Skip to content

Consolidate pending PRs into staging#2927

Merged
unarbos merged 8 commits into
stagingfrom
staging-pick
Jul 16, 2026
Merged

Consolidate pending PRs into staging#2927
unarbos merged 8 commits into
stagingfrom
staging-pick

Conversation

@unarbos

@unarbos unarbos commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Summary

Cherry-picks (squashed, one commit per PR) of the full pending PR list into staging:

Verified with SKIP_WASM_BUILD=1 cargo check --workspace locally.

Made with Cursor

unarbos and others added 8 commits July 16, 2026 11:37
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
…ixes, no diff

Co-authored-by: Cursor <cursoragent@cursor.com>
@vercel

vercel Bot commented Jul 16, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
subtensor Ready Ready Preview, Comment Jul 16, 2026 2:48pm

Request Review

@github-actions

github-actions Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

🛡️ AI Review — Skeptic (security review)

VERDICT: SAFE

BASELINE scrutiny — established write-access contributor with substantial repository history; no Gittensor association found; staging-pick → staging integration branch.

Static analysis covered the runtime stake-swap and leasing changes, the new balance precompile, dependency updates, Docker/CI publishing changes, and privileged cleanup workflow. No trusted AI-review instruction files were modified, and no exploitable panic, authorization bypass, economic flaw, supply-chain backdoor, or credential-exposure path was found.

Findings

No findings.

Conclusion

The changes are consistent with the stated consolidation and contain no identified security vulnerability or malicious behavior.


🔍 AI Review — Auditor (domain review)

VERDICT: 👎

UNKNOWN Gittensor association; established write-access contributor with substantial repository history. Reviewed as a staging integration PR.

The PR description is substantive and matches the consolidated changes. No spec-version check applies to the staging base branch.

Static review found a blocking dispatch-weight regression; no build was needed to confirm it.

Findings

Sev File Finding
HIGH pallets/subtensor/src/swap/swap_hotkey.rs:19 Hotkey swaps exceed the maximum block weight inline

Conclusion

The stake-moving hotkey swap calls are assigned a weight far above the runtime’s maximum block weight, making them undispatchable. The PR should not merge until the operation is bounded or redesigned to fit within a block.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

Comment thread pallets/subtensor/src/swap/swap_hotkey.rs
@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants