This PR is a bit in preparation for the slog work in #28187 .
Our current test re logging mostly test the internals, but we have no real end-to-end test of the logging output. This PR introduces a simple reexec-based log tester. This also relies upon a special mode in geth, which can be made to eject a set of predefined log messages (only available if the build-tag `integrationtests` is used
e.g. go run --tags=integrationtests ./cmd/geth --log.format terminal logtest
While working on this, I also noticed a quirk in the setup: when geth was configured to use a file output, then two separate handlers were used (one handler for the file, one handler for the console). Using two separate handlers means that two formatters are used, thus the formatting of any/all records happened twice. This PR changes the mechanism to use two separate io.Writers instead, which is both more optimal and fixes a bug which occurs due to a global statefulness in the formatter.
This updates minisign to the latest version. One new thing is that minisign (not go-minisign) has started to prehash the file, and in order to make geth pass the version-check, we need to sign the file in legacy-mode.
* cmd/geth: implement vulnerability check
* cmd/geth: use minisign to verify vulnerability feed
* cmd/geth: add the test too
* cmd/geth: more minisig/signify testing
* cmd/geth: support multiple pubfiles for signing
* cmd/geth: add @holiman minisig pubkey
* cmd/geth: polishes on vulnerability check
* cmd/geth: fix ineffassign linter nit
* cmd/geth: add CVE to version check struct
* cmd/geth/testdata: add missing testfile
* cmd/geth: add more keys to versionchecker
* cmd/geth: support file:// URLs in version check
* cmd/geth: improve key ID printing when signature check fails
Co-authored-by: Felix Lange <fjl@twurst.com>