Stub mpt_verify_send_proof for throughput ceiling measurement

Skip bulletproof range proof verification in ConfidentialMPTSend to
measure the upper bound on Send throughput when verification is free.
NOT FOR PRODUCTION USE.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.clang-tidy

@@ -153,17 +153,10 @@ Checks: "-*,
   readability-use-std-min-max
   "
 # ---
-# bugprone-narrowing-conversions,                      # this will break a lot of code but we should enable it in the future because it can eliminate a lot of bugs
-# readability-inconsistent-declaration-parameter-name, # In this codebase this check will break a lot of arg names
-# readability-static-accessed-through-instance,        # this check is probably unnecessary. It makes the code less readable
+# readability-inconsistent-declaration-parameter-name, # in this codebase this check will break a lot of arg names
+# readability-static-accessed-through-instance,        # this check is probably unnecessary. it makes the code less readable
 # ---
-
 CheckOptions:
-  bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
-  bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
-
-  misc-include-cleaner.IgnoreHeaders: ".*/(detail|impl)/.*;.*fwd\\.h(pp)?;time.h;stdlib.h;sqlite3.h;netinet/in\\.h;sys/resource\\.h;sys/sysinfo\\.h;linux/sysinfo\\.h;__chrono/.*;bits/.*;_abort\\.h;boost/uuid/uuid_hash.hpp;boost/beast/core/flat_buffer\\.hpp;boost/beast/http/field\\.hpp;boost/beast/http/dynamic_body\\.hpp;boost/beast/http/message\\.hpp;boost/beast/http/read\\.hpp;boost/beast/http/write\\.hpp;openssl/obj_mac\\.h"
-
   readability-braces-around-statements.ShortStatementLines: 2
   readability-identifier-naming.MacroDefinitionCase: UPPER_CASE
   readability-identifier-naming.ClassCase: CamelCase
@@ -172,7 +165,7 @@ CheckOptions:
   readability-identifier-naming.EnumCase: CamelCase
   readability-identifier-naming.EnumConstantCase: CamelCase
   readability-identifier-naming.ScopedEnumConstantCase: CamelCase
-  readability-identifier-naming.GlobalConstantCase: CamelCase
+  readability-identifier-naming.GlobalConstantCase: UPPER_CASE
   readability-identifier-naming.GlobalConstantPrefix: "k"
   readability-identifier-naming.GlobalVariableCase: CamelCase
   readability-identifier-naming.GlobalVariablePrefix: "g"
@@ -180,26 +173,27 @@ CheckOptions:
   readability-identifier-naming.ConstexprMethodCase: camelBack
   readability-identifier-naming.ClassMethodCase: camelBack
   readability-identifier-naming.ClassMemberCase: camelBack
-  readability-identifier-naming.ClassConstantCase: CamelCase
+  readability-identifier-naming.ClassConstantCase: UPPER_CASE
   readability-identifier-naming.ClassConstantPrefix: "k"
-  readability-identifier-naming.StaticConstantCase: CamelCase
+  readability-identifier-naming.StaticConstantCase: UPPER_CASE
   readability-identifier-naming.StaticConstantPrefix: "k"
-  readability-identifier-naming.StaticVariableCase: camelBack
-  readability-identifier-naming.ConstexprVariableCase: camelBack
+  readability-identifier-naming.StaticVariableCase: UPPER_CASE
+  readability-identifier-naming.StaticVariablePrefix: "k"
+  readability-identifier-naming.ConstexprVariableCase: UPPER_CASE
+  readability-identifier-naming.ConstexprVariablePrefix: "k"
   readability-identifier-naming.LocalConstantCase: camelBack
   readability-identifier-naming.LocalVariableCase: camelBack
   readability-identifier-naming.TemplateParameterCase: CamelCase
   readability-identifier-naming.ParameterCase: camelBack
   readability-identifier-naming.FunctionCase: camelBack
   readability-identifier-naming.MemberCase: camelBack
-  readability-identifier-naming.PrivateMemberCase: camelBack
   readability-identifier-naming.PrivateMemberSuffix: _
-  readability-identifier-naming.ProtectedMemberCase: camelBack
   readability-identifier-naming.ProtectedMemberSuffix: _
-  readability-identifier-naming.PublicMemberCase: camelBack
   readability-identifier-naming.PublicMemberSuffix: ""
   readability-identifier-naming.GlobalFunctionIgnoredRegexp: "^(to_string|hash_append|tuple_hash)$"
-
-HeaderFilterRegex: '^.*/(tests?|xrpl|xrpld)/.*\.(h|hpp|ipp)$'
+  bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
+  bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
+  misc-include-cleaner.IgnoreHeaders: ".*/(detail|impl)/.*;.*fwd\\.h(pp)?;time.h;stdlib.h;sqlite3.h;netinet/in\\.h;sys/resource\\.h;sys/sysinfo\\.h;linux/sysinfo\\.h;__chrono/.*;bits/.*;_abort\\.h;boost/uuid/uuid_hash.hpp;boost/beast/core/flat_buffer\\.hpp;boost/beast/http/field\\.hpp;boost/beast/http/dynamic_body\\.hpp;boost/beast/http/message\\.hpp;boost/beast/http/read\\.hpp;boost/beast/http/write\\.hpp;openssl/obj_mac\\.h"
+HeaderFilterRegex: '^.*/(test|xrpl|xrpld)/.*\.(h|hpp|ipp)$'
 ExcludeHeaderFilterRegex: '^.*/protocol_autogen/.*\.(h|hpp)$'
 WarningsAsErrors: "*"

.gersemi/definitions.cmake

@@ -11,6 +11,9 @@ endfunction()
 function(create_symbolic_link target link)
 endfunction()
 
+function(xrpl_add_test name)
+endfunction()
+
 macro(exclude_from_default target_)
 endmacro()
 

.github/actions/build-deps/action.yml

@@ -35,13 +35,14 @@ runs:
         LOG_VERBOSITY: ${{ inputs.log_verbosity }}
         SANITIZERS: ${{ inputs.sanitizers }}
       run: |
+        echo 'Installing dependencies.'
         conan install \
-            --profile:all ci \
-            --build="${BUILD_OPTION}" \
-            --options:host='&:tests=True' \
-            --options:host='&:xrpld=True' \
-            --settings:all build_type="${BUILD_TYPE}" \
-            --conf:all tools.build:jobs=${BUILD_NPROC} \
-            --conf:all tools.build:verbosity="${LOG_VERBOSITY}" \
-            --conf:all tools.compilation:verbosity="${LOG_VERBOSITY}" \
-            .
+          --profile ci \
+          --build="${BUILD_OPTION}" \
+          --options:host='&:tests=True' \
+          --options:host='&:xrpld=True' \
+          --settings:all build_type="${BUILD_TYPE}" \
+          --conf:all tools.build:jobs=${BUILD_NPROC} \
+          --conf:all tools.build:verbosity="${LOG_VERBOSITY}" \
+          --conf:all tools.compilation:verbosity="${LOG_VERBOSITY}" \
+          .

.github/actions/generate-version/action.yml

@@ -15,7 +15,7 @@ runs:
       shell: bash
       env:
         VERSION: ${{ github.ref_name }}
-      run: echo "VERSION=${VERSION}" >>"${GITHUB_ENV}"
+      run: echo "VERSION=${VERSION}" >> "${GITHUB_ENV}"
 
     # When a tag is not pushed, then the version (e.g. 1.2.3-b0) is extracted
     # from the BuildInfo.cpp file and the shortened commit hash appended to it.
@@ -28,17 +28,17 @@ runs:
         echo 'Extracting version from BuildInfo.cpp.'
         VERSION="$(cat src/libxrpl/protocol/BuildInfo.cpp | grep "versionString =" | awk -F '"' '{print $2}')"
         if [[ -z "${VERSION}" ]]; then
-            echo 'Unable to extract version from BuildInfo.cpp.'
-            exit 1
+          echo 'Unable to extract version from BuildInfo.cpp.'
+          exit 1
         fi
 
         echo 'Appending shortened commit hash to version.'
         SHA='${{ github.sha }}'
         VERSION="${VERSION}+${SHA:0:7}"
 
-        echo "VERSION=${VERSION}" >>"${GITHUB_ENV}"
+        echo "VERSION=${VERSION}" >> "${GITHUB_ENV}"
 
     - name: Output version
       id: version
       shell: bash
-      run: echo "version=${VERSION}" >>"${GITHUB_OUTPUT}"
+      run: echo "version=${VERSION}" >> "${GITHUB_OUTPUT}"

.github/actions/set-compiler-env/action.yml

@@ -1,34 +0,0 @@
-name: Set compiler environment
-description: "Set CC and CXX environment variables for the given compiler."
-
-inputs:
-  compiler:
-    description: 'The compiler to use ("gcc" or "clang").'
-    required: true
-
-runs:
-  using: composite
-
-  steps:
-    - name: Set CC and CXX for gcc
-      if: ${{ inputs.compiler == 'gcc' }}
-      shell: bash
-      run: |
-        echo "CC=gcc" >>"${GITHUB_ENV}"
-        echo "CXX=g++" >>"${GITHUB_ENV}"
-
-    - name: Set CC and CXX for clang
-      if: ${{ inputs.compiler == 'clang' }}
-      shell: bash
-      run: |
-        echo "CC=clang" >>"${GITHUB_ENV}"
-        echo "CXX=clang++" >>"${GITHUB_ENV}"
-
-    - name: Fail on unknown compiler
-      if: ${{ inputs.compiler != 'gcc' && inputs.compiler != 'clang' }}
-      shell: bash
-      env:
-        COMPILER: ${{ inputs.compiler }}
-      run: |
-        echo "Unknown compiler: $COMPILER" >&2
-        exit 1

.github/actions/setup-conan/action.yml

@@ -15,35 +15,32 @@ runs:
   using: composite
 
   steps:
-    - name: Apply custom configuration to global.conf
+    - name: Set up Conan configuration
       shell: bash
       run: |
+        echo 'Installing configuration.'
         cat conan/global.conf ${{ runner.os == 'Linux' && '>>' || '>' }} $(conan config home)/global.conf
 
-    - name: Show global configuration
-      shell: bash
-      run: |
+        echo 'Conan configuration:'
         conan config show '*'
 
-    - name: Install profiles
+    - name: Set up Conan profile
       shell: bash
       run: |
+        echo 'Installing profile.'
         conan config install conan/profiles/ -tf $(conan config home)/profiles/
 
-    - name: Show CI profile
-      shell: bash
-      run: |
+        echo 'Conan profile:'
         conan profile show --profile ci
 
-    - name: Add a remote
+    - name: Set up Conan remote
       shell: bash
       env:
         REMOTE_NAME: ${{ inputs.remote_name }}
         REMOTE_URL: ${{ inputs.remote_url }}
       run: |
+        echo "Adding Conan remote '${REMOTE_NAME}' at '${REMOTE_URL}'."
         conan remote add --index 0 --force "${REMOTE_NAME}" "${REMOTE_URL}"
 
-    - name: List remotes
-      shell: bash
-      run: |
+        echo 'Listing Conan remotes.'
         conan remote list

.github/dependabot.yml

@@ -1,12 +1,40 @@
 version: 2
 updates:
   - package-ecosystem: github-actions
-    directories:
-      - /
-      - .github/actions/build-deps/
-      - .github/actions/generate-version/
-      - .github/actions/set-compiler-env/
-      - .github/actions/setup-conan/
+    directory: /
+    schedule:
+      interval: weekly
+      day: monday
+      time: "04:00"
+      timezone: Etc/GMT
+    commit-message:
+      prefix: "ci: [DEPENDABOT] "
+    target-branch: develop
+
+  - package-ecosystem: github-actions
+    directory: .github/actions/build-deps/
+    schedule:
+      interval: weekly
+      day: monday
+      time: "04:00"
+      timezone: Etc/GMT
+    commit-message:
+      prefix: "ci: [DEPENDABOT] "
+    target-branch: develop
+
+  - package-ecosystem: github-actions
+    directory: .github/actions/generate-version/
+    schedule:
+      interval: weekly
+      day: monday
+      time: "04:00"
+      timezone: Etc/GMT
+    commit-message:
+      prefix: "ci: [DEPENDABOT] "
+    target-branch: develop
+
+  - package-ecosystem: github-actions
+    directory: .github/actions/setup-conan/
     schedule:
       interval: weekly
       day: monday

.github/scripts/format-inline-bash.py

@@ -1,403 +0,0 @@
-#!/usr/bin/env python3
-
-"""
-Format embedded shell snippets using the shfmt hook configured in
-.pre-commit-config.yaml.
-
-Two shapes are recognised:
-
-* YAML workflow/action files: literal block-scalar runs (`run: |`) and
-  single-line runs (`run: some command`). A single-line run is upgraded to
-  a `run: |` block scalar if shfmt's output spans multiple lines.
-
-* Markdown files: ``` ```bash ``` fenced code blocks.
-
-Any block that shfmt cannot parse is skipped with a warning on stderr, so
-the file is left untouched and surrounding blocks still get formatted.
-
-For each occurrence the body is dedented, written to a temp .sh file,
-formatted via `pre-commit run shfmt --files <temp>` (falling back to
-`prek`), then re-indented and written back in place.
-
-When invoked without arguments, every .yml/.yaml under .github/ plus every
-.md file in the repo is scanned. When invoked with file arguments (the
-pre-commit case), only those files are processed.
-"""
-
-from __future__ import annotations
-
-import re
-import shutil
-import subprocess
-import sys
-import tempfile
-from dataclasses import dataclass
-from pathlib import Path
-from typing import Union
-
-REPO = Path(__file__).resolve().parents[2]
-
-_HOOK_RUNNER = next((cmd for cmd in ("pre-commit", "prek") if shutil.which(cmd)), None)
-if _HOOK_RUNNER is None:
-    sys.exit("error: neither `pre-commit` nor `prek` found on PATH")
-
-RUN_BLOCK_RE = re.compile(r"^(?P<prefix>[ \t]*(?:- )?)run:[ \t]*\|[+-]?[ \t]*$")
-RUN_INLINE_RE = re.compile(
-    r"^(?P<prefix>[ \t]*(?:- )?)run:[ \t]+" r"(?P<value>(?!\|[+-]?[ \t]*$)\S.*?)[ \t]*$"
-)
-MD_BASH_OPEN_RE = re.compile(r"^(?P<indent>[ ]{0,3})`{3}bash[ \t]*$")
-MD_FENCE_CLOSE_RE = re.compile(r"^[ ]{0,3}`{3,}[ \t]*$")
-
-
-@dataclass(frozen=True)
-class BlockRun:
-    """A `run: |` block scalar; `body_start:body_end` slices into `lines`."""
-
-    body_start: int
-    body_end: int
-    body_indent: int
-
-
-@dataclass(frozen=True)
-class InlineRun:
-    """A single-line `run: value` at `line_idx`."""
-
-    line_idx: int
-    prefix: str
-    value: str
-
-
-@dataclass(frozen=True)
-class MdBashBlock:
-    """A markdown ``` ```bash ``` fenced code block.
-
-    `body_start:body_end` slices into the file's lines; `open_line_idx`
-    points at the opening fence line.
-    """
-
-    open_line_idx: int
-    body_start: int
-    body_end: int
-    body_indent: int
-
-
-RunItem = Union[BlockRun, InlineRun]
-
-
-def _scan_block_body(
-    lines: list[str], body_start: int, run_col: int
-) -> tuple[int | None, int]:
-    """Locate the body of a `run: |` block scalar starting at `body_start`.
-
-    Returns `(body_indent, scan_end)`. `scan_end` is the line index where the
-    outer scanner should resume. `body_indent` is `None` when no body is
-    present (the scalar is empty, or the next non-blank line has indent
-    `<= run_col`).
-    """
-    body_indent: int | None = None
-    scan_end = len(lines)
-    for idx in range(body_start, len(lines)):
-        line = lines[idx]
-        if line.strip() == "":
-            continue
-        indent = len(line) - len(line.lstrip(" "))
-        if body_indent is None:
-            if indent > run_col:
-                body_indent = indent
-            else:
-                scan_end = idx
-                break
-        elif indent < body_indent:
-            scan_end = idx
-            break
-    if body_indent is not None:
-        while scan_end > body_start and lines[scan_end - 1].strip() == "":
-            scan_end -= 1
-        if scan_end <= body_start:
-            body_indent = None
-    return body_indent, scan_end
-
-
-def find_run_blocks(lines: list[str]) -> list[RunItem]:
-    """Return run items in document order."""
-    items: list[RunItem] = []
-    line_idx = 0
-    while line_idx < len(lines):
-        line = lines[line_idx]
-        if block_match := RUN_BLOCK_RE.match(line):
-            run_col = len(block_match.group("prefix"))
-            body_start = line_idx + 1
-            body_indent, scan_end = _scan_block_body(lines, body_start, run_col)
-            if body_indent is not None:
-                items.append(
-                    BlockRun(
-                        body_start=body_start,
-                        body_end=scan_end,
-                        body_indent=body_indent,
-                    )
-                )
-            line_idx = scan_end
-            continue
-        if inline_match := RUN_INLINE_RE.match(line):
-            items.append(
-                InlineRun(
-                    line_idx=line_idx,
-                    prefix=inline_match.group("prefix"),
-                    value=inline_match.group("value"),
-                )
-            )
-        line_idx += 1
-    return items
-
-
-def find_md_bash_blocks(lines: list[str]) -> list[MdBashBlock]:
-    """Return ``` ```bash ``` fenced code blocks in document order."""
-    blocks: list[MdBashBlock] = []
-    line_idx = 0
-    while line_idx < len(lines):
-        open_match = MD_BASH_OPEN_RE.match(lines[line_idx])
-        if not open_match:
-            line_idx += 1
-            continue
-        body_start = line_idx + 1
-        close_idx = next(
-            (
-                j
-                for j in range(body_start, len(lines))
-                if MD_FENCE_CLOSE_RE.match(lines[j])
-            ),
-            None,
-        )
-        if close_idx is None:
-            line_idx = body_start
-            continue
-        body = lines[body_start:close_idx]
-        non_blank = [b for b in body if b.strip()]
-        body_indent = (
-            min(len(b) - len(b.lstrip(" ")) for b in non_blank)
-            if non_blank
-            else len(open_match.group("indent"))
-        )
-        blocks.append(
-            MdBashBlock(
-                open_line_idx=line_idx,
-                body_start=body_start,
-                body_end=close_idx,
-                body_indent=body_indent,
-            )
-        )
-        line_idx = close_idx + 1
-    return blocks
-
-
-def dedent(lines: list[str], n: int) -> list[str]:
-    pad = " " * n
-    return [
-        (
-            ""
-            if line.strip() == ""
-            else (line[n:] if line.startswith(pad) else line.lstrip(" "))
-        )
-        for line in lines
-    ]
-
-
-def reindent(lines: list[str], n: int) -> list[str]:
-    pad = " " * n
-    return [pad + line if line else "" for line in lines]
-
-
-_SHFMT_ERR_RE = re.compile(r"\.sh:\d+:\d+:\s")
-_GHA_EXPR_RE = re.compile(r"\$\{\{.*?\}\}", re.DOTALL)
-_GHA_PLACEHOLDER_RE = re.compile(r"__GHA_EXPR_(\d+)__")
-
-
-def _encode_gha_exprs(text: str) -> tuple[str, list[str]]:
-    """Replace `${{ ... }}` expressions with bash-safe placeholder identifiers."""
-    exprs: list[str] = []
-
-    def repl(match: re.Match[str]) -> str:
-        exprs.append(match.group(0))
-        return f"__GHA_EXPR_{len(exprs) - 1}__"
-
-    return _GHA_EXPR_RE.sub(repl, text), exprs
-
-
-def _decode_gha_exprs(text: str, exprs: list[str]) -> str:
-    """Restore `${{ ... }}` expressions from placeholder identifiers."""
-    return _GHA_PLACEHOLDER_RE.sub(lambda m: exprs[int(m.group(1))], text)
-
-
-def shfmt_via_hook(tmp_path: Path) -> tuple[bool, str]:
-    # `${{ ... }}` is not valid shell, so swap it for a placeholder identifier
-    # that shfmt can parse, then restore it after formatting.
-    encoded, exprs = _encode_gha_exprs(tmp_path.read_text())
-    if exprs:
-        tmp_path.write_text(encoded)
-    res = subprocess.run(
-        [_HOOK_RUNNER, "run", "shfmt", "--files", str(tmp_path)],
-        cwd=REPO,
-        capture_output=True,
-        text=True,
-    )
-    output = res.stdout + res.stderr
-    # shfmt emits parse errors as "<path>:<line>:<col>: <message>".
-    parse_err = bool(_SHFMT_ERR_RE.search(output))
-    # A non-zero exit that is neither a parse error nor pre-commit's "I had
-    # to modify files" signal means the hook itself failed to run (missing
-    # binary, install failure, bad config, ...). Surface that loudly rather
-    # than silently treating it as a no-op.
-    if (
-        res.returncode != 0
-        and not parse_err
-        and "files were modified by this hook" not in output
-    ):
-        sys.exit(
-            f"error: `{_HOOK_RUNNER} run shfmt` failed with exit {res.returncode}:\n{output}"
-        )
-    if exprs and not parse_err:
-        tmp_path.write_text(_decode_gha_exprs(tmp_path.read_text(), exprs))
-    return not parse_err, output
-
-
-def _skip(path: Path, where: int, kind: str, output: str) -> None:
-    print(
-        f"  shfmt could not parse {kind} at {path}:{where + 1} — skipped",
-        file=sys.stderr,
-    )
-    print(f"    {output.strip()}", file=sys.stderr)
-
-
-def process_yaml_file(path: Path, tmp_path: Path) -> int:
-    text = path.read_text()
-    had_nl = text.endswith("\n")
-    lines = text.split("\n")
-    if had_nl:
-        lines = lines[:-1]
-    items = find_run_blocks(lines)
-    if not items:
-        return 0
-    changed = 0
-    # Process in reverse so earlier indices remain valid as we splice.
-    for item in reversed(items):
-        if isinstance(item, BlockRun):
-            body = lines[item.body_start : item.body_end]
-            tmp_path.write_text("\n".join(dedent(body, item.body_indent)) + "\n")
-            ok, output = shfmt_via_hook(tmp_path)
-            if not ok:
-                _skip(path, item.body_start, "block", output)
-                continue
-            formatted = tmp_path.read_text().rstrip("\n")
-            new_body = reindent(formatted.split("\n"), item.body_indent)
-            if new_body != body:
-                lines[item.body_start : item.body_end] = new_body
-                changed += 1
-        else:
-            tmp_path.write_text(item.value + "\n")
-            ok, output = shfmt_via_hook(tmp_path)
-            if not ok:
-                _skip(path, item.line_idx, "inline run", output)
-                continue
-            formatted = tmp_path.read_text().rstrip("\n")
-            if formatted == item.value:
-                continue
-            formatted_lines = formatted.split("\n")
-            if len(formatted_lines) == 1:
-                lines[item.line_idx] = f"{item.prefix}run: {formatted}"
-            else:
-                body_indent = len(item.prefix) + 2
-                lines[item.line_idx : item.line_idx + 1] = [
-                    f"{item.prefix}run: |",
-                    *reindent(formatted_lines, body_indent),
-                ]
-            changed += 1
-    new_text = "\n".join(lines) + ("\n" if had_nl else "")
-    if new_text != text:
-        path.write_text(new_text)
-    return changed
-
-
-def process_md_file(path: Path, tmp_path: Path) -> int:
-    text = path.read_text()
-    had_nl = text.endswith("\n")
-    lines = text.split("\n")
-    if had_nl:
-        lines = lines[:-1]
-    blocks = find_md_bash_blocks(lines)
-    if not blocks:
-        return 0
-    changed = 0
-    for block in reversed(blocks):
-        body = lines[block.body_start : block.body_end]
-        tmp_path.write_text("\n".join(dedent(body, block.body_indent)) + "\n")
-        ok, output = shfmt_via_hook(tmp_path)
-        if not ok:
-            _skip(path, block.open_line_idx, "```bash block", output)
-            continue
-        formatted = tmp_path.read_text().rstrip("\n")
-        formatted_lines = formatted.split("\n") if formatted else []
-        new_body = reindent(formatted_lines, block.body_indent)
-        if new_body != body:
-            lines[block.body_start : block.body_end] = new_body
-            changed += 1
-    new_text = "\n".join(lines) + ("\n" if had_nl else "")
-    if new_text != text:
-        path.write_text(new_text)
-    return changed
-
-
-def process_file(path: Path, tmp_path: Path) -> int:
-    if path.suffix in (".yml", ".yaml"):
-        return process_yaml_file(path, tmp_path)
-    if path.suffix == ".md":
-        return process_md_file(path, tmp_path)
-    return 0
-
-
-def gather_files(argv: list[str]) -> list[Path]:
-    """Return YAML workflow/action files and markdown files that we should
-    process — either the paths in `argv` or, when `argv` is empty, every
-    such file in the repo (skipping `external/`)."""
-    if argv:
-        candidates: list[Path] = [
-            (REPO / a).resolve() if not Path(a).is_absolute() else Path(a) for a in argv
-        ]
-    else:
-        gh = REPO / ".github"
-        candidates = [
-            *gh.rglob("*.yml"),
-            *gh.rglob("*.yaml"),
-            *(
-                p
-                for p in REPO.rglob("*.md")
-                if "external" not in p.relative_to(REPO).parts
-            ),
-        ]
-    return sorted(
-        p
-        for p in candidates
-        if p.exists()
-        and (
-            (p.suffix in (".yml", ".yaml") and ".github" in p.parts)
-            or p.suffix == ".md"
-        )
-    )
-
-
-def main(argv: list[str]) -> int:
-    files = gather_files(argv)
-    if not files:
-        return 0
-    with tempfile.TemporaryDirectory(prefix="format-inline-bash-") as tmpdir:
-        tmp_path = Path(tmpdir) / "shfmt.sh"
-        total = 0
-        for f in files:
-            n = process_file(f, tmp_path)
-            if n:
-                print(f"{f.relative_to(REPO)}: reformatted {n} block(s)")
-                total += n
-        return 1 if total else 0
-
-
-if __name__ == "__main__":
-    sys.exit(main(sys.argv[1:]))

.github/scripts/levelization/results/ordering.txt

@@ -1,8 +1,6 @@
 libxrpl.basics > xrpl.basics
 libxrpl.conditions > xrpl.basics
 libxrpl.conditions > xrpl.conditions
-libxrpl.config > xrpl.basics
-libxrpl.config > xrpl.config
 libxrpl.core > xrpl.basics
 libxrpl.core > xrpl.core
 libxrpl.core > xrpl.json
@@ -14,11 +12,11 @@ libxrpl.ledger > xrpl.json
 libxrpl.ledger > xrpl.ledger
 libxrpl.ledger > xrpl.nodestore
 libxrpl.ledger > xrpl.protocol
+libxrpl.ledger > xrpl.server
 libxrpl.ledger > xrpl.shamap
 libxrpl.net > xrpl.basics
 libxrpl.net > xrpl.net
 libxrpl.nodestore > xrpl.basics
-libxrpl.nodestore > xrpl.config
 libxrpl.nodestore > xrpl.json
 libxrpl.nodestore > xrpl.nodestore
 libxrpl.nodestore > xrpl.protocol
@@ -26,7 +24,6 @@ libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
 libxrpl.rdb > xrpl.basics
-libxrpl.rdb > xrpl.config
 libxrpl.rdb > xrpl.core
 libxrpl.rdb > xrpl.rdb
 libxrpl.resource > xrpl.basics
@@ -34,7 +31,6 @@ libxrpl.resource > xrpl.json
 libxrpl.resource > xrpl.protocol
 libxrpl.resource > xrpl.resource
 libxrpl.server > xrpl.basics
-libxrpl.server > xrpl.config
 libxrpl.server > xrpl.core
 libxrpl.server > xrpl.json
 libxrpl.server > xrpl.protocol
@@ -56,7 +52,6 @@ libxrpl.tx > xrpl.tx
 test.app > test.jtx
 test.app > test.unit_test
 test.app > xrpl.basics
-test.app > xrpl.config
 test.app > xrpl.core
 test.app > xrpld.app
 test.app > xrpld.consensus
@@ -95,7 +90,6 @@ test.consensus > xrpl.tx
 test.core > test.jtx
 test.core > test.unit_test
 test.core > xrpl.basics
-test.core > xrpl.config
 test.core > xrpl.core
 test.core > xrpld.core
 test.core > xrpl.json
@@ -110,7 +104,6 @@ test.csf > xrpl.protocol
 test.json > test.jtx
 test.json > xrpl.json
 test.jtx > xrpl.basics
-test.jtx > xrpl.config
 test.jtx > xrpl.core
 test.jtx > xrpld.app
 test.jtx > xrpld.core
@@ -133,7 +126,6 @@ test.ledger > xrpl.protocol
 test.nodestore > test.jtx
 test.nodestore > test.unit_test
 test.nodestore > xrpl.basics
-test.nodestore > xrpl.config
 test.nodestore > xrpld.core
 test.nodestore > xrpl.nodestore
 test.nodestore > xrpl.protocol
@@ -141,7 +133,6 @@ test.nodestore > xrpl.rdb
 test.overlay > test.jtx
 test.overlay > test.unit_test
 test.overlay > xrpl.basics
-test.overlay > xrpl.config
 test.overlay > xrpld.app
 test.overlay > xrpld.core
 test.overlay > xrpld.overlay
@@ -161,7 +152,6 @@ test.peerfinder > xrpl.protocol
 test.protocol > test.jtx
 test.protocol > test.unit_test
 test.protocol > xrpl.basics
-test.protocol > xrpld.core
 test.protocol > xrpl.json
 test.protocol > xrpl.protocol
 test.resource > test.unit_test
@@ -169,7 +159,6 @@ test.resource > xrpl.basics
 test.resource > xrpl.resource
 test.rpc > test.jtx
 test.rpc > xrpl.basics
-test.rpc > xrpl.config
 test.rpc > xrpl.core
 test.rpc > xrpld.app
 test.rpc > xrpld.core
@@ -184,7 +173,6 @@ test.rpc > xrpl.tx
 test.server > test.jtx
 test.server > test.unit_test
 test.server > xrpl.basics
-test.server > xrpl.config
 test.server > xrpld.app
 test.server > xrpld.core
 test.server > xrpl.json
@@ -192,7 +180,6 @@ test.server > xrpl.protocol
 test.server > xrpl.server
 test.shamap > test.unit_test
 test.shamap > xrpl.basics
-test.shamap > xrpl.config
 test.shamap > xrpl.nodestore
 test.shamap > xrpl.protocol
 test.shamap > xrpl.shamap
@@ -201,7 +188,6 @@ test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
 test.unit_test > xrpl.protocol
 tests.libxrpl > xrpl.basics
-tests.libxrpl > xrpl.config
 tests.libxrpl > xrpl.core
 tests.libxrpl > xrpl.json
 tests.libxrpl > xrpl.ledger
@@ -214,17 +200,16 @@ tests.libxrpl > xrpl.shamap
 tests.libxrpl > xrpl.tx
 xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
-xrpl.config > xrpl.basics
 xrpl.core > xrpl.basics
 xrpl.core > xrpl.json
 xrpl.core > xrpl.protocol
 xrpl.json > xrpl.basics
 xrpl.ledger > xrpl.basics
 xrpl.ledger > xrpl.protocol
+xrpl.ledger > xrpl.server
 xrpl.ledger > xrpl.shamap
 xrpl.net > xrpl.basics
 xrpl.nodestore > xrpl.basics
-xrpl.nodestore > xrpl.config
 xrpl.nodestore > xrpl.protocol
 xrpl.protocol > xrpl.basics
 xrpl.protocol > xrpl.json
@@ -252,7 +237,6 @@ xrpl.tx > xrpl.ledger
 xrpl.tx > xrpl.protocol
 xrpld.app > test.unit_test
 xrpld.app > xrpl.basics
-xrpld.app > xrpl.config
 xrpld.app > xrpl.core
 xrpld.app > xrpld.consensus
 xrpld.app > xrpld.core
@@ -271,13 +255,11 @@ xrpld.consensus > xrpl.json
 xrpld.consensus > xrpl.ledger
 xrpld.consensus > xrpl.protocol
 xrpld.core > xrpl.basics
-xrpld.core > xrpl.config
 xrpld.core > xrpl.core
 xrpld.core > xrpl.net
 xrpld.core > xrpl.protocol
 xrpld.core > xrpl.rdb
 xrpld.overlay > xrpl.basics
-xrpld.overlay > xrpl.config
 xrpld.overlay > xrpl.core
 xrpld.overlay > xrpld.consensus
 xrpld.overlay > xrpld.core
@@ -290,18 +272,15 @@ xrpld.overlay > xrpl.server
 xrpld.overlay > xrpl.shamap
 xrpld.overlay > xrpl.tx
 xrpld.peerfinder > xrpl.basics
-xrpld.peerfinder > xrpl.config
 xrpld.peerfinder > xrpld.core
 xrpld.peerfinder > xrpl.protocol
 xrpld.peerfinder > xrpl.rdb
 xrpld.perflog > xrpl.basics
-xrpld.perflog > xrpl.config
 xrpld.perflog > xrpl.core
 xrpld.perflog > xrpld.rpc
 xrpld.perflog > xrpl.json
 xrpld.perflog > xrpl.protocol
 xrpld.rpc > xrpl.basics
-xrpld.rpc > xrpl.config
 xrpld.rpc > xrpl.core
 xrpld.rpc > xrpld.core
 xrpld.rpc > xrpl.json

.github/scripts/rename/binary.sh

@@ -6,7 +6,7 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi

.github/scripts/rename/cmake.sh

@@ -8,12 +8,12 @@ set -e
 SED_COMMAND=sed
 HEAD_COMMAND=head
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi
     SED_COMMAND=gsed
-    if ! command -v ghead &>/dev/null; then
+    if ! command -v ghead &> /dev/null; then
         echo "Error: ghead is not installed. Please install it using 'brew install coreutils'."
         exit 1
     fi
@@ -43,6 +43,9 @@ pushd "${DIRECTORY}"
 # Rename the files.
 find cmake -type f -name 'Rippled*.cmake' -exec bash -c 'mv "${1}" "${1/Rippled/Xrpl}"' - {} \;
 find cmake -type f -name 'Ripple*.cmake' -exec bash -c 'mv "${1}" "${1/Ripple/Xrpl}"' - {} \;
+if [ -e cmake/xrpl_add_test.cmake ]; then
+    mv cmake/xrpl_add_test.cmake cmake/XrplAddTest.cmake
+fi
 if [ -e include/xrpl/proto/ripple.proto ]; then
     mv include/xrpl/proto/ripple.proto include/xrpl/proto/xrpl.proto
 fi
@@ -57,6 +60,7 @@ find cmake -type f -name '*.cmake' | while read -r FILE; do
 done
 ${SED_COMMAND} -i -E 's/Rippled?/Xrpl/g' CMakeLists.txt
 ${SED_COMMAND} -i 's/ripple/xrpl/g' CMakeLists.txt
+${SED_COMMAND} -i 's/include(xrpl_add_test)/include(XrplAddTest)/' src/tests/libxrpl/CMakeLists.txt
 ${SED_COMMAND} -i 's/ripple.pb.h/xrpl.pb.h/' include/xrpl/protocol/messages.h
 ${SED_COMMAND} -i 's/ripple.pb.h/xrpl.pb.h/' BUILD.md
 ${SED_COMMAND} -i 's/ripple.pb.h/xrpl.pb.h/' BUILD.md
@@ -70,10 +74,10 @@ if grep -q '"xrpld"' cmake/XrplCore.cmake; then
     # The script has been rerun, so just restore the name of the binary.
     ${SED_COMMAND} -i 's/"xrpld"/"rippled"/' cmake/XrplCore.cmake
 elif ! grep -q '"rippled"' cmake/XrplCore.cmake; then
-    ${HEAD_COMMAND} -n -1 cmake/XrplCore.cmake >cmake.tmp
-    echo '  # For the time being, we will keep the name of the binary as it was.' >>cmake.tmp
-    echo '  set_target_properties(xrpld PROPERTIES OUTPUT_NAME "rippled")' >>cmake.tmp
-    tail -1 cmake/XrplCore.cmake >>cmake.tmp
+    ${HEAD_COMMAND} -n -1 cmake/XrplCore.cmake > cmake.tmp
+    echo '  # For the time being, we will keep the name of the binary as it was.' >> cmake.tmp
+    echo '  set_target_properties(xrpld PROPERTIES OUTPUT_NAME "rippled")' >> cmake.tmp
+    tail -1 cmake/XrplCore.cmake >> cmake.tmp
     mv cmake.tmp cmake/XrplCore.cmake
 fi
 

.github/scripts/rename/config.sh

@@ -6,7 +6,7 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi
@@ -62,7 +62,7 @@ ${SED_COMMAND} -i 's@ripple/@xrpld/@g' src/test/core/Config_test.cpp
 ${SED_COMMAND} -i 's/Rippled/File/g' src/test/core/Config_test.cpp
 
 # Restore the old config file name in the code that maintains support for now.
-${SED_COMMAND} -i 's/kConfigLegacyName = "xrpld.cfg"/kConfigLegacyName = "rippled.cfg"/g' src/xrpld/core/detail/Config.cpp
+${SED_COMMAND} -i 's/kCONFIG_LEGACY_NAME = "xrpld.cfg"/kCONFIG_LEGACY_NAME = "rippled.cfg"/g' src/xrpld/core/detail/Config.cpp
 
 # Restore an URL.
 ${SED_COMMAND} -i 's/connect-your-xrpld-to-the-xrp-test-net.html/connect-your-rippled-to-the-xrp-test-net.html/g' cfg/xrpld-example.cfg

.github/scripts/rename/copyright.sh

@@ -6,7 +6,7 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi
@@ -62,37 +62,37 @@ done
 # restoring the verbiage that is already present in LICENSE.md. Ensure that if
 # the script is run multiple times, duplicate notices are not added.
 if ! grep -q 'Raw Material Software' include/xrpl/beast/core/CurrentThreadName.h; then
-    echo -e "// Portions of this file are from JUCE (http://www.juce.com).\n// Copyright (c) 2013 - Raw Material Software Ltd.\n// Please visit http://www.juce.com\n\n$(cat include/xrpl/beast/core/CurrentThreadName.h)" >include/xrpl/beast/core/CurrentThreadName.h
+    echo -e "// Portions of this file are from JUCE (http://www.juce.com).\n// Copyright (c) 2013 - Raw Material Software Ltd.\n// Please visit http://www.juce.com\n\n$(cat include/xrpl/beast/core/CurrentThreadName.h)" > include/xrpl/beast/core/CurrentThreadName.h
 fi
 if ! grep -q 'Dev Null' src/test/app/NetworkID_test.cpp; then
-    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/NetworkID_test.cpp)" >src/test/app/NetworkID_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/NetworkID_test.cpp)" > src/test/app/NetworkID_test.cpp
 fi
 if ! grep -q 'Dev Null' src/test/app/tx/apply_test.cpp; then
-    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/tx/apply_test.cpp)" >src/test/app/tx/apply_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/tx/apply_test.cpp)" > src/test/app/tx/apply_test.cpp
 fi
 if ! grep -q 'Dev Null' src/test/rpc/ManifestRPC_test.cpp; then
-    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ManifestRPC_test.cpp)" >src/test/rpc/ManifestRPC_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ManifestRPC_test.cpp)" > src/test/rpc/ManifestRPC_test.cpp
 fi
 if ! grep -q 'Dev Null' src/test/rpc/ValidatorInfo_test.cpp; then
-    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ValidatorInfo_test.cpp)" >src/test/rpc/ValidatorInfo_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ValidatorInfo_test.cpp)" > src/test/rpc/ValidatorInfo_test.cpp
 fi
 if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/server_info/Manifest.cpp; then
-    echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/server_info/Manifest.cpp)" >src/xrpld/rpc/handlers/server_info/Manifest.cpp
+    echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/server_info/Manifest.cpp)" > src/xrpld/rpc/handlers/server_info/Manifest.cpp
 fi
 if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp; then
-    echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp)" >src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp
+    echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp)" > src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/SlabAllocator.h; then
-    echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" >include/xrpl/basics/SlabAllocator.h # cspell: ignore Nikolaos Bougalis nikb
+    echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/spinlock.h; then
-    echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" >include/xrpl/basics/spinlock.h # cspell: ignore Nikolaos Bougalis nikb
+    echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/tagged_integer.h; then
-    echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" >include/xrpl/basics/tagged_integer.h # cspell: ignore Nikolaos Bougalis nikb
+    echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Ritchford' include/xrpl/beast/utility/Zero.h; then
-    echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" >include/xrpl/beast/utility/Zero.h # cspell: ignore Ritchford
+    echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h # cspell: ignore Ritchford
 fi
 
 # Restore newlines and tabs in string literals in the affected file.

.github/scripts/rename/definitions.sh

@@ -6,7 +6,7 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi

.github/scripts/rename/docs.sh

@@ -6,7 +6,7 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi
@@ -90,7 +90,7 @@ ${SED_COMMAND} -i 's/www.ripple.com/www.xrpl.org/g' src/test/protocol/Seed_test.
 # Restore specific changes.
 ${SED_COMMAND} -i 's@b5efcc/src/xrpld@b5efcc/src/ripple@' include/xrpl/protocol/README.md
 ${SED_COMMAND} -i 's/dbPrefix_ = "xrpldb"/dbPrefix_ = "rippledb"/' src/xrpld/app/misc/SHAMapStoreImp.h # cspell: disable-line
-${SED_COMMAND} -i 's/kConfigLegacyName = "xrpld.cfg"/kConfigLegacyName = "rippled.cfg"/' src/xrpld/core/detail/Config.cpp
+${SED_COMMAND} -i 's/kCONFIG_LEGACY_NAME = "xrpld.cfg"/kCONFIG_LEGACY_NAME = "rippled.cfg"/' src/xrpld/core/detail/Config.cpp
 
 popd
 echo "Renaming complete."

.github/scripts/rename/namespace.sh

@@ -6,7 +6,7 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-    if ! command -v gsed &>/dev/null; then
+    if ! command -v gsed &> /dev/null; then
         echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
         exit 1
     fi

.github/scripts/strategy-matrix/generate.py

@@ -1,322 +1,350 @@
 #!/usr/bin/env python3
 import argparse
-import dataclasses
 import itertools
 import json
+from dataclasses import dataclass
 from pathlib import Path
 
 THIS_DIR = Path(__file__).parent.resolve()
 
-_BASE_CMAKE_ARGS = ["-Dtests=ON", "-Dwerr=ON", "-Dxrpld=ON", "-Dwextra=ON"]
 
-# Maps sanitizer names (as used in cmake) to short config-name suffixes.
-_SANITIZER_SUFFIX: dict[str, str] = {
-    "address": "asan",
-    "undefinedbehavior": "ubsan",
-    "thread": "tsan",
-}
-
-
-def get_cmake_args(build_type: str, extra_args: str) -> str:
-    """Get the full list of CMake arguments for a config."""
-    args = _BASE_CMAKE_ARGS.copy()
-    if extra_args:
-        args.extend(extra_args.split())
-    return " ".join(args)
-
-
-def runs_on_event(exclude_event_types: list[str], event: str | None) -> bool:
-    """Whether a config should run for the current event.
-
-    'exclude_event_types' is a list of GitHub event names (e.g.
-    ["pull_request"]) on which the config should NOT run; an empty list means
-    the config runs on every event. When no event is given (event is None), no
-    filtering is applied.
-    """
-    if event is None:
-        return True
-    return event not in exclude_event_types
-
-
-# ---------------------------------------------------------------------------
-# Input types — shapes of the JSON config files
-# ---------------------------------------------------------------------------
-
-
-@dataclasses.dataclass
-class LinuxConfig:
-    """One entry in linux.json's 'configs' or 'package_configs' arrays."""
-
-    compiler: list[str]
+@dataclass
+class Config:
+    architecture: list[dict]
+    os: list[dict]
     build_type: list[str]
-    arch: list[str]
-    sanitizers: list[str] = dataclasses.field(default_factory=list)
-    suffix: str = ""
-    extra_cmake_args: str = ""
-    image: str = ""  # only used by package_configs entries
-    # List of GitHub event names (e.g. "pull_request") on which this config
-    # should NOT run. Empty means it runs on every event.
-    exclude_event_types: list[str] = dataclasses.field(default_factory=list)
+    cmake_args: list[str]
 
 
-@dataclasses.dataclass
-class LinuxFile:
-    """Shape of linux.json."""
+"""
+Generate a strategy matrix for GitHub Actions CI.
 
-    image_tag: str
-    configs: dict[str, list[LinuxConfig]]  # distro → configs
-    package_configs: dict[str, list[LinuxConfig]]  # distro → packaging configs
+On each PR commit we will build a selection of Debian, RHEL, Ubuntu, MacOS, and
+Windows configurations, while upon merge into the develop or release branches,
+we will build all configurations, and test most of them.
 
-    @classmethod
-    def load(cls, path: Path) -> "LinuxFile":
-        data = json.loads(path.read_text())
-
-        def parse(section: dict) -> dict[str, list[LinuxConfig]]:
-            return {
-                distro: [LinuxConfig(**c) for c in cfgs]
-                for distro, cfgs in section.items()
-            }
-
-        return cls(
-            image_tag=data["image_tag"],
-            configs=parse(data["configs"]),
-            package_configs=parse(data.get("package_configs", {})),
-        )
+We will further set additional CMake arguments as follows:
+- All builds will have the `tests`, `werr`, and `xrpld` options.
+- All builds will have the `wextra` option except for GCC 12 and Clang 16.
+- All release builds will have the `assert` option.
+- Certain Debian Bookworm configurations will change the reference fee, enable
+  codecov, and enable voidstar in PRs.
+"""
 
 
-@dataclasses.dataclass
-class PlatformConfig:
-    """One entry in macos.json's or windows.json's 'configs' array."""
+def generate_strategy_matrix(all: bool, config: Config) -> list:
+    configurations = []
+    for architecture, os, build_type, cmake_args in itertools.product(
+        config.architecture, config.os, config.build_type, config.cmake_args
+    ):
+        # The default CMake target is 'all' for Linux and MacOS and 'install'
+        # for Windows, but it can get overridden for certain configurations.
+        cmake_target = "install" if os["distro_name"] == "windows" else "all"
 
-    build_type: list[str]
-    build_only: bool = False  # if true, skip tests (e.g. macos/Windows Debug)
-    extra_cmake_args: str = ""
-    # List of GitHub event names (e.g. "pull_request") on which this config
-    # should NOT run. Empty means it runs on every event.
-    exclude_event_types: list[str] = dataclasses.field(default_factory=list)
+        # We build and test all configurations by default, except for Windows in
+        # Debug, because it is too slow, as well as when code coverage is
+        # enabled as that mode already runs the tests.
+        build_only = False
+        if os["distro_name"] == "windows" and build_type == "Debug":
+            build_only = True
 
-    def __post_init__(self) -> None:
-        if isinstance(self.build_type, str):
-            self.build_type = [self.build_type]
+        # Only generate a subset of configurations in PRs.
+        if not all:
+            # Debian:
+            # - Bookworm using GCC 13: Debug on linux/amd64, set the reference
+            #   fee to 500 and enable code coverage (which will be done below).
+            # - Bookworm using GCC 15: Debug on linux/amd64, enable Address and
+            #   UB sanitizers (which will be done below).
+            # - Bookworm using Clang 16: Debug on linux/amd64, enable voidstar.
+            # - Bookworm using Clang 17: Release on linux/amd64, set the
+            #   reference fee to 1000.
+            # - Bookworm using Clang 20: Debug on linux/amd64, enable Address
+            #   and UB sanitizers (which will be done below).
+            if os["distro_name"] == "debian":
+                skip = True
+                if os["distro_version"] == "bookworm":
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-13"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        cmake_args = f"-DUNIT_TEST_REFERENCE_FEE=500 {cmake_args}"
+                        skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-15"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "clang-16"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        cmake_args = f"-Dvoidstar=ON {cmake_args}"
+                        skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "clang-17"
+                        and build_type == "Release"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        cmake_args = f"-DUNIT_TEST_REFERENCE_FEE=1000 {cmake_args}"
+                        skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "clang-20"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
+                if skip:
+                    continue
 
+            # RHEL:
+            # - 9 using GCC 12: Debug on linux/amd64.
+            # - 10 using Clang: Release on linux/amd64.
+            if os["distro_name"] == "rhel":
+                skip = True
+                if os["distro_version"] == "9":
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-12"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
+                elif os["distro_version"] == "10":
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "clang-any"
+                        and build_type == "Release"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
+                if skip:
+                    continue
 
-@dataclasses.dataclass
-class PlatformFile:
-    """Shape of macos.json and windows.json."""
+            # Ubuntu:
+            # - Jammy using GCC 12: Debug on linux/arm64.
+            # - Noble using GCC 14: Release on linux/amd64.
+            # - Noble using Clang 18: Debug on linux/amd64.
+            # - Noble using Clang 19: Release on linux/arm64.
+            if os["distro_name"] == "ubuntu":
+                skip = True
+                if os["distro_version"] == "jammy":
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-12"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/arm64"
+                    ):
+                        skip = False
+                elif os["distro_version"] == "noble":
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-14"
+                        and build_type == "Release"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "clang-18"
+                        and build_type == "Debug"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "clang-19"
+                        and build_type == "Release"
+                        and architecture["platform"] == "linux/arm64"
+                    ):
+                        skip = False
+                if skip:
+                    continue
 
-    platform: str  # e.g. "macos/arm64" or "windows/amd64"
-    runner: list[str]  # GitHub Actions runner labels
-    configs: list[PlatformConfig]
-
-    @classmethod
-    def load(cls, path: Path) -> "PlatformFile":
-        data = json.loads(path.read_text())
-        return cls(
-            platform=data["platform"],
-            runner=data["runner"],
-            configs=[PlatformConfig(**c) for c in data["configs"]],
-        )
-
-
-# ---------------------------------------------------------------------------
-# Output types — shapes of the generated GitHub Actions matrix entries
-# ---------------------------------------------------------------------------
-
-
-@dataclasses.dataclass
-class Architecture:
-    platform: str
-    runner: list[str]
-
-
-@dataclasses.dataclass
-class MatrixEntry:
-    """One entry in the generated build/test strategy matrix."""
-
-    config_name: str
-    cmake_args: str
-    cmake_target: str
-    build_only: bool
-    build_type: str
-    architecture: Architecture
-    sanitizers: str
-    image: str = ""  # container image; empty for macOS/Windows (runs natively)
-    compiler: str = ""  # compiler name ("gcc" or "clang"); empty for macOS/Windows
-
-
-@dataclasses.dataclass
-class PackagingEntry:
-    """One entry in the generated packaging strategy matrix."""
-
-    artifact_name: str
-    image: str
-    distro: str  # e.g. "debian" or "rhel"; drives package-format-specific steps
-
-
-# ---------------------------------------------------------------------------
-# Matrix expansion
-# ---------------------------------------------------------------------------
-
-_ARCHS: dict[str, Architecture] = {
-    "amd64": Architecture(
-        platform="linux/amd64", runner=["self-hosted", "Linux", "X64", "heavy"]
-    ),
-    "arm64": Architecture(
-        platform="linux/arm64",
-        runner=["self-hosted", "Linux", "ARM64", "heavy-arm64"],
-    ),
-}
-
-
-def expand_linux_matrix(
-    linux: LinuxFile, event: str | None = None
-) -> list[MatrixEntry]:
-    """Expand a LinuxFile into a flat list of matrix entries.
-
-    Each config entry is expanded over the cross-product of its
-    compiler, build_type, sanitizers, and architecture lists. Configs that
-    exclude the current event are skipped.
-    """
-    entries: list[MatrixEntry] = []
-
-    for distro, configs in linux.configs.items():
-        for cfg in configs:
-            if not runs_on_event(cfg.exclude_event_types, event):
-                continue
-            # An empty sanitizers list means "one entry with no sanitizer".
-            effective_sanitizers = cfg.sanitizers or [""]
-            effective_archs = {arch: _ARCHS[arch] for arch in cfg.arch}
-
-            for compiler, build_type, sanitizer, (arch, arch_info) in itertools.product(
-                cfg.compiler,
-                cfg.build_type,
-                effective_sanitizers,
-                effective_archs.items(),
+            # MacOS:
+            # - Debug on macos/arm64.
+            if os["distro_name"] == "macos" and not (
+                build_type == "Debug" and architecture["platform"] == "macos/arm64"
             ):
-                name = f"{distro}-{compiler}-{build_type.lower()}-{arch}"
-                suffix_parts = [
-                    s for s in [cfg.suffix, _SANITIZER_SUFFIX.get(sanitizer, "")] if s
-                ]
-                if suffix_parts:
-                    name += "-" + "-".join(suffix_parts)
+                continue
 
-                entries.append(
-                    MatrixEntry(
-                        config_name=name,
-                        image=f"ghcr.io/xrplf/xrpld/nix-{distro}:{linux.image_tag}",
-                        cmake_args=get_cmake_args(build_type, cfg.extra_cmake_args),
-                        cmake_target="all",
-                        build_only=False,
-                        build_type=build_type,
-                        architecture=arch_info,
-                        sanitizers=sanitizer,
-                        compiler=compiler,
-                    )
-                )
+            # Windows:
+            # - Release on windows/amd64.
+            if os["distro_name"] == "windows" and not (
+                build_type == "Release" and architecture["platform"] == "windows/amd64"
+            ):
+                continue
 
-    return entries
+        # Additional CMake arguments.
+        cmake_args = f"{cmake_args} -Dtests=ON -Dwerr=ON -Dxrpld=ON"
+        if not f"{os['compiler_name']}-{os['compiler_version']}" in [
+            "gcc-12",
+            "clang-16",
+        ]:
+            cmake_args = f"{cmake_args} -Dwextra=ON"
+        if build_type == "Release":
+            cmake_args = f"{cmake_args} -Dassert=ON"
 
-
-def expand_linux_packaging(linux: LinuxFile) -> list[PackagingEntry]:
-    """Generate the packaging matrix from a LinuxFile's package_configs section.
-
-    Packaging uses vanilla distro images (debian:bookworm, ubi9, …) instead of
-    the nix-based build images, because deb/rpm tooling (debhelper, rpm-build)
-    is taken from the distro's archive rather than from nixpkgs. Each config
-    entry carries its own 'image'.
-    """
-    entries = []
-    for distro, configs in linux.package_configs.items():
-        for cfg in configs:
-            for compiler, build_type in itertools.product(cfg.compiler, cfg.build_type):
-                entries.append(
-                    PackagingEntry(
-                        artifact_name=f"xrpld-{distro}-{compiler}-{build_type.lower()}-amd64",
-                        image=cfg.image,
-                        distro=distro,
-                    )
-                )
-
-    return entries
-
-
-def expand_platform_matrix(
-    pf: PlatformFile, event: str | None = None
-) -> list[MatrixEntry]:
-    """Expand a PlatformFile (macOS or Windows) into matrix entries.
-
-    Configs that exclude the current event are skipped.
-    """
-    platform_name, arch = pf.platform.split("/")
-    is_windows = platform_name == "windows"
-
-    entries: list[MatrixEntry] = []
-    for cfg in pf.configs:
-        if not runs_on_event(cfg.exclude_event_types, event):
+        # We skip all RHEL on arm64 due to a build failure that needs further
+        # investigation.
+        if os["distro_name"] == "rhel" and architecture["platform"] == "linux/arm64":
             continue
-        for build_type in cfg.build_type:
-            entries.append(
-                MatrixEntry(
-                    config_name=f"{platform_name}-{arch}-{build_type.lower()}",
-                    cmake_args=get_cmake_args(build_type, cfg.extra_cmake_args),
-                    cmake_target="install" if is_windows else "all",
-                    build_only=cfg.build_only,
-                    build_type=build_type,
-                    architecture=Architecture(platform=pf.platform, runner=pf.runner),
-                    sanitizers="",
-                )
+
+        # We skip all clang 20+ on arm64 due to Boost build error.
+        if (
+            f"{os['compiler_name']}-{os['compiler_version']}"
+            in ["clang-20", "clang-21"]
+            and architecture["platform"] == "linux/arm64"
+        ):
+            continue
+
+        # Enable code coverage for Debian Bookworm using GCC 13 in Debug on
+        # linux/amd64.
+        if (
+            f"{os['distro_name']}-{os['distro_version']}" == "debian-bookworm"
+            and f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-13"
+            and build_type == "Debug"
+            and architecture["platform"] == "linux/amd64"
+        ):
+            cmake_args = f"{cmake_args} -Dcoverage=ON -Dcoverage_format=xml -DCODE_COVERAGE_VERBOSE=ON -DCMAKE_C_FLAGS=-O0 -DCMAKE_CXX_FLAGS=-O0"
+
+        # Enable unity build for Ubuntu Jammy using GCC 12 in Debug on
+        # linux/amd64.
+        if (
+            f"{os['distro_name']}-{os['distro_version']}" == "ubuntu-jammy"
+            and f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-12"
+            and build_type == "Debug"
+            and architecture["platform"] == "linux/amd64"
+        ):
+            cmake_args = f"{cmake_args} -Dunity=ON"
+
+        # Generate a unique name for the configuration, e.g. macos-arm64-debug
+        # or debian-bookworm-gcc-12-amd64-release.
+        config_name = os["distro_name"]
+        if (n := os["distro_version"]) != "":
+            config_name += f"-{n}"
+        if (n := os["compiler_name"]) != "":
+            config_name += f"-{n}"
+        if (n := os["compiler_version"]) != "":
+            config_name += f"-{n}"
+        config_name += (
+            f"-{architecture['platform'][architecture['platform'].find('/')+1:]}"
+        )
+        config_name += f"-{build_type.lower()}"
+        if "-Dcoverage=ON" in cmake_args:
+            config_name += "-coverage"
+        if "-Dunity=ON" in cmake_args:
+            config_name += "-unity"
+
+        # Add the configuration to the list, with the most unique fields first,
+        # so that they are easier to identify in the GitHub Actions UI, as long
+        # names get truncated.
+        # Add Address and UB sanitizers as separate configurations for specific
+        # bookworm distros. Thread sanitizer is currently disabled (see below).
+        # GCC-Asan xrpld-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
+        if os[
+            "distro_version"
+        ] == "bookworm" and f"{os['compiler_name']}-{os['compiler_version']}" in [
+            "gcc-15",
+            "clang-20",
+        ]:
+            # Add ASAN configuration.
+            configurations.append(
+                {
+                    "config_name": config_name + "-asan",
+                    "cmake_args": cmake_args,
+                    "cmake_target": cmake_target,
+                    "build_only": build_only,
+                    "build_type": build_type,
+                    "os": os,
+                    "architecture": architecture,
+                    "sanitizers": "address",
+                }
             )
-    return entries
+            # Add UBSAN configuration.
+            configurations.append(
+                {
+                    "config_name": config_name + "-ubsan",
+                    "cmake_args": cmake_args,
+                    "cmake_target": cmake_target,
+                    "build_only": build_only,
+                    "build_type": build_type,
+                    "os": os,
+                    "architecture": architecture,
+                    "sanitizers": "undefinedbehavior",
+                }
+            )
+            # TSAN is deactivated due to seg faults with latest compilers.
+            activate_tsan = False
+            if activate_tsan:
+                configurations.append(
+                    {
+                        "config_name": config_name + "-tsan-ubsan",
+                        "cmake_args": cmake_args,
+                        "cmake_target": cmake_target,
+                        "build_only": build_only,
+                        "build_type": build_type,
+                        "os": os,
+                        "architecture": architecture,
+                        "sanitizers": "thread,undefinedbehavior",
+                    }
+                )
+        else:
+            configurations.append(
+                {
+                    "config_name": config_name,
+                    "cmake_args": cmake_args,
+                    "cmake_target": cmake_target,
+                    "build_only": build_only,
+                    "build_type": build_type,
+                    "os": os,
+                    "architecture": architecture,
+                    "sanitizers": "",
+                }
+            )
+
+    return configurations
 
 
-# ---------------------------------------------------------------------------
-# Entry point
-# ---------------------------------------------------------------------------
+def read_config(file: Path) -> Config:
+    config = json.loads(file.read_text())
+    if (
+        config["architecture"] is None
+        or config["os"] is None
+        or config["build_type"] is None
+        or config["cmake_args"] is None
+    ):
+        raise Exception("Invalid configuration file.")
+
+    return Config(**config)
 
 
 if __name__ == "__main__":
-    parser = argparse.ArgumentParser(
-        description="Generate a CI strategy matrix for all platforms or a specific one."
+    parser = argparse.ArgumentParser()
+    parser.add_argument(
+        "-a",
+        "--all",
+        help="Set to generate all configurations (generally used when merging a PR) or leave unset to generate a subset of configurations (generally used when committing to a PR).",
+        action="store_true",
     )
     parser.add_argument(
         "-c",
         "--config",
-        help="Platform to generate for ('linux', 'macos', or 'windows'). Defaults to all platforms.",
-        choices=["linux", "macos", "windows"],
-        default=None,
-    )
-    parser.add_argument(
-        "-p",
-        "--packaging",
-        help="Emit the Linux packaging matrix instead of the build/test matrix.",
-        action="store_true",
-    )
-    parser.add_argument(
-        "-e",
-        "--event",
-        help="The GitHub event name that triggered the workflow (e.g. 'push', "
-        "'pull_request'). Configs are filtered by their 'event_type'. If "
-        "omitted, no filtering is applied.",
-        default=None,
+        help="Path to the JSON file containing the strategy matrix configurations.",
+        required=False,
+        type=Path,
     )
     args = parser.parse_args()
 
-    matrix: list[MatrixEntry] | list[PackagingEntry] = []
-
-    if args.packaging:
-        matrix = expand_linux_packaging(LinuxFile.load(THIS_DIR / "linux.json"))
+    matrix = []
+    if args.config is None or args.config == "":
+        matrix += generate_strategy_matrix(
+            args.all, read_config(THIS_DIR / "linux.json")
+        )
+        matrix += generate_strategy_matrix(
+            args.all, read_config(THIS_DIR / "macos.json")
+        )
+        matrix += generate_strategy_matrix(
+            args.all, read_config(THIS_DIR / "windows.json")
+        )
     else:
-        if args.config in ("linux", None):
-            matrix += expand_linux_matrix(
-                LinuxFile.load(THIS_DIR / "linux.json"), args.event
-            )
-        if args.config in ("macos", None):
-            matrix += expand_platform_matrix(
-                PlatformFile.load(THIS_DIR / "macos.json"), args.event
-            )
-        if args.config in ("windows", None):
-            matrix += expand_platform_matrix(
-                PlatformFile.load(THIS_DIR / "windows.json"), args.event
-            )
+        matrix += generate_strategy_matrix(args.all, read_config(args.config))
 
-    print(f"matrix={json.dumps({'include': [dataclasses.asdict(e) for e in matrix]})}")
+    # Generate the strategy matrix.
+    print(f"matrix={json.dumps({'include': matrix})}")

.github/scripts/strategy-matrix/linux.json

@@ -1,84 +1,212 @@
 {
-  "image_tag": "sha-fe4c8ae",
-  "configs": {
-    "ubuntu": [
-      {
-        "compiler": ["gcc", "clang"],
-        "build_type": ["Debug", "Release"],
-        "arch": ["amd64", "arm64"]
-      },
-
-      {
-        "compiler": ["gcc", "clang"],
-        "build_type": ["Debug", "Release"],
-        "arch": ["amd64"],
-        "sanitizers": ["address", "undefinedbehavior"]
-      },
-
-      {
-        "compiler": ["gcc"],
-        "build_type": ["Debug"],
-        "arch": ["amd64"],
-        "suffix": "coverage",
-        "extra_cmake_args": "-DUNIT_TEST_REFERENCE_FEE=500 -Dcoverage=ON -Dcoverage_format=xml -DCODE_COVERAGE_VERBOSE=ON -DCMAKE_C_FLAGS=-O0 -DCMAKE_CXX_FLAGS=-O0"
-      },
-      {
-        "compiler": ["clang"],
-        "build_type": ["Debug"],
-        "arch": ["amd64"],
-        "suffix": "voidstar",
-        "extra_cmake_args": "-Dvoidstar=ON"
-      },
-      {
-        "compiler": ["clang"],
-        "build_type": ["Release"],
-        "arch": ["amd64"],
-        "suffix": "reffee",
-        "extra_cmake_args": "-DUNIT_TEST_REFERENCE_FEE=1000"
-      },
-      {
-        "compiler": ["gcc"],
-        "build_type": ["Debug"],
-        "arch": ["amd64"],
-        "suffix": "unity",
-        "extra_cmake_args": "-Dunity=ON",
-        "exclude_event_types": ["pull_request"]
-      }
-    ],
-
-    "debian": [
-      {
-        "compiler": ["gcc"],
-        "build_type": ["Release"],
-        "arch": ["amd64"]
-      }
-    ],
-
-    "rhel": [
-      {
-        "compiler": ["gcc"],
-        "build_type": ["Release"],
-        "arch": ["amd64"]
-      }
-    ]
-  },
-  "package_configs": {
-    "debian": [
-      {
-        "compiler": ["gcc"],
-        "build_type": ["Release"],
-        "arch": ["amd64"],
-        "image": "ghcr.io/xrplf/xrpld/packaging-debian:sha-577d745"
-      }
-    ],
-
-    "rhel": [
-      {
-        "compiler": ["gcc"],
-        "build_type": ["Release"],
-        "arch": ["amd64"],
-        "image": "ghcr.io/xrplf/xrpld/packaging-rhel:sha-577d745"
-      }
-    ]
-  }
+  "architecture": [
+    {
+      "platform": "linux/amd64",
+      "runner": ["self-hosted", "Linux", "X64", "heavy"]
+    },
+    {
+      "platform": "linux/arm64",
+      "runner": ["self-hosted", "Linux", "ARM64", "heavy-arm64"]
+    }
+  ],
+  "os": [
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "gcc",
+      "compiler_version": "12",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "gcc",
+      "compiler_version": "13",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "gcc",
+      "compiler_version": "15",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "clang",
+      "compiler_version": "16",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "clang",
+      "compiler_version": "17",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "clang",
+      "compiler_version": "18",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "clang",
+      "compiler_version": "19",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "bookworm",
+      "compiler_name": "clang",
+      "compiler_version": "20",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "gcc",
+      "compiler_version": "15",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "clang",
+      "compiler_version": "20",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "clang",
+      "compiler_version": "21",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "8",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "8",
+      "compiler_name": "clang",
+      "compiler_version": "any",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "9",
+      "compiler_name": "gcc",
+      "compiler_version": "12",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "9",
+      "compiler_name": "gcc",
+      "compiler_version": "13",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "9",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "9",
+      "compiler_name": "clang",
+      "compiler_version": "any",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "10",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "rhel",
+      "distro_version": "10",
+      "compiler_name": "clang",
+      "compiler_version": "any",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "jammy",
+      "compiler_name": "gcc",
+      "compiler_version": "12",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "noble",
+      "compiler_name": "gcc",
+      "compiler_version": "13",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "noble",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "noble",
+      "compiler_name": "clang",
+      "compiler_version": "16",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "noble",
+      "compiler_name": "clang",
+      "compiler_version": "17",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "noble",
+      "compiler_name": "clang",
+      "compiler_version": "18",
+      "image_sha": "ab4d1f0"
+    },
+    {
+      "distro_name": "ubuntu",
+      "distro_version": "noble",
+      "compiler_name": "clang",
+      "compiler_version": "19",
+      "image_sha": "ab4d1f0"
+    }
+  ],
+  "build_type": ["Debug", "Release"],
+  "cmake_args": [""]
 }

.github/scripts/strategy-matrix/macos.json

@@ -1,16 +1,19 @@
 {
-  "platform": "macos/arm64",
-  "runner": ["self-hosted", "macOS", "ARM64", "mac-runner-m1"],
-  "configs": [
+  "architecture": [
     {
-      "build_type": "Release",
-      "extra_cmake_args": "-DCMAKE_POLICY_VERSION_MINIMUM=3.5"
-    },
-    {
-      "build_type": "Debug",
-      "extra_cmake_args": "-DCMAKE_POLICY_VERSION_MINIMUM=3.5",
-      "build_only": true,
-      "exclude_event_types": ["pull_request"]
+      "platform": "macos/arm64",
+      "runner": ["self-hosted", "macOS", "ARM64", "mac-runner-m1"]
     }
-  ]
+  ],
+  "os": [
+    {
+      "distro_name": "macos",
+      "distro_version": "",
+      "compiler_name": "",
+      "compiler_version": "",
+      "image_sha": ""
+    }
+  ],
+  "build_type": ["Debug", "Release"],
+  "cmake_args": ["-DCMAKE_POLICY_VERSION_MINIMUM=3.5"]
 }

.github/scripts/strategy-matrix/windows.json

@@ -1,12 +1,19 @@
 {
-  "platform": "windows/amd64",
-  "runner": ["self-hosted", "Windows", "devbox"],
-  "configs": [
-    { "build_type": "Release" },
+  "architecture": [
     {
-      "build_type": "Debug",
-      "build_only": true,
-      "exclude_event_types": ["pull_request"]
+      "platform": "windows/amd64",
+      "runner": ["self-hosted", "Windows", "devbox"]
     }
-  ]
+  ],
+  "os": [
+    {
+      "distro_name": "windows",
+      "distro_version": "",
+      "compiler_name": "",
+      "compiler_version": "",
+      "image_sha": ""
+    }
+  ],
+  "build_type": ["Debug", "Release"],
+  "cmake_args": [""]
 }

.github/workflows/build-nix-images.yml

@@ -1,62 +0,0 @@
-name: Build Nix Docker images
-
-on:
-  push:
-    branches:
-      - develop
-    paths:
-      - ".github/workflows/build-nix-images.yml"
-      - "flake.nix"
-      - "flake.lock"
-      - "nix/**"
-      - "!nix/docker/README.md"
-      - "!nix/devshell.nix"
-      - "bin/check-tools.sh"
-      - "bin/install-sanitizer-libs.sh"
-  pull_request:
-    paths:
-      - ".github/workflows/build-nix-images.yml"
-      - "flake.nix"
-      - "flake.lock"
-      - "nix/**"
-      - "!nix/docker/README.md"
-      - "!nix/devshell.nix"
-      - "bin/check-tools.sh"
-      - "bin/install-sanitizer-libs.sh"
-  workflow_dispatch:
-
-concurrency:
-  # Read `on-trigger.yml` for the rationale behind this concurrency group name.
-  group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.ref == 'refs/heads/develop' && github.sha || github.ref }}
-  cancel-in-progress: true
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  build-merge:
-    name: Build and push nix-${{ matrix.distro.name }}
-    permissions:
-      contents: read
-      packages: write
-    strategy:
-      fail-fast: false
-      matrix:
-        # The base images are the oldest supported version of each distro
-        # that we want to build images for.
-        distro:
-          - name: nixos
-            base_image: nixos/nix:latest
-          - name: ubuntu
-            base_image: ubuntu:20.04
-          - name: debian
-            base_image: debian:bookworm
-          - name: rhel
-            base_image: registry.access.redhat.com/ubi9/ubi:latest
-    uses: XRPLF/actions/.github/workflows/build-multiarch-image.yml@c1b480188519e0cad040e6aa70db1cbc5a797e07
-    with:
-      image_name: ghcr.io/xrplf/xrpld/nix-${{ matrix.distro.name }}
-      dockerfile: nix/docker/Dockerfile
-      base_image: ${{ matrix.distro.base_image }}
-      push: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}

.github/workflows/build-packaging-images.yml

@@ -1,46 +0,0 @@
-name: Build packaging Docker images
-
-on:
-  push:
-    branches:
-      - develop
-    paths:
-      - ".github/workflows/build-packaging-images.yml"
-      - "package/Dockerfile"
-      - "package/install-packaging-tools.sh"
-  pull_request:
-    paths:
-      - ".github/workflows/build-packaging-images.yml"
-      - "package/Dockerfile"
-      - "package/install-packaging-tools.sh"
-  workflow_dispatch:
-
-concurrency:
-  # Read `on-trigger.yml` for the rationale behind this concurrency group name.
-  group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.ref == 'refs/heads/develop' && github.sha || github.ref }}
-  cancel-in-progress: true
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  build-merge:
-    name: Build and push packaging-${{ matrix.distro.name }}
-    permissions:
-      contents: read
-      packages: write
-    strategy:
-      fail-fast: false
-      matrix:
-        distro:
-          - name: debian
-            base_image: debian:bookworm
-          - name: rhel
-            base_image: registry.access.redhat.com/ubi9/ubi:latest
-    uses: XRPLF/actions/.github/workflows/build-multiarch-image.yml@c1b480188519e0cad040e6aa70db1cbc5a797e07
-    with:
-      image_name: ghcr.io/xrplf/xrpld/packaging-${{ matrix.distro.name }}
-      dockerfile: package/Dockerfile
-      base_image: ${{ matrix.distro.base_image }}
-      push: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}

.github/workflows/check-pr-description.yml

@@ -5,17 +5,8 @@ on:
     types:
       - checks_requested
   pull_request:
-    types:
-      - opened
-      - edited
-      - reopened
-      - synchronize
-      - ready_for_review
-    branches:
-      - develop
-      - "release-*"
-      - "release/*"
-      - "staging/*"
+    types: [opened, edited, reopened, synchronize, ready_for_review]
+    branches: [develop]
 
 jobs:
   check_description:
@@ -23,17 +14,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Write PR body to file
         env:
           PR_BODY: ${{ github.event.pull_request.body }}
         if: ${{ github.event_name == 'pull_request' }}
-        run: printenv PR_BODY >pr_body.md
+        run: printenv PR_BODY > pr_body.md
 
       - name: Check PR description differs from template
         if: ${{ github.event_name == 'pull_request' }}
-        run: |
-          python .github/scripts/check-pr-description.py \
-              --template-file .github/pull_request_template.md \
-              --pr-body-file pr_body.md
+        run: >
+          python .github/scripts/check-pr-description.py
+          --template-file .github/pull_request_template.md
+          --pr-body-file pr_body.md

.github/workflows/check-pr-title.yml

@@ -5,19 +5,10 @@ on:
     types:
       - checks_requested
   pull_request:
-    types:
-      - opened
-      - edited
-      - reopened
-      - synchronize
-      - ready_for_review
-    branches:
-      - develop
-      - "release-*"
-      - "release/*"
-      - "staging/*"
+    types: [opened, edited, reopened, synchronize, ready_for_review]
+    branches: [develop]
 
 jobs:
   check_title:
     if: ${{ github.event.pull_request.draft != true }}
-    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@cba1f0891650baf1a9c88624dc2d72573be2eb81
+    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@a5d8dd35be543365e90a11358447130c8763871d

.github/workflows/conflicting-pr.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check if PRs are dirty
-        uses: eps1lon/actions-label-merge-conflict@0273be72a0bbd58fcd71d0d6c02c209b50d1e5e1 # v3.1.0
+        uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
         with:
           dirtyLabel: "PR: has conflicts"
           repoToken: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/on-pr.yml

@@ -33,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Determine changed files
         # This step checks whether any files have changed that should
         # cause the next jobs to run. We do it this way rather than
@@ -64,13 +64,11 @@ jobs:
             .github/workflows/reusable-build-test-config.yml
             .github/workflows/reusable-build-test.yml
             .github/workflows/reusable-clang-tidy.yml
-            .github/workflows/reusable-package.yml
             .github/workflows/reusable-strategy-matrix.yml
             .github/workflows/reusable-test.yml
             .github/workflows/reusable-upload-recipe.yml
             .clang-tidy
             .codecov.yml
-            cfg/**
             cmake/**
             conan/**
             external/**
@@ -80,10 +78,6 @@ jobs:
             CMakeLists.txt
             conanfile.py
             conan.lock
-            LICENSE.md
-            package/**
-            README.md
-
       - name: Check whether to run
         # This step determines whether the rest of the workflow should
         # run. The rest of the workflow will run if this job runs AND at
@@ -98,7 +92,7 @@ jobs:
           READY: ${{ contains(github.event.pull_request.labels.*.name, 'Ready to merge') }}
           MERGE: ${{ github.event_name == 'merge_group' }}
         run: |
-          echo "go=${{ (env.DRAFT != 'true' && env.READY == 'true') || env.FILES == 'true' || env.MERGE == 'true' }}" >>"${GITHUB_OUTPUT}"
+          echo "go=${{ (env.DRAFT != 'true' && env.READY == 'true') || env.FILES == 'true' || env.MERGE == 'true' }}" >> "${GITHUB_OUTPUT}"
           cat "${GITHUB_OUTPUT}"
     outputs:
       go: ${{ steps.go.outputs.go == 'true' }}
@@ -140,11 +134,6 @@ jobs:
     secrets:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
-  package:
-    needs: [should-run, build-test]
-    if: ${{ needs.should-run.outputs.go == 'true' }}
-    uses: ./.github/workflows/reusable-package.yml
-
   upload-recipe:
     needs:
       - should-run
@@ -168,9 +157,9 @@ jobs:
           PR_URL: ${{ github.event.pull_request.html_url }}
         run: |
           gh api --method POST -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" \
-              /repos/xrplf/clio/dispatches -f "event_type=check_libxrpl" \
-              -F "client_payload[ref]=${{ needs.upload-recipe.outputs.recipe_ref }}" \
-              -F "client_payload[pr_url]=${PR_URL}"
+          /repos/xrplf/clio/dispatches -f "event_type=check_libxrpl" \
+          -F "client_payload[ref]=${{ needs.upload-recipe.outputs.recipe_ref }}" \
+          -F "client_payload[pr_url]=${PR_URL}"
 
   passed:
     if: failure() || cancelled()
@@ -179,7 +168,6 @@ jobs:
       - check-rename
       - clang-tidy
       - build-test
-      - package
       - upload-recipe
       - notify-clio
     runs-on: ubuntu-latest

.github/workflows/on-tag.yml

@@ -1,5 +1,5 @@
-# This workflow uploads the libxrpl recipe to the Conan remote and builds
-# release packages when a versioned tag is pushed.
+# This workflow uploads the libxrpl recipe to the Conan remote when a versioned
+# tag is pushed.
 name: Tag
 
 on:
@@ -22,21 +22,3 @@ jobs:
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}
       remote_password: ${{ secrets.CONAN_REMOTE_PASSWORD }}
-
-  build-test:
-    if: ${{ github.repository == 'XRPLF/rippled' }}
-    uses: ./.github/workflows/reusable-build-test.yml
-    strategy:
-      fail-fast: true
-      matrix:
-        os: [linux]
-    with:
-      ccache_enabled: false
-      os: ${{ matrix.os }}
-    secrets:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
-
-  package:
-    if: ${{ github.repository == 'XRPLF/rippled' }}
-    needs: build-test
-    uses: ./.github/workflows/reusable-package.yml

.github/workflows/on-trigger.yml

@@ -21,13 +21,11 @@ on:
       - ".github/workflows/reusable-build-test-config.yml"
       - ".github/workflows/reusable-build-test.yml"
       - ".github/workflows/reusable-clang-tidy.yml"
-      - ".github/workflows/reusable-package.yml"
       - ".github/workflows/reusable-strategy-matrix.yml"
       - ".github/workflows/reusable-test.yml"
       - ".github/workflows/reusable-upload-recipe.yml"
       - ".clang-tidy"
       - ".codecov.yml"
-      - "cfg/**"
       - "cmake/**"
       - "conan/**"
       - "external/**"
@@ -37,9 +35,6 @@ on:
       - "CMakeLists.txt"
       - "conanfile.py"
       - "conan.lock"
-      - "LICENSE.md"
-      - "package/**"
-      - "README.md"
 
   # Run at 06:32 UTC on every day of the week from Monday through Friday. This
   # will force all dependencies to be rebuilt, which is useful to verify that
@@ -88,6 +83,7 @@ jobs:
       # not identical to a regular compilation.
       ccache_enabled: ${{ github.repository_owner == 'XRPLF' && !startsWith(github.ref, 'refs/heads/release') }}
       os: ${{ matrix.os }}
+      strategy_matrix: ${{ github.event_name == 'schedule' && 'all' || 'minimal' }}
     secrets:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
@@ -99,7 +95,3 @@ jobs:
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}
       remote_password: ${{ secrets.CONAN_REMOTE_PASSWORD }}
-
-  package:
-    needs: build-test
-    uses: ./.github/workflows/reusable-package.yml

.github/workflows/pre-commit.yml

@@ -14,7 +14,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@312aaab296060ff89d7f798dcab59f019bea6e02
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@5e942d61bf32f7557a7c159cfac4712a687b3e3a
     with:
       runs_on: ubuntu-latest
       container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'

.github/workflows/publish-docs.yml

@@ -41,13 +41,13 @@ env:
 jobs:
   build:
     runs-on: ubuntu-latest
-    container: ghcr.io/xrplf/xrpld/nix-ubuntu:sha-fe4c8ae
+    container: ghcr.io/xrplf/ci/tools-rippled-documentation:sha-a8c7be1
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
         with:
           enable_ccache: false
 
@@ -57,11 +57,19 @@ jobs:
         with:
           subtract: ${{ env.NPROC_SUBTRACT }}
 
-      - name: Print build environment
-        uses: XRPLF/actions/print-build-env@59dec886e4afb05a1724443af08baccbc045b574
+      - name: Check configuration
+        run: |
+          echo 'Checking path.'
+          echo ${PATH} | tr ':' '\n'
 
-      - name: Check Doxygen version
-        run: doxygen --version
+          echo 'Checking environment variables.'
+          env | sort
+
+          echo 'Checking CMake version.'
+          cmake --version
+
+          echo 'Checking Doxygen version.'
+          doxygen --version
 
       - name: Build documentation
         env:

.github/workflows/reusable-build-test-config.yml

@@ -57,12 +57,6 @@ on:
         type: string
         default: ""
 
-      compiler:
-        description: 'The compiler to use ("gcc" or "clang"). Leave empty for macOS/Windows (uses system default).'
-        required: false
-        type: string
-        default: ""
-
     secrets:
       CODECOV_TOKEN:
         description: "The Codecov token to use for uploading coverage reports."
@@ -82,7 +76,7 @@ jobs:
     name: ${{ inputs.config_name }}
     runs-on: ${{ fromJSON(inputs.runs_on) }}
     container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: ${{ inputs.sanitizers != '' && 360 || 90 }}
+    timeout-minutes: ${{ inputs.sanitizers != '' && 360 || 60 }}
     env:
       # Use a namespace to keep the objects separate for each configuration.
       CCACHE_NAMESPACE: ${{ inputs.config_name }}
@@ -110,21 +104,16 @@ jobs:
         uses: XRPLF/actions/cleanup-workspace@c7d9ce5ebb03c752a354889ecd870cadfc2b1cd4
 
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
         with:
           enable_ccache: ${{ inputs.ccache_enabled }}
 
       - name: Set ccache log file
         if: ${{ inputs.ccache_enabled && runner.debug == '1' }}
-        run: echo "CCACHE_LOGFILE=${{ runner.temp }}/ccache.log" >>"${GITHUB_ENV}"
-
-      - name: Check tools
-        env:
-          CHECK_TOOLS_SKIP_CLONE: "1"
-        run: ./bin/check-tools.sh
+        run: echo "CCACHE_LOGFILE=${{ runner.temp }}/ccache.log" >> "${GITHUB_ENV}"
 
       - name: Print build environment
         uses: XRPLF/actions/print-build-env@59dec886e4afb05a1724443af08baccbc045b574
@@ -135,12 +124,6 @@ jobs:
         with:
           subtract: ${{ inputs.nproc_subtract }}
 
-      - name: Set compiler environment (Linux)
-        if: ${{ runner.os == 'Linux' }}
-        uses: ./.github/actions/set-compiler-env
-        with:
-          compiler: ${{ inputs.compiler }}
-
       - name: Setup Conan
         env:
           SANITIZERS: ${{ inputs.sanitizers }}
@@ -160,35 +143,15 @@ jobs:
         working-directory: ${{ env.BUILD_DIR }}
         env:
           BUILD_TYPE: ${{ inputs.build_type }}
+          SANITIZERS: ${{ inputs.sanitizers }}
           CMAKE_ARGS: ${{ inputs.cmake_args }}
         run: |
           cmake \
-              -G '${{ runner.os == 'Windows' && 'Visual Studio 17 2022' || 'Ninja' }}' \
-              -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-              -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
-              ${CMAKE_ARGS} \
-              ..
-
-      # Export the sanitizer options before any instrumented binary runs. The
-      # protocol code-gen and build steps below invoke instrumented dependency
-      # tools (protoc, grpc), so setting UBSAN_OPTIONS here lets the UBSan
-      # suppression list silence their diagnostics too, not just at test time.
-      # GITHUB_WORKSPACE (not the github.workspace context) is used so the path
-      # resolves correctly inside the container job.
-      - name: Set sanitizer options
-        if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
-        env:
-          CONFIG_NAME: ${{ inputs.config_name }}
-        run: |
-          SUPP="${GITHUB_WORKSPACE}/sanitizers/suppressions"
-          ASAN_OPTS="include=${SUPP}/runtime-asan-options.txt:suppressions=${SUPP}/asan.supp"
-          if [[ "${CONFIG_NAME}" == *gcc* ]]; then
-              ASAN_OPTS="${ASAN_OPTS}:alloc_dealloc_mismatch=0"
-          fi
-          echo "ASAN_OPTIONS=${ASAN_OPTS}" >>${GITHUB_ENV}
-          echo "TSAN_OPTIONS=include=${SUPP}/runtime-tsan-options.txt:suppressions=${SUPP}/tsan.supp" >>${GITHUB_ENV}
-          echo "UBSAN_OPTIONS=include=${SUPP}/runtime-ubsan-options.txt:suppressions=${SUPP}/ubsan.supp" >>${GITHUB_ENV}
-          echo "LSAN_OPTIONS=include=${SUPP}/runtime-lsan-options.txt:suppressions=${SUPP}/lsan.supp" >>${GITHUB_ENV}
+            -G '${{ runner.os == 'Windows' && 'Visual Studio 17 2022' || 'Ninja' }}' \
+            -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
+            -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
+            ${CMAKE_ARGS} \
+            ..
 
       - name: Check protocol autogen files are up-to-date
         working-directory: ${{ env.BUILD_DIR }}
@@ -210,10 +173,10 @@ jobs:
           cmake --build . --target code_gen
           DIFF=$(git -C .. status --porcelain -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen)
           if [ -n "${DIFF}" ]; then
-              echo "::error::Generated protocol files are out of date"
-              git -C .. diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
-              echo "${MESSAGE}"
-              exit 1
+            echo "::error::Generated protocol files are out of date"
+            git -C .. diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
+            echo "${MESSAGE}"
+            exit 1
           fi
 
       - name: Build the binary
@@ -224,33 +187,18 @@ jobs:
           CMAKE_TARGET: ${{ inputs.cmake_target }}
         run: |
           cmake \
-              --build . \
-              --config "${BUILD_TYPE}" \
-              --parallel "${BUILD_NPROC}" \
-              --target "${CMAKE_TARGET}"
-
-      # This step is needed to allow running in non-Nix environments
-      - name: Patch binary to use default loader and remove rpath (Linux)
-        if: ${{ runner.os == 'Linux' && env.SANITIZERS_ENABLED == 'false' }}
-        run: |
-          loader="$(/tmp/loader-path.sh)"
-          patchelf --set-interpreter "${loader}" --remove-rpath "${{ env.BUILD_DIR }}/xrpld"
-
-      # We're only running aarch64 Linux builds in Ubuntu-based images, so this is kept simple
-      - name: Install libatomic (Linux aarch64)
-        if: ${{ runner.os == 'Linux' && runner.arch == 'ARM64' }}
-        run: |
-          apt update --yes
-          apt install -y --no-install-recommends \
-              libatomic1
+            --build . \
+            --config "${BUILD_TYPE}" \
+            --parallel "${BUILD_NPROC}" \
+            --target "${CMAKE_TARGET}"
 
       - name: Show ccache statistics
         if: ${{ inputs.ccache_enabled }}
         run: |
           ccache --show-stats -vv
           if [ '${{ runner.debug }}' = '1' ]; then
-              cat "${CCACHE_LOGFILE}"
-              curl ${CCACHE_REMOTE_STORAGE%|*}/status || true
+            cat "${CCACHE_LOGFILE}"
+            curl ${CCACHE_REMOTE_STORAGE%|*}/status || true
           fi
 
       - name: Upload the binary (Linux)
@@ -262,24 +210,15 @@ jobs:
           retention-days: 3
           if-no-files-found: error
 
-      - name: Upload the test binary (Linux)
-        if: ${{ github.event.repository.visibility == 'public' && runner.os == 'Linux' }}
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
-        with:
-          name: xrpl_tests-${{ inputs.config_name }}
-          path: ${{ env.BUILD_DIR }}/xrpl_tests
-          retention-days: 3
-          if-no-files-found: error
-
       - name: Export server definitions
         if: ${{ runner.os != 'Windows' && !inputs.build_only && env.VOIDSTAR_ENABLED != 'true' }}
         working-directory: ${{ env.BUILD_DIR }}
         run: |
           set -o pipefail
-          ./xrpld --definitions | python3 -m json.tool >server_definitions.json
+          ./xrpld --definitions | python3 -m json.tool > server_definitions.json
 
       - name: Upload server definitions
-        if: ${{ github.event.repository.visibility == 'public' && inputs.config_name == 'debian-gcc-release-amd64' }}
+        if: ${{ github.event.repository.visibility == 'public' && inputs.config_name == 'debian-bookworm-gcc-13-amd64-release' }}
         uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: server-definitions
@@ -293,10 +232,10 @@ jobs:
         run: |
           ldd ./xrpld
           if [ "$(ldd ./xrpld | grep -E '(libstdc\+\+|libgcc)' | wc -l)" -eq 0 ]; then
-              echo 'The binary is statically linked.'
+            echo 'The binary is statically linked.'
           else
-              echo 'The binary is dynamically linked.'
-              exit 1
+            echo 'The binary is dynamically linked.'
+            exit 1
           fi
 
       - name: Verify presence of instrumentation (Linux)
@@ -305,10 +244,32 @@ jobs:
         run: |
           ./xrpld --version | grep libvoidstar
 
+      - name: Set sanitizer options
+        if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
+        env:
+          CONFIG_NAME: ${{ inputs.config_name }}
+        run: |
+          ASAN_OPTS="include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-asan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp"
+          if [[ "${CONFIG_NAME}" == *gcc* ]]; then
+            ASAN_OPTS="${ASAN_OPTS}:alloc_dealloc_mismatch=0"
+          fi
+          echo "ASAN_OPTIONS=${ASAN_OPTS}" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-tsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-lsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+
       - name: Run the separate tests
         if: ${{ !inputs.build_only }}
-        working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', env.BUILD_DIR, inputs.build_type) || env.BUILD_DIR }}
-        run: ./xrpl_tests
+        working-directory: ${{ env.BUILD_DIR }}
+        # Windows locks some of the build files while running tests, and parallel jobs can collide
+        env:
+          BUILD_TYPE: ${{ inputs.build_type }}
+          PARALLELISM: ${{ runner.os == 'Windows' && '1' || steps.nproc.outputs.nproc }}
+        run: |
+          ctest \
+            --output-on-failure \
+            -C "${BUILD_TYPE}" \
+            -j "${PARALLELISM}"
 
       - name: Run the embedded tests
         if: ${{ !inputs.build_only }}
@@ -318,46 +279,20 @@ jobs:
         run: |
           set -o pipefail
           # Coverage builds are slower due to instrumentation; use fewer parallel jobs to avoid flakiness
-          [ "$COVERAGE_ENABLED" = "true" ] && BUILD_NPROC=$((BUILD_NPROC - 2))
-
-          # The resolver/preload workaround is only correct for the ASan build:
-          # a regular build doesn't hit the __dn_expand interceptor bug, and must
-          # NOT have libasan injected. So only preload when xrpld is ASan-built.
-          #
-          # libresolv hosts getaddrinfo's resolver helpers (dn_expand, res_*). Under ASan
-          # these are intercepted via dlsym(RTLD_NEXT, ...), which yields a NULL pointer
-          # and crashes DNS resolution if libresolv isn't loaded. Linking it guarantees
-          # the symbols are present; it's a harmless no-op on glibc >= 2.34 (merged into
-          # libc) and is what the compiler driver already does for sanitizer builds.
-          #   https://github.com/llvm/llvm-project/issues/59007
-          #   https://github.com/google/sanitizers/issues/1592
-          if ldd ./xrpld | grep -q libasan; then
-              PRELOAD="$(gcc -print-file-name=libasan.so):/usr/lib/x86_64-linux-gnu/libresolv.so.2"
-          else
-              PRELOAD=""
-          fi
-
-          LD_PRELOAD="$PRELOAD" ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}" 2>&1 | tee unittest.log
+          [ "$COVERAGE_ENABLED" = "true" ] && BUILD_NPROC=$(( BUILD_NPROC - 2 ))
+          ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}" 2>&1 | tee unittest.log
 
       - name: Show test failure summary
         if: ${{ failure() && !inputs.build_only }}
-        env:
-          WORKING_DIR: ${{ runner.os == 'Windows' && format('{0}\{1}', env.BUILD_DIR, inputs.build_type) || env.BUILD_DIR }}
+        working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', env.BUILD_DIR, inputs.build_type) || env.BUILD_DIR }}
         run: |
-          if [ ! -d "${WORKING_DIR}" ]; then
-              echo "Working directory '${WORKING_DIR}' does not exist."
-              exit 0
-          fi
-
-          cd "${WORKING_DIR}"
-
           if [ ! -f unittest.log ]; then
-              echo "unittest.log not found; embedded tests may not have run."
-              exit 0
+            echo "unittest.log not found; embedded tests may not have run."
+            exit 0
           fi
 
           if ! grep -E "failed" unittest.log; then
-              echo "Log present but no failure lines found in unittest.log."
+            echo "Log present but no failure lines found in unittest.log."
           fi
       - name: Debug failure (Linux)
         if: ${{ failure() && runner.os == 'Linux' && !inputs.build_only }}
@@ -375,14 +310,14 @@ jobs:
           BUILD_TYPE: ${{ inputs.build_type }}
         run: |
           cmake \
-              --build . \
-              --config "${BUILD_TYPE}" \
-              --parallel "${BUILD_NPROC}" \
-              --target coverage
+            --build . \
+            --config "${BUILD_TYPE}" \
+            --parallel "${BUILD_NPROC}" \
+            --target coverage
 
       - name: Upload coverage report
         if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-build-test.yml

@@ -19,6 +19,13 @@ on:
         required: true
         type: string
 
+      strategy_matrix:
+        # TODO: Support additional strategies, e.g. "ubuntu" for generating all Ubuntu configurations.
+        description: 'The strategy matrix to use for generating the configurations ("minimal", "all").'
+        required: false
+        type: string
+        default: "minimal"
+
     secrets:
       CODECOV_TOKEN:
         description: "The Codecov token to use for uploading coverage reports."
@@ -30,6 +37,7 @@ jobs:
     uses: ./.github/workflows/reusable-strategy-matrix.yml
     with:
       os: ${{ inputs.os }}
+      strategy_matrix: ${{ inputs.strategy_matrix }}
 
   # Build and test the binary for each configuration.
   build-test-config:
@@ -39,6 +47,7 @@ jobs:
     strategy:
       fail-fast: ${{ github.event_name == 'merge_group' }}
       matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
+      max-parallel: 10
     with:
       build_only: ${{ matrix.build_only }}
       build_type: ${{ matrix.build_type }}
@@ -46,9 +55,8 @@ jobs:
       cmake_args: ${{ matrix.cmake_args }}
       cmake_target: ${{ matrix.cmake_target }}
       runs_on: ${{ toJSON(matrix.architecture.runner) }}
-      image: ${{ matrix.image || '' }}
+      image: ${{ contains(matrix.architecture.platform, 'linux') && format('ghcr.io/xrplf/ci/{0}-{1}:{2}-{3}-sha-{4}', matrix.os.distro_name, matrix.os.distro_version, matrix.os.compiler_name, matrix.os.compiler_version, matrix.os.image_sha) || '' }}
       config_name: ${{ matrix.config_name }}
       sanitizers: ${{ matrix.sanitizers }}
-      compiler: ${{ matrix.compiler || '' }}
     secrets:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/reusable-check-levelization.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Check levelization
         run: python .github/scripts/levelization/generate.py
       - name: Check for differences
@@ -38,9 +38,9 @@ jobs:
         run: |
           DIFF=$(git status --porcelain)
           if [ -n "${DIFF}" ]; then
-              # Print the differences to give the contributor a hint about what to
-              # expect when running levelization on their own machine.
-              git diff
-              echo "${MESSAGE}"
-              exit 1
+            # Print the differences to give the contributor a hint about what to
+            # expect when running levelization on their own machine.
+            git diff
+            echo "${MESSAGE}"
+            exit 1
           fi

.github/workflows/reusable-check-rename.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Check definitions
         run: .github/scripts/rename/definitions.sh .
       - name: Check copyright notices
@@ -48,9 +48,9 @@ jobs:
         run: |
           DIFF=$(git status --porcelain)
           if [ -n "${DIFF}" ]; then
-              # Print the differences to give the contributor a hint about what to
-              # expect when running the renaming scripts on their own machine.
-              git diff
-              echo "${MESSAGE}"
-              exit 1
+            # Print the differences to give the contributor a hint about what to
+            # expect when running the renaming scripts on their own machine.
+            git diff
+            echo "${MESSAGE}"
+            exit 1
           fi

.github/workflows/reusable-clang-tidy.yml

@@ -20,35 +20,31 @@ env:
   BUILD_DIR: build
   BUILD_TYPE: Debug # Debug so that ASSERTS and such participate in clang-tidy check
 
-  OUTPUT_FILE: /tmp/clang-tidy-output.txt
-  FILTERED_OUTPUT_FILE: /tmp/clang-tidy-filtered-output.txt
-  DIFF_FILE: /tmp/clang-tidy-git-diff.txt
-  ISSUE_FILE: /tmp/clang-tidy-issue.md
-
-  COMPILER: clang
+  OUTPUT_FILE: clang-tidy-output.txt
+  DIFF_FILE: clang-tidy-git-diff.txt
+  ISSUE_FILE: clang-tidy-issue.md
 
 jobs:
   determine-files:
     if: ${{ inputs.check_only_changed }}
     permissions:
       contents: read
-    uses: XRPLF/actions/.github/workflows/determine-tidy-files.yml@312aaab296060ff89d7f798dcab59f019bea6e02
+    uses: XRPLF/actions/.github/workflows/determine-tidy-files.yml@12f5dbc98a2260259a66970e57fa4d26fb7f285c
 
   run-clang-tidy:
     name: Run clang tidy
     needs: [determine-files]
     if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.cpp_changed_files != '' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
     runs-on: ["self-hosted", "Linux", "X64", "heavy"]
-    container: "ghcr.io/xrplf/xrpld/nix-debian:sha-fe4c8ae"
+    container: "ghcr.io/xrplf/ci/debian-trixie:clang-21-sha-53033a2"
     permissions:
       contents: read
-      issues: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
         with:
           enable_ccache: false
 
@@ -59,11 +55,6 @@ jobs:
         uses: XRPLF/actions/get-nproc@cf0433aa74563aead044a1e395610c96d65a37cf
         id: nproc
 
-      - name: Set compiler environment
-        uses: ./.github/actions/set-compiler-env
-        with:
-          compiler: ${{ env.COMPILER }}
-
       - name: Setup Conan
         uses: ./.github/actions/setup-conan
 
@@ -78,13 +69,13 @@ jobs:
         working-directory: ${{ env.BUILD_DIR }}
         run: |
           cmake \
-              -G 'Ninja' \
-              -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-              -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
-              -Dtests=ON \
-              -Dwerr=ON \
-              -Dxrpld=ON \
-              ..
+            -G 'Ninja' \
+            -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
+            -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
+            -Dtests=ON \
+            -Dwerr=ON \
+            -Dxrpld=ON \
+            ..
 
       # clang-tidy needs headers generated from proto files
       - name: Build libxrpl.libpb
@@ -101,11 +92,6 @@ jobs:
           set -o pipefail
           run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" -quiet -fix -allow-no-checks ${TARGETS} 2>&1 | tee "${OUTPUT_FILE}"
 
-      - name: Print errors
-        if: ${{ steps.run_clang_tidy.outcome != 'success' }}
-        run: |
-          sed '/error\||/!d' "${OUTPUT_FILE}"
-
       - name: Upload clang-tidy output
         if: ${{ github.event.repository.visibility == 'public' && steps.run_clang_tidy.outcome != 'success' }}
         uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
@@ -114,24 +100,13 @@ jobs:
           archive: false
           retention-days: 30
 
-      - name: Check for changes
-        id: files_changed
-        continue-on-error: true
-        run: |
-          git diff --exit-code
-
-      - name: Fix style
-        if: ${{ steps.files_changed.outcome != 'success' }}
-        run: |
-          pre-commit run --all-files || true
-
       - name: Generate git diff
-        if: ${{ steps.files_changed.outcome != 'success' }}
+        if: ${{ steps.run_clang_tidy.outcome != 'success' }}
         run: |
           git diff | tee "${DIFF_FILE}"
 
       - name: Upload clang-tidy diff output
-        if: ${{ github.event.repository.visibility == 'public' && steps.files_changed.outcome != 'success' }}
+        if: ${{ github.event.repository.visibility == 'public' && steps.run_clang_tidy.outcome != 'success' }}
         uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           path: ${{ env.DIFF_FILE }}
@@ -141,58 +116,98 @@ jobs:
       - name: Write issue header
         if: ${{ steps.run_clang_tidy.outcome != 'success' }}
         run: |
-          cat >"${ISSUE_FILE}" <<EOF
+          # Prepare issue body with clang-tidy output
+          cat > "${ISSUE_FILE}" <<EOF
           ## Clang-tidy Check Failed
 
+          **Workflow:** ${{ github.workflow }}
+          **Run ID:** ${{ github.run_id }}
+          **Commit:** ${{ github.sha }}
+          **Branch/Ref:** ${{ github.ref }}
+          **Triggered by:** ${{ github.actor }}
+
           ### Clang-tidy Output:
           \`\`\`
           EOF
 
-      - name: Append clang-tidy output to issue body (filter for errors and warnings)
+      - name: Append clang-tidy output to issue body
         if: ${{ steps.run_clang_tidy.outcome != 'success' }}
         run: |
+          # Append clang-tidy output (filter for errors and warnings)
           if [ -f "${OUTPUT_FILE}" ]; then
-              # Extract lines containing 'error:', 'warning:', or 'note:'
-              grep -E '(error:|warning:|note:)' "${OUTPUT_FILE}" >"${FILTERED_OUTPUT_FILE}" || true
+            # Extract lines containing 'error:', 'warning:', or 'note:'
+            grep -E '(error:|warning:|note:)' "${OUTPUT_FILE}" > filtered-output.txt || true
 
-              # If filtered output is empty, use original (might be a different error format)
-              if [ ! -s "${FILTERED_OUTPUT_FILE}" ]; then
-                  cp "${OUTPUT_FILE}" "${FILTERED_OUTPUT_FILE}"
-              fi
+            # If filtered output is empty, use original (might be a different error format)
+            if [ ! -s filtered-output.txt ]; then
+              cp "${OUTPUT_FILE}" filtered-output.txt
+            fi
 
-              # Truncate if too large
-              head -c 60000 "${FILTERED_OUTPUT_FILE}" >>"${ISSUE_FILE}"
-              if [ "$(wc -c <"${FILTERED_OUTPUT_FILE}")" -gt 60000 ]; then
-                  echo "" >>"${ISSUE_FILE}"
-                  echo "... (output truncated, see artifacts for full output)" >>"${ISSUE_FILE}"
-              fi
+            # Truncate if too large
+            head -c 60000 filtered-output.txt >> "${ISSUE_FILE}"
+            if [ "$(wc -c < filtered-output.txt)" -gt 60000 ]; then
+              echo "" >> "${ISSUE_FILE}"
+              echo "... (output truncated, see artifacts for full output)" >> "${ISSUE_FILE}"
+            fi
 
-              rm "${FILTERED_OUTPUT_FILE}"
+            rm filtered-output.txt
           else
-              echo "No output file found" >>"${ISSUE_FILE}"
+            echo "No output file found" >> "${ISSUE_FILE}"
           fi
 
       - name: Append issue footer
         if: ${{ steps.run_clang_tidy.outcome != 'success' }}
         run: |
-          cat >>"${ISSUE_FILE}" <<EOF
+          cat >> "${ISSUE_FILE}" <<EOF
           \`\`\`
 
+          **Workflow run:** ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
           ---
           *This issue was automatically created by the clang-tidy workflow.*
           EOF
 
-      - name: Create issue
-        if: ${{ steps.run_clang_tidy.outcome != 'success' && inputs.create_issue_on_failure }}
-        uses: XRPLF/actions/create-issue@2b8bc36af85b88bca0dd7bfac2e2dc05f94ad712
+      - name: Upload issue body artifact
+        if: ${{ github.event.repository.visibility == 'public' && steps.run_clang_tidy.outcome != 'success' }}
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
-          title: "Clang-tidy check failed"
-          body_file: ${{ env.ISSUE_FILE }}
-          labels: "Bug,Clang-tidy"
-          assignees: "godexsoft,mathbunnyru"
+          path: ${{ env.ISSUE_FILE }}
+          archive: false
+          retention-days: 30
 
       - name: Fail if clang-tidy found issues
         if: ${{ steps.run_clang_tidy.outcome != 'success' }}
         run: |
           echo "Clang-tidy check failed!"
           exit 1
+
+  create-issue-on-failure:
+    name: Create GitHub issue on failure
+    runs-on: ubuntu-latest
+    needs: [run-clang-tidy]
+    if: ${{ always() && !cancelled() && inputs.create_issue_on_failure && needs.run-clang-tidy.result == 'failure' && github.event.repository.visibility == 'public' }}
+    permissions:
+      issues: write
+      contents: read
+    steps:
+      - name: Download clang-tidy-issue.md
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        with:
+          name: ${{ env.ISSUE_FILE }}
+
+      - name: Create GitHub issue
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          # Create the issue
+          gh issue create \
+            --label "Bug,Clang-tidy" \
+            --title "Clang-tidy check failed" \
+            --body-file ./"${ISSUE_FILE}" \
+            > create_issue.log
+
+      - name: Output created issue number
+        run: |
+          created_issue="$(sed 's|.*/||' create_issue.log)"
+          echo "created_issue=$created_issue" >> $GITHUB_OUTPUT
+          echo "Created issue #$created_issue"

.github/workflows/reusable-package.yml

@@ -1,97 +0,0 @@
-# Build Linux packages (DEB and RPM) from pre-built binary artifacts.
-# Discovers which configurations to package from linux.json (configs in
-# "package_configs") and fans out one job per distro. Only linux/amd64 is
-# supported; the runner is hardcoded in the job below.
-name: Package
-
-on:
-  workflow_call:
-    inputs:
-      pkg_release:
-        description: "Package release number. Increment when repackaging the same executable."
-        required: false
-        type: string
-        default: "1"
-
-defaults:
-  run:
-    shell: bash
-
-env:
-  BUILD_DIR: build
-
-jobs:
-  generate-matrix:
-    runs-on: ubuntu-latest
-    outputs:
-      matrix: ${{ steps.generate.outputs.matrix }}
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-
-      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
-        with:
-          python-version: "3.13"
-
-      - name: Generate packaging matrix
-        id: generate
-        working-directory: .github/scripts/strategy-matrix
-        run: ./generate.py --packaging >>"${GITHUB_OUTPUT}"
-
-  generate-version:
-    runs-on: ubuntu-latest
-    outputs:
-      version: ${{ steps.version.outputs.version }}
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-        with:
-          sparse-checkout: |
-            .github/actions/generate-version
-            src/libxrpl/protocol/BuildInfo.cpp
-      - name: Generate version
-        id: version
-        uses: ./.github/actions/generate-version
-
-  package:
-    needs: [generate-matrix, generate-version]
-    if: ${{ github.event.repository.visibility == 'public' }}
-    strategy:
-      fail-fast: false
-      matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
-    name: "${{ matrix.artifact_name }}"
-    permissions:
-      contents: read
-    runs-on: ["self-hosted", "Linux", "X64", "heavy"]
-    container: ${{ matrix.image }}
-    timeout-minutes: 30
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-
-      - name: Download pre-built binary
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          name: ${{ matrix.artifact_name }}
-          path: ${{ env.BUILD_DIR }}
-
-      - name: Make binary executable
-        run: chmod +x "${BUILD_DIR}/xrpld"
-
-      - name: Build package
-        env:
-          PKG_VERSION: ${{ needs.generate-version.outputs.version }}
-          PKG_RELEASE: ${{ inputs.pkg_release }}
-        run: ./package/build_pkg.sh
-
-      - name: Upload package artifact
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
-        with:
-          name: ${{ matrix.artifact_name }}-pkg-${{ needs.generate-version.outputs.version }}
-          path: |
-            ${{ env.BUILD_DIR }}/debbuild/*.deb
-            ${{ env.BUILD_DIR }}/debbuild/*.ddeb
-            ${{ env.BUILD_DIR }}/rpmbuild/RPMS/**/*.rpm
-          if-no-files-found: error

.github/workflows/reusable-strategy-matrix.yml

@@ -4,9 +4,15 @@ on:
   workflow_call:
     inputs:
       os:
-        description: 'The operating system to use for the build ("linux", "macos", "windows", or empty for all).'
+        description: 'The operating system to use for the build ("linux", "macos", "windows").'
         required: false
         type: string
+      strategy_matrix:
+        # TODO: Support additional strategies, e.g. "ubuntu" for generating all Ubuntu configurations.
+        description: 'The strategy matrix to use for generating the configurations ("minimal", "all").'
+        required: false
+        type: string
+        default: "minimal"
     outputs:
       matrix:
         description: "The generated strategy matrix."
@@ -23,17 +29,17 @@ jobs:
       matrix: ${{ steps.generate.outputs.matrix }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up Python
         uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
-          python-version: "3.13"
+          python-version: 3.13
 
       - name: Generate strategy matrix
         working-directory: .github/scripts/strategy-matrix
         id: generate
         env:
-          GENERATE_CONFIG: ${{ inputs.os != '' && format('--config={0}', inputs.os) || '' }}
-          GENERATE_EVENT: ${{ github.event_name }}
-        run: ./generate.py ${GENERATE_CONFIG} --event="${GENERATE_EVENT}" >>"${GITHUB_OUTPUT}"
+          GENERATE_CONFIG: ${{ inputs.os != '' && format('--config={0}.json', inputs.os) || '' }}
+          GENERATE_OPTION: ${{ inputs.strategy_matrix == 'all' && '--all' || '' }}
+        run: ./generate.py ${GENERATE_OPTION} ${GENERATE_CONFIG} >> "${GITHUB_OUTPUT}"

.github/workflows/reusable-upload-recipe.yml

@@ -40,10 +40,10 @@ defaults:
 jobs:
   upload:
     runs-on: ubuntu-latest
-    container: ghcr.io/xrplf/xrpld/nix-ubuntu:sha-fe4c8ae
+    container: ghcr.io/xrplf/ci/ubuntu-noble:gcc-13-sha-5dd7158
     steps:
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Generate build version number
         id: version

.github/workflows/upload-conan-deps.yml

@@ -30,7 +30,6 @@ on:
       - ".github/scripts/strategy-matrix/**"
       - conanfile.py
       - conan.lock
-      - conan/profiles/**
 
 env:
   CONAN_REMOTE_NAME: xrplf
@@ -49,6 +48,8 @@ jobs:
   # Generate the strategy matrix to be used by the following job.
   generate-matrix:
     uses: ./.github/workflows/reusable-strategy-matrix.yml
+    with:
+      strategy_matrix: ${{ github.event_name == 'pull_request' && 'minimal' || 'all' }}
 
   # Build and upload the dependencies for each configuration.
   run-upload-conan-deps:
@@ -57,18 +58,19 @@ jobs:
     strategy:
       fail-fast: false
       matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
+      max-parallel: 10
     runs-on: ${{ matrix.architecture.runner }}
-    container: ${{ matrix.image || null }}
+    container: ${{ contains(matrix.architecture.platform, 'linux') && format('ghcr.io/xrplf/ci/{0}-{1}:{2}-{3}-sha-{4}', matrix.os.distro_name, matrix.os.distro_version, matrix.os.compiler_name, matrix.os.compiler_version, matrix.os.image_sha) || null }}
     steps:
       - name: Cleanup workspace (macOS and Windows)
         if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
         uses: XRPLF/actions/cleanup-workspace@c7d9ce5ebb03c752a354889ecd870cadfc2b1cd4
 
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
         with:
           enable_ccache: false
 
@@ -81,12 +83,6 @@ jobs:
         with:
           subtract: ${{ env.NPROC_SUBTRACT }}
 
-      - name: Set compiler environment (Linux)
-        if: ${{ runner.os == 'Linux' }}
-        uses: ./.github/actions/set-compiler-env
-        with:
-          compiler: ${{ matrix.compiler }}
-
       - name: Setup Conan
         env:
           SANITIZERS: ${{ matrix.sanitizers }}

.pre-commit-config.yaml

@@ -37,57 +37,40 @@ repos:
         exclude: ^include/xrpl/protocol_autogen/(transactions|ledger_entries)/
 
   - repo: https://github.com/pre-commit/mirrors-clang-format
-    rev: dd18dad857d6133e90bbe478f4f2f22ec0030269 # frozen: v22.1.5
+    rev: cd481d7b0bfb5c7b3090c21846317f9a8262e891 # frozen: v22.1.0
     hooks:
       - id: clang-format
         args: [--style=file]
         "types_or": [c++, c, proto]
         exclude: ^include/xrpl/protocol_autogen/(transactions|ledger_entries)/
 
-  - repo: https://github.com/BlankSpruce/gersemi-pre-commit
-    rev: faadd6a9d852369ca94f4d15b2404c967ba8cb01 # frozen: 0.27.6
+  - repo: https://github.com/BlankSpruce/gersemi
+    rev: 0.26.0
     hooks:
       - id: gersemi
 
   - repo: https://github.com/rbubley/mirrors-prettier
-    rev: 515f543f5718ebfd6ce22e16708bb32c68ff96e1 # frozen: v3.8.3
+    rev: c2bc67fe8f8f549cc489e00ba8b45aa18ee713b1 # frozen: v3.8.1
     hooks:
       - id: prettier
         args: [--end-of-line=auto]
 
   - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: 4160603246a6b365d4a2af661c6d71b0a0f50478 # frozen: 26.5.1
+    rev: ea488cebbfd88a5f50b8bd95d5c829d0bb76feb8 # frozen: 26.1.0
     hooks:
       - id: black
 
-  - repo: https://github.com/scop/pre-commit-shfmt
-    rev: 05c1426671b9237fb5e1444dd63aa5731bec0dfb # frozen: v3.13.1-1
+  - repo: https://github.com/openstack/bashate
+    rev: 5798d24d571676fc407e81df574c1ef57b520f23 # frozen: 2.1.1
     hooks:
-      - id: shfmt
-        args: [--write, --indent=4, --case-indent=true]
-
-  - repo: local
-    hooks:
-      - id: format-inline-bash-workflows
-        name: "format `run:` blocks in workflows/actions"
-        entry: ./.github/scripts/format-inline-bash.py
-        language: python
-        files: ^\.github/(workflows|actions)/.*\.ya?ml$
-      - id: format-inline-bash-markdown
-        name: "format ```bash blocks in markdown"
-        entry: ./.github/scripts/format-inline-bash.py
-        language: python
-        files: \.md$
+      - id: bashate
+        args: ["--ignore=E006"]
 
   - repo: https://github.com/streetsidesoftware/cspell-cli
-    rev: 4643f154907327ee0a2c7038f0296e0dd77d9776 # frozen: v10.0.0
+    rev: a42085ade523f591dca134379a595e7859986445 # frozen: v9.7.0
     hooks:
       - id: cspell # Spell check changed files
-        exclude: |
-          (?x)^(
-              .config/cspell.config.yaml|
-              include/xrpl/protocol_autogen/(transactions|ledger_entries)/.*
-          )$
+        exclude: (.config/cspell.config.yaml|^include/xrpl/protocol_autogen/(transactions|ledger_entries)/)
       - id: cspell # Spell check the commit message
         name: check commit message spelling
         args:

BUILD.md

@@ -1,57 +1,26 @@
-| :warning: **WARNING** :warning:                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| These instructions assume you have a C++ development environment ready with Git, Python, Conan, CMake, and a C++ compiler. For help setting one up on Linux, macOS, or Windows, [see this guide](./docs/build/environment.md).<br><br>These instructions also assume a basic familiarity with Conan and CMake. If you are unfamiliar with Conan, you can read our [crash course](./docs/build/conan.md) or the official [Getting Started][conan-getting-started] walkthrough. |
+| :warning: **WARNING** :warning:                                                                                                                                                                                                |
+| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| These instructions assume you have a C++ development environment ready with Git, Python, Conan, CMake, and a C++ compiler. For help setting one up on Linux, macOS, or Windows, [see this guide](./docs/build/environment.md). |
 
-## Minimum Requirements
+> These instructions also assume a basic familiarity with Conan and CMake.
+> If you are unfamiliar with Conan, you can read our
+> [crash course](./docs/build/conan.md) or the official [Getting Started][3]
+> walkthrough.
 
-See [System Requirements](https://xrpl.org/system-requirements.html).
+## Branches
 
-Building xrpld generally requires Git, Python, Conan, CMake, and a C++
-compiler.
-
-- [Python](https://www.python.org/downloads/)
-- [Conan](https://conan.io/downloads.html)
-- [CMake](https://cmake.org/download/)
-
-You can verify that the required tools are installed and runnable with:
+For a stable release, choose the `master` branch or one of the [tagged
+releases](https://github.com/XRPLF/rippled/releases).
 
 ```bash
-./bin/check-tools.sh
+git checkout master
 ```
 
-`xrpld` is written in the C++23 dialect. The [tested compiler versions][cpp23-support] are:
+For the latest release candidate, choose the `release` branch.
 
-| Compiler    | Version         |
-| ----------- | --------------- |
-| GCC         | 15.2            |
-| Clang       | 22              |
-| Apple Clang | 17              |
-| MSVC        | 19.44[^windows] |
-
-## Operating Systems
-
-Please see the [environment setup guide](./docs/build/environment.md) for detailed instructions for all platforms.
-
-### Linux
-
-The Ubuntu Linux distribution has received the highest level of quality
-assurance, testing, and support. We also support Red Hat and use Debian
-internally.
-Our Linux CI tooling is distro-independent and uses a Nix-based environment, so it should be possible to build on other Linux distributions as well, although we have not tested them.
-
-### macOS
-
-Many `xrpld` engineers use macOS for development.
-
-### Windows
-
-Windows is used by some engineers for development only.
-
-[^windows]: Windows is not recommended for production use.
-
-## Steps
-
-### Branches
+```bash
+git checkout release
+```
 
 For the latest set of untested features, or to contribute, choose the `develop`
 branch.
@@ -60,15 +29,55 @@ branch.
 git checkout develop
 ```
 
-For a release candidate, choose the relevant release branch, e.g.
-`release/3.2.x`.
+## Minimum Requirements
 
-```bash
-git checkout release/3.2.x
-```
+See [System Requirements](https://xrpl.org/system-requirements.html).
 
-For a stable release, choose one of the [tagged
-releases](https://github.com/XRPLF/rippled/releases).
+Building xrpld generally requires git, Python, Conan, CMake, and a C++
+compiler. Some guidance on setting up such a [C++ development environment can be
+found here](./docs/build/environment.md).
+
+- [Python 3.11](https://www.python.org/downloads/), or higher
+- [Conan 2.17](https://conan.io/downloads.html)[^1], or higher
+- [CMake 3.22](https://cmake.org/download/), or higher
+
+[^1]:
+    It is possible to build with Conan 1.60+, but the instructions are
+    significantly different, which is why we are not recommending it.
+
+`xrpld` is written in the C++20 dialect and includes the `<concepts>` header.
+The [minimum compiler versions][2] required are:
+
+| Compiler    | Version   |
+| ----------- | --------- |
+| GCC         | 12        |
+| Clang       | 16        |
+| Apple Clang | 16        |
+| MSVC        | 19.44[^3] |
+
+### Linux
+
+The Ubuntu Linux distribution has received the highest level of quality
+assurance, testing, and support. We also support Red Hat and use Debian
+internally.
+
+Here are [sample instructions for setting up a C++ development environment on
+Linux](./docs/build/environment.md#linux).
+
+### Mac
+
+Many xrpld engineers use macOS for development.
+
+Here are [sample instructions for setting up a C++ development environment on
+macOS](./docs/build/environment.md#macos).
+
+### Windows
+
+Windows is used by some engineers for development only.
+
+[^3]: Windows is not recommended for production use.
+
+## Steps
 
 ### Set Up Conan
 
@@ -77,11 +86,18 @@ Conan, CMake, and a C++ compiler, you may need to set up your Conan profile.
 
 These instructions assume a basic familiarity with Conan and CMake. If you are
 unfamiliar with Conan, then please read [this crash course](./docs/build/conan.md) or the official
-[Getting Started][conan-getting-started] walkthrough.
+[Getting Started][3] walkthrough.
 
-#### Profiles
+#### Conan lockfile
 
-We recommend that you install our Conan profiles:
+To achieve reproducible dependencies, we use a [Conan lockfile](https://docs.conan.io/2/tutorial/versioning/lockfiles.html),
+which has to be updated every time dependencies change.
+
+Please see the [instructions on how to regenerate the lockfile](conan/lockfile/README.md).
+
+#### Default profile
+
+We recommend that you import the provided `conan/profiles/default` profile:
 
 ```bash
 conan config install conan/profiles/ -tf $(conan config home)/profiles/
@@ -93,15 +109,222 @@ You can check your Conan profile by running:
 conan profile show
 ```
 
-If the default profile is not suitable for your environment, you can create a custom profile and pass it to Conan.
-More information on customizing Conan can be found in the [Advanced Conan configuration](./docs/build/advanced_conan.md).
+#### Custom profile
 
-#### Add xrplf remote
-
-Run the following command to add the `xrplf` remote, which hosts some of our dependencies:
+If the default profile does not work for you and you do not yet have a Conan
+profile, you can create one by running:
 
 ```bash
-conan remote add --index 0 --force xrplf https://conan.ripplex.io
+conan profile detect
+```
+
+You may need to make changes to the profile to suit your environment. You can
+refer to the provided `conan/profiles/default` profile for inspiration, and you
+may also need to apply the required [tweaks](#conan-profile-tweaks) to this
+default profile.
+
+### Patched recipes
+
+Occasionally, we need patched recipes or recipes not present in Conan Center.
+We maintain a fork of the Conan Center Index
+[here](https://github.com/XRPLF/conan-center-index/) containing the modified and newly added recipes.
+
+To ensure our patched recipes are used, you must add our Conan remote at a
+higher index than the default Conan Center remote, so it is consulted first. You
+can do this by running:
+
+```bash
+conan remote add --index 0 xrplf https://conan.ripplex.io
+```
+
+Alternatively, you can pull our recipes from the repository and export them locally:
+
+```bash
+# Define which recipes to export.
+recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
+
+# Selectively check out the recipes from our CCI fork.
+cd external
+mkdir -p conan-center-index
+cd conan-center-index
+git init
+git remote add origin git@github.com:XRPLF/conan-center-index.git
+git sparse-checkout init
+for recipe in "${recipes[@]}"; do
+  echo "Checking out recipe '${recipe}'..."
+  git sparse-checkout add recipes/${recipe}
+done
+git fetch origin master
+git checkout master
+
+./export_all.sh
+cd ../../
+```
+
+In the case we switch to a newer version of a dependency that still requires a
+patch or add a new dependency, it will be necessary for you to pull in the changes and re-export the
+updated dependencies with the newer version. However, if we switch to a newer
+version that no longer requires a patch, no action is required on your part, as
+the new recipe will be automatically pulled from the official Conan Center.
+
+> [!NOTE]
+> You might need to add `--lockfile=""` to your `conan install` command
+> to avoid automatic use of the existing `conan.lock` file when you run
+> `conan export` manually on your machine
+>
+> This is not recommended though, as you might end up using different revisions of recipes.
+
+### Conan profile tweaks
+
+#### Missing compiler version
+
+If you see an error similar to the following after running `conan profile show`:
+
+```bash
+ERROR: Invalid setting '17' is not a valid 'settings.compiler.version' value.
+Possible values are ['5.0', '5.1', '6.0', '6.1', '7.0', '7.3', '8.0', '8.1',
+'9.0', '9.1', '10.0', '11.0', '12.0', '13', '13.0', '13.1', '14', '14.0', '15',
+'15.0', '16', '16.0']
+Read "http://docs.conan.io/2/knowledge/faq.html#error-invalid-setting"
+```
+
+you need to add your compiler to the list of compiler versions in
+`$(conan config home)/settings_user.yml`, by adding the required version number(s)
+to the `version` array specific for your compiler. For example:
+
+```yaml
+compiler:
+  apple-clang:
+    version: ["17.0"]
+```
+
+#### Multiple compilers
+
+If you have multiple compilers installed, make sure to select the one to use in
+your default Conan configuration **before** running `conan profile detect`, by
+setting the `CC` and `CXX` environment variables.
+
+For example, if you are running MacOS and have [homebrew
+LLVM@18](https://formulae.brew.sh/formula/llvm@18), and want to use it as a
+compiler in the new Conan profile:
+
+```bash
+export CC=$(brew --prefix llvm@18)/bin/clang
+export CXX=$(brew --prefix llvm@18)/bin/clang++
+conan profile detect
+```
+
+You should also explicitly set the path to the compiler in the profile file,
+which helps to avoid errors when `CC` and/or `CXX` are set and disagree with the
+selected Conan profile. For example:
+
+```text
+[conf]
+tools.build:compiler_executables={'c':'/usr/bin/gcc','cpp':'/usr/bin/g++'}
+```
+
+#### Multiple profiles
+
+You can manage multiple Conan profiles in the directory
+`$(conan config home)/profiles`, for example renaming `default` to a different
+name and then creating a new `default` profile for a different compiler.
+
+#### Select language
+
+The default profile created by Conan will typically select different C++ dialect
+than C++20 used by this project. You should set `20` in the profile line
+starting with `compiler.cppstd=`. For example:
+
+```bash
+sed -i.bak -e 's|^compiler\.cppstd=.*$|compiler.cppstd=20|' $(conan config home)/profiles/default
+```
+
+#### Select standard library in Linux
+
+**Linux** developers will commonly have a default Conan [profile][] that
+compiles with GCC and links with libstdc++. If you are linking with libstdc++
+(see profile setting `compiler.libcxx`), then you will need to choose the
+`libstdc++11` ABI:
+
+```bash
+sed -i.bak -e 's|^compiler\.libcxx=.*$|compiler.libcxx=libstdc++11|' $(conan config home)/profiles/default
+```
+
+#### Select architecture and runtime in Windows
+
+**Windows** developers may need to use the x64 native build tools. An easy way
+to do that is to run the shortcut "x64 Native Tools Command Prompt" for the
+version of Visual Studio that you have installed.
+
+Windows developers must also build `xrpld` and its dependencies for the x64
+architecture:
+
+```bash
+sed -i.bak -e 's|^arch=.*$|arch=x86_64|' $(conan config home)/profiles/default
+```
+
+**Windows** developers also must select static runtime:
+
+```bash
+sed -i.bak -e 's|^compiler\.runtime=.*$|compiler.runtime=static|' $(conan config home)/profiles/default
+```
+
+#### Clang workaround for grpc
+
+If your compiler is clang, version 19 or later, or apple-clang, version 17 or
+later, you may encounter a compilation error while building the `grpc`
+dependency:
+
+```text
+In file included from .../lib/promise/try_seq.h:26:
+.../lib/promise/detail/basic_seq.h:499:38: error: a template argument list is expected after a name prefixed by the template keyword [-Wmissing-template-arg-list-after-template-kw]
+  499 |                     Traits::template CallSeqFactory(f_, *cur_, std::move(arg)));
+      |                                      ^
+```
+
+The workaround for this error is to add two lines to profile:
+
+```text
+[conf]
+tools.build:cxxflags=['-Wno-missing-template-arg-list-after-template-kw']
+```
+
+#### Workaround for gcc 12
+
+If your compiler is gcc, version 12, and you have enabled `werr` option, you may
+encounter a compilation error such as:
+
+```text
+/usr/include/c++/12/bits/char_traits.h:435:56: error: 'void* __builtin_memcpy(void*, const void*, long unsigned int)' accessing 9223372036854775810 or more bytes at offsets [2, 9223372036854775807] and 1 may overlap up to 9223372036854775813 bytes at offset -3 [-Werror=restrict]
+  435 |         return static_cast<char_type*>(__builtin_memcpy(__s1, __s2, __n));
+      |                                        ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
+cc1plus: all warnings being treated as errors
+```
+
+The workaround for this error is to add two lines to your profile:
+
+```text
+[conf]
+tools.build:cxxflags=['-Wno-restrict']
+```
+
+#### Workaround for clang 16
+
+If your compiler is clang, version 16, you may encounter compilation error such
+as:
+
+```text
+In file included from .../boost/beast/websocket/stream.hpp:2857:
+.../boost/beast/websocket/impl/read.hpp:695:17: error: call to 'async_teardown' is ambiguous
+                async_teardown(impl.role, impl.stream(),
+                ^~~~~~~~~~~~~~
+```
+
+The workaround for this error is to add two lines to your profile:
+
+```text
+[conf]
+tools.build:cxxflags=['-DBOOST_ASIO_DISABLE_CONCEPTS']
 ```
 
 ### Set Up Ccache
@@ -110,7 +333,14 @@ To speed up repeated compilations, we recommend that you install
 [ccache](https://ccache.dev), a tool that wraps your compiler so that it can
 cache build objects locally.
 
-On Linux and macOS, `ccache` is included in the [Nix development shell](./docs/build/nix.md).
+#### Linux
+
+You can install it using the package manager, e.g. `sudo apt install ccache`
+(Ubuntu) or `sudo dnf install ccache` (RHEL).
+
+#### macOS
+
+You can install it using Homebrew, i.e. `brew install ccache`.
 
 #### Windows
 
@@ -197,19 +427,16 @@ install ccache --version 4.11.3 --allow-downgrade`.
    Single-config generators:
 
    ```
-   cmake --build . --parallel N
+   cmake --build .
    ```
 
    Multi-config generators:
 
    ```
-   cmake --build . --config Release --parallel N
-   cmake --build . --config Debug --parallel N
+   cmake --build . --config Release
+   cmake --build . --config Debug
    ```
 
-   Replace the `--parallel` parameter N with the desired number of parallel jobs. A common starting point is half of the number of available CPU
-   cores.
-
 5. Test xrpld.
 
    Single-config generators:
@@ -303,15 +530,15 @@ stored inside the build directory, as either of:
 ## Sanitizers
 
 To build dependencies and xrpld with sanitizer instrumentation, set the
-`SANITIZERS` environment variable when running `conan install` and use the `sanitizers` profile:
+`SANITIZERS` environment variable (only once before running conan and cmake) and use the `sanitizers` profile in conan:
 
 ```bash
 export SANITIZERS=address,undefinedbehavior
 
 conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
-```
 
-You can then build and test as usual, with the generated `xrpld` binary containing the sanitizer instrumentation. When you run it, it will report any sanitizer errors it detects in the console output.
+cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake -DCMAKE_BUILD_TYPE=Debug -Dxrpld=ON -Dtests=ON ..
+```
 
 See [Sanitizers docs](./docs/build/sanitizers.md) for more details.
 
@@ -319,7 +546,7 @@ See [Sanitizers docs](./docs/build/sanitizers.md) for more details.
 
 | Option     | Default Value | Description                                                    |
 | ---------- | ------------- | -------------------------------------------------------------- |
-| `assert`   | OFF           | Force enabling assertions.                                     |
+| `assert`   | OFF           | Enable assertions.                                             |
 | `coverage` | OFF           | Prepare the coverage report.                                   |
 | `tests`    | OFF           | Build tests.                                                   |
 | `unity`    | OFF           | Configure a unity build.                                       |
@@ -327,7 +554,7 @@ See [Sanitizers docs](./docs/build/sanitizers.md) for more details.
 | `werr`     | OFF           | Treat compilation warnings as errors                           |
 | `wextra`   | OFF           | Enable additional compilation warnings                         |
 
-[Unity builds][unity-build] may be faster for the first build (at the cost of much more
+[Unity builds][5] may be faster for the first build (at the cost of much more
 memory) since they concatenate sources into fewer translation units. Non-unity
 builds may be faster for incremental builds, and can be helpful for detecting
 `#include` omissions.
@@ -353,14 +580,14 @@ After any updates or changes to dependencies, you may need to do the following:
    conan remove '*'
    ```
 
-3. Re-run [conan export](./docs/build/advanced_conan.md#patched-recipes) if needed.
-4. [Regenerate lockfile](./docs/build/advanced_conan.md#conan-lockfile).
+3. Re-run [conan export](#patched-recipes) if needed.
+4. [Regenerate lockfile](#conan-lockfile).
 5. Re-run [conan install](#build-and-test).
 
 #### ERROR: Package not resolved
 
 If you're seeing an error like `ERROR: Package 'snappy/1.1.10' not resolved: Unable to find 'snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1756234314.246' in remotes.`,
-please [add `xrplf` remote](#add-xrplf-remote) or re-run `conan export` for [patched recipes](./docs/build/advanced_conan.md#patched-recipes).
+please add `xrplf` remote or re-run `conan export` for [patched recipes](#patched-recipes).
 
 ### `protobuf/port_def.inc` file not found
 
@@ -380,9 +607,28 @@ For example, if you want to build Debug:
 1. For conan install, pass `--settings build_type=Debug`
 2. For cmake, pass `-DCMAKE_BUILD_TYPE=Debug`
 
-[cpp23-support]: https://en.cppreference.com/w/cpp/compiler_support/23
-[conan-getting-started]: https://docs.conan.io/en/latest/getting_started.html
-[unity-build]: https://en.wikipedia.org/wiki/Unity_build
+## Add a Dependency
+
+If you want to experiment with a new package, follow these steps:
+
+1. Search for the package on [Conan Center](https://conan.io/center/).
+2. Modify [`conanfile.py`](./conanfile.py):
+   - Add a version of the package to the `requires` property.
+   - Change any default options for the package by adding them to the
+     `default_options` property (with syntax `'$package:$option': $value`).
+3. Modify [`CMakeLists.txt`](./CMakeLists.txt):
+   - Add a call to `find_package($package REQUIRED)`.
+   - Link a library from the package to the target `xrpl_libs`
+     (search for the existing call to `target_link_libraries(xrpl_libs INTERFACE ...)`).
+4. Start coding! Don't forget to include whatever headers you need from the package.
+
+[1]: https://github.com/conan-io/conan-center-index/issues/13168
+[2]: https://en.cppreference.com/w/cpp/compiler_support/20
+[3]: https://docs.conan.io/en/latest/getting_started.html
+[5]: https://en.wikipedia.org/wiki/Unity_build
+[6]: https://github.com/boostorg/beast/issues/2648
+[7]: https://github.com/boostorg/beast/issues/2661
 [gcovr]: https://gcovr.com/en/stable/getting-started.html
 [python-pip]: https://packaging.python.org/en/latest/guides/installing-using-pip-and-virtual-environments/
 [build_type]: https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html
+[profile]: https://docs.conan.io/en/latest/reference/profiles.html

CMakeLists.txt

@@ -15,7 +15,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
 
 project(xrpl)
 set(CMAKE_CXX_EXTENSIONS OFF)
-set(CMAKE_CXX_STANDARD 23)
+set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
@@ -88,6 +88,7 @@ find_package(ed25519 REQUIRED)
 find_package(gRPC REQUIRED)
 find_package(LibArchive REQUIRED)
 find_package(lz4 REQUIRED)
+find_package(mpt-crypto REQUIRED)
 find_package(nudb REQUIRED)
 find_package(OpenSSL REQUIRED)
 find_package(secp256k1 REQUIRED)
@@ -100,6 +101,7 @@ target_link_libraries(
     INTERFACE
         ed25519::ed25519
         lz4::lz4
+        mpt-crypto::mpt-crypto
         OpenSSL::Crypto
         OpenSSL::SSL
         secp256k1::secp256k1
@@ -134,7 +136,6 @@ endif()
 include(XrplCore)
 include(XrplProtocolAutogen)
 include(XrplInstall)
-include(XrplPackaging)
 include(XrplValidatorKeys)
 
 if(tests)

CONTRIBUTING.md

@@ -14,9 +14,9 @@ The following branches exist in the main project repository:
 
 - `develop`: The latest set of unreleased features, and the most common
   starting point for contributions.
-- `release/*` (e.g. `release/3.2.x`): Release branches, one per release line,
-  holding the latest release candidate, or stable release for that line.
-  Stable releases are published as [tagged releases](https://github.com/XRPLF/rippled/releases).
+- `release`: The latest beta release or release candidate.
+- `master`: The latest stable release.
+- `gh-pages`: The documentation for this project, built by Doxygen.
 
 The tip of each branch must be signed. In order for GitHub to sign a
 squashed commit that it builds from your pull request, GitHub must know
@@ -130,9 +130,11 @@ tl;dr
 ## Pull requests
 
 In general, pull requests use `develop` as the base branch.
+The exceptions are
 
-The exceptions are fixes, improvements, and hotfixes for an existing release,
-which use that release's branch (e.g. `release/3.2.x`) as the base.
+- Fixes and improvements to a release candidate use `release` as the
+  base.
+- Hotfixes use `master` as the base.
 
 If your changes are not quite ready, but you want to make it easily available
 for preliminary examination or review, you can create a "Draft" pull request.
@@ -214,7 +216,7 @@ coherent rather than a set of _thou shalt not_ commandments.
 
 ## Formatting
 
-All code must conform to `clang-format` version 22,
+All code must conform to `clang-format` version 21,
 according to the settings in [`.clang-format`](./.clang-format),
 unless the result would be unreasonably difficult to read or maintain.
 To demarcate lines that should be left as-is, surround them with comments like
@@ -259,7 +261,7 @@ This ensures that configuration changes don't introduce new warnings across the
 
 ### Installing clang-tidy
 
-See the [environment setup guide](./docs/build/environment.md#clang-tidy) for how to get clang-tidy.
+See the [environment setup guide](./docs/build/environment.md#clang-tidy) for platform-specific installation instructions.
 
 ### Running clang-tidy locally
 

bin/check-tools.sh

@@ -1,158 +0,0 @@
-#!/usr/bin/env bash
-#
-# check-tools.sh — verify the xrpld development tooling is present and runnable.
-#
-# Works on Linux, macOS, and Windows (Git Bash / MSYS). For every expected tool
-# it runs a version probe, collecting anything that is missing or fails to run,
-# and prints a summary at the end (exiting non-zero if anything is missing).
-#
-# The tool set is platform-aware:
-#   - Linux:   the full Nix CI environment (see nix/packages.nix, nix/ci-env.nix),
-#              with GCC, Clang and the sanitizer/coverage tooling. This script is
-#              run during the Nix Docker image build (nix/docker/Dockerfile), so
-#              the Linux list is kept in sync with that environment.
-#   - macOS:   the same tooling, minus GCC/g++/gcov/mold
-#   - Windows: the core build tools only (CMake, Conan, Git, Python).
-#              MSVC is expected to be provided separately and is not checked here.
-#
-# Some tools (clang-format, doxygen, gcovr, gh, git-cliff, gpg, pre-commit,
-# run-clang-tidy) are present in our Linux CI images and in local development
-# setups, but not in the macOS CI environment. They are checked everywhere
-# except when running in CI on macOS.
-#
-# Environment variables:
-#   CI                      if set, skip the tools above when on macOS.
-#   CHECK_TOOLS_SKIP_CLONE  if set, skip the git-over-HTTPS connectivity check.
-
-set -uo pipefail
-
-missing=()
-checked=0
-
-# check <name> [probe-command...]
-# Runs the probe (default: "<name> --version") quietly. Records <name> as
-# missing if the command is not found or exits non-zero.
-check() {
-    local name="$1"
-    shift
-    local -a probe=("$@")
-    if [ "${#probe[@]}" -eq 0 ]; then
-        probe=("${name}" --version)
-    fi
-
-    echo "Checking ${name}..."
-    checked=$((checked + 1))
-    if "${probe[@]}" | head -n 1; then
-        printf '  [ ok ] %s\n' "${name}"
-    else
-        printf '  [MISS] %s\n' "${name}"
-        missing+=("${name}")
-    fi
-}
-
-case "$(uname -s)" in
-    Linux*) os=linux ;;
-    Darwin*) os=macos ;;
-    MINGW* | MSYS* | CYGWIN*) os=windows ;;
-    *)
-        echo "Unknown OS: $(uname -s)" >&2
-        exit 1
-        ;;
-esac
-
-echo "Detected OS: ${os} ($(uname -s) $(uname -m))"
-echo
-echo "Core build tools:"
-check cmake
-check conan
-check git
-if [ "${os}" = "windows" ]; then
-    check python python --version
-else
-    check python3
-fi
-
-# The full development toolchain. Available from Nix on Linux and macOS; on
-# Windows these are typically not installed, so they are skipped.
-if [ "${os}" = "linux" ] || [ "${os}" = "macos" ]; then
-    echo
-    echo "Development tooling:"
-    check ccache
-    check clang
-    check clang++
-    check ClangBuildAnalyzer
-    check curl
-    check file
-    check less
-    check make
-    check netstat which netstat
-    check ninja
-    check perl
-    check pkg-config
-    check vim
-
-    # These tools are present in our Linux CI images and in local development
-    # setups, but not in the macOS CI environment. So check them everywhere
-    # except when running in CI on macOS.
-    if [ "${os}" = "linux" ] || [ -z "${CI:-}" ]; then
-        check clang-format
-        check doxygen
-        check gcovr
-        check gh
-        check git-cliff
-        check gpg
-        # pre-commit, or its alternative implementation prek
-        check pre-commit sh -c 'pre-commit --version || prek --version'
-        check run-clang-tidy run-clang-tidy --help
-    fi
-fi
-
-# GCC is the default compiler on Linux. macOS uses the system Apple Clang
-# instead, so GCC/g++/gcov are not expected there.
-if [ "${os}" = "linux" ]; then
-    echo
-    echo "GCC toolchain:"
-    check gcc
-    check g++
-    check gcov
-
-    echo
-    echo "Mold:"
-    check mold
-fi
-
-if [ "${os}" = "windows" ]; then
-    echo
-    echo "Note: on Windows the C++ compiler is MSVC, which is provided"
-    echo "      separately (e.g. via Visual Studio) and is not checked here."
-fi
-
-# A simple test to verify that git can clone a repository over HTTPS
-# (i.e. the CA bundle is wired up). Clone to a temp dir and clean up.
-if [ -n "${CHECK_TOOLS_SKIP_CLONE:-}" ]; then
-    echo
-    echo "Skipping git-over-HTTPS check (CHECK_TOOLS_SKIP_CLONE is set)."
-else
-    echo
-    echo "Connectivity check:"
-    checked=$((checked + 1))
-    tmp_clone="$(mktemp -d)"
-    if git clone --depth 1 https://github.com/XRPLF/actions.git "${tmp_clone}/actions" >/dev/null 2>&1; then
-        printf '  [ ok ] git clone over HTTPS\n'
-    else
-        printf '  [MISS] git clone over HTTPS\n'
-        missing+=("git-https-clone")
-    fi
-    rm -rf "${tmp_clone}"
-fi
-
-echo
-if [ "${#missing[@]}" -eq 0 ]; then
-    echo "All ${checked} checked tools are present and runnable."
-else
-    echo "Missing or non-functional tools (${#missing[@]} of ${checked}):" >&2
-    for tool in "${missing[@]}"; do
-        echo "  - ${tool}" >&2
-    done
-    exit 1
-fi

bin/git/setup-upstreams.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 
 if [[ $# -ne 1 || "$1" == "--help" || "$1" == "-h" ]]; then
-    name=$(basename $0)
-    cat <<-USAGE
+    name=$( basename $0 )
+    cat <<- USAGE
     Usage: $name <username>
 
     Where <username> is the Github username of the upstream repo. e.g. XRPLF
@@ -14,7 +14,7 @@ fi
 shift
 user="$1"
 # Get the origin URL. Expect it be an SSH-style URL
-origin=$(git remote get-url origin)
+origin=$( git remote get-url origin )
 if [[ "${origin}" == "" ]]; then
     echo Invalid origin remote >&2
     exit 1
@@ -22,11 +22,11 @@ fi
 # echo "Origin: ${origin}"
 # Parse the origin
 ifs_orig="${IFS}"
-IFS=':' read remote originpath <<<"${origin}"
+IFS=':' read remote originpath <<< "${origin}"
 # echo "Remote: ${remote}, Originpath: ${originpath}"
-IFS='@' read sshuser server <<<"${remote}"
+IFS='@' read sshuser server <<< "${remote}"
 # echo "SSHUser: ${sshuser}, Server: ${server}"
-IFS='/' read originuser repo <<<"${originpath}"
+IFS='/' read originuser repo <<< "${originpath}"
 # echo "Originuser: ${originuser}, Repo: ${repo}"
 if [[ "${sshuser}" == "" || "${server}" == "" || "${originuser}" == "" || "${repo}" == "" ]]; then
     echo "Can't parse origin URL: ${origin}" >&2
@@ -35,9 +35,9 @@ fi
 upstream="https://${server}/${user}/${repo}"
 upstreampush="${remote}:${user}/${repo}"
 upstreamgroup="upstream upstream-push"
-current=$(git remote get-url upstream 2>/dev/null)
-currentpush=$(git remote get-url upstream-push 2>/dev/null)
-currentgroup=$(git config remotes.upstreams)
+current=$( git remote get-url upstream 2>/dev/null )
+currentpush=$( git remote get-url upstream-push 2>/dev/null )
+currentgroup=$( git config remotes.upstreams )
 if [[ "${current}" == "${upstream}" ]]; then
     echo "Upstream already set up correctly. Skip"
 elif [[ -n "${current}" && "${current}" != "${upstream}" && "${current}" != "${upstreampush}" ]]; then
@@ -45,9 +45,9 @@ elif [[ -n "${current}" && "${current}" != "${upstream}" && "${current}" != "${u
 else
     if [[ "${current}" == "${upstreampush}" ]]; then
         echo "Upstream set to dangerous push URL. Update."
-        _run git remote rename upstream upstream-push ||
-            _run git remote remove upstream
-        currentpush=$(git remote get-url upstream-push 2>/dev/null)
+        _run git remote rename upstream upstream-push || \
+        _run git remote remove upstream
+        currentpush=$( git remote get-url upstream-push 2>/dev/null )
     fi
     _run git remote add upstream "${upstream}"
 fi

bin/git/squash-branches.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 
 if [[ $# -lt 3 || "$1" == "--help" || "$1" = "-h" ]]; then
-    name=$(basename $0)
-    cat <<-USAGE
+    name=$( basename $0 )
+    cat <<- USAGE
     Usage: $name workbranch base/branch user/branch [user/branch [...]]
 
     * workbranch will be created locally from base/branch
@@ -16,7 +16,7 @@ fi
 work="$1"
 shift
 
-branches=($(echo "${@}" | sed "s/:/\//"))
+branches=( $( echo "${@}" | sed "s/:/\//" ) )
 base="${branches[0]}"
 unset branches[0]
 
@@ -24,10 +24,10 @@ set -e
 
 users=()
 for b in "${branches[@]}"; do
-    users+=($(echo $b | cut -d/ -f1))
+    users+=( $( echo $b | cut -d/ -f1 ) )
 done
 
-users=($(printf '%s\n' "${users[@]}" | sort -u))
+users=( $( printf '%s\n' "${users[@]}" | sort -u ) )
 
 git fetch --multiple upstreams "${users[@]}"
 git checkout -B "$work" --no-track "$base"
@@ -40,7 +40,7 @@ done
 # Make sure the commits look right
 git log --show-signature "$base..HEAD"
 
-parts=($(echo $base | sed "s/\// /"))
+parts=( $( echo $base | sed "s/\// /" ) )
 repo="${parts[0]}"
 b="${parts[1]}"
 push=$repo
@@ -50,7 +50,7 @@ fi
 if [[ "$repo" == "upstream" ]]; then
     repo="upstreams"
 fi
-cat <<PUSH
+cat << PUSH
 
 -------------------------------------------------------------------
 This script will not push. Verify everything is correct, then push

bin/git/update-version.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 
 if [[ $# -ne 3 || "$1" == "--help" || "$1" = "-h" ]]; then
-    name=$(basename $0)
-    cat <<-USAGE
+    name=$( basename $0 )
+    cat <<- USAGE
     Usage: $name workbranch base/branch version
 
     * workbranch will be created locally from base/branch. If it exists,
@@ -16,7 +16,7 @@ fi
 work="$1"
 shift
 
-base=$(echo "$1" | sed "s/:/\//")
+base=$( echo "$1" | sed "s/:/\//" )
 shift
 
 version=$1
@@ -28,16 +28,16 @@ git fetch upstreams
 
 git checkout -B "${work}" --no-track "${base}"
 
-push=$(git rev-parse --abbrev-ref --symbolic-full-name '@{push}' \
-    2>/dev/null) || true
+push=$( git rev-parse --abbrev-ref --symbolic-full-name '@{push}' \
+    2>/dev/null ) || true
 if [[ "${push}" != "" ]]; then
     echo "Warning: ${push} may already exist."
 fi
 
-build=$(find -name BuildInfo.cpp)
-sed 's/\(^.*versionString =\).*$/\1 "'${version}'"/' ${build} >version.cpp &&
-    diff "${build}" version.cpp && exit 1 ||
-    mv -vi version.cpp ${build}
+build=$( find -name BuildInfo.cpp )
+sed 's/\(^.*versionString =\).*$/\1 "'${version}'"/' ${build} > version.cpp && \
+diff "${build}" version.cpp && exit 1 || \
+mv -vi version.cpp ${build}
 
 git diff
 
@@ -47,7 +47,7 @@ git commit -S -m "Set version to ${version}"
 
 git log --oneline --first-parent ${base}^..
 
-cat <<PUSH
+cat << PUSH
 
 -------------------------------------------------------------------
 This script will not push. Verify everything is correct, then push

bin/install-sanitizer-libs.sh

@@ -1,113 +0,0 @@
-#!/bin/bash
-# Install sanitizer runtime libraries required to run binaries compiled with:
-#   -fsanitize=address   → libasan.so.8
-#   -fsanitize=thread    → libtsan.so.2
-#   -fsanitize=undefined → libubsan.so.1
-#
-# The exact SONAMEs required depend on the compiler toolchain used to build the
-# test binaries (see nix/ci-env.nix). If the toolchain is bumped and SONAMEs
-# change, update the list below (or detect them from the binaries).
-#
-# Supported base images:
-#   debian:bookworm
-#   ubuntu:20.04
-#   rhel:9
-#   nixos/nix        — tests are skipped; this script is not called
-
-set -euo pipefail
-
-if [ ! -f /etc/os-release ]; then
-    echo "ERROR: /etc/os-release not found; cannot detect OS" >&2
-    exit 1
-fi
-
-# shellcheck source=/dev/null
-. /etc/os-release
-
-echo "Detected OS: ${ID} ${VERSION_ID:-}"
-
-case "${ID}" in
-    ubuntu | debian | rhel | centos | rocky | almalinux)
-        echo "Supported OS detected: ${ID}"
-        ;;
-    *)
-        echo "ERROR: unsupported OS '${ID}'. Supported: debian, ubuntu, rhel-family" >&2
-        exit 1
-        ;;
-esac
-
-function preinstall() {
-    case "${ID}" in
-        ubuntu)
-            apt-get update -y
-            apt-get install -y --no-install-recommends \
-                gnupg \
-                software-properties-common
-            add-apt-repository -y ppa:ubuntu-toolchain-r/test
-            ;;
-    esac
-}
-
-function install() {
-    case "${ID}" in
-        debian | ubuntu)
-            apt-get update -y
-            apt-get install -y --no-install-recommends \
-                libasan8 \
-                libtsan2 \
-                libubsan1
-            ;;
-
-        rhel | centos | rocky | almalinux)
-            dnf install -y \
-                libasan8 \
-                libtsan2 \
-                libubsan
-            ;;
-    esac
-}
-
-function postinstall() {
-    # Don't clear cache in non-CI environments
-    if [ -z "${CI:-}" ]; then
-        echo "Not running in CI environment; skipping cache cleanup"
-        return
-    fi
-
-    case "${ID}" in
-        debian | ubuntu)
-            apt-get clean
-            rm -rf /var/lib/apt/lists/*
-            ;;
-
-        rhel | centos | rocky | almalinux)
-            dnf clean -y all
-            rm -rf /var/cache/dnf/*
-            ;;
-    esac
-}
-
-function verify() {
-    # Verify that every expected library is now resolvable by the dynamic linker.
-    missing=0
-    for lib in libasan.so.8 libtsan.so.2 libubsan.so.1; do
-        if ldconfig -p | grep -q "${lib}"; then
-            echo "OK: ${lib} found"
-        else
-            echo "ERROR: ${lib} not found after installation" >&2
-            missing=$((missing + 1))
-        fi
-    done
-
-    if [ "${missing}" -ne 0 ]; then
-        echo "ERROR: ${missing} library/libraries missing" >&2
-        exit 1
-    fi
-}
-
-preinstall
-install
-postinstall
-verify
-
-echo "All sanitizer runtime libraries installed successfully."

bin/pre-commit/clang_tidy_check.py

@@ -168,13 +168,7 @@ def main():
     if not os.environ.get("TIDY"):
         return 0
 
-    repo_root = Path(
-        subprocess.check_output(
-            ["git", "rev-parse", "--show-toplevel"],
-            cwd=Path(__file__).parent,
-            text=True,
-        ).strip()
-    )
+    repo_root = Path(__file__).parent.parent
     files = staged_files(repo_root)
     if not files:
         return 0

cfg/validators-example.txt

@@ -28,7 +28,7 @@
 #    https://vl.ripple.com
 #    https://unl.xrplf.org
 #    http://127.0.0.1:8000
-#    file:///etc/xrpld/vl.txt
+#    file:///etc/opt/xrpld/vl.txt
 #
 # [validator_list_keys]
 #

cfg/xrpld-example.cfg

@@ -527,17 +527,6 @@
 #
 #       The current default (which is subject to change) is 300 seconds.
 #
-#   verify_endpoints = <0 | 1>
-#
-#       If set to 0, the server will skip validation of endpoint
-#       addresses received in TMEndpoints peer protocol messages,
-#       allowing addresses that are not publicly routable or have a
-#       port of 0. The default is 1 (verification enabled).
-#
-#       WARNING: Disabling this option is a security risk and should
-#       only be used for local testing and debugging. Do not disable
-#       on mainnet.
-#
 #
 # [transaction_queue] EXPERIMENTAL
 #
@@ -953,21 +942,6 @@
 #
 #   Optional keys for NuDB and RocksDB:
 #
-#       cache_size          Size of cache for database records. Default is 16384.
-#                           Setting this value to 0 will use the default value.
-#
-#       cache_age           Length of time in minutes to keep database records
-#                           cached. Default is 5 minutes. Setting this value to
-#                           0 will use the default value.
-#
-#                           Note: if cache_size or cache_age is not specified,
-#                           default values will be used for the unspecified
-#                           parameter.
-#
-#                           Note: the cache will not be created if online_delete
-#                           is specified, because the rotating NodeStore does
-#                           not use this cache).
-#
 #       fast_load           Boolean. If set, load the last persisted ledger
 #                           from disk upon process start before syncing to
 #                           the network. This is likely to improve performance
@@ -1284,7 +1258,7 @@
 #       default. Don't change this without understanding the consequences.
 #
 #       Example:
-#           account_reserve = 1000000   # 1 XRP
+#           account_reserve = 10000000   # 10 XRP
 #
 #   owner_reserve = <drops>
 #
@@ -1296,7 +1270,7 @@
 #       default. Don't change this without understanding the consequences.
 #
 #       Example:
-#           owner_reserve = 200000      # 0.2 XRP
+#           owner_reserve = 2000000      # 2 XRP
 #
 #-------------------------------------------------------------------------------
 #
@@ -1481,7 +1455,10 @@ admin = 127.0.0.1
 protocol = http
 
 [port_peer]
-port = 2459
+# Many servers still use the legacy port of 51235, so for backward-compatibility
+# we maintain that port number here. However, for new servers we recommend
+# changing this to the default port of 2459.
+port = 51235
 ip = 0.0.0.0
 # alternatively, to accept connections on IPv4 + IPv6, use:
 #ip = ::

cmake/XrplAddTest.cmake

@@ -0,0 +1,22 @@
+include(isolate_headers)
+
+function(xrpl_add_test name)
+    set(target ${PROJECT_NAME}.test.${name})
+
+    file(
+        GLOB_RECURSE sources
+        CONFIGURE_DEPENDS
+        "${CMAKE_CURRENT_SOURCE_DIR}/${name}/*.cpp"
+        "${CMAKE_CURRENT_SOURCE_DIR}/${name}.cpp"
+    )
+    add_executable(${target} ${ARGN} ${sources})
+
+    isolate_headers(
+        ${target}
+        "${CMAKE_SOURCE_DIR}"
+        "${CMAKE_SOURCE_DIR}/tests/${name}"
+        PRIVATE
+    )
+
+    add_test(NAME ${target} COMMAND ${target})
+endfunction()

cmake/XrplCompiler.cmake

@@ -145,39 +145,13 @@ else()
         INTERFACE
             -rdynamic
             $<$<BOOL:${is_linux}>:-Wl,-z,relro,-z,now,--build-id>
-            # link to static libc/c++ if:
-            # * static option set and
-            # * NOT APPLE (AppleClang does not support static libc/c++)
-            $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>>:
+            # link to static libc/c++ iff: * static option set and * NOT APPLE (AppleClang does not support static
+            # libc/c++) and * NOT SANITIZERS (sanitizers typically don't work with static libc/c++)
+            $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>,$<NOT:$<BOOL:${SANITIZERS_ENABLED}>>>:
             -static-libstdc++
             -static-libgcc
             >
     )
-
-    # Keep -stdlib=libstdc++ off the compile commands, but preserve it for linking.
-    #
-    # Conan turns `compiler.libcxx=libstdc++` into `-stdlib=libstdc++` and puts it in
-    # CMAKE_CXX_FLAGS, which CMake passes to BOTH compile and link steps. On a normal Clang
-    # the compile step consumes it while choosing the C++ stdlib include paths. The Nixpkgs
-    # Clang wrapper supplies those paths itself (via -nostdinc++), so at compile time the
-    # flag is unused -> Clang errors under our -Werror. At link time the flag IS consumed
-    # (it selects the C++ runtime), so we move it there instead of dropping it entirely.
-    get_filename_component(_cxx_real "${CMAKE_CXX_COMPILER}" REALPATH)
-    if(
-        _cxx_real MATCHES "^/nix/store/"
-        AND is_linux
-        AND is_clang
-        AND CMAKE_CXX_FLAGS MATCHES "stdlib=libstdc"
-    )
-        string(
-            REPLACE "-stdlib=libstdc++"
-            ""
-            CMAKE_CXX_FLAGS
-            "${CMAKE_CXX_FLAGS}"
-        )
-        string(STRIP "${CMAKE_CXX_FLAGS}" CMAKE_CXX_FLAGS)
-        add_link_options($<$<LINK_LANGUAGE:CXX>:-stdlib=libstdc++>)
-    endif()
 endif()
 
 # Antithesis instrumentation will only be built and deployed using machines running Linux.

cmake/XrplCore.cmake

@@ -94,9 +94,6 @@ add_module(xrpl basics)
 target_link_libraries(xrpl.libxrpl.basics PUBLIC xrpl.libxrpl.beast)
 
 # Level 03
-add_module(xrpl config)
-target_link_libraries(xrpl.libxrpl.config PUBLIC xrpl.libxrpl.basics)
-
 add_module(xrpl json)
 target_link_libraries(xrpl.libxrpl.json PUBLIC xrpl.libxrpl.basics)
 
@@ -123,7 +120,6 @@ target_link_libraries(
     xrpl.libxrpl.core
     PUBLIC
         xrpl.libxrpl.basics
-        xrpl.libxrpl.config
         xrpl.libxrpl.json
         xrpl.libxrpl.protocol
         xrpl.libxrpl.protocol_autogen
@@ -147,11 +143,7 @@ target_link_libraries(
 add_module(xrpl nodestore)
 target_link_libraries(
     xrpl.libxrpl.nodestore
-    PUBLIC
-        xrpl.libxrpl.basics
-        xrpl.libxrpl.config
-        xrpl.libxrpl.json
-        xrpl.libxrpl.protocol
+    PUBLIC xrpl.libxrpl.basics xrpl.libxrpl.json xrpl.libxrpl.protocol
 )
 
 add_module(xrpl shamap)
@@ -167,14 +159,13 @@ target_link_libraries(
 add_module(xrpl rdb)
 target_link_libraries(
     xrpl.libxrpl.rdb
-    PUBLIC xrpl.libxrpl.basics xrpl.libxrpl.config xrpl.libxrpl.core
+    PUBLIC xrpl.libxrpl.basics xrpl.libxrpl.core
 )
 
 add_module(xrpl server)
 target_link_libraries(
     xrpl.libxrpl.server
     PUBLIC
-        xrpl.libxrpl.config
         xrpl.libxrpl.protocol
         xrpl.libxrpl.core
         xrpl.libxrpl.rdb
@@ -219,7 +210,6 @@ target_link_modules(
     basics
     beast
     conditions
-    config
     core
     crypto
     git

cmake/XrplCov.cmake

@@ -47,7 +47,7 @@ setup_target_for_coverage_gcovr(
         "include/xrpl/beast/test"
         "include/xrpl/beast/unit_test"
         "${CMAKE_BINARY_DIR}/pb-xrpl.libpb"
-    DEPENDENCIES xrpld xrpl_tests
+    DEPENDENCIES xrpld xrpl.tests
 )
 
 add_code_coverage_to_target(opts INTERFACE)

cmake/XrplPackaging.cmake

@@ -1,44 +0,0 @@
-#[===================================================================[
-   Linux packaging support: 'package' target.
-
-   The packaging script (package/build_pkg.sh) installs to FHS-standard
-   paths (/usr/bin, /etc/xrpld, etc.) regardless of CMAKE_INSTALL_PREFIX,
-   so no prefix guard is needed here.
-#]===================================================================]
-if(NOT is_linux)
-    message(STATUS "Packaging not supported on non-Linux hosts")
-    return()
-endif()
-
-if(NOT DEFINED pkg_release)
-    set(pkg_release 1)
-endif()
-
-find_program(RPMBUILD_EXECUTABLE rpmbuild)
-find_program(DPKG_BUILDPACKAGE_EXECUTABLE dpkg-buildpackage)
-
-if(NOT (RPMBUILD_EXECUTABLE OR DPKG_BUILDPACKAGE_EXECUTABLE))
-    message(
-        STATUS
-        "Neither rpmbuild nor dpkg-buildpackage found; 'package' target not available"
-    )
-    return()
-endif()
-
-set(package_env
-    SRC_DIR=${CMAKE_SOURCE_DIR}
-    BUILD_DIR=${CMAKE_BINARY_DIR}
-    PKG_VERSION=${xrpld_version}
-    PKG_RELEASE=${pkg_release}
-)
-
-add_custom_target(
-    package
-    COMMAND
-        ${CMAKE_COMMAND} -E env ${package_env}
-        ${CMAKE_SOURCE_DIR}/package/build_pkg.sh
-    WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
-    DEPENDS xrpld
-    COMMENT "Building Linux package (deb/rpm inferred from host tooling)"
-    VERBATIM
-)

cmake/XrplSanitizers.cmake

@@ -1,33 +1,140 @@
 #[===================================================================[
-   Apply sanitizer flags built by the Conan profile.
+   Configure sanitizers based on environment variables.
 
-   Parsing, validation, and flag construction are performed in conan/profiles/sanitizers.
-   This module reads the following CMake variables injected by the Conan toolchain via extra_variables:
+   This module reads the following environment variables:
+   - SANITIZERS: The sanitizers to enable. Possible values:
+     - "address"
+     - "address,undefinedbehavior"
+     - "thread"
+     - "thread,undefinedbehavior"
+     - "undefinedbehavior"
 
-   - SANITIZERS:                The active sanitizers (e.g. "address,undefinedbehavior").
-   - SANITIZERS_COMPILER_FLAGS: Space-separated compiler flags.
-   - SANITIZERS_LINKER_FLAGS:   Space-separated linker flags.
+   The compiler type and platform are detected in CompilationEnv.cmake.
+   The sanitizer compile options are applied to the 'common' interface library
+   which is linked to all targets in the project.
 
-   The flags are applied to the 'common' interface library which is linked to all targets in the project.
+   Internal flag variables set by this module:
+
+   - SANITIZER_TYPES: List of sanitizer types to enable (e.g., "address",
+     "thread", "undefined"). And two more flags for undefined behavior sanitizer (e.g., "float-divide-by-zero", "unsigned-integer-overflow").
+     This list is joined with commas and passed to -fsanitize=<list>.
+
+   - SANITIZERS_COMPILE_FLAGS: Compiler flags for sanitizer instrumentation.
+     Includes:
+     * -fno-omit-frame-pointer: Preserves frame pointers for stack traces
+     * -O1: Minimum optimization for reasonable performance
+     * -fsanitize=<types>: Enables sanitizer instrumentation
+     * -fsanitize-ignorelist=<path>: (Clang only) Compile-time ignorelist
+     * -mcmodel=large/medium: (GCC only) Code model for large binaries
+     * -Wno-stringop-overflow: (GCC only) Suppresses false positive warnings
+     * -Wno-tsan: (For GCC TSAN combination only) Suppresses atomic_thread_fence warnings
+
+   - SANITIZERS_LINK_FLAGS: Linker flags for sanitizer runtime libraries.
+     Includes:
+     * -fsanitize=<types>: Links sanitizer runtime libraries
+     * -mcmodel=large/medium: (GCC only) Matches compile-time code model
+
+   - SANITIZERS_RELOCATION_FLAGS: (GCC only, x86_64 only) Code model flags for linking.
+     Used to handle large instrumented binaries on x86_64:
+     * -mcmodel=large: For AddressSanitizer (prevents relocation errors)
+     * -mcmodel=medium: For ThreadSanitizer (large model is incompatible)
+     On ARM64, these flags are omitted since GCC does not support
+     -mcmodel=large with -fPIC, and -mcmodel=medium does not exist.
 #]===================================================================]
 
-include_guard(GLOBAL)
 include(CompilationEnv)
 
-if(NOT DEFINED SANITIZERS)
+# Read environment variable
+set(SANITIZERS "")
+if(DEFINED ENV{SANITIZERS})
+    set(SANITIZERS "$ENV{SANITIZERS}")
+endif()
+
+# Set SANITIZERS_ENABLED flag for use in other modules
+if(SANITIZERS MATCHES "address|thread|undefinedbehavior")
+    set(SANITIZERS_ENABLED TRUE)
+else()
     set(SANITIZERS_ENABLED FALSE)
     return()
 endif()
-set(SANITIZERS_ENABLED TRUE)
 
-message(STATUS "=== Configuring Sanitizers ===")
-message(STATUS "  SANITIZERS: ${SANITIZERS}")
-message(STATUS "  Compile flags: ${SANITIZERS_COMPILER_FLAGS}")
-message(STATUS "  Link flags: ${SANITIZERS_LINKER_FLAGS}")
+# Sanitizers are not supported on Windows/MSVC
+if(is_msvc)
+    message(
+        FATAL_ERROR
+        "Sanitizers are not supported on Windows/MSVC. "
+        "Please unset the SANITIZERS environment variable."
+    )
+endif()
 
-# GCC with sanitizers is incompatible with mold, gold, and lld linkers.
-# Namely, the instrumented binary exceeds size limits imposed by these linkers.
+message(STATUS "Configuring sanitizers: ${SANITIZERS}")
+
+# Parse SANITIZERS value to determine which sanitizers to enable
+set(enable_asan FALSE)
+set(enable_tsan FALSE)
+set(enable_ubsan FALSE)
+
+# Normalize SANITIZERS into a list
+set(san_list "${SANITIZERS}")
+string(REPLACE "," ";" san_list "${san_list}")
+separate_arguments(san_list)
+
+foreach(san IN LISTS san_list)
+    if(san STREQUAL "address")
+        set(enable_asan TRUE)
+    elseif(san STREQUAL "thread")
+        set(enable_tsan TRUE)
+    elseif(san STREQUAL "undefinedbehavior")
+        set(enable_ubsan TRUE)
+    else()
+        message(
+            FATAL_ERROR
+            "Unsupported sanitizer type: ${san}"
+            "Supported: address, thread, undefinedbehavior and their combinations."
+        )
+    endif()
+endforeach()
+
+# Validate sanitizer compatibility
+if(enable_asan AND enable_tsan)
+    message(
+        FATAL_ERROR
+        "AddressSanitizer and ThreadSanitizer are incompatible and cannot be enabled simultaneously. "
+        "Use 'address' or 'thread', optionally with 'undefinedbehavior'."
+    )
+endif()
+
+# Frame pointer is required for meaningful stack traces. Sanitizers recommend minimum of -O1 for reasonable performance
+set(SANITIZERS_COMPILE_FLAGS "-fno-omit-frame-pointer" "-O1")
+
+# Build the sanitizer flags list
+set(SANITIZER_TYPES)
+
+if(enable_asan)
+    list(APPEND SANITIZER_TYPES "address")
+elseif(enable_tsan)
+    list(APPEND SANITIZER_TYPES "thread")
+endif()
+
+if(enable_ubsan)
+    # UB sanitizer flags
+    list(APPEND SANITIZER_TYPES "undefined" "float-divide-by-zero")
+    if(is_clang)
+        # Clang supports additional UB checks. More info here
+        # https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
+        list(APPEND SANITIZER_TYPES "unsigned-integer-overflow")
+    endif()
+endif()
+
+# Configure code model for GCC on amd64 Use large code model for ASAN to avoid relocation errors Use medium code model
+# for TSAN (large is not compatible with TSAN)
+set(SANITIZERS_RELOCATION_FLAGS)
+
+# Compiler-specific configuration
 if(is_gcc)
+    # Disable mold, gold and lld linkers for GCC with sanitizers Use default linker (bfd/ld) which is more lenient with
+    # mixed code models This is needed since the size of instrumented binary exceeds the limits set by mold, lld and
+    # gold linkers
     set(use_mold OFF CACHE BOOL "Use mold linker" FORCE)
     set(use_gold OFF CACHE BOOL "Use gold linker" FORCE)
     set(use_lld OFF CACHE BOOL "Use lld linker" FORCE)
@@ -35,62 +142,82 @@ if(is_gcc)
         STATUS
         "  Disabled mold, gold, and lld linkers for GCC with sanitizers"
     )
+
+    # Suppress false positive warnings in GCC with stringop-overflow
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-Wno-stringop-overflow")
+
+    if(is_amd64 AND enable_asan)
+        message(STATUS "  Using large code model (-mcmodel=large)")
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=large")
+        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=large")
+    elseif(enable_tsan)
+        # GCC doesn't support atomic_thread_fence with tsan. Suppress warnings.
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-Wno-tsan")
+        if(is_amd64)
+            message(STATUS "  Using medium code model (-mcmodel=medium)")
+            list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=medium")
+            list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=medium")
+        endif()
+    endif()
+
+    # Join sanitizer flags with commas for -fsanitize option
+    list(JOIN SANITIZER_TYPES "," SANITIZER_TYPES_STR)
+
+    # Add sanitizer to compile and link flags
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+    set(SANITIZERS_LINK_FLAGS
+        "${SANITIZERS_RELOCATION_FLAGS}"
+        "-fsanitize=${SANITIZER_TYPES_STR}"
+    )
+elseif(is_clang)
+    # Add ignorelist for Clang (GCC doesn't support this) Use CMAKE_SOURCE_DIR to get the path to the ignorelist
+    set(IGNORELIST_PATH
+        "${CMAKE_SOURCE_DIR}/sanitizers/suppressions/sanitizer-ignorelist.txt"
+    )
+    if(NOT EXISTS "${IGNORELIST_PATH}")
+        message(
+            FATAL_ERROR
+            "Sanitizer ignorelist not found: ${IGNORELIST_PATH}"
+        )
+    endif()
+
+    list(
+        APPEND SANITIZERS_COMPILE_FLAGS
+        "-fsanitize-ignorelist=${IGNORELIST_PATH}"
+    )
+    message(STATUS "  Using sanitizer ignorelist: ${IGNORELIST_PATH}")
+
+    # Join sanitizer flags with commas for -fsanitize option
+    list(JOIN SANITIZER_TYPES "," SANITIZER_TYPES_STR)
+
+    # Add sanitizer to compile and link flags
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+    set(SANITIZERS_LINK_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
 endif()
 
-# Flags arrive as space-separated strings; split into CMake lists before use
-separate_arguments(
-    sanitizers_compiler_flags
-    UNIX_COMMAND
-    "${SANITIZERS_COMPILER_FLAGS}"
-)
-separate_arguments(
-    sanitizers_linker_flags
-    UNIX_COMMAND
-    "${SANITIZERS_LINKER_FLAGS}"
-)
+message(STATUS "  Compile flags: ${SANITIZERS_COMPILE_FLAGS}")
+message(STATUS "  Link flags: ${SANITIZERS_LINK_FLAGS}")
 
+# Apply the sanitizer flags to the 'common' interface library This is the same library used by XrplCompiler.cmake
 target_compile_options(
     common
     INTERFACE
-        $<$<COMPILE_LANGUAGE:CXX>:${sanitizers_compiler_flags}>
-        $<$<COMPILE_LANGUAGE:C>:${sanitizers_compiler_flags}>
+        $<$<COMPILE_LANGUAGE:CXX>:${SANITIZERS_COMPILE_FLAGS}>
+        $<$<COMPILE_LANGUAGE:C>:${SANITIZERS_COMPILE_FLAGS}>
 )
-target_link_options(common INTERFACE ${sanitizers_linker_flags})
 
-# This module appends -fsanitize-ignorelist=<path> for Clang builds.
-# The ignorelist path contains CMAKE_SOURCE_DIR, so it must be set here, rather than in the Conan profile.
-# GCC does not support -fsanitize-ignorelist.
-if(is_clang)
-    set(ignorelist_path
-        "${CMAKE_SOURCE_DIR}/sanitizers/suppressions/sanitizer-ignorelist.txt"
-    )
-    if(NOT EXISTS "${ignorelist_path}")
-        message(
-            FATAL_ERROR
-            "Sanitizer ignorelist not found: ${ignorelist_path}"
-        )
-    endif()
-    target_compile_options(
-        common
-        INTERFACE
-            $<$<COMPILE_LANGUAGE:CXX>:-fsanitize-ignorelist=${ignorelist_path}>
-            $<$<COMPILE_LANGUAGE:C>:-fsanitize-ignorelist=${ignorelist_path}>
-    )
-    message(STATUS "  Ignorelist: ${ignorelist_path}")
-endif()
+# Apply linker flags
+target_link_options(common INTERFACE ${SANITIZERS_LINK_FLAGS})
 
 # Define SANITIZERS macro for BuildInfo.cpp
 set(sanitizers_list)
-if(SANITIZERS MATCHES "address")
-    set(enable_asan ON)
+if(enable_asan)
     list(APPEND sanitizers_list "ASAN")
 endif()
-if(SANITIZERS MATCHES "thread")
-    set(enable_tsan ON)
+if(enable_tsan)
     list(APPEND sanitizers_list "TSAN")
 endif()
-if(SANITIZERS MATCHES "undefinedbehavior")
-    set(enable_ubsan ON)
+if(enable_ubsan)
     list(APPEND sanitizers_list "UBSAN")
 endif()
 

cmake/scripts/codegen/requirements.in

@@ -1,13 +0,0 @@
-# Python dependencies for XRP Ledger code generation scripts
-#
-# These packages are required to run the code generation scripts that
-# parse macro files and generate C++ wrapper classes.
-
-# C preprocessor for Python - used to preprocess macro files
-pcpp>=1.30
-
-# Parser combinator library - used to parse the macro DSL
-pyparsing>=3.0.0
-
-# Template engine - used to generate C++ code from templates
-Mako>=1.2.2

cmake/scripts/codegen/requirements.txt

@@ -1,105 +1,13 @@
-# This file was autogenerated by uv via the following command:
-#    uv pip compile requirements.in --generate-hashes --output-file requirements.txt
-mako==1.3.12 \
-    --hash=sha256:8f61569480282dbf557145ce441e4ba888be453c30989f879f0d652e39f53ea9 \
-    --hash=sha256:9f778e93289bd410bb35daadeb4fc66d95a746f0b75777b942088b7fd7af550a
-    # via -r requirements.in
-markupsafe==3.0.3 \
-    --hash=sha256:0303439a41979d9e74d18ff5e2dd8c43ed6c6001fd40e5bf2e43f7bd9bbc523f \
-    --hash=sha256:068f375c472b3e7acbe2d5318dea141359e6900156b5b2ba06a30b169086b91a \
-    --hash=sha256:0bf2a864d67e76e5c9a34dc26ec616a66b9888e25e7b9460e1c76d3293bd9dbf \
-    --hash=sha256:0db14f5dafddbb6d9208827849fad01f1a2609380add406671a26386cdf15a19 \
-    --hash=sha256:0eb9ff8191e8498cca014656ae6b8d61f39da5f95b488805da4bb029cccbfbaf \
-    --hash=sha256:0f4b68347f8c5eab4a13419215bdfd7f8c9b19f2b25520968adfad23eb0ce60c \
-    --hash=sha256:1085e7fbddd3be5f89cc898938f42c0b3c711fdcb37d75221de2666af647c175 \
-    --hash=sha256:116bb52f642a37c115f517494ea5feb03889e04df47eeff5b130b1808ce7c219 \
-    --hash=sha256:12c63dfb4a98206f045aa9563db46507995f7ef6d83b2f68eda65c307c6829eb \
-    --hash=sha256:133a43e73a802c5562be9bbcd03d090aa5a1fe899db609c29e8c8d815c5f6de6 \
-    --hash=sha256:1353ef0c1b138e1907ae78e2f6c63ff67501122006b0f9abad68fda5f4ffc6ab \
-    --hash=sha256:15d939a21d546304880945ca1ecb8a039db6b4dc49b2c5a400387cdae6a62e26 \
-    --hash=sha256:177b5253b2834fe3678cb4a5f0059808258584c559193998be2601324fdeafb1 \
-    --hash=sha256:1872df69a4de6aead3491198eaf13810b565bdbeec3ae2dc8780f14458ec73ce \
-    --hash=sha256:1b4b79e8ebf6b55351f0d91fe80f893b4743f104bff22e90697db1590e47a218 \
-    --hash=sha256:1b52b4fb9df4eb9ae465f8d0c228a00624de2334f216f178a995ccdcf82c4634 \
-    --hash=sha256:1ba88449deb3de88bd40044603fafffb7bc2b055d626a330323a9ed736661695 \
-    --hash=sha256:1cc7ea17a6824959616c525620e387f6dd30fec8cb44f649e31712db02123dad \
-    --hash=sha256:218551f6df4868a8d527e3062d0fb968682fe92054e89978594c28e642c43a73 \
-    --hash=sha256:26a5784ded40c9e318cfc2bdb30fe164bdb8665ded9cd64d500a34fb42067b1c \
-    --hash=sha256:2713baf880df847f2bece4230d4d094280f4e67b1e813eec43b4c0e144a34ffe \
-    --hash=sha256:2a15a08b17dd94c53a1da0438822d70ebcd13f8c3a95abe3a9ef9f11a94830aa \
-    --hash=sha256:2f981d352f04553a7171b8e44369f2af4055f888dfb147d55e42d29e29e74559 \
-    --hash=sha256:32001d6a8fc98c8cb5c947787c5d08b0a50663d139f1305bac5885d98d9b40fa \
-    --hash=sha256:3524b778fe5cfb3452a09d31e7b5adefeea8c5be1d43c4f810ba09f2ceb29d37 \
-    --hash=sha256:3537e01efc9d4dccdf77221fb1cb3b8e1a38d5428920e0657ce299b20324d758 \
-    --hash=sha256:35add3b638a5d900e807944a078b51922212fb3dedb01633a8defc4b01a3c85f \
-    --hash=sha256:38664109c14ffc9e7437e86b4dceb442b0096dfe3541d7864d9cbe1da4cf36c8 \
-    --hash=sha256:3a7e8ae81ae39e62a41ec302f972ba6ae23a5c5396c8e60113e9066ef893da0d \
-    --hash=sha256:3b562dd9e9ea93f13d53989d23a7e775fdfd1066c33494ff43f5418bc8c58a5c \
-    --hash=sha256:457a69a9577064c05a97c41f4e65148652db078a3a509039e64d3467b9e7ef97 \
-    --hash=sha256:4bd4cd07944443f5a265608cc6aab442e4f74dff8088b0dfc8238647b8f6ae9a \
-    --hash=sha256:4e885a3d1efa2eadc93c894a21770e4bc67899e3543680313b09f139e149ab19 \
-    --hash=sha256:4faffd047e07c38848ce017e8725090413cd80cbc23d86e55c587bf979e579c9 \
-    --hash=sha256:509fa21c6deb7a7a273d629cf5ec029bc209d1a51178615ddf718f5918992ab9 \
-    --hash=sha256:5678211cb9333a6468fb8d8be0305520aa073f50d17f089b5b4b477ea6e67fdc \
-    --hash=sha256:591ae9f2a647529ca990bc681daebdd52c8791ff06c2bfa05b65163e28102ef2 \
-    --hash=sha256:5a7d5dc5140555cf21a6fefbdbf8723f06fcd2f63ef108f2854de715e4422cb4 \
-    --hash=sha256:69c0b73548bc525c8cb9a251cddf1931d1db4d2258e9599c28c07ef3580ef354 \
-    --hash=sha256:6b5420a1d9450023228968e7e6a9ce57f65d148ab56d2313fcd589eee96a7a50 \
-    --hash=sha256:722695808f4b6457b320fdc131280796bdceb04ab50fe1795cd540799ebe1698 \
-    --hash=sha256:729586769a26dbceff69f7a7dbbf59ab6572b99d94576a5592625d5b411576b9 \
-    --hash=sha256:77f0643abe7495da77fb436f50f8dab76dbc6e5fd25d39589a0f1fe6548bfa2b \
-    --hash=sha256:795e7751525cae078558e679d646ae45574b47ed6e7771863fcc079a6171a0fc \
-    --hash=sha256:7be7b61bb172e1ed687f1754f8e7484f1c8019780f6f6b0786e76bb01c2ae115 \
-    --hash=sha256:7c3fb7d25180895632e5d3148dbdc29ea38ccb7fd210aa27acbd1201a1902c6e \
-    --hash=sha256:7e68f88e5b8799aa49c85cd116c932a1ac15caaa3f5db09087854d218359e485 \
-    --hash=sha256:83891d0e9fb81a825d9a6d61e3f07550ca70a076484292a70fde82c4b807286f \
-    --hash=sha256:8485f406a96febb5140bfeca44a73e3ce5116b2501ac54fe953e488fb1d03b12 \
-    --hash=sha256:8709b08f4a89aa7586de0aadc8da56180242ee0ada3999749b183aa23df95025 \
-    --hash=sha256:8f71bc33915be5186016f675cd83a1e08523649b0e33efdb898db577ef5bb009 \
-    --hash=sha256:915c04ba3851909ce68ccc2b8e2cd691618c4dc4c4232fb7982bca3f41fd8c3d \
-    --hash=sha256:949b8d66bc381ee8b007cd945914c721d9aba8e27f71959d750a46f7c282b20b \
-    --hash=sha256:94c6f0bb423f739146aec64595853541634bde58b2135f27f61c1ffd1cd4d16a \
-    --hash=sha256:9a1abfdc021a164803f4d485104931fb8f8c1efd55bc6b748d2f5774e78b62c5 \
-    --hash=sha256:9b79b7a16f7fedff2495d684f2b59b0457c3b493778c9eed31111be64d58279f \
-    --hash=sha256:a320721ab5a1aba0a233739394eb907f8c8da5c98c9181d1161e77a0c8e36f2d \
-    --hash=sha256:a4afe79fb3de0b7097d81da19090f4df4f8d3a2b3adaa8764138aac2e44f3af1 \
-    --hash=sha256:ad2cf8aa28b8c020ab2fc8287b0f823d0a7d8630784c31e9ee5edea20f406287 \
-    --hash=sha256:b8512a91625c9b3da6f127803b166b629725e68af71f8184ae7e7d54686a56d6 \
-    --hash=sha256:bc51efed119bc9cfdf792cdeaa4d67e8f6fcccab66ed4bfdd6bde3e59bfcbb2f \
-    --hash=sha256:bdc919ead48f234740ad807933cdf545180bfbe9342c2bb451556db2ed958581 \
-    --hash=sha256:bdd37121970bfd8be76c5fb069c7751683bdf373db1ed6c010162b2a130248ed \
-    --hash=sha256:be8813b57049a7dc738189df53d69395eba14fb99345e0a5994914a3864c8a4b \
-    --hash=sha256:c0c0b3ade1c0b13b936d7970b1d37a57acde9199dc2aecc4c336773e1d86049c \
-    --hash=sha256:c47a551199eb8eb2121d4f0f15ae0f923d31350ab9280078d1e5f12b249e0026 \
-    --hash=sha256:c4ffb7ebf07cfe8931028e3e4c85f0357459a3f9f9490886198848f4fa002ec8 \
-    --hash=sha256:ccfcd093f13f0f0b7fdd0f198b90053bf7b2f02a3927a30e63f3ccc9df56b676 \
-    --hash=sha256:d2ee202e79d8ed691ceebae8e0486bd9a2cd4794cec4824e1c99b6f5009502f6 \
-    --hash=sha256:d53197da72cc091b024dd97249dfc7794d6a56530370992a5e1a08983ad9230e \
-    --hash=sha256:d6dd0be5b5b189d31db7cda48b91d7e0a9795f31430b7f271219ab30f1d3ac9d \
-    --hash=sha256:d88b440e37a16e651bda4c7c2b930eb586fd15ca7406cb39e211fcff3bf3017d \
-    --hash=sha256:de8a88e63464af587c950061a5e6a67d3632e36df62b986892331d4620a35c01 \
-    --hash=sha256:df2449253ef108a379b8b5d6b43f4b1a8e81a061d6537becd5582fba5f9196d7 \
-    --hash=sha256:e1c1493fb6e50ab01d20a22826e57520f1284df32f2d8601fdd90b6304601419 \
-    --hash=sha256:e1cf1972137e83c5d4c136c43ced9ac51d0e124706ee1c8aa8532c1287fa8795 \
-    --hash=sha256:e2103a929dfa2fcaf9bb4e7c091983a49c9ac3b19c9061b6d5427dd7d14d81a1 \
-    --hash=sha256:e56b7d45a839a697b5eb268c82a71bd8c7f6c94d6fd50c3d577fa39a9f1409f5 \
-    --hash=sha256:e8afc3f2ccfa24215f8cb28dcf43f0113ac3c37c2f0f0806d8c70e4228c5cf4d \
-    --hash=sha256:e8fc20152abba6b83724d7ff268c249fa196d8259ff481f3b1476383f8f24e42 \
-    --hash=sha256:eaa9599de571d72e2daf60164784109f19978b327a3910d3e9de8c97b5b70cfe \
-    --hash=sha256:ec15a59cf5af7be74194f7ab02d0f59a62bdcf1a537677ce67a2537c9b87fcda \
-    --hash=sha256:f190daf01f13c72eac4efd5c430a8de82489d9cff23c364c3ea822545032993e \
-    --hash=sha256:f34c41761022dd093b4b6896d4810782ffbabe30f2d443ff5f083e0cbbb8c737 \
-    --hash=sha256:f3e98bb3798ead92273dc0e5fd0f31ade220f59a266ffd8a4f6065e0a3ce0523 \
-    --hash=sha256:f42d0984e947b8adf7dd6dde396e720934d12c506ce84eea8476409563607591 \
-    --hash=sha256:f71a396b3bf33ecaa1626c255855702aca4d3d9fea5e051b41ac59a9c1c41edc \
-    --hash=sha256:f9e130248f4462aaa8e2552d547f36ddadbeaa573879158d721bbd33dfe4743a \
-    --hash=sha256:fed51ac40f757d41b7c48425901843666a6677e3e8eb0abcff09e4ba6e664f50
-    # via mako
-pcpp==1.30 \
-    --hash=sha256:05fe08292b6da57f385001c891a87f40d6aa7f46787b03e8ba326d20a3297c6e \
-    --hash=sha256:5af9fbce55f136d7931ae915fae03c34030a3b36c496e72d9636cedc8e2543a1
-    # via -r requirements.in
-pyparsing==3.3.2 \
-    --hash=sha256:850ba148bd908d7e2411587e247a1e4f0327839c40e2e5e6d05a007ecc69911d \
-    --hash=sha256:c777f4d763f140633dcb6d8a3eda953bf7a214dc4eff598413c070bcdc117cbc
-    # via -r requirements.in
+# Python dependencies for XRP Ledger code generation scripts
+#
+# These packages are required to run the code generation scripts that
+# parse macro files and generate C++ wrapper classes.
+
+# C preprocessor for Python - used to preprocess macro files
+pcpp>=1.30
+
+# Parser combinator library - used to parse the macro DSL
+pyparsing>=3.0.0
+
+# Template engine - used to generate C++ code from templates
+Mako>=1.2.0

cmake/scripts/codegen/templates/LedgerEntry.h.mako

@@ -33,7 +33,7 @@ public:
      * @brief Construct a ${name} ledger entry wrapper from an existing SLE object.
      * @throws std::runtime_error if the ledger entry type doesn't match.
      */
-    explicit ${name}(SLE::const_pointer sle)
+    explicit ${name}(std::shared_ptr<SLE const> sle)
         : LedgerEntryBase(std::move(sle))
     {
         // Verify ledger entry type
@@ -168,7 +168,7 @@ ${field['typeData']['setter_type']} ${field['paramName']}${',' if i < len(requir
      * @param sle The existing ledger entry to copy from.
      * @throws std::runtime_error if the ledger entry type doesn't match.
      */
-    ${name}Builder(SLE::const_pointer sle)
+    ${name}Builder(std::shared_ptr<SLE const> sle)
     {
         if (sle->at(sfLedgerEntryType) != ${tag})
         {

conan.lock

@@ -1,39 +1,41 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.2#1cb806da49011867778ffb6ac7190fcb%1777558780.503",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
         "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
-        "sqlite3/3.53.0#324ada52333108388a9a6108bfa96734%1776096494.149",
+        "sqlite3/3.51.0#66aa11eabd0e34954c5c1c061ad44abe%1774467355.988",
         "soci/4.0.3#fe32b9ad5eb47e79ab9e45a68f363945%1774450067.231",
         "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
         "secp256k1/0.7.1#481881709eb0bdd0185a12b912bbe8ad%1770910500.329",
         "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
         "re2/20251105#8579cfd0bda4daf0683f9e3898f964b4%1774398111.888",
         "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
-        "openssl/3.6.2#4789bbf131b77d0515d15e094c8f697f%1778071755.506",
-        "nudb/2.0.9#11149c73f8f2baff9a0198fe25971fc7%1775040983.408",
+        "openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139",
+        "nudb/2.0.9#11149c73f8f2baff9a0198fe25971fc7%1774883011.384",
+        "mpt-crypto/0.3.0-rc1#468344c6855d4aeaa8bd31fb2c403f89%1776358155.918",
         "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
         "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
         "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
-        "libarchive/3.8.7#c446109bd1f1d8ba7936c94189bc50e6%1776147552.838",
-        "jemalloc/5.3.1#1fc58d55316041f10fbc1e8a2eae632a%1776700028.228",
+        "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
+        "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
         "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
         "grpc/1.78.1#b1a9e74b145cc471bed4dc64dc6eb2c1%1774467387.342",
         "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
         "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
         "c-ares/1.34.6#545240bb1c40e2cacd4362d6b8967650%1774439234.681",
         "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
-        "boost/1.91.0#ea540ca2133d831b560036aa24dece3c%1778050991.9",
+        "boost/1.90.0#d5e8defe7355494953be18524a7f135b%1769454080.269",
         "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "build_requires": [
-        "zlib/1.3.2#1cb806da49011867778ffb6ac7190fcb%1777558780.503",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
         "strawberryperl/5.32.1.1#8d114504d172cfea8ea1662d09b6333e%1774447376.964",
         "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
         "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
         "msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
-        "m4/1.4.19#4523e4347b55cd26ae918bd5770cab9a%1778062762.471",
+        "m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
         "cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1774439249.183",
+        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
         "b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1774439233.447",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
@@ -48,16 +50,22 @@
             "lz4/1.10.0"
         ],
         "boost/[>=1.83.0 <1.91.0]": [
-            "boost/1.91.0"
+            "boost/1.90.0"
         ],
         "sqlite3/[>=3.44 <4]": [
-            "sqlite3/3.53.0"
+            "sqlite3/3.51.0"
         ],
         "boost/1.83.0": [
-            "boost/1.91.0"
+            "boost/1.90.0"
         ],
         "lz4/[>=1.9.4 <2]": [
             "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504"
+        ],
+        "openssl/3.5.5": [
+            "openssl/3.6.1"
+        ],
+        "openssl/[>=3 <4]": [
+            "openssl/3.6.1"
         ]
     },
     "config_requires": []

conan/global.conf

@@ -3,5 +3,3 @@
 core:non_interactive=True
 core.download:parallel={{ os.cpu_count() }}
 core.upload:parallel={{ os.cpu_count() }}
-tools.files.download:retry=5
-tools.files.download:retry_wait=10

conan/lockfile/linux.profile

@@ -2,7 +2,7 @@
 arch=x86_64
 build_type=Release
 compiler=gcc
-compiler.cppstd=23
+compiler.cppstd=20
 compiler.libcxx=libstdc++11
 compiler.version=13
 os=Linux

conan/lockfile/macos.profile

@@ -2,7 +2,7 @@
 arch=armv8
 build_type=Release
 compiler=apple-clang
-compiler.cppstd=23
+compiler.cppstd=20
 compiler.libcxx=libc++
 compiler.version=17.0
 os=Macos

conan/lockfile/windows.profile

@@ -2,7 +2,7 @@
 arch=x86_64
 build_type=Release
 compiler=msvc
-compiler.cppstd=23
+compiler.cppstd=20
 compiler.runtime=dynamic
 compiler.runtime_type=Release
 compiler.version=194

conan/profiles/ci

@@ -1,8 +1 @@
-{% set os = detect_api.detect_os() %}
-include(sanitizers)
-
-[conf]
-{% if os == "Linux" %}
-user.package:libc_version=2.31
-tools.info.package_id:confs+=["user.package:libc_version"]
-{% endif %}
+ include(sanitizers)

conan/profiles/default

@@ -12,7 +12,7 @@ arch={{ arch }}
 build_type=Debug
 compiler={{compiler}}
 compiler.version={{ compiler_version }}
-compiler.cppstd=23
+compiler.cppstd=20
 {% if os == "Windows" %}
 compiler.runtime=static
 {% else %}

conan/profiles/sanitizers

@@ -3,118 +3,96 @@ include(default)
 {% set arch = detect_api.detect_arch() %}
 {% set sanitizers = os.getenv("SANITIZERS") %}
 
-{% if not sanitizers %}
-{# Sanitizers not configured; no additional settings needed #}
-{% else %}
+[conf]
+{% if sanitizers %}
+    {% if compiler == "gcc" %}
+        {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
+            {% set sanitizer_list = [] %}
+            {% set defines = [] %}
+            {% set model_code = "" %}
+            {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
 
-{% if compiler == "msvc" %}
-    {{ "Sanitizers are not supported on Windows/MSVC. Please unset the SANITIZERS environment variable." }}
-{% endif %}
+            {% if "address" in sanitizers %}
+                {% set _ = sanitizer_list.append("address") %}
+                {% if arch == "x86_64" %}
+                    {% set model_code = "-mcmodel=large" %}
+                {% endif %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
+            {% elif "thread" in sanitizers %}
+                {% set _ = sanitizer_list.append("thread") %}
+                {% if arch == "x86_64" %}
+                    {% set model_code = "-mcmodel=medium" %}
+                {% endif %}
+                {% set _ = extra_cxxflags.append("-Wno-tsan") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
+            {% endif %}
 
-{% set known_sanitizers = ["address", "thread", "undefinedbehavior"] %}
-{% set provided_sanitizers = [] %}
-{% for san in sanitizers.split(",") %}
-    {% set san = san.strip() %}
-    {% if san not in known_sanitizers %}
-        {{ "Unknown sanitizer in SANITIZERS: " ~ san }}
-    {% endif %}
-    {% set _ = provided_sanitizers.append(san) %}
-{% endfor %}
+            {% if "undefinedbehavior" in sanitizers %}
+                {% set _ = sanitizer_list.append("undefined") %}
+                {% set _ = sanitizer_list.append("float-divide-by-zero") %}
+            {% endif %}
 
-{% set enable_asan = "address" in provided_sanitizers %}
-{% set enable_tsan = "thread" in provided_sanitizers %}
-{% set enable_ubsan = "undefinedbehavior" in provided_sanitizers %}
+            {% set sanitizer_flags = "-fsanitize=" ~ ",".join(sanitizer_list) ~ " " ~ model_code %}
 
-{% if enable_asan and enable_tsan %}
-    {{ "AddressSanitizer and ThreadSanitizer are incompatible and cannot be enabled simultaneously." }}
-{% endif %}
+            tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
+            tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
+            tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
+        {% endif %}
+    {% elif compiler == "apple-clang" or compiler == "clang" %}
+        {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
+            {% set sanitizer_list = [] %}
+            {% set defines = [] %}
+            {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
 
-{% set sanitizer_types = [] %}
-{% set defines = [] %}
+            {% if "address" in sanitizers %}
+                {% set _ = sanitizer_list.append("address") %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
+            {% elif "thread" in sanitizers %}
+                {% set _ = sanitizer_list.append("thread") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
+            {% endif %}
 
-{% if enable_asan %}
-    {% set _ = sanitizer_types.append("address") %}
-    {% set _ = defines.append("BOOST_USE_ASAN") %}
-    {% set _ = defines.append("BOOST_USE_UCONTEXT") %}
-{% elif enable_tsan %}
-    {% set _ = sanitizer_types.append("thread") %}
-    {% set _ = defines.append("BOOST_USE_TSAN") %}
-    {% set _ = defines.append("BOOST_USE_UCONTEXT") %}
-{% endif %}
+            {% if "undefinedbehavior" in sanitizers %}
+                {% set _ = sanitizer_list.append("undefined") %}
+                {% set _ = sanitizer_list.append("float-divide-by-zero") %}
+                {% set _ = sanitizer_list.append("unsigned-integer-overflow") %}
+            {% endif %}
 
-{% if enable_ubsan %}
-    {% set _ = sanitizer_types.append("undefined") %}
-    {% set _ = sanitizer_types.append("float-divide-by-zero") %}
-    {# Clang supports additional UB checks beyond the GCC baseline #}
-    {% if compiler == "clang" or compiler == "apple-clang" %}
-        {% set _ = sanitizer_types.append("unsigned-integer-overflow") %}
-    {% endif %}
-{% endif %}
+            {% set sanitizer_flags = "-fsanitize=" ~ ",".join(sanitizer_list) %}
 
-{# Frame pointer required for meaningful stack traces; -O1 for reasonable performance #}
-{% set sanitizer_compiler_flags = ["-fno-omit-frame-pointer", "-O1"] %}
-
-{% if compiler == "gcc" %}
-    {# Suppress false positive warnings with GCC #}
-    {% set _ = sanitizer_compiler_flags.append("-Wno-stringop-overflow") %}
-
-    {% set relocation_flags = [] %}
-
-    {% if arch == "x86_64" and enable_asan %}
-        {# Large code model prevents relocation errors in instrumented ASAN binaries #}
-        {% set _ = sanitizer_compiler_flags.append("-mcmodel=large") %}
-        {% set _ = relocation_flags.append("-mcmodel=large") %}
-    {% elif enable_tsan %}
-        {# GCC doesn't support atomic_thread_fence with TSAN; suppress warnings #}
-        {% set _ = sanitizer_compiler_flags.append("-Wno-tsan") %}
-        {% if arch == "x86_64" %}
-            {# Medium code model for TSAN; large is incompatible #}
-            {% set _ = sanitizer_compiler_flags.append("-mcmodel=medium") %}
-            {% set _ = relocation_flags.append("-mcmodel=medium") %}
+            tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
+            tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
+            tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% endif %}
-
-    {% set fsanitize = "-fsanitize=" ~ ",".join(sanitizer_types) %}
-    {% set _ = sanitizer_compiler_flags.append(fsanitize) %}
-    {% set _ = relocation_flags.append(fsanitize) %}
-
-    {% set sanitizer_linker_flags = relocation_flags %}
-{% elif compiler == "clang" or compiler == "apple-clang" %}
-    {% set fsanitize = "-fsanitize=" ~ ",".join(sanitizer_types) %}
-    {% set _ = sanitizer_compiler_flags.append(fsanitize) %}
-
-    {% set sanitizer_linker_flags = [fsanitize] %}
 {% endif %}
 
-[conf]
-tools.build:defines+={{defines}}
-tools.build:cxxflags+={{sanitizer_compiler_flags}}
-tools.build:sharedlinkflags+={{sanitizer_linker_flags}}
-tools.build:exelinkflags+={{sanitizer_linker_flags}}
-
 tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags", "tools.build:defines"]
 
-# &: means "apply only to the consumer/root package"
-&:tools.cmake.cmaketoolchain:extra_variables={"SANITIZERS": "{{sanitizers}}", "SANITIZERS_COMPILER_FLAGS": "{{sanitizer_compiler_flags | join(' ')}}", "SANITIZERS_LINKER_FLAGS": "{{sanitizer_linker_flags | join(' ')}}"}
-
 [options]
-{% if enable_asan %}
-    # Build Boost.Context with ucontext backend (not fcontext) so that
-    # ASAN fiber-switching annotations (__sanitizer_start/finish_switch_fiber)
-    # are compiled into the library. fcontext (assembly) has no ASAN support.
-    # define=BOOST_USE_ASAN=1 is critical: it must be defined when building
-    # Boost.Context itself so the ucontext backend compiles in the ASAN annotations.
-    boost/*:extra_b2_flags=context-impl=ucontext address-sanitizer=on define=BOOST_USE_ASAN=1
-    boost/*:without_context=False
-    # Boost stacktrace fails to build with some sanitizers
-    boost/*:without_stacktrace=True
-{% elif enable_tsan %}
-    # Build Boost.Context with ucontext backend for TSAN. fcontext (assembly)
-    # has no TSAN annotations, so without this the BOOST_USE_TSAN/BOOST_USE_UCONTEXT
-    # defines in [conf] would be ineffective.
-    boost/*:extra_b2_flags=context-impl=ucontext thread-sanitizer=on define=BOOST_USE_TSAN=1
-    boost/*:without_context=False
-    boost/*:without_stacktrace=True
-{% endif %}
-
+{% if sanitizers %}
+    {% if "address" in sanitizers %}
+        # Build Boost.Context with ucontext backend (not fcontext) so that
+        # ASAN fiber-switching annotations (__sanitizer_start/finish_switch_fiber)
+        # are compiled into the library. fcontext (assembly) has no ASAN support.
+        # define=BOOST_USE_ASAN=1 is critical: it must be defined when building
+        # Boost.Context itself so the ucontext backend compiles in the ASAN annotations.
+        boost/*:extra_b2_flags=context-impl=ucontext address-sanitizer=on define=BOOST_USE_ASAN=1
+        boost/*:without_context=False
+        # Boost stacktrace fails to build with some sanitizers
+        boost/*:without_stacktrace=True
+    {% elif "thread" in sanitizers %}
+        # Build Boost.Context with ucontext backend for TSAN. fcontext (assembly)
+        # has no TSAN annotations, so without this the BOOST_USE_TSAN/BOOST_USE_UCONTEXT
+        # defines in [conf] would be ineffective.
+        boost/*:extra_b2_flags=context-impl=ucontext thread-sanitizer=on define=BOOST_USE_TSAN=1
+        boost/*:without_context=False
+        boost/*:without_stacktrace=True
+    {% endif %}
 {% endif %}

conanfile.py

@@ -1,3 +1,4 @@
+import os
 import re
 
 from conan.tools.cmake import CMake, CMakeToolchain, cmake_layout
@@ -29,12 +30,13 @@ class Xrpl(ConanFile):
     requires = [
         "ed25519/2015.03",
         "grpc/1.78.1",
-        "libarchive/3.8.7",
+        "libarchive/3.8.1",
+        "mpt-crypto/0.3.0-rc1",
         "nudb/2.0.9",
-        "openssl/3.6.2",
+        "openssl/3.6.1",
         "secp256k1/0.7.1",
         "soci/4.0.3",
-        "zlib/1.3.2",
+        "zlib/1.3.1",
     ]
 
     test_requires = [
@@ -56,7 +58,6 @@ class Xrpl(ConanFile):
         "tests": False,
         "unity": False,
         "xrpld": False,
-        "boost/*:without_cobalt": True,
         "boost/*:without_context": False,
         "boost/*:without_coroutine": True,
         "boost/*:without_coroutine2": False,
@@ -130,13 +131,13 @@ class Xrpl(ConanFile):
             self.options["boost"].without_cobalt = True
 
     def requirements(self):
-        self.requires("boost/1.91.0", force=True, transitive_headers=True)
+        self.requires("boost/1.90.0", force=True, transitive_headers=True)
         self.requires("date/3.0.4", transitive_headers=True)
         self.requires("lz4/1.10.0", force=True)
         self.requires("protobuf/6.33.5", force=True)
-        self.requires("sqlite3/3.53.0", force=True)
+        self.requires("sqlite3/3.51.0", force=True)
         if self.options.jemalloc:
-            self.requires("jemalloc/5.3.1")
+            self.requires("jemalloc/5.3.0")
         if self.options.rocksdb:
             self.requires("rocksdb/10.5.1")
         self.requires("xxhash/0.8.3", transitive_headers=True)
@@ -208,6 +209,7 @@ class Xrpl(ConanFile):
             "grpc::grpc++",
             "libarchive::libarchive",
             "lz4::lz4",
+            "mpt-crypto::mpt-crypto",
             "nudb::nudb",
             "openssl::crypto",
             "protobuf::libprotobuf",

cspell.config.yaml

@@ -50,7 +50,6 @@ words:
   - AMMXRP
   - amt
   - amts
-  - archs
   - asnode
   - asynchrony
   - attestation
@@ -60,11 +59,11 @@ words:
   - autobridging
   - bimap
   - bindir
+  - blindings
   - bookdir
   - Bougalis
   - Britto
   - Btrfs
-  - Buildx
   - canonicality
   - changespq
   - checkme
@@ -73,7 +72,6 @@ words:
   - citardauq
   - clawback
   - clawbacks
-  - cmaketoolchain
   - coeffs
   - coldwallet
   - compr
@@ -84,7 +82,6 @@ words:
   - coro
   - coros
   - cowid
-  - cpack
   - cryptocondition
   - cryptoconditional
   - cryptoconditions
@@ -95,23 +92,20 @@ words:
   - daria
   - dcmake
   - dearmor
-  - dedented
+  - decryptor
   - deleteme
   - demultiplexer
   - deserializaton
   - desync
   - desynced
   - determ
-  - disablerepo
   - distro
   - doxyfile
   - dxrpl
+  - elgamal
   - enabled
-  - enablerepo
   - endmacro
-  - envrc
   - exceptioned
-  - EXPECT_STREQ
   - Falco
   - fcontext
   - finalizers
@@ -119,11 +113,11 @@ words:
   - fmtdur
   - fsanitize
   - funclets
+  - Gamal
   - gcov
   - gcovr
   - ghead
   - Gnutella
-  - godexsoft
   - gpgcheck
   - gpgkey
   - hotwallet
@@ -137,7 +131,6 @@ words:
   - iou
   - ious
   - isrdc
-  - isystem
   - itype
   - jemalloc
   - jlog
@@ -170,7 +163,6 @@ words:
   - Merkle
   - Metafuncton
   - misprediction
-  - missingok
   - mptbalance
   - MPTDEX
   - mptflags
@@ -202,20 +194,17 @@ words:
   - NOLINT
   - NOLINTNEXTLINE
   - nonxrp
-  - noreplace
   - noripple
-  - nostdinc
-  - notifempty
   - nudb
   - nullptr
   - nunl
   - Nyffenegger
-  - onlatest
   - ostr
   - pargs
   - partitioner
   - paychan
   - paychans
+  - Pedersen
   - permdex
   - perminute
   - permissioned
@@ -226,7 +215,6 @@ words:
   - preauthorize
   - preauthorizes
   - preclaim
-  - preun
   - protobuf
   - protos
   - ptrs
@@ -234,11 +222,11 @@ words:
   - pyenv
   - pyparsing
   - qalloc
-  - qbsprofile
   - queuable
   - Raphson
-  - rcflags
   - replayer
+  - rerandomization
+  - rerandomized
   - rerere
   - retriable
   - RIPD
@@ -255,6 +243,7 @@ words:
   - sahyadri
   - Satoshi
   - scons
+  - Schnorr
   - secp
   - sendq
   - seqit
@@ -263,15 +252,12 @@ words:
   - sfields
   - shamap
   - shamapitem
-  - shfmt
-  - shlibs
   - sidechain
   - SIGGOOD
   - sle
   - sles
   - soci
   - socidb
-  - SRPMS
   - sslws
   - statsd
   - STATSDCOLLECTOR
@@ -285,6 +271,7 @@ words:
   - stvar
   - stvector
   - stxchainattestations
+  - summands
   - superpeer
   - superpeers
   - takergets
@@ -299,8 +286,8 @@ words:
   - txn
   - txns
   - txs
-  - ubsan
   - UBSAN
+  - ubsan
   - umant
   - unacquired
   - unambiguity
@@ -308,7 +295,6 @@ words:
   - unauthorizing
   - unergonomic
   - unfetched
-  - unfindable
   - unflatten
   - unfund
   - unimpair
@@ -338,6 +324,7 @@ words:
   - xbridge
   - xchain
   - ximinez
+  - EXPECT_STREQ
   - XMACRO
   - xrpkuwait
   - xrpl
@@ -345,4 +332,3 @@ words:
   - xrplf
   - xxhash
   - xxhasher
-  - CGNAT

docs/build/advanced_conan.md

@@ -1,193 +0,0 @@
-# Advanced Conan configuration
-
-This document provides advanced instructions for setting up and configuring Conan for `xrpld` development: custom profiles, the lockfile, patched recipes, and profile tweaks.
-
-## Custom profile
-
-If the default profile does not work for you and you do not yet have a Conan
-profile, you can create one by running:
-
-```bash
-conan profile detect
-```
-
-You may need to make changes to the profile to suit your environment. You can
-refer to the provided `conan/profiles/default` profile for inspiration, and you
-may also need to apply the required [tweaks](#conan-profile-tweaks) to this
-default profile.
-
-## Conan lockfile
-
-To achieve reproducible dependencies, we use a [Conan lockfile](https://docs.conan.io/2/tutorial/versioning/lockfiles.html),
-which has to be updated every time dependencies change.
-
-Please see the [instructions on how to regenerate the lockfile](../../conan/lockfile/README.md).
-
-## Patched recipes
-
-Occasionally, we need patched recipes or recipes not present in Conan Center.
-We maintain a fork of the Conan Center Index
-[here](https://github.com/XRPLF/conan-center-index/) containing the modified and newly added recipes.
-
-To ensure our patched recipes are used, you must add our Conan remote at a
-higher index than the default Conan Center remote, so it is consulted first. You
-can do this by running:
-
-```bash
-conan remote add --index 0 --force xrplf https://conan.ripplex.io
-```
-
-Alternatively, you can pull our recipes from the repository and export them locally:
-
-```bash
-# Define which recipes to export.
-recipes=('abseil' 'ed25519' 'mpt-crypto' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
-
-# Selectively check out the recipes from our CCI fork.
-cd external
-mkdir -p conan-center-index
-cd conan-center-index
-git init
-git remote add origin git@github.com:XRPLF/conan-center-index.git
-git sparse-checkout init
-for recipe in "${recipes[@]}"; do
-    echo "Checking out recipe '${recipe}'..."
-    git sparse-checkout add recipes/${recipe}
-done
-git fetch origin master
-git checkout master
-
-./export_all.sh
-cd ../../
-```
-
-In the case we switch to a newer version of a dependency that still requires a
-patch or add a new dependency, it will be necessary for you to pull in the changes and re-export the
-updated dependencies with the newer version. However, if we switch to a newer
-version that no longer requires a patch, no action is required on your part, as
-the new recipe will be automatically pulled from the official Conan Center.
-
-> [!NOTE]
-> You might need to add `--lockfile=""` to your `conan install` command
-> to avoid automatic use of the existing `conan.lock` file when you run
-> `conan export` manually on your machine
->
-> This is not recommended though, as you might end up using different revisions of recipes.
-
-## Conan profile tweaks
-
-### Missing compiler version
-
-If you see an error similar to the following after running `conan profile show`:
-
-```text
-ERROR: Invalid setting '17' is not a valid 'settings.compiler.version' value.
-Possible values are ['5.0', '5.1', '6.0', '6.1', '7.0', '7.3', '8.0', '8.1',
-'9.0', '9.1', '10.0', '11.0', '12.0', '13', '13.0', '13.1', '14', '14.0', '15',
-'15.0', '16', '16.0']
-Read "http://docs.conan.io/2/knowledge/faq.html#error-invalid-setting"
-```
-
-you need to create `$(conan config home)/settings_user.yml` file if it doesn't exist and add the required version number(s)
-to the `version` array specific for your compiler. For example:
-
-```yaml
-compiler:
-  apple-clang:
-    version: ["17.0"]
-```
-
-### Multiple compilers
-
-If you have multiple compilers installed, make sure to select the one to use in
-your default Conan configuration **before** running `conan profile detect`, by
-setting the `CC` and `CXX` environment variables.
-
-For example, if you are running MacOS and have [homebrew
-LLVM@18](https://formulae.brew.sh/formula/llvm@18), and want to use it as a
-compiler in the new Conan profile:
-
-```bash
-export CC=$(brew --prefix llvm@18)/bin/clang
-export CXX=$(brew --prefix llvm@18)/bin/clang++
-conan profile detect
-```
-
-You should also explicitly set the path to the compiler in the profile file,
-which helps to avoid errors when `CC` and/or `CXX` are set and disagree with the
-selected Conan profile. For example:
-
-```text
-[conf]
-tools.build:compiler_executables={'c':'/usr/bin/gcc','cpp':'/usr/bin/g++'}
-```
-
-### Multiple profiles
-
-You can manage multiple Conan profiles in the directory
-`$(conan config home)/profiles`, for example renaming `default` to a different
-name and then creating a new `default` profile for a different compiler.
-
-### Select language
-
-The default profile created by Conan will typically select different C++ dialect
-than C++23 used by this project. You should set `23` in the profile line
-starting with `compiler.cppstd=`. For example:
-
-```bash
-sed -i.bak -e 's|^compiler\.cppstd=.*$|compiler.cppstd=23|' $(conan config home)/profiles/default
-```
-
-### Select standard library in Linux
-
-**Linux** developers will commonly have a default Conan [profile][] that
-compiles with GCC and links with libstdc++. If you are linking with libstdc++
-(see profile setting `compiler.libcxx`), then you will need to choose the
-`libstdc++11` ABI:
-
-```bash
-sed -i.bak -e 's|^compiler\.libcxx=.*$|compiler.libcxx=libstdc++11|' $(conan config home)/profiles/default
-```
-
-### Select architecture and runtime in Windows
-
-**Windows** developers may need to use the x64 native build tools. An easy way
-to do that is to run the shortcut "x64 Native Tools Command Prompt" for the
-version of Visual Studio that you have installed.
-
-Windows developers must also build `xrpld` and its dependencies for the x64
-architecture:
-
-```bash
-sed -i.bak -e 's|^arch=.*$|arch=x86_64|' $(conan config home)/profiles/default
-```
-
-**Windows** developers also must select static runtime:
-
-```bash
-sed -i.bak -e 's|^compiler\.runtime=.*$|compiler.runtime=static|' $(conan config home)/profiles/default
-```
-
-## Add a Dependency
-
-If you want to experiment with a new package, follow these steps:
-
-1. Search for the package on [Conan Center](https://conan.io/center/).
-2. Modify [`conanfile.py`](../../conanfile.py):
-   - Add a version of the package to the `requires` property.
-   - Change any default options for the package by adding them to the
-     `default_options` property (with syntax `'$package:$option': $value`).
-3. Regenerate the [Conan lockfile](../../conan/lockfile/README.md) so the new
-   dependency is captured:
-
-   ```bash
-   ./conan/lockfile/regenerate.sh
-   ```
-
-4. Modify [`CMakeLists.txt`](../../CMakeLists.txt):
-   - Add a call to `find_package($package REQUIRED)`.
-   - Link a library from the package to the target `xrpl_libs`
-     (search for the existing call to `target_link_libraries(xrpl_libs INTERFACE ...)`).
-5. Start coding! Don't forget to include whatever headers you need from the package.
-
-[profile]: https://docs.conan.io/2/reference/config_files/profiles.html

docs/build/conan.md

@@ -115,7 +115,7 @@ By default, Conan will use the profile named "default".
 [find_package]: https://cmake.org/cmake/help/latest/command/find_package.html
 [pcf]: https://cmake.org/cmake/help/latest/manual/cmake-packages.7.html#package-configuration-file
 [prefix_path]: https://cmake.org/cmake/help/latest/variable/CMAKE_PREFIX_PATH.html
-[profile]: https://docs.conan.io/2/reference/config_files/profiles.html
+[profile]: https://docs.conan.io/en/latest/reference/profiles.html
 [pvf]: https://cmake.org/cmake/help/latest/manual/cmake-packages.7.html#package-version-file
 [runtime]: https://cmake.org/cmake/help/latest/variable/CMAKE_MSVC_RUNTIME_LIBRARY.html
 [search]: https://cmake.org/cmake/help/latest/command/find_package.html#search-procedure

docs/build/environment.md

@@ -1,73 +1,69 @@
 Our [build instructions][BUILD.md] assume you have a C++ development
 environment complete with Git, Python, Conan, CMake, and a C++ compiler.
-This document explains how to set one up.
+This document exists to help readers set one up on any of the Big Three
+platforms: Linux, macOS, or Windows.
+
+As an alternative to system packages, the Nix development shell can be used to provide a development environment. See [using nix development shell](./nix.md) for more details.
 
 [BUILD.md]: ../../BUILD.md
 
-## Tested compiler versions
+## Linux
 
-`xrpld` is built in the **C++23** dialect by default.
-Make sure your toolchain is recent enough — the compiler versions currently tested in CI are:
+Package ecosystems vary across Linux distributions,
+so there is no one set of instructions that will work for every Linux user.
+The instructions below are written for Debian 12 (Bookworm).
 
-| Compiler    | Version |
-| ----------- | ------- |
-| GCC         | 15.2    |
-| Clang       | 22      |
-| Apple Clang | 17      |
-| MSVC        | 19.44   |
+```
+export GCC_RELEASE=12
+sudo apt update
+sudo apt install --yes gcc-${GCC_RELEASE} g++-${GCC_RELEASE} python3-pip \
+  python-is-python3 python3-venv python3-dev curl wget ca-certificates \
+  git build-essential cmake ninja-build libc6-dev
+sudo pip install --break-system-packages conan
 
-LLVM tools (`clang-tidy` and `clang-format`) are also pinned to version 22.
-
-Older compilers may fail to build the latest `develop` code: the codebase now
-relies on C++23 features and has been adjusted for `clang-tidy`.
-If the latest code doesn't build for you, update your build toolchain first.
-
-## Linux and macOS
-
-The **recommended way** to get a development environment on Linux and macOS is
-the Nix development shell. It provides the exact tooling used in CI — `git`,
-`python`, `conan`, `cmake`, `clang-tidy`, `clang-format`, and everything else —
-with a single command and without installing anything system-wide:
-
-```bash
-nix --experimental-features 'nix-command flakes' develop
+sudo update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-${GCC_RELEASE} 999
+sudo update-alternatives --install \
+  /usr/bin/gcc gcc /usr/bin/gcc-${GCC_RELEASE} 100 \
+  --slave /usr/bin/g++ g++ /usr/bin/g++-${GCC_RELEASE} \
+  --slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${GCC_RELEASE} \
+  --slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${GCC_RELEASE} \
+  --slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${GCC_RELEASE} \
+  --slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_RELEASE} \
+  --slave /usr/bin/gcov-tool gcov-tool /usr/bin/gcov-tool-${GCC_RELEASE} \
+  --slave /usr/bin/gcov-dump gcov-dump /usr/bin/gcov-dump-${GCC_RELEASE} \
+  --slave /usr/bin/lto-dump lto-dump /usr/bin/lto-dump-${GCC_RELEASE}
+sudo update-alternatives --auto cc
+sudo update-alternatives --auto gcc
 ```
 
-On **Linux**, Nix also provides the compiler (GCC). On **macOS**, the shell uses
-your **system-wide Apple Clang** as the compiler, so you still need to manage
-its version (see below).
+If you use different Linux distribution, hope the instruction above can guide
+you in the right direction. We try to maintain compatibility with all recent
+compiler releases, so if you use a rolling distribution like e.g. Arch or CentOS
+then there is a chance that everything will "just work".
 
-See [Using the Nix development shell](./nix.md) for installation and usage
-details, including how to select a different compiler.
+## macOS
 
-> [!NOTE]
-> Using Nix is not mandatory. Any custom environment (Homebrew packages or
-> anything else) will continue to work, but then it is up to you to keep it in
-> sync with the environment used in CI. Nix unifies the development environment
-> for everyone and synchronizes updates, which is why we recommend it.
+Open a Terminal and enter the below command to bring up a dialog to install
+the command line developer tools.
+Once it is finished, this command should return a version greater than the
+minimum required (see [BUILD.md][]).
 
-### macOS: managing the Apple Clang version
-
-Because the Nix shell uses the system-wide Apple Clang on macOS, the compiler
-version is whatever your installed Xcode (or Command Line Tools) provides. The
-following command should return a version greater than or equal to the
-[minimum required](#tested-compiler-versions):
-
-```bash
+```
 clang --version
 ```
 
-If you develop other applications using Xcode, you might be consistently
-updating to the newest version of Apple Clang, which will likely cause issues
-building xrpld. You may want to install and pin a specific version of Xcode:
+### Install Xcode Specific Version (Optional)
+
+If you develop other applications using XCode you might be consistently updating to the newest version of Apple Clang.
+This will likely cause issues building xrpld. You may want to install a specific version of Xcode:
 
 1. **Download Xcode**
    - Visit [Apple Developer Downloads](https://developer.apple.com/download/more/)
    - Sign in with your Apple Developer account
-   - Search for an Xcode version that includes the expected Apple Clang version
+   - Search for an Xcode version that includes **Apple Clang (Expected Version)**
    - Download the `.xip` file
 
-2. **Install and configure Xcode**
+2. **Install and Configure Xcode**
 
    ```bash
    # Extract the .xip file and rename for version management
@@ -83,28 +79,62 @@ building xrpld. You may want to install and pin a specific version of Xcode:
    export DEVELOPER_DIR=/Applications/Xcode_16.2.app/Contents/Developer
    ```
 
-## Windows
+The command line developer tools should include Git too:
 
-Nix is not available on Windows, so the required tools have to be installed
-manually:
+```
+git --version
+```
 
-- [Visual Studio 2022](https://visualstudio.microsoft.com/) with the
-  **"Desktop development with C++"** workload — this provides MSVC and the
-  "x64 Native Tools Command Prompt".
-- [Git for Windows](https://git-scm.com/download/win)
-- [Python 3.11](https://www.python.org/downloads/), or higher
-- [Conan 2.17](https://conan.io/downloads.html), or higher
-- [CMake 3.22](https://cmake.org/download/), or higher
+Install [Homebrew][],
+use it to install [pyenv][],
+use it to install Python,
+and use it to install Conan:
 
-> [!NOTE]
-> Windows is used for development only and is not recommended for production.
+[Homebrew]: https://brew.sh/
+[pyenv]: https://github.com/pyenv/pyenv
+
+```
+/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+brew update
+brew install xz
+brew install pyenv
+pyenv install 3.11
+pyenv global 3.11
+eval "$(pyenv init -)"
+pip install 'conan'
+```
+
+Install CMake with Homebrew too:
+
+```
+brew install cmake
+```
 
 ## Clang-tidy
 
-`clang-tidy` is required to run static analysis checks locally (see
-[CONTRIBUTING.md](../../CONTRIBUTING.md)). It is not required to build the
-project. This project currently uses `clang-tidy` version 22.
+Clang-tidy is required to run static analysis checks locally (see [CONTRIBUTING.md](../../CONTRIBUTING.md)).
+It is not required to build the project. Currently this project uses clang-tidy version 21.
 
-On Linux and macOS, the [Nix development shell](./nix.md) provides `clang-tidy`
-22 out of the box — run it via `run-clang-tidy`. No separate installation is
-needed.
+### Linux
+
+LLVM 21 is not available in the default Debian 12 (Bookworm) repositories.
+Install it using the official LLVM apt installer:
+
+```
+wget https://apt.llvm.org/llvm.sh
+chmod +x llvm.sh
+sudo ./llvm.sh 21
+sudo apt install --yes clang-tidy-21
+```
+
+Then use `run-clang-tidy-21` when running clang-tidy locally.
+
+### macOS
+
+Install LLVM 21 via Homebrew:
+
+```
+brew install llvm@21
+```
+
+Then use `run-clang-tidy` from the LLVM 21 Homebrew prefix when running clang-tidy locally.

docs/build/nix.md

@@ -2,12 +2,9 @@
 
 This guide explains how to use Nix to set up a reproducible development environment for xrpld. Using Nix eliminates the need to manually install utilities and ensures consistent tooling across different machines.
 
-**The Nix development shell is the recommended way to develop xrpld.** It unifies the development environment for everyone and synchronizes updates: the same tooling and compiler versions are used both here and in CI. Any custom environment (Homebrew packages or anything else) will continue to work, but then it is up to you to keep it in sync with the environment used in CI.
-
 ## Benefits of Using Nix
 
 - **Reproducible environment**: Everyone gets the same versions of tools and compilers
-- **Matches CI**: The Linux CI runs in Docker images built from this exact Nix environment
 - **No system pollution**: Dependencies are isolated and don't affect your system packages
 - **Multiple compiler versions**: Easily switch between different GCC and Clang versions
 - **Quick setup**: Get started with a single command
@@ -31,22 +28,11 @@ This will:
 
 - Download and set up all required development tools (CMake, Ninja, Conan, etc.)
 - Configure the appropriate compiler for your platform:
-  - **Linux**: GCC 15.2 (provided by Nix)
-  - **macOS**: Apple Clang (your system compiler)
+  - **macOS**: Apple Clang (default system compiler)
+  - **Linux**: GCC 15
 
 The first time you run this command, it will take a few minutes to download and build the environment. Subsequent runs will be much faster.
 
-### Platform notes
-
-- **Linux**: `nix develop` gives you a shell with all the tooling necessary to
-  develop xrpld and with GCC 15.2 (also provided by Nix). There are no caveats.
-- **macOS**: `nix develop` gives you a full environment too. The compiler is
-  your system-wide Apple Clang, while every other tool — including Conan — is
-  provided by Nix. Conan has no binary in the Nix cache for macOS, so it is
-  built from source the first time you enter the shell, which makes the initial
-  setup slower (this is handled automatically; see
-  [`nix/devshell.nix`](../../nix/devshell.nix)).
-
 > [!TIP]
 > To avoid typing `--experimental-features 'nix-command flakes'` every time, you can permanently enable flakes by creating `~/.config/nix/nix.conf`:
 >
@@ -65,7 +51,7 @@ The first time you run this command, it will take a few minutes to download and
 A compiler can be chosen by providing its name with the `.#` prefix, e.g. `nix develop .#gcc15`.
 Use `nix flake show` to see all the available development shells.
 
-Use `nix develop .#no-compiler` to use the compiler from your system.
+Use `nix develop .#no_compiler` to use the compiler from your system.
 
 ### Example Usage
 
@@ -82,28 +68,12 @@ nix develop
 
 ### Using a different shell
 
-`nix develop` opens bash by default. To use another shell, pass it with the `-c` flag — this works with any shell, e.g. `zsh` or `fish`:
+`nix develop` opens bash by default. If you want to use another shell this could be done by adding `-c` flag. For example:
 
 ```bash
-# Use zsh
 nix develop -c zsh
-
-# Use fish
-nix develop -c fish
-
-# Use your login shell
-nix develop -c "$SHELL"
 ```
 
-> [!WARNING]
-> Your shell's interactive startup files (e.g. `config.fish`, `.zshrc`) may prepend other directories — most commonly Homebrew — to `$PATH`, which can shadow the tools provided by the Nix shell. After entering, verify that tools resolve into the Nix store:
->
-> ```bash
-> command -v cmake   # should print a /nix/store/... path
-> ```
->
-> If it doesn't, either adjust your shell configuration so it doesn't override `$PATH`, or use [direnv](#automatic-activation-with-direnv) (below), which loads the environment _after_ your shell config and so takes precedence regardless of the shell you use.
-
 ## Building xrpld with Nix
 
 Once inside the Nix development shell, follow the standard [build instructions](../../BUILD.md#steps). The Nix shell provides all necessary tools (CMake, Ninja, Conan, etc.).
@@ -112,8 +82,6 @@ Once inside the Nix development shell, follow the standard [build instructions](
 
 [direnv](https://direnv.net/) or [nix-direnv](https://github.com/nix-community/nix-direnv) can automatically activate the Nix development shell when you enter the repository directory.
 
-This is also the most robust way to use the environment from **any shell** (bash, zsh, fish, …): direnv stays in your current shell and loads the environment _after_ your shell's startup files have run, so the Nix-provided tools take precedence over anything your shell configuration adds to `$PATH`. To use it, install direnv for your shell, then add an `.envrc` containing `use flake` at the repository root and run `direnv allow`.
-
 ## Conan and Prebuilt Packages
 
 Please note that there is no guarantee that binaries from conan cache will work when using nix. If you encounter any errors, please use `--build '*'` to force conan to compile everything from source:
@@ -125,8 +93,3 @@ conan install .. --output-folder . --build '*' --settings build_type=Release
 ## Updating `flake.lock` file
 
 To update `flake.lock` to the latest revision use `nix flake update` command.
-
-## Troubleshooting
-
-See [Troubleshooting Nix problems](./nix_troubleshooting.md) for common issues,
-such as `nix develop` failing inside Git worktrees.

docs/build/nix_troubleshooting.md

@@ -1,61 +0,0 @@
-# Troubleshooting Nix problems
-
-Common issues encountered when using the [Nix development shell](./nix.md), and
-how to resolve them.
-
-## Git worktrees
-
-If `nix develop` fails with an error like:
-
-```
-error:
-       … while fetching the input 'git+file:///path/to/rippled'
-
-       error: opening Git repository "/path/to/rippled": unsupported extension name extensions.relativeworktrees (libgit2 error code = 6)
-```
-
-then your Nix is linked against a libgit2 older than **1.9.4**. Git 2.48+ writes
-the `extensions.relativeWorktrees` config entry when a worktree is created with
-relative paths (`git worktree add --relative-paths`, or with
-`worktree.useRelativePaths=true`), and older libgit2 versions refuse to open a
-repository that uses it. Nix uses libgit2 to read the flake, so evaluation
-fails.
-
-> [!IMPORTANT]
-> This entry is written to the **shared** repository config, so once any
-> relative worktree exists, `nix develop` fails in the main checkout too — not
-> just inside the worktree.
-
-### Workarounds
-
-These work today, with any Nix version:
-
-- bypass libgit2 with a `path:` flakeref: `nix develop "path:$PWD"`
-  (note: this copies the working tree to the store and ignores `.gitignore`); or
-- create worktrees with absolute paths (omit `--relative-paths`); or
-- clear the extension if you don't need relative worktrees:
-  `git config --unset extensions.relativeWorktrees`.
-
-### Permanent fix
-
-The fix is in [libgit2 1.9.4](https://github.com/libgit2/libgit2/releases/tag/v1.9.4),
-so the real solution is a Nix that links against libgit2 `1.9.4` or newer. Check
-which version yours links against:
-
-```bash
-nix-store -qR "$(readlink -f "$(command -v nix)")" | grep libgit2
-```
-
-> [!WARNING]
-> `nix upgrade-nix` does **not** help yet. It installs the build from the
-> official [`nix-fallback-paths`](https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/installer/tools/nix-fallback-paths.nix),
-> which is still linked against libgit2 `1.9.2` — there is no new upstream Nix
-> release with the fix. (On some systems that build is even the exact store path
-> you already have, making the upgrade a no-op.)
-
-nixpkgs has already rebuilt Nix against the fixed libgit2 (e.g. `nix-2.34.7+1`),
-so the cleanest path is to reinstall Nix using your usual installation method
-once it picks up that rebuild, then re-run the `grep libgit2` check above to
-confirm it reports `1.9.4` or newer.
-
-Until then, prefer the workarounds above.

docs/build/sanitizers.md

@@ -1,17 +1,15 @@
 # Sanitizer Configuration for Xrpld
 
-This document explains how to properly configure and run sanitizers (`AddressSanitizer`, `UndefinedBehaviorSanitizer`, `ThreadSanitizer`) with the xrpld project.
+This document explains how to properly configure and run sanitizers (AddressSanitizer, undefinedbehaviorSanitizer, ThreadSanitizer) with the xrpld project.
 Corresponding suppression files are located in the `sanitizers/suppressions` directory.
 
-> [!CAUTION]
-> Do not mix Address and Thread sanitizers - they are incompatible.
-> Also, we don't yet support MSVC sanitizers, so this is only for Clang/GCC builds.
-
 - [Sanitizer Configuration for Xrpld](#sanitizer-configuration-for-xrpld)
   - [Building with Sanitizers](#building-with-sanitizers)
     - [Summary](#summary)
     - [Build steps:](#build-steps)
       - [Install dependencies](#install-dependencies)
+      - [Call CMake](#call-cmake)
+      - [Build](#build)
   - [Running Tests with Sanitizers](#running-tests-with-sanitizers)
     - [AddressSanitizer (ASAN)](#addresssanitizer-asan)
     - [ThreadSanitizer (TSan)](#threadsanitizer-tsan)
@@ -35,13 +33,9 @@ Corresponding suppression files are located in the `sanitizers/suppressions` dir
 Follow the same instructions as mentioned in [BUILD.md](../../BUILD.md) but with the following changes:
 
 1. Make sure you have a clean build directory.
-2. Set the `SANITIZERS` environment variable before calling `conan install`. Only set it once.
+2. Set the `SANITIZERS` environment variable before calling conan install and cmake. Only set it once. Make sure both conan and cmake read the same values.
    Example: `export SANITIZERS=address,undefinedbehavior`
-3. Use `--profile:all sanitizers` with Conan to build dependencies with sanitizer instrumentation.
-
-   > [!NOTE]
-   > Building with sanitizer-instrumented dependencies is slower but produces fewer false positives.
-
+3. Optionally use `--profile:all sanitizers` with Conan to build dependencies with sanitizer instrumentation. [!NOTE]Building with sanitizer-instrumented dependencies is slower but produces fewer false positives.
 4. Set `ASAN_OPTIONS`, `LSAN_OPTIONS`, `UBSAN_OPTIONS` and `TSAN_OPTIONS` environment variables to configure sanitizer behavior when running executables. [More details below](#running-tests-with-sanitizers).
 
 ---
@@ -57,13 +51,36 @@ cd .build
 
 #### Install dependencies
 
-The `SANITIZERS` environment variable is used during `conan install` command.
+The `SANITIZERS` environment variable is used by both Conan and CMake.
 
 ```bash
-SANITIZERS=address,undefinedbehavior conan install .. --output-folder . --build missing --settings build_type=Debug --profile:all sanitizers
+export SANITIZERS=address,undefinedbehavior
+# Standard build (without instrumenting dependencies)
+conan install .. --output-folder . --build missing --settings build_type=Debug
+
+# Or with sanitizer-instrumented dependencies (takes longer but fewer false positives)
+conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
 ```
 
-Proceed with the rest of the build instructions as mentioned in [BUILD.md](../../BUILD.md).
+[!CAUTION]
+Do not mix Address and Thread sanitizers - they are incompatible.
+
+Since you already set the `SANITIZERS` environment variable when running Conan, same values will be read for the next part.
+
+#### Call CMake
+
+```bash
+cmake .. -G Ninja \
+    -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
+    -DCMAKE_BUILD_TYPE=Debug \
+    -Dtests=ON -Dxrpld=ON
+```
+
+#### Build
+
+```bash
+cmake --build . --parallel 4
+```
 
 ## Running Tests with Sanitizers
 

flake.lock

@@ -2,41 +2,22 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1781173989,
-        "narHash": "sha256-fnzKKPvS+oieI/pTzotA5tkoM47EB1NpaBcgk4R97hE=",
+        "lastModified": 1769461804,
+        "narHash": "sha256-6h5sROT/3CTHvzPy9koKBmoCa2eJKh4fzQK8eYFEgl8=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "8c91a71d13451abc40eb9dae8910f972f979852f",
+        "rev": "b579d443b37c9c5373044201ea77604e37e748c8",
         "type": "github"
       },
       "original": {
-        "owner": "NixOS",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-custom-glibc": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1593520194,
-        "narHash": "sha256-+TZW+2I7kLL9JglPNOagm1ywjf9ua0JYGoptq/dzVn0=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "9cd98386a38891d1074fc18036b842dc4416f562",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "9cd98386a38891d1074fc18036b842dc4416f562",
-        "type": "github"
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
       }
     },
     "root": {
       "inputs": {
-        "nixpkgs": "nixpkgs",
-        "nixpkgs-custom-glibc": "nixpkgs-custom-glibc"
+        "nixpkgs": "nixpkgs"
       }
     }
   },

flake.nix

@@ -1,25 +1,16 @@
 {
   description = "Nix related things for xrpld";
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
-    # nixpkgs snapshot (2020-06-30) that shipped glibc 2.31 as the primary
-    # version — matches the system libc on Ubuntu 20.04 LTS. Imported
-    # manually (flake = false) because this revision predates nixpkgs'
-    # own flake.nix.
-    nixpkgs-custom-glibc = {
-      url = "github:NixOS/nixpkgs/9cd98386a38891d1074fc18036b842dc4416f562";
-      flake = false;
-    };
+    nixpkgs.url = "nixpkgs/nixos-unstable";
   };
 
   outputs =
-    { nixpkgs, nixpkgs-custom-glibc, ... }:
+    { nixpkgs, ... }:
     let
-      forEachSystem = import ./nix/utils.nix { inherit nixpkgs nixpkgs-custom-glibc; };
+      forEachSystem = (import ./nix/utils.nix { inherit nixpkgs; }).forEachSystem;
     in
     {
       devShells = forEachSystem (import ./nix/devshell.nix);
-      packages = forEachSystem (import ./nix/ci-env.nix);
       formatter = forEachSystem ({ pkgs, ... }: pkgs.nixfmt);
     };
 }

include/xrpl/basics/Expected.h

@@ -0,0 +1,236 @@
+#pragma once
+
+#include <xrpl/basics/contract.h>
+
+#include <boost/outcome.hpp>
+
+#include <stdexcept>
+
+namespace xrpl {
+
+/** Expected is an approximation of std::expected (hoped for in C++23)
+
+    See: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2021/p0323r10.html
+
+    The implementation is entirely based on boost::outcome_v2::result.
+*/
+
+// Exception thrown by an invalid access to Expected.
+struct BadExpectedAccess : public std::runtime_error
+{
+    BadExpectedAccess() : runtime_error("bad expected access")
+    {
+    }
+};
+
+namespace detail {
+
+// Custom policy for Expected.  Always throw on an invalid access.
+struct ThrowPolicy : public boost::outcome_v2::policy::base
+{
+    template <class Impl>
+    static constexpr void
+    // NOLINTNEXTLINE(readability-identifier-naming)
+    wide_value_check(Impl&& self)
+    {
+        if (!base::_has_value(std::forward<Impl>(self)))
+            Throw<BadExpectedAccess>();
+    }
+
+    template <class Impl>
+    static constexpr void
+    // NOLINTNEXTLINE(readability-identifier-naming)
+    wide_error_check(Impl&& self)
+    {
+        if (!base::_has_error(std::forward<Impl>(self)))
+            Throw<BadExpectedAccess>();
+    }
+
+    template <class Impl>
+    static constexpr void
+    // NOLINTNEXTLINE(readability-identifier-naming)
+    wide_exception_check(Impl&& self)
+    {
+        if (!base::_has_exception(std::forward<Impl>(self)))
+            Throw<BadExpectedAccess>();
+    }
+};
+
+}  // namespace detail
+
+// Definition of Unexpected, which is used to construct the unexpected
+// return type of an Expected.
+template <class E>
+class Unexpected
+{
+public:
+    static_assert(!std::is_same_v<E, void>, "E must not be void");
+
+    Unexpected() = delete;
+
+    constexpr explicit Unexpected(E const& e) : val_(e)
+    {
+    }
+
+    constexpr explicit Unexpected(E&& e) : val_(std::move(e))
+    {
+    }
+
+    [[nodiscard]] constexpr E const&
+    value() const&
+    {
+        return val_;
+    }
+
+    constexpr E&
+    value() &
+    {
+        return val_;
+    }
+
+    constexpr E&&
+    value() &&
+    {
+        return std::move(val_);
+    }
+
+    [[nodiscard]] constexpr E const&&
+    value() const&&
+    {
+        return std::move(val_);
+    }
+
+private:
+    E val_;
+};
+
+// Unexpected deduction guide that converts array to const*.
+template <typename E, std::size_t N>
+Unexpected(E (&)[N]) -> Unexpected<E const*>;
+
+// Definition of Expected.  All of the machinery comes from boost::result.
+template <class T, class E>
+class [[nodiscard]] Expected : private boost::outcome_v2::result<T, E, detail::ThrowPolicy>
+{
+    using Base = boost::outcome_v2::result<T, E, detail::ThrowPolicy>;
+
+public:
+    template <typename U>
+        requires std::convertible_to<U, T>
+    constexpr Expected(U&& r) : Base(boost::outcome_v2::in_place_type_t<T>{}, std::forward<U>(r))
+    {
+    }
+
+    template <typename U>
+        requires std::convertible_to<U, E> && (!std::is_reference_v<U>)
+    constexpr Expected(Unexpected<U> e)
+        : Base(boost::outcome_v2::in_place_type_t<E>{}, std::move(e.value()))
+    {
+    }
+
+    [[nodiscard]] constexpr bool
+    // NOLINTNEXTLINE(readability-identifier-naming)
+    has_value() const
+    {
+        return Base::has_value();
+    }
+
+    [[nodiscard]] constexpr T const&
+    value() const
+    {
+        return Base::value();
+    }
+
+    constexpr T&
+    value()
+    {
+        return Base::value();
+    }
+
+    [[nodiscard]] constexpr E const&
+    error() const
+    {
+        return Base::error();
+    }
+
+    constexpr E&
+    error()
+    {
+        return Base::error();
+    }
+
+    constexpr explicit
+    operator bool() const
+    {
+        return has_value();
+    }
+
+    // Add operator* and operator-> so the Expected API looks a bit more like
+    // what std::expected is likely to look like.  See:
+    // http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2021/p0323r10.html
+    [[nodiscard]] constexpr T&
+    operator*()
+    {
+        return this->value();
+    }
+
+    [[nodiscard]] constexpr T const&
+    operator*() const
+    {
+        return this->value();
+    }
+
+    [[nodiscard]] constexpr T*
+    operator->()
+    {
+        return &this->value();
+    }
+
+    [[nodiscard]] constexpr T const*
+    operator->() const
+    {
+        return &this->value();
+    }
+};
+
+// Specialization of Expected<void, E>.  Allows returning either success
+// (without a value) or the reason for the failure.
+template <class E>
+class [[nodiscard]]
+Expected<void, E> : private boost::outcome_v2::result<void, E, detail::ThrowPolicy>
+{
+    using Base = boost::outcome_v2::result<void, E, detail::ThrowPolicy>;
+
+public:
+    // The default constructor makes a successful Expected<void, E>.
+    // This aligns with std::expected behavior proposed in P0323R10.
+    constexpr Expected() : Base(boost::outcome_v2::success())
+    {
+    }
+
+    template <typename U>
+        requires std::convertible_to<U, E> && (!std::is_reference_v<U>)
+    constexpr Expected(Unexpected<U> e) : Base(E(std::move(e.value())))
+    {
+    }
+
+    [[nodiscard]] constexpr E const&
+    error() const
+    {
+        return Base::error();
+    }
+
+    constexpr E&
+    error()
+    {
+        return Base::error();
+    }
+
+    constexpr explicit
+    operator bool() const
+    {
+        return Base::has_value();
+    }
+};
+
+}  // namespace xrpl

include/xrpl/basics/IntrusivePointer.h

@@ -406,8 +406,8 @@ private:
     // pointer. The low bit must be masked to zero when converting back to a
     // pointer. If the low bit is '1', this is a weak pointer.
     std::uintptr_t tp_{0};
-    static constexpr std::uintptr_t kTagMask = 1;
-    static constexpr std::uintptr_t kPtrMask = ~kTagMask;
+    static constexpr std::uintptr_t kTAG_MASK = 1;
+    static constexpr std::uintptr_t kPTR_MASK = ~kTAG_MASK;
 
 private:
     /** Return the raw pointer held by this object.

include/xrpl/basics/IntrusivePointer.ipp

@@ -567,14 +567,14 @@ template <class T>
 bool
 SharedWeakUnion<T>::isStrong() const
 {
-    return (tp_ & kTagMask) == 0u;
+    return (tp_ & kTAG_MASK) == 0u;
 }
 
 template <class T>
 bool
 SharedWeakUnion<T>::isWeak() const
 {
-    return (tp_ & kTagMask) != 0u;
+    return (tp_ & kTAG_MASK) != 0u;
 }
 
 template <class T>
@@ -641,7 +641,7 @@ template <class T>
 T*
 SharedWeakUnion<T>::unsafeGetRawPtr() const
 {
-    return reinterpret_cast<T*>(tp_ & kPtrMask);
+    return reinterpret_cast<T*>(tp_ & kPTR_MASK);
 }
 
 template <class T>
@@ -650,7 +650,7 @@ SharedWeakUnion<T>::unsafeSetRawPtr(T* p, RefStrength rs)
 {
     tp_ = reinterpret_cast<std::uintptr_t>(p);
     if (tp_ && rs == RefStrength::Weak)
-        tp_ |= kTagMask;
+        tp_ |= kTAG_MASK;
 }
 
 template <class T>

include/xrpl/basics/IntrusiveRefCounts.h

@@ -98,11 +98,11 @@ private:
     // enough for strong pointers and 14 bit counts are enough for weak
     // pointers. Use type aliases to make it easy to switch types.
     using CountType = std::uint16_t;
-    static constexpr size_t kStrongCountNumBits = sizeof(CountType) * 8;
-    static constexpr size_t kWeakCountNumBits = kStrongCountNumBits - 2;
+    static constexpr size_t kSTRONG_COUNT_NUM_BITS = sizeof(CountType) * 8;
+    static constexpr size_t kWEAK_COUNT_NUM_BITS = kSTRONG_COUNT_NUM_BITS - 2;
     using FieldType = std::uint32_t;
-    static constexpr size_t kFieldTypeBits = sizeof(FieldType) * 8;
-    static constexpr FieldType kOne = 1;
+    static constexpr size_t kFIELD_TYPE_BITS = sizeof(FieldType) * 8;
+    static constexpr FieldType kONE = 1;
 
     /** `refCounts` consists of four fields that are treated atomically:
 
@@ -137,21 +137,21 @@ private:
 
          */
 
-    mutable std::atomic<FieldType> refCounts_{kStrongDelta};
+    mutable std::atomic<FieldType> refCounts_{kSTRONG_DELTA};
 
     /**  Amount to change the strong count when adding or releasing a reference
 
          Note: The strong count is stored in the low `StrongCountNumBits` bits
        of refCounts
       */
-    static constexpr FieldType kStrongDelta = 1;
+    static constexpr FieldType kSTRONG_DELTA = 1;
 
     /**  Amount to change the weak count when adding or releasing a reference
 
          Note: The weak count is stored in the high `WeakCountNumBits` bits of
          refCounts
       */
-    static constexpr FieldType kWeakDelta = (kOne << kStrongCountNumBits);
+    static constexpr FieldType kWEAK_DELTA = (kONE << kSTRONG_COUNT_NUM_BITS);
 
     /**  Flag that is set when the partialDestroy function has started running
          (or is about to start running).
@@ -159,33 +159,34 @@ private:
          See description of the `refCounts` field for a fuller description of
          this field.
       */
-    static constexpr FieldType kPartialDestroyStartedMask = (kOne << (kFieldTypeBits - 1));
+    static constexpr FieldType kPARTIAL_DESTROY_STARTED_MASK = (kONE << (kFIELD_TYPE_BITS - 1));
 
     /**  Flag that is set when the partialDestroy function has finished running
 
          See description of the `refCounts` field for a fuller description of
          this field.
       */
-    static constexpr FieldType kPartialDestroyFinishedMask = (kOne << (kFieldTypeBits - 2));
+    static constexpr FieldType kPARTIAL_DESTROY_FINISHED_MASK = (kONE << (kFIELD_TYPE_BITS - 2));
 
     /** Mask that will zero out all the `count` bits and leave the tag bits
         unchanged.
       */
-    static constexpr FieldType kTagMask = kPartialDestroyStartedMask | kPartialDestroyFinishedMask;
+    static constexpr FieldType kTAG_MASK =
+        kPARTIAL_DESTROY_STARTED_MASK | kPARTIAL_DESTROY_FINISHED_MASK;
 
     /** Mask that will zero out the `tag` bits and leave the count bits
         unchanged.
       */
-    static constexpr FieldType kValueMask = ~kTagMask;
+    static constexpr FieldType kVALUE_MASK = ~kTAG_MASK;
 
     /** Mask that will zero out everything except the strong count.
      */
-    static constexpr FieldType kStrongMask = ((kOne << kStrongCountNumBits) - 1) & kValueMask;
+    static constexpr FieldType kSTRONG_MASK = ((kONE << kSTRONG_COUNT_NUM_BITS) - 1) & kVALUE_MASK;
 
     /** Mask that will zero out everything except the weak count.
      */
-    static constexpr FieldType kWeakMask =
-        (((kOne << kWeakCountNumBits) - 1) << kStrongCountNumBits) & kValueMask;
+    static constexpr FieldType kWEAK_MASK =
+        (((kONE << kWEAK_COUNT_NUM_BITS) - 1) << kSTRONG_COUNT_NUM_BITS) & kVALUE_MASK;
 
     /** Unpack the count and tag fields from the packed atomic integer form. */
     struct RefCountPair
@@ -210,29 +211,29 @@ private:
         [[nodiscard]] FieldType
         combinedValue() const noexcept;
 
-        static constexpr CountType kMaxStrongValue =
-            static_cast<CountType>((kOne << kStrongCountNumBits) - 1);
-        static constexpr CountType kMaxWeakValue =
-            static_cast<CountType>((kOne << kWeakCountNumBits) - 1);
+        static constexpr CountType kMAX_STRONG_VALUE =
+            static_cast<CountType>((kONE << kSTRONG_COUNT_NUM_BITS) - 1);
+        static constexpr CountType kMAX_WEAK_VALUE =
+            static_cast<CountType>((kONE << kWEAK_COUNT_NUM_BITS) - 1);
         /**  Put an extra margin to detect when running up against limits.
              This is only used in debug code, and is useful if we reduce the
              number of bits in the strong and weak counts (to 16 and 14 bits).
          */
-        static constexpr CountType kCheckStrongMaxValue = kMaxStrongValue - 32;
-        static constexpr CountType kCheckWeakMaxValue = kMaxWeakValue - 32;
+        static constexpr CountType kCHECK_STRONG_MAX_VALUE = kMAX_STRONG_VALUE - 32;
+        static constexpr CountType kCHECK_WEAK_MAX_VALUE = kMAX_WEAK_VALUE - 32;
     };
 };
 
 inline void
 IntrusiveRefCounts::addStrongRef() const noexcept
 {
-    refCounts_.fetch_add(kStrongDelta, std::memory_order_acq_rel);
+    refCounts_.fetch_add(kSTRONG_DELTA, std::memory_order_acq_rel);
 }
 
 inline void
 IntrusiveRefCounts::addWeakRef() const noexcept
 {
-    refCounts_.fetch_add(kWeakDelta, std::memory_order_acq_rel);
+    refCounts_.fetch_add(kWEAK_DELTA, std::memory_order_acq_rel);
 }
 
 inline ReleaseStrongRefAction
@@ -251,10 +252,10 @@ IntrusiveRefCounts::releaseStrongRef() const
     {
         RefCountPair const prevVal{prevIntVal};
         XRPL_ASSERT(
-            (prevVal.strong >= kStrongDelta),
+            (prevVal.strong >= kSTRONG_DELTA),
             "xrpl::IntrusiveRefCounts::releaseStrongRef : previous ref "
             "higher than new");
-        auto nextIntVal = prevIntVal - kStrongDelta;
+        auto nextIntVal = prevIntVal - kSTRONG_DELTA;
         ReleaseStrongRefAction action = NoOp;
         if (prevVal.strong == 1)
         {
@@ -264,7 +265,7 @@ IntrusiveRefCounts::releaseStrongRef() const
             }
             else
             {
-                nextIntVal |= kPartialDestroyStartedMask;
+                nextIntVal |= kPARTIAL_DESTROY_STARTED_MASK;
                 action = PartialDestroy;
             }
         }
@@ -275,7 +276,7 @@ IntrusiveRefCounts::releaseStrongRef() const
             // count to zero can start a partial destroy, and that can't happen
             // twice.
             XRPL_ASSERT(
-                (action == NoOp) || !(prevIntVal & kPartialDestroyStartedMask),
+                (action == NoOp) || !(prevIntVal & kPARTIAL_DESTROY_STARTED_MASK),
                 "xrpl::IntrusiveRefCounts::releaseStrongRef : not in partial "
                 "destroy");
             return action;
@@ -288,8 +289,8 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
 {
     using enum ReleaseStrongRefAction;
 
-    static_assert(kWeakDelta > kStrongDelta);
-    static constexpr auto kDelta = kWeakDelta - kStrongDelta;
+    static_assert(kWEAK_DELTA > kSTRONG_DELTA);
+    auto constexpr kDELTA = kWEAK_DELTA - kSTRONG_DELTA;
     auto prevIntVal = refCounts_.load(std::memory_order_acquire);
     // This loop will almost always run once. The loop is needed to atomically
     // change the counts and flags (the count could be atomically changed, but
@@ -311,7 +312,7 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
             "xrpl::IntrusiveRefCounts::addWeakReleaseStrongRef : not in "
             "partial destroy");
 
-        auto nextIntVal = prevIntVal + kDelta;
+        auto nextIntVal = prevIntVal + kDELTA;
         ReleaseStrongRefAction action = NoOp;
         if (prevVal.strong == 1)
         {
@@ -321,14 +322,14 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
             }
             else
             {
-                nextIntVal |= kPartialDestroyStartedMask;
+                nextIntVal |= kPARTIAL_DESTROY_STARTED_MASK;
                 action = PartialDestroy;
             }
         }
         if (refCounts_.compare_exchange_weak(prevIntVal, nextIntVal, std::memory_order_acq_rel))
         {
             XRPL_ASSERT(
-                (!(prevIntVal & kPartialDestroyStartedMask)),
+                (!(prevIntVal & kPARTIAL_DESTROY_STARTED_MASK)),
                 "xrpl::IntrusiveRefCounts::addWeakReleaseStrongRef : not "
                 "started partial destroy");
             return action;
@@ -339,7 +340,7 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
 inline ReleaseWeakRefAction
 IntrusiveRefCounts::releaseWeakRef() const
 {
-    auto prevIntVal = refCounts_.fetch_sub(kWeakDelta, std::memory_order_acq_rel);
+    auto prevIntVal = refCounts_.fetch_sub(kWEAK_DELTA, std::memory_order_acq_rel);
     RefCountPair prev = prevIntVal;
     if (prev.weak == 1 && prev.strong == 0)
     {
@@ -356,7 +357,7 @@ IntrusiveRefCounts::releaseWeakRef() const
         {
             // partial destroy MUST finish before running a full destroy (when
             // using weak pointers)
-            refCounts_.wait(prevIntVal - kWeakDelta, std::memory_order_acquire);
+            refCounts_.wait(prevIntVal - kWEAK_DELTA, std::memory_order_acquire);
         }
         return ReleaseWeakRefAction::Destroy;
     }
@@ -375,7 +376,7 @@ IntrusiveRefCounts::checkoutStrongRefFromWeak() const noexcept
         if (prev.strong == 0u)
             return false;
 
-        desiredValue = curValue + kStrongDelta;
+        desiredValue = curValue + kSTRONG_DELTA;
     }
     return true;
 }
@@ -399,22 +400,23 @@ inline IntrusiveRefCounts::~IntrusiveRefCounts() noexcept
 #ifndef NDEBUG
     auto v = refCounts_.load(std::memory_order_acquire);
     XRPL_ASSERT(
-        (!(v & kValueMask)), "xrpl::IntrusiveRefCounts::~IntrusiveRefCounts : count must be zero");
-    auto t = v & kTagMask;
-    XRPL_ASSERT((!t || t == kTagMask), "xrpl::IntrusiveRefCounts::~IntrusiveRefCounts : valid tag");
+        (!(v & kVALUE_MASK)), "xrpl::IntrusiveRefCounts::~IntrusiveRefCounts : count must be zero");
+    auto t = v & kTAG_MASK;
+    XRPL_ASSERT(
+        (!t || t == kTAG_MASK), "xrpl::IntrusiveRefCounts::~IntrusiveRefCounts : valid tag");
 #endif
 }
 
 //------------------------------------------------------------------------------
 
 inline IntrusiveRefCounts::RefCountPair::RefCountPair(IntrusiveRefCounts::FieldType v) noexcept
-    : strong{static_cast<CountType>(v & kStrongMask)}
-    , weak{static_cast<CountType>((v & kWeakMask) >> kStrongCountNumBits)}
-    , partialDestroyStartedBit{v & kPartialDestroyStartedMask}
-    , partialDestroyFinishedBit{v & kPartialDestroyFinishedMask}
+    : strong{static_cast<CountType>(v & kSTRONG_MASK)}
+    , weak{static_cast<CountType>((v & kWEAK_MASK) >> kSTRONG_COUNT_NUM_BITS)}
+    , partialDestroyStartedBit{v & kPARTIAL_DESTROY_STARTED_MASK}
+    , partialDestroyFinishedBit{v & kPARTIAL_DESTROY_FINISHED_MASK}
 {
     XRPL_ASSERT(
-        (strong < kCheckStrongMaxValue && weak < kCheckWeakMaxValue),
+        (strong < kCHECK_STRONG_MAX_VALUE && weak < kCHECK_WEAK_MAX_VALUE),
         "xrpl::IntrusiveRefCounts::RefCountPair(FieldType) : inputs inside "
         "range");
 }
@@ -425,7 +427,7 @@ inline IntrusiveRefCounts::RefCountPair::RefCountPair(
     : strong{s}, weak{w}
 {
     XRPL_ASSERT(
-        (strong < kCheckStrongMaxValue && weak < kCheckWeakMaxValue),
+        (strong < kCHECK_STRONG_MAX_VALUE && weak < kCHECK_WEAK_MAX_VALUE),
         "xrpl::IntrusiveRefCounts::RefCountPair(CountType, CountType) : "
         "inputs inside range");
 }
@@ -434,11 +436,11 @@ inline IntrusiveRefCounts::FieldType
 IntrusiveRefCounts::RefCountPair::combinedValue() const noexcept
 {
     XRPL_ASSERT(
-        (strong < kCheckStrongMaxValue && weak < kCheckWeakMaxValue),
+        (strong < kCHECK_STRONG_MAX_VALUE && weak < kCHECK_WEAK_MAX_VALUE),
         "xrpl::IntrusiveRefCounts::RefCountPair::combinedValue : inputs "
         "inside range");
     return (static_cast<IntrusiveRefCounts::FieldType>(weak)
-            << IntrusiveRefCounts::kStrongCountNumBits) |
+            << IntrusiveRefCounts::kSTRONG_COUNT_NUM_BITS) |
         static_cast<IntrusiveRefCounts::FieldType>(strong) | partialDestroyStartedBit |
         partialDestroyFinishedBit;
 }
@@ -449,7 +451,7 @@ partialDestructorFinished(T** o)
 {
     T& self = **o;
     IntrusiveRefCounts::RefCountPair const p =
-        self.refCounts_.fetch_or(IntrusiveRefCounts::kPartialDestroyFinishedMask);
+        self.refCounts_.fetch_or(IntrusiveRefCounts::kPARTIAL_DESTROY_FINISHED_MASK);
     XRPL_ASSERT(
         (!p.partialDestroyFinishedBit && p.partialDestroyStartedBit && !p.strong),
         "xrpl::partialDestructorFinished : not a weak ref");

include/xrpl/basics/LocalValue.h

@@ -55,8 +55,8 @@ template <class = void>
 boost::thread_specific_ptr<detail::LocalValues>&
 getLocalValues()
 {
-    static boost::thread_specific_ptr<detail::LocalValues> kTsp(&detail::LocalValues::cleanup);
-    return kTsp;
+    static boost::thread_specific_ptr<detail::LocalValues> kTSP(&detail::LocalValues::cleanup);
+    return kTSP;
 }
 
 }  // namespace detail

include/xrpl/basics/Log.h

@@ -10,11 +10,24 @@
 #include <map>
 #include <memory>
 #include <mutex>
-#include <optional>
 #include <utility>
 
 namespace xrpl {
 
+// DEPRECATED use beast::severities::Severity instead
+// NOLINTNEXTLINE(cppcoreguidelines-use-enum-class)
+enum LogSeverity {
+    LSInvalid = -1,  // used to indicate an invalid severity
+    LSTrace = 0,     // Very low-level progress information, details inside
+                     // an operation
+    LSDebug = 1,     // Function-level progress information, operations
+    LSInfo = 2,      // Server-level progress information, major operations
+    LSWarning = 3,   // Conditions that warrant human attention, may indicate
+                     // a problem
+    LSError = 4,     // A condition that indicates a problem
+    LSFatal = 5      // A severe condition that indicates a server problem
+};
+
 /** Manages partitions for logging. */
 class Logs
 {
@@ -26,17 +39,17 @@ private:
         std::string partition_;
 
     public:
-        Sink(std::string partition, beast::Severity thresh, Logs& logs);
+        Sink(std::string partition, beast::severities::Severity thresh, Logs& logs);
 
         Sink(Sink const&) = delete;
         Sink&
         operator=(Sink const&) = delete;
 
         void
-        write(beast::Severity level, std::string const& text) override;
+        write(beast::severities::Severity level, std::string const& text) override;
 
         void
-        writeAlways(beast::Severity level, std::string const& text) override;
+        writeAlways(beast::severities::Severity level, std::string const& text) override;
     };
 
     /** Manages a system file containing logged output.
@@ -123,12 +136,12 @@ private:
 
     std::mutex mutable mutex_;
     std::map<std::string, std::unique_ptr<beast::Journal::Sink>, boost::beast::iless> sinks_;
-    beast::Severity thresh_;
+    beast::severities::Severity thresh_;
     File file_;
     bool silent_ = false;
 
 public:
-    Logs(beast::Severity level);
+    Logs(beast::severities::Severity level);
 
     Logs(Logs const&) = delete;
     Logs&
@@ -148,18 +161,18 @@ public:
     beast::Journal
     journal(std::string const& name);
 
-    beast::Severity
+    beast::severities::Severity
     threshold() const;
 
     void
-    threshold(beast::Severity thresh);
+    threshold(beast::severities::Severity thresh);
 
     std::vector<std::pair<std::string, std::string>>
     partitionSeverities() const;
 
     void
     write(
-        beast::Severity level,
+        beast::severities::Severity level,
         std::string const& partition,
         std::string const& text,
         bool console);
@@ -179,25 +192,36 @@ public:
     }
 
     virtual std::unique_ptr<beast::Journal::Sink>
-    makeSink(std::string const& partition, beast::Severity startingLevel);
+    makeSink(std::string const& partition, beast::severities::Severity startingLevel);
 
 public:
-    static std::string
-    toString(beast::Severity s);
+    static LogSeverity
+    fromSeverity(beast::severities::Severity level);
 
-    static std::optional<beast::Severity>
+    static beast::severities::Severity
+    toSeverity(LogSeverity level);
+
+    static std::string
+    toString(LogSeverity s);
+
+    static LogSeverity
     fromString(std::string const& s);
 
 private:
-    // Maximum line length for log messages.
-    // If the message exceeds this length it will be truncated with ellipses.
-    static constexpr auto kMaximumMessageCharacters = 12 * 1024;
+    // Need to be named before converting
+    // NOLINTNEXTLINE(cppcoreguidelines-use-enum-class)
+    enum {
+        // Maximum line length for log messages.
+        // If the message exceeds this length it will be truncated with
+        // ellipses.
+        MaximumMessageCharacters = 12 * 1024
+    };
 
     static void
     format(
         std::string& output,
         std::string const& message,
-        beast::Severity severity,
+        beast::severities::Severity severity,
         std::string const& partition);
 };
 

include/xrpl/basics/Number.h

@@ -2,16 +2,12 @@
 
 #include <xrpl/beast/utility/instrumentation.h>
 
-#include <array>
 #include <cstdint>
 #include <functional>
 #include <limits>
 #include <optional>
 #include <ostream>
-#include <set>
-#include <stdexcept>
 #include <string>
-#include <unordered_map>
 
 namespace xrpl {
 
@@ -42,58 +38,17 @@ isPowerOfTen(T value)
     return logTen(value).has_value();
 }
 
-namespace detail {
-
-/** Builds a table of the powers of 10
- *
- * This function is marked consteval, so it can only be run in
- * a constexpr context. This assures that it is and can only be run at
- * compile time. Doing it at runtime would be pretty wasteful and
- * inefficient.
- */
-constexpr std::size_t kInt64Digits = 20;
-consteval std::array<std::uint64_t, kInt64Digits>
-buildPowersOfTen()
-{
-    std::array<std::uint64_t, kInt64Digits> result{};
-
-    std::uint64_t power = 1;
-    std::size_t exponent = 0;
-    // end the loop early so it doesn't overflow;
-    for (; exponent < result.size() - 1; ++exponent, power *= 10)
-    {
-        result[exponent] = power;
-        if (power > std::numeric_limits<std::uint64_t>::max() / 10)
-            throw std::logic_error("Power of 10 table is too big");
-    }
-    result[exponent] = power;
-    if (power < std::numeric_limits<std::uint64_t>::max() / 10)
-        throw std::logic_error("Power of 10 table is not big enough for the uint64_t type");
-
-    return result;
-}
-
-}  // namespace detail
-
-constexpr std::array<std::uint64_t, detail::kInt64Digits> kPowerOfTen = detail::buildPowersOfTen();
-
-static_assert(kPowerOfTen[0] == 1);
-static_assert(kPowerOfTen[1] == 10);
-static_assert(kPowerOfTen[10] == 10'000'000'000);
-static_assert(
-    isPowerOfTen(kPowerOfTen.back()) && *logTen(kPowerOfTen.back()) == detail::kInt64Digits - 1);
-
 /** MantissaRange defines a range for the mantissa of a normalized Number.
  *
  * The mantissa is in the range [min, max], where
  * * min is a power of 10, and
  * * max = min * 10 - 1.
  *
- * The MantissaScale enum indicates properties of the range: size, and some behavioral
- * options. This intentionally restricts the number of unique MantissaRanges that can
- * be instantiated: one for each scale.
+ * The mantissa_scale enum indicates whether the range is "small" or "large".
+ * This intentionally restricts the number of MantissaRanges that can be
+ * instantiated to two: one for each scale.
  *
- * The "Small" scale is based on the behavior of STAmount for IOUs. It has a min
+ * The "small" scale is based on the behavior of STAmount for IOUs. It has a min
  * value of 10^15, and a max value of 10^16-1. This was sufficient for
  * uses before Lending Protocol was implemented, mostly related to AMM.
  *
@@ -104,100 +59,46 @@ static_assert(
  * STNumber field type, and for internal calculations. That necessitated the
  * "large" scale.
  *
- * The "Large" scales are intended to represent all values that can be represented
+ * The "large" scale is intended to represent all values that can be represented
  * by an STAmount - IOUs, XRP, and MPTs. It has a min value of 10^18, and a max
- * value of 10^19-1. "LargeLegacy" is like "Large", but preserves
- * a rounding error when a computation results in a mantissa of
- * Number::kMaxRep that needs to be rounded up, but rounds down
- * instead. It will maintain consistent behavior until the fixCleanup3_2_0
- * amendment is enabled.
+ * value of 10^19-1.
  *
  * Note that if the mentioned amendments are eventually retired, this class
- * should be left in place, but the "Small" scale option should be removed. This
+ * should be left in place, but the "small" scale option should be removed. This
  * will allow for future expansion beyond 64-bits if it is ever needed.
  */
-struct MantissaRange final
+struct MantissaRange
 {
     using rep = std::uint64_t;
+    enum class MantissaScale { Small, Large };
 
-    enum class MantissaScale {
-        Small,
-        // LargeLegacy can be removed when fixCleanup3_2_0 is retired
-        LargeLegacy,
-        Large,
-    };
-
-    // This entire enum can be removed when fixCleanup3_2_0 is retired
-    enum class CuspRoundingFix : bool {
-        Disabled = false,
-        Enabled = true,
-    };
-
-    explicit constexpr MantissaRange(MantissaScale sc) : scale(sc)
+    explicit constexpr MantissaRange(MantissaScale scale)
+        : min(getMin(scale)), log(logTen(min).value_or(-1)), scale(scale)
     {
     }
 
-    MantissaScale const scale;
-    int const log{getExponent(scale)};
-    rep const min{getMin(scale, log)};
-    rep const max{(min * 10) - 1};
-    CuspRoundingFix const cuspRoundingFixEnabled{isCuspFixEnabled(scale)};
-
-    static MantissaRange const&
-    getMantissaRange(MantissaScale scale);
-
-    static std::set<MantissaScale> const&
-    getAllScales();
+    rep min;
+    rep max{(min * 10) - 1};
+    int log;
+    MantissaScale scale;
 
 private:
-    static constexpr int
-    getExponent(MantissaScale scale)
+    static constexpr rep
+    getMin(MantissaScale scale)
     {
         switch (scale)
         {
             case MantissaScale::Small:
-                return 15;
-            case MantissaScale::LargeLegacy:
+                return 1'000'000'000'000'000ULL;
             case MantissaScale::Large:
-                return 18;
-            // LCOV_EXCL_START
+                return 1'000'000'000'000'000'000ULL;
             default:
-                // If called in a constexpr context, this throw assures that the build fails if an
+                // Since this can never be called outside a non-constexpr
+                // context, this throw assures that the build fails if an
                 // invalid scale is used.
                 throw std::runtime_error("Unknown mantissa scale");
-                // LCOV_EXCL_STOP
         }
     }
-
-    // Keep this function for future use with different ways to compute
-    // the ranges.
-    static constexpr rep
-    getMin(MantissaScale scale, int exponent)
-    {
-        if (exponent < 0 || exponent >= kPowerOfTen.size())
-            throw std::runtime_error("Invalid exponent");  // LCOV_EXCL_LINE
-        return kPowerOfTen[exponent];
-    }
-
-    static constexpr CuspRoundingFix
-    isCuspFixEnabled(MantissaScale scale)
-    {
-        switch (scale)
-        {
-            case MantissaScale::Small:
-            case MantissaScale::LargeLegacy:
-                return CuspRoundingFix::Disabled;
-            case MantissaScale::Large:
-                return CuspRoundingFix::Enabled;
-            default:
-                // If called in a constexpr context, this throw assures that the build fails if an
-                // invalid scale is used.
-                throw std::runtime_error("Unknown mantissa scale");  // LCOV_EXCL_LINE
-        }
-    }
-
-    static std::unordered_map<MantissaScale, MantissaRange> const&
-    getRanges();
 };
 
 // Like std::integral, but only 64-bit integral types.
@@ -302,7 +203,7 @@ concept Integral64 = std::is_same_v<T, std::int64_t> || std::is_same_v<T, std::u
  * amendments are enabled to determine which result to expect.
  *
  */
-class Number final
+class Number
 {
     using rep = std::int64_t;
     using internalrep = MantissaRange::rep;
@@ -313,12 +214,12 @@ class Number final
 
 public:
     // The range for the exponent when normalized
-    static constexpr int kMinExponent = -32768;
-    static constexpr int kMaxExponent = 32768;
+    constexpr static int kMIN_EXPONENT = -32768;
+    constexpr static int kMAX_EXPONENT = 32768;
 
-    static constexpr internalrep kMaxRep = std::numeric_limits<rep>::max();
-    static_assert(kMaxRep == 9'223'372'036'854'775'807);
-    static_assert(-kMaxRep == std::numeric_limits<rep>::min() + 1);
+    constexpr static internalrep kMAX_REP = std::numeric_limits<rep>::max();
+    static_assert(kMAX_REP == 9'223'372'036'854'775'807);
+    static_assert(-kMAX_REP == std::numeric_limits<rep>::min() + 1);
 
     // May need to make unchecked private
     struct Unchecked
@@ -408,40 +309,33 @@ public:
     }
 
     friend constexpr bool
-    operator<(Number const& l, Number const& r) noexcept
+    operator<(Number const& x, Number const& y) noexcept
     {
-        bool const lneg = l.negative_;
-        bool const rneg = r.negative_;
-
         // If the two amounts have different signs (zero is treated as positive)
         // then the comparison is true iff the left is negative.
+        bool const lneg = x.negative_;
+        bool const rneg = y.negative_;
+
         if (lneg != rneg)
             return lneg;
 
-        // Both have same sign and the left is zero: both must be non-negative.
-        // If the right is greater than 0, then it is larger, so the comparison is true.
-        if (l.mantissa_ == 0)
-            return r.mantissa_ > 0;
+        // Both have same sign and the left is zero: the right must be
+        // greater than 0.
+        if (x.mantissa_ == 0)
+            return y.mantissa_ > 0;
 
-        // Both have same sign, the right is zero and the left is non-zero, so the left must be
-        // positive, and thus is larger, so the comparison is false.
-        if (r.mantissa_ == 0)
+        // Both have same sign, the right is zero and the left is non-zero.
+        if (y.mantissa_ == 0)
             return false;
 
         // Both have the same sign, compare by exponents:
-        if (l.exponent_ > r.exponent_)
+        if (x.exponent_ > y.exponent_)
             return lneg;
-        if (l.exponent_ < r.exponent_)
+        if (x.exponent_ < y.exponent_)
             return !lneg;
 
-        // If equal signs and exponents, compare mantissas.
-        if (lneg)
-        {
-            // If negative, the operator is reversed.
-            return l.mantissa_ > r.mantissa_;
-        }
-
-        return l.mantissa_ < r.mantissa_;
+        // If equal exponents, compare mantissas
+        return x.mantissa_ < y.mantissa_;
     }
 
     /** Return the sign of the amount */
@@ -515,48 +409,69 @@ public:
     static internalrep
     minMantissa()
     {
-        return kRange.get().min;
+        return kRANGE.get().min;
     }
 
     static internalrep
     maxMantissa()
     {
-        return kRange.get().max;
+        return kRANGE.get().max;
     }
 
     static int
     mantissaLog()
     {
-        return kRange.get().log;
+        return kRANGE.get().log;
     }
 
+    /// oneSmall is needed because the ranges are private
+    constexpr static Number
+    oneSmall();
+    /// oneLarge is needed because the ranges are private
+    constexpr static Number
+    oneLarge();
+
+    // And one is needed because it needs to choose between oneSmall and
+    // oneLarge based on the current range
     static Number
     one();
 
-    template <
-        auto MinMantissa,
-        auto MaxMantissa,
-        Integral64 T = std::decay_t<decltype(MinMantissa)>>
+    template <Integral64 T>
     [[nodiscard]]
     std::pair<T, int>
-    normalizeToRange() const;
+    normalizeToRange(T minMantissa, T maxMantissa) const;
 
 private:
     static thread_local RoundingMode mode;
     // The available ranges for mantissa
 
+    constexpr static MantissaRange kSMALL_RANGE{MantissaRange::MantissaScale::Small};
+    static_assert(isPowerOfTen(kSMALL_RANGE.min));
+    static_assert(kSMALL_RANGE.min == 1'000'000'000'000'000LL);
+    static_assert(kSMALL_RANGE.max == 9'999'999'999'999'999LL);
+    static_assert(kSMALL_RANGE.log == 15);
+    static_assert(kSMALL_RANGE.min < kMAX_REP);
+    static_assert(kSMALL_RANGE.max < kMAX_REP);
+    constexpr static MantissaRange kLARGE_RANGE{MantissaRange::MantissaScale::Large};
+    static_assert(isPowerOfTen(kLARGE_RANGE.min));
+    static_assert(kLARGE_RANGE.min == 1'000'000'000'000'000'000ULL);
+    static_assert(kLARGE_RANGE.max == internalrep(9'999'999'999'999'999'999ULL));
+    static_assert(kLARGE_RANGE.log == 18);
+    static_assert(kLARGE_RANGE.min < kMAX_REP);
+    static_assert(kLARGE_RANGE.max > kMAX_REP);
+
     // The range for the mantissa when normalized.
     // Use reference_wrapper to avoid making copies, and prevent accidentally
     // changing the values inside the range.
-    static thread_local std::reference_wrapper<MantissaRange const> kRange;
+    static thread_local std::reference_wrapper<MantissaRange const> kRANGE;
 
     void
-    normalize(MantissaRange const& range);
+    normalize();
 
     /** Normalize Number components to an arbitrary range.
      *
      * min/maxMantissa are parameters because this function is used by both
-     * normalize(), which reads from kRange, and by normalizeToRange,
+     * normalize(), which reads from kRANGE, and by normalizeToRange,
      * which is public and can accept an arbitrary range from the caller.
      */
     template <class T>
@@ -566,8 +481,7 @@ private:
         T& mantissa,
         int& exponent,
         internalrep const& minMantissa,
-        internalrep const& maxMantissa,
-        MantissaRange::CuspRoundingFix cuspRoundingFixEnabled);
+        internalrep const& maxMantissa);
 
     template <class T>
     friend void
@@ -576,9 +490,7 @@ private:
         T& mantissa,
         int& exponent,
         MantissaRange::rep const& minMantissa,
-        MantissaRange::rep const& maxMantissa,
-        MantissaRange::CuspRoundingFix cuspRoundingFixEnabled,
-        bool dropped);
+        MantissaRange::rep const& maxMantissa);
 
     [[nodiscard]] bool
     isnormal() const noexcept;
@@ -609,12 +521,12 @@ constexpr Number::Number(internalrep mantissa, int exponent, Unchecked) noexcept
 {
 }
 
-static constexpr Number kNumZero{};
+constexpr static Number kNUM_ZERO{};
 
 inline Number::Number(bool negative, internalrep mantissa, int exponent, Normalized)
     : Number(negative, mantissa, exponent, Unchecked{})
 {
-    normalize(kRange);
+    normalize();
 }
 
 inline Number::Number(internalrep mantissa, int exponent, Normalized)
@@ -640,10 +552,10 @@ constexpr Number::rep
 Number::mantissa() const noexcept
 {
     auto m = mantissa_;
-    if (m > kMaxRep)
+    if (m > kMAX_REP)
     {
         XRPL_ASSERT_PARTS(
-            !isnormal() || (m % 10 == 0 && m / 10 <= kMaxRep),
+            !isnormal() || (m % 10 == 0 && m / 10 <= kMAX_REP),
             "xrpl::Number::mantissa",
             "large normalized mantissa has no remainder");
         m /= 10;
@@ -661,10 +573,10 @@ constexpr int
 Number::exponent() const noexcept
 {
     auto e = exponent_;
-    if (mantissa_ > kMaxRep)
+    if (mantissa_ > kMAX_REP)
     {
         XRPL_ASSERT_PARTS(
-            !isnormal() || (mantissa_ % 10 == 0 && mantissa_ / 10 <= kMaxRep),
+            !isnormal() || (mantissa_ % 10 == 0 && mantissa_ / 10 <= kMAX_REP),
             "xrpl::Number::exponent",
             "large normalized mantissa has no remainder");
         ++e;
@@ -759,46 +671,35 @@ operator/(Number const& x, Number const& y)
 inline Number
 Number::min() noexcept
 {
-    return Number{false, kRange.get().min, kMinExponent, Unchecked{}};
+    return Number{false, kRANGE.get().min, kMIN_EXPONENT, Unchecked{}};
 }
 
 inline Number
 Number::max() noexcept
 {
-    return Number{false, std::min(kRange.get().max, kMaxRep), kMaxExponent, Unchecked{}};
+    return Number{false, std::min(kRANGE.get().max, kMAX_REP), kMAX_EXPONENT, Unchecked{}};
 }
 
 inline Number
 Number::lowest() noexcept
 {
-    return Number{true, std::min(kRange.get().max, kMaxRep), kMaxExponent, Unchecked{}};
+    return Number{true, std::min(kRANGE.get().max, kMAX_REP), kMAX_EXPONENT, Unchecked{}};
 }
 
 inline bool
 Number::isnormal() const noexcept
 {
-    MantissaRange const& range = kRange;
+    MantissaRange const& range = kRANGE;
     auto const absM = mantissa_;
     return *this == Number{} ||
-        (range.min <= absM && absM <= range.max && (absM <= kMaxRep || absM % 10 == 0) &&
-         kMinExponent <= exponent_ && exponent_ <= kMaxExponent);
+        (range.min <= absM && absM <= range.max && (absM <= kMAX_REP || absM % 10 == 0) &&
+         kMIN_EXPONENT <= exponent_ && exponent_ <= kMAX_EXPONENT);
 }
 
-template <auto MinMantissa, auto MaxMantissa, Integral64 T>
+template <Integral64 T>
 std::pair<T, int>
-Number::normalizeToRange() const
+Number::normalizeToRange(T minMantissa, T maxMantissa) const
 {
-    static_assert(std::is_same_v<T, std::uint64_t> || std::is_same_v<T, std::int64_t>);
-    static_assert(std::is_same_v<T, std::decay_t<decltype(MinMantissa)>>);
-    static_assert(std::is_same_v<T, std::decay_t<decltype(MaxMantissa)>>);
-    auto constexpr kMIN = static_cast<T>(MinMantissa);
-    auto constexpr kMAX = static_cast<T>(MaxMantissa);
-    static_assert(kMIN > 0);
-    static_assert(kMIN % 10 == 0);
-    static_assert(isPowerOfTen(kMIN));
-    static_assert(kMAX % 10 == 9);
-    static_assert((kMAX + 1) / 10 == kMIN);
-
     bool negative = negative_;
     internalrep mantissa = mantissa_;
     int exponent = exponent_;
@@ -810,10 +711,7 @@ Number::normalizeToRange() const
             "xrpl::Number::normalizeToRange",
             "Number is non-negative for unsigned range.");
     }
-    // Don't need to worry about the cuspRounding fix because rounding up will never take the
-    // mantissa over maxMantissa with a ones digit value other than 0. 0 can safely be truncated.
-    Number::normalize(
-        negative, mantissa, exponent, kMIN, kMAX, MantissaRange::CuspRoundingFix::Disabled);
+    Number::normalize(negative, mantissa, exponent, minMantissa, maxMantissa);
 
     auto const sign = negative ? -1 : 1;
     return std::make_pair(static_cast<T>(sign * mantissa), exponent);
@@ -865,8 +763,6 @@ to_string(MantissaRange::MantissaScale const& scale)
     {
         case MantissaRange::MantissaScale::Small:
             return "small";
-        case MantissaRange::MantissaScale::LargeLegacy:
-            return "largeLegacy";
         case MantissaRange::MantissaScale::Large:
             return "large";
         default:

include/xrpl/basics/SHAMapHash.h

@@ -21,12 +21,12 @@ public:
     }
 
     [[nodiscard]] uint256 const&
-    asUInt256() const
+    asUint256() const
     {
         return hash_;
     }
     uint256&
-    asUInt256()
+    asUint256()
     {
         return hash_;
     }
@@ -93,7 +93,7 @@ template <>
 inline std::size_t
 extract(SHAMapHash const& key)
 {
-    return *reinterpret_cast<std::size_t const*>(key.asUInt256().data());
+    return *reinterpret_cast<std::size_t const*>(key.asUint256().data());
 }
 
 }  // namespace xrpl

include/xrpl/basics/SharedWeakCachePointer.ipp

@@ -57,10 +57,10 @@ template <class T>
 std::shared_ptr<T> const&
 SharedWeakCachePointer<T>::getStrong() const
 {
-    static std::shared_ptr<T> const kEmpty;
+    static std::shared_ptr<T> const kEMPTY;
     if (auto p = std::get_if<std::shared_ptr<T>>(&combo_))
         return *p;
-    return kEmpty;
+    return kEMPTY;
 }
 
 template <class T>

include/xrpl/basics/StringUtilities.h

@@ -7,12 +7,9 @@
 #include <boost/utility/string_view.hpp>
 
 #include <array>
-#include <concepts>
 #include <cstdint>
 #include <optional>
 #include <string>
-#include <string_view>
-#include <type_traits>
 
 namespace xrpl {
 
@@ -29,39 +26,28 @@ namespace xrpl {
 std::string
 sqlBlobLiteral(Blob const& blob);
 
-namespace detail {
-
-template <typename T>
-concept SomeChar = std::same_as<std::remove_cvref_t<T>, int8_t> ||
-    std::same_as<std::remove_cvref_t<T>, char> || std::same_as<std::remove_cvref_t<T>, uint8_t>;
-
-inline constexpr std::array<std::optional<int>, 256> const kDigitLookupTable = []() {
-    std::array<std::optional<int>, 256> t{};
-
-    for (int i = 0; i < 10; ++i)
-        t['0' + i] = i;
-
-    for (int i = 0; i < 6; ++i)
-    {
-        t['A' + i] = 10 + i;
-        t['a' + i] = 10 + i;
-    }
-
-    return t;
-}();
-
-inline std::optional<int>
-hexCharToInt(SomeChar auto hexChar)
-{
-    return kDigitLookupTable[static_cast<uint8_t>(hexChar)];
-}
-
-}  // namespace detail
-
 template <class Iterator>
 std::optional<Blob>
 strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 {
+    static constexpr std::array<int, 256> const kDIGIT_LOOKUP_TABLE = []() {
+        std::array<int, 256> t{};
+
+        for (auto& x : t)
+            x = -1;
+
+        for (int i = 0; i < 10; ++i)
+            t['0' + i] = i;
+
+        for (int i = 0; i < 6; ++i)
+        {
+            t['A' + i] = 10 + i;
+            t['a' + i] = 10 + i;
+        }
+
+        return t;
+    }();
+
     Blob out;
 
     out.reserve((strSize + 1) / 2);
@@ -70,33 +56,40 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     if (strSize & 1)
     {
-        auto const c = detail::hexCharToInt(*iter++);
-        if (!c.has_value())
+        int c = kDIGIT_LOOKUP_TABLE[*iter++];
+
+        if (c < 0)
             return {};
 
-        out.push_back(static_cast<unsigned char>(*c));
+        out.push_back(c);
     }
 
     while (iter != end)
     {
-        auto const cHigh = detail::hexCharToInt(*iter++);
+        int const cHigh = kDIGIT_LOOKUP_TABLE[*iter++];
 
-        if (!cHigh.has_value())
+        if (cHigh < 0)
             return {};
 
-        auto const cLow = detail::hexCharToInt(*iter++);
+        int const cLow = kDIGIT_LOOKUP_TABLE[*iter++];
 
-        if (!cLow.has_value())
+        if (cLow < 0)
             return {};
 
-        out.push_back(static_cast<unsigned char>((*cHigh << 4) | *cLow));
+        out.push_back(static_cast<unsigned char>((cHigh << 4) | cLow));
     }
 
     return {std::move(out)};
 }
 
 inline std::optional<Blob>
-strUnHex(std::string_view strSrc)
+strUnHex(std::string const& strSrc)
+{
+    return strUnHex(strSrc.size(), strSrc.cbegin(), strSrc.cend());
+}
+
+inline std::optional<Blob>
+strViewUnHex(std::string_view strSrc)
 {
     return strUnHex(strSrc.size(), strSrc.cbegin(), strSrc.cend());
 }
@@ -127,7 +120,7 @@ std::string
 trimWhitespace(std::string str);
 
 std::optional<std::uint64_t>
-toUInt64(std::string const& s);
+toUint64(std::string const& s);
 
 /** Determines if the given string looks like a TOML-file hosting domain.
 

include/xrpl/basics/TaggedCache.h

@@ -157,7 +157,7 @@ public:
     /** Fetch an item from the cache.
         If the digest was not found, Handler
         will be called with this signature:
-            SLE::const_pointer(void)
+            std::shared_ptr<SLE const>(void)
     */
     template <class Handler>
     SharedPointerType
@@ -181,14 +181,14 @@ private:
             beast::insight::Collector::ptr const& collector)
             : hook(collector->makeHook(handler))
             , size(collector->makeGauge(prefix, "size"))
-            , hitRate(collector->makeGauge(prefix, "hit_rate"))
+            , hit_rate(collector->makeGauge(prefix, "hit_rate"))
 
         {
         }
 
         beast::insight::Hook hook;
         beast::insight::Gauge size;
-        beast::insight::Gauge hitRate;
+        beast::insight::Gauge hit_rate;
 
         std::size_t hits{0};
         std::size_t misses{0};
@@ -197,16 +197,16 @@ private:
     class KeyOnlyEntry
     {
     public:
-        clock_type::time_point lastAccess;
+        clock_type::time_point last_access;
 
-        explicit KeyOnlyEntry(clock_type::time_point const& lastAccess) : lastAccess(lastAccess)
+        explicit KeyOnlyEntry(clock_type::time_point const& lastAccess) : last_access(lastAccess)
         {
         }
 
         void
         touch(clock_type::time_point const& now)
         {
-            lastAccess = now;
+            last_access = now;
         }
     };
 
@@ -214,10 +214,10 @@ private:
     {
     public:
         shared_weak_combo_pointer_type ptr;
-        clock_type::time_point lastAccess;
+        clock_type::time_point last_access;
 
         ValueEntry(clock_type::time_point const& lastAccess, shared_pointer_type const& ptr)
-            : ptr(ptr), lastAccess(lastAccess)
+            : ptr(ptr), last_access(lastAccess)
         {
         }
 
@@ -246,7 +246,7 @@ private:
         void
         touch(clock_type::time_point const& now)
         {
-            lastAccess = now;
+            last_access = now;
         }
     };
 
@@ -286,13 +286,13 @@ private:
     std::string name_;
 
     // Desired number of cache entries (0 = ignore)
-    int const targetSize_;
+    int const target_size_;
 
     // Desired maximum cache age
-    clock_type::duration const targetAge_;
+    clock_type::duration const target_age_;
 
     // Number of items cached
-    int cacheCount_{0};
+    int cache_count_{0};
     cache_type cache_;  // Hold strong reference to recent objects
     std::uint64_t hits_{0};
     std::uint64_t misses_{0};

include/xrpl/basics/TaggedCache.ipp

@@ -34,8 +34,8 @@ inline TaggedCache<
     , clock_(clock)
     , stats_(name, std::bind(&TaggedCache::collectMetrics, this), collector)
     , name_(name)
-    , targetSize_(size)
-    , targetAge_(expiration)
+    , target_size_(size)
+    , target_age_(expiration)
 {
 }
 
@@ -86,7 +86,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
     getCacheSize() const
 {
     std::scoped_lock const lock(mutex_);
-    return cacheCount_;
+    return cache_count_;
 }
 
 template <
@@ -139,7 +139,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
 {
     std::scoped_lock const lock(mutex_);
     cache_.clear();
-    cacheCount_ = 0;
+    cache_count_ = 0;
 }
 
 template <
@@ -157,7 +157,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
 {
     std::scoped_lock const lock(mutex_);
     cache_.clear();
-    cacheCount_ = 0;
+    cache_count_ = 0;
     hits_ = 0;
     misses_ = 0;
 }
@@ -213,21 +213,21 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
     {
         std::scoped_lock const lock(mutex_);
 
-        if (targetSize_ == 0 || (static_cast<int>(cache_.size()) <= targetSize_))
+        if (target_size_ == 0 || (static_cast<int>(cache_.size()) <= target_size_))
         {
-            whenExpire = now - targetAge_;
+            whenExpire = now - target_age_;
         }
         else
         {
-            whenExpire = now - (targetAge_ * targetSize_ / cache_.size());
+            whenExpire = now - (target_age_ * target_size_ / cache_.size());
 
             clock_type::duration const minimumAge(std::chrono::seconds(1));
             if (whenExpire > (now - minimumAge))
                 whenExpire = now - minimumAge;
 
             JLOG(journal_.trace())
-                << name_ << " is growing fast " << cache_.size() << " of " << targetSize_
-                << " aging at " << (now - whenExpire).count() << " of " << targetAge_.count();
+                << name_ << " is growing fast " << cache_.size() << " of " << target_size_
+                << " aging at " << (now - whenExpire).count() << " of " << target_age_.count();
         }
 
         std::vector<std::thread> workers;
@@ -242,7 +242,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
         for (std::thread& worker : workers)
             worker.join();
 
-        cacheCount_ -= allRemovals;
+        cache_count_ -= allRemovals;
     }
     // At this point allStuffToSweep will go out of scope outside the lock
     // and decrement the reference count on each strong pointer.
@@ -280,7 +280,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
 
     if (entry.isCached())
     {
-        --cacheCount_;
+        --cache_count_;
         entry.ptr.convertToWeak();
         ret = true;
     }
@@ -317,7 +317,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
             std::piecewise_construct,
             std::forward_as_tuple(key),
             std::forward_as_tuple(clock_.now(), data));
-        ++cacheCount_;
+        ++cache_count_;
         return false;
     }
 
@@ -366,12 +366,12 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
             data = cachedData;
         }
 
-        ++cacheCount_;
+        ++cache_count_;
         return true;
     }
 
     entry.ptr = data;
-    ++cacheCount_;
+    ++cache_count_;
 
     return false;
 }
@@ -477,7 +477,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
     auto [it, inserted] = cache_.emplace(
         std::piecewise_construct, std::forward_as_tuple(key), std::forward_as_tuple(now));
     if (!inserted)
-        it->second.lastAccess = now;
+        it->second.last_access = now;
     return inserted;
 }
 
@@ -626,7 +626,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
     if (entry.isCached())
     {
         // independent of cache size, so not counted as a hit
-        ++cacheCount_;
+        ++cache_count_;
         entry.touch(clock_.now());
         return entry.ptr.getStrong();
     }
@@ -658,7 +658,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
             if (total != 0)
                 hitRate = (hits_ * 100) / total;
         }
-        stats_.hitRate.set(hitRate);
+        stats_.hit_rate.set(hitRate);
     }
 }
 
@@ -706,7 +706,7 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
                         ++cit;
                     }
                 }
-                else if (cit->second.lastAccess <= whenExpire)
+                else if (cit->second.last_access <= whenExpire)
                 {
                     // strong, expired
                     ++cacheRemovals;
@@ -773,12 +773,12 @@ TaggedCache<Key, T, IsKeyCache, SharedWeakUnionPointer, SharedPointerType, Hash,
             auto cit = partition.begin();
             while (cit != partition.end())
             {
-                if (cit->second.lastAccess > now)
+                if (cit->second.last_access > now)
                 {
-                    cit->second.lastAccess = now;
+                    cit->second.last_access = now;
                     ++cit;
                 }
-                else if (cit->second.lastAccess <= whenExpire)
+                else if (cit->second.last_access <= whenExpire)
                 {
                     cit = partition.erase(cit);
                 }

include/xrpl/basics/UptimeClock.h

@@ -30,8 +30,8 @@ public:
     now();  // seconds since xrpld program start
 
 private:
-    static std::atomic<rep> kNow;
-    static std::atomic<bool> kStop;
+    static std::atomic<rep> kNOW;
+    static std::atomic<bool> kSTOP;
 
     struct UpdateThread : private std::thread
     {

include/xrpl/basics/base64.h

@@ -36,7 +36,6 @@
 
 #include <cstdint>
 #include <string>
-#include <string_view>
 
 namespace xrpl {
 
@@ -44,7 +43,7 @@ std::string
 base64Encode(std::uint8_t const* data, std::size_t len);
 
 inline std::string
-base64Encode(std::string_view s)
+base64Encode(std::string const& s)
 {
     return base64Encode(reinterpret_cast<std::uint8_t const*>(s.data()), s.size());
 }

include/xrpl/basics/base_uint.h

@@ -5,6 +5,7 @@
 
 #pragma once
 
+#include <xrpl/basics/Expected.h>
 #include <xrpl/basics/Slice.h>
 #include <xrpl/basics/contract.h>
 #include <xrpl/basics/hardened_hash.h>
@@ -19,7 +20,6 @@
 #include <algorithm>
 #include <array>
 #include <cstring>
-#include <expected>
 #include <type_traits>
 
 namespace xrpl {
@@ -46,11 +46,6 @@ struct IsContiguousContainer<Slice> : std::true_type
 {
 };
 
-template <typename...>
-struct AlwaysFalseT : std::bool_constant<false>
-{
-};
-
 }  // namespace detail
 
 /** Integers of any length that is a multiple of 32-bits
@@ -67,18 +62,18 @@ struct AlwaysFalseT : std::bool_constant<false>
                       number of bits.
  */
 template <std::size_t Bits, class Tag = void>
-class BaseUInt
+class BaseUint
 {
     static_assert((Bits % 32) == 0, "The length of a base_uint in bits must be a multiple of 32.");
 
     static_assert(Bits >= 64, "The length of a base_uint in bits must be at least 64.");
 
-    static constexpr std::size_t kWidth = Bits / 32;
+    static constexpr std::size_t kWIDTH = Bits / 32;
 
     // This is really big-endian in byte order.
     // We sometimes use std::uint32_t for speed.
 
-    std::array<std::uint32_t, kWidth> data_{};
+    std::array<std::uint32_t, kWIDTH> data_;
 
 public:
     //--------------------------------------------------------------------------
@@ -86,8 +81,8 @@ public:
     // STL Container Interface
     //
 
-    static constexpr std::size_t kBytes = Bits / 8;
-    static_assert(sizeof(data_) == kBytes, "");
+    static std::size_t constexpr kBYTES = Bits / 8;
+    static_assert(sizeof(data_) == kBYTES, "");
 
     using size_type = std::size_t;
     using difference_type = std::ptrdiff_t;
@@ -121,7 +116,7 @@ public:
     iterator
     end()
     {
-        return data() + kBytes;
+        return data() + kBYTES;
     }
     [[nodiscard]] const_iterator
     begin() const
@@ -131,7 +126,7 @@ public:
     [[nodiscard]] const_iterator
     end() const
     {
-        return data() + kBytes;
+        return data() + kBYTES;
     }
     [[nodiscard]] const_iterator
     cbegin() const
@@ -141,7 +136,7 @@ public:
     [[nodiscard]] const_iterator
     cend() const
     {
-        return data() + kBytes;
+        return data() + kBYTES;
     }
 
     /** Value hashing function.
@@ -165,9 +160,9 @@ private:
         explicit VoidHelper() = default;
     };
 
-    explicit BaseUInt(void const* data, VoidHelper)
+    explicit BaseUint(void const* data, VoidHelper)
     {
-        memcpy(data_.data(), data, kBytes);
+        memcpy(data_.data(), data, kBYTES);
     }
 
     // Helper function to initialize a base_uint from a std::string_view.
@@ -177,7 +172,7 @@ private:
         BadChar,
     };
 
-    constexpr std::expected<decltype(data_), ParseResult>
+    constexpr Expected<decltype(data_), ParseResult>
     parseFromStringView(std::string_view sv) noexcept
     {
         // Local lambda that converts a single hex char to four bits and
@@ -216,7 +211,7 @@ private:
         }
 
         if (sv.size() != size() * 2)
-            return std::unexpected(ParseResult::BadLength);
+            return Unexpected(ParseResult::BadLength);
 
         std::size_t i = 0u;
         auto in = sv.begin();
@@ -227,7 +222,7 @@ private:
             {
                 if (auto const result = hexCharToUInt(*in++, shift, accum);
                     result != ParseResult::Okay)
-                    return std::unexpected(result);
+                    return Unexpected(result);
             }
             ret[i++] = accum;
         }
@@ -249,15 +244,15 @@ private:
     }
 
 public:
-    constexpr BaseUInt() : data_{}
+    constexpr BaseUint() : data_{}
     {
     }
 
-    constexpr BaseUInt(beast::Zero) : data_{}
+    constexpr BaseUint(beast::Zero) : data_{}
     {
     }
 
-    explicit BaseUInt(std::uint64_t b)
+    explicit BaseUint(std::uint64_t b)
     {
         *this = b;
     }
@@ -265,7 +260,7 @@ public:
     // This constructor is intended to be used at compile time since it might
     // throw at runtime.  Consider declaring this constructor consteval once
     // we get to C++23.
-    explicit constexpr BaseUInt(std::string_view sv) noexcept(false)
+    explicit constexpr BaseUint(std::string_view sv) noexcept(false)
         : data_(parseFromStringViewThrows(sv))
     {
     }
@@ -275,42 +270,24 @@ public:
         class = std::enable_if_t<
             detail::IsContiguousContainer<Container>::value &&
             std::is_trivially_copyable_v<typename Container::value_type>>>
-    explicit BaseUInt(Container const& c)
+    explicit BaseUint(Container const& c)
     {
-        // Use AlwaysFalseT so the static_assert condition is dependent
-        // and only triggers when this constructor template is instantiated.
-        static_assert(
-            detail::AlwaysFalseT<Container>::value,
-            "This constructor is not intended to be used and will be soon removed. "
-            "Use base_uint::fromRaw instead.");
-    }
-
-    template <
-        class Container,
-        class = std::enable_if_t<
-            detail::IsContiguousContainer<Container>::value &&
-            std::is_trivially_copyable_v<typename Container::value_type>>>
-    static BaseUInt
-    fromRaw(Container const& c)
-    {
-        BaseUInt result;
         XRPL_ASSERT(
             c.size() * sizeof(typename Container::value_type) == size(),
-            "xrpl::BaseUInt::fromRaw(Container auto) : input size match");
-        std::memcpy(result.data_.data(), c.data(), size());
-        return result;
+            "xrpl::base_uint::base_uint(Container auto) : input size match");
+        std::memcpy(data_.data(), c.data(), size());
     }
 
     template <class Container>
     std::enable_if_t<
         detail::IsContiguousContainer<Container>::value &&
             std::is_trivially_copyable_v<typename Container::value_type>,
-        BaseUInt&>
+        BaseUint&>
     operator=(Container const& c)
     {
         XRPL_ASSERT(
             c.size() * sizeof(typename Container::value_type) == size(),
-            "xrpl::BaseUInt::operator=(Container auto) : input size match");
+            "xrpl::base_uint::operator=(Container auto) : input size match");
         std::memcpy(data_.data(), c.data(), size());
         return *this;
     }
@@ -318,14 +295,14 @@ public:
     /* Construct from a raw pointer.
         The buffer pointed to by `data` must be at least Bits/8 bytes.
     */
-    static BaseUInt
+    static BaseUint
     fromVoid(void const* data)
     {
-        return BaseUInt(data, VoidHelper());
+        return BaseUint(data, VoidHelper());
     }
 
     template <class T>
-    static std::optional<BaseUInt>
+    static std::optional<BaseUint>
     fromVoidChecked(T const& from)
     {
         if (from.size() != size())
@@ -336,7 +313,7 @@ public:
     [[nodiscard]] constexpr int
     signum() const
     {
-        for (int i = 0; i < kWidth; i++)
+        for (int i = 0; i < kWIDTH; i++)
         {
             if (data_[i] != 0)
                 return 1;
@@ -348,24 +325,24 @@ public:
     bool
     operator!() const
     {
-        return *this == beast::kZero;
+        return *this == beast::kZERO;
     }
 
-    constexpr BaseUInt
+    constexpr BaseUint
     operator~() const
     {
-        BaseUInt ret;
+        BaseUint ret;
 
-        for (int i = 0; i < kWidth; i++)
+        for (int i = 0; i < kWIDTH; i++)
             ret.data_[i] = ~data_[i];
 
         return ret;
     }
 
-    BaseUInt&
+    BaseUint&
     operator=(std::uint64_t uHost)
     {
-        *this = beast::kZero;
+        *this = beast::kZERO;
         // NOLINTBEGIN(cppcoreguidelines-pro-type-member-init)
         union
         {
@@ -375,43 +352,43 @@ public:
         // NOLINTEND(cppcoreguidelines-pro-type-member-init)
         // Put in least significant bits.
         ul = boost::endian::native_to_big(uHost);
-        data_[kWidth - 2] = u[0];
-        data_[kWidth - 1] = u[1];
+        data_[kWIDTH - 2] = u[0];
+        data_[kWIDTH - 1] = u[1];
         return *this;
     }
 
-    BaseUInt&
-    operator^=(BaseUInt const& b)
+    BaseUint&
+    operator^=(BaseUint const& b)
     {
-        for (int i = 0; i < kWidth; i++)
+        for (int i = 0; i < kWIDTH; i++)
             data_[i] ^= b.data_[i];
 
         return *this;
     }
 
-    BaseUInt&
-    operator&=(BaseUInt const& b)
+    BaseUint&
+    operator&=(BaseUint const& b)
     {
-        for (int i = 0; i < kWidth; i++)
+        for (int i = 0; i < kWIDTH; i++)
             data_[i] &= b.data_[i];
 
         return *this;
     }
 
-    BaseUInt&
-    operator|=(BaseUInt const& b)
+    BaseUint&
+    operator|=(BaseUint const& b)
     {
-        for (int i = 0; i < kWidth; i++)
+        for (int i = 0; i < kWIDTH; i++)
             data_[i] |= b.data_[i];
 
         return *this;
     }
 
-    BaseUInt&
+    BaseUint&
     operator++()
     {
         // prefix operator
-        for (int i = kWidth - 1; i >= 0; --i)
+        for (int i = kWIDTH - 1; i >= 0; --i)
         {
             data_[i] = boost::endian::native_to_big(boost::endian::big_to_native(data_[i]) + 1);
             if (data_[i] != 0)
@@ -421,20 +398,20 @@ public:
         return *this;
     }
 
-    BaseUInt
+    BaseUint
     operator++(int)
     {
         // postfix operator
-        BaseUInt const ret = *this;
+        BaseUint const ret = *this;
         ++(*this);
 
         return ret;
     }
 
-    BaseUInt&
+    BaseUint&
     operator--()
     {
-        for (int i = kWidth - 1; i >= 0; --i)
+        for (int i = kWIDTH - 1; i >= 0; --i)
         {
             auto prev = data_[i];
             data_[i] = boost::endian::native_to_big(boost::endian::big_to_native(data_[i]) - 1);
@@ -446,36 +423,36 @@ public:
         return *this;
     }
 
-    BaseUInt
+    BaseUint
     operator--(int)
     {
         // postfix operator
-        BaseUInt const ret = *this;
+        BaseUint const ret = *this;
         --(*this);
 
         return ret;
     }
 
-    [[nodiscard]] BaseUInt
+    [[nodiscard]] BaseUint
     next() const
     {
         auto ret = *this;
         return ++ret;
     }
 
-    [[nodiscard]] BaseUInt
+    [[nodiscard]] BaseUint
     prev() const
     {
         auto ret = *this;
         return --ret;
     }
 
-    BaseUInt&
-    operator+=(BaseUInt const& b)
+    BaseUint&
+    operator+=(BaseUint const& b)
     {
         std::uint64_t carry = 0;
 
-        for (int i = kWidth - 1; i >= 0; i--)
+        for (int i = kWIDTH - 1; i >= 0; i--)
         {
             std::uint64_t const n = carry + boost::endian::big_to_native(data_[i]) +
                 boost::endian::big_to_native(b.data_[i]);
@@ -489,7 +466,7 @@ public:
 
     template <class Hasher>
     friend void
-    hash_append(Hasher& h, BaseUInt const& a) noexcept
+    hash_append(Hasher& h, BaseUint const& a) noexcept
     {
         // Do not allow any endian transformations on this memory
         h(a.data_.data(), sizeof(a.data_));
@@ -526,13 +503,13 @@ public:
         return parseHex(std::string_view{str});
     }
 
-    static constexpr std::size_t
+    constexpr static std::size_t
     size()
     {
-        return kBytes;
+        return kBYTES;
     }
 
-    BaseUInt<Bits, Tag>&
+    BaseUint<Bits, Tag>&
     operator=(beast::Zero)
     {
         data_.fill(0);
@@ -543,28 +520,28 @@ public:
     [[nodiscard]] bool
     isZero() const
     {
-        return *this == beast::kZero;
+        return *this == beast::kZERO;
     }
     [[nodiscard]] bool
     isNonZero() const
     {
-        return *this != beast::kZero;
+        return *this != beast::kZERO;
     }
     void
     zero()
     {
-        *this = beast::kZero;
+        *this = beast::kZERO;
     }
 };
 
-using uint128 = BaseUInt<128>;
-using uint160 = BaseUInt<160>;
-using uint256 = BaseUInt<256>;
-using uint192 = BaseUInt<192>;
+using uint128 = BaseUint<128>;
+using uint160 = BaseUint<160>;
+using uint256 = BaseUint<256>;
+using uint192 = BaseUint<192>;
 
 template <std::size_t Bits, class Tag>
 [[nodiscard]] constexpr std::strong_ordering
-operator<=>(BaseUInt<Bits, Tag> const& lhs, BaseUInt<Bits, Tag> const& rhs)
+operator<=>(BaseUint<Bits, Tag> const& lhs, BaseUint<Bits, Tag> const& rhs)
 {
     // This comparison might seem wrong on a casual inspection because it
     // compares data internally stored as std::uint32_t byte-by-byte. But
@@ -585,7 +562,7 @@ operator<=>(BaseUInt<Bits, Tag> const& lhs, BaseUInt<Bits, Tag> const& rhs)
 
 template <std::size_t Bits, typename Tag>
 [[nodiscard]] constexpr bool
-operator==(BaseUInt<Bits, Tag> const& lhs, BaseUInt<Bits, Tag> const& rhs)
+operator==(BaseUint<Bits, Tag> const& lhs, BaseUint<Bits, Tag> const& rhs)
 {
     return (lhs <=> rhs) == 0;
 }
@@ -593,59 +570,59 @@ operator==(BaseUInt<Bits, Tag> const& lhs, BaseUInt<Bits, Tag> const& rhs)
 //------------------------------------------------------------------------------
 template <std::size_t Bits, class Tag>
 constexpr bool
-operator==(BaseUInt<Bits, Tag> const& a, std::uint64_t b)
+operator==(BaseUint<Bits, Tag> const& a, std::uint64_t b)
 {
-    return a == BaseUInt<Bits, Tag>(b);
+    return a == BaseUint<Bits, Tag>(b);
 }
 
 //------------------------------------------------------------------------------
 template <std::size_t Bits, class Tag>
-constexpr BaseUInt<Bits, Tag>
-operator^(BaseUInt<Bits, Tag> const& a, BaseUInt<Bits, Tag> const& b)
+constexpr BaseUint<Bits, Tag>
+operator^(BaseUint<Bits, Tag> const& a, BaseUint<Bits, Tag> const& b)
 {
-    return BaseUInt<Bits, Tag>(a) ^= b;
+    return BaseUint<Bits, Tag>(a) ^= b;
 }
 
 template <std::size_t Bits, class Tag>
-constexpr BaseUInt<Bits, Tag>
-operator&(BaseUInt<Bits, Tag> const& a, BaseUInt<Bits, Tag> const& b)
+constexpr BaseUint<Bits, Tag>
+operator&(BaseUint<Bits, Tag> const& a, BaseUint<Bits, Tag> const& b)
 {
-    return BaseUInt<Bits, Tag>(a) &= b;
+    return BaseUint<Bits, Tag>(a) &= b;
 }
 
 template <std::size_t Bits, class Tag>
-constexpr BaseUInt<Bits, Tag>
-operator|(BaseUInt<Bits, Tag> const& a, BaseUInt<Bits, Tag> const& b)
+constexpr BaseUint<Bits, Tag>
+operator|(BaseUint<Bits, Tag> const& a, BaseUint<Bits, Tag> const& b)
 {
-    return BaseUInt<Bits, Tag>(a) |= b;
+    return BaseUint<Bits, Tag>(a) |= b;
 }
 
 template <std::size_t Bits, class Tag>
-constexpr BaseUInt<Bits, Tag>
-operator+(BaseUInt<Bits, Tag> const& a, BaseUInt<Bits, Tag> const& b)
+constexpr BaseUint<Bits, Tag>
+operator+(BaseUint<Bits, Tag> const& a, BaseUint<Bits, Tag> const& b)
 {
-    return BaseUInt<Bits, Tag>(a) += b;
+    return BaseUint<Bits, Tag>(a) += b;
 }
 
 //------------------------------------------------------------------------------
 template <std::size_t Bits, class Tag>
 inline std::string
-to_string(BaseUInt<Bits, Tag> const& a)
+to_string(BaseUint<Bits, Tag> const& a)
 {
     return strHex(a.cbegin(), a.cend());
 }
 
 template <std::size_t Bits, class Tag>
 inline std::string
-toShortString(BaseUInt<Bits, Tag> const& a)
+toShortString(BaseUint<Bits, Tag> const& a)
 {
-    static_assert(BaseUInt<Bits, Tag>::kBytes > 4, "For 4 bytes or less, use a native type");
+    static_assert(BaseUint<Bits, Tag>::kBYTES > 4, "For 4 bytes or less, use a native type");
     return strHex(a.cbegin(), a.cbegin() + 4) + "...";
 }
 
 template <std::size_t Bits, class Tag>
 inline std::ostream&
-operator<<(std::ostream& out, BaseUInt<Bits, Tag> const& u)
+operator<<(std::ostream& out, BaseUint<Bits, Tag> const& u)
 {
     return out << to_string(u);
 }
@@ -673,7 +650,7 @@ static_assert(sizeof(uint256) == 256 / 8, "There should be no padding bytes");
 namespace beast {
 
 template <std::size_t Bits, class Tag>
-struct IsUniquelyRepresented<xrpl::BaseUInt<Bits, Tag>> : public std::true_type
+struct IsUniquelyRepresented<xrpl::BaseUint<Bits, Tag>> : public std::true_type
 {
     explicit IsUniquelyRepresented() = default;
 };

include/xrpl/basics/chrono.h

@@ -30,10 +30,10 @@ using weeks = std::chrono::duration<int, std::ratio_multiply<days::period, std::
     = seconds(946684800)
 */
 
-static constexpr std::chrono::seconds kEpochOffset =
+constexpr static std::chrono::seconds kEPOCH_OFFSET =
     date::sys_days{date::year{2000} / 1 / 1} - date::sys_days{date::year{1970} / 1 / 1};
 
-static_assert(kEpochOffset.count() == 946684800);
+static_assert(kEPOCH_OFFSET.count() == 946684800);
 
 class NetClock
 {
@@ -60,7 +60,7 @@ to_string(NetClock::time_point tp)
 {
     // 2000-01-01 00:00:00 UTC is 946684800s from 1970-01-01 00:00:00 UTC
     using namespace std::chrono;
-    return to_string(system_clock::time_point{tp.time_since_epoch() + kEpochOffset});
+    return to_string(system_clock::time_point{tp.time_since_epoch() + kEPOCH_OFFSET});
 }
 
 template <class Duration>
@@ -77,7 +77,7 @@ toStringIso(NetClock::time_point tp)
     // 2000-01-01 00:00:00 UTC is 946684800s from 1970-01-01 00:00:00 UTC
     // Note, NetClock::duration is seconds, as checked by static_assert
     static_assert(std::is_same_v<NetClock::duration::period, std::ratio<1>>);
-    return toStringIso(date::sys_time<NetClock::duration>{tp.time_since_epoch() + kEpochOffset});
+    return toStringIso(date::sys_time<NetClock::duration>{tp.time_since_epoch() + kEPOCH_OFFSET});
 }
 
 /** A clock for measuring elapsed time.

include/xrpl/basics/hardened_hash.h

@@ -31,9 +31,9 @@ makeSeedPair() noexcept
         // state_t(state_t const&) = delete;
         // state_t& operator=(state_t const&) = delete;
     };
-    static StateT kState;
-    std::scoped_lock const lock(kState.mutex);
-    return {kState.dist(kState.gen), kState.dist(kState.gen)};
+    static StateT kSTATE;
+    std::scoped_lock const lock(kSTATE.mutex);
+    return {kSTATE.dist(kSTATE.gen), kSTATE.dist(kSTATE.gen)};
 }
 
 }  // namespace detail

include/xrpl/basics/join.h

@@ -1,13 +1,12 @@
 #pragma once
 
 #include <string>
-#include <string_view>
 
 namespace xrpl {
 
 template <class Stream, class Iter>
 Stream&
-join(Stream& s, Iter iter, Iter end, std::string_view delimiter)
+join(Stream& s, Iter iter, Iter end, std::string const& delimiter)
 {
     if (iter == end)
         return s;

include/xrpl/basics/mulDiv.h

@@ -5,7 +5,7 @@
 #include <optional>
 
 namespace xrpl {
-constexpr auto kMuldivMax = std::numeric_limits<std::uint64_t>::max();
+auto constexpr kMULDIV_MAX = std::numeric_limits<std::uint64_t>::max();
 
 /** Return value*mul/div accurately.
     Computes the result of the multiplication and division in

include/xrpl/basics/partitioned_unordered_map.h

@@ -236,7 +236,7 @@ public:
         map_.resize(partitions_);
         XRPL_ASSERT(
             partitions_,
-            "xrpl::PartitionedUnorderedMap::PartitionedUnorderedMap : "
+            "xrpl::partitioned_unordered_map::partitioned_unordered_map : "
             "nonzero partitions");
     }