0.23.0-beta.3

Release: 0.23.0-beta.3

0.23.0-beta.2

Release: 0.23.0-beta.2

0.23.0-beta.1

Release: 0.23.0-beta.1

0.23.0-beta.0

Dependencies

Replica

Updated replica to elected commit 2c0b76cfc7e596d5c4304cff5222a2619294c8c1.
This incorporates the following executed proposals:

• 131390
• 131055
• 131054
• 131032
• 131028
• 130985
• 130984
• 130819
• 130818
• 130748
• 130749
• 130728
• 130727
• 130409
• 130408
• 130392
• 130400
• 130315
• 130134
• 130083
• 129747
• 129746
• 129706
• 129697
• 129696
• 129628
• 129627
• 129494
• 129493
• 129428
• 129427
• 129423
• 129408
• 129379
• 129378
• 129084
• 129081
• 129035
• 128876
• 128904
• 128864
• 128816
• 128846
• 128806
• 128805
• 128296
• 128295
• 128171
• 128155

feat: generate .env files for Motoko canisters

feat: support "security_policy" and "disable_security_policy_warning" in .ic-assets.json5

This change has an accompanying migration guide. Please see the 0.23.0 migration guide for instructions on how to adapt your project to this feature.

It is now possible to specify a "security_policy" field in .ic-assets.json5 for asset configurations.
Valid options are "disabled", "standard", and "hardened".
The security policy provides a set of standard headers to make frontends more secure.
Headers manually specified in the "headers" field take precedence over the security policy headers.

If "security_policy" is not specified or "disabled" is set, then no headers are added. If "security_policy" is not set at all, a warning is displayed that there is no security policy set.

If "standard" is specified, a set of security headers is added to the asset. The headers can be displayed with dfx info security-policy.
It is a set of security headers that will work for most dapps. A warning is displayed that the headers could be hardened.

If "hardened" is set, the same headers as with "standard" are added.
The asset sync expects that improved headers are set that would improve security where appropriate.
If no custom headers are present the asset sync will fail with an error.

All warnings regarding security policies can be disabled with ``"disable_security_policy_warning": true`. It needs to be set per asset.

The standard/hardened security policy headers can be seen with dfx info security-policy.
It also contains a lot of suggestions on how to harden the policy.

Updated the starter projects to use "security_policy" instead of including the whole security policy by defining individual headers.

feat: dfx info security-policy

Shows the headers that get applied to assets that are configured to "security_policy": "standard" or "security_policy": "hardened" in .ic-assets.json5.
Produces output that can be directly pasted into a .json5 document.

feat: dfx extension install <url to extension.json>

It's now possible for dfx extension install to install an extension from
somewhere other than https://github.com/dfinity/dfx-extensions, by passing
a URL to an extension.json file rather than an extension name.

For example, these are equivalent:

dfx extension install nns
dfx extension install https://raw.githubusercontent.com/dfinity/dfx-extensions/main/extensions/nns/extension.json

This update also adds the optional field download_url_template to extension.json,
which dfx will use to locate an extension release archive.

fix: dfx extension install no longer reports an error if the extension is already installed

However, if a version is specified with --version, and the installed version is different,
then dfx extension install will still report an error.

fix: dfx ledger create-canister sets controller properly

A recent hotfix to the CMC changed how the arguments to notify_create_canister need to be passed.
dfx now again properly calls that function.

feat: display replica port in dfx start

This replaces the dashboard link, which is now shown only in verbose mode. This should hopefully be less confusing for new users.

feat!: add crate field to dfx.json

It is now possible to specify a particular crate within a Rust package to use for a canister module, using the crate field.
This enables specifying crates with different names than the package. In a few cases these were previously auto-detected
by dfx, you will need to add this field if you were using such a setup.

feat: the --wallet parameter now accepts an identity name

The --wallet parameter can now be either a principal or the name of an identity.

If the name of an identity, dfx looks up the associated wallet's principal.

This means --wallet <name> is the equivalent of --wallet $(dfx identity get-wallet --identity <name>).

fix: display error cause of some http-related errors

Some commands that download http resources, for example dfx extension install, will
once again display any error cause.

chore: remove the deprecated --use-old-metering flag

0.22.0

asset uploads: retry some HTTP errors returned by the replica

Now retries the following, with exponential backoff as is already done for connect and transport errors:

• 500 internal server error
• 502 bad gateway
• 503 service unavailable
• 504 gateway timeout
• 429 many requests

fix: Allow canisters to be deployed even if unrelated canisters in dfx.json are malformed

feat!: enable cycles ledger support unconditionally

chore!: removed unsafe-eval CSP from default starter template

To do this, the @dfinity/agent version was updated as well.

fix: dfx build no longer requires a password for password-protected identities

chore!: enforce --wallet requirement for dfx canister call --with-cycles earlier

feat: add dfx schema support for .json files related to extensions

• dfx schema --for extension-manifest corresponds to extension.json
• dfx schema --for extension-dependencies corresponds to dependencies.json

chore!: enforce minimum password length of 9 characters

The NIST guidelines require passwords to be longer than 8 characters.
This is now enforced when creating new identities.
Identities protected by a shorter password can still be decrypted.

feat: dfx extension install now uses the extension's dependencies.json file to pick the highest compatible version

feat: Enable threshold schnorr signatures for Bip340Secp256k1

Schnorr signature signing for Bip340Secp256k1 is now enabled.
A test key id Bip340Secp256k1:dfx_test_key is ready to be used by locally created canisters.

Dependencies

Replica

Updated replica to elected commit 5849c6daf2037349bd36dcb6e26ce61c2c6570d0.
This incorporates the following executed proposals:

• 130985
• 130984
• 130819
• 130818
• 130748
• 130749
• 130728
• 130727
• 130409
• 130408

Motoko

Updated Motoko to 0.11.2

0.21.0

feat: dfx killall

Introduced dfx killall, a command for killing DFX-started processes.

feat!: remove support for bitcoin query API

dfx call --query aaaaa-aa bitcoin_get_balance_query/bitcoin_get_utxos_query will result in an error.

fix: simplified log message when using the default shared network configuration

Now displays Using the default configuration for the local shared network.
instead of Using the default definition for the 'local' shared network because ~/.config/dfx/networks.json does not define it.

chore!: Improved error message about canister ranges when directly connecting to a node on a non-root subnet

feat: dfx start for the shared local network stores replica state files in unique directories by options

The state files for different replica versions are often incompatible,
so dfx start requires the --clean argument in order to reset data when
using different replica versions or different replica options.

For the local shared network, dfx now stores replica state files in different
directories, split up by replica version and options.

As an example, you'll be able to do things like this going forward:

dfx +0.21.0 start
(cd project1 && dfx deploy && dfx canister call ...)
dfx stop

dfx +0.22.0 start
# notice --clean is not required.
# even if --clean were passed, the canisters for project1 would be unaffected.
(cd project2 && dfx deploy)
# project1 won't be affected unless you call dfx in its directory
dfx stop

dfx +0.21.0 start
# the canisters are still deployed
(cd project1 && dfx canister call ...)

Prior to this change, the second dfx start would have had to include --clean,
which would have reset the state of the shared local network, affecting all projects.

This also means dfx start for the shared local network won't ever require you to pass --clean.

dfx start will delete old replica state directories. At present, it retains the 10 most recently used.

This doesn't apply to project-specific networks, and it doesn't apply with --pocketic.

It doesn't apply to project-specific networks because the project's canister ids would
reset anyway on first access. If you run dfx start in a project directory where dfx.json
defines the local network, you'll still be prompted to run with --clean if using a
different replica version or different replica options.

It doesn't apply to --pocketic because PocketIC does not yet persist any data.

feat: allow specifying encodings in .ic-assets.json

When uploading assets to an asset canister, dfx by default uploads .txt, .html and .js files in identity encoding but also in gzip encoding to the frontend canister if encoding saves bytes.
It is now possible to specify in .ic-assets.json which encodings are used besides identity.
Note that encodings are only used if the encoding saves bytes compared to identity or if identity is not a specified encoding.

Example: To turn off gzip for .js files and to turn on gzip for .jpg files, use this in .ic-assets.json:

{
  "match": "**/*.js",
  "encodings": ["identity"]
},
{
  "match": "**/*.jpg",
  "encodings": ["identity", "gzip"]
}

feat: dfx canister url

Add dfx canister url subcommand to display the url of a given canister. Basic usage as below:

dfx canister url <canister>

The <canister> argument specifies the name or id of the canister for which you want to display the url.

feat: log_visibility canister setting

Adds support for the log_visibility canister setting, which configures which users are allowed to read a canister's logs.
Valid options are controllers and public. The setting can be used with the --log-visibility flag in dfx canister create
and dfx canister update-settings, or in dfx.json under canisters[].initialization_values.log_visibility.

Asset canister synchronization

feat: support brotli encoding

Asset synchronization now not only supports identity and gzip, but also brotli encoding.
The default encodings are still

• identity and gzip for MIME types .txt, .html and .js
• identity for anything else

Dependencies

Frontend canister

fix!: URL decoding follows the whatwg standard

Previously, the frontend canister used custom logic to decode URLs.
The logic was replaced with a dependency that follows https://url.spec.whatwg.org/#percent-decode, which is what JavaScript's new Request("https://example.com/% $").url also uses.
This also drops support for decoding %% to %. % does no longer need to be encoded.

URLs that contain invalid encodings now return 400 Bad Request instead of 500 Internal Server Error

• Module hash: 2cc4ec4381dee231379270a08403c984986c9fc0c2eaadb64488b704a3104cc0
• #3767

Replica

Updated replica to elected commit 246d0ce0784d9990c06904809722ce5c2c816269.
This incorporates the following executed proposals:

• 130392
• 130400
• 130315
• 130134

0.22.0-beta.0

asset uploads: retry some HTTP errors returned by the replica

Now retries the following, with exponential backoff as is already done for connect and transport errors:

• 500 internal server error
• 502 bad gateway
• 503 service unavailable
• 504 gateway timeout
• 429 many requests

fix: Allow canisters to be deployed even if unrelated canisters in dfx.json are malformed

feat!: enable cycles ledger support unconditionally

chore!: removed unsafe-eval CSP from default starter template

To do this, the @dfinity/agent version was updated as well.

fix: dfx build no longer requires a password for password-protected identities

chore!: enforce --wallet requirement for dfx canister call --with-cycles earlier

feat: add dfx schema support for .json files related to extensions

• dfx schema --for extension-manifest corresponds to extension.json
• dfx schema --for extension-dependencies corresponds to dependencies.json

chore!: enforce minimum password length of 9 characters

The NIST guidelines require passwords to be longer than 8 characters.
This is now enforced when creating new identities.
Identities protected by a shorter password can still be decrypted.

feat: dfx extension install now uses the extension's dependencies.json file to pick the highest compatible version

feat: Enable threshold schnorr signatures for Bip340Secp256k1

Schnorr signature signing for Bip340Secp256k1 is now enabled.
A test key id Bip340Secp256k1:dfx_test_key is ready to be used by locally created canisters.

Dependencies

Replica

Updated replica to elected commit 5849c6daf2037349bd36dcb6e26ce61c2c6570d0.
This incorporates the following executed proposals:

• 130985
• 130984
• 130819
• 130818
• 130748
• 130749
• 130728
• 130727
• 130409
• 130408

Motoko

Updated Motoko to 0.11.2

0.21.0-beta.0

feat: dfx killall

Introduced dfx killall, a command for killing DFX-started processes.

feat!: remove support for bitcoin query API

dfx call --query aaaaa-aa bitcoin_get_balance_query/bitcoin_get_utxos_query will result in an error.

fix: simplified log message when using the default shared network configuration

Now displays Using the default configuration for the local shared network.
instead of Using the default definition for the 'local' shared network because ~/.config/dfx/networks.json does not define it.

chore!: Improved error message about canister ranges when directly connecting to a node on a non-root subnet

feat: dfx start for the shared local network stores replica state files in unique directories by options

The state files for different replica versions are often incompatible,
so dfx start requires the --clean argument in order to reset data when
using different replica versions or different replica options.

For the local shared network, dfx now stores replica state files in different
directories, split up by replica version and options.

As an example, you'll be able to do things like this going forward:

dfx +0.21.0 start
(cd project1 && dfx deploy && dfx canister call ...)
dfx stop

dfx +0.22.0 start
# notice --clean is not required.
# even if --clean were passed, the canisters for project1 would be unaffected.
(cd project2 && dfx deploy)
# project1 won't be affected unless you call dfx in its directory
dfx stop

dfx +0.21.0 start
# the canisters are still deployed
(cd project1 && dfx canister call ...)

Prior to this change, the second dfx start would have had to include --clean,
which would have reset the state of the shared local network, affecting all projects.

This also means dfx start for the shared local network won't ever require you to pass --clean.

dfx start will delete old replica state directories. At present, it retains the 10 most recently used.

This doesn't apply to project-specific networks, and it doesn't apply with --pocketic.

It doesn't apply to project-specific networks because the project's canister ids would
reset anyway on first access. If you run dfx start in a project directory where dfx.json
defines the local network, you'll still be prompted to run with --clean if using a
different replica version or different replica options.

It doesn't apply to --pocketic because PocketIC does not yet persist any data.

feat: allow specifying encodings in .ic-assets.json

When uploading assets to an asset canister, dfx by default uploads .txt, .html and .js files in identity encoding but also in gzip encoding to the frontend canister if encoding saves bytes.
It is now possible to specify in .ic-assets.json which encodings are used besides identity.
Note that encodings are only used if the encoding saves bytes compared to identity or if identity is not a specified encoding.

Example: To turn off gzip for .js files and to turn on gzip for .jpg files, use this in .ic-assets.json:

{
  "match": "**/*.js",
  "encodings": ["identity"]
},
{
  "match": "**/*.jpg",
  "encodings": ["identity", "gzip"]
}

feat: dfx canister url

Add dfx canister url subcommand to display the url of a given canister. Basic usage as below:

dfx canister url <canister>

The <canister> argument specifies the name or id of the canister for which you want to display the url.

feat: log_visibility canister setting

Adds support for the log_visibility canister setting, which configures which users are allowed to read a canister's logs.
Valid options are controllers and public. The setting can be used with the --log-visibility flag in dfx canister create
and dfx canister update-settings, or in dfx.json under canisters[].initialization_values.log_visibility.

Asset canister synchronization

feat: support brotli encoding

Asset synchronization now not only supports identity and gzip, but also brotli encoding.
The default encodings are still

• identity and gzip for MIME types .txt, .html and .js
• identity for anything else

Dependencies

Frontend canister

fix!: URL decoding follows the whatwg standard

Previously, the frontend canister used custom logic to decode URLs.
The logic was replaced with a dependency that follows https://url.spec.whatwg.org/#percent-decode, which is what JavaScript's new Request("https://example.com/% $").url also uses.
This also drops support for decoding %% to %. % does no longer need to be encoded.

URLs that contain invalid encodings now return 400 Bad Request instead of 500 Internal Server Error

• Module hash: 2cc4ec4381dee231379270a08403c984986c9fc0c2eaadb64488b704a3104cc0
• #3767

Replica

Updated replica to elected commit 246d0ce0784d9990c06904809722ce5c2c816269.
This incorporates the following executed proposals:

• 130392
• 130400
• 130315
• 130134

0.20.2

fix: dfx canister delete fails

dfx canister delete occasionally fails because it attempts to withdraw too many cycles from the canister before it is deleted.
Usually, dfx tries again with a larger margin of cycles, but sometimes this gets stuck.
It is now possible to use --initial-margin to manually supply a margin in case the automatic margin does not work.

perf: improve sync command performance

Improves sync (eg. dfx deploy, icx-asset sync) performance by parallelization:

• Make asset properties query faster by parallelization, significant improvement for canisters that have many assets
• Make chunk creation process faster, by increasing parallelization 4=>25, significant improvement when deploying lots of small assets

icx-asset: add support for log levels, defaulting to info

PocketIC support

Passing --pocketic to dfx start now starts a PocketIC server instead of the replica. PocketIC is lighter-weight than the replica and execution environment internals can be manipulated by REST commands. For more information, see the PocketIC readme.

feat: subaccount can be derived from principal in dfx ledger account-id

feat: dfx info candid-ui-url

dfx info candid-ui-url displays the URL to the Candid UI canister for an explicitly specified --network <network name> (or local by default).

chore: Improve help text of dfx identity new to include which characters are valid in identity names

fix: Capitalization of "Wasm" in docs and messages

The output of dfx canister status has been also changed to use consistent capitalization of words.

fix!(frontend-canister): include .well-known directory by default for asset upload

When uploading assets to an asset canister, dfx by default excludes directories and files with names that start with ..
dfx will start including folders with the name .well-known by default.
It is possible to override this in .ic-assets.json like this:

{
  "match": ".well-known",
  "ignore": true
}

fix: Transferring funds too early in dfx ledger create-canister with --next-to

When creating a canister with dfx ledger create-canister --next-to on a canister that does not exist (e.g., 2vxsx-fae), then the funds are first transferred away from the users account, but the call then fails to create the new canister, and the funds are not returned to the user's account.

Dependencies

Updated to agent-rs 0.35.0

Replica

Updated replica to elected commit ec35ebd252d4ffb151d2cfceba3a86c4fb87c6d6.
This incorporates the following executed proposals:

• 130083
• 129747
• 129746
• 129706
• 129697
• 129696
• 129628
• 129627

0.20.2-beta.0

fix: dfx canister delete fails

dfx canister delete occasionally fails because it attempts to withdraw too many cycles from the canister before it is deleted.
Usually, dfx tries again with a larger margin of cycles, but sometimes this gets stuck.
It is now possible to use --initial-margin to manually supply a margin in case the automatic margin does not work.

perf: improve sync command performance

Improves sync (eg. dfx deploy, icx-asset sync) performance by parallelization:

• Make asset properties query faster by parallelization, significant improvement for canisters that have many assets
• Make chunk creation process faster, by increasing parallelization 4=>25, significant improvement when deploying lots of small assets

icx-asset: add support for log levels, defaulting to info

PocketIC support

Passing --pocketic to dfx start now starts a PocketIC server instead of the replica. PocketIC is lighter-weight than the replica and execution environment internals can be manipulated by REST commands. For more information, see the PocketIC readme.

feat: subaccount can be derived from principal in dfx ledger account-id

feat: dfx info candid-ui-url

dfx info candid-ui-url displays the URL to the Candid UI canister for an explicitly specified --network <network name> (or local by default).

chore: Improve help text of dfx identity new to include which characters are valid in identity names

fix: Capitalization of "Wasm" in docs and messages

The output of dfx canister status has been also changed to use consistent capitalization of words.

fix!(frontend-canister): include .well-known directory by default for asset upload

When uploading assets to an asset canister, dfx by default excludes directories and files with names that start with ..
dfx will start including folders with the name .well-known by default.
It is possible to override this in .ic-assets.json like this:

{
  "match": ".well-known",
  "ignore": true
}

fix: Transferring funds too early in dfx ledger create-canister with --next-to

When creating a canister with dfx ledger create-canister --next-to on a canister that does not exist (e.g., 2vxsx-fae), then the funds are first transferred away from the users account, but the call then fails to create the new canister, and the funds are not returned to the user's account.

Dependencies

Updated to agent-rs 0.35.0

Replica

Updated replica to elected commit ec35ebd252d4ffb151d2cfceba3a86c4fb87c6d6.
This incorporates the following executed proposals:

• 130083
• 129747
• 129746
• 129706
• 129697
• 129696
• 129628
• 129627