcasts that just got unblocked from the type 0x76 regression. Match tempo-foundry's behaviour: only force eth_estimateGas on Tempo when the user has actually opted into Tempo AA semantics (--batch or any explicit --tempo.* flag). Extract the gating into needs_tempo_aa_rpc_estimate(...) and add focused unit tests mirroring the fee-token gating tests. Amp-Thread-ID: https://ampcode.com/threads/T-019dfd37-2354-712f-95b1-2584fd47ad5e Co-authored-by: Amp <amp@ampcode.com> * fix(script): don't re-estimate plain Tempo chain broadcasts --------- Co-authored-by: Amp <amp@ampcode.com> * fix(cheatcodes): preserve reverts with `expectEmit` (#14619) * test: added regression test * fix: re-order revert handling * refactor: simplify * lint: fmt * polish: tighten comment, extend test with revert reason and custom error Amp-Thread-ID: https://ampcode.com/threads/T-019dfd96-7a03-7249-8c10-af20ee2729f5 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> * feat(lint): add tx-origin detector (#14589) * feat(lint): add tx-origin detector * test(lint): address tx-origin review feedback * fix: ui bless * fix(lint): cover tx-origin index and ternary predicates * test(lint): bless tx-origin snapshot --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * refactor(tempo): prepare batch access key txs w/ helper (#14597) fix(tempo): prepare batch access key txs before estimation * fix(anvil): respect non-zero genesis block in Otterscan APIs (#14490) fix(anvil): respect non-zero genesis block in Otterscan APIs The three Otterscan address-history endpoints (`ots_searchTransactionsBefore`/`After`, `ots_getTransactionBySenderAndNonce`) hardcoded `unwrap_or(1)` / `unwrap_or_default()` as the lower bound of their block scan, which breaks when `genesis_block_number` is non-zero (e.g. `genesis.json` `number: 73`). Expose `Backend::genesis_number()` and fall back to `genesis_number() + 1` in non-fork mode, mirroring the existing post-fork `f.block_number() + 1` convention. --------- Co-authored-by: Isagi Yates <isagiyates@gmail.com> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: steven <corderosteven6@gmail.com> Co-authored-by: stevencartavia <112043913+stevencartavia@users.noreply.github.com> Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: figtracer <me@figtracer.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Sergei Shulepov <s.pepyakin@gmail.com> Co-authored-by: zerosnacks <zerosnacks@protonmail.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: cui <cuiweixie@gmail.com> Co-authored-by: Centaur AI <ai@centaur.local> Co-authored-by: Derek Cofausper <256792747+decofe@users.noreply.github.com> Co-authored-by: Nikki <gutonosa@protonmail.com> Co-authored-by: srdtrk <59252793+srdtrk@users.noreply.github.com> Co-authored-by: Mikhail Mikheev <16622558+mmv08@users.noreply.github.com> Co-authored-by: lazymio <mio@lazym.io> Co-authored-by: Emma Jamieson-Hoare <emmajam@users.noreply.github.com> Co-authored-by: VIkions <99107287+vikions@users.noreply.github.com> Co-authored-by: Aïssata <mikeslowcoder@proton.me> * ci: sign release archives, docker images, and publish SBOMs (#519) * anvil: unify Tempo nonce markers across send RPCs (#14536) Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: steven <corderosteven6@gmail.com> Co-authored-by: stevencartavia <112043913+stevencartavia@users.noreply.github.com> Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de> * fix(forge): `flaky_gas_report_fallback_with_calldata` deployment cost (#14545) * chore(lint): add missing lints to README (#14551) * chore(bench): update `benchmark.sh` (#14548) Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de> * chore(clippy): fix for_kv_map and useless_borrows_in_formatting (#14554) * chore(clippy): fix for_kv_map and useless_borrows_in_formatting Amp-Thread-ID: https://ampcode.com/threads/T-019df0f9-62e7-74b8-bd5e-da2acce678fb Co-authored-by: Amp <amp@ampcode.com> * chore(clippy): drop redundant borrows in cheatcodes assert formatters Amp-Thread-ID: https://ampcode.com/threads/T-019df0f9-62e7-74b8-bd5e-da2acce678fb Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> * fix(ci): use `PATH_USD` fallback fee token in Mail templates (#14546) * chore(deps): bump the actions-weekly group with 3 updates (#14497) * refactor(chisel): migrate to solar (#14532) * feat(lint): add too-many-digits lint (#14549) * feat: feature-gate optimism deps in common-fmt, common, cast (#14539) * feat(forge): support per-test network selection via inline config (#14530) * feat(cli): `--tempo.expires` retry-safe mode (TIP-1009 expiring nonces) (#14521) * fix(forge): `per_test_network_routing` match undeterministic order (#14557) output * chore(ci): run tempo mainnet and testnet checks before devnet (#14556) * Update flake.lock (#14553) flake.lock: Update Flake lock file updates: • Updated input 'fenix': 'github:nix-community/fenix/f374034' (2026-04-25) → 'github:nix-community/fenix/74c1591' (2026-05-02) • Updated input 'fenix/rust-analyzer-src': 'github:rust-lang/rust-analyzer/8954b66' (2026-04-21) → 'github:rust-lang/rust-analyzer/64cdaeb' (2026-05-01) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/01fbdee' (2026-04-23) → 'github:NixOS/nixpkgs/c6d6588' (2026-05-01) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * chore(bench): update benchmark results (#14552) * fix(forge): ignore ETH_RPC_URL for test forking (#14555) Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * feat(cast): add Tempo keychain policy commands (#14531) * feat(cast): add tempo keychain policy commands * fix(cast): address keychain policy review * fix(cli): fix jsonwebtoken panic (#14562) `cast` panicked with this message coming from jsonwebtoken: ``` Call CryptoProvider::install_default() before this point to select a provider manually, or make sure exactly one of the 'rust_crypto' and 'aws_lc_rs' features is enabled. See the documentation of the CryptoProvider type for more information. ``` This seemingly was introduced with the bump of jsonwebtoken to 10. Now it requires you to pick one backend used by default controlled by the compile time cargo features or call `CryptoProvider::install_default()` at the beginning. I realized that probably it would be better to just select the feature and I picked `aws_lc_rs` as it seems to be increasingly a default and we already are using the C toolchain. Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * chore(cli): tidy ETH_RPC_URL handling and add forge regression test (#14559) Follow-up to #14555: - Drop the redundant flashbots branch in RpcOpts::dict; self.url(None) already returns FLASHBOTS_URL when --flashbots is set, so the subsequent overwrite was dead code. - Inline the resolve_rpc_url helper back into RpcCommonOpts::url; it was only called from one place and added unneeded surface area. - Restore the doc comment on RpcCommonOpts and document why ETH_RPC_URL is intentionally not a clap env on the shared field (so EvmArgs cannot inherit it). - Add an integration test that runs forge config with ETH_RPC_URL set in the environment and asserts that eth_rpc_url stays None, directly exercising the regression scenario from #14538. Amp-Thread-ID: https://ampcode.com/threads/T-019df243-267f-7779-93e1-5d6686082444 Co-authored-by: zerosnacks <zerosnacks@protonmail.com> Co-authored-by: Amp <amp@ampcode.com> * feat(cast): open Tempo wallet fund flow for MPP failures (#14505) * feat(cast): open Tempo wallet fund flow for MPP failures * ci(tempo): skip network checks without rpc secrets * Revert "ci(tempo): skip network checks without rpc secrets" This reverts commit f8dd70163f850b854888fd1c962174e1663284f4. * fix(common): address mpp funding review --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * ci: sign release archives, docker images, and publish SBOMs (#14563) - release.yml: emit per-archive sha256 + SPDX SBOM (Syft), cosign keyless sign-blob of the archive, and use actions/attest@v4 for both build provenance and SBOM attestations. Upload all artifacts to the draft release. - docker-publish.yml: enable BuildKit SBOM, capture the build digest, cosign keyless sign each pushed tag, and publish a Sigstore-signed SLSA provenance attestation via actions/attest with push-to-registry. - SECURITY.md: document how external users verify archives and the docker image (gh attestation, cosign, plain sha256, buildx imagetools). - README.md: link to the new verification section. * perf(common): short-circuit `find_by_name_or_identifier` instead of `collect` (#14514) * feat(foundryup): retry GitHub API fetches on transient errors (#14566) GitHub api.github.com occasionally returns transient 403s on certain VMs (per-IP rate limiting / WAF hiccups), causing foundryup to fail to resolve the latest stable / nightly release tag, e.g.: foundryup: fetching latest nightly releases from foundry-rs/foundry... Error: curl: (56) The requested URL returned error: 403 foundryup: failed to fetch releases from GitHub API Add curl/wget retry logic to the `fetch` helper (used exclusively for GitHub API releases endpoints): - curl: --retry 5 --retry-delay 2 --retry-max-time 60, plus --retry-all-errors when supported (curl 7.71+, feature-detected so older curl does not hard-fail). --retry-all-errors is required to retry HTTP 403, which is not in curl's default retryable set. - wget fallback: --tries=5 --waitretry=2 --retry-on-http-error=403,408,429,5xx. `fetch` now buffers to a temp file before emitting to stdout, since curl's --retry-all-errors is unsafe with piped consumers (mid-stream retries can duplicate bytes). Existing callers pipe into awk/grep. Tunable via FOUNDRYUP_MAX_RETRIES (default 5). `download` (binary tarballs, attestations, manpages) is intentionally left unchanged — those rarely fail and changing them affects the attestation existence check semantics. Bumps installer version 1.8.1 -> 1.8.2. Amp-Thread-ID: https://ampcode.com/threads/T-019df2f5-9b97-717a-b959-cf7cbc7ca3bb Co-authored-by: Amp <amp@ampcode.com> * feat(lint): project-wide passes + pragma-inconsistent (#14543) * feat(lint): project-wide passes + pragma-inconsistent * rm hashset, msg * test(lint): exhaustive pragma-inconsistent coverage + clearer testdata names (#14561) * test(lint): exhaustive coverage for pragma-inconsistent Follow-up to #14543 expanding test coverage for the cross-file `pragma-inconsistent` lint across the syntax variants users encounter in real Solidity projects. Multi-file scenarios (added as `forgetest!` cases in `crates/forge/tests/cli/lint.rs`, since they cannot be expressed in a single `.sol` testdata file): - Negative (must NOT warn): - all files use the same exact pragma (`0.8.20`) - all files use the same caret pragma (`^0.8.20`) - single file in the project - Positive (must warn): - duplicates among a conflict -- two identical files plus one different pragma still emits three warnings - Mixed: - file without an explicit pragma uses the test-utils default (`add_raw_source` is used to bypass the auto-injected pragma) Source bodies are pulled out into module-level `const` raw strings so rustfmt does not collapse the inline `\n`-escaped strings into wide horizontal blobs. Single-file scenarios (added as `.sol` files under `crates/lint/testdata/` in the existing `//~NOTE:` annotation style): - `PragmaInconsistentCaretVsTilde.sol`: `^0.8.20` vs `~0.8.20` - `PragmaInconsistentRangeVsExact.sol`: `>=0.8.0 <0.9.0` vs `0.8.20` -- range satisfies exact but lint is intentionally string-based, matching SLITHER-W1078 - `PragmaInconsistentOrVsExact.sol`: `0.8.20 || 0.8.21` vs `0.8.20` - `PragmaInconsistentThreeDistinct.sol`: `>=0.8.0`, `^0.8.0`, `~0.8.0` -- verifies the `others` list contains every other variant * test(lint): rename pragma-inconsistent testdata to describe the case under test The two testdata files added in #14543 were named `PragmaInconsistent.sol` and `PragmaInconsistent2.sol`, which made them look like duplicates. They actually exercise distinct edge cases of the same string-based detection: - `PragmaInconsistentCaretAboveExact.sol` (was `PragmaInconsistent.sol`): caret range whose lower bound is strictly below the exact version (`^0.8.0` + `0.8.18`). - `PragmaInconsistentCaretMatchesExact.sol` (was `PragmaInconsistent2.sol`): caret range whose lower bound equals the exact version (`^0.8.20` + `0.8.20`) -- the looks-the-same-but-still-distinct case that guards SLITHER-W1078 parity (no semver intersection). Amp-Thread-ID: https://ampcode.com/threads/T-019df243-267f-7779-93e1-5d6686082444 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> * refactor(script): reuse shared Tempo CLI opts (#14558) * deps: bump tempo to 6bf9903 (T6 hardfork) + fix alloy-evm 0.34 compat (#14567) * deps: bump tempo to 6bf9903 (T6 hardfork) Bumps tempo crates to 6bf9903d, adding the T6 hardfork variant to TempoHardfork. Without this, cast's tempo_forkSchedule lookup parses the chain's reported active fork ("T6") into TempoHardfork::FromStr, fails because T6 was unknown to the enum, and silently returns is_hardfork_active(T3) = false. That made 'cast keychain auth' fall back to the legacy authorizeKey selector and revert with LegacyAuthorizeKeySelectorChanged on any T6 chain. Also bumps alloy-evm to 0.34 and the optimism git pin to develop (e3b59e7) so alloy-op-evm picks up an EvmFactory impl built against alloy-evm 0.34. Removes the now-unused paradigmxyz/reth-core [patch] entries. No source changes; lockfile churn is transitive only. * fix: adapt AnvilBlockExecutor to alloy-evm 0.34.0 breaking changes - Add Send + 'static bounds to TxResult impl for AnvilTxResult<H> - Change commit_transaction return type from Result<GasOutput, BlockExecutionError> to GasOutput - Remove .expect() on commit_transaction call site Amp-Thread-ID: https://ampcode.com/threads/T-019df322-c0f1-73e7-858c-5ca2d242ddb4 * style: rustfmt commit_transaction signature Amp-Thread-ID: https://ampcode.com/threads/T-019df322-c0f1-73e7-858c-5ca2d242ddb4 --------- Co-authored-by: Centaur AI <ai@centaur.local> * docs: add forge lint rule docs (#14571) * feat(forge): add fuzz run selection (#14522) * feat(forge): add fuzz run selection * fix(fuzz): make metadata builder const * test(fuzz): cover generated seed replay * fix(forge): persist fuzz worker for run replay * fix(evm): satisfy clippy in fuzz replay * fix(fuzz): reuse fuzz run metadata * forge(lint/docs): validate deployed forge lint docs (#14573) test: validate deployed forge lint docs * feat: gate foundry-primitives behind optimism feature (#14572) * fix(ci): increase permissions for the enhanced attestation writing (#14584) * increase permissions for artifact writing * apply write permissions to release-docker * feat(hardforks, networks): gate optimism behind cargo feature (#14581) * fix(forge): encode Tempo creates as AA calls (#14585) * feat(anvil): gate optimism behind cargo feature (#14577) Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * feat(cast): introduce `vaddr` cmd for TIP-1022 (#14508) * feat(cast): introduce `vaddr` cmd for tip-1022 * fix: doc * chore: touch-ups * add tests * chore: move tests to tempo ci * feat: add vaddr watch test * feat: count 0 hadling, add `no_register` flag * fix: remove sweep subcommand * fix: make clippy happy * feat(bench): nightly regression tracking workflow (#14586) * fix(cli): fix release version strings for immutable tags, bump to 1.7.1 (#14496) * Fix release version metadata for immutable tags Amp-Thread-ID: https://ampcode.com/threads/T-019dd617-b29f-7409-8523-9858a1504f17 Co-authored-by: Amp <amp@ampcode.com> * Derive nightly release suffix from commit SHA Amp-Thread-ID: https://ampcode.com/threads/T-019dd617-b29f-7409-8523-9858a1504f17 Co-authored-by: Amp <amp@ampcode.com> * Apply suggestion from @zerosnacks * Apply suggestion from @zerosnacks * Apply suggestion from @zerosnacks * bump to v1.7.1 * avoid appending whole sha hash, not necessary, handle version cmp correctly. after v1.7.1 release we need to bump to v1.7.2 for nightlies following it to compare correctly * Make foundryVersionCmp tolerate new version format and add tests - Strip both pre-release ('-nightly', '-dev') and build metadata ('+<sha>.<ts>.<profile>') from SEMVER_VERSION before comparison so the cheatcode keeps working for tagged releases (which have no '-' separator). - Extract strip_semver_metadata helper and add Rust unit tests covering all SEMVER_VERSION shapes, version_cmp ordering, and parse_version rejection of pre-release/build/garbage input. - Extend the Solidity test suite for vm.getFoundryVersion()/foundryVersionCmp/foundryVersionAtLeast: validate MAJOR.MINOR.PATCH parseability, build profile value, cmp/atLeast invariant, and error paths for invalid user-supplied versions. Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c Co-authored-by: Amp <amp@ampcode.com> * fix(test): drop view from solidity tests using assert helpers and fix fmt - assertTrue/assertEq aren't view, so testGetFoundryVersionBuildProfile and testFoundryVersionCmpAndAtLeastAreConsistent can't be view either. - Collapse the buildType assertion onto one line to satisfy forge fmt. Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c Co-authored-by: Amp <amp@ampcode.com> * test(version): assert build profile is non-empty instead of debug|release The dist profile (used for distributed release binaries) is also valid; just require non-empty so any future profile works. Amp-Thread-ID: https://ampcode.com/threads/T-019dd971-fcb7-7149-9680-f0134130844c Co-authored-by: Amp <amp@ampcode.com> * Normalize nightly-<sha> to nightly in release_version Ensures tarball and Docker nightly artifacts produce the same version string. The commit identifier is already included in the SemVer build metadata (after `+`), so collapsing `nightly-<sha>` to `nightly` avoids duplicating the SHA in the pre-release tag. Co-authored-by: Amp <amp@ampcode.com> Amp-Thread-ID: https://ampcode.com/threads/T-019df79e-d4c9-707c-85eb-2efbf59160b3 --------- Co-authored-by: Centaur AI <ai@centaur.local> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: zerosnacks <zerosnacks@protonmail.com> * fix(evm): query `state_snapshot.storage` in `ForkDbStateSnapshot::storage_ref` (#14007) * fix(evm): query `state_snapshot.storage` in `ForkDbStateSnapshot::storage_ref` * test(evm): cover `ForkDbStateSnapshot::storage_ref` snapshot lookup * fix(cast): consistent `--json` output for `keychain` subcommands (#14590) - `keychain rl`: wrap remaining limit in `{"remaining":"..."}` object instead of emitting a bare JSON string - `keychain policy add-call`: emit `{"status":"already_present","target":"..."}` when the rule already exists, instead of plain text - `send_keychain_tx`: wrap sponsor hash in `{"sponsor_hash":"0x..."}` object when --tempo.print-sponsor-hash is used with --json Add CLI tests covering the rl and sponsor-hash JSON output shapes. * feat(tempo): add sponsored transaction plumbing (#14560) * feat(tempo): add sponsored transaction plumbing * addressing mablr comments * fix tempo sponsor signer future layout * preserve json output for tempo sponsor preview * fix(cast): `--json` output support for `vaddr` (#14591) * feat(tempo): add named nonce lanes (#14527) * fix(cheatcodes): transfer value for payable mock calls (#14547) * test: updated tests * fix: execute value transfer * test: improve * imp: review item * test: vm.prank test * imp: moved mocked-call handling after prank application --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * feat(lint): add inline-assembly lint (#14575) * feat(lint): add inline-assembly lint * lint(inline-assembly): also recognize `/// @solidity memory-safe-assembly` NatSpec Amp-Thread-ID: https://ampcode.com/threads/T-019df4b6-1b76-734c-9a9b-29db9fb7d461 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> * refactor(script): remove `ScriptConfig::{fee_token,expires_at}` in favour of `TempoOpts` (#14594) * feat(evm-core): gate optimism behind cargo feature (#14593) * fix(cli): resolve Tempo expires once (#14595) fix(cli): resolve tempo expires once * feat(cli): gate optimism behind cargo feature (#14596) * fix(anvil): classify EVM halts as transaction rejections (#14592) Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * feat: drop optimism deps under no-default-features (#14600) * fix(forge): `--fuzz-seed` parameter is not effective in `forge coverage` (#14610) fix --fuzz-seed not effective in forge coverage * fix(foundryup): mirror tag resolution for install & use (#14611) * fix(foundryup): mirror tag resolution for install & use * fix(foundryup): mirror semver version normalization in `use` `install` auto-prepends `v` to bare semver versions (e.g. `1.7.0` -> `v1.7.0`) so the on-disk directory is always `v`-prefixed. `use` was doing a literal lookup, so `foundryup -u 1.7.0` failed even though `foundryup -i 1.7.0` had succeeded. Broaden the channel `case` in `use()` to also match bare semver inputs (`MAJOR.MINOR.PATCH[-prerelease]`) so they go through the same `resolve_version_and_tag` normalizer. The pattern is intentionally tighter than `install`'s `[[:digit:]]*` so locally-built versions whose names happen to start with a digit are still looked up literally. Amp-Thread-ID: https://ampcode.com/threads/T-019dfc78-8557-712b-9944-bbff9a4a3b76 Co-authored-by: Amp <amp@ampcode.com> * chore(foundryup): clarify tag-resolution log and error messages Distinguish the GitHub API tag-resolution phase from the actual binary download by consistently referring to "release tag(s)" in the `resolve_version_and_tag` helper's `say` and `err` messages. Amp-Thread-ID: https://ampcode.com/threads/T-019dfc78-8557-712b-9944-bbff9a4a3b76 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> * fix(ci): keep no-default builds free of op deps (#14612) * feat: cast unauthorized flow → wallet.tempo access-key authorization (#14517) * feat: cast unauthorized flow → wallet.tempo access-key authorization Amp-Thread-ID: https://ampcode.com/threads/T-019df174-9538-713b-b8c9-5001b1ad4719 Co-authored-by: Amp <amp@ampcode.com> * fmt * feat(cast): replace TEMPO_NO_BROWSER env with flag * revert token addresses --------- Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * docs(expect-emit): clarify next-call semantics and warn about caught-revert leak (#14620) docs(cheatcodes): clarify expectEmit next-call semantics and caught-revert leak expectEmit is a 'next call' assertion. If the call immediately after expectEmit reverts and the revert is swallowed by the caller (low-level call or try/catch), the unmatched expectation can leak forward and be satisfied by a later unrelated emission, silently turning a broken test green. Document the constraint on the natspec for both no-arg and topic-checking overloads, and regenerate cheatcodes.json. Refs: https://github.com/foundry-rs/foundry/issues/14618 Amp-Thread-ID: https://ampcode.com/threads/T-019dfd96-7a03-7249-8c10-af20ee2729f5 Co-authored-by: Amp <amp@ampcode.com> * fix(cheatcodes): enforce `expectRevert` reverter address for CREATE frames (#14615) * fix(cheatcodes): enforce `expectRevert` reverter address for CREATE frames The reverter address argument to `vm.expectRevert` was silently ignored when the innermost reverting frame was a CREATE (top-level or nested), because create_end never populated `expected_revert.reverted_by`. Mirror call_end's logic in create_end: when the outcome reverts and a reverter address is expected, record outcome.address (revm guarantees this is Some(would-be address) whenever the constructor executed). Adds positive regression tests for top-level and nested-CREATE reverts, and a negative regression test asserting wrong-reverter now fails. Co-authored-by: Amp <amp@ampcode.com> * improve coverage * add Derek's suggested test cases * fix: forge fmt for ExpectRevert.t.sol Amp-Thread-ID: https://ampcode.com/threads/T-019dfdc5-5414-70b6-9f49-cb5797a37a29 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * fix(script): keep plain Tempo broadcasts non-AA (#14616) * fix(script): don't force Tempo AA fee_token from --network tempo alone Plain --network tempo (or any selection that just sets the network to Tempo) does not by itself imply a Tempo AA / type 0x76 transaction. Defaulting tempo.common.fee_token to PATH_USD_ADDRESS solely from evm_opts.networks.is_tempo() caused every unsigned broadcast tx to flow through TempoOpts::apply, which set fee_token on the request and promoted it to the Tempo AA tx envelope. Signers that only know how to sign ordinary Ethereum transactions (e.g. the Ledger Ethereum app) then rejected the transaction with 'received an unexpected empty response'. Gate the default on an actual Tempo AA opt-in: - --batch (Tempo batch txs are themselves AA and need a fee token), or - any explicit --tempo.* flag (sponsor, expiring nonce, nonce key/lane, ...) which already forces an AA tx and benefits from a default fee token. Explicit --tempo.fee-token continues to win over the default in all cases, and non-Tempo networks never default the fee token. Add unit tests for each scenario. Amp-Thread-ID: https://ampcode.com/threads/T-019dfd37-2354-712f-95b1-2584fd47ad5e Co-authored-by: Amp <amp@ampcode.com> * fix(script): don't force eth_estimateGas on plain Tempo broadcasts Plain --network tempo produces an ordinary EIP-1559/legacy transaction (see tempo-alloy::TempoTransactionRequest::output_tx_type), so the local simulation gas estimate is sufficient. Forcing RPC re-estimation in this case can surface node-side errors such as 'gas required exceeds allowance (0)' (Geth-style balance/gasPrice cap from eth_estimateGas) on flows that previously worked, including Ledger-signed broadcasts that just got unblocked from the type 0x76 regression. Match tempo-foundry's behaviour: only force eth_estimateGas on Tempo when the user has actually opted into Tempo AA semantics (--batch or any explicit --tempo.* flag). Extract the gating into needs_tempo_aa_rpc_estimate(...) and add focused unit tests mirroring the fee-token gating tests. Amp-Thread-ID: https://ampcode.com/threads/T-019dfd37-2354-712f-95b1-2584fd47ad5e Co-authored-by: Amp <amp@ampcode.com> * fix(script): don't re-estimate plain Tempo chain broadcasts --------- Co-authored-by: Amp <amp@ampcode.com> * fix(cheatcodes): preserve reverts with `expectEmit` (#14619) * test: added regression test * fix: re-order revert handling * refactor: simplify * lint: fmt * polish: tighten comment, extend test with revert reason and custom error Amp-Thread-ID: https://ampcode.com/threads/T-019dfd96-7a03-7249-8c10-af20ee2729f5 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> * feat(lint): add tx-origin detector (#14589) * feat(lint): add tx-origin detector * test(lint): address tx-origin review feedback * fix: ui bless * fix(lint): cover tx-origin index and ternary predicates * test(lint): bless tx-origin snapshot --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> * refactor(tempo): prepare batch access key txs w/ helper (#14597) fix(tempo): prepare batch access key txs before estimation * fix(anvil): respect non-zero genesis block in Otterscan APIs (#14490) fix(anvil): respect non-zero genesis block in Otterscan APIs The three Otterscan address-history endpoints (`ots_searchTransactionsBefore`/`After`, `ots_getTransactionBySenderAndNonce`) hardcoded `unwrap_or(1)` / `unwrap_or_default()` as the lower bound of their block scan, which breaks when `genesis_block_number` is non-zero (e.g. `genesis.json` `number: 73`). Expose `Backend::genesis_number()` and fall back to `genesis_number() + 1` in non-fork mode, mirroring the existing post-fork `f.block_number() + 1` convention. --------- Co-authored-by: Isagi Yates <isagiyates@gmail.com> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: steven <corderosteven6@gmail.com> Co-authored-by: stevencartavia <112043913+stevencartavia@users.noreply.github.com> Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: figtracer <me@figtracer.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Sergei Shulepov <s.pepyakin@gmail.com> Co-authored-by: zerosnacks <zerosnacks@protonmail.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: cui <cuiweixie@gmail.com> Co-authored-by: Centaur AI <ai@centaur.local> Co-authored-by: Derek Cofausper <256792747+decofe@users.noreply.github.com> Co-authored-by: Nikki <gutonosa@protonmail.com> Co-authored-by: srdtrk <59252793+srdtrk@users.noreply.github.com> Co-authored-by: Mikhail Mikheev <16622558+mmv08@users.noreply.github.com> Co-authored-by: lazymio <mio@lazym.io> Co-authored-by: Emma Jamieson-Hoare <emmajam@users.noreply.github.com> Co-authored-by: VIkions <99107287+vikions@users.noreply.github.com> Co-authored-by: Aïssata <mikeslowcoder@proton.me> * Update .github/ISSUE_TEMPLATE/bug_report.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Tempo signer lookup and access key signing (#523) * Fix formatting in cargo.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Fix indentation for on_fail condition in CI config Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Fix indentation in CircleCI configuration Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * chore(deps): bump taiki-e/install-action from 2.62.21 to 2.62.31 (#139) Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.62.21 to 2.62.31. - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/v2.62.21...0005e0116e92d8489d8d96fbff83f061c79ba95a) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.62.31 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github/codeql-action from 3 to 4 (#138) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump snyk/actions Bumps [snyk/actions](https://github.com/snyk/actions) from 14818c4695ecc4045f33c9cee9e795a788711ca4 to 9adf32b1121593767fc3c057af55b55db032dc04. - [Release notes](https://github.com/snyk/actions/releases) - [Commits](https://github.com/snyk/actions/compare/14818c4695ecc4045f33c9cee9e795a788711ca4...9adf32b1121593767fc3c057af55b55db032dc04) --- updated-dependencies: - dependency-name: snyk/actions dependency-version: 9adf32b1121593767fc3c057af55b55db032dc04 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Update CircleCI config with comments and formatting Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update config.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update and rename ci-say-hello.yml to ci-web3-defi-gamefi.yml (#154) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Delete .circleci/ci-web3-defi-gamefi.yml (#155) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Delete .circleci/ci_deploy.yml (#158) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Delete .circleci/cargo.yml (#159) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * chore(deps): bump taiki-e/install-action from 2.62.31 to 2.62.33 (#162) Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.62.31 to 2.62.33. - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/0005e0116e92d8489d8d96fbff83f061c79ba95a...e43a5023a747770bfcb71ae048541a681714b951) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.62.33 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 4 to 5 (#163) Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Merge branch 'foundry-rs:master' (#164) * Create ci_cargo.yml (#72) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Create config.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Rename ci_cargo.yml to cargo.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * fix(fmt): handle trailing coments between base contracts (#12127) * fix(fmt): account for ternary operators when estimating size * fix(fmt): handle comments between inherited base contracts * test: layout + base inheritance * feat(forge): add bypass prevrandao (#12125) * feat(forge): add bypass prevrandao * Update crates/evm/networks/src/lib.rs Co-authored-by: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> * changes after review: remove duped code --------- Co-authored-by: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> * fix(fmt): filter libs wh…

dependabot Bot and others added 7 commits April 25, 2026 16:12

Update flake.lock (#14458)

dd0a687

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

fix(forge): adjust gas assertion CounterWithFallback (#14465)

13453b2

chore: update latest benchmarks (#14467)

54d536f

Improve GH actions (#14473)

0d8e650

gemini-code-assist Bot reviewed Apr 27, 2026

View reviewed changes

Comment thread benches/src/lib.rs

sourcery-ai Bot reviewed Apr 27, 2026

View reviewed changes

Dargon789 mentioned this pull request Apr 27, 2026

Sequence diagram for parsing repo specs and running forge with extra args #499

Closed

Dargon789 linked an issue Apr 27, 2026 that may be closed by this pull request

Sequence diagram for parsing repo specs and running forge with extra args #499

Closed

vercel Bot deployed to Preview – react April 27, 2026 23:20 View deployment

vercel Bot deployed to Preview – next April 27, 2026 23:21 View deployment

Dargon789 merged commit 5e16eb3 into Dargon789:foundry/master-test-UX Apr 27, 2026
8 of 10 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(forge): adjust gas assertion CounterWithFallback (foundry-rs#14465 )#498

fix(forge): adjust gas assertion CounterWithFallback (foundry-rs#14465 )#498
Dargon789 merged 7 commits into
Dargon789:foundry/master-test-UXfrom
foundry-rs:master

Dargon789 commented Apr 27, 2026 •

edited by sourcery-ai Bot

Loading

Uh oh!

codesandbox Bot commented Apr 27, 2026

Uh oh!

vercel Bot commented Apr 27, 2026

Uh oh!

sourcery-ai Bot commented Apr 27, 2026 •

edited

Loading

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

snyk-io Bot commented Apr 27, 2026

Uh oh!

gemini-code-assist Bot left a comment

Uh oh!

Uh oh!

sourcery-ai Bot left a comment

Uh oh!

vercel Bot commented Apr 27, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

Dargon789 commented Apr 27, 2026 • edited by sourcery-ai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Motivation

Solution

PR Checklist

Summary by Sourcery

Uh oh!

codesandbox Bot commented Apr 27, 2026

Review or Edit in CodeSandbox

Uh oh!

vercel Bot commented Apr 27, 2026

Uh oh!

sourcery-ai Bot commented Apr 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Reviewer's Guide

Sequence diagram for parsing repo specs and running forge with extra args

Class diagram for updated benchmarking config and project types

Flow diagram for CI benchmarks with per-repo extra forge arguments

File-Level Changes

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

snyk-io Bot commented Apr 27, 2026

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

Uh oh!

sourcery-ai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

vercel Bot commented Apr 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Dargon789 commented Apr 27, 2026 •

edited by sourcery-ai Bot

Loading

sourcery-ai Bot commented Apr 27, 2026 •

edited

Loading

vercel Bot commented Apr 27, 2026 •

edited

Loading