Merge devnet-ready into testnet#2831
Conversation
|
🔄 AI review updated — Skeptic: VULNERABLE |
Point repository/homepage/author links, docs, and code-comment references at github.com/RaoFoundation now that the subtensor, polkadot-sdk, and frontier repos have been transferred.
Update e2e clone URLs for the moved btcli/bittensor repos, ai-review prompts and scripts, and the breaking-change ping to the arbos team (the old opentensor teams no longer exist).
github.repository now expands to RaoFoundation/subtensor, and Docker
rejects uppercase image names, so tagging ghcr.io/${{ github.repository }}
fails. Compute a lowercased image name and use it for all tags.
Images publish under the new org, so update compose files and image labels. The e2e workflow now tags the locally built localnet image via a workflow-level LOCALNET_IMAGE_NAME env, which the bittensor/btcli test harnesses read to override their old-namespace default.
Same pinned revisions, new home. polkadot-sdk URLs intentionally stay on opentensor (served via GitHub redirect): the frontier fork's pinned commit declares its polkadot-sdk deps by that URL, and cargo keys sources by URL, so flipping only our side would split the dependency graph into duplicate crates.
Merge commits after the org move read "from RaoFoundation/<branch>"; keep the opentensor patterns for merges predating it.
The flow-style matrix entry { name: new, ref: ${{ github.head_ref }} }
is invalid YAML (the expression braces terminate the flow mapping), so
GitHub reported the workflow file as broken on every push, repo-wide.
Use block style.
Org migration: update references for RaoFoundation
eco-tests changed — indexer review requiredThis PR modifies files under Changed files
|
|
|
||
| - name: Run Try Runtime Checks | ||
| uses: "paritytech/try-runtime-gha@v0.1.0" | ||
| uses: ./.github/actions/try-runtime |
There was a problem hiding this comment.
[HIGH] Local action is loaded from the PR checkout on pull_request
This pull_request workflow checks out the PR worktree and then executes ./.github/actions/try-runtime. After this lands, any future approved PR can modify .github/actions/try-runtime/action.yml and have arbitrary shell run on the self-hosted try-runtime runners before the runtime checks. The nucleus approval gate reduces drive-by risk, but this is a steady-state PR-controlled CI execution path. Load the action from a trusted ref/path, or keep using a pinned external action instead of executing the local action from the PR checkout.
| # Subtensor AI Review — Shared Context | ||
|
|
||
| You are reviewing a pull request to **opentensor/subtensor**, the Substrate-based runtime for the Bittensor blockchain (~$4B market cap). Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety. | ||
| You are reviewing a pull request to **RaoFoundation/subtensor**, the Substrate-based runtime for the Bittensor blockchain (~$4B market cap). Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety. |
There was a problem hiding this comment.
[HIGH] AI review trusted files are modified in this PR
This PR changes .github/ai-review/* files relative to the trusted base (README.md, auditor.md, common.md, post_review.py, prefetch.sh, and skeptic.md). The operating instructions for this review explicitly require flagging PR-side changes to .github/ai-review/* as HIGH or CRITICAL. Even if these lines are intended as an org rename, changes to review prompts and posting/prefetch scripts should be separated and reviewed against the trusted copies before a deployment fast-forward consumes them.
|
🔄 AI review updated — Skeptic: VULNERABLE |
…otkey-origin Charge hotkey-origin fees to the owning coldkey
| # Subtensor AI Review — Shared Context | ||
|
|
||
| You are reviewing a pull request to **opentensor/subtensor**, the Substrate-based runtime for the Bittensor blockchain (~$4B market cap). Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety. | ||
| You are reviewing a pull request to **RaoFoundation/subtensor**, the Substrate-based runtime for the Bittensor blockchain (~$4B market cap). Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety. |
There was a problem hiding this comment.
[HIGH] AI review trusted files are modified in this PR
This PR changes .github/ai-review/* relative to the trusted base copies. The review operating instructions require these changes to be flagged because PR-side prompt/tooling edits can affect later AI-review behavior once merged. Keep AI-review instruction/tooling changes out of a deployment fast-forward or land them through a separately scrutinized trusted-base update.
|
|
||
| - name: Run Try Runtime Checks | ||
| uses: "paritytech/try-runtime-gha@v0.1.0" | ||
| uses: ./.github/actions/try-runtime |
There was a problem hiding this comment.
[HIGH] Local action is loaded from the PR checkout on pull_request
This pull_request workflow checks out the PR head and then executes uses: ./.github/actions/try-runtime. After this merges, any future approved PR can modify that local composite action and have the self-hosted try-runtime runner execute arbitrary shell once CI is approved. This is a steady-state issue, not bootstrap-only. Use a pinned external action or execute the composite action from a trusted base/ref checkout instead of the PR worktree.
|
🔄 AI review updated — Skeptic: VULNERABLE |
Make `uidLookup` O(1) and bound its cost
| # Subtensor AI Review — Shared Context | ||
|
|
||
| You are reviewing a pull request to **opentensor/subtensor**, the Substrate-based runtime for the Bittensor blockchain (~$4B market cap). Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety. | ||
| You are reviewing a pull request to **RaoFoundation/subtensor**, the Substrate-based runtime for the Bittensor blockchain (~$4B market cap). Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety. |
There was a problem hiding this comment.
[HIGH] AI review trusted files are modified in this PR
The operating instructions for this run explicitly require flagging PR-side changes to .github/ai-review/* as HIGH or CRITICAL when they differ from the trusted base copies. This PR still modifies multiple AI-review files, including the shared trusted context here, so the review system’s instructions/prompts remain part of the diff being reviewed.
|
|
||
| - name: Run Try Runtime Checks | ||
| uses: "paritytech/try-runtime-gha@v0.1.0" | ||
| uses: ./.github/actions/try-runtime |
There was a problem hiding this comment.
[HIGH] Local action is loaded from the PR checkout on pull_request
This pull_request workflow checks out the PR code and then loads ./.github/actions/try-runtime from that checkout. After this merges, any future approved PR can modify .github/actions/try-runtime/action.yml and have its composite action body execute on the self-hosted try-runtime runners. The same pattern is repeated in the other try-runtime jobs. Load the action from a trusted base-branch checkout/path, or keep using a separately reviewed pinned external action, instead of resolving the composite action from contributor-controlled workspace contents.
|
🔄 AI review updated — Skeptic: VULNERABLE |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Summary
Fast-forward
testnetto matchdevnet-ready(spec 424).Brings in:
Test plan
Made with Cursor