Revert "Merge v0.5.0 into master"

.github/CONTRIBUTING.md

@@ -35,6 +35,6 @@ and help.
 
 ## Configuration, dependencies, and tests
 
-Please see the [Developers' Guide](https://geth.ethereum.org/docs/developers/geth-developer/dev-guide)
+Please see the [Developers' Guide](https://geth.ethereum.org/docs/developers/devguide)
 for more details on configuring your environment, managing project dependencies
 and testing procedures.

.github/workflows/ci.yml

@@ -29,7 +29,7 @@ jobs:
 
         - uses: actions/setup-go@v3
           with:
-            go-version: 1.20.x
+            go-version: 1.19.x
 
         - name: Install dependencies on Linux
           if: runner.os == 'Linux'
@@ -98,7 +98,7 @@ jobs:
 
         - uses: actions/setup-go@v3
           with:
-            go-version: 1.20.x
+            go-version: 1.18.x
 
         - name: Checkout matic-cli
           uses: actions/checkout@v3

.github/workflows/packager.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@master
         with:
-          go-version: 1.20.x
+          go-version: 1.19
       - name: Adding TAG to ENV
         run: echo "GIT_TAG=`echo $(git describe --tags --abbrev=0)`" >> $GITHUB_ENV
 
@@ -47,7 +47,7 @@ jobs:
         run: cp -rp packaging/deb/bor packaging/deb/bor-${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
           ARCH: amd64
-
+          
       - name: Running package build
         run: dpkg-deb --build --root-owner-group packaging/deb/bor-${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
@@ -476,7 +476,7 @@ jobs:
           ARCH: amd64
           NODE: archive
           NETWORK: mainnet
-      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile
+      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile 
         run: dpkg-deb --build --root-owner-group packaging/deb/bor-${{ env.NETWORK }}-${{ env.NODE }}-config_${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
           ARCH: amd64
@@ -739,7 +739,7 @@ jobs:
           ARCH: arm64
           NODE: sentry
           NETWORK: mainnet
-      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile
+      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile 
         run: dpkg-deb --build --root-owner-group packaging/deb/bor-${{ env.NETWORK }}-${{ env.NODE }}-config_${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
           ARCH: arm64
@@ -849,13 +849,13 @@ jobs:
           ARCH: arm64
           NODE: validator
           NETWORK: mainnet
-      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile
+      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile 
         run: dpkg-deb --build --root-owner-group packaging/deb/bor-${{ env.NETWORK }}-${{ env.NODE }}-config_${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
           ARCH: arm64
           NODE: validator
           NETWORK: mainnet
-
+        
       - name: Updating the control file to use with the arm64 profile
         run: cp -rp packaging/templates/package_scripts/control.profile.arm64 packaging/deb/bor/DEBIAN/control
 
@@ -895,7 +895,7 @@ jobs:
           ARCH: arm64
           NODE: archive
           NETWORK: mumbai
-      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile
+      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile 
         run: dpkg-deb --build --root-owner-group packaging/deb/bor-${{ env.NETWORK }}-${{ env.NODE }}-config_${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
           ARCH: arm64
@@ -938,7 +938,7 @@ jobs:
           ARCH: arm64
           NODE: archive
           NETWORK: mainnet
-      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile
+      - name: Building bor ${{ env.NODE }} on ${{ env.NETWORK }} on ${{ env.ARCH }} profile 
         run: dpkg-deb --build --root-owner-group packaging/deb/bor-${{ env.NETWORK }}-${{ env.NODE }}-config_${{ env.GIT_TAG }}-${{ env.ARCH }}
         env:
           ARCH: arm64

.github/workflows/release.yml

@@ -21,7 +21,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@master
         with:
-          go-version: 1.20.x
+          go-version: 1.19.x
 
       - name: Prepare
         id: prepare

.github/workflows/security-ci.yml

@@ -2,6 +2,47 @@ name: Security CI
 on: [ push, pull_request ]
 
 jobs:
+  snyk:
+    name: Snyk and Publish
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/golang@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+          GOFLAGS: "-buildvcs=false"
+        with:
+          args: --org=${{ secrets.SNYK_ORG }} --severity-threshold=medium --sarif-file-output=snyk.sarif
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        continue-on-error: true
+        with:
+          sarif_file: snyk.sarif
+
+  snyk-code:
+    name: Snyk Code and Publish
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@master
+      - name: Run Snyk SAST to check for code vulnerabilities
+        uses: snyk/actions/golang@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --org=${{ secrets.SNYK_ORG }} --sarif-file-output=snyk.sarif
+          command: code test
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        continue-on-error: true
+        with:
+          sarif_file: snyk.sarif
+
   govuln:
     name: Run govuln check and Publish
     runs-on: ubuntu-latest
@@ -13,7 +54,8 @@ jobs:
         env:
           DEBUG: "true"
         with:
-          go-version: 1.20.5
+          go-version: 1.19
+          vulncheck-version: latest
           package: ./...
           github-token: ${{ secrets.GITHUB_TOKEN }}
           fail-on-vuln: true

.github/workflows/security-sonarqube-ci.yml

@@ -0,0 +1,32 @@
+name: SonarQube CI
+on:
+  push:
+    branches:
+      - develop
+
+jobs:
+  sonarqube:
+    name: SonarQube
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          # Disabling shallow clone is recommended for improving relevancy of reporting.
+          fetch-depth: 0
+
+      # Triggering SonarQube analysis as results of it are required by Quality Gate check.
+      - name: SonarQube Scan
+        uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+      # Check the Quality Gate status.
+      - name: SonarQube Quality Gate check
+        id: sonarqube-quality-gate-check
+        uses: sonarsource/sonarqube-quality-gate-action@master
+        # Force to fail step after specific time.
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

.golangci.yml

@@ -1,7 +1,7 @@
 # This file configures github.com/golangci/golangci-lint.
 
 run:
-  go: '1.20'
+  go: '1.18'
   timeout: 20m
   tests: true
   # default is true. Enables skipping of directories:
@@ -146,7 +146,7 @@ linters-settings:
 
 issues:
   exclude-rules:
-    - path: crypto/bn256/cloudflare/optate.go
+    - path: crypto/blake2b/
       linters:
         - deadcode
     - path: crypto/bn256/cloudflare

.goreleaser.yml

@@ -103,6 +103,11 @@ nfpms:
     scripts:
       postinstall: builder/files/bor-post-install.sh
 
+    overrides:
+      rpm:
+        replacements:
+          amd64: x86_64
+
 snapshot:
   name_template: "{{ .Tag }}.next"