Merge main & fix errors caused by the merge

.codespellrc

@@ -1,3 +1,3 @@
 [codespell]
-ignore-words-list=crate,Sur,inout
+ignore-words-list=crate,Sur,inout,Groth,groth,re-use,
 exclude-file=book/mermaid.min.js

.github/PULL_REQUEST_TEMPLATE/release-checklist.md

@@ -83,7 +83,9 @@ Check that the release will work:
 - [ ] Update crate versions, commit the changes to the release branch, and do a release dry-run:
 
 ```sh
-cargo release version --verbose --execute --allow-branch '*' --workspace --exclude zebrad beta
+cargo release version --verbose --execute --allow-branch '*' --workspace --exclude zebrad --exclude zebra-scan beta
+# Due to a bug in cargo-release, we need to pass an exact version here
+cargo release version --verbose --execute --allow-branch '*' --package zebra-scan 0.1.0-alpha.1
 cargo release version --verbose --execute --allow-branch '*' --package zebrad patch # [ major | minor | patch ]
 cargo release replace --verbose --execute --allow-branch '*' --package zebrad
 cargo release commit --verbose --execute --allow-branch '*'

.github/workflows/ci-lint.yml

@@ -160,7 +160,7 @@ jobs:
     needs: changed-files
     steps:
       - uses: actions/checkout@v4.1.1
-      - uses: plettich/action-codespell@master
+      - uses: codespell-project/actions-codespell@v2.0
         with:
-          github_token: ${{ secrets.github_token }}
-          level: warning
+          only_warn: 1
+

.github/workflows/ci-unit-tests-docker.yml

@@ -43,6 +43,7 @@ on:
       - '.github/workflows/sub-deploy-integration-tests-gcp.yml'
       - '.github/workflows/sub-build-docker-image.yml'
       - '.github/workflows/sub-find-cached-disks.yml'
+      - '.github/workflows/sub-test-zebra-config.yml'
 
   push:
     branches:

.github/workflows/sub-test-zebra-config.yml

@@ -32,7 +32,7 @@ jobs:
   test-docker-config:
     name: Test ${{ inputs.test_id }} in Docker
     timeout-minutes: 30
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-m
     steps:
       - uses: actions/checkout@v4.1.1
         with:

CHANGELOG.md

@@ -5,6 +5,62 @@ All notable changes to Zebra are documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org).
 
+## [Zebra 1.5.0](https://github.com/ZcashFoundation/zebra/releases/tag/v1.5.0) - 2023-11-28
+
+This release:
+- fixes a panic that was introduced in Zebra v1.4.0, which happens in rare circumstances when reading cached sprout or history trees. 
+- further improves how Zebra recovers from network interruptions and prevents potential network hangs.
+- limits the ability of synthetic nodes to spread throughout the network through Zebra to address some of the Ziggurat red team report.
+
+As of this release, Zebra requires Rust 1.73 to build.
+
+Finally, we've added an experimental "shielded-scan" feature and the zebra-scan crate as steps
+towards supporting shielded scanning in Zebra. This feature has known security issues.
+It is for experimental use only. Ongoing development is tracked in issue [#7728](https://github.com/ZcashFoundation/zebra/issues/7728).
+
+### Important Security Warning
+
+Do not use regular or sensitive viewing keys with Zebra's experimental scanning feature. Do not use this
+feature on a shared machine. We suggest generating new keys for experimental use.
+
+### Security
+
+- security(net): Stop sending peer addresses from version messages directly to the address book ([#7977](https://github.com/ZcashFoundation/zebra/pull/7977))
+- security(net): Limit how many addresses are sent directly to the address book for a single peer address message ([#7952](https://github.com/ZcashFoundation/zebra/pull/7952))
+- security(net): Rate-limit GetAddr responses to avoid sharing the entire address book over a short period ([#7955](https://github.com/ZcashFoundation/zebra/pull/7955))
+
+### Added
+
+- feat(config): Add config field for the viewing keys used by zebra-scan ([#7949](https://github.com/ZcashFoundation/zebra/pull/7949))
+- feat(scan): Add on-disk database to store keys and scan results ([#7942](https://github.com/ZcashFoundation/zebra/pull/7942), [#8036](https://github.com/ZcashFoundation/zebra/pull/8036))
+- feat(scan): Spawn zebra-scan task from zebrad with configured viewing keys ([#7989](https://github.com/ZcashFoundation/zebra/pull/7989))
+- feat(scan): Create a scan_block function to use across scanning tasks ([#7994](https://github.com/ZcashFoundation/zebra/pull/7994))
+- feat(scan): Scan blocks with Sapling keys and write the results to the database ([#8040](https://github.com/ZcashFoundation/zebra/pull/8040))
+- poc(scan): Proof of concept for shielded scanning ([#7758](https://github.com/ZcashFoundation/zebra/pull/7758))
+- add(docker): Add `ldb` RocksDB query tool to the Dockerfile ([#8074](https://github.com/ZcashFoundation/zebra/pull/8074))
+
+### Changed
+
+- change(state): Expose ZebraDb methods that can create different kinds of databases ([#8002](https://github.com/ZcashFoundation/zebra/pull/8002))
+- change(state): Make the types for finalized blocks consistent ([#7923](https://github.com/ZcashFoundation/zebra/pull/7923))
+- change(scan): Create a scanner storage database ([#8031](https://github.com/ZcashFoundation/zebra/pull/8031))
+- change(scan): Store scanned TXIDs in "display order" ([#8057](https://github.com/ZcashFoundation/zebra/pull/8057))
+- change(scan): Create a function that scans one block by height, and stores the results in the database ([#8045](https://github.com/ZcashFoundation/zebra/pull/8045))
+- change(scan): Store one transaction ID per database row, to make queries easier ([#8062](https://github.com/ZcashFoundation/zebra/pull/8062))
+- change(log): Silence verbose failed connection logs ([#8072](https://github.com/ZcashFoundation/zebra/pull/8072))
+
+### Fixed
+
+- fix(db): Fix a sprout/history tree read panic in Zebra v1.4.0, which only happens before the 25.3.0 state upgrade completes ([#7972](https://github.com/ZcashFoundation/zebra/pull/7972))
+- fix(net): Fix potential network hangs, and reduce code complexity ([#7859](https://github.com/ZcashFoundation/zebra/pull/7859))
+- fix(scan): Start scanning task only if there are keys to scan ([#8059](https://github.com/ZcashFoundation/zebra/pull/8059))
+- fix(rpc): Make the `verbose` argument of the `getrawtransaction` RPC optional ([#8076](https://github.com/ZcashFoundation/zebra/pull/8076))
+
+### Contributors
+
+Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
+@arya2, @oxarbitrage, @teor2345 and @upbqdn
+
 ## [Zebra 1.4.0](https://github.com/ZcashFoundation/zebra/releases/tag/v1.4.0) - 2023-11-07
 
 Zebra's mining RPCs are now available in release builds. Our Docker images are significantly
@@ -1623,7 +1679,7 @@ Zebra's latest beta fixes a `cargo install` build failure in the previous beta r
 
 #### Logging
 
-- Log hashes as hex strings in block committment errors (#4021)
+- Log hashes as hex strings in block commitment errors (#4021)
 
 #### Tests
 
@@ -1665,7 +1721,7 @@ As part of the RPC changes, we made performance improvements to cached state acc
 #### Others
 
 - Added `TransactionsByMinedId` to mempool (#3907)
-- Added code owners and automatic review assigment to the repository (#3677 #3708 #3718)
+- Added code owners and automatic review assignment to the repository (#3677 #3708 #3718)
 - Validate ZIP-212 grace period blocks using checkpoints (#3889)
 - Store Sapling and Orchard note commitment trees in finalized and non-finalized state (#3818)
 - Get addresses from transparent outputs (#3802)
@@ -2388,7 +2444,7 @@ Zebra's latest alpha continues our work on NU5, including Orchard and Transactio
 
 - Test consensus-critical Amount deserialization (#2487)
 - Update to use new GitHub action names in Google Cloud workflows (#2533)
-- Add test intialization helper function for tests (#2539)
+- Add test initialization helper function for tests (#2539)
 
 ### Changed
 
@@ -2981,7 +3037,7 @@ Some notable changes include:
 
 ### Changed
 - Export new precompute api in zebra-script (#1493)
-- Rewrite peer block request hander to match the zcashd implementation (#1518)
+- Rewrite peer block request handler to match the zcashd implementation (#1518)
 
 ### Fixed
 - Avoid panics when there are multiple failures on the same connection (#1600)