fix: Fix previous ledger size typo in RCLConsensus (#6696)

Co-authored-by: Bart <11445373+bthomee@users.noreply.github.com>

.clang-tidy

@@ -1,4 +1,6 @@
 ---
+# This entire group of checks was applied to all cpp files but not all header files.
+# ---
 Checks: "-*,
   bugprone-argument-comment,
   bugprone-assert-side-effect,
@@ -8,26 +10,26 @@ Checks: "-*,
   bugprone-chained-comparison,
   bugprone-compare-pointer-to-member-virtual-function,
   bugprone-copy-constructor-init,
-  bugprone-crtp-constructor-accessibility,
+  # bugprone-crtp-constructor-accessibility, # has issues
   bugprone-dangling-handle,
   bugprone-dynamic-static-initializers,
-  bugprone-empty-catch,
+  # bugprone-empty-catch, # has issues
   bugprone-fold-init-type,
-  bugprone-forward-declaration-namespace,
-  bugprone-inaccurate-erase,
-  bugprone-inc-dec-in-conditions,
-  bugprone-incorrect-enable-if,
-  bugprone-incorrect-roundings,
-  bugprone-infinite-loop,
-  bugprone-integer-division,
+  # bugprone-forward-declaration-namespace, # has issues
+  # bugprone-inaccurate-erase,
+  # bugprone-inc-dec-in-conditions,
+  # bugprone-incorrect-enable-if,
+  # bugprone-incorrect-roundings,
+  # bugprone-infinite-loop,
+  # bugprone-integer-division,
   bugprone-lambda-function-name,
-  bugprone-macro-parentheses,
+  # bugprone-macro-parentheses, # has issues
   bugprone-macro-repeated-side-effects,
   bugprone-misplaced-operator-in-strlen-in-alloc,
   bugprone-misplaced-pointer-arithmetic-in-alloc,
   bugprone-misplaced-widening-cast,
   bugprone-move-forwarding-reference,
-  bugprone-multi-level-implicit-pointer-conversion,
+  # bugprone-multi-level-implicit-pointer-conversion, # has issues
   bugprone-multiple-new-in-one-expression,
   bugprone-multiple-statement-macro,
   bugprone-no-escape,
@@ -37,13 +39,13 @@ Checks: "-*,
   bugprone-pointer-arithmetic-on-polymorphic-object,
   bugprone-posix-return,
   bugprone-redundant-branch-condition,
-  bugprone-reserved-identifier,
-  bugprone-return-const-ref-from-parameter,
+  # bugprone-reserved-identifier, # has issues
+  # bugprone-return-const-ref-from-parameter, # has issues
   bugprone-shared-ptr-array-mismatch,
   bugprone-signal-handler,
   bugprone-signed-char-misuse,
   bugprone-sizeof-container,
-  bugprone-sizeof-expression,
+  # bugprone-sizeof-expression, # has issues
   bugprone-spuriously-wake-up-functions,
   bugprone-standalone-empty,
   bugprone-string-constructor,
@@ -60,7 +62,7 @@ Checks: "-*,
   bugprone-suspicious-string-compare,
   bugprone-suspicious-stringview-data-usage,
   bugprone-swapped-arguments,
-  bugprone-switch-missing-default-case,
+  # bugprone-switch-missing-default-case, # has issues
   bugprone-terminating-continue,
   bugprone-throw-keyword-missing,
   bugprone-too-small-loop-variable,
@@ -71,23 +73,25 @@ Checks: "-*,
   bugprone-unhandled-self-assignment,
   bugprone-unique-ptr-array-mismatch,
   bugprone-unsafe-functions,
-  bugprone-use-after-move,
+  # bugprone-use-after-move, # has issues
   bugprone-unused-raii,
   bugprone-unused-return-value,
   bugprone-unused-local-non-trivial-variable,
   bugprone-virtual-near-miss,
-  cppcoreguidelines-init-variables,
-  cppcoreguidelines-misleading-capture-default-by-value,
+  # cppcoreguidelines-init-variables, # has issues
+  # cppcoreguidelines-misleading-capture-default-by-value, # has issues
   cppcoreguidelines-no-suspend-with-lock,
-  cppcoreguidelines-pro-type-member-init,
+  # cppcoreguidelines-pro-type-member-init, # has issues
   cppcoreguidelines-pro-type-static-cast-downcast,
-  cppcoreguidelines-rvalue-reference-param-not-moved,
-  cppcoreguidelines-use-default-member-init,
-  cppcoreguidelines-virtual-class-destructor,
+  # cppcoreguidelines-rvalue-reference-param-not-moved, # has issues
+  # cppcoreguidelines-use-default-member-init, # has issues
+  # cppcoreguidelines-virtual-class-destructor, # has issues
   hicpp-ignored-remove-result,
+  misc-const-correctness,
   misc-definitions-in-headers,
   misc-header-include-cycle,
   misc-misplaced-const,
+  misc-redundant-expression,
   misc-static-assert,
   misc-throw-by-value-catch-by-reference,
   misc-unused-alias-decls,
@@ -95,46 +99,49 @@ Checks: "-*,
   modernize-deprecated-headers,
   modernize-make-shared,
   modernize-make-unique,
+  llvm-namespace-comment,
+  performance-faster-string-find,
+  performance-for-range-copy,
   performance-implicit-conversion-in-loop,
+  performance-inefficient-vector-operation,
+  performance-move-const-arg,
   performance-move-constructor-init,
+  performance-no-automatic-move,
   performance-trivially-destructible,
-  readability-avoid-nested-conditional-operator,
-  readability-avoid-return-with-void-value,
-  readability-braces-around-statements,
-  readability-const-return-type,
-  readability-container-contains,
-  readability-container-size-empty,
+  # readability-avoid-nested-conditional-operator, # has issues
+  # readability-avoid-return-with-void-value, # has issues
+  # readability-braces-around-statements, # has issues
+  # readability-const-return-type, # has issues
+  # readability-container-contains, # has issues
+  # readability-container-size-empty, # has issues
+  # readability-convert-member-functions-to-static, # has issues
   readability-duplicate-include,
-  readability-else-after-return,
-  readability-enum-initial-value,
-  readability-make-member-function-const,
+  # readability-else-after-return, # has issues
+  # readability-enum-initial-value, # has issues
+  # readability-implicit-bool-conversion, # has issues
+  # readability-make-member-function-const, # has issues
+  # readability-math-missing-parentheses, # has issues
   readability-misleading-indentation,
   readability-non-const-parameter,
-  readability-redundant-casting,
-  readability-redundant-declaration,
-  readability-redundant-inline-specifier,
-  readability-redundant-member-init,
+  # readability-redundant-casting, # has issues
+  # readability-redundant-declaration, # has issues
+  # readability-redundant-inline-specifier, # has issues
+  # readability-redundant-member-init, # has issues
   readability-redundant-string-init,
   readability-reference-to-constructed-temporary,
-  readability-static-definition-in-anonymous-namespace,
+  # readability-simplify-boolean-expr, # has issues
+  # readability-static-definition-in-anonymous-namespace, # has issues
+  # readability-suspicious-call-argument, # has issues
   readability-use-std-min-max
   "
 # ---
-# checks that have some issues that need to be resolved:
+# other checks that have issues that need to be resolved:
 #
-# llvm-namespace-comment,
-# misc-const-correctness,
 # misc-include-cleaner,
-# misc-redundant-expression,
 #
-# readability-convert-member-functions-to-static,
-# readability-implicit-bool-conversion,
-# readability-inconsistent-declaration-parameter-name,
-# readability-identifier-naming,
-# readability-math-missing-parentheses,
-# readability-simplify-boolean-expr,
-# readability-suspicious-call-argument,
-# readability-static-accessed-through-instance,
+# readability-inconsistent-declaration-parameter-name, # in this codebase this check will break a lot of arg names
+# readability-static-accessed-through-instance,        # this check is probably unnecessary. it makes the code less readable
+# readability-identifier-naming,                       # https://github.com/XRPLF/rippled/pull/6571
 #
 # modernize-concat-nested-namespaces,
 # modernize-pass-by-value,
@@ -148,12 +155,6 @@ Checks: "-*,
 # modernize-use-starts-ends-with,
 # modernize-use-std-numbers,
 # modernize-use-using,
-#
-# performance-faster-string-find,
-# performance-for-range-copy,
-# performance-inefficient-vector-operation,
-# performance-move-const-arg,
-# performance-no-automatic-move,
 # ---
 #
 CheckOptions:
@@ -195,5 +196,6 @@ CheckOptions:
   bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
 #   misc-include-cleaner.IgnoreHeaders: '.*/(detail|impl)/.*;.*(expected|unexpected).*;.*ranges_lower_bound\.h;time.h;stdlib.h;__chrono/.*;fmt/chrono.h;boost/uuid/uuid_hash.hpp'
 #
-# HeaderFilterRegex: '^.*/(src|tests)/.*\.(h|hpp)$'
+HeaderFilterRegex: '^.*/(test|xrpl|xrpld)/.*\.(h|hpp)$'
+ExcludeHeaderFilterRegex: '^.*/protocol_autogen/.*\.(h|hpp)$'
 WarningsAsErrors: "*"

.github/scripts/levelization/results/ordering.txt

@@ -21,6 +21,7 @@ libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
 libxrpl.protocol_autogen > xrpl.protocol_autogen
 libxrpl.rdb > xrpl.basics
+libxrpl.rdb > xrpl.core
 libxrpl.rdb > xrpl.rdb
 libxrpl.resource > xrpl.basics
 libxrpl.resource > xrpl.json
@@ -90,6 +91,7 @@ test.core > xrpl.server
 test.csf > xrpl.basics
 test.csf > xrpld.consensus
 test.csf > xrpl.json
+test.csf > xrpl.ledger
 test.csf > xrpl.protocol
 test.json > test.jtx
 test.json > xrpl.json
@@ -108,7 +110,6 @@ test.jtx > xrpl.tx
 test.ledger > test.jtx
 test.ledger > test.toplevel
 test.ledger > xrpl.basics
-test.ledger > xrpld.app
 test.ledger > xrpld.core
 test.ledger > xrpl.ledger
 test.ledger > xrpl.protocol
@@ -125,6 +126,7 @@ test.overlay > xrpl.basics
 test.overlay > xrpld.app
 test.overlay > xrpld.overlay
 test.overlay > xrpld.peerfinder
+test.overlay > xrpl.ledger
 test.overlay > xrpl.nodestore
 test.overlay > xrpl.protocol
 test.overlay > xrpl.shamap
@@ -183,7 +185,6 @@ xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
 xrpl.core > xrpl.basics
 xrpl.core > xrpl.json
-xrpl.core > xrpl.ledger
 xrpl.core > xrpl.protocol
 xrpl.json > xrpl.basics
 xrpl.ledger > xrpl.basics
@@ -234,6 +235,7 @@ xrpld.app > xrpl.shamap
 xrpld.app > xrpl.tx
 xrpld.consensus > xrpl.basics
 xrpld.consensus > xrpl.json
+xrpld.consensus > xrpl.ledger
 xrpld.consensus > xrpl.protocol
 xrpld.core > xrpl.basics
 xrpld.core > xrpl.core

.github/workflows/check-pr-commits.yml

@@ -1,7 +1,7 @@
 name: Check PR commits
 
 on:
-  pull_request:
+  pull_request_target:
 
 # The action needs to have write permissions to post comments on the PR.
 permissions:

.github/workflows/conflicting-pr.yml

@@ -0,0 +1,25 @@
+name: Label PRs with merge conflicts
+
+on:
+  # So that PRs touching the same files as the push are updated.
+  push:
+  # So that the `dirtyLabel` is removed if conflicts are resolved.
+  # We recommend `pull_request_target` so that github secrets are available.
+  # In `pull_request` we wouldn't be able to change labels of fork PRs.
+  pull_request_target:
+    types: [synchronize]
+
+permissions:
+  pull-requests: write
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if PRs are dirty
+        uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
+        with:
+          dirtyLabel: "PR: has conflicts"
+          repoToken: "${{ secrets.GITHUB_TOKEN }}"
+          commentOnDirty: "This PR has conflicts, please resolve them in order for the PR to be reviewed."
+          commentOnClean: "All conflicts have been resolved. Assigned reviewers can now start or resume their review."

.github/workflows/publish-docs.yml

@@ -6,7 +6,6 @@ on:
   push:
     branches:
       - "develop"
-      - "release*"
     paths:
       - ".github/workflows/publish-docs.yml"
       - "*.md"
@@ -82,13 +81,13 @@ jobs:
           cmake --build . --target docs --parallel ${BUILD_NPROC}
 
       - name: Create documentation artifact
-        if: ${{ github.event_name == 'push' }}
+        if: ${{ github.event.repository.visibility == 'public' && github.event_name == 'push' }}
         uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
         with:
           path: ${{ env.BUILD_DIR }}/docs/html
 
   deploy:
-    if: ${{ github.event_name == 'push' }}
+    if: ${{ github.event.repository.visibility == 'public' && github.event_name == 'push' }}
     needs: build
     runs-on: ubuntu-latest
     permissions:
@@ -100,4 +99,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deploy
-        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
+        uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0

.github/workflows/reusable-build-test-config.yml

@@ -199,7 +199,7 @@ jobs:
           fi
 
       - name: Upload the binary (Linux)
-        if: ${{ github.repository == 'XRPLF/rippled' && runner.os == 'Linux' }}
+        if: ${{ github.event.repository.visibility == 'public' && runner.os == 'Linux' }}
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: xrpld-${{ inputs.config_name }}
@@ -298,7 +298,7 @@ jobs:
 
       - name: Upload coverage report
         if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-clang-tidy-files.yml

@@ -80,10 +80,10 @@ jobs:
         env:
           TARGETS: ${{ inputs.files != '' && inputs.files || 'src tests' }}
         run: |
-          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" ${TARGETS} 2>&1 | tee clang-tidy-output.txt
+          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" -quiet -allow-no-checks ${TARGETS} 2>&1 | tee clang-tidy-output.txt
 
       - name: Upload clang-tidy output
-        if: steps.run_clang_tidy.outcome != 'success'
+        if: ${{ github.event.repository.visibility == 'public' && steps.run_clang_tidy.outcome != 'success' }}
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: clang-tidy-results

.github/workflows/reusable-clang-tidy.yml

@@ -51,5 +51,5 @@ jobs:
     if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.any_cpp_changed == 'true' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
     uses: ./.github/workflows/reusable-clang-tidy-files.yml
     with:
-      files: ${{ needs.determine-files.outputs.clang_tidy_config_changed == 'true' && '' || (inputs.check_only_changed && needs.determine-files.outputs.all_changed_files || '') }}
+      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed != 'true' && inputs.check_only_changed) && needs.determine-files.outputs.all_changed_files || '' }}
       create_issue_on_failure: ${{ inputs.create_issue_on_failure }}

.gitignore

@@ -71,6 +71,8 @@ DerivedData
 /.zed/
 
 # AI tools.
+/.agent
+/.agents
 /.augment
 /.claude
 /CLAUDE.md

BUILD.md

@@ -125,9 +125,9 @@ default profile.
 
 ### Patched recipes
 
-The recipes in Conan Center occasionally need to be patched for compatibility
-with the latest version of `xrpld`. We maintain a fork of the Conan Center
-[here](https://github.com/XRPLF/conan-center-index/) containing the patches.
+Occasionally, we need patched recipes or recipes not present in Conan Center.
+We maintain a fork of the Conan Center Index
+[here](https://github.com/XRPLF/conan-center-index/) containing the modified and newly added recipes.
 
 To ensure our patched recipes are used, you must add our Conan remote at a
 higher index than the default Conan Center remote, so it is consulted first. You
@@ -137,19 +137,11 @@ can do this by running:
 conan remote add --index 0 xrplf https://conan.ripplex.io
 ```
 
-Alternatively, you can pull the patched recipes into the repository and use them
-locally:
+Alternatively, you can pull our recipes from the repository and export them locally:
 
 ```bash
-# Extract the version number from the lockfile.
-function extract_version {
-  version=$(cat conan.lock | sed -nE "s@.+${1}/(.+)#.+@\1@p" | head -n1)
-  echo ${version}
-}
-
 # Define which recipes to export.
-recipes=('ed25519' 'grpc' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci')
-folders=('all'     'all'  'all'  '3.x.x'   'all'       'all'    'all')
+recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
 
 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -158,29 +150,19 @@ cd conan-center-index
 git init
 git remote add origin git@github.com:XRPLF/conan-center-index.git
 git sparse-checkout init
-for ((index = 1; index <= ${#recipes[@]}; index++)); do
-  recipe=${recipes[index]}
-  folder=${folders[index]}
-  echo "Checking out recipe '${recipe}' from folder '${folder}'..."
-  git sparse-checkout add recipes/${recipe}/${folder}
+for recipe in "${recipes[@]}"; do
+  echo "Checking out recipe '${recipe}'..."
+  git sparse-checkout add recipes/${recipe}
 done
 git fetch origin master
 git checkout master
-cd ../..
 
-# Export the recipes into the local cache.
-for ((index = 1; index <= ${#recipes[@]}; index++)); do
-  recipe=${recipes[index]}
-  folder=${folders[index]}
-  version=$(extract_version ${recipe})
-  echo "Exporting '${recipe}/${version}' from '${recipe}/${folder}'..."
-  conan export --version $(extract_version ${recipe}) \
-    external/conan-center-index/recipes/${recipe}/${folder}
-done
+./export_all.sh
+cd ../../
 ```
 
 In the case we switch to a newer version of a dependency that still requires a
-patch, it will be necessary for you to pull in the changes and re-export the
+patch or add a new dependency, it will be necessary for you to pull in the changes and re-export the
 updated dependencies with the newer version. However, if we switch to a newer
 version that no longer requires a patch, no action is required on your part, as
 the new recipe will be automatically pulled from the official Conan Center.
@@ -189,6 +171,8 @@ the new recipe will be automatically pulled from the official Conan Center.
 > You might need to add `--lockfile=""` to your `conan install` command
 > to avoid automatic use of the existing `conan.lock` file when you run
 > `conan export` manually on your machine
+>
+> This is not recommended though, as you might end up using different revisions of recipes.
 
 ### Conan profile tweaks
 
@@ -204,39 +188,14 @@ Possible values are ['5.0', '5.1', '6.0', '6.1', '7.0', '7.3', '8.0', '8.1',
 Read "http://docs.conan.io/2/knowledge/faq.html#error-invalid-setting"
 ```
 
-you need to amend the list of compiler versions in
-`$(conan config home)/settings.yml`, by appending the required version number(s)
+you need to add your compiler to the list of compiler versions in
+`$(conan config home)/settings_user.yml`, by adding the required version number(s)
 to the `version` array specific for your compiler. For example:
 
 ```yaml
-apple-clang:
-  version:
-    [
-      "5.0",
-      "5.1",
-      "6.0",
-      "6.1",
-      "7.0",
-      "7.3",
-      "8.0",
-      "8.1",
-      "9.0",
-      "9.1",
-      "10.0",
-      "11.0",
-      "12.0",
-      "13",
-      "13.0",
-      "13.1",
-      "14",
-      "14.0",
-      "15",
-      "15.0",
-      "16",
-      "16.0",
-      "17",
-      "17.0",
-    ]
+compiler:
+  apple-clang:
+    version: ["17.0"]
 ```
 
 #### Multiple compilers

CONTRIBUTING.md

@@ -259,6 +259,10 @@ There is a Continuous Integration job that runs clang-tidy on pull requests. The
 
 This ensures that configuration changes don't introduce new warnings across the codebase.
 
+### Installing clang-tidy
+
+See the [environment setup guide](./docs/build/environment.md#clang-tidy) for platform-specific installation instructions.
+
 ### Running clang-tidy locally
 
 Before running clang-tidy, you must build the project to generate required files (particularly protobuf headers). Refer to [`BUILD.md`](./BUILD.md) for build instructions.
@@ -266,10 +270,15 @@ Before running clang-tidy, you must build the project to generate required files
 Then run clang-tidy on your local changes:
 
 ```
-run-clang-tidy -p build src tests
+run-clang-tidy -p build -allow-no-checks src tests
 ```
 
-This will check all source files in the `src` and `tests` directories using the compile commands from your `build` directory.
+This will check all source files in the `src`, `include` and `tests` directories using the compile commands from your `build` directory.
+If you wish to automatically fix whatever clang-tidy finds _and_ is capable of fixing, add `-fix` to the above command:
+
+```
+run-clang-tidy -p build -quiet -fix -allow-no-checks src tests
+```
 
 ## Contracts and instrumentation
 

LICENSE.md

@@ -1,7 +1,7 @@
 ISC License
 
 Copyright (c) 2011, Arthur Britto, David Schwartz, Jed McCaleb, Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant.
-Copyright (c) 2012-2025, the XRP Ledger developers.
+Copyright (c) 2012-present, the XRP Ledger developers.
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above

cmake/XrplProtocolAutogen.cmake

@@ -140,6 +140,28 @@ function(setup_protocol_autogen)
                 )
             endif()
 
+            # Check pip index URL configuration
+            execute_process(
+                COMMAND ${VENV_PIP} config get global.index-url
+                OUTPUT_VARIABLE PIP_INDEX_URL
+                OUTPUT_STRIP_TRAILING_WHITESPACE
+                ERROR_QUIET
+            )
+
+            # Default PyPI URL
+            set(DEFAULT_PIP_INDEX "https://pypi.org/simple")
+
+            # Show warning if using non-default index
+            if(PIP_INDEX_URL AND NOT PIP_INDEX_URL STREQUAL "")
+                if(NOT PIP_INDEX_URL STREQUAL DEFAULT_PIP_INDEX)
+                    message(
+                        WARNING
+                        "Private pip index URL detected: ${PIP_INDEX_URL}\n"
+                        "You may need to connect to VPN to access this URL."
+                    )
+                endif()
+            endif()
+
             message(STATUS "Installing Python dependencies...")
             execute_process(
                 COMMAND ${VENV_PIP} install --upgrade pip

conan.lock

@@ -1,16 +1,16 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
         "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
-        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1765850149.926",
-        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1765850149.46",
+        "sqlite3/3.51.0#66aa11eabd0e34954c5c1c061ad44abe%1763899256.358",
+        "soci/4.0.3#fe32b9ad5eb47e79ab9e45a68f363945%1774450067.231",
         "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
-        "secp256k1/0.7.1#3a61e95e220062ef32c48d019e9c81f7%1770306721.686",
+        "secp256k1/0.7.1#481881709eb0bdd0185a12b912bbe8ad%1770910500.329",
         "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
-        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1765850148.103",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
-        "openssl/3.5.5#05a4ac5b7323f7a329b2db1391d9941f%1769599205.414",
+        "re2/20251105#8579cfd0bda4daf0683f9e3898f964b4%1774398111.888",
+        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1773224203.27",
+        "openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139",
         "nudb/2.0.9#0432758a24204da08fee953ec9ea03cb%1769436073.32",
         "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
         "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
@@ -18,27 +18,26 @@
         "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
         "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
         "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
-        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1765850193.734",
+        "grpc/1.78.1#b1a9e74b145cc471bed4dc64dc6eb2c1%1772623605.068",
         "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
         "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
-        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1765850144.336",
+        "c-ares/1.34.6#545240bb1c40e2cacd4362d6b8967650%1774439234.681",
         "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
         "boost/1.90.0#d5e8defe7355494953be18524a7f135b%1769454080.269",
-        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
+        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "build_requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
-        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1765850165.196",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
+        "strawberryperl/5.32.1.1#8d114504d172cfea8ea1662d09b6333e%1774447376.964",
+        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1773224203.27",
         "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
-        "msys2/cci.latest#eea83308ad7e9023f7318c60d5a9e6cb%1770199879.083",
-        "m4/1.4.19#70dc8bbb33e981d119d2acc0175cf381%1763158052.846",
-        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1765850153.937",
-        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
-        "b2/5.3.3#107c15377719889654eb9a162a673975%1765850144.355",
+        "msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
+        "m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
+        "cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1774439249.183",
+        "b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1774439233.447",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
-        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
+        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "python_requires": [],
     "overrides": {
@@ -46,14 +45,14 @@
             null,
             "boost/1.90.0"
         ],
-        "protobuf/5.27.0": [
-            "protobuf/6.32.1"
+        "protobuf/[>=5.27.0 <7]": [
+            "protobuf/6.33.5"
         ],
         "lz4/1.9.4": [
             "lz4/1.10.0"
         ],
-        "sqlite3/3.44.2": [
-            "sqlite3/3.49.1"
+        "sqlite3/[>=3.44 <4]": [
+            "sqlite3/3.51.0"
         ],
         "boost/1.83.0": [
             "boost/1.90.0"

conanfile.py

@@ -1,10 +1,9 @@
-import re
 import os
+import re
 
 from conan.tools.cmake import CMake, CMakeToolchain, cmake_layout
 
 from conan import ConanFile
-from conan import __version__ as conan_version
 
 
 class Xrpl(ConanFile):
@@ -30,10 +29,10 @@ class Xrpl(ConanFile):
 
     requires = [
         "ed25519/2015.03",
-        "grpc/1.72.0",
+        "grpc/1.78.1",
         "libarchive/3.8.1",
         "nudb/2.0.9",
-        "openssl/3.5.5",
+        "openssl/3.6.1",
         "secp256k1/0.7.1",
         "soci/4.0.3",
         "zlib/1.3.1",
@@ -44,7 +43,7 @@ class Xrpl(ConanFile):
     ]
 
     tool_requires = [
-        "protobuf/6.32.1",
+        "protobuf/6.33.5",
     ]
 
     default_options = {
@@ -137,20 +136,16 @@ class Xrpl(ConanFile):
                 self.default_options["fPIC"] = False
 
     def requirements(self):
-        # Conan 2 requires transitive headers to be specified
-        transitive_headers_opt = (
-            {"transitive_headers": True} if conan_version.split(".")[0] == "2" else {}
-        )
-        self.requires("boost/1.90.0", force=True, **transitive_headers_opt)
-        self.requires("date/3.0.4", **transitive_headers_opt)
+        self.requires("boost/1.90.0", force=True, transitive_headers=True)
+        self.requires("date/3.0.4", transitive_headers=True)
         self.requires("lz4/1.10.0", force=True)
-        self.requires("protobuf/6.32.1", force=True)
-        self.requires("sqlite3/3.49.1", force=True)
+        self.requires("protobuf/6.33.5", force=True)
+        self.requires("sqlite3/3.51.0", force=True)
         if self.options.jemalloc:
             self.requires("jemalloc/5.3.0")
         if self.options.rocksdb:
             self.requires("rocksdb/10.5.1")
-        self.requires("xxhash/0.8.3", **transitive_headers_opt)
+        self.requires("xxhash/0.8.3", transitive_headers=True)
 
     exports_sources = (
         "CMakeLists.txt",

cspell.config.yaml

@@ -297,6 +297,7 @@ words:
   - venv
   - vfalco
   - vinnie
+  - wasmi
   - wextra
   - wptr
   - writeme

docs/build/environment.md

@@ -109,3 +109,32 @@ Install CMake with Homebrew too:
 ```
 brew install cmake
 ```
+
+## Clang-tidy
+
+Clang-tidy is required to run static analysis checks locally (see [CONTRIBUTING.md](../../CONTRIBUTING.md)).
+It is not required to build the project. Currently this project uses clang-tidy version 21.
+
+### Linux
+
+LLVM 21 is not available in the default Debian 12 (Bookworm) repositories.
+Install it using the official LLVM apt installer:
+
+```
+wget https://apt.llvm.org/llvm.sh
+chmod +x llvm.sh
+sudo ./llvm.sh 21
+sudo apt install --yes clang-tidy-21
+```
+
+Then use `run-clang-tidy-21` when running clang-tidy locally.
+
+### macOS
+
+Install LLVM 21 via Homebrew:
+
+```
+brew install llvm@21
+```
+
+Then use `run-clang-tidy` from the LLVM 21 Homebrew prefix when running clang-tidy locally.

include/xrpl/basics/BasicConfig.h

@@ -311,7 +311,7 @@ template <class T>
 bool
 set(T& target, T const& defaultValue, std::string const& name, Section const& section)
 {
-    bool found_and_valid = set<T>(target, name, section);
+    bool const found_and_valid = set<T>(target, name, section);
     if (!found_and_valid)
         target = defaultValue;
     return found_and_valid;

include/xrpl/basics/IntrusivePointer.ipp

@@ -68,9 +68,7 @@ SharedIntrusive<T>::operator=(SharedIntrusive const& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedIntrusive<T>&
 SharedIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -101,9 +99,7 @@ SharedIntrusive<T>::operator=(SharedIntrusive&& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedIntrusive<T>&
 SharedIntrusive<T>::operator=(SharedIntrusive<TT>&& rhs)
 {
@@ -307,9 +303,7 @@ WeakIntrusive<T>::WeakIntrusive(SharedIntrusive<T> const& rhs) : ptr_{rhs.unsafe
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 WeakIntrusive<T>&
 WeakIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -454,9 +448,7 @@ SharedWeakUnion<T>::operator=(SharedWeakUnion const& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedWeakUnion<T>&
 SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -470,9 +462,7 @@ SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedWeakUnion<T>&
 SharedWeakUnion<T>::operator=(SharedIntrusive<TT>&& rhs)
 {

include/xrpl/basics/IntrusiveRefCounts.h

@@ -448,7 +448,7 @@ inline void
 partialDestructorFinished(T** o)
 {
     T& self = **o;
-    IntrusiveRefCounts::RefCountPair p =
+    IntrusiveRefCounts::RefCountPair const p =
         self.refCounts.fetch_or(IntrusiveRefCounts::partialDestroyFinishedMask);
     XRPL_ASSERT(
         (!p.partialDestroyFinishedBit && p.partialDestroyStartedBit && !p.strong),

include/xrpl/basics/SlabAllocator.h

@@ -94,7 +94,7 @@ class SlabAllocator
             std::uint8_t* ret;
 
             {
-                std::lock_guard l(m_);
+                std::lock_guard const l(m_);
 
                 ret = l_;
 
@@ -123,7 +123,7 @@ class SlabAllocator
         {
             XRPL_ASSERT(own(ptr), "xrpl::SlabAllocator::SlabBlock::deallocate : own input");
 
-            std::lock_guard l(m_);
+            std::lock_guard const l(m_);
 
             // Use memcpy to avoid unaligned UB
             // (will optimize to equivalent code)
@@ -210,16 +210,13 @@ public:
 
         // No slab can satisfy our request, so we attempt to allocate a new
         // one here:
-        std::size_t size = slabSize_;
+        std::size_t const size = slabSize_;
 
         // We want to allocate the memory at a 2 MiB boundary, to make it
         // possible to use hugepage mappings on Linux:
         auto buf = boost::alignment::aligned_alloc(megabytes(std::size_t(2)), size);
-
-        // clang-format off
         if (!buf) [[unlikely]]
             return nullptr;
-        // clang-format on
 
 #if BOOST_OS_LINUX
         // When allocating large blocks, attempt to leverage Linux's

include/xrpl/basics/StringUtilities.h

@@ -66,12 +66,12 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     while (iter != end)
     {
-        int cHigh = digitLookupTable[*iter++];
+        int const cHigh = digitLookupTable[*iter++];
 
         if (cHigh < 0)
             return {};
 
-        int cLow = digitLookupTable[*iter++];
+        int const cLow = digitLookupTable[*iter++];
 
         if (cLow < 0)
             return {};

include/xrpl/basics/base_uint.h

@@ -212,7 +212,7 @@ private:
         while (in != sv.end())
         {
             std::uint32_t accum = {};
-            for (std::uint32_t shift : {4u, 0u, 12u, 8u, 20u, 16u, 28u, 24u})
+            for (std::uint32_t const shift : {4u, 0u, 12u, 8u, 20u, 16u, 28u, 24u})
             {
                 if (auto const result = hexCharToUInt(*in++, shift, accum);
                     result != ParseResult::okay)
@@ -444,7 +444,7 @@ public:
 
         for (int i = WIDTH; i--;)
         {
-            std::uint64_t n = carry + boost::endian::big_to_native(data_[i]) +
+            std::uint64_t const n = carry + boost::endian::big_to_native(data_[i]) +
                 boost::endian::big_to_native(b.data_[i]);
 
             data_[i] = boost::endian::native_to_big(static_cast<std::uint32_t>(n));

include/xrpl/basics/contract.h

@@ -54,7 +54,7 @@ Throw(Args&&... args)
 
     E e(std::forward<Args>(args)...);
     LogThrow(std::string("Throwing exception of type " + beast::type_name<E>() + ": ") + e.what());
-    throw e;
+    throw std::move(e);
 }
 
 /** Called when faulty logic causes a broken invariant. */

include/xrpl/basics/hardened_hash.h

@@ -32,7 +32,7 @@ make_seed_pair() noexcept
         // state_t& operator=(state_t const&) = delete;
     };
     static state_t state;
-    std::lock_guard lock(state.mutex);
+    std::lock_guard const lock(state.mutex);
     return {state.dist(state.gen), state.dist(state.gen)};
 }
 

include/xrpl/basics/random.h

@@ -14,11 +14,13 @@ namespace xrpl {
 
 #ifndef __INTELLISENSE__
 static_assert(
+    // NOLINTNEXTLINE(misc-redundant-expression)
     std::is_integral<beast::xor_shift_engine::result_type>::value &&
         std::is_unsigned<beast::xor_shift_engine::result_type>::value,
     "The Ripple default PRNG engine must return an unsigned integral type.");
 
 static_assert(
+    // NOLINTNEXTLINE(misc-redundant-expression)
     std::numeric_limits<beast::xor_shift_engine::result_type>::max() >=
         std::numeric_limits<std::uint64_t>::max(),
     "The Ripple default PRNG engine return must be at least 64 bits wide.");
@@ -58,7 +60,7 @@ default_prng()
     thread_local beast::xor_shift_engine engine = [] {
         std::uint64_t seed;
         {
-            std::lock_guard lk(m);
+            std::lock_guard const lk(m);
             std::uniform_int_distribution<std::uint64_t> distribution{1};
             seed = distribution(seeder);
         }

include/xrpl/beast/asio/io_latency_probe.h

@@ -83,7 +83,7 @@ public:
     void
     sample_one(Handler&& handler)
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         if (m_cancel)
             throw std::logic_error("io_latency_probe is canceled");
         boost::asio::post(
@@ -98,7 +98,7 @@ public:
     void
     sample(Handler&& handler)
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         if (m_cancel)
             throw std::logic_error("io_latency_probe is canceled");
         boost::asio::post(
@@ -122,14 +122,14 @@ private:
     void
     addref()
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         ++m_count;
     }
 
     void
     release()
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         if (--m_count == 0)
             m_cond.notify_all();
     }
@@ -192,7 +192,7 @@ private:
             m_handler(elapsed);
 
             {
-                std::lock_guard lock(m_probe->m_mutex);
+                std::lock_guard const lock(m_probe->m_mutex);
                 if (m_probe->m_cancel)
                     return;
             }

include/xrpl/beast/container/aged_map.h

@@ -16,4 +16,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_map = detail::aged_ordered_container<false, true, Key, T, Clock, Compare, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_multimap.h

@@ -16,4 +16,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_multimap = detail::aged_ordered_container<true, true, Key, T, Clock, Compare, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_multiset.h

@@ -15,4 +15,4 @@ template <
     class Allocator = std::allocator<Key>>
 using aged_multiset =
     detail::aged_ordered_container<true, false, Key, void, Clock, Compare, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/aged_set.h

@@ -15,4 +15,4 @@ template <
     class Allocator = std::allocator<Key>>
 using aged_set = detail::aged_ordered_container<false, false, Key, void, Clock, Compare, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_map.h

@@ -17,4 +17,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_unordered_map =
     detail::aged_unordered_container<false, true, Key, T, Clock, Hash, KeyEqual, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_multimap.h

@@ -17,4 +17,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_unordered_multimap =
     detail::aged_unordered_container<true, true, Key, T, Clock, Hash, KeyEqual, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_multiset.h

@@ -17,4 +17,4 @@ template <
 using aged_unordered_multiset =
     detail::aged_unordered_container<true, false, Key, void, Clock, Hash, KeyEqual, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_set.h

@@ -16,4 +16,4 @@ template <
     class Allocator = std::allocator<Key>>
 using aged_unordered_set =
     detail::aged_unordered_container<false, false, Key, void, Clock, Hash, KeyEqual, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/core/List.h

@@ -449,7 +449,7 @@ public:
     iterator
     erase(iterator pos) noexcept
     {
-        Node* node = &*pos;
+        Node const* node = &*pos;
         ++pos;
         node->m_next->m_prev = node->m_prev;
         node->m_prev->m_next = node->m_next;

include/xrpl/beast/test/yield_to.h

@@ -114,7 +114,7 @@ enable_yield_to::spawn(F0&& f, FN&&... fn)
         boost::context::fixedsize_stack(2 * 1024 * 1024),
         [&](yield_context yield) {
             f(yield);
-            std::lock_guard lock{m_};
+            std::lock_guard const lock{m_};
             if (--running_ == 0)
                 cv_.notify_all();
         },

include/xrpl/beast/unit_test/runner.h

@@ -228,7 +228,7 @@ template <class>
 void
 runner::testcase(std::string const& name)
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     // Name may not be empty
     BOOST_ASSERT(default_ || !name.empty());
     // Forgot to call pass or fail
@@ -244,7 +244,7 @@ template <class>
 void
 runner::pass()
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     if (default_)
         testcase("");
     on_pass();
@@ -255,7 +255,7 @@ template <class>
 void
 runner::fail(std::string const& reason)
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     if (default_)
         testcase("");
     on_fail(reason);
@@ -267,7 +267,7 @@ template <class>
 void
 runner::log(std::string const& s)
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     if (default_)
         testcase("");
     on_log(s);

include/xrpl/beast/unit_test/suite.h

@@ -300,7 +300,7 @@ private:
     static suite**
     p_this_suite()
     {
-        static suite* pts = nullptr;
+        static suite* pts = nullptr;  // NOLINT(misc-const-correctness)
         return &pts;
     }
 

include/xrpl/beast/utility/Zero.h

@@ -28,7 +28,7 @@ struct Zero
 
 namespace {
 static constexpr Zero zero{};
-}
+}  // namespace
 
 /** Default implementation of signum calls the method on the class. */
 template <typename T>

include/xrpl/beast/utility/instrumentation.h

@@ -15,7 +15,7 @@
 #define ALWAYS_OR_UNREACHABLE(cond, message) assert((message) && (cond))
 #define SOMETIMES(cond, message, ...)
 #define REACHABLE(message, ...)
-#define UNREACHABLE(message, ...) assert((message) && false)
+#define UNREACHABLE(message, ...) assert((message) && false)  // NOLINT(misc-static-assert)
 #endif
 
 #define XRPL_ASSERT ALWAYS_OR_UNREACHABLE

include/xrpl/core/ClosureCounter.h

@@ -56,7 +56,7 @@ private:
         // a lock.  This removes a small timing window that occurs if the
         // waiting thread is handling a spurious wakeup when closureCount_
         // drops to zero.
-        std::lock_guard lock{mutex_};
+        std::lock_guard const lock{mutex_};
 
         // Update closureCount_.  Notify if stopping and closureCount_ == 0.
         if ((--closureCount_ == 0) && waitForClosures_)
@@ -168,7 +168,7 @@ public:
     {
         std::optional<Substitute<Closure>> ret;
 
-        std::lock_guard lock{mutex_};
+        std::lock_guard const lock{mutex_};
         if (!waitForClosures_)
             ret.emplace(*this, std::forward<Closure>(closure));
 
@@ -191,7 +191,7 @@ public:
     bool
     joined() const
     {
-        std::lock_guard lock{mutex_};
+        std::lock_guard const lock{mutex_};
         return waitForClosures_;
     }
 };

include/xrpl/core/Coro.ipp

@@ -70,14 +70,24 @@ JobQueue::Coro::resume()
         running_ = true;
     }
     {
-        std::lock_guard lock(jq_.m_mutex);
+        std::lock_guard lk(jq_.m_mutex);
         --jq_.nSuspend_;
     }
     auto saved = detail::getLocalValues().release();
     detail::getLocalValues().reset(&lvs_);
     std::lock_guard lock(mutex_);
-    XRPL_ASSERT(static_cast<bool>(coro_), "xrpl::JobQueue::Coro::resume : is runnable");
-    coro_();
+    // A late resume() can arrive after the coroutine has already completed.
+    // This is an expected (if rare) outcome of the race condition documented
+    // in JobQueue.h:354-377 where post() schedules a resume job before the
+    // coroutine yields — the mutex serializes access, but by the time this
+    // resume() acquires the lock the coroutine may have already run to
+    // completion. Calling operator() on a completed boost::coroutine2 is
+    // undefined behavior, so we must check and skip invoking the coroutine
+    // body if it has already completed.
+    if (coro_)
+    {
+        coro_();
+    }
     detail::getLocalValues().release();
     detail::getLocalValues().reset(saved);
     std::lock_guard lk(mutex_run_);

include/xrpl/core/JobQueue.h

@@ -16,7 +16,7 @@ namespace xrpl {
 
 namespace perf {
 class PerfLog;
-}
+}  // namespace perf
 
 class Logs;
 struct Coro_create_t
@@ -99,8 +99,8 @@ public:
             Effects:
                The coroutine continues execution from where it last left off
                  using this same thread.
-            Undefined behavior if called after the coroutine has completed
-              with a return (as opposed to a yield()).
+               If the coroutine has already completed, returns immediately
+                 (handles the documented post-before-yield race condition).
             Undefined behavior if resume() or post() called consecutively
               without a corresponding yield.
         */
@@ -316,7 +316,7 @@ private:
     // Returns the limit of running jobs for the given job type.
     // For jobs with no limit, we return the largest int. Hopefully that
     // will be enough.
-    int
+    static int
     getJobLimit(JobType type);
 };
 
@@ -357,8 +357,10 @@ private:
     If the post() job were to be executed before yield(), undefined behavior
     would occur. The lock ensures that coro_ is not called again until we exit
     the coroutine. At which point a scheduled resume() job waiting on the lock
-    would gain entry, harmlessly call coro_ and immediately return as we have
-    already completed the coroutine.
+    would gain entry. resume() checks if the coroutine has already completed
+    (coro_ converts to false) and, if so, skips invoking operator() since
+    calling operator() on a completed boost::coroutine2 pull_type is undefined
+    behavior.
 
     The race condition occurs as follows:
 

include/xrpl/core/JobTypes.h

@@ -24,7 +24,7 @@ private:
               std::chrono::milliseconds{0})
     {
         using namespace std::chrono_literals;
-        int maxLimit = std::numeric_limits<int>::max();
+        int const maxLimit = std::numeric_limits<int>::max();
 
         auto add = [this](
                        JobType jt,

include/xrpl/core/PeerReservationTable.h

@@ -67,7 +67,7 @@ public:
     bool
     contains(PublicKey const& nodeId)
     {
-        std::lock_guard lock(this->mutex_);
+        std::lock_guard const lock(this->mutex_);
         return table_.find({nodeId}) != table_.end();
     }
 

include/xrpl/core/PerfLog.h

@@ -14,7 +14,7 @@
 
 namespace beast {
 class Journal;
-}
+}  // namespace beast
 
 namespace xrpl {
 class Application;

include/xrpl/core/ServiceRegistry.h

@@ -3,7 +3,6 @@
 #include <xrpl/basics/Blob.h>
 #include <xrpl/basics/SHAMapHash.h>
 #include <xrpl/basics/TaggedCache.h>
-#include <xrpl/ledger/CachedSLEs.h>
 
 #include <boost/asio.hpp>
 
@@ -12,17 +11,31 @@ namespace xrpl {
 // Forward declarations
 namespace NodeStore {
 class Database;
-}
+}  // namespace NodeStore
 namespace Resource {
 class Manager;
-}
+}  // namespace Resource
 namespace perf {
 class PerfLog;
-}
+}  // namespace perf
 
 // This is temporary until we migrate all code to use ServiceRegistry.
 class Application;
 
+template <
+    class Key,
+    class T,
+    bool IsKeyCache,
+    class SharedWeakUnionPointer,
+    class SharedPointerType,
+    class Hash,
+    class KeyEqual,
+    class Mutex>
+class TaggedCache;
+class STLedgerEntry;
+using SLE = STLedgerEntry;
+using CachedSLEs = TaggedCache<uint256, SLE const>;
+
 // Forward declarations
 class AcceptedLedger;
 class AmendmentTable;
@@ -45,7 +58,7 @@ class NetworkIDService;
 class OpenLedger;
 class OrderBookDB;
 class Overlay;
-class PathRequests;
+class PathRequestManager;
 class PeerReservationTable;
 class PendingSaves;
 class RelationalDatabase;
@@ -89,7 +102,7 @@ public:
     getNodeFamily() = 0;
 
     virtual TimeKeeper&
-    timeKeeper() = 0;
+    getTimeKeeper() = 0;
 
     virtual JobQueue&
     getJobQueue() = 0;
@@ -98,7 +111,7 @@ public:
     getTempNodeCache() = 0;
 
     virtual CachedSLEs&
-    cachedSLEs() = 0;
+    getCachedSLEs() = 0;
 
     virtual NetworkIDService&
     getNetworkIDService() = 0;
@@ -120,26 +133,26 @@ public:
     getValidations() = 0;
 
     virtual ValidatorList&
-    validators() = 0;
+    getValidators() = 0;
 
     virtual ValidatorSite&
-    validatorSites() = 0;
+    getValidatorSites() = 0;
 
     virtual ManifestCache&
-    validatorManifests() = 0;
+    getValidatorManifests() = 0;
 
     virtual ManifestCache&
-    publisherManifests() = 0;
+    getPublisherManifests() = 0;
 
     // Network services
     virtual Overlay&
-    overlay() = 0;
+    getOverlay() = 0;
 
     virtual Cluster&
-    cluster() = 0;
+    getCluster() = 0;
 
     virtual PeerReservationTable&
-    peerReservations() = 0;
+    getPeerReservations() = 0;
 
     virtual Resource::Manager&
     getResourceManager() = 0;
@@ -174,13 +187,13 @@ public:
     getLedgerReplayer() = 0;
 
     virtual PendingSaves&
-    pendingSaves() = 0;
+    getPendingSaves() = 0;
 
     virtual OpenLedger&
-    openLedger() = 0;
+    getOpenLedger() = 0;
 
     virtual OpenLedger const&
-    openLedger() const = 0;
+    getOpenLedger() const = 0;
 
     // Transaction and operation services
     virtual NetworkOPs&
@@ -195,8 +208,8 @@ public:
     virtual TxQ&
     getTxQ() = 0;
 
-    virtual PathRequests&
-    getPathRequests() = 0;
+    virtual PathRequestManager&
+    getPathRequestManager() = 0;
 
     // Server services
     virtual ServerHandler&
@@ -210,16 +223,16 @@ public:
     isStopping() const = 0;
 
     virtual beast::Journal
-    journal(std::string const& name) = 0;
+    getJournal(std::string const& name) = 0;
 
     virtual boost::asio::io_context&
     getIOContext() = 0;
 
     virtual Logs&
-    logs() = 0;
+    getLogs() = 0;
 
     virtual std::optional<uint256> const&
-    trapTxID() const = 0;
+    getTrapTxID() const = 0;
 
     /** Retrieve the "wallet database" */
     virtual DatabaseCon&
@@ -228,7 +241,7 @@ public:
     // Temporary: Get the underlying Application for functions that haven't
     // been migrated yet. This should be removed once all code is migrated.
     virtual Application&
-    app() = 0;
+    getApp() = 0;
 };
 
 }  // namespace xrpl

include/xrpl/core/StartUpType.h

@@ -5,7 +5,7 @@
 
 namespace xrpl {
 
-enum class StartUpType { FRESH, NORMAL, LOAD, LOAD_FILE, REPLAY, NETWORK };
+enum class StartUpType { Fresh, Normal, Load, LoadFile, Replay, Network };
 
 inline std::ostream&
 operator<<(std::ostream& os, StartUpType const& type)

include/xrpl/core/detail/Workers.h

@@ -13,7 +13,7 @@ namespace xrpl {
 
 namespace perf {
 class PerfLog;
-}
+}  // namespace perf
 
 /**
  * `Workers` is effectively a thread pool. The constructor takes a "callback"

include/xrpl/core/detail/semaphore.h

@@ -55,7 +55,7 @@ public:
     void
     notify()
     {
-        std::lock_guard lock{m_mutex};
+        std::lock_guard const lock{m_mutex};
         ++m_count;
         m_cond.notify_one();
     }

include/xrpl/json/json_value.h

@@ -641,7 +641,7 @@ public:
     SelfType
     operator++(int)
     {
-        SelfType temp(*this);
+        SelfType const temp(*this);
         ++*this;
         return temp;
     }
@@ -649,7 +649,7 @@ public:
     SelfType
     operator--(int)
     {
-        SelfType temp(*this);
+        SelfType const temp(*this);
         --*this;
         return temp;
     }

include/xrpl/ledger/AmendmentTable.h

@@ -143,7 +143,7 @@ public:
         // Inject appropriate pseudo-transactions
         for (auto const& it : actions)
         {
-            STTx amendTx(ttAMENDMENT, [&it, seq = lastClosedLedger->seq() + 1](auto& obj) {
+            STTx const amendTx(ttAMENDMENT, [&it, seq = lastClosedLedger->seq() + 1](auto& obj) {
                 obj.setAccountID(sfAccount, AccountID());
                 obj.setFieldH256(sfAmendment, it.first);
                 obj.setFieldU32(sfLedgerSequence, seq);

include/xrpl/ledger/CachedSLEs.h

@@ -6,4 +6,4 @@
 
 namespace xrpl {
 using CachedSLEs = TaggedCache<uint256, SLE const>;
-}
+}  // namespace xrpl

include/xrpl/ledger/Ledger.h

@@ -1,13 +1,12 @@
 #pragma once
 
-#include <xrpld/core/Config.h>
-#include <xrpld/core/TimeKeeper.h>
-
 #include <xrpl/basics/CountedObject.h>
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/ledger/CachedView.h>
 #include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Fees.h>
 #include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/Rules.h>
 #include <xrpl/protocol/STLedgerEntry.h>
 #include <xrpl/protocol/Serializer.h>
 #include <xrpl/protocol/TxMeta.h>
@@ -15,7 +14,7 @@
 
 namespace xrpl {
 
-class Application;
+class ServiceRegistry;
 class Job;
 class TransactionMaster;
 
@@ -83,21 +82,26 @@ public:
     */
     Ledger(
         create_genesis_t,
-        Config const& config,
+        Rules const& rules,
+        Fees const& fees,
         std::vector<uint256> const& amendments,
         Family& family);
 
-    Ledger(LedgerHeader const& info, Config const& config, Family& family);
+    Ledger(LedgerHeader const& info, Rules const& rules, Family& family);
 
     /** Used for ledgers loaded from JSON files
 
         @param acquire If true, acquires the ledger if not found locally
+
+        @note The fees parameter provides default values, but setup() may
+              override them from the ledger state if fee-related SLEs exist.
     */
     Ledger(
         LedgerHeader const& info,
         bool& loaded,
         bool acquire,
-        Config const& config,
+        Rules const& rules,
+        Fees const& fees,
         Family& family,
         beast::Journal j);
 
@@ -113,7 +117,8 @@ public:
     Ledger(
         std::uint32_t ledgerSeq,
         NetClock::time_point closeTime,
-        Config const& config,
+        Rules const& rules,
+        Fees const& fees,
         Family& family);
 
     ~Ledger() = default;
@@ -322,7 +327,7 @@ public:
     walkLedger(beast::Journal j, bool parallel = false) const;
 
     bool
-    assertSensible(beast::Journal ledgerJ) const;
+    isSensible() const;
 
     void
     invariants() const;
@@ -379,8 +384,26 @@ private:
     bool
     setup();
 
-    void
-    defaultFees(Config const& config);
+    /** @brief Deserialize a SHAMapItem containing a single STTx.
+     *
+     * @param item The SHAMapItem to deserialize.
+     * @return A shared pointer to the deserialized transaction.
+     * @throw May throw on deserialization error.
+     */
+    static std::shared_ptr<STTx const>
+    deserializeTx(SHAMapItem const& item);
+
+    /** @brief Deserialize a SHAMapItem containing STTx + STObject metadata.
+     *
+     * The SHAMapItem must contain two variable length serialization objects.
+     *
+     * @param item The SHAMapItem to deserialize.
+     * @return A pair containing shared pointers to the deserialized transaction
+     *         and metadata.
+     * @throw May throw on deserialization error.
+     */
+    static std::pair<std::shared_ptr<STTx const>, std::shared_ptr<STObject const>>
+    deserializeTxPlusMeta(SHAMapItem const& item);
 
     bool mImmutable;
 
@@ -402,54 +425,4 @@ private:
 /** A ledger wrapped in a CachedView. */
 using CachedLedger = CachedView<Ledger>;
 
-//------------------------------------------------------------------------------
-//
-// API
-//
-//------------------------------------------------------------------------------
-
-extern bool
-pendSaveValidated(
-    Application& app,
-    std::shared_ptr<Ledger const> const& ledger,
-    bool isSynchronous,
-    bool isCurrent);
-
-std::shared_ptr<Ledger>
-loadLedgerHelper(LedgerHeader const& sinfo, Application& app, bool acquire);
-
-std::shared_ptr<Ledger>
-loadByIndex(std::uint32_t ledgerIndex, Application& app, bool acquire = true);
-
-std::shared_ptr<Ledger>
-loadByHash(uint256 const& ledgerHash, Application& app, bool acquire = true);
-
-// Fetch the ledger with the highest sequence contained in the database
-extern std::tuple<std::shared_ptr<Ledger>, std::uint32_t, uint256>
-getLatestLedger(Application& app);
-
-/** Deserialize a SHAMapItem containing a single STTx
-
-    Throw:
-
-        May throw on deserializaton error
-*/
-std::shared_ptr<STTx const>
-deserializeTx(SHAMapItem const& item);
-
-/** Deserialize a SHAMapItem containing STTx + STObject metadata
-
-    The SHAMap must contain two variable length
-    serialization objects.
-
-    Throw:
-
-        May throw on deserializaton error
-*/
-std::pair<std::shared_ptr<STTx const>, std::shared_ptr<STObject const>>
-deserializeTxPlusMeta(SHAMapItem const& item);
-
-uint256
-calculateLedgerHash(LedgerHeader const& info);
-
 }  // namespace xrpl

include/xrpl/ledger/OrderBookDB.h

@@ -76,16 +76,33 @@ public:
         @return true if a book from this issue to XRP exists
     */
     virtual bool
-    isBookToXRP(Issue const& issue, std::optional<Domain> domain = std::nullopt) = 0;
+    isBookToXRP(Issue const& issue, std::optional<Domain> const& domain = std::nullopt) = 0;
 
+    /**
+     * Process a transaction for order book tracking.
+     * @param ledger The ledger the transaction was applied to
+     * @param alTx The transaction to process
+     * @param jvObj The JSON object of the transaction
+     */
     virtual void
     processTxn(
         std::shared_ptr<ReadView const> const& ledger,
         AcceptedLedgerTx const& alTx,
         MultiApiJson const& jvObj) = 0;
 
+    /**
+     * Get the book listeners for a book.
+     * @param book The book to get the listeners for
+     * @return The book listeners for the book
+     */
     virtual BookListeners::pointer
     getBookListeners(Book const&) = 0;
+
+    /**
+     * Create a new book listeners for a book.
+     * @param book The book to create the listeners for
+     * @return The new book listeners for the book
+     */
     virtual BookListeners::pointer
     makeBookListeners(Book const&) = 0;
 };

include/xrpl/ledger/PendingSaves.h

@@ -31,7 +31,7 @@ public:
     bool
     startWork(LedgerIndex seq)
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
 
         auto it = map_.find(seq);
 
@@ -54,7 +54,7 @@ public:
     void
     finishWork(LedgerIndex seq)
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
 
         map_.erase(seq);
         await_.notify_all();
@@ -64,7 +64,7 @@ public:
     bool
     pending(LedgerIndex seq)
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
         return map_.find(seq) != map_.end();
     }
 
@@ -117,7 +117,7 @@ public:
     std::map<LedgerIndex, bool>
     getSnapshot() const
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
 
         return map_;
     }

include/xrpl/nodestore/detail/varint.h

@@ -82,6 +82,7 @@ template <class = void>
 std::size_t
 write_varint(void* p0, std::size_t v)
 {
+    // NOLINTNEXTLINE(misc-const-correctness)
     std::uint8_t* p = reinterpret_cast<std::uint8_t*>(p0);
     do
     {

include/xrpl/protocol/AmountConversions.h

@@ -102,7 +102,7 @@ template <typename T>
 T
 toAmount(Issue const& issue, Number const& n, Number::rounding_mode mode = Number::getround())
 {
-    saveNumberRoundMode rm(Number::getround());
+    saveNumberRoundMode const rm(Number::getround());
     if (isXRP(issue))
         Number::setround(mode);
 

include/xrpl/protocol/Fees.h

@@ -4,6 +4,10 @@
 
 namespace xrpl {
 
+// Deprecated constant for backwards compatibility with pre-XRPFees amendment.
+// This was the reference fee units used in the old fee calculation.
+inline constexpr std::uint32_t FEE_UNITS_DEPRECATED = 10;
+
 /** Reflects the fee settings for a particular ledger.
 
     The fees are always the same for any transactions applied
@@ -11,15 +15,25 @@ namespace xrpl {
 */
 struct Fees
 {
-    XRPAmount base{0};       // Reference tx cost (drops)
-    XRPAmount reserve{0};    // Reserve base (drops)
-    XRPAmount increment{0};  // Reserve increment (drops)
+    /** @brief Cost of a reference transaction in drops. */
+    XRPAmount base{0};
+
+    /** @brief Minimum XRP an account must hold to exist on the ledger. */
+    XRPAmount reserve{0};
+
+    /** @brief Additional XRP reserve required per owned ledger object. */
+    XRPAmount increment{0};
 
     explicit Fees() = default;
     Fees(Fees const&) = default;
     Fees&
     operator=(Fees const&) = default;
 
+    Fees(XRPAmount base_, XRPAmount reserve_, XRPAmount increment_)
+        : base(base_), reserve(reserve_), increment(increment_)
+    {
+    }
+
     /** Returns the account reserve given the owner count, in drops.
 
         The reserve is calculated as the reserve base plus

include/xrpl/protocol/Issue.h

@@ -96,7 +96,7 @@ operator<=>(Issue const& lhs, Issue const& rhs)
 inline Issue const&
 xrpIssue()
 {
-    static Issue issue{xrpCurrency(), xrpAccount()};
+    static Issue const issue{xrpCurrency(), xrpAccount()};
     return issue;
 }
 
@@ -104,7 +104,7 @@ xrpIssue()
 inline Issue const&
 noIssue()
 {
-    static Issue issue{noCurrency(), noAccount()};
+    static Issue const issue{noCurrency(), noAccount()};
     return issue;
 }
 

include/xrpl/protocol/LedgerHeader.h

@@ -72,4 +72,8 @@ deserializeHeader(Slice data, bool hasHash = false);
 LedgerHeader
 deserializePrefixedHeader(Slice data, bool hasHash = false);
 
+/** Calculate the hash of a ledger header. */
+uint256
+calculateLedgerHash(LedgerHeader const& info);
+
 }  // namespace xrpl

include/xrpl/protocol/Permissions.h

@@ -72,12 +72,12 @@ public:
     isDelegable(std::uint32_t const& permissionValue, Rules const& rules) const;
 
     // for tx level permission, permission value is equal to tx type plus one
-    uint32_t
-    txToPermissionType(TxType const& type) const;
+    static uint32_t
+    txToPermissionType(TxType const& type);
 
     // tx type value is permission value minus one
-    TxType
-    permissionToTxType(uint32_t const& value) const;
+    static TxType
+    permissionToTxType(uint32_t const& value);
 };
 
 }  // namespace xrpl

include/xrpl/protocol/Quality.h

@@ -304,8 +304,8 @@ Quality::ceil_TAmounts_helper(
 
     // Use the existing STAmount implementation for now, but consider
     // replacing with code specific to IOUAMount and XRPAmount
-    Amounts stAmt(toSTAmount(amount.in), toSTAmount(amount.out));
-    STAmount stLim(toSTAmount(limit));
+    Amounts const stAmt(toSTAmount(amount.in), toSTAmount(amount.out));
+    STAmount const stLim(toSTAmount(limit));
     Amounts const stRes = ((*this).*ceil_function)(stAmt, stLim, roundUp...);
     return TAmounts<In, Out>(toAmount<In>(stRes.in), toAmount<Out>(stRes.out));
 }

include/xrpl/protocol/RippleLedgerHash.h

@@ -6,4 +6,4 @@ namespace xrpl {
 
 using LedgerHash = uint256;
 
-}
+}  // namespace xrpl

include/xrpl/protocol/STAmount.h

@@ -532,7 +532,7 @@ STAmount::fromNumber(A const& a, Number const& number)
 {
     bool const negative = number.mantissa() < 0;
     Number const working{negative ? -number : number};
-    Asset asset{a};
+    Asset const asset{a};
     if (asset.integral())
     {
         std::uint64_t const intValue = static_cast<std::int64_t>(working);
@@ -716,7 +716,7 @@ roundToAsset(
     std::int32_t scale,
     Number::rounding_mode rounding = Number::getround())
 {
-    NumberRoundModeGuard mg(rounding);
+    NumberRoundModeGuard const mg(rounding);
     STAmount const ret{asset, value};
     if (ret.integral())
         return ret;

include/xrpl/protocol/STBase.h

@@ -83,7 +83,7 @@ to_json(T const& t)
 
 namespace detail {
 class STVar;
-}
+}  // namespace detail
 
 // VFALCO TODO fix this restriction on copy assignment.
 //

include/xrpl/protocol/STLedgerEntry.h

@@ -8,7 +8,7 @@ namespace xrpl {
 class Rules;
 namespace test {
 class Invariants_test;
-}
+}  // namespace test
 
 class STLedgerEntry final : public STObject, public CountedObject<STLedgerEntry>
 {

include/xrpl/protocol/STObject.h

@@ -1153,7 +1153,7 @@ STObject::getFieldByValue(SField const& field) const
     if (!rf)
         throwFieldNotFound(field);
 
-    SerializedTypeID id = rf->getSType();
+    SerializedTypeID const id = rf->getSType();
 
     if (id == STI_NOTPRESENT)
         return V();  // optional field not present
@@ -1180,7 +1180,7 @@ STObject::getFieldByConstRef(SField const& field, V const& empty) const
     if (!rf)
         throwFieldNotFound(field);
 
-    SerializedTypeID id = rf->getSType();
+    SerializedTypeID const id = rf->getSType();
 
     if (id == STI_NOTPRESENT)
         return empty;  // optional field not present

include/xrpl/protocol/STVector256.h

@@ -69,9 +69,6 @@ public:
     std::vector<uint256>::iterator
     insert(std::vector<uint256>::const_iterator pos, uint256 const& value);
 
-    std::vector<uint256>::iterator
-    insert(std::vector<uint256>::const_iterator pos, uint256&& value);
-
     void
     push_back(uint256 const& v);
 
@@ -184,12 +181,6 @@ STVector256::insert(std::vector<uint256>::const_iterator pos, uint256 const& val
     return mValue.insert(pos, value);
 }
 
-inline std::vector<uint256>::iterator
-STVector256::insert(std::vector<uint256>::const_iterator pos, uint256&& value)
-{
-    return mValue.insert(pos, std::move(value));
-}
-
 inline void
 STVector256::push_back(uint256 const& v)
 {

include/xrpl/protocol/Serializer.h

@@ -69,7 +69,7 @@ public:
     int
     add32(T i)
     {
-        int ret = mData.size();
+        int const ret = mData.size();
         mData.push_back(static_cast<unsigned char>((i >> 24) & 0xff));
         mData.push_back(static_cast<unsigned char>((i >> 16) & 0xff));
         mData.push_back(static_cast<unsigned char>((i >> 8) & 0xff));
@@ -85,7 +85,7 @@ public:
     int
     add64(T i)
     {
-        int ret = mData.size();
+        int const ret = mData.size();
         mData.push_back(static_cast<unsigned char>((i >> 56) & 0xff));
         mData.push_back(static_cast<unsigned char>((i >> 48) & 0xff));
         mData.push_back(static_cast<unsigned char>((i >> 40) & 0xff));
@@ -299,7 +299,7 @@ template <class Iter>
 int
 Serializer::addVL(Iter begin, Iter end, int len)
 {
-    int ret = addEncoded(len);
+    int const ret = addEncoded(len);
     for (; begin != end; ++begin)
     {
         addRaw(begin->data(), begin->size());
@@ -336,7 +336,7 @@ public:
         static_assert(N > 0, "");
     }
 
-    std::size_t
+    [[nodiscard]] bool
     empty() const noexcept
     {
         return remain_ == 0;

include/xrpl/protocol/TxSearched.h

@@ -2,6 +2,6 @@
 
 namespace xrpl {
 
-enum class TxSearched { all, some, unknown };
+enum class TxSearched { All, Some, Unknown };
 
-}
+}  // namespace xrpl

include/xrpl/protocol/detail/STVar.h

@@ -25,16 +25,10 @@ extern nonPresentObject_t nonPresentObject;
 
 // Concept to constrain STVar constructors, which
 // instantiate ST* types from SerializedTypeID
-// clang-format off
 template <typename... Args>
 concept ValidConstructSTArgs =
-    (std::is_same_v<
-         std::tuple<std::remove_cvref_t<Args>...>,
-         std::tuple<SField>> ||
-     std::is_same_v<
-         std::tuple<std::remove_cvref_t<Args>...>,
-         std::tuple<SerialIter, SField>>);
-// clang-format on
+    (std::is_same_v<std::tuple<std::remove_cvref_t<Args>...>, std::tuple<SField>> ||
+     std::is_same_v<std::tuple<std::remove_cvref_t<Args>...>, std::tuple<SerialIter, SField>>);
 
 // "variant" that can hold any type of serialized object
 // and includes a small-object allocation optimization.

include/xrpl/protocol/detail/features.macro

@@ -11,65 +11,65 @@
 #error "undefined macro: XRPL_RETIRE_FIX"
 #endif
 
-// clang-format off
 
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
 
-XRPL_FIX   (PermissionedDomainInvariant, Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (ExpiredNFTokenOfferRemoval, Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (BatchInnerSigs,             Supported::no, VoteBehavior::DefaultNo)
-XRPL_FEATURE(LendingProtocol,            Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(PermissionDelegationV1_1,   Supported::no,  VoteBehavior::DefaultNo)
-XRPL_FIX    (DirectoryLimit,             Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (IncludeKeyletFields,        Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(DynamicMPT,                 Supported::no,  VoteBehavior::DefaultNo)
-XRPL_FIX    (TokenEscrowV1,              Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (PriceOracleOrder,           Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (MPTDeliveredAmount,         Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (AMMClawbackRounding,        Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(TokenEscrow,                Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (EnforceNFTokenTrustlineV2,  Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (AMMv1_3,                    Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(PermissionedDEX,            Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(Batch,                      Supported::no,  VoteBehavior::DefaultNo)
-XRPL_FEATURE(SingleAssetVault,           Supported::yes,  VoteBehavior::DefaultNo)
-XRPL_FIX    (PayChanCancelAfter,         Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (Security3_1_3,               Supported::no, VoteBehavior::DefaultNo)
+XRPL_FIX    (PermissionedDomainInvariant, Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (ExpiredNFTokenOfferRemoval,  Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (BatchInnerSigs,              Supported::no, VoteBehavior::DefaultNo)
+XRPL_FEATURE(LendingProtocol,             Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(PermissionDelegationV1_1,    Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FIX    (DirectoryLimit,              Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (IncludeKeyletFields,         Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(DynamicMPT,                  Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FIX    (TokenEscrowV1,               Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (PriceOracleOrder,            Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (MPTDeliveredAmount,          Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMClawbackRounding,         Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(TokenEscrow,                 Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (EnforceNFTokenTrustlineV2,   Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMv1_3,                     Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(PermissionedDEX,             Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(Batch,                       Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FEATURE(SingleAssetVault,            Supported::yes,  VoteBehavior::DefaultNo)
+XRPL_FIX    (PayChanCancelAfter,          Supported::yes, VoteBehavior::DefaultNo)
 // Check flags in Credential transactions
-XRPL_FIX    (InvalidTxFlags,             Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (FrozenLPTokenTransfer,      Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(DeepFreeze,                 Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(PermissionedDomains,        Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(DynamicNFT,                 Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(Credentials,                Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(AMMClawback,                Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (AMMv1_2,                    Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(MPTokensV1,                 Supported::yes, VoteBehavior::DefaultNo)
-// InvariantsV1_1 will be changes to Supported::yes when all the
-// invariants expected to be included under it are complete.
-XRPL_FEATURE(InvariantsV1_1,             Supported::no,  VoteBehavior::DefaultNo)
-XRPL_FIX    (NFTokenPageLinks,           Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (InnerObjTemplate2,          Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (EnforceNFTokenTrustline,    Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (ReducedOffersV2,            Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(NFTokenMintOffer,           Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (AMMv1_1,                    Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (PreviousTxnID,              Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (XChainRewardRounding,       Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (EmptyDID,                   Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(PriceOracle,                Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (AMMOverflowOffer,           Supported::yes, VoteBehavior::DefaultYes)
-XRPL_FIX    (InnerObjTemplate,           Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (NFTokenReserve,             Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (FillOrKill,                 Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(DID,                        Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (DisallowIncomingV1,         Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(XChainBridge,               Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(AMM,                        Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(Clawback,                   Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (UniversalNumber,            Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(XRPFees,                    Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (RemoveNFTokenAutoTrustLine, Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (InvalidTxFlags,              Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (FrozenLPTokenTransfer,       Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(DeepFreeze,                  Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(PermissionedDomains,         Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(DynamicNFT,                  Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(Credentials,                 Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(AMMClawback,                 Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMv1_2,                     Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(MPTokensV1,                  Supported::yes, VoteBehavior::DefaultNo)
+// InvariantsV1_1 will be changed to Supported::yes when all the invariants expected to be included
+// under it are complete.
+XRPL_FEATURE(InvariantsV1_1,              Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FIX    (NFTokenPageLinks,            Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (InnerObjTemplate2,           Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (EnforceNFTokenTrustline,     Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (ReducedOffersV2,             Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(NFTokenMintOffer,            Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMv1_1,                     Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (PreviousTxnID,               Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (XChainRewardRounding,        Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (EmptyDID,                    Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(PriceOracle,                 Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMOverflowOffer,            Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (InnerObjTemplate,            Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (NFTokenReserve,              Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (FillOrKill,                  Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(DID,                         Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (DisallowIncomingV1,          Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(XChainBridge,                Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(AMM,                         Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(Clawback,                    Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (UniversalNumber,             Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(XRPFees,                     Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (RemoveNFTokenAutoTrustLine,  Supported::yes, VoteBehavior::DefaultYes)
 
 // The following amendments are obsolete, but must remain supported
 // because they could potentially get enabled.
@@ -143,5 +143,3 @@ XRPL_RETIRE_FEATURE(SortedDirectories)
 XRPL_RETIRE_FEATURE(TicketBatch)
 XRPL_RETIRE_FEATURE(TickSize)
 XRPL_RETIRE_FEATURE(TrustSetAuth)
-
-// clang-format on

include/xrpl/protocol/detail/sfields.macro

@@ -5,7 +5,6 @@
 #error "undefined macro: TYPED_SFIELD"
 #endif
 
-// clang-format off
 
 // untyped
 UNTYPED_SFIELD(sfLedgerEntry,            LEDGERENTRY, 257)
@@ -421,5 +420,3 @@ UNTYPED_SFIELD(sfAcceptedCredentials,    ARRAY,     28)
 UNTYPED_SFIELD(sfPermissions,            ARRAY,     29)
 UNTYPED_SFIELD(sfRawTransactions,        ARRAY,     30)
 UNTYPED_SFIELD(sfBatchSigners,           ARRAY,     31, SField::sMD_Default, SField::notSigning)
-
-// clang-format on

include/xrpl/protocol/detail/token_errors.h

@@ -15,7 +15,7 @@ enum class TokenCodecErrc {
     overflowAdd,
     unknown,
 };
-}
+}  // namespace xrpl
 
 namespace std {
 template <>
@@ -69,7 +69,7 @@ public:
 inline xrpl::detail::TokenCodecErrcCategory const&
 TokenCodecErrcCategory()
 {
-    static xrpl::detail::TokenCodecErrcCategory c;
+    static xrpl::detail::TokenCodecErrcCategory const c;
     return c;
 }
 

include/xrpl/protocol_autogen/.clang-tidy

@@ -0,0 +1,3 @@
+# This disables all checks for this directory and its subdirectories
+Checks: "-*"
+InheritParentConfig: false

include/xrpl/rdb/DatabaseCon.h

@@ -1,6 +1,7 @@
 #pragma once
 
 #include <xrpl/core/PerfLog.h>
+#include <xrpl/core/ServiceRegistry.h>
 #include <xrpl/core/StartUpType.h>
 #include <xrpl/rdb/DBInit.h>
 #include <xrpl/rdb/SociDB.h>
@@ -13,7 +14,7 @@
 
 namespace soci {
 class session;
-}
+}  // namespace soci
 
 namespace xrpl {
 
@@ -69,7 +70,7 @@ public:
     {
         explicit Setup() = default;
 
-        StartUpType startUp = StartUpType::NORMAL;
+        StartUpType startUp = StartUpType::Normal;
         bool standAlone = false;
         boost::filesystem::path dataDir;
         // Indicates whether or not to return the `globalPragma`
@@ -94,7 +95,7 @@ public:
     struct CheckpointerSetup
     {
         JobQueue* jobQueue;
-        Logs* logs;
+        std::reference_wrapper<ServiceRegistry> registry;
     };
 
     template <std::size_t N, std::size_t M>
@@ -106,9 +107,8 @@ public:
         beast::Journal journal)
         // Use temporary files or regular DB files?
         : DatabaseCon(
-              setup.standAlone && setup.startUp != StartUpType::LOAD &&
-                      setup.startUp != StartUpType::LOAD_FILE &&
-                      setup.startUp != StartUpType::REPLAY
+              setup.standAlone && setup.startUp != StartUpType::Load &&
+                      setup.startUp != StartUpType::LoadFile && setup.startUp != StartUpType::Replay
                   ? ""
                   : (setup.dataDir / dbName),
               setup.commonPragma(),
@@ -129,7 +129,7 @@ public:
         beast::Journal journal)
         : DatabaseCon(setup, dbName, pragma, initSQL, journal)
     {
-        setupCheckpointing(checkpointerSetup.jobQueue, *checkpointerSetup.logs);
+        setupCheckpointing(checkpointerSetup.jobQueue, checkpointerSetup.registry.get());
     }
 
     template <std::size_t N, std::size_t M>
@@ -154,7 +154,7 @@ public:
         beast::Journal journal)
         : DatabaseCon(dataDir, dbName, pragma, initSQL, journal)
     {
-        setupCheckpointing(checkpointerSetup.jobQueue, *checkpointerSetup.logs);
+        setupCheckpointing(checkpointerSetup.jobQueue, checkpointerSetup.registry.get());
     }
 
     ~DatabaseCon();
@@ -177,7 +177,7 @@ public:
 
 private:
     void
-    setupCheckpointing(JobQueue*, Logs&);
+    setupCheckpointing(JobQueue*, ServiceRegistry&);
 
     template <std::size_t N, std::size_t M>
     DatabaseCon(

include/xrpl/rdb/RelationalDatabase.h

@@ -49,8 +49,9 @@ public:
     struct AccountTxOptions
     {
         AccountID const& account;
-        std::uint32_t minLedger;
-        std::uint32_t maxLedger;
+        /// Ledger sequence range to search. A value of 0 for min or max
+        /// means unbounded in that direction (no constraint applied).
+        LedgerRange ledgerRange;
         std::uint32_t offset;
         std::uint32_t limit;
         bool bUnlimited;
@@ -59,8 +60,7 @@ public:
     struct AccountTxPageOptions
     {
         AccountID const& account;
-        std::uint32_t minLedger;
-        std::uint32_t maxLedger;
+        LedgerRange ledgerRange;
         std::optional<AccountTxMarker> marker;
         std::uint32_t limit;
         bool bAdmin;
@@ -247,7 +247,7 @@ public:
      * @return Struct CountMinMax which contains the minimum sequence,
      *         maximum sequence and number of ledgers.
      */
-    virtual struct CountMinMax
+    virtual CountMinMax
     getLedgerCountMinMax() = 0;
 
     /**
@@ -405,10 +405,10 @@ public:
      * @param id Hash of the transaction.
      * @param range Range of ledgers to check, if present.
      * @param ec Default error code value.
-     * @return Transaction and its metadata if found, otherwise TxSearched::all
+     * @return Transaction and its metadata if found, otherwise TxSearched::All
      *         if a range is provided and all ledgers from the range are present
-     *         in the database, TxSearched::some if a range is provided and not
-     *         all ledgers are present, TxSearched::unknown if the range is not
+     *         in the database, TxSearched::Some if a range is provided and not
+     *         all ledgers are present, TxSearched::Unknown if the range is not
      *         provided or a deserializing error occurred. In the last case the
      *         error code is returned via the ec parameter, in other cases the
      *         default error code is not changed.
@@ -455,9 +455,10 @@ public:
     closeTransactionDB() = 0;
 };
 
-template <class T, class C>
+template <typename T, typename C>
 T
 rangeCheckedCast(C c)
+    requires(std::is_arithmetic_v<T> && std::is_arithmetic_v<C> && std::convertible_to<C, T>)
 {
     if ((c > std::numeric_limits<T>::max()) || (!std::numeric_limits<T>::is_signed && c < 0) ||
         (std::numeric_limits<T>::is_signed && std::numeric_limits<C>::is_signed &&

include/xrpl/rdb/SociDB.h

@@ -13,8 +13,8 @@
 #pragma clang diagnostic ignored "-Wdeprecated"
 #endif
 
-#include <xrpl/basics/Log.h>
 #include <xrpl/core/JobQueue.h>
+#include <xrpl/core/ServiceRegistry.h>
 
 #define SOCI_USE_BOOST
 #include <soci/soci.h>
@@ -25,7 +25,7 @@
 
 namespace sqlite_api {
 struct sqlite3;
-}
+}  // namespace sqlite_api
 
 namespace xrpl {
 
@@ -111,7 +111,7 @@ public:
     and so must outlive them both.
  */
 std::shared_ptr<Checkpointer>
-makeCheckpointer(std::uintptr_t id, std::weak_ptr<soci::session>, JobQueue&, Logs&);
+makeCheckpointer(std::uintptr_t id, std::weak_ptr<soci::session>, JobQueue&, ServiceRegistry&);
 
 }  // namespace xrpl
 

include/xrpl/resource/Fees.h

@@ -5,38 +5,30 @@
 namespace xrpl {
 namespace Resource {
 
-// clang-format off
 /** Schedule of fees charged for imposing load on the server. */
 /** @{ */
-extern Charge const feeMalformedRequest;    // A request that we can immediately
-                                          //   tell is invalid
-extern Charge const feeRequestNoReply;    // A request that we cannot satisfy
-extern Charge const feeInvalidSignature;  // An object whose signature we had
-                                          //   to check and it failed
-extern Charge const feeUselessData;      // Data we have no use for
-extern Charge const feeInvalidData;           // Data we have to verify before
-                                          //   rejecting
+extern Charge const feeMalformedRequest;  // A request that we can immediately tell is invalid.
+extern Charge const feeRequestNoReply;    // A request that we cannot satisfy.
+extern Charge const feeInvalidSignature;  // An object whose signature we had to check that failed.
+extern Charge const feeUselessData;       // Data we have no use for.
+extern Charge const feeInvalidData;       // Data we have to verify before rejecting.
 
 // RPC loads
-extern Charge const feeMalformedRPC;        // An RPC request that we can
-                                          //   immediately tell is invalid.
-extern Charge const feeReferenceRPC;      // A default "reference" unspecified
-                                          //   load
-extern Charge const feeExceptionRPC;      // RPC load that causes an exception
-extern Charge const feeMediumBurdenRPC;   // A somewhat burdensome RPC load
-extern Charge const feeHeavyBurdenRPC;     // A very burdensome RPC load
+extern Charge const feeMalformedRPC;     // An RPC request that we can immediately tell is invalid.
+extern Charge const feeReferenceRPC;     // A default "reference" unspecified load.
+extern Charge const feeExceptionRPC;     // RPC load that causes an exception.
+extern Charge const feeMediumBurdenRPC;  // A somewhat burdensome RPC load.
+extern Charge const feeHeavyBurdenRPC;   // A very burdensome RPC load.
 
 // Peer loads
-extern Charge const feeTrivialPeer;         // Requires no reply
-extern Charge const feeModerateBurdenPeer;  // Requires some work
-extern Charge const feeHeavyBurdenPeer;    // Extensive work
+extern Charge const feeTrivialPeer;         // Requires no reply.
+extern Charge const feeModerateBurdenPeer;  // Requires some work.
+extern Charge const feeHeavyBurdenPeer;     // Extensive work.
 
 // Administrative
-extern Charge const feeWarning;           // The cost of receiving a warning
-extern Charge const feeDrop;              // The cost of being dropped for
-                                          //   excess load
+extern Charge const feeWarning;  // The cost of receiving a warning.
+extern Charge const feeDrop;     // The cost of being dropped for excess load.
 /** @} */
-// clang-format on
 
 }  // namespace Resource
 }  // namespace xrpl

include/xrpl/resource/detail/Logic.h

@@ -93,7 +93,7 @@ public:
         Entry* entry(nullptr);
 
         {
-            std::lock_guard _(lock_);
+            std::lock_guard const _(lock_);
             auto [resultIt, resultInserted] = table_.emplace(
                 std::piecewise_construct,
                 std::make_tuple(kindInbound, address.at_port(0)),  // Key
@@ -123,7 +123,7 @@ public:
         Entry* entry(nullptr);
 
         {
-            std::lock_guard _(lock_);
+            std::lock_guard const _(lock_);
             auto [resultIt, resultInserted] = table_.emplace(
                 std::piecewise_construct,
                 std::make_tuple(kindOutbound, address),  // Key
@@ -156,7 +156,7 @@ public:
         Entry* entry(nullptr);
 
         {
-            std::lock_guard _(lock_);
+            std::lock_guard const _(lock_);
             auto [resultIt, resultInserted] = table_.emplace(
                 std::piecewise_construct,
                 std::make_tuple(kindUnlimited, address.at_port(1)),  // Key
@@ -191,11 +191,11 @@ public:
         clock_type::time_point const now(m_clock.now());
 
         Json::Value ret(Json::objectValue);
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
 
         for (auto& inboundEntry : inbound_)
         {
-            int localBalance = inboundEntry.local_balance.value(now);
+            int const localBalance = inboundEntry.local_balance.value(now);
             if ((localBalance + inboundEntry.remote_balance) >= threshold)
             {
                 Json::Value& entry = (ret[inboundEntry.to_string()] = Json::objectValue);
@@ -206,7 +206,7 @@ public:
         }
         for (auto& outboundEntry : outbound_)
         {
-            int localBalance = outboundEntry.local_balance.value(now);
+            int const localBalance = outboundEntry.local_balance.value(now);
             if ((localBalance + outboundEntry.remote_balance) >= threshold)
             {
                 Json::Value& entry = (ret[outboundEntry.to_string()] = Json::objectValue);
@@ -217,7 +217,7 @@ public:
         }
         for (auto& adminEntry : admin_)
         {
-            int localBalance = adminEntry.local_balance.value(now);
+            int const localBalance = adminEntry.local_balance.value(now);
             if ((localBalance + adminEntry.remote_balance) >= threshold)
             {
                 Json::Value& entry = (ret[adminEntry.to_string()] = Json::objectValue);
@@ -236,7 +236,7 @@ public:
         clock_type::time_point const now(m_clock.now());
 
         Gossip gossip;
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
 
         gossip.items.reserve(inbound_.size());
 
@@ -261,7 +261,7 @@ public:
     {
         auto const elapsed = m_clock.now();
         {
-            std::lock_guard _(lock_);
+            std::lock_guard const _(lock_);
             auto [resultIt, resultInserted] = importTable_.emplace(
                 std::piecewise_construct,
                 std::make_tuple(origin),                                     // Key
@@ -318,7 +318,7 @@ public:
     void
     periodicActivity()
     {
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
 
         auto const elapsed = m_clock.now();
 
@@ -374,7 +374,7 @@ public:
     void
     erase(Table::iterator iter)
     {
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         Entry& entry(iter->second);
         XRPL_ASSERT(entry.refcount == 0, "xrpl::Resource::Logic::erase : entry not used");
         inactive_.erase(inactive_.iterator_to(entry));
@@ -384,14 +384,14 @@ public:
     void
     acquire(Entry& entry)
     {
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         ++entry.refcount;
     }
 
     void
     release(Entry& entry)
     {
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         if (--entry.refcount == 0)
         {
             JLOG(m_journal.debug()) << "Inactive " << entry;
@@ -442,7 +442,7 @@ public:
         if (!context.empty())
             context = " (" + context + ")";
 
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         clock_type::time_point const now(m_clock.now());
         int const balance(entry.add(fee.cost(), now));
         JLOG(getStream(fee.cost(), m_journal)) << "Charging " << entry << " for " << fee << context;
@@ -455,7 +455,7 @@ public:
         if (entry.isUnlimited())
             return false;
 
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         bool notify(false);
         auto const elapsed = m_clock.now();
         if (entry.balance(m_clock.now()) >= warningThreshold && elapsed != entry.lastWarningTime)
@@ -478,7 +478,7 @@ public:
         if (entry.isUnlimited())
             return false;
 
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         bool drop(false);
         clock_type::time_point const now(m_clock.now());
         int const balance(entry.balance(now));
@@ -500,7 +500,7 @@ public:
     int
     balance(Entry& entry)
     {
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
         return entry.balance(m_clock.now());
     }
 
@@ -529,7 +529,7 @@ public:
     {
         clock_type::time_point const now(m_clock.now());
 
-        std::lock_guard _(lock_);
+        std::lock_guard const _(lock_);
 
         {
             beast::PropertyStream::Set s("inbound", map);

include/xrpl/server/LoadFeeTrack.h

@@ -39,28 +39,28 @@ public:
     setRemoteFee(std::uint32_t f)
     {
         JLOG(j_.trace()) << "setRemoteFee: " << f;
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         remoteTxnLoadFee_ = f;
     }
 
     std::uint32_t
     getRemoteFee() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         return remoteTxnLoadFee_;
     }
 
     std::uint32_t
     getLocalFee() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         return localTxnLoadFee_;
     }
 
     std::uint32_t
     getClusterFee() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         return clusterTxnLoadFee_;
     }
 
@@ -73,14 +73,14 @@ public:
     std::uint32_t
     getLoadFactor() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         return std::max({clusterTxnLoadFee_, localTxnLoadFee_, remoteTxnLoadFee_});
     }
 
     std::pair<std::uint32_t, std::uint32_t>
     getScalingFactors() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
 
         return std::make_pair(
             std::max(localTxnLoadFee_, remoteTxnLoadFee_),
@@ -91,7 +91,7 @@ public:
     setClusterFee(std::uint32_t fee)
     {
         JLOG(j_.trace()) << "setClusterFee: " << fee;
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         clusterTxnLoadFee_ = fee;
     }
 
@@ -103,14 +103,14 @@ public:
     bool
     isLoadedLocal() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         return (raiseCount_ != 0) || (localTxnLoadFee_ != lftNormalFee);
     }
 
     bool
     isLoadedCluster() const
     {
-        std::lock_guard sl(lock_);
+        std::lock_guard const sl(lock_);
         return (raiseCount_ != 0) || (localTxnLoadFee_ != lftNormalFee) ||
             (clusterTxnLoadFee_ != lftNormalFee);
     }

include/xrpl/server/Manifest.h

@@ -401,7 +401,7 @@ public:
     void
     for_each_manifest(Function&& f) const
     {
-        std::shared_lock lock{mutex_};
+        std::shared_lock const lock{mutex_};
         for (auto const& [_, manifest] : map_)
         {
             (void)_;
@@ -429,7 +429,7 @@ public:
     void
     for_each_manifest(PreFun&& pf, EachFun&& f) const
     {
-        std::shared_lock lock{mutex_};
+        std::shared_lock const lock{mutex_};
         pf(map_.size());
         for (auto const& [_, manifest] : map_)
         {

include/xrpl/server/Port.h

@@ -19,7 +19,7 @@ namespace boost {
 namespace asio {
 namespace ssl {
 class context;
-}
+}  // namespace ssl
 }  // namespace asio
 }  // namespace boost
 

include/xrpl/server/detail/BaseHTTPPeer.h

@@ -300,7 +300,7 @@ BaseHTTPPeer<Handler, Impl>::on_write(error_code const& ec, std::size_t bytes_tr
         return fail(ec, "write");
     bytes_out_ += bytes_transferred;
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
         wq2_.clear();
         wq2_.reserve(wq_.size());
         std::swap(wq2_, wq_);
@@ -392,7 +392,7 @@ BaseHTTPPeer<Handler, Impl>::write(void const* buf, std::size_t bytes)
     if (bytes == 0)
         return;
     if ([&] {
-            std::lock_guard lock(mutex_);
+            std::lock_guard const lock(mutex_);
             wq_.emplace_back(buf, bytes);
             return wq_.size() == 1 && wq2_.size() == 0;
         }())
@@ -443,7 +443,7 @@ BaseHTTPPeer<Handler, Impl>::complete()
     complete_ = true;
 
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
         if (!wq_.empty() && !wq2_.empty())
             return;
     }
@@ -476,7 +476,7 @@ BaseHTTPPeer<Handler, Impl>::close(bool graceful)
     {
         graceful_ = true;
         {
-            std::lock_guard lock(mutex_);
+            std::lock_guard const lock(mutex_);
             if (!wq_.empty() || !wq2_.empty())
                 return;
         }

include/xrpl/server/detail/BaseWSPeer.h

@@ -418,7 +418,7 @@ BaseWSPeer<Handler, Impl>::on_ping_pong(
 {
     if (kind == boost::beast::websocket::frame_type::pong)
     {
-        boost::beast::string_view p(payload_.begin());
+        boost::beast::string_view const p(payload_.begin());
         if (payload == p)
         {
             close_on_timer_ = false;

include/xrpl/server/detail/io_list.h

@@ -165,7 +165,7 @@ io_list::work::destroy()
         return;
     std::function<void(void)> f;
     {
-        std::lock_guard lock(ios_->m_);
+        std::lock_guard const lock(ios_->m_);
         ios_->map_.erase(this);
         if (--ios_->n_ == 0 && ios_->closed_)
         {
@@ -195,7 +195,7 @@ io_list::emplace(Args&&... args)
     auto sp = std::make_shared<T>(std::forward<Args>(args)...);
     decltype(sp) dead;
 
-    std::lock_guard lock(m_);
+    std::lock_guard const lock(m_);
     if (!closed_)
     {
         ++n_;

include/xrpl/shamap/SHAMap.h

@@ -520,7 +520,7 @@ private:
     // getMissingNodes helper functions
     void
     gmn_ProcessNodes(MissingNodes&, MissingNodes::StackEntry& node);
-    void
+    static void
     gmn_ProcessDeferredReads(MissingNodes&);
 
     // fetch from DB helper function

include/xrpl/shamap/SHAMapItem.h

@@ -141,6 +141,7 @@ make_shamapitem(uint256 const& tag, Slice data)
     XRPL_ASSERT(
         data.size() <= megabytes<std::size_t>(16), "xrpl::make_shamapitem : maximum input size");
 
+    // NOLINTNEXTLINE(misc-const-correctness)
     std::uint8_t* raw = detail::slabber.allocate(data.size());
 
     // If we can't grab memory from the slab allocators, we fall back to

include/xrpl/tx/ApplyContext.h

@@ -37,7 +37,7 @@ public:
         XRPL_ASSERT((flags & tapBATCH) == 0, "Batch apply flag should not be set");
     }
 
-    ServiceRegistry& registry;
+    std::reference_wrapper<ServiceRegistry> registry;
     STTx const& tx;
     TER const preclaimResult;
     XRPAmount const baseFee;
@@ -111,7 +111,7 @@ public:
     checkInvariants(TER const result, XRPAmount const fee);
 
 private:
-    TER
+    static TER
     failInvariantCheck(TER const result);
 
     template <std::size_t... Is>

include/xrpl/tx/Transactor.h

@@ -13,7 +13,7 @@ namespace xrpl {
 struct PreflightContext
 {
 public:
-    ServiceRegistry& registry;
+    std::reference_wrapper<ServiceRegistry> registry;
     STTx const& tx;
     Rules const rules;
     ApplyFlags flags;
@@ -56,7 +56,7 @@ public:
 struct PreclaimContext
 {
 public:
-    ServiceRegistry& registry;
+    std::reference_wrapper<ServiceRegistry> registry;
     ReadView const& view;
     TER preflightResult;
     ApplyFlags flags;

include/xrpl/tx/invariants/FreezeInvariant.h

@@ -48,7 +48,7 @@ private:
     bool
     isValidEntry(std::shared_ptr<SLE const> const& before, std::shared_ptr<SLE const> const& after);
 
-    STAmount
+    static STAmount
     calculateBalanceChange(
         std::shared_ptr<SLE const> const& before,
         std::shared_ptr<SLE const> const& after,
@@ -63,7 +63,7 @@ private:
     std::shared_ptr<SLE const>
     findIssuer(AccountID const& issuerID, ReadView const& view);
 
-    bool
+    static bool
     validateIssuerChanges(
         std::shared_ptr<SLE const> const& issuer,
         IssuerChanges const& changes,
@@ -71,7 +71,7 @@ private:
         beast::Journal const& j,
         bool enforce);
 
-    bool
+    static bool
     validateFrozenState(
         BalanceChange const& change,
         bool high,

include/xrpl/tx/invariants/InvariantCheck.h

@@ -7,6 +7,7 @@
 #include <xrpl/protocol/TER.h>
 #include <xrpl/tx/invariants/AMMInvariant.h>
 #include <xrpl/tx/invariants/FreezeInvariant.h>
+#include <xrpl/tx/invariants/LoanBrokerInvariant.h>
 #include <xrpl/tx/invariants/LoanInvariant.h>
 #include <xrpl/tx/invariants/MPTInvariant.h>
 #include <xrpl/tx/invariants/NFTInvariant.h>
@@ -111,7 +112,7 @@ public:
     void
     visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
 
-    bool
+    static bool
     finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
 };
 

include/xrpl/tx/invariants/LoanBrokerInvariant.h

@@ -0,0 +1,55 @@
+#pragma once
+
+#include <xrpl/basics/base_uint.h>
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/TER.h>
+
+#include <map>
+#include <vector>
+
+namespace xrpl {
+
+/**
+ * @brief Invariants: Loan brokers are internally consistent
+ *
+ * 1. If `LoanBroker.OwnerCount = 0` the `DirectoryNode` will have at most one
+ *    node (the root), which will only hold entries for `RippleState` or
+ * `MPToken` objects.
+ *
+ */
+class ValidLoanBroker
+{
+    // Not all of these elements will necessarily be populated. Remaining items
+    // will be looked up as needed.
+    struct BrokerInfo
+    {
+        SLE::const_pointer brokerBefore = nullptr;
+        // After is used for most of the checks, except
+        // those that check changed values.
+        SLE::const_pointer brokerAfter = nullptr;
+    };
+    // Collect all the LoanBrokers found directly or indirectly through
+    // pseudo-accounts. Key is the brokerID / index. It will be used to find the
+    // LoanBroker object if brokerBefore and brokerAfter are nullptr
+    std::map<uint256, BrokerInfo> brokers_;
+    // Collect all the modified trust lines. Their high and low accounts will be
+    // loaded to look for LoanBroker pseudo-accounts.
+    std::vector<SLE::const_pointer> lines_;
+    // Collect all the modified MPTokens. Their accounts will be loaded to look
+    // for LoanBroker pseudo-accounts.
+    std::vector<SLE::const_pointer> mpts_;
+
+    static bool
+    goodZeroDirectory(ReadView const& view, SLE::const_ref dir, beast::Journal const& j);
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+}  // namespace xrpl

include/xrpl/tx/invariants/LoanInvariant.h

@@ -1,57 +1,14 @@
 #pragma once
 
-#include <xrpl/basics/base_uint.h>
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/ledger/ReadView.h>
 #include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/TER.h>
 
-#include <map>
 #include <vector>
 
 namespace xrpl {
 
-/**
- * @brief Invariants: Loan brokers are internally consistent
- *
- * 1. If `LoanBroker.OwnerCount = 0` the `DirectoryNode` will have at most one
- *    node (the root), which will only hold entries for `RippleState` or
- * `MPToken` objects.
- *
- */
-class ValidLoanBroker
-{
-    // Not all of these elements will necessarily be populated. Remaining items
-    // will be looked up as needed.
-    struct BrokerInfo
-    {
-        SLE::const_pointer brokerBefore = nullptr;
-        // After is used for most of the checks, except
-        // those that check changed values.
-        SLE::const_pointer brokerAfter = nullptr;
-    };
-    // Collect all the LoanBrokers found directly or indirectly through
-    // pseudo-accounts. Key is the brokerID / index. It will be used to find the
-    // LoanBroker object if brokerBefore and brokerAfter are nullptr
-    std::map<uint256, BrokerInfo> brokers_;
-    // Collect all the modified trust lines. Their high and low accounts will be
-    // loaded to look for LoanBroker pseudo-accounts.
-    std::vector<SLE::const_pointer> lines_;
-    // Collect all the modified MPTokens. Their accounts will be loaded to look
-    // for LoanBroker pseudo-accounts.
-    std::vector<SLE::const_pointer> mpts_;
-
-    bool
-    goodZeroDirectory(ReadView const& view, SLE::const_ref dir, beast::Journal const& j) const;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
 /**
  * @brief Invariants: Loans are internally consistent
  *