Any projects which want to use Hush code from now on will need to be licensed as
GPLv3 or we will send the lawyers: https://www.softwarefreedom.org/
Notably, Komodo (KMD) is licensed as GPLv2 and is no longer compatible to receive
code changes, without causing legal issues. MIT projects, such as Zcash, also cannot pull
in changes from the Hush Full Node without permission from The Hush Developers,
which may in some circumstances grant an MIT license on a case-by-case basis.
This fixes the way arguments were passed to security-check, and also
a typo in how BIND_NOW was being searched for in a list.
Also fix how symbol-check is invoked although that script isn't
currently used.
Add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
See 56734f4b27 for the earlier changes.
This reverts commit 1078fb0885 (and thus
pull #5623). It has various issues:
- Pull request names get cut off at ", see e.g. a026a56
- Merge script no longer copes with pulls that have a milestone
attached, due to a duplicate 'title' in JSON that is not handled by the
ad-hoc parsing.
- Check that image contents match pre- and post- crushing.
- Also remove use of external tool to compute sha256 in favor of hashlib.
- contrib: remove all use of shell=True in strip_pngs.py
Using `shell=True` can be a security hazard. See e.g.
https://docs.python.org/2/library/subprocess.html#subprocess.check_output
- Catch problems such as mismatched formatting characters. Remove
messages that can give problems at runtime.
- Also remove unfinished/untranslated messages, they just take up space
in the ts and waste parsing time.
Fixes#4774.