Merge branch 'unstable' into revamp-workflows

Signed-off-by: Roshan Khatri <[email protected]>

.config/typos.toml

@@ -0,0 +1,69 @@
+# See https://github.com/crate-ci/typos/blob/master/docs/reference.md to configure typos
+
+[files]
+extend-exclude = [
+    "deps/",
+    # crc16_slottable is primarily pre-generated random strings.
+    "src/crc16_slottable.h",
+]
+
+[default.extend-words]
+advices = "advices"
+exat = "exat"
+optin = "optin"
+ro = "ro"
+smove = "smove"
+
+[type.c]
+extend-ignore-re = [
+    "BA3E2571", # sha1.c
+    "D4C4DAA4", # sha1.c
+    "Georg Nees",
+    "\\[l\\]ist", # eval.c
+]
+
+[type.tcl]
+extend-ignore-re = [
+    "DUMPed",
+]
+
+[type.sv.extend-identifiers]
+# sv = .h
+module_gil_acquring = "module_gil_acquring"
+
+[type.c.extend-identifiers]
+ang = "ang"
+clen = "clen"
+fle = "fle"
+module_gil_acquring = "module_gil_acquring"
+nd = "nd"
+ot = "ot"
+
+[type.tcl.extend-identifiers]
+fo = "fo"
+oll = "oll"
+stressers = "stressers"
+
+[type.sv.extend-words]
+# sv = .h
+fo = "fo"
+seeked = "seeked"
+
+[type.c.extend-words]
+arange = "arange"
+fo = "fo"
+frst = "frst"
+limite = "limite"
+pn = "pn"
+seeked = "seeked"
+tre = "tre"
+ws = "ws"
+
+[type.systemd.extend-words]
+# systemd = .conf
+ake = "ake"
+
+[type.tcl.extend-words]
+fo = "fo"
+lst = "lst"
+tre = "tre"

.github/dependabot.yml

@@ -2,14 +2,10 @@
 # package ecosystems to update and where the package manifests are located.
 # Please see the documentation for all configuration options:
 # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
+---
 version: 2
 updates:
   - package-ecosystem: github-actions
     directory: /
     schedule:
       interval: weekly
-  - package-ecosystem: pip
-    directory: /.codespell
-    schedule:
-      interval: weekly

.github/workflows/ci.yml

@@ -2,6 +2,9 @@ name: CI
 
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
 
   test-ubuntu-latest:

.github/workflows/codeql-analysis.yml

@@ -6,11 +6,16 @@ on:
     # run weekly new vulnerability was added to the database
     - cron: '0 0 * * 0'
 
+permissions:
+  contents: read
+
 jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-latest
     if: github.event_name != 'schedule' || github.repository == 'valkey-io/valkey'
+    permissions:
+      security-events: write
 
     strategy:
       fail-fast: false

.github/workflows/coverity.yml

@@ -6,6 +6,8 @@ on:
   - cron: '0 0 * * *'
   # Support manual execution
   workflow_dispatch:
+permissions:
+  contents: read
 jobs:
   coverity:
     if: github.repository == 'valkey-io/valkey'

.github/workflows/daily.yml

@@ -28,6 +28,8 @@ on:
         description: 'git branch or sha to use'
         default: 'unstable'
 
+permissions:
+  contents: read
 
 jobs:
 

.github/workflows/external.yml

@@ -6,6 +6,9 @@ on:
   schedule:
     - cron: '0 0 * * *'
 
+permissions:
+  contents: read
+
 jobs:
   test-external-standalone:
     runs-on: ubuntu-latest
@@ -29,7 +32,7 @@ jobs:
       if: ${{ failure() }}
       uses: actions/upload-artifact@v3
       with:
-        name: test-external-server-log
+        name: test-external-standalone-log
         path: external-server.log
 
   test-external-cluster:
@@ -81,5 +84,5 @@ jobs:
         if: ${{ failure() }}
         uses: actions/upload-artifact@v3
         with:
-          name: test-external-server-log
+          name: test-external-nodebug-log
           path: external-server.log

.github/workflows/reply-schemas-linter.yml

@@ -8,6 +8,9 @@ on:
     paths:
       - 'src/commands/*.json'
 
+permissions:
+  contents: read
+
 jobs:
   reply-schemas-linter:
     runs-on: ubuntu-latest

.github/workflows/spell-check.yml

@@ -9,6 +9,9 @@ on:
   push:
   pull_request:
 
+permissions:
+  contents: read
+
 jobs:
   build:
     name: Spellcheck

.gitignore

@@ -23,8 +23,7 @@ release.h
 src/transfer.sh
 src/configs
 redis.ds
-src/redis.conf
-src/nodes.conf
+src/*.conf
 deps/lua/src/lua
 deps/lua/src/luac
 deps/lua/src/liblua.a
@@ -41,3 +40,4 @@ Makefile.dep
 .ccls-cache/*
 compile_commands.json
 redis.code-workspace
+.cache

CONTRIBUTING.md

@@ -1,14 +1,14 @@
-Note: by contributing code to the Redis project in any form, including sending
+Note: by contributing code to the Valkey project in any form, including sending
 a pull request via GitHub, a code fragment or patch via private email or
 public discussion groups, you agree to release your code under the terms
-of the Redis license that you can find in the COPYING file included in the Redis
+of the Valkey license that you can find in the COPYING file included in the Valkey
 source distribution.
 
-# IMPORTANT: HOW TO USE REDIS GITHUB ISSUES
+# IMPORTANT: HOW TO USE VALKEY GITHUB ISSUES
 
 GitHub issues SHOULD ONLY BE USED to report bugs and for DETAILED feature
 requests. Everything else should be asked on Discord:
-      
+
     https://discord.gg/zbcPa5umUB
 
 PLEASE DO NOT POST GENERAL QUESTIONS that are not about bugs or suspected
@@ -23,13 +23,18 @@ Issues and pull requests for documentation belong on the valkey-doc repo:
 
     https://github.com/valkey-io/valkey-doc
 
-If you are reporting a security bug or vulnerability, see SECURITY.md.
+If you are reporting a security bug or vulnerability, see [SECURITY.md](SECURITY.md).
 
 ## Developer Certificate of Origin
 
-We respect the intellectual property rights of others and we want to make sure all incoming contributions are correctly attributed and licensed. A Developer Certificate of Origin (DCO) is a lightweight mechanism to do that. The DCO is a declaration attached to every commit. In the commit message of the contribution, the developer simply adds a `Signed-off-by` statement and thereby agrees to the DCO, which you can find below or at [DeveloperCertificate.org](http://developercertificate.org/).
+We respect the intellectual property rights of others and we want to make sure
+all incoming contributions are correctly attributed and licensed. A Developer
+Certificate of Origin (DCO) is a lightweight mechanism to do that. The DCO is
+a declaration attached to every commit. In the commit message of the contribution,
+the developer simply adds a `Signed-off-by` statement and thereby agrees to the DCO,
+which you can find below or at [DeveloperCertificate.org](http://developercertificate.org/).
 
-```
+```text
 Developer's Certificate of Origin 1.1
 
 By making a contribution to this project, I certify that:
@@ -56,14 +61,21 @@ By making a contribution to this project, I certify that:
     sign-off) is maintained indefinitely and may be redistributed
     consistent with this project or the open source license(s)
     involved.
- ```
+```
 
-We require that every contribution to Valkey to be signed with a DCO. We require the usage of known identity (such as a real or preferred name). We do not accept anonymous contributors nor those utilizing pseudonyms. A DCO signed commit will contain a line like:
+We require that every contribution to Valkey to be signed with a DCO. We require the
+usage of known identity (such as a real or preferred name). We do not accept anonymous
+contributors nor those utilizing pseudonyms. A DCO signed commit will contain a line like:
 
-```
+
+```text
 Signed-off-by: Jane Smith <[email protected]>
 ```
-You may type this line on your own when writing your commit messages. However, if your user.name and user.email are set in your git configs, you can use `git commit` with `-s` or `--signoff` to add the `Signed-off-by` line to the end of the commit message. We also require revert commits to include a DCO.
+
+You may type this line on your own when writing your commit messages. However, if your
+user.name and user.email are set in your git configs, you can use `git commit` with `-s`
+or `--signoff` to add the `Signed-off-by` line to the end of the commit message. We also
+require revert commits to include a DCO.
 
 # How to provide a patch for a new feature
 
@@ -74,7 +86,8 @@ and creating an issue at Github with the description of, exactly, what you want
 to accomplish and why. Use cases are important for features to be accepted.
 Here you can see if there is consensus about your idea.
 
-2. If in step 1 you get an acknowledgment from the project leaders, use the following procedure to submit a patch:
+2. If in step 1 you get an acknowledgment from the project leaders, use the following
+procedure to submit a patch:
     1. Fork Valkey on GitHub ( https://docs.github.com/en/github/getting-started-with-github/fork-a-repo )
     1. Create a topic branch (git checkout -b my_branch)
     1. Make the needed changes and commit with a DCO. (git commit -s)
@@ -91,4 +104,7 @@ view, and so forth. This helps.
 
 4. For minor fixes - open a pull request on GitHub.
 
+To link a pull request to an existing issue, please write "Fixes #xyz" somewhere
+in the pull request description, where xyz is the issue number.
+
 Thanks!

Makefile

@@ -1,4 +1,4 @@
-# Top level makefile, the real shit is at src/Makefile
+# Top level makefile, the real magic is at src/Makefile
 
 default: all
 

README.md

@@ -183,6 +183,11 @@ In order to install Valkey binaries into /usr/local/bin, just use:
 You can use `make PREFIX=/some/other/directory install` if you wish to use a
 different destination.
 
+_Note_: For compatibility with Redis, we create symlinks from the Redis names (`redis-server`, `redis-cli`, etc.) to the Valkey binaries installed by `make install`.
+The symlinks are created in same directory as the Valkey binaries.
+The symlinks are removed when using `make uninstall`.
+The creation of the symlinks can be skipped by setting the makefile variable `USE_REDIS_SYMLINKS=no`.
+
 `make install` will just install binaries in your system, but will not configure
 init scripts and configuration files in the appropriate place. This is not
 needed if you just want to play a bit with Valkey, but if you are installing

SECURITY.md

@@ -1,8 +1,6 @@
-# Security Policy
-
-PlaceHolderKV is under development, more information will become available.
-
 ## Reporting a Vulnerability
 
-If you believe you've discovered a serious vulnerability, please contact Madelyn
-at [email protected]
+If you believe you've discovered a security vulnerability, please contact the Valkey team at [email protected].
+Please *DO NOT* create an issue.
+We follow a responsible disclosure procedure, so depending on the severity of the issue we may notify Valkey vendors about the issue before releasing it publicly.
+If you would like to be added to our list of vendors, please reach out to the Valkey team at [email protected].