0.15.2-replicatest.0

test

0.15.2-beta.2

fix: dfx canister delete <canister id> removes the related entry from the canister id store

Previously, deleting a canister in the project by id rather than by name
would leave the canister id in the canister id store. This would cause
dfx deploy to fail.

fix: dfx extension install can no longer create a corrupt cache directory

Running dfx cache delete && dfx extension install nns would previously
create a cache directory containing only an extensions subdirectory.
dfx only looks for the existence of a cache version subdirectory to
determine whether it has been installed. The end result was that later
commands would fail when the cache did not contain expected files.

fix: output_env_file is now considered relative to project root

The .env file location, whether specified as output_env_file in dfx.json
or --output-env-file <file> on the commandline, is now considered relative
to the project root, rather than relative to the current working directory.

feat: Read dfx canister install argument from a file

Enables passing large arguments that cannot be passed directly in the command line using the --argument-file flag. For example dfx canister install --argument-file ./my/argument/file.txt my_canister_name.

feat: change list_permitted and list_authorized to an update call.

This requires the list_authorized and list_permitted methods to be called as an update and disables the ability to
call it as a query call. This resolves a potential security risk.

fix: dfx ledger transfer now logs to stderr messages about duplicates rather than printing them to stdout

The message "transaction is a duplicate of another transaction in block ...", previously printed to stdout, is now logged to stderr. This means that the output of dfx ledger transfer to stdout will contain only "Transfer sent at block height ".

feat: added dfx cycles command

This won't work on mainnet yet, but can work locally after installing the cycles ledger.

Added the following subcommands:

• dfx cycles balance
• dfx cycles transfer <to> <amount> (transfer cycles from one account to another account)
• dfx cycles top-up <to> <amount> (send cycles from an account to a canister)

Dependencies

Motoko

Updated Motoko to 0.10.2

Frontend canister

Defining a custom etag header no longer breaks certification.

Fixed a certification issue where under certain conditions the fallback file (/index.html) was served with an incomplete certificate tree, not proving sufficiently that the fallback file may be used as a replacement.

• Module hash: 965c8899f0a033593dc9b1634b2ab4e0f3fd28c1cfa06993069be2040a2f700e
• #3429
• #3428
• #3421

Replica

Updated replica to elected commit 80a6745673a28ee53d257b3fe19dcd6b7efa93d1.
This incorporates the following executed proposals:

• 125343
• 125342
• 125321
• 125320
• 125002
• 125001
• 124858
• 124857

Bitcoin canister

Updated Bitcoin canister to release/2023-10-13

0.15.2-largewasms.1

Update CHANGELOG.md

0.15.2-largewasms.0

fix: deleting project canister by id will clean up canister id store.…

0.15.2-beta.1

feat: change list_permitted and list_authorized to an update call.

This requires the list_authorized and list_permitted methods to be called as an update and disables the ability to
call it as a query call. This resolves a potential security risk.

fix: dfx ledger transfer now logs to stderr messages about duplicates rather than printing them to stdout

The message "transaction is a duplicate of another transaction in block ...", previously printed to stdout, is now logged to stderr. This means that the output of dfx ledger transfer to stdout will contain only "Transfer sent at block height ".

feat: added dfx cycles command

This won't work on mainnet yet, but can work locally after installing the cycles ledger.

Added the following subcommands:

• dfx cycles balance
• dfx cycles transfer <to> <amount> (transfer cycles from one account to another account)
• dfx cycles top-up <to> <amount> (send cycles from an account to a canister)

Dependencies

Motoko

Updated Motoko to 0.10.1

Frontend canister

Defining a custom etag header no longer breaks certification.

Fixed a certification issue where under certain conditions the fallback file (/index.html) was served with an incomplete certificate tree, not proving sufficiently that the fallback file may be used as a replacement.

• Module hash: 965c8899f0a033593dc9b1634b2ab4e0f3fd28c1cfa06993069be2040a2f700e
• #3429
• #3428
• #3421

Replica

Updated replica to elected commit 80a6745673a28ee53d257b3fe19dcd6b7efa93d1.
This incorporates the following executed proposals:

• 125343
• 125342
• 125321
• 125320
• 125002
• 125001
• 124858
• 124857

0.15.2-beta.0: chore: update replica version to 1e3f5401 (#3426)

feat: change list_permitted and list_authorized to an update call.

This requires the list_authorized and list_permitted methods to be called as an update and disables the ability to
call it as a query call. This resolves a potential security risk.

fix: dfx ledger transfer now logs to stderr messages about duplicates rather than printing them to stdout

The message "transaction is a duplicate of another transaction in block ...", previously printed to stdout, is now logged to stderr. This means that the output of dfx ledger transfer to stdout will contain only "Transfer sent at block height ".

feat: added dfx cycles command

This won't work on mainnet yet, but can work locally after installing the cycles ledger.

Added the following subcommands:

• dfx cycles balance
• dfx cycles transfer <to> <amount> (transfer cycles from one account to another account)
• dfx cycles top-up <to> <amount> (send cycles from an account to a canister)

Dependencies

Motoko

Updated Motoko to 0.10.1

Frontend canister

• Module hash: 517d5117bb43236e1673627aacec3955a68072dcd95f0b0218e6155f75a4bb54
• #3421

Replica

Updated replica to elected commit 1e3f540180f15de4aae10a40257907dc47af8480.
This incorporates the following executed proposals:

• 125321
• 125320
• 125002
• 125001
• 124858
• 124857

0.15.1

dfx

feat: Added support for reserved_cycles and reserved_cycles_limit

dfx canister status will now display the reserved cycles balance and reserved cycles limit for a canister.

Added command-line options:

• dfx canister create --reserved-cycles-limit <limit>
• dfx canister update-settings --reserved-cycles-limit <limit>

In addition, dfx deploy will set reserved_cycles_limit when creating canisters if specified in canisters.<canister>.initialization_values.reserved_cycles_limit in dfx.json.

feat: emit management canister idl when imported by Motoko canister

import management "ic:aaaaa-aa;

This will automatically produce the idl in the .dfx folder.

fix: Include remote canisters in canisters_to_generate

Generate frontend declarations for remote canisters too because frontend JS code may want to call them.

feat: dfx extension install --version

Install a specific version of an extension, bypassing version checks.

feat: Updated handling of missing values in state tree certificates

The Unknown lookup of a path in a certificate results in an AgentError (the IC returns Absent for non-existing paths).

fix: dfx deploy urls printed for asset canisters

chore: --emulator parameter is deprecated and will be discontinued soon

Added warning that the --emulator is deprecated and will be discontinued soon.

fix: node engines in starter

Updates node engines to reflect the same engines supported in agent-js.

"node": "^12 || ^14 || ^16 || >=17",
"npm": "^7.17 || >=8"

feat: deploy to playground

Introduced a new network type called playground. Canisters on such networks are not created through standard means, but are instead borrowed from a canister pool.
The canisters time out after a while and new canisters need to be borrowed for further deployments.
To define custom playground networks, use a network definition that includes the playground key:

"<network name>": {
  "playground": {
    "playground_canister": "<canister pool id>",
    "timeout_seconds": <amount of seconds after which a canister is returned to the pool>
  }
}

Introduced a new network that is available by default called playground. Additionally, --playground is an alias for --network playground.
By default, this network targets the Motoko Playground backend to borrow canisters. The borrowed canisters will be available for 20 minutes, and the timer restarts on new deployments.
When the timer runs out the canister(s) will be uninstalled and are returned to the pool.
Any commands that allow choosing a target network (e.g. dfx canister call) require --playground or --network playground in order to target the borrowed canister(s).
Use dfx deploy --playground to deploy simple projects to a canister borrowed from the Motoko Playground.

feat: --ic is shorthand for --network ic

For example, dfx deploy --ic rather than dfx deploy --network ic.

fix: Motoko base library files in cache are no longer executable

feat: dfx start for shared network warns if ignoring 'defaults' in dfx.json

Background: In order to determine whether to start a project-specific network or the shared network, dfx start looks for the local network in dfx.json.

• If found, dfx start starts the project-specific local network, applying any defaults from dfx.json.
• If there is no dfx.json, or if dfx.json does not define a local network, dfx start starts the shared network. Because the shared network is not specific to any project, dfx start ignores any other settings from dfx.json, including defaults.

If dfx start is starting the shared network from within a dfx project, and that dfx.json contains settings in the defaults key for bitcoin, replica, or canister_http, then dfx start will warn that it is ignoring those settings. It will also describe how to define equivalent settings in networks.json.

fix: dfx canister call --wallet no longer passes the parameter twice

The parameter was erroneously passed twice. Now it is passed only once.

fix: Removed deprecation warning about project-specific networks

Removed this warning: "Project-specific networks are deprecated and will be removed after February 2023." While we may remove project-specific networks in the future, it is not imminent. One key requirement is the ability to run more than one subnet type at one time.

Dependencies

icx-proxy

Updated to a version of the icx-proxy that is released with the replica and other related binaries.

Changes in behavior:

• "%%" is no longer accepted when url-decoding filenames for the asset canister. Though curl supports this, it's not part of the standard. Please replace with %25.
• The icx-proxy now performs response verification. This has exposed some bugs in the asset canister. However, since this new icx-proxy matches what the boundary nodes use, this will better match the behavior seen on the mainnet.
• Bugs that this has exposed in the asset canister:
  • after disabling aliasing for an asset, the asset canister will return an incorrect certification in the 404 response.
  • after setting a custom "etag" header in .ic-assets.json, the asset canister will return an incorrect certification in the 200 response.
  • assets with certain characters in the filename (example: "æ") will no longer be served correctly. The definition of "certain characters" is not yet known.

Candid UI

• Module hash: 934756863c010898a24345ce4842d173b3ea7639a8eb394a0d027a9423c70b5c
• Add merge_init_args method in Candid UI.
• Draw flamegraph for canister upgrade.

Frontend canister

For certification v1, if none of the requested encoding are certified but another encoding is certified, then the frontend canister once again returns the certificatie even though the response hash won't match.
This allows the verifying side to try to transform the response such that it matches the response hash.
For example, if only the encoding gzip is requested but the identity encoding is certified, the gzip encoding is returned with the certificate for the identity encoding.
The verifying side can then unzip the response and will have a valid certificate for the identity response.

• Module hash: baf9bcab2ebc2883f850b965af658e66725087933df012ebd35c03929c39efe3
• #3369
• #3298
• #3281

Replica

Updated replica to elected commit 91bf38ff3cb927cb94027d9da513cd15f91a5b04.
This incorporates the following executed proposals:

• 124795
• 124790
• 124538
• 124537
• 124488
• 124487

0.15.1-beta.1: feat: add support for reserved_cycles and reserved_cycles_limit (#3404)

feat: Added support for reserved_cycles and reserved_cycles_limit

dfx canister status will now display the reserved cycles balance and reserved cycles limit for a canister.

Added command-line options:

• dfx canister create --reserved-cycles-limit <limit>
• dfx canister update-settings --reserved-cycles-limit <limit>

In addition, dfx deploy will set reserved_cycles_limit when creating canisters if specified in canisters.<canister>.initialization_values.reserved_cycles_limit in dfx.json.

feat: emit management canister idl when imported by Motoko canister

import management "ic:aaaaa-aa;

This will automatically produce the idl in the .dfx folder.

fix: Include remote canisters in canisters_to_generate

Generate frontend declarations for remote canisters too because frontend JS code may want to call them.

feat: dfx extension install --version

Install a specific version of an extension, bypassing version checks.

feat: Updated handling of missing values in state tree certificates

The Unknown lookup of a path in a certificate results in an AgentError (the IC returns Absent for non-existing paths).

fix: dfx deploy urls printed for asset canisters

chore: --emulator parameter is deprecated and will be discontinued soon

Added warning that the --emulator is deprecated and will be discontinued soon.

fix: node engines in starter

Updates node engines to reflect the same engines supported in agent-js.

"node": "^12 || ^14 || ^16 || >=17",
"npm": "^7.17 || >=8"

feat: deploy to playground

Introduced a new network type called playground. Canisters on such networks are not created through standard means, but are instead borrowed from a canister pool.
The canisters time out after a while and new canisters need to be borrowed for further deployments.
To define custom playground networks, use a network definition that includes the playground key:

"<network name>": {
  "playground": {
    "playground_canister": "<canister pool id>",
    "timeout_seconds": <amount of seconds after which a canister is returned to the pool>
  }
}

Introduced a new network that is available by default called playground. Additionally, --playground is an alias for --network playground.
By default, this network targets the Motoko Playground backend to borrow canisters. The borrowed canisters will be available for 20 minutes, and the timer restarts on new deployments.
When the timer runs out the canister(s) will be uninstalled and are returned to the pool.
Any commands that allow choosing a target network (e.g. dfx canister call) require --playground or --network playground in order to target the borrowed canister(s).
Use dfx deploy --playground to deploy simple projects to a canister borrowed from the Motoko Playground.

feat: --ic is shorthand for --network ic

For example, dfx deploy --ic rather than dfx deploy --network ic.

fix: Motoko base library files in cache are no longer executable

feat: dfx start for shared network warns if ignoring 'defaults' in dfx.json

Background: In order to determine whether to start a project-specific network or the shared network, dfx start looks for the local network in dfx.json.

• If found, dfx start starts the project-specific local network, applying any defaults from dfx.json.
• If there is no dfx.json, or if dfx.json does not define a local network, dfx start starts the shared network. Because the shared network is not specific to any project, dfx start ignores any other settings from dfx.json, including defaults.

If dfx start is starting the shared network from within a dfx project, and that dfx.json contains settings in the defaults key for bitcoin, replica, or canister_http, then dfx start will warn that it is ignoring those settings. It will also describe how to define equivalent settings in networks.json.

fix: dfx canister call --wallet no longer passes the parameter twice

The parameter was erroneously passed twice. Now it is passed only once.

fix: Removed deprecation warning about project-specific networks

Removed this warning: "Project-specific networks are deprecated and will be removed after February 2023." While we may remove project-specific networks in the future, it is not imminent. One key requirement is the ability to run more than one subnet type at one time.

Dependencies

icx-proxy

Updated to a version of the icx-proxy that is released with the replica and other related binaries.

Changes in behavior:

• "%%" is no longer accepted when url-decoding filenames for the asset canister. Though curl supports this, it's not part of the standard. Please replace with %25.
• The icx-proxy now performs response verification. This has exposed some bugs in the asset canister. However, since this new icx-proxy matches what the boundary nodes use, this will better match the behavior seen on the mainnet.
• Bugs that this has exposed in the asset canister:
  • after disabling aliasing for an asset, the asset canister will return an incorrect certification in the 404 response.
  • after setting a custom "etag" header in .ic-assets.json, the asset canister will return an incorrect certification in the 200 response.
  • assets with certain characters in the filename (example: "æ") will no longer be served correctly. The definition of "certain characters" is not yet known.

Candid UI

• Module hash: 934756863c010898a24345ce4842d173b3ea7639a8eb394a0d027a9423c70b5c
• Add merge_init_args method in Candid UI.
• Draw flamegraph for canister upgrade.

Frontend canister

For certification v1, if none of the requested encoding are certified but another encoding is certified, then the frontend canister once again returns the certificatie even though the response hash won't match.
This allows the verifying side to try to transform the response such that it matches the response hash.
For example, if only the encoding gzip is requested but the identity encoding is certified, the gzip encoding is returned with the certificate for the identity encoding.
The verifying side can then unzip the response and will have a valid certificate for the identity response.

• Module hash: baf9bcab2ebc2883f850b965af658e66725087933df012ebd35c03929c39efe3
• #3369
• #3298
• #3281

Updated replica to elected commit 91bf38ff3cb927cb94027d9da513cd15f91a5b04.
This incorporates the following executed proposals:

• 124795
• 124790
• 124538
• 124537
• 124488
• 124487

0.15.1-beta.0: feat: Bump UI (#3396)

fix: Include remote canisters in canisters_to_generate

Generate frontend declarations for remote canisters too because frontend JS code may want to call them.

feat: Updated handling of missing values in state tree certificates

The Unknown lookup of a path in a certificate results in an AgentError (the IC returns Absent for non-existing paths).

fix: dfx deploy urls printed for asset canisters

chore: --emulator parameter is deprecated and will be discontinued soon

Added warning that the --emulator is deprecated and will be discontinued soon.

fix: node engines in starter

Updates node engines to reflect the same engines supported in agent-js.

"node": "^12 || ^14 || ^16 || >=17",
"npm": "^7.17 || >=8"

feat: deploy to playground

Introduced a new network type called playground. Canisters on such networks are not created through standard means, but are instead borrowed from a canister pool.
The canisters time out after a while and new canisters need to be borrowed for further deployments.
To define custom playground networks, use a network definition that includes the playground key:

"<network name>": {
  "playground": {
    "playground_canister": "<canister pool id>",
    "timeout_seconds": <amount of seconds after which a canister is returned to the pool>
  }
}

Introduced a new network that is available by default called playground. Additionally, --playground is an alias for --network playground.
By default, this network targets the Motoko Playground backend to borrow canisters. The borrowed canisters will be available for 20 minutes, and the timer restarts on new deployments.
When the timer runs out the canister(s) will be uninstalled and are returned to the pool.
Any commands that allow choosing a target network (e.g. dfx canister call) require --playground or --network playground in order to target the borrowed canister(s).
Use dfx deploy --playground to deploy simple projects to a canister borrowed from the Motoko Playground.

feat: --ic is shorthand for --network ic

For example, dfx deploy --ic rather than dfx deploy --network ic.

fix: Motoko base library files in cache are no longer executable

feat: dfx start for shared network warns if ignoring 'defaults' in dfx.json

Background: In order to determine whether to start a project-specific network or the shared network, dfx start looks for the local network in dfx.json.

• If found, dfx start starts the project-specific local network, applying any defaults from dfx.json.
• If there is no dfx.json, or if dfx.json does not define a local network, dfx start starts the shared network. Because the shared network is not specific to any project, dfx start ignores any other settings from dfx.json, including defaults.

If dfx start is starting the shared network from within a dfx project, and that dfx.json contains settings in the defaults key for bitcoin, replica, or canister_http, then dfx start will warn that it is ignoring those settings. It will also describe how to define equivalent settings in networks.json.

fix: dfx canister call --wallet no longer passes the parameter twice

The parameter was erroneously passed twice. Now it is passed only once.

fix: Removed deprecation warning about project-specific networks

Removed this warning: "Project-specific networks are deprecated and will be removed after February 2023." While we may remove project-specific networks in the future, it is not imminent. One key requirement is the ability to run more than one subnet type at one time.

Dependencies

icx-proxy

Updated to a version of the icx-proxy that is released with the replica and other related binaries.

Changes in behavior:

• "%%" is no longer accepted when url-decoding filenames for the asset canister. Though curl supports this, it's not part of the standard. Please replace with %25.
• The icx-proxy now performs response verification. This has exposed some bugs in the asset canister. However, since this new icx-proxy matches what the boundary nodes use, this will better match the behavior seen on the mainnet.
• Bugs that this has exposed in the asset canister:
  • after disabling aliasing for an asset, the asset canister will return an incorrect certification in the 404 response.
  • after setting a custom "etag" header in .ic-assets.json, the asset canister will return an incorrect certification in the 200 response.
  • assets with certain characters in the filename (example: "æ") will no longer be served correctly. The definition of "certain characters" is not yet known.

Candid UI

• Module hash: 934756863c010898a24345ce4842d173b3ea7639a8eb394a0d027a9423c70b5c
• Add merge_init_args method in Candid UI.
• Draw flamegraph for canister upgrade.

Frontend canister

For certification v1, if none of the requested encoding are certified but another encoding is certified, then the frontend canister once again returns the certificatie even though the response hash won't match.
This allows the verifying side to try to transform the response such that it matches the response hash.
For example, if only the encoding gzip is requested but the identity encoding is certified, the gzip encoding is returned with the certificate for the identity encoding.
The verifying side can then unzip the response and will have a valid certificate for the identity response.

• Module hash: baf9bcab2ebc2883f850b965af658e66725087933df012ebd35c03929c39efe3
• #3369
• #3298
• #3281

Updated replica to elected commit 91bf38ff3cb927cb94027d9da513cd15f91a5b04.
This incorporates the following executed proposals:

• 124795
• 124790
• 124538
• 124537
• 124488
• 124487

0.15.0

DFX

fix: added https://icp-api.io to the default Content-Security-Policy header

Existing projects will need to change this value in .ic-assets.json or .ic-assets.json5 to include https://icp-api.io

All projects will need to redeploy.

fix: access to raw assets is now enabled by default

The default value for allow_raw_access is now true. This means that by default, the frontend canister will no longer restrict the access of traffic to the <canister-id>.raw.icp0.io domain, and will no longer automatically redirect all requests to the certified domain (<canister-id>.icp0.io), unless configured explicitly.

Note that existing projects that specify "allow_raw_access": false in .ic-assets.json5 will need to change or remove this value manually in order to allow raw access.

feat!: Removed dfx nns and dfx sns commands

Both have now been turned into the dfx extensions. In order to obtain them, please run dfx extension install nns and dfx extension install sns respectively. After the installation, you can use them as you did before: dfx nns ..., and dfx sns ....

chore: add --use-old-metering flag

The use-old-metering flag enables old metering in replica. The new metering is enabled in the starter by default, so this flag is to compare the default new metering with the old one.

The flag is temporary and will be removed in a few months.

feat!: Removed dfx replica and dfx bootstrap commands

Use dfx start instead. If you have a good reason why we should keep these commands, please contribute to the discussion at https://github.com/dfinity/sdk/discussions/3163

fix: Wait for new module hash when installing wallet

A previous change made dfx wait after installing a canister until the replica updated its reported module hash, but this change did not affect wallets. Now dfx waits for wallets too, to eliminate a class of wallet installation errors.

fix: Ctrl-C right after dfx start will hang for minutes and panics

Early break out from actors starting procedure.

feat: can disable the warnings about using an unencrypted identity on mainnet

It's now possible to suppress warnings of this form:

WARN: The <identity> identity is not stored securely. Do not use it to control a lot of cycles/ICP. Create a new identity with `dfx identity new` and use it in mainnet-facing commands with the `--identity` flag

To do so, export the environment variable DFX_WARNING with the value -mainnet_plaintext_identity.

export DFX_WARNING="-mainnet_plaintext_identity"

Note that this can be combined to also disable the dfx version check warning:

export DFX_WARNING="-version_check,-mainnet_plaintext_identity"

fix!: restrict dfx identity new to safe characters

New identities like dfx identity new my/identity or dfx identity new 'my identity' can easily lead to problems, either for dfx internals or for usability.
New identities are now restricted to the characters ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz.-_@0123456789.
Existing identities are not affected by this change.

Frontend canister

NOTE: We've re-enabled response verification v2 in the asset canister.

fix: return asset certificate for cert v1 even if encoding does not match

For certification v1, if none of the requested encoding are certified but another encoding is certified, then the frontend canister once again returns the certificatie even though the response hash won't match.
This allows the verifying side to try to transform the response such that it matches the response hash.
For example, if only the encoding gzip is requested but the identity encoding is certified, the gzip encoding is returned with the certificate for the identity encoding.
The verifying side can then unzip the response and will have a valid certificate for the identity response.

fix: Certification for aliasing updates on asset deletion

Best explained by an example: Two assets exist with aliasing enabled: /content and /content.html. Usually, when requesting /content, /content.html is served because it has aliasing enabled.
But in this scenario, because /content exists, it overwrites the alias and /content is served when requesting the path /content.
When the file /content is deleted, /content is once again a valid alias of /content.html.
Previously, the alias of /content.html was not properly updated in the certification tree, making /content inaccessible.

fix: 404 response is now certified for certification v2

Certification v2 allows certifying arbitrary responses. If the requested file does not exist, and the fallback file (/index.html) does not exist either,
the frontend canister serves a HTTP 404 response. This response was previously not certified.

fix!: The CreateAsset batch operation now fails if the asset already exists

Previously, the operation was a no-op if the content type matched, but ignored other, possibly different, asset properties. Now, it fails with an error.

fix!: http_request_streaming_callback and get_chunk now require the sha256 parameter to be set

The http_request_streaming_callback() and get_chunk() methods use the sha256 parameter to ensure that the chunks they return are part of the same asset contents returned by the initial call. This parameter is now required to be Some(hash).

For http_request() and http_request_streaming_callback(), there should be no change: all callers of http_request_streaming_callback() are expected to pass the entire token returned by http_request(), which includes the sha256 parameter.

Any callers of get_chunk() should make sure to always pass the sha256 value returned by the get() method. It will always be present.

Dependencies

Motoko

Updated Motoko to 0.9.7

Updated candid to 0.9.0

Candid UI

• Module hash: b9173bb25dabe5e2b736a8f2816e68fba14ca72132f5485ce7b8f16a85737a17
• #3260
• #3252
• dfinity/candid#449
• dfinity/candid#453

Frontend canister

• Module hash: e20be8df2c392937a6ae0f70d20ff23b75e8c71d9085a8b8bb438b8c2d4eafe5
• #3337
• #3298
• #3256
• #3252
• #3249
• #3212
• #3227

Replica

Updated replica to elected commit cabe2ae3ca115b1a3f24d75814d4f8e317b2964d.
This incorporates the following executed proposals:

• 124331
• 124330
• 124272
• 124021
• 123977
• 123976
• 123922
• 123784
• 123730
• 123711
• 123474
• 123410
• 123311