Use cometbft fork v038.17 #1
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ft#2342) This is an automatic backport of pull request cometbft#2330 done by [Mergify](https://mergify.com). Cherry-pick of a6cc64d has failed: ``` On branch mergify/bp/v0.38.x/pr-2330 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit a6cc64d. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: docs/introduction/README.md Unmerged paths: (use "git add <file>..." to mark resolution) both modified: docs/core/running-in-production.md both modified: docs/core/subscription.md ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Andy Nogueira <[email protected]> Co-authored-by: Anton Kaliaev <[email protected]>
to unblock development <!-- Please add a reference to the issue that this PR addresses and indicate which files are most critical to review. If it fully addresses a particular issue, please include "Closes #XXX" (where "XXX" is the issue number). If this PR is non-trivial/large/complex, please ensure that you have either created an issue that the team's had a chance to respond to, or had some discussion with the team prior to submitting substantial pull requests. The team can be reached via GitHub Discussions or the Cosmos Network Discord server in the #cometbft channel. GitHub Discussions is preferred over Discord as it allows us to keep track of conversations topically. https://github.com/cometbft/cometbft/discussions If the work in this PR is not aligned with the team's current priorities, please be advised that it may take some time before it is merged - especially if it has not yet been discussed with the team. See the project board for the team's current priorities: https://github.com/orgs/cometbft/projects/1 --> --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments - [ ] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
…ometbft#2334) This is an automatic backport of pull request cometbft#2094 done by [Mergify](https://mergify.com). Cherry-pick of 6722f33 has failed: ``` On branch mergify/bp/v0.38.x/pr-2094 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 6722f33. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/improvements/2094-e2e-load-max-txs.md modified: test/e2e/pkg/manifest.go modified: test/e2e/runner/load.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: test/e2e/pkg/testnet.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Hernán Vanzetto <[email protected]> Co-authored-by: hvanz <[email protected]> Co-authored-by: Anton Kaliaev <[email protected]>
This is an automatic backport of pull request cometbft#1427 done by [Mergify](https://mergify.com). Cherry-pick of 91445e5 has failed: ``` On branch mergify/bp/v0.38.x/pr-1427 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 91445e5. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: mempool/errors.go modified: mempool/mempool.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: mempool/clist_mempool.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Aiden X <[email protected]> Co-authored-by: hvanz <[email protected]> Co-authored-by: Hernán Vanzetto <[email protected]>
…ometbft#2362) (cometbft#2375) This is an automatic backport of pull request cometbft#2362 done by [Mergify](https://mergify.com). Cherry-pick of a45ee35 has failed: ``` On branch mergify/bp/v0.38.x/pr-2362 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit a45ee35. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/features/2362-e2e-block-max-bytes.md modified: test/e2e/runner/setup.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: test/e2e/pkg/manifest.go both modified: test/e2e/pkg/testnet.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Hernán Vanzetto <[email protected]> Co-authored-by: hvanz <[email protected]>
This is an automatic backport of pull request cometbft#2383 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Anton Kaliaev <[email protected]>
… (cometbft#2437) This is an automatic backport of pull request cometbft#2414 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: DragonKid <[email protected]>
…ft#2346) (cometbft#2441) This is an automatic backport of pull request cometbft#2346 done by [Mergify](https://mergify.com). Cherry-pick of e623c44 has failed: ``` On branch mergify/bp/v0.38.x/pr-2346 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit e623c44. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: consensus/state.go modified: types/vote.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: types/vote_test.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <[email protected]>
…2434) (cometbft#2451) This is an automatic backport of pull request cometbft#2434 done by [Mergify](https://mergify.com). Cherry-pick of 8bf81d4 has failed: ``` On branch mergify/bp/v0.38.x/pr-2434 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 8bf81d4. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/improvements/2434-jsonrpc-websocket-basic-auth.md Unmerged paths: (use "git add <file>..." to mark resolution) both modified: rpc/jsonrpc/client/ws_client.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Matt Ketmo <[email protected]> Co-authored-by: Anton Kaliaev <[email protected]>
…nged` while rollback at a special height (backport cometbft#2136) (cometbft#2457) This is an automatic backport of pull request cometbft#2136 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Ethan <[email protected]>
…ft#2459) (cometbft#2464) This is an automatic backport of pull request cometbft#2459 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Anton Kaliaev <[email protected]>
…ometbft#2485) This is an automatic backport of pull request cometbft#2483 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Sergio Mena <[email protected]>
…etbft#2509) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <ul> <li><code>cache-binary</code> input to enable/disable caching binary to GHA cache backend by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/300">docker/setup-buildx-action#300</a></li> <li>build(deps): bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/282">docker/setup-buildx-action#282</a></li> <li>build(deps): bump <code>@docker/actions-toolkit</code> from 0.12.0 to 0.17.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/281">docker/setup-buildx-action#281</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/284">docker/setup-buildx-action#284</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/299">docker/setup-buildx-action#299</a></li> <li>build(deps): bump uuid from 9.0.0 to 9.0.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/271">docker/setup-buildx-action#271</a></li> <li>build(deps): bump undici from 5.26.3 to 5.28.3 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/297">docker/setup-buildx-action#297</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/0d103c3126aa41d772a8362f6aa67afac040f80c"><code>0d103c3</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/300">#300</a> from crazy-max/cache-binary</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/f19477aacd2ccdd80bdd9fbec62762494a0a767e"><code>f19477a</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a4180f835da34b09329293a0b481b5666f80fe81"><code>a4180f8</code></a> cache-binary input to enable/disable caching binary to GHA cache backend</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/524315340de4f701033248e1ee6a0197904b1134"><code>5243153</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/299">#299</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/3679a540239bdf202e26eeb4431159bcdea9c39c"><code>3679a54</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/37a22a2fb2c4ebcab21ecf45608143b890d732c1"><code>37a22a2</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.17.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/65afe610a110d2c4d102a28949259935a323043c"><code>65afe61</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/297">#297</a> from docker/dependabot/npm_and_yarn/undici-5.28.3</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/fcb8f722fd7e9a83a2f57fc6c9124259661542f3"><code>fcb8f72</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/f62b9a17c0f199a60048d54f30e75f61af13aa85"><code>f62b9a1</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/298">#298</a> from crazy-max/bump-gha</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/74c5b717e5e6f00c85a46548cbc0bfd7016969c6"><code>74c5b71</code></a> bump codecov/codecov-action from 3 to 4</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…tensions in `last_commit` (backport cometbft#2423) (cometbft#2525) This is an automatic backport of pull request cometbft#2423 done by [Mergify](https://mergify.com). Cherry-pick of b537697 has failed: ``` On branch mergify/bp/v0.38.x/pr-2423 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit b537697. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: spec/abci/abci++_comet_expected_behavior.md modified: spec/abci/abci++_example_scenarios.md Unmerged paths: (use "git add <file>..." to mark resolution) both modified: spec/abci/abci++_app_requirements.md both modified: spec/abci/abci++_basic_concepts.md both modified: spec/abci/abci++_methods.md ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: lasaro <[email protected]>
…metbft#2566) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.29.0 to 1.30.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.30.0</h2> <p>Release v1.30.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/517ee23296d5caf38df31c21945e6a54bbc8a89f"><code>517ee23</code></a> Release v1.30.0 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/195">#195</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/5e2ef857fc2a4d5c87904c626eb42a844b08095c"><code>5e2ef85</code></a> Check action bundles buf correctly (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/190">#190</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/46a2967ea50b8a012e948cb23d2468b84227e1e5"><code>46a2967</code></a> Correct buf CLI version (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/189">#189</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/ba063e7e02649462888c30705e28fa002fed840f"><code>ba063e7</code></a> Release v1.29.0-1 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/187">#187</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/abf079cff7cba30a0cfffda3b302fccfc061e3b0"><code>abf079c</code></a> Upgrade dependencies and node v20 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/185">#185</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/71c62afa859a83fef3e99267971d9b67716ff328"><code>71c62af</code></a> Create add-to-project workflow (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/184">#184</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.29.0...v1.30.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bft#2567) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v5.2.0</h2> <ul> <li>Disable quotes detection for <code>outputs</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li> <li>Warn about ignored inputs by <a href="https://github.com/favonia"><code>@favonia</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li> <li>Bump undici from 5.26.3 to 5.28.3 in <a href="https://redirect.github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/af5a7ed5ba88268d5278f7203fb52cd833f66d6e"><code>af5a7ed</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1074">#1074</a> from crazy-max/build-cmd-debug</li> <li><a href="https://github.com/docker/build-push-action/commit/2a85189a6c719593171342d3d43d4034e8c81513"><code>2a85189</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/6c2079483ed8cd675d71b5a395b81fa9a19eddc8"><code>6c20794</code></a> disable quotes detection for "outputs" input</li> <li><a href="https://github.com/docker/build-push-action/commit/afdf0c0a6772ea0bc8c6af61d5dc2df8823c85de"><code>afdf0c0</code></a> chore: debug build cmd and args</li> <li><a href="https://github.com/docker/build-push-action/commit/00ae31ab6ef216583e63647d8865f52da6b99a13"><code>00ae31a</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1070">#1070</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/701942b6e528fc34d632c5c53bd634912ba058e9"><code>701942b</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/90e54d0b1d5131362b7f9132ab941f7ce5e50080"><code>90e54d0</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0</li> <li><a href="https://github.com/docker/build-push-action/commit/831ca179d3cf91cf0c90ca465a408fa61e2129a2"><code>831ca17</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1066">#1066</a> from crazy-max/ci-local-cache</li> <li><a href="https://github.com/docker/build-push-action/commit/6bd0e5492f011213e04f0c8e4c420bf0783d2a64"><code>6bd0e54</code></a> ci: local-cache job to test local cache feature</li> <li><a href="https://github.com/docker/build-push-action/commit/b3eddbb94c4146a0988a620b01720afe50639271"><code>b3eddbb</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1057">#1057</a> from docker/dependabot/npm_and_yarn/undici-5.28.3</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hernán Vanzetto <[email protected]>
…ks (backport cometbft#2467) (cometbft#2515) Manual backport of cometbft#2467
…closer blocks (backport cometbft#2475) (cometbft#2576) This is an automatic backport of pull request cometbft#2475 done by [Mergify](https://mergify.com). Cherry-pick of f8366fc has failed: ``` On branch mergify/bp/v0.38.x/pr-2475 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit f8366fc. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/improvements/2475-blocksync-2nd-request.md new file: .changelog/unreleased/improvements/2475-blocksync-no-block-response.md new file: .changelog/unreleased/improvements/2475-blocksync-sort-peers.md modified: blocksync/reactor.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: blocksync/pool.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <[email protected]>
…) (cometbft#2587) This is an automatic backport of pull request cometbft#2584 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Anton Kaliaev <[email protected]>
[CHANGELOG](https://github.com/cometbft/cometbft/blob/373cff905b1cae08cf9b975839c9b28c742c2a8e/CHANGELOG.md#v0386) --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments - [ ] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
…tion (backport cometbft#2536) (cometbft#2603) This is an automatic backport of pull request cometbft#2536 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Naman Garg <[email protected]>
) Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <ul> <li>build(deps): bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a href="https://redirect.github.com/docker/login-action/pull/618">docker/login-action#618</a></li> <li>build(deps): bump <code>@docker/actions-toolkit</code> from 0.12.0 to 0.18.0 in <a href="https://redirect.github.com/docker/login-action/pull/616">docker/login-action#616</a> <a href="https://redirect.github.com/docker/login-action/pull/636">docker/login-action#636</a> <a href="https://redirect.github.com/docker/login-action/pull/682">docker/login-action#682</a></li> <li>build(deps): bump aws-sdk dependencies to 3.529.1 in <a href="https://redirect.github.com/docker/login-action/pull/624">docker/login-action#624</a> <a href="https://redirect.github.com/docker/login-action/pull/685">docker/login-action#685</a></li> <li>build(deps): bump http-proxy-agent to 7.0.2 in <a href="https://redirect.github.com/docker/login-action/pull/676">docker/login-action#676</a></li> <li>build(deps): bump https-proxy-agent to 7.0.4 in <a href="https://redirect.github.com/docker/login-action/pull/676">docker/login-action#676</a></li> <li>build(deps): bump undici from 5.26.5 to 5.28.3 in <a href="https://redirect.github.com/docker/login-action/pull/677">docker/login-action#677</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.0.0...v3.1.0">https://github.com/docker/login-action/compare/v3.0.0...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/e92390c5fb421da1463c202d546fed0ec5c39f20"><code>e92390c</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/685">#685</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/1e752e229320282adbfff1151662f2da6f8d36eb"><code>1e752e2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/51c60978b0670a2f99afff797023b9368764b57b"><code>51c6097</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/8f079fbb6ceb0bb4780454e1c116409039395e98"><code>8f079fb</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/676">#676</a> from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li> <li><a href="https://github.com/docker/login-action/commit/16fa7681c3a07f983f8e2f72d04ecc58c1877aca"><code>16fa768</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/46d161922643adc000f0f387a72bdc0f31c1d420"><code>46d1619</code></a> build(deps): bump the proxy-agent-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/8c291c5677d2cb612cd6cf4b48ae29dac82ee39f"><code>8c291c5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/682">#682</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/login-action/commit/ec726f409deedb629ce3b576a3c78c4c85897811"><code>ec726f4</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0</li> <li><a href="https://github.com/docker/login-action/commit/5139682d94efc37792e6b54386b5b470a68a4737"><code>5139682</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/677">#677</a> from docker/dependabot/npm_and_yarn/undici-5.28.3</li> <li><a href="https://github.com/docker/login-action/commit/6d4e2ba5df6bbe21cdb0807ac217d5a37e7c3630"><code>6d4e2ba</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/v3.0.0...v3.1.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…etbft#2629) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.1.0 to 3.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <ul> <li>Rename and align config inputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/303">docker/setup-buildx-action#303</a> <ul> <li><code>config</code> to <code>buildkitd-config</code></li> <li><code>config-inline</code> to <code>buildkitd-config-inline</code></li> </ul> </li> <li>Bump <code>@docker/actions-toolkit</code> from 0.17.0 to 0.19.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/302">docker/setup-buildx-action#302</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/306">docker/setup-buildx-action#306</a></li> </ul> <blockquote> <p>[!NOTE] <code>config</code> and <code>config-inline</code> input names are deprecated and will be removed in next major release.</p> </blockquote> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0">https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/2b51285047da1547ffb1b2203d8be4c0af6b1f20"><code>2b51285</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/306">#306</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/0f00370563710ebfbdf4287b76a0a5d88864e7f9"><code>0f00370</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/11c9683db9ea73b2090280c1cfa7d725bd8a60fa"><code>11c9683</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/56a16b8f2aa74bcbd3ab9ec13027cd3ac8e3f94f"><code>56a16b8</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/303">#303</a> from crazy-max/fix-inputs</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/c23f46eb919af18b86ac6f0f4646a63a7a452b4d"><code>c23f46e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/f876da6242168c5bb185ad517fb42f0b59fba456"><code>f876da6</code></a> rename and align config inputs</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/b7cf918227e7a90a94eea8534a6b0cc1965a0ccd"><code>b7cf918</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/304">#304</a> from crazy-max/rm-docs-dir</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/0150f0ed7a2bf35ffea40dcc932b2241d1989c90"><code>0150f0e</code></a> chore: remove docs dir</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/d89f1f91164c405e0d6c9fb1787dd217e90bdfab"><code>d89f1f9</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/302">#302</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/12d65f6595845ebd24708c24c4e620cafcea8440"><code>12d65f6</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bft#2630) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.2.0 to 5.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v5.3.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1080">docker/build-push-action#1080</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/2cdde995de11925a030ce8070c3d77a52ffcf1c0"><code>2cdde99</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1080">#1080</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/008747aa03417139ec2995efe44e7f080b8323c3"><code>008747a</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/15807531260fa0e39af66835230d13071751862e"><code>1580753</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0</li> <li><a href="https://github.com/docker/build-push-action/commit/2a7db1d68aab1a514ba647f39bcde60888a1753f"><code>2a7db1d</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1075">#1075</a> from crazy-max/ci-multi-output</li> <li><a href="https://github.com/docker/build-push-action/commit/35e7dd592106dcd929ef8706706f6d54678d1f67"><code>35e7dd5</code></a> ci: test multi output</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…t#2680) close: cometbft#2679 Added hyperlink and cleaned-up hidden comments --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments - [ ] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec --------- Co-authored-by: Sergio Mena <[email protected]>
…r) (backport cometbft#2715) (cometbft#2724) close: cometbft#779 This PR adds additional information on `ExtendedCommitInfo` and `CommitInfo` data types about the validator set ordering (total power) guarantees. #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [X] Updated relevant documentation (`docs/` or `spec/`) and code comments - [X] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec <hr>This is an automatic backport of pull request cometbft#2715 done by [Mergify](https://mergify.com). Co-authored-by: Andy Nogueira <[email protected]>
…metbft#2738) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.30.0 to 1.30.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.30.1</h2> <p>Release v1.30.1</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/9990c72db080fa39cf561230b8d2d7b736681f85"><code>9990c72</code></a> Release v1.30.1 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/200">#200</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.30.0...v1.30.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…the JSON (backport cometbft#2774) (cometbft#2778) This change fixes a bug in which BitArray.UnmarshalJSON hadn't accounted for the fact that invoking NewBitArray(<=0) returns nil and hence when dereferenced would crash with a runtime nil pointer dereference. This bug was found by my security analysis and fuzzing too. Author: @odeke-em Fixes cometbft#2658 --- #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] ~~Updated relevant documentation (`docs/` or `spec/`) and code comments~~ - [x] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec <hr>This is an automatic backport of pull request cometbft#2774 done by [Mergify](https://mergify.com). --------- Co-authored-by: Anton Kaliaev <[email protected]>
cometbft#2795) Closes cometbft#2771 --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments - [ ] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec <hr>This is an automatic backport of pull request cometbft#2792 done by [Mergify](https://mergify.com). Co-authored-by: Khanh Hoa <[email protected]>
…cometbft#4660) (cometbft#4662) <hr>This is an automatic backport of pull request cometbft#4660 done by [Mergify](https://mergify.com). --------- Co-authored-by: Anton Kaliaev <[email protected]>
…kport cometbft#4663) (cometbft#4677) Co-authored-by: Anton Kaliaev <[email protected]>
[Rendered CHANGELOG](https://github.com/cometbft/cometbft/blob/ab5ec8016ccba1919db28a7d39ffbfeb0397b215/CHANGELOG.md). Manually ran `e2e-nightly` on this branch: [link](https://github.com/cometbft/cometbft/actions/runs/12432997601)
…etbft#4712) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.7.1 to 3.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.8.0</h2> <ul> <li>Make cloud prefix optional to download buildx if driver is cloud by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/390">docker/setup-buildx-action#390</a></li> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/370">docker/setup-buildx-action#370</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.39.0 to 0.48.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/389">docker/setup-buildx-action#389</a></li> <li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/382">docker/setup-buildx-action#382</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0">https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/6524bf65af31da8d45b59e8c27de4bd072b392f5"><code>6524bf6</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/390">#390</a> from crazy-max/buildx-cloud-latest</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/8d5e0747fc81adde3c75a11c4ab1cd6e831c45b5"><code>8d5e074</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/7199e57b3551d377384de4d86bb21b747aea8ae4"><code>7199e57</code></a> make cloud prefix optional to download buildx if driver is cloud</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/db63cee3de03c9e9f201f1b6213e29b58eaa560d"><code>db63cee</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/381">#381</a> from docker/dependabot/github_actions/codecov/codecov...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/043ebe137fb9440c054da78ea0d12b4770d51bb0"><code>043ebe1</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/389">#389</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/686da9073d5e9e34c27fc99d06023785a093b3b2"><code>686da90</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a3d74876b8fd9bd06b520ed90e4838a3ab637302"><code>a3d7487</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/382">#382</a> from docker/dependabot/npm_and_yarn/cross-spawn-7.0.6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4dcdbcec48953cab044a8e7d13f601ffd1926c08"><code>4dcdbce</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.39.0 to 0.48.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1a8ac74316906cd182c3b1e6361b0648f1800ecc"><code>1a8ac74</code></a> ci: fix deprecated input for codecov-action</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e827ebe8ba8bcef11893610e158210f4ce7c2ded"><code>e827ebe</code></a> build(deps): bump cross-spawn from 7.0.3 to 7.0.6</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…metbft#4711) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.47.2 to 1.48.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.48.0</h2> <p>Release v1.48.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/1115d0acd3d2a120b30023fac52abc46807c8fd6"><code>1115d0a</code></a> Release v1.48.0 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/233">#233</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.47.2...v1.48.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…metbft#4802) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.48.0 to 1.49.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.49.0</h2> <p>Release v1.49.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/480b44ac64eb7784931d42dcddaf762c626186a6"><code>480b44a</code></a> Release v1.49.0 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/236">#236</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/2ff90c60795eee77ba6134f1fb1aa7ceba7845ff"><code>2ff90c6</code></a> Update license year range (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/235">#235</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.48.0...v1.49.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…etbft#4801) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.10.0 to 6.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.11.0</h2> <ul> <li>Handlebar <code>defaultContext</code> support for <code>build-contexts</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1283">docker/build-push-action#1283</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.46.0 to 0.49.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1281">docker/build-push-action#1281</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0">https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/b32b51a8eda65d6793cd0494a773d4f6bcef32dc"><code>b32b51a</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1281">#1281</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/594bf46f0f6d32fd8bd98a553127950004165c96"><code>594bf46</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1294">#1294</a> from crazy-max/fix-e2e</li> <li><a href="https://github.com/docker/build-push-action/commit/fd37bd55af0b8c458ea0ff376ce151a332fa7aed"><code>fd37bd5</code></a> ci(e2e): fix setup docker config</li> <li><a href="https://github.com/docker/build-push-action/commit/e6478a2405f3527f33b93efb6857519c3ffd91f2"><code>e6478a2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/78785bddff35ca36f384e0c6a8a367584317df9f"><code>78785bd</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.46.0 to 0.49.0</li> <li><a href="https://github.com/docker/build-push-action/commit/128779fed7edb034b3f8006e9dac81a8593c040e"><code>128779f</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1283">#1283</a> from crazy-max/named-context-handlebars</li> <li><a href="https://github.com/docker/build-push-action/commit/7e094594beda23fc8f21fa31049f4b203e51096b"><code>7e09459</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1282">#1282</a> from crazy-max/remove-buildkit-5561</li> <li><a href="https://github.com/docker/build-push-action/commit/32ee877a58507615d974839965ef8e530d66362e"><code>32ee877</code></a> Revert "init buildkit-5561 workflow"</li> <li><a href="https://github.com/docker/build-push-action/commit/d1a4129c41bb3f92b731b33dc29cfe5f6cd9298f"><code>d1a4129</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/49c623eaf82513814393adabc13bf2535384d735"><code>49c623e</code></a> handlebar defaultContext support for build-contexts input</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…metbft#4836) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.49.0 to 1.50.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.50.0</h2> <p>Release v1.50.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/a47c93e0b1648d5651a065437926377d060baa99"><code>a47c93e</code></a> Release v1.50.0 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/238">#238</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.49.0...v1.50.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…etbft#4835) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.11.0 to 6.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.12.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.49.0 to 0.51.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1300">docker/build-push-action#1300</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0">https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/67a2d409c0a876cbe6b11854e3e25193efe4e62d"><code>67a2d40</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1300">#1300</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/0b1b1c9c43ec788c199860037a0545356ea03d26"><code>0b1b1c9</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/b6a7c2c4eec8151a4dbcd3823747fe1b77d5b280"><code>b6a7c2c</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.49.0 to 0.51.0</li> <li><a href="https://github.com/docker/build-push-action/commit/31ca4e5d51253d7e4a2317bfe74699cbe3a398a9"><code>31ca4e5</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1296">#1296</a> from crazy-max/bake-v6</li> <li><a href="https://github.com/docker/build-push-action/commit/e613db9d5a93dda4d07aeb81991e80164577ae4a"><code>e613db9</code></a> update bake-action to v6</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Adding @cometbft/interchain-inc to CODEOWNERS --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#4848 done by [Mergify](https://mergify.com). --------- Co-authored-by: Zachary Becker <[email protected]>
…ometbft#4753) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.12.0 to 5.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.13.0</h2> <h2>What's Changed</h2> <ul> <li>build: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1065">go-git/go-git#1065</a></li> <li>build: bump golang.org/x/net from 0.22.0 to 0.23.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1068">go-git/go-git#1068</a></li> <li>build: bump golang.org/x/net from 0.23.0 to 0.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1071">go-git/go-git#1071</a></li> <li>Properly support skipping of non-mandatory extensions by <a href="https://github.com/codablock"><code>@codablock</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1066">go-git/go-git#1066</a></li> <li>git: Refine some codes in test and non-test. by <a href="https://github.com/onee-only"><code>@onee-only</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1077">go-git/go-git#1077</a></li> <li>plumbing: protocol/packp, client-side filter capability support by <a href="https://github.com/edigaryev"><code>@edigaryev</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1000">go-git/go-git#1000</a></li> <li>build: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1078">go-git/go-git#1078</a></li> <li>plumbing: fix sideband demux on flush by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1084">go-git/go-git#1084</a></li> <li>storage: dotgit, head reference usually comes first by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1085">go-git/go-git#1085</a></li> <li>build: bump golang.org/x/text from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1091">go-git/go-git#1091</a></li> <li>build: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1094">go-git/go-git#1094</a></li> <li>build: bump golang.org/x/net from 0.24.0 to 0.25.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1093">go-git/go-git#1093</a></li> <li>git: Added an example for Repository.Branches by <a href="https://github.com/johnmatthiggins"><code>@johnmatthiggins</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1088">go-git/go-git#1088</a></li> <li>git: worktree_commit, Modify checking empty commit. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/723">#723</a> by <a href="https://github.com/onee-only"><code>@onee-only</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1050">go-git/go-git#1050</a></li> <li>plumbing: transport/http, Wrap http errors to return reason. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/1097">#1097</a> by <a href="https://github.com/ggambetti"><code>@ggambetti</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1100">go-git/go-git#1100</a></li> <li>build: bump golang.org/x/sys from 0.20.0 to 0.21.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1106">go-git/go-git#1106</a></li> <li>build: bump golang.org/x/text from 0.15.0 to 0.16.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1107">go-git/go-git#1107</a></li> <li>Bumps Go versions and go-billy by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1056">go-git/go-git#1056</a></li> <li>_examples: Fixed a dead link COMPATIBILITY.md by <a href="https://github.com/gecko655"><code>@gecko655</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1109">go-git/go-git#1109</a></li> <li>build: bump github.com/jessevdk/go-flags from 1.5.0 to 1.6.1 in /cli/go-git by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1115">go-git/go-git#1115</a></li> <li>build: bump github.com/elazarl/goproxy from v0.0.0-20230808193330-2592e75ae04a to v0.0.0-20240618083138-03be62527ccb by <a href="https://github.com/hbelmiro"><code>@hbelmiro</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1124">go-git/go-git#1124</a></li> <li>build: bump golang.org/x/net from 0.25.0 to 0.26.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1104">go-git/go-git#1104</a></li> <li>Add option approximating <code>git clean -x</code> flag. by <a href="https://github.com/msuozzo"><code>@msuozzo</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/995">go-git/go-git#995</a></li> <li>Revert "Add option approximating <code>git clean -x</code> flag." by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1129">go-git/go-git#1129</a></li> <li>Fix reference updated concurrently error for the filesystem storer by <a href="https://github.com/Javier-varez"><code>@Javier-varez</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1116">go-git/go-git#1116</a></li> <li>build: bump golang.org/x/net from 0.26.0 to 0.27.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1134">go-git/go-git#1134</a></li> <li>utils: merkletrie, Align error message with upstream by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1142">go-git/go-git#1142</a></li> <li>plumbing: transport/file, Change paths to absolute by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1141">go-git/go-git#1141</a></li> <li>plumbing: gitignore, Fix loading of ignored .gitignore files. by <a href="https://github.com/Achilleshiel"><code>@Achilleshiel</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1114">go-git/go-git#1114</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.2 to 1.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1147">go-git/go-git#1147</a></li> <li>plumbing: transport/ssh, Add support for SSH <a href="https://github.com/cert-authority"><code>@cert-authority</code></a>. by <a href="https://github.com/Javier-varez"><code>@Javier-varez</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1157">go-git/go-git#1157</a></li> <li>build: run example tests during CI workflow by <a href="https://github.com/crazybolillo"><code>@crazybolillo</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1030">go-git/go-git#1030</a></li> <li>storage: filesystem, Fix object cache not working due to uninitialised objects being put into cache by <a href="https://github.com/SatelliteMind"><code>@SatelliteMind</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1138">go-git/go-git#1138</a></li> <li>git: Fix fetching missing commits by <a href="https://github.com/AriehSchneier"><code>@AriehSchneier</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1032">go-git/go-git#1032</a></li> <li>plumbing: format/packfile, remove duplicate checks in findMatch() by <a href="https://github.com/edigaryev"><code>@edigaryev</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1152">go-git/go-git#1152</a></li> <li>git: worktree, Fix file reported as <code>Untracked</code> while it is committed by <a href="https://github.com/rodrigocam"><code>@rodrigocam</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1023">go-git/go-git#1023</a></li> <li>build: bump golang.org/x/sys from 0.22.0 to 0.23.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1160">go-git/go-git#1160</a></li> <li>plumbing: filemode, Remove check for setting size of .git/index file by <a href="https://github.com/nicholasSUSE"><code>@nicholasSUSE</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1159">go-git/go-git#1159</a></li> <li>build: bump golang.org/x/net from 0.27.0 to 0.28.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1163">go-git/go-git#1163</a></li> <li>Fix some lint warning and increase stalebot to 180 days by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1128">go-git/go-git#1128</a></li> <li>adjust path extracted from file: url on Windows by <a href="https://github.com/tomqwpl"><code>@tomqwpl</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/416">go-git/go-git#416</a></li> <li>build: bump golang.org/x/sys from 0.23.0 to 0.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1164">go-git/go-git#1164</a></li> <li>Add RestoreStaged to Worktree that mimics the behaviour of git restore --staged <!-- raw HTML omitted -->... by <a href="https://github.com/ben-tbotlabs"><code>@ben-tbotlabs</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/493">go-git/go-git#493</a></li> <li>plumbing: signature, support the same x509 signature formats as git by <a href="https://github.com/yoavamit"><code>@yoavamit</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1169">go-git/go-git#1169</a></li> <li>fix: allow discovery of non bare repos in fsLoader by <a href="https://github.com/jakobmoellerdev"><code>@jakobmoellerdev</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1170">go-git/go-git#1170</a></li> <li>build: bump golang.org/x/sys from 0.24.0 to 0.25.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1178">go-git/go-git#1178</a></li> <li>build: bump golang.org/x/text from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1179">go-git/go-git#1179</a></li> <li>build: bump golang.org/x/net from 0.28.0 to 0.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1184">go-git/go-git#1184</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/94bd4af1deb15a64e90c6287eaf9e9f09b192a1f"><code>94bd4af</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1261">#1261</a> from BeChris/issue680</li> <li><a href="https://github.com/go-git/go-git/commit/8b7f5ba6f0cade1a25c5c4ca9e4d07a95c639945"><code>8b7f5ba</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1262">#1262</a> from go-git/dependabot/go_modules/github.com/elazarl...</li> <li><a href="https://github.com/go-git/go-git/commit/41d80a059a481d4c623bc8185c41ce82ed8ce985"><code>41d80a0</code></a> build: bump github.com/elazarl/goproxy</li> <li><a href="https://github.com/go-git/go-git/commit/499814044f111480b2a17a07c5a7a4c523ce5b87"><code>4998140</code></a> git: worktree_commit, sanitize author and commiter name and email before crea...</li> <li><a href="https://github.com/go-git/go-git/commit/9049625b98bd05edb9f1d00e7ff5da763afc0745"><code>9049625</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1260">#1260</a> from go-git/dependabot/github_actions/github/codeql-...</li> <li><a href="https://github.com/go-git/go-git/commit/dae48b4340d1cc6b562ade40b54049584075991f"><code>dae48b4</code></a> build: bump github/codeql-action from 3.27.9 to 3.28.0</li> <li><a href="https://github.com/go-git/go-git/commit/7d6fbc2c2a05eb6327b298b816bc0c4f854820a6"><code>7d6fbc2</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1220">#1220</a> from BeChris/accept_uppercase_hexa_in_pktline_length</li> <li><a href="https://github.com/go-git/go-git/commit/62a77b7d343dc1ed08d1d691efa13d81788cbc29"><code>62a77b7</code></a> plumbing: Fix invalid reference name error while cloning branches containing ...</li> <li><a href="https://github.com/go-git/go-git/commit/5e11196652708f339737b31bf9639373610dd7d1"><code>5e11196</code></a> plumbing: format/pktline, accept upercase hexadecimal value as pktline length...</li> <li><a href="https://github.com/go-git/go-git/commit/65f5e1ade083cfabacc2de4aaa68f7880e22b642"><code>65f5e1a</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1256">#1256</a> from go-git/dependabot/go_modules/golang-org-232a611e2d</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.12.0...v5.13.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.9.0 to 0.10.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/sync/commit/913fb63af28f446cd10c684ee847b5606cf328f7"><code>913fb63</code></a> singleflight: fix typo in singleflight_test.go</li> <li>See full diff in <a href="https://github.com/golang/sync/compare/v0.9.0...v0.10.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Zachary Becker <[email protected]>
…bft#4754) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.68.0 to 1.69.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.69.2</h2> <h1>Bug Fixes</h1> <ul> <li>stats/experimental: add type aliases for symbols (<code>Metrics</code>/etc) that were moved to the stats package (<a href="https://redirect.github.com/grpc/grpc-go/issues/7929">#7929</a>).</li> <li>client: set user-agent string to the correct version.</li> </ul> <h2>Release 1.69.0</h2> <h1>Known Issues</h1> <ul> <li>The recently added <code>grpc.NewClient</code> function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. A fix is expected to be a part of grpc-go v1.70. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7556">#7556</a>)</li> </ul> <h1>New Features</h1> <ul> <li>stats/opentelemetry: Introduce new APIs to enable OpenTelemetry instrumentation for metrics on servers and clients (<a href="https://redirect.github.com/grpc/grpc-go/issues/7874">#7874</a>)</li> <li>xdsclient: add support to fallback to lower priority servers when higher priority ones are down (<a href="https://redirect.github.com/grpc/grpc-go/issues/7701">#7701</a>)</li> <li>dns: Add support for link local IPv6 addresses (<a href="https://redirect.github.com/grpc/grpc-go/issues/7889">#7889</a>)</li> <li>The new experimental <code>pickfirst</code> LB policy (disabled by default) supports Happy Eyeballs, interleaving IPv4 and IPv6 address as described in <a href="https://www.rfc-editor.org/rfc/rfc8305#section-4">RFC-8305 section 4</a>, to attempt connections to multiple backends concurrently. The experimental <code>pickfirst</code> policy can be enabled by setting the environment variable <code>GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST</code> to <code>true</code>. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7725">#7725</a>, <a href="https://redirect.github.com/grpc/grpc-go/issues/7742">#7742</a>)</li> <li>balancer/pickfirst: Emit metrics from the <code>pick_first</code> load balancing policy (<a href="https://redirect.github.com/grpc/grpc-go/issues/7839">#7839</a>)</li> <li>grpc: export <code>MethodHandler</code>, which is the type of an already-exported field in <code>MethodDesc</code> (<a href="https://redirect.github.com/grpc/grpc-go/issues/7796">#7796</a>) <ul> <li>Special Thanks: <a href="https://github.com/mohdjishin"><code>@mohdjishin</code></a></li> </ul> </li> </ul> <h1>Bug Fixes</h1> <ul> <li>credentials/google: set scope for application default credentials (<a href="https://redirect.github.com/grpc/grpc-go/issues/7887">#7887</a>) <ul> <li>Special Thanks: <a href="https://github.com/halvards"><code>@halvards</code></a></li> </ul> </li> <li>xds: fix edge-case issues where some clients or servers would not initialize correctly or would not receive errors when resources are invalid or unavailable if another channel or server with the same target was already in use . (<a href="https://redirect.github.com/grpc/grpc-go/issues/7851">#7851</a>, <a href="https://redirect.github.com/grpc/grpc-go/issues/7853">#7853</a>)</li> <li>examples: fix the debugging example, which was broken by a recent change (<a href="https://redirect.github.com/grpc/grpc-go/issues/7833">#7833</a>)</li> </ul> <h1>Behavior Changes</h1> <ul> <li>client: update retry attempt backoff to apply jitter per updates to <a href="https://github.com/grpc/proposal/blob/master/A6-client-retries.md">gRFC A6</a>. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7869">#7869</a>) <ul> <li>Special Thanks: <a href="https://github.com/isgj"><code>@isgj</code></a></li> </ul> </li> <li>balancer/weightedroundrobin: use the <code>pick_first</code> LB policy to manage connections (<a href="https://redirect.github.com/grpc/grpc-go/issues/7826">#7826</a>)</li> </ul> <h1>API Changes</h1> <ul> <li>balancer: An internal method is added to the <code>balancer.SubConn</code> interface to force implementors to embed a delegate implementation. This requirement is present in the interface documentation, but wasn't enforced earlier. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7840">#7840</a>)</li> </ul> <h1>Performance Improvements</h1> <ul> <li>mem: implement a <code>ReadAll()</code> method for more efficient <code>io.Reader</code> consumption (<a href="https://redirect.github.com/grpc/grpc-go/issues/7653">#7653</a>) <ul> <li>Special Thanks: <a href="https://github.com/ash2k"><code>@ash2k</code></a></li> </ul> </li> <li>mem: use slice capacity instead of length to determine whether to pool buffers or directly allocate them (<a href="https://redirect.github.com/grpc/grpc-go/issues/7702">#7702</a>) <ul> <li>Special Thanks: <a href="https://github.com/PapaCharlie"><code>@PapaCharlie</code></a></li> </ul> </li> </ul> <h1>Documentation</h1> <ul> <li>examples/csm_observability: Add xDS Credentials and switch server to be xDS enabled (<a href="https://redirect.github.com/grpc/grpc-go/issues/7875">#7875</a>)</li> </ul> <h2>Release 1.68.2</h2> <h1>Dependencies</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/b615b35c4feb932a0ac658fb86b7127f10ef664e"><code>b615b35</code></a> Change version to 1.69.2 (<a href="https://redirect.github.com/grpc/grpc-go/issues/7947">#7947</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/6b36a3e60ae03bc1aebf3f3e6bce58a2bc496ded"><code>6b36a3e</code></a> experimental/stats: re-add type aliases for migration (<a href="https://redirect.github.com/grpc/grpc-go/issues/7929">#7929</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/7941">#7941</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/4535c6d2699749b5cd423e07caa7459fa42a76a7"><code>4535c6d</code></a> Change version to 1.69.2-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/7928">#7928</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/b6e7c72ece4bc35a2fd79952cee6305a7ce5aaef"><code>b6e7c72</code></a> examples/features/csm_observability: Make CSM Observability example server li...</li> <li><a href="https://github.com/grpc/grpc-go/commit/9355fbcc19aca55a3b6803626cb9f26f2ac7874e"><code>9355fbc</code></a> Change version to 1.69.1 (<a href="https://redirect.github.com/grpc/grpc-go/issues/7927">#7927</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/927a1e1d1ae83fd60664b2d9d7d07539dea38eaa"><code>927a1e1</code></a> Change version to 1.69.1-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/7902">#7902</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/97d633a62e60acb359d26b3a5fa390ac5e04b732"><code>97d633a</code></a> Change version to 1.69.0 (<a href="https://redirect.github.com/grpc/grpc-go/issues/7901">#7901</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/317271b232677b7869576a49855b01b9f4775d67"><code>317271b</code></a> pickfirst: Register a health listener when used as a leaf policy (<a href="https://redirect.github.com/grpc/grpc-go/issues/7832">#7832</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/5565631455d326987ad3f9dba6d45478cc426c9f"><code>5565631</code></a> balancer/pickfirst: replace grpc.Dial with grpc.NewClient in tests (<a href="https://redirect.github.com/grpc/grpc-go/issues/7879">#7879</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/634497b75899887567d48ff134059443069b8196"><code>634497b</code></a> test: Split import paths for generated message and service code (<a href="https://redirect.github.com/grpc/grpc-go/issues/7891">#7891</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.68.0...v1.69.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Zachary Becker <[email protected]>
…ometbft#4755) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.60.1 to 0.61.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/common/releases">github.com/prometheus/common's releases</a>.</em></p> <blockquote> <h2>v0.61.0</h2> <h2>What's Changed</h2> <ul> <li>Mark sigv4 deprecated by <a href="https://github.com/SuperQ"><code>@SuperQ</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/715">prometheus/common#715</a></li> <li>Provide a way to get UserAgent by <a href="https://github.com/mmorel-35"><code>@mmorel-35</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/716">prometheus/common#716</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/714">prometheus/common#714</a></li> <li>Bump golang.org/x/net from 0.29.0 to 0.30.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/712">prometheus/common#712</a></li> <li>chore: enable perfsprint linter by <a href="https://github.com/mmorel-35"><code>@mmorel-35</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/717">prometheus/common#717</a></li> <li>chore: use testify instead of testing.Fatal by <a href="https://github.com/mmorel-35"><code>@mmorel-35</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/718">prometheus/common#718</a></li> <li>Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/711">prometheus/common#711</a></li> <li>setup dependabot for <code>github.com/prometheus/common/assets</code> by <a href="https://github.com/mmorel-35"><code>@mmorel-35</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/719">prometheus/common#719</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/721">prometheus/common#721</a></li> <li>Mark promlog deprecated by <a href="https://github.com/SuperQ"><code>@SuperQ</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/720">prometheus/common#720</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/722">prometheus/common#722</a></li> <li>Allow custom user-agent definition by <a href="https://github.com/mmorel-35"><code>@mmorel-35</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/725">prometheus/common#725</a></li> <li>fix: values escaping bugs by <a href="https://github.com/ywwg"><code>@ywwg</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/727">prometheus/common#727</a></li> <li>fix(promslog): always use UTC for time by <a href="https://github.com/tjhop"><code>@tjhop</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/735">prometheus/common#735</a></li> <li>Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in /assets by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/729">prometheus/common#729</a></li> <li>Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/730">prometheus/common#730</a></li> <li>promslog: always lowercase log level from CLI by <a href="https://github.com/jkroepke"><code>@jkroepke</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/728">prometheus/common#728</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/726">prometheus/common#726</a></li> <li>Bump golang.org/x/net from 0.30.0 to 0.32.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/736">prometheus/common#736</a></li> <li>Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/731">prometheus/common#731</a></li> <li>Bump google.golang.org/protobuf from 1.35.1 to 1.35.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/732">prometheus/common#732</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.60.1...v0.61.0">https://github.com/prometheus/common/compare/v0.60.1...v0.61.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/common/commit/7b484e97ca04d69d5db9a46326f399f230e1e4e0"><code>7b484e9</code></a> Bump google.golang.org/protobuf from 1.35.1 to 1.35.2 (<a href="https://redirect.github.com/prometheus/common/issues/732">#732</a>)</li> <li><a href="https://github.com/prometheus/common/commit/05e3c4037f304834166c34a305a0658ef5b8db4c"><code>05e3c40</code></a> Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (<a href="https://redirect.github.com/prometheus/common/issues/731">#731</a>)</li> <li><a href="https://github.com/prometheus/common/commit/a0ef7371c3226c0353f663af2779e573dce2bd89"><code>a0ef737</code></a> Bump golang.org/x/net from 0.30.0 to 0.32.0 (<a href="https://redirect.github.com/prometheus/common/issues/736">#736</a>)</li> <li><a href="https://github.com/prometheus/common/commit/f99f029bc33e969a04aa799cb0e3fb96ab55ac7c"><code>f99f029</code></a> Update common Prometheus files (<a href="https://redirect.github.com/prometheus/common/issues/726">#726</a>)</li> <li><a href="https://github.com/prometheus/common/commit/b88f24cd1d8e9dc895a67e5de83aa15b75cb1243"><code>b88f24c</code></a> promslog: always lowercase log level from CLI (<a href="https://redirect.github.com/prometheus/common/issues/728">#728</a>)</li> <li><a href="https://github.com/prometheus/common/commit/2c3c048674edaf6067181aaeae0496d8234d9b02"><code>2c3c048</code></a> Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (<a href="https://redirect.github.com/prometheus/common/issues/730">#730</a>)</li> <li><a href="https://github.com/prometheus/common/commit/ec7291f51d0897a24d460e5b9d3640f78b37bdeb"><code>ec7291f</code></a> Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in /assets (<a href="https://redirect.github.com/prometheus/common/issues/729">#729</a>)</li> <li><a href="https://github.com/prometheus/common/commit/145b50adb4ece06ea09a5b0abcbedb76bd1b123a"><code>145b50a</code></a> fix(promslog): always use UTC for time (<a href="https://redirect.github.com/prometheus/common/issues/735">#735</a>)</li> <li><a href="https://github.com/prometheus/common/commit/39a62f7ded818701bb7c79d88119d6a1c9e72154"><code>39a62f7</code></a> fix: values escaping bugs (<a href="https://redirect.github.com/prometheus/common/issues/727">#727</a>)</li> <li><a href="https://github.com/prometheus/common/commit/7ed45232224c2722ad677589452579095a42e4fe"><code>7ed4523</code></a> Allow custom user-agent definition (<a href="https://redirect.github.com/prometheus/common/issues/725">#725</a>)</li> <li>Additional commits viewable in <a href="https://github.com/prometheus/common/compare/v0.60.1...v0.61.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Zachary Becker <[email protected]>
…ometbft#4757) Bumps google.golang.org/protobuf from 1.35.2 to 1.36.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…bft#4856) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.2 to 1.69.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.69.4</h2> <h1>Bug Fixes</h1> <ul> <li>rbac: fix support for :path header matchers, which would previously never successfully match (<a href="https://redirect.github.com/grpc/grpc-go/issues/7965">#7965</a>).</li> </ul> <h1>Documentation</h1> <ul> <li>examples/features/csm_observability: update example client and server to use the helloworld service instead of echo service (<a href="https://redirect.github.com/grpc/grpc-go/issues/7945">#7945</a>).</li> </ul> <p>Release 1.69.3 was accidentally tagged on the master branch and will be deleted. Please update to 1.69.4 instead.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/4103cfc52a951673d441f8b2c02eee96e31f1897"><code>4103cfc</code></a> Change version to 1.69.4 (<a href="https://redirect.github.com/grpc/grpc-go/issues/8005">#8005</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/cf6ddaa06db9da8bcdc23e682b72dcf831abfda8"><code>cf6ddaa</code></a> Change version to 1.69.4-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/8001">#8001</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/94a0c2cbfc5fa21cdc3f2a3eecad7f5ae5e23e99"><code>94a0c2c</code></a> Change version to 1.69.3 (<a href="https://redirect.github.com/grpc/grpc-go/issues/8000">#8000</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/ec415604a2f817c7c44fbadfa3f7983c9f6ab8d5"><code>ec41560</code></a> Cherry pick <a href="https://redirect.github.com/grpc/grpc-go/issues/7965">#7965</a> <a href="https://redirect.github.com/grpc/grpc-go/issues/7945">#7945</a> to v1.69.x (<a href="https://redirect.github.com/grpc/grpc-go/issues/7996">#7996</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/3b328ba4d21148e7d4526e938b0b2cde611b388f"><code>3b328ba</code></a> Change version to 1.69.3-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/7948">#7948</a>)</li> <li>See full diff in <a href="https://github.com/grpc/grpc-go/compare/v1.69.2...v1.69.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4858) Bumps google.golang.org/protobuf from 1.36.1 to 1.36.3. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to 0.34.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/8da7ed17cdaf5e1d42aa868f0b0322a207a17dcd"><code>8da7ed1</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/2124140b044c3cbbd6a3ed7c45e2d4420be7039d"><code>2124140</code></a> all: make function and struct comments match the names</li> <li><a href="https://github.com/golang/net/commit/e9d95ba163f72442cc09dca1865147a62351ac72"><code>e9d95ba</code></a> http2: do not surface errors from a conn's idle timer expiring</li> <li><a href="https://github.com/golang/net/commit/c2be9921fe46b336b1991c4e5984666bd75b941f"><code>c2be992</code></a> quic: remember which remote connection IDs have been retired</li> <li>See full diff in <a href="https://github.com/golang/net/compare/v0.33.0...v0.34.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4861) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.13.0 to 5.13.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.13.2</h2> <h2>What's Changed</h2> <ul> <li>plumbing: use the correct user agent string. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/883">#883</a> by <a href="https://github.com/uragirii"><code>@uragirii</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1364">go-git/go-git#1364</a></li> <li>build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1365">go-git/go-git#1365</a></li> <li>build: bump the golang-org group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1367">go-git/go-git#1367</a></li> <li>build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1368">go-git/go-git#1368</a></li> <li>build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1378">go-git/go-git#1378</a></li> <li>build: bump github/codeql-action from 3.28.0 to 3.28.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1376">go-git/go-git#1376</a></li> <li>build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1377">go-git/go-git#1377</a></li> <li>git: worktree, fix restoring dot slash files (backported to v5). Fixes <a href="https://redirect.github.com/go-git/go-git/issues/1176">#1176</a> by <a href="https://github.com/BeChris"><code>@BeChris</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1361">go-git/go-git#1361</a></li> <li>build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1392">go-git/go-git#1392</a></li> <li>git: worktree_status, fix adding dot slash files to working tree (backported to v5). Fixes <a href="https://redirect.github.com/go-git/go-git/issues/1150">#1150</a> by <a href="https://github.com/BeChris"><code>@BeChris</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1359">go-git/go-git#1359</a></li> <li>build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1383">go-git/go-git#1383</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.13.1...v5.13.2">https://github.com/go-git/go-git/compare/v5.13.1...v5.13.2</a></p> <h2>v5.13.1</h2> <h2>What's Changed</h2> <ul> <li>build: bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1327">go-git/go-git#1327</a></li> <li>build: bump github.com/elazarl/goproxy from 1.2.1 to 1.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1329">go-git/go-git#1329</a></li> <li>build: bump github.com/elazarl/goproxy from 1.2.2 to 1.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1340">go-git/go-git#1340</a></li> <li>Revert "plumbing: transport/ssh, Add support for SSH <a href="https://github.com/cert-authority"><code>@cert-authority</code></a>." by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/issues/1346">#1346</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.13.0...v5.13.1">https://github.com/go-git/go-git/compare/v5.13.0...v5.13.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/2c6824768b483ea030ba312972e508c23e62d75c"><code>2c68247</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1383">#1383</a> from go-git/dependabot/go_modules/github.com/ProtonM...</li> <li><a href="https://github.com/go-git/go-git/commit/d462c2e805717c5f084657eede3b8804b7d0566b"><code>d462c2e</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1359">#1359</a> from BeChris/issue1150-v5</li> <li><a href="https://github.com/go-git/go-git/commit/32ac23a70733b230478a7431f0210d5615e1c5b5"><code>32ac23a</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1392">#1392</a> from go-git/dependabot/go_modules/github.com/pjbgf/s...</li> <li><a href="https://github.com/go-git/go-git/commit/93e635a0f5255658775091b975512c7774b60767"><code>93e635a</code></a> build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2</li> <li><a href="https://github.com/go-git/go-git/commit/b2bb975dca41917cc2efe5c40f7be0cdf9eeb0e9"><code>b2bb975</code></a> git: worktree_status, took into account code review remarks</li> <li><a href="https://github.com/go-git/go-git/commit/518ac8860920e2b52c039828f821321b53cb7f64"><code>518ac88</code></a> git: worktree_status, fix adding dot slash files to working tree (backported ...</li> <li><a href="https://github.com/go-git/go-git/commit/21b3150921b0ce9786fb38a81cd9a8dbad0207b2"><code>21b3150</code></a> build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5</li> <li><a href="https://github.com/go-git/go-git/commit/189e7e463f747abdd8e31ef2abcbd72ad1b90621"><code>189e7e4</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1361">#1361</a> from BeChris/issue1176-v5</li> <li><a href="https://github.com/go-git/go-git/commit/654815aad1bd5bc35d9f5eb3d7a201af0c4457f5"><code>654815a</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1377">#1377</a> from go-git/dependabot/go_modules/github.com/elazarl...</li> <li><a href="https://github.com/go-git/go-git/commit/91dbdb92df7594bc8e42e355e82bf2c63be31a22"><code>91dbdb9</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1376">#1376</a> from go-git/dependabot/github_actions/github/codeql-...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.13.0...v5.13.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4865) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.61.0 to 0.62.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/common/releases">github.com/prometheus/common's releases</a>.</em></p> <blockquote> <h2>v0.62.0</h2> <p>⚠️ This releases switches internal global to <code>UTF8Validation</code> from <code>LegacyValidation</code>. This is a breaking change, relaxing the validation. We don't intend to add more schemas and we have to have a global for unmarshalling interfaces, thus the change was made⚠️ </p> <h2>What's Changed</h2> <ul> <li>Change default validation scheme to UTF8Validation by <a href="https://github.com/ywwg"><code>@ywwg</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/724">prometheus/common#724</a></li> <li>Remove deprecated promlog package by <a href="https://github.com/SuperQ"><code>@SuperQ</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/738">prometheus/common#738</a></li> <li>Remove deprecated sigv4 module by <a href="https://github.com/SuperQ"><code>@SuperQ</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/737">prometheus/common#737</a></li> <li>update links to openmetrics to reference the v1.0.0 release by <a href="https://github.com/dashpole"><code>@dashpole</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/740">prometheus/common#740</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/742">prometheus/common#742</a></li> <li>Bump google.golang.org/protobuf from 1.35.2 to 1.36.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/744">prometheus/common#744</a></li> <li>Bump golang.org/x/net from 0.32.0 to 0.33.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/743">prometheus/common#743</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/747">prometheus/common#747</a></li> <li>http_config: Allow customizing TLS config and settings. by <a href="https://github.com/bwplotka"><code>@bwplotka</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/748">prometheus/common#748</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dashpole"><code>@dashpole</code></a> made their first contribution in <a href="https://redirect.github.com/prometheus/common/pull/740">prometheus/common#740</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.61.0...v0.62.0">https://github.com/prometheus/common/compare/v0.61.0...v0.62.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/common/commit/280b0e7d5bdf09ddfd2d93c226671cb2ebdb7d5f"><code>280b0e7</code></a> http_config: Allow customizing TLS config and settings. (<a href="https://redirect.github.com/prometheus/common/issues/748">#748</a>)</li> <li><a href="https://github.com/prometheus/common/commit/aea8919bdc8b0b593086473f99c50ca6d5796c0c"><code>aea8919</code></a> Update common Prometheus files (<a href="https://redirect.github.com/prometheus/common/issues/747">#747</a>)</li> <li><a href="https://github.com/prometheus/common/commit/8d916fab5bd4b281fe2797100a6cabe2515d3d59"><code>8d916fa</code></a> Bump golang.org/x/net from 0.32.0 to 0.33.0 (<a href="https://redirect.github.com/prometheus/common/issues/743">#743</a>)</li> <li><a href="https://github.com/prometheus/common/commit/fe88605b113417b6baba52ec2850187ac127cc1c"><code>fe88605</code></a> Bump google.golang.org/protobuf from 1.35.2 to 1.36.1 (<a href="https://redirect.github.com/prometheus/common/issues/744">#744</a>)</li> <li><a href="https://github.com/prometheus/common/commit/5d9961df0b3ac7927a16495c3bf40f2de421725c"><code>5d9961d</code></a> Update common Prometheus files (<a href="https://redirect.github.com/prometheus/common/issues/742">#742</a>)</li> <li><a href="https://github.com/prometheus/common/commit/0a89b987581831cf1f9061b3197b8d86f7c7b21c"><code>0a89b98</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/common/issues/740">#740</a> from dashpole/update_om_links</li> <li><a href="https://github.com/prometheus/common/commit/e3926e2a56435b2213296803d4e6c6f66fc3c423"><code>e3926e2</code></a> update links to openmetrics to reference the v1.0.0 release</li> <li><a href="https://github.com/prometheus/common/commit/d88ee1f244f31e9376f4aa8ad865bd5c7dd4a814"><code>d88ee1f</code></a> Remove deprecated sigv4 module (<a href="https://redirect.github.com/prometheus/common/issues/737">#737</a>)</li> <li><a href="https://github.com/prometheus/common/commit/c3fdb171ceca4b3f86385f2f436c7e8cac676548"><code>c3fdb17</code></a> Remove deprecated promlog package (<a href="https://redirect.github.com/prometheus/common/issues/738">#738</a>)</li> <li><a href="https://github.com/prometheus/common/commit/cf5f48f181f5270eeac48e077e974ba0e00f5c58"><code>cf5f48f</code></a> Change default validation scheme to UTF8Validation (<a href="https://redirect.github.com/prometheus/common/issues/724">#724</a>)</li> <li>See full diff in <a href="https://github.com/prometheus/common/compare/v0.61.0...v0.62.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…etbft#4882) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.12.0 to 6.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.13.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.51.0 to 0.53.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1308">docker/build-push-action#1308</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0">https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/ca877d9245402d1537745e0e356eab47c3520991"><code>ca877d9</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1308">#1308</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/d2fe919bb5012a6186426dc91c361c4980d10c2d"><code>d2fe919</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/f0fc9ece82cf2ace13ec8f35687697ae511bdf74"><code>f0fc9ec</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.51.0 to 0.53.0</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4900) Bumps google.golang.org/protobuf from 1.36.3 to 1.36.4. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
lower than what was previously reported GHSA-22qq-3xwm-r5x4
…bft#4901) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.4 to 1.70.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.70.0</h2> <h1>Behavior Changes</h1> <ul> <li>client: reject service configs containing an invalid retryPolicy in accordance with gRFCs <a href="https://github.com/grpc/proposal/blob/master/A21-service-config-error-handling.md">A21</a> and <a href="https://github.com/grpc/proposal/blob/master/A6-client-retries.md">A6</a>. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7905">#7905</a>) <ul> <li>Note that this is a potential breaking change for some users using an invalid configuration, but continuing to allow this behavior would violate our cross-language compatibility requirements.</li> </ul> </li> </ul> <h1>New Features</h1> <ul> <li>xdsclient: fallback to a secondary management server (if specified in the bootstrap configuration) when the primary is down is enabled by default. Can be disabled by setting the environment variable <code>GRPC_EXPERIMENTAL_XDS_FALLBACK</code> to <code>false</code>. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7949">#7949</a>)</li> <li>experimental/credentials: experimental transport credentials are added which don't enforce ALPN. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7980">#7980</a>) <ul> <li>These credentials will be removed in an upcoming grpc-go release. Users must not rely on these credentials directly. Instead, they should either vendor a specific version of gRPC or copy the relevant credentials into their own codebase if absolutely necessary.</li> </ul> </li> </ul> <h1>Bug Fixes</h1> <ul> <li>xds: fix a possible deadlock that happens when both the client application and the xDS management server (responsible for configuring the client) are using the xds:/// scheme in their target URIs. (<a href="https://redirect.github.com/grpc/grpc-go/issues/8011">#8011</a>)</li> </ul> <h1>Performance</h1> <ul> <li>server: for unary requests, free raw request message data as soon as parsing is finished instead of waiting until the method handler returns. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7998">#7998</a>) <ul> <li>Special Thanks: <a href="https://github.com/lqs"><code>@lqs</code></a></li> </ul> </li> </ul> <h1>Documentation</h1> <ul> <li>examples/features/gracefulstop: add example to demonstrate server graceful stop. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7865">#7865</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/98a0092952dd4d8443229c3a335ec592d9c40c9b"><code>98a0092</code></a> Change version to 1.70.0 (<a href="https://redirect.github.com/grpc/grpc-go/issues/7984">#7984</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/bf380dec5e059ea6e7d07cec015dd0c913831a6a"><code>bf380de</code></a> Cherrypick <a href="https://redirect.github.com/grpc/grpc-go/issues/7998">#7998</a>, <a href="https://redirect.github.com/grpc/grpc-go/issues/8011">#8011</a>, <a href="https://redirect.github.com/grpc/grpc-go/issues/8010">#8010</a> into 1.70.x (<a href="https://redirect.github.com/grpc/grpc-go/issues/8028">#8028</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/54b3eb97dbf7400efb5750f26084c2d3b2eff120"><code>54b3eb9</code></a> experimental/credentials: Add credentials that don't enforce ALPN (<a href="https://redirect.github.com/grpc/grpc-go/issues/7980">#7980</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/8">#8</a>...</li> <li><a href="https://github.com/grpc/grpc-go/commit/62b9185a6296155e47efd39d60298d8de0a6ed1d"><code>62b9185</code></a> clustetresolver: Copy endpoints.Addresses slice from DNS updates to avoid dat...</li> <li><a href="https://github.com/grpc/grpc-go/commit/724f450f77a09bade8174e5052625977069aaf81"><code>724f450</code></a> examples/features/csm_observability: use helloworld client and server instead...</li> <li><a href="https://github.com/grpc/grpc-go/commit/e8d5feb181766059429259ce3345ddb1f667ded5"><code>e8d5feb</code></a> rbac: add method name to :path in headers (<a href="https://redirect.github.com/grpc/grpc-go/issues/7965">#7965</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/e912015fd3f4aabdff6d6cf835e321c19a204afb"><code>e912015</code></a> cleanup: Fix usages of non-constant format strings (<a href="https://redirect.github.com/grpc/grpc-go/issues/7959">#7959</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/681334a46115da3a5f9086c47e3d501a19362256"><code>681334a</code></a> cleanup: replace dial with newclient (<a href="https://redirect.github.com/grpc/grpc-go/issues/7943">#7943</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/063d352de07403a582ef33f8f5f8149e3b57c47e"><code>063d352</code></a> internal/resolver: introduce a new resolver to handle target URI and proxy ad...</li> <li><a href="https://github.com/grpc/grpc-go/commit/10c7e13311f48bf5237738f4f19b53f62b1146cd"><code>10c7e13</code></a> outlierdetection: Support health listener for ejection updates (<a href="https://redirect.github.com/grpc/grpc-go/issues/7908">#7908</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.69.4...v1.70.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
|
Hey there and thank you for opening this pull request! 👋🏼 We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted. Details: General format: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR checklist
.changelog(we use unclog to manage our changelog)docs/orspec/) and code comments