The "setup" Windows binary we distribute allows users to "install" Electrum
on their system. The distributable is created by NSIS. During
installation a bunch of files will get unpacked in %programfiles(x86)%/Electrum,
including an "inner" exe that will be the entrypoint for the user to start
the application. A shortcut is also created for the inner exe.
With this change, there will now be two inner EXEs. One the same as before,
the other with a "-debug" suffix in its name. The debug exe is built as a
"console" application (as opposed to a "windowed" application), so when
launched via double-click a black console window would appear; and also
importantly stdin/stdout are handled properly for it (unlike for "windowed"
programs). (see #2592)
There will not be a shortcut or similar for the debug exe; it would just
be there as a debugging option we can instruct users to use when needed.
In particular early crashes during startup are hard to debug without
stdout/stderr. (see e.g. #6601)
Since #6014, pyaes is not really needed anymore.
As we currently require either one of pycryptodomex or cryptography,
even if pyaes is available, it will not be used.
We could strip it out completely from crypto.py...
In any case, pyaes is still pulled in by some hw wallet dependencies indirectly;
but the core library no longer depends on it.
- our new key now supports both
- note that we don't bother to "dual sign" for both sha1 and sha2, as
Win7 upwards sha2 is supported (and we already don't support XP, Vista, etc anymore)
Create a pyinstaller "onedir" executable instead of a "onefile" executable.
Note that the name change from "Electrum" to "run_electrum" affects the
name of the internal binary (usually not exposed to users). This is
needed to avoid a collision with the "electrum" folder inside the .app
(just like in the source tree).
based on 03c3eca856
maybe fixes#6225
If there is a collision between a branch name and a commit hash, git
will choose the branch, even if the full 40-hex-long commit hash is
given. GitHub disallows branches/tags with such a name but git itself
does not. By adding the `^{commit}` syntax sugar after a ref name,
we can tell git that we want the commit hash to be preferred,
and hence we don't need to trust GitHub (only git).
see https://security.stackexchange.com/questions/225411/
