DO NOT MERGE: osmo v27/0.38.15 #148
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…bft#4194) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.7.0 to 6.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.8.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.37.1 to 0.38.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1230">docker/build-push-action#1230</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/32945a339266b759abcbdc89316275140b0fc960"><code>32945a3</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1230">#1230</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/e0fe9cf0f26132beab7b62929bd647eef9e7df31"><code>e0fe9cf</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/8f1ff6bf9a836299c21b10f942be49efb52a832c"><code>8f1ff6b</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.37.1 to 0.38.0</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4207) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.11.0 to 5.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.12.0</h2> <h2>What's Changed</h2> <ul> <li>git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by <a href="https://github.com/moranCohen26"><code>@moranCohen26</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li> <li>git: Signer: fix usage of crypto.Signer interface by <a href="https://github.com/wlynch"><code>@wlynch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1029">go-git/go-git#1029</a></li> <li>git: Remote, fetch, adds the prune option. by <a href="https://github.com/juliens"><code>@juliens</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li> <li>git: Add crypto.Signer option to CommitOptions. by <a href="https://github.com/wlynch"><code>@wlynch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li> <li>git: Worktree checkout tag hash id (<a href="https://redirect.github.com/go-git/go-git/issues/959">#959</a>) by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/966">go-git/go-git#966</a></li> <li>git: Worktree, Don't panic on empty or root path when checking if it is valid by <a href="https://github.com/tim775"><code>@tim775</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li> <li>git: Add commit validation for Reset by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1048">go-git/go-git#1048</a></li> <li>git: worktree_commit, Fix amend commit to apply changes. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/1024">#1024</a> by <a href="https://github.com/onee-only"><code>@onee-only</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1045">go-git/go-git#1045</a></li> <li>git: Implement Merge function with initial <code>FastForwardMerge</code> support by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1044">go-git/go-git#1044</a></li> <li>plumbing: object, Make first commit visible on logs filtered with filename. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/191">#191</a> by <a href="https://github.com/onee-only"><code>@onee-only</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li> <li>plumbing: no panic in printStats function. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/177">#177</a> by <a href="https://github.com/nodivbyzero"><code>@nodivbyzero</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/971">go-git/go-git#971</a></li> <li>plumbing: object, Optimize logging with file. by <a href="https://github.com/onee-only"><code>@onee-only</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1046">go-git/go-git#1046</a></li> <li>plumbing: object, check legitimacy in (*Tree).Encode by <a href="https://github.com/niukuo"><code>@niukuo</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li> <li>plumbing: format/gitattributes, close file in ReadAttributesFile by <a href="https://github.com/prskr"><code>@prskr</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li> <li>plumbing: check setAuth error. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/185">#185</a> by <a href="https://github.com/nodivbyzero"><code>@nodivbyzero</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/969">go-git/go-git#969</a></li> <li>plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by <a href="https://github.com/Jerry-yz"><code>@Jerry-yz</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li> <li>utils: merkletrie, calculate filesystem node's hash lazily. by <a href="https://github.com/candid82"><code>@candid82</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li> <li>utils: update comment in node.go's Hash() by <a href="https://github.com/codablock"><code>@codablock</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li> <li>_example: fix 404 link and added ssh-agent clone link by <a href="https://github.com/grinish21"><code>@grinish21</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li> <li>_example: checkout-branch example by <a href="https://github.com/dlambda"><code>@dlambda</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li> <li>_example: example for git clone using ssh-agent by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/998">go-git/go-git#998</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/candid82"><code>@candid82</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li> <li><a href="https://github.com/codablock"><code>@codablock</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li> <li><a href="https://github.com/Jerry-yz"><code>@Jerry-yz</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li> <li><a href="https://github.com/wlynch"><code>@wlynch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li> <li><a href="https://github.com/moranCohen26"><code>@moranCohen26</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li> <li><a href="https://github.com/grinish21"><code>@grinish21</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li> <li><a href="https://github.com/prskr"><code>@prskr</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li> <li><a href="https://github.com/dlambda"><code>@dlambda</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li> <li><a href="https://github.com/juliens"><code>@juliens</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li> <li><a href="https://github.com/onee-only"><code>@onee-only</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li> <li><a href="https://github.com/tim775"><code>@tim775</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li> <li><a href="https://github.com/niukuo"><code>@niukuo</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li> <li><a href="https://github.com/avoidalone"><code>@avoidalone</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/1047">go-git/go-git#1047</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/302dddeda962e4bb3477a8e4080bc6f5a253e2bb"><code>302ddde</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1060">#1060</a> from go-git/dependabot/go_modules/github.com/gliderl...</li> <li><a href="https://github.com/go-git/go-git/commit/6bba34deab858ad5d74733686f0a8b4c2940f388"><code>6bba34d</code></a> build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7</li> <li><a href="https://github.com/go-git/go-git/commit/feaeb36df2438dd5f861be2c1041f4e07c126233"><code>feaeb36</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/937">#937</a> from matejrisek/feature/rename-short-fields</li> <li><a href="https://github.com/go-git/go-git/commit/7959a42552a99b2e2df21a6aacafc97b2b5c7457"><code>7959a42</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1052">#1052</a> from go-git/dependabot/go_modules/github.com/skeema/...</li> <li><a href="https://github.com/go-git/go-git/commit/4c17ce7c6a7936a61cea17bee56daf5d9c2b21e4"><code>4c17ce7</code></a> build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2</li> <li><a href="https://github.com/go-git/go-git/commit/3f77e6f0292bdabb6368a42ef0f5fa925ed42f60"><code>3f77e6f</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1048">#1048</a> from pjbgf/fix-reset-validation</li> <li><a href="https://github.com/go-git/go-git/commit/6af38e000608a795320cd17c99491853f0b8ad3a"><code>6af38e0</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1047">#1047</a> from avoidalone/master</li> <li><a href="https://github.com/go-git/go-git/commit/e6c3e58198d176c497bb2dba1a2adb9302597676"><code>e6c3e58</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/1044">#1044</a> from pjbgf/ff-merge</li> <li><a href="https://github.com/go-git/go-git/commit/04f7b23cbb85040a276ab2b7d6879223779451fd"><code>04f7b23</code></a> *: fix some comments</li> <li><a href="https://github.com/go-git/go-git/commit/f4f1a876e622c45ed51d05df1298d421a6868fcc"><code>f4f1a87</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/971">#971</a> from nodivbyzero/fix-177-diff-print-file-stats</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4205) Bumps [github.com/sasha-s/go-deadlock](https://github.com/sasha-s/go-deadlock) from 0.3.1 to 0.3.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sasha-s/go-deadlock/releases">github.com/sasha-s/go-deadlock's releases</a>.</em></p> <blockquote> <h2>v0.3.3</h2> <h2>What's Changed</h2> <ul> <li>Add missing sync.NewCond wrapper by <a href="https://github.com/ncw"><code>@ncw</code></a> in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li> <li>fixed the comment of Opts.DeadlockTimeout in deadlock.go by <a href="https://github.com/h3n4l"><code>@h3n4l</code></a> in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li> <li>deadlock: Add TryLock wrappers by <a href="https://github.com/jrajahalme"><code>@jrajahalme</code></a> in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li> <li>Reuse timers with sync.Pool by <a href="https://github.com/millfort"><code>@millfort</code></a> in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/31">sasha-s/go-deadlock#31</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ncw"><code>@ncw</code></a> made their first contribution in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li> <li><a href="https://github.com/h3n4l"><code>@h3n4l</code></a> made their first contribution in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li> <li><a href="https://github.com/jrajahalme"><code>@jrajahalme</code></a> made their first contribution in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li> <li><a href="https://github.com/millfort"><code>@millfort</code></a> made their first contribution in <a href="https://redirect.github.com/sasha-s/go-deadlock/pull/31">sasha-s/go-deadlock#31</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sasha-s/go-deadlock/compare/v0.3.1...v0.3.3">https://github.com/sasha-s/go-deadlock/compare/v0.3.1...v0.3.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sasha-s/go-deadlock/commit/464d34347a399b840a4f963cc96dfc993ccf8c62"><code>464d343</code></a> update github workflows to test on go 1.23</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/564b73de7bb88918c298624d530f83efcec20cbf"><code>564b73d</code></a> update goid</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/ed6f7f6d979ce0a3df1ba7683c7735373a9a97c7"><code>ed6f7f6</code></a> Reuse timers with sync.Pool (<a href="https://redirect.github.com/sasha-s/go-deadlock/issues/31">#31</a>)</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/20e556a2e9adcf7184892aeb8d5f254293e505d7"><code>20e556a</code></a> deadlock: Add TryLock wrappers (<a href="https://redirect.github.com/sasha-s/go-deadlock/issues/30">#30</a>)</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/5afde13977e624ab3bd64e5801f75f9e8eb1f41b"><code>5afde13</code></a> fixed the comment of Opts.DeadlockTimeout in deadlock.go (<a href="https://redirect.github.com/sasha-s/go-deadlock/issues/23">#23</a>)</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/f58e13930c01bb88ec001b9eddffa3c2afcadbeb"><code>f58e139</code></a> Add missing sync.NewCond wrapper (<a href="https://redirect.github.com/sasha-s/go-deadlock/issues/22">#22</a>)</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/4a6d8f385ee1559eaf7147969730022208b3506f"><code>4a6d8f3</code></a> Create go.yml</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/e8cdaa485d8bad7743135de6082a4332c83592c4"><code>e8cdaa4</code></a> update go versions in CI</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/1182f7860fd571d1092e0483285e995aff8a0a70"><code>1182f78</code></a> Update Readme.md</li> <li><a href="https://github.com/sasha-s/go-deadlock/commit/82c26c5c235b3c675d9ddfda5792ab33a1f171f8"><code>82c26c5</code></a> migrate to travis-ci.com</li> <li>See full diff in <a href="https://github.com/sasha-s/go-deadlock/compare/v0.3.1...v0.3.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
) Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.7 to 1.10.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lib/pq/releases">github.com/lib/pq's releases</a>.</em></p> <blockquote> <h2>v1.10.9</h2> <ul> <li>Fixes backwards incompat bug with 1.13.</li> <li>Fixes pgpass issue</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lib/pq/commit/2a217b94f5ccd3de31aec4152a541b9ff64bed05"><code>2a217b9</code></a> add version check for go 1.15 (<a href="https://redirect.github.com/lib/pq/issues/1123">#1123</a>)</li> <li><a href="https://github.com/lib/pq/commit/d8d93a38df0048951ff15830d793024f890f6c3c"><code>d8d93a3</code></a> fix handle pgpass (<a href="https://redirect.github.com/lib/pq/issues/1120">#1120</a>)</li> <li><a href="https://github.com/lib/pq/commit/c10fcfec9389c2e257cf50b7e6d218dde1d062f4"><code>c10fcfe</code></a> remove stray debugging code</li> <li><a href="https://github.com/lib/pq/commit/96e73eb9aa7ba849b24eae15477456d8bbb1c9b7"><code>96e73eb</code></a> conn: Implement driver.Validator, SessionResetter for cancelation</li> <li><a href="https://github.com/lib/pq/commit/922c00e176fb3960d912dc2c7f67ea2cf18d27b0"><code>922c00e</code></a> Update codeql-analysis.yml</li> <li><a href="https://github.com/lib/pq/commit/a2a317360bd33f51c5804bde348c35a65f5644b1"><code>a2a3173</code></a> Update test.yml</li> <li><a href="https://github.com/lib/pq/commit/3a6282fb835a9901f95a9ba9c3b21e16afed61f3"><code>3a6282f</code></a> Reduced the complexity of handlePgpass (<a href="https://redirect.github.com/lib/pq/issues/1101">#1101</a>)</li> <li><a href="https://github.com/lib/pq/commit/133ac67c2960135f7e0823cb7ba858101ba3d87f"><code>133ac67</code></a> Improved the performance of CopyIn and CopyInSchema and added BufferQuoteIden...</li> <li>See full diff in <a href="https://github.com/lib/pq/compare/v1.10.7...v1.10.9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4204) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.57.0 to 0.59.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/common/releases">github.com/prometheus/common's releases</a>.</em></p> <blockquote> <h2>v0.59.1</h2> <h2>What's Changed</h2> <ul> <li>fix(utf8): Fix multiple metric name inside braces validation by <a href="https://github.com/fedetorres93"><code>@fedetorres93</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/691">prometheus/common#691</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.59.0...v0.59.1">https://github.com/prometheus/common/compare/v0.59.0...v0.59.1</a></p> <h2>v0.59.0</h2> <h2>What's Changed</h2> <ul> <li>expfmt: Add WithEscapingScheme to help construct Formats by <a href="https://github.com/ywwg"><code>@ywwg</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/688">prometheus/common#688</a></li> <li>Change the default escape method to UnderscoreEscaping by <a href="https://github.com/ywwg"><code>@ywwg</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/690">prometheus/common#690</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.58.0...v0.59.0">https://github.com/prometheus/common/compare/v0.58.0...v0.59.0</a></p> <h2>v0.58.0</h2> <h2>What's Changed</h2> <ul> <li>docs: mention new promslog package in package list in README by <a href="https://github.com/tjhop"><code>@tjhop</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/683">prometheus/common#683</a></li> <li>Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/684">prometheus/common#684</a></li> <li>Bump golang.org/x/net from 0.27.0 to 0.28.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/685">prometheus/common#685</a></li> <li>Remove secret file existence check in Validate for headers by <a href="https://github.com/roidelapluie"><code>@roidelapluie</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/687">prometheus/common#687</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.57.0...v0.58.0">https://github.com/prometheus/common/compare/v0.57.0...v0.58.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/common/commit/be8a747a1cf9f34dd301ff4e9f8527262e66c153"><code>be8a747</code></a> fix(utf8): Fix multiple metric name inside braces validation (<a href="https://redirect.github.com/prometheus/common/issues/691">#691</a>)</li> <li><a href="https://github.com/prometheus/common/commit/bf4843e30aed46215093a79e381b07ba8df96e0a"><code>bf4843e</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/common/issues/690">#690</a> from ywwg/owilliams/default-escaping</li> <li><a href="https://github.com/prometheus/common/commit/01da22614fd688ce9040f3c72169b09b8104eec1"><code>01da226</code></a> Change the default escape method to UnderscoreEscaping</li> <li><a href="https://github.com/prometheus/common/commit/4f8e8f4cacf11e4d69d587e30d99ae7d88cc0878"><code>4f8e8f4</code></a> expfmt: Add WithEscapingScheme to help construct Formats (<a href="https://redirect.github.com/prometheus/common/issues/688">#688</a>)</li> <li><a href="https://github.com/prometheus/common/commit/b1880d0dabb633dbf29b999c6a046637efb602fe"><code>b1880d0</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/common/issues/687">#687</a> from roidelapluie/checkheader</li> <li><a href="https://github.com/prometheus/common/commit/334963d1a28ee07975f6777cf65539ecddb89ae0"><code>334963d</code></a> Change the logic for SetDirectory</li> <li><a href="https://github.com/prometheus/common/commit/d64a7472ab6d74cc6b7984cd36f0c5c6129b7a68"><code>d64a747</code></a> Remove secret file existence check in Validate for headers</li> <li><a href="https://github.com/prometheus/common/commit/06c24259364465e6a0728c58dd1f1c99cc07fc3d"><code>06c2425</code></a> Bump golang.org/x/net from 0.27.0 to 0.28.0 (<a href="https://redirect.github.com/prometheus/common/issues/685">#685</a>)</li> <li><a href="https://github.com/prometheus/common/commit/4606c0a4f9447038e704e4d928b1d0e587e81e63"><code>4606c0a</code></a> Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (<a href="https://redirect.github.com/prometheus/common/issues/684">#684</a>)</li> <li><a href="https://github.com/prometheus/common/commit/d98411bbf37c7f936cef6d32a6ca965588521b4d"><code>d98411b</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/common/issues/683">#683</a> from tjhop/docs/promslog-README</li> <li>Additional commits viewable in <a href="https://github.com/prometheus/common/compare/v0.57.0...v0.59.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ft#4208) Bumps [github.com/adlio/schema](https://github.com/adlio/schema) from 1.3.3 to 1.3.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/adlio/schema/releases">github.com/adlio/schema's releases</a>.</em></p> <blockquote> <h2>v1.3.6</h2> <h2>What's Changed</h2> <ul> <li>Bump golang.org/x/net from 0.10.0 to 0.23.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/30">adlio/schema#30</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/adlio/schema/compare/v1.3.5...v1.3.6">https://github.com/adlio/schema/compare/v1.3.5...v1.3.6</a></p> <h2>v1.3.5</h2> <h2>What's Changed</h2> <ul> <li>Fix embedded migrations example by <a href="https://github.com/kalafut"><code>@kalafut</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/24">adlio/schema#24</a></li> <li>Bump golang.org/x/crypto from 0.1.0 to 0.17.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/27">adlio/schema#27</a></li> <li>Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/26">adlio/schema#26</a></li> <li>Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/28">adlio/schema#28</a></li> <li>Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/29">adlio/schema#29</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/adlio/schema/compare/v1.3.4...v1.3.5">https://github.com/adlio/schema/compare/v1.3.4...v1.3.5</a></p> <h2>v1.3.4</h2> <h2>What's Changed</h2> <ul> <li>Bump golang.org/x/net from 0.0.0-20220617184016-355a448f1bc9 to 0.7.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/18">adlio/schema#18</a></li> <li>Update golangci-lint by <a href="https://github.com/adlio"><code>@adlio</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/22">adlio/schema#22</a></li> <li>Bump golang.org/x/crypto from 0.0.0-20201016220609-9e8e0b390897 to 0.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/19">adlio/schema#19</a></li> <li>Bump github.com/docker/docker from 20.10.17+incompatible to 20.10.24+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/21">adlio/schema#21</a></li> <li>Bump github.com/opencontainers/runc from 1.1.3 to 1.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/adlio/schema/pull/20">adlio/schema#20</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/adlio/schema/compare/v1.3.3...v1.3.4">https://github.com/adlio/schema/compare/v1.3.3...v1.3.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/adlio/schema/commit/3dd37bbbdaec4b0a8e864122ffc5941d79dd37a0"><code>3dd37bb</code></a> Merge pull request <a href="https://redirect.github.com/adlio/schema/issues/30">#30</a> from adlio/dependabot/go_modules/golang.org/x/net-0.23.0</li> <li><a href="https://github.com/adlio/schema/commit/898b2da7fa18496ac02ff8c7cc4a6ad1089e4040"><code>898b2da</code></a> Bump golang.org/x/net from 0.10.0 to 0.23.0</li> <li><a href="https://github.com/adlio/schema/commit/3d4bda6646decc46eb5e70806d6ef0aa446f6271"><code>3d4bda6</code></a> Merge pull request <a href="https://redirect.github.com/adlio/schema/issues/29">#29</a> from adlio/dependabot/go_modules/github.com/docker/doc...</li> <li><a href="https://github.com/adlio/schema/commit/6cab430cf151260ed7fd86a8a81ea3454b1f2830"><code>6cab430</code></a> Merge pull request <a href="https://redirect.github.com/adlio/schema/issues/28">#28</a> from adlio/dependabot/go_modules/github.com/opencontai...</li> <li><a href="https://github.com/adlio/schema/commit/60e7bc511525c50d2da6453b7613f6b466edc6f7"><code>60e7bc5</code></a> Bump github.com/docker/docker</li> <li><a href="https://github.com/adlio/schema/commit/1084587924d92a067d1d94f9e958b9865b307ac2"><code>1084587</code></a> Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12</li> <li><a href="https://github.com/adlio/schema/commit/1b012c934c70723f04025310c1607683f9d95a1c"><code>1b012c9</code></a> Merge pull request <a href="https://redirect.github.com/adlio/schema/issues/26">#26</a> from adlio/dependabot/go_modules/github.com/docker/doc...</li> <li><a href="https://github.com/adlio/schema/commit/2330eec246224f782e2f6997b544839445ab0576"><code>2330eec</code></a> Merge pull request <a href="https://redirect.github.com/adlio/schema/issues/27">#27</a> from adlio/dependabot/go_modules/golang.org/x/crypto-0...</li> <li><a href="https://github.com/adlio/schema/commit/99d0e6c6c17eaf98330aa592b0f51aa7acb807be"><code>99d0e6c</code></a> Adjust CircleCI config</li> <li><a href="https://github.com/adlio/schema/commit/64f56765a6101f32541967f7360b4c58a61c68ce"><code>64f5676</code></a> Bump golang.org/x/crypto from 0.1.0 to 0.17.0</li> <li>Additional commits viewable in <a href="https://github.com/adlio/schema/compare/v1.3.3...v1.3.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ft#4206) Bumps [github.com/go-kit/kit](https://github.com/go-kit/kit) from 0.12.0 to 0.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-kit/kit/releases">github.com/go-kit/kit's releases</a>.</em></p> <blockquote> <h2>v0.13.0</h2> <p>Go kit v0.13.0 is released, containing mostly minor fixes and dependency updates.</p> <h2>What's Changed</h2> <ul> <li>Remove unused code by <a href="https://github.com/sashamelentyev"><code>@sashamelentyev</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1188">go-kit/kit#1188</a></li> <li>Use errors.Is for error handling by <a href="https://github.com/sashamelentyev"><code>@sashamelentyev</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1187">go-kit/kit#1187</a></li> <li>Fix docs by <a href="https://github.com/sashamelentyev"><code>@sashamelentyev</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1198">go-kit/kit#1198</a></li> <li>Refactor metrics/cloudwatch by <a href="https://github.com/sina-devel"><code>@sina-devel</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1202">go-kit/kit#1202</a></li> <li>README: add chaseSpace/kit, closes <a href="https://redirect.github.com/go-kit/kit/issues/1027">#1027</a> by <a href="https://github.com/peterbourgon"><code>@peterbourgon</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1052">go-kit/kit#1052</a></li> <li>feat: move from <code>streadway/amqp</code> to <code>rabbitmq-amqp091-go</code> by <a href="https://github.com/Juneezee"><code>@Juneezee</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1210">go-kit/kit#1210</a></li> <li>feat(http): make interceptingWriter reimplement common interfaces by <a href="https://github.com/Reasno"><code>@Reasno</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1212">go-kit/kit#1212</a></li> <li>Fixes Framework Beego URL by <a href="https://github.com/vpereira01"><code>@vpereira01</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1219">go-kit/kit#1219</a></li> <li>Fixed instancer loop logic that was causing Consul to get spammed by <a href="https://github.com/jkratz55"><code>@jkratz55</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1215">go-kit/kit#1215</a></li> <li>go.mod | go.sum: update dependencies for prometheus client_golang by <a href="https://github.com/vcruzmj"><code>@vcruzmj</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1225">go-kit/kit#1225</a></li> <li>ci: add go 1.18 by <a href="https://github.com/sashamelentyev"><code>@sashamelentyev</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1233">go-kit/kit#1233</a></li> <li>Update README.md by <a href="https://github.com/cxtruong70"><code>@cxtruong70</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1239">go-kit/kit#1239</a></li> <li>ci: add go 1.19 by <a href="https://github.com/sashamelentyev"><code>@sashamelentyev</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1245">go-kit/kit#1245</a></li> <li>go.mod | go.sum: Update nats-io/jwt/v2 & nats-io/nats-server/v2 dependencies to fix CVE-2021-3127 & CVE-2022-24450 by <a href="https://github.com/denopink"><code>@denopink</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1237">go-kit/kit#1237</a></li> <li>Update link pointing to protobuf generator by <a href="https://github.com/sagikazarmark"><code>@sagikazarmark</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1248">go-kit/kit#1248</a></li> <li>Update github.com/hashicorp/serf and github.com/hashicorp/consul/api to fix CVE-2019-19794 by <a href="https://github.com/francogeller"><code>@francogeller</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1250">go-kit/kit#1250</a></li> <li>Replace microgen with the maintained fork by <a href="https://github.com/ShayNehmad-RecoLabs"><code>@ShayNehmad-RecoLabs</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1254">go-kit/kit#1254</a></li> <li>Remove dead link to code generator from README by <a href="https://github.com/heymatthew"><code>@heymatthew</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1256">go-kit/kit#1256</a></li> <li>README: update codegen link to truss by <a href="https://github.com/matthewhartstonge"><code>@matthewhartstonge</code></a> in <a href="https://redirect.github.com/go-kit/kit/pull/1262">go-kit/kit#1262</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sashamelentyev"><code>@sashamelentyev</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1188">go-kit/kit#1188</a></li> <li><a href="https://github.com/sina-devel"><code>@sina-devel</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1202">go-kit/kit#1202</a></li> <li><a href="https://github.com/Juneezee"><code>@Juneezee</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1210">go-kit/kit#1210</a></li> <li><a href="https://github.com/Reasno"><code>@Reasno</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1212">go-kit/kit#1212</a></li> <li><a href="https://github.com/vpereira01"><code>@vpereira01</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1219">go-kit/kit#1219</a></li> <li><a href="https://github.com/jkratz55"><code>@jkratz55</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1215">go-kit/kit#1215</a></li> <li><a href="https://github.com/vcruzmj"><code>@vcruzmj</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1225">go-kit/kit#1225</a></li> <li><a href="https://github.com/cxtruong70"><code>@cxtruong70</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1239">go-kit/kit#1239</a></li> <li><a href="https://github.com/denopink"><code>@denopink</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1237">go-kit/kit#1237</a></li> <li><a href="https://github.com/francogeller"><code>@francogeller</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1250">go-kit/kit#1250</a></li> <li><a href="https://github.com/ShayNehmad-RecoLabs"><code>@ShayNehmad-RecoLabs</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1254">go-kit/kit#1254</a></li> <li><a href="https://github.com/heymatthew"><code>@heymatthew</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1256">go-kit/kit#1256</a></li> <li><a href="https://github.com/matthewhartstonge"><code>@matthewhartstonge</code></a> made their first contribution in <a href="https://redirect.github.com/go-kit/kit/pull/1262">go-kit/kit#1262</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0">https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-kit/kit/commit/dfe43fa6a8d72c23e2205d0b80e762346e203f78"><code>dfe43fa</code></a> README: update codegen link to truss (<a href="https://redirect.github.com/go-kit/kit/issues/1262">#1262</a>)</li> <li><a href="https://github.com/go-kit/kit/commit/7f14cb4dc16cd4005dc7770c131ae685cc4943b7"><code>7f14cb4</code></a> Remove dead link to code generator from README (<a href="https://redirect.github.com/go-kit/kit/issues/1256">#1256</a>)</li> <li><a href="https://github.com/go-kit/kit/commit/e923d5df8514423885b3a6d25cd44ae1d1db6d9d"><code>e923d5d</code></a> Replace microgen with the maintained fork (<a href="https://redirect.github.com/go-kit/kit/issues/1254">#1254</a>)</li> <li><a href="https://github.com/go-kit/kit/commit/a7ba4fa4e2898501f7f0969fee1050ff7a55e9e9"><code>a7ba4fa</code></a> Update github.com/hashicorp/serf and github.com/hashicorp/consul/api (<a href="https://redirect.github.com/go-kit/kit/issues/1250">#1250</a>)</li> <li><a href="https://github.com/go-kit/kit/commit/04090c3c7422dd9e1f20908709b00c58e36c2dae"><code>04090c3</code></a> Update link pointing to protobuf generator (<a href="https://redirect.github.com/go-kit/kit/issues/1248">#1248</a>)</li> <li><a href="https://github.com/go-kit/kit/commit/62c81a0f3047b5d4a6e437c7c2d5eda799fe91c3"><code>62c81a0</code></a> Update nats-io/jwt/v2 & nats-io/nats-server/v2 dependencies to fix CVE-2021-3...</li> <li><a href="https://github.com/go-kit/kit/commit/0cd2b272b599cb0cda4b16c5de50370d29e0298c"><code>0cd2b27</code></a> Merge pull request <a href="https://redirect.github.com/go-kit/kit/issues/1245">#1245</a> from sashamelentyev/patch-1</li> <li><a href="https://github.com/go-kit/kit/commit/35bf40162e2583c662d5cb0487a5ca5e7e984de8"><code>35bf401</code></a> ci: add go 1.19</li> <li><a href="https://github.com/go-kit/kit/commit/50c38262a8c71be2532f45100e622025bc5ffedf"><code>50c3826</code></a> Update README.md (<a href="https://redirect.github.com/go-kit/kit/issues/1239">#1239</a>)</li> <li><a href="https://github.com/go-kit/kit/commit/44ed82941aa3943b669b41ba3736d05b0383a8e8"><code>44ed829</code></a> ci: add go 1.18 (<a href="https://redirect.github.com/go-kit/kit/issues/1233">#1233</a>)</li> <li>Additional commits viewable in <a href="https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…1.20.4 (cometbft#4203) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.1 to 1.20.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's releases</a>.</em></p> <blockquote> <h2>v1.20.4</h2> <ul> <li>[BUGFIX] histograms: Fix a possible data race when appending exemplars vs metrics gather. <a href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a></li> </ul> <h2>v1.20.3</h2> <ul> <li>[BUGFIX] histograms: Fix possible data race when appending exemplars. <a href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a></li> </ul> <h2>v1.20.2</h2> <ul> <li>[BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. <a href="https://redirect.github.com/prometheus/client_golang/issues/1596">#1596</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's changelog</a>.</em></p> <blockquote> <h2>Unreleased</h2> <ul> <li>[BUGFIX] histograms: Fix possible data race when appending exemplars vs metrics gather. <a href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a></li> </ul> <h2>1.20.3 / 2024-09-05</h2> <ul> <li>[BUGFIX] histograms: Fix possible data race when appending exemplars. <a href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a></li> </ul> <h2>1.20.2 / 2024-08-23</h2> <ul> <li>[BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. <a href="https://redirect.github.com/prometheus/client_golang/issues/1596">#1596</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/client_golang/commit/05fcde9fe4eb93d3fb7b56ebe51acf80536f0583"><code>05fcde9</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a> from krajorama/data-race-in-histogram-write</li> <li><a href="https://github.com/prometheus/client_golang/commit/209f4c041ed1764866f44dd053a8d94aa051c610"><code>209f4c0</code></a> Add changelog</li> <li><a href="https://github.com/prometheus/client_golang/commit/1e398ccb1259d20836e3003885bdd949cb21e635"><code>1e398cc</code></a> native histogram: Fix race between Write and addExemplar</li> <li><a href="https://github.com/prometheus/client_golang/commit/ef2f87ea986252194ea960187b20b409180044dd"><code>ef2f87e</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/client_golang/issues/1620">#1620</a> from prometheus/arthursens/prepare-1.20.3</li> <li><a href="https://github.com/prometheus/client_golang/commit/937ac63d3d2dda83847f4ca842d62edabce4e743"><code>937ac63</code></a> Add changelog entry for 1.20.3</li> <li><a href="https://github.com/prometheus/client_golang/commit/6e9914db5af255f5def17d54a7ca9c531771f4ca"><code>6e9914d</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a> from krajorama/index-out-of-range-native-histogram-e...</li> <li><a href="https://github.com/prometheus/client_golang/commit/d6b8c8925bd16626cf168e642eb70724b17a0d61"><code>d6b8c89</code></a> Update comments with more explanations</li> <li><a href="https://github.com/prometheus/client_golang/commit/504566f07c680f68743c3a5d239dede48538c7ec"><code>504566f</code></a> Use simplified solution from <a href="https://redirect.github.com/prometheus/client_golang/issues/1609">#1609</a> for the data race</li> <li><a href="https://github.com/prometheus/client_golang/commit/dc8e9a4d8a4c7c64d5ae2c9d29a91bb1407d549b"><code>dc8e9a4</code></a> fix: native histogram: Simplify and fix addExemplar</li> <li><a href="https://github.com/prometheus/client_golang/commit/dc819ceb1b0f906f1ab124f7492693970733a54d"><code>dc819ce</code></a> Use a trivial solution to <a href="https://redirect.github.com/prometheus/client_golang/issues/1605">#1605</a></li> <li>Additional commits viewable in <a href="https://github.com/prometheus/client_golang/compare/v1.20.1...v1.20.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…bft#4202) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.66.1 to 1.67.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.67.0</h2> <h1>Bug Fixes</h1> <ul> <li>ringhash: when used with multiple EDS priorities, fix bug that could prevent a higher priority from recovering from transient failure. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7364">#7364</a>) <ul> <li>Special Thanks: <a href="https://github.com/atollena"><code>@atollena</code></a></li> </ul> </li> </ul> <h1>Behavior Changes</h1> <ul> <li>In accordance with <a href="https://tools.ietf.org/html/rfc7540#section-3.3">RFC 7540</a>, clients and servers will now reject TLS connections that don't support ALPN. This can be disabled by setting the environment variable <code>GRPC_ENFORCE_ALPN_ENABLED</code> to <code>false</code> (case insensitive). Please file a bug if you encounter any issues with this behavior. The environment variable to revert this behavior will be removed in an upcoming release. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7535">#7535</a>)</li> </ul> <h2>Release 1.66.2</h2> <h1>Dependencies</h1> <ul> <li>Remove unintentional dependency on the <code>testing</code> package (<a href="https://redirect.github.com/grpc/grpc-go/issues/7579">#7579</a>)</li> <li>Remove unintentional dependency on the <code>flate</code> package (<a href="https://redirect.github.com/grpc/grpc-go/issues/7595">#7595</a>) <ul> <li>Special Thanks: <a href="https://github.com/ash2k"><code>@ash2k</code></a></li> </ul> </li> </ul> <h1>Bug Fixes</h1> <ul> <li>client: fix a bug that prevented memory reuse after handling unary RPCs (<a href="https://redirect.github.com/grpc/grpc-go/issues/7571">#7571</a>) <ul> <li>Special Thanks: <a href="https://github.com/coxley"><code>@coxley</code></a></li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/6f50403edb0c2db1bb557168cf4e6f87ea2efdb5"><code>6f50403</code></a> Change version to 1.67.0 (<a href="https://redirect.github.com/grpc/grpc-go/issues/7604">#7604</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/3c3a0257a33b59b0d0a072696775b53392c7d8ae"><code>3c3a025</code></a> mem: replace flate.Reader reference (<a href="https://redirect.github.com/grpc/grpc-go/issues/7595">#7595</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/7637">#7637</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/3ffb98b2c93a9a633f7415893c40946e2a6a6e89"><code>3ffb98b</code></a> .*: fix revive lints <code>redefines-builtin-id</code> (<a href="https://redirect.github.com/grpc/grpc-go/issues/7552">#7552</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/56660492e4a669c8c0f02bd7f31ad31a3ef59883"><code>5666049</code></a> vet: enforce revive linter (<a href="https://redirect.github.com/grpc/grpc-go/issues/7589">#7589</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/c6ad07fa041eea78cd6757a51f252dd407105452"><code>c6ad07f</code></a> protoc: regenerate protos (<a href="https://redirect.github.com/grpc/grpc-go/issues/7590">#7590</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/70f19eecd168b0ea1f15e991170576bf36f74b40"><code>70f19ee</code></a> credentials/tls: default GRPC_ENFORCE_ALPN_ENABLED to true (<a href="https://redirect.github.com/grpc/grpc-go/issues/7535">#7535</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/92111dc36694c570dc873b9a5a461ef953ea2b54"><code>92111dc</code></a> xds: keep ads flow control local to xdsclient/transport package (<a href="https://redirect.github.com/grpc/grpc-go/issues/7578">#7578</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/535bdce10d2c1127e526e986b04b38995fe84712"><code>535bdce</code></a> estats: remove dependency on testing package (<a href="https://redirect.github.com/grpc/grpc-go/issues/7579">#7579</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/0f03c747b13b41c3601ee835f1f8bf0f457b3fd2"><code>0f03c74</code></a> .*: fix revive lint issues <code>unused-parameter</code> (<a href="https://redirect.github.com/grpc/grpc-go/issues/7580">#7580</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/6147c81cd047f0237c9bfa553fb61ce74bfa37aa"><code>6147c81</code></a> stats/opentelemetry: Optimize slice allocations (<a href="https://redirect.github.com/grpc/grpc-go/issues/7525">#7525</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.66.1...v1.67.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…metbft#4265) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.42.0 to 1.44.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.44.0</h2> <p>Release v1.44.0</p> <h2>v1.43.0</h2> <p>Release v1.43.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/e7628ee2d941d14dc87d468ed93bdb35c2f7bfea"><code>e7628ee</code></a> Release v1.44.0 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/227">#227</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/62ee92603c244ad0da98bab36a834a999a5329e6"><code>62ee926</code></a> Release v1.43.0 (<a href="https://redirect.github.com/bufbuild/buf-setup-action/issues/226">#226</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.42.0...v1.44.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bft#4266) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.8.0 to 6.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.9.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.38.0 to 0.39.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1234">docker/build-push-action#1234</a></li> <li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1232">docker/build-push-action#1232</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0">https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/4f58ea79222b3b9dc2c8bbdd6debcef730109a75"><code>4f58ea7</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1234">#1234</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/49b5ea61c60477d214908bb6e23ce05c074ef04e"><code>49b5ea6</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/13c9fddd72db0ce3cd9d87eb53e0480d2a32a77b"><code>13c9fdd</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.38.0 to 0.39.0</li> <li><a href="https://github.com/docker/build-push-action/commit/e44afff3590e1d4f93b6adc72376512edb012a7c"><code>e44afff</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1232">#1232</a> from docker/dependabot/npm_and_yarn/path-to-regexp-6...</li> <li><a href="https://github.com/docker/build-push-action/commit/67ebad331f4ca45e39184b280dbacb11eb3beae0"><code>67ebad3</code></a> chore(deps): Bump path-to-regexp from 6.2.2 to 6.3.0</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hernán Vanzetto <[email protected]>
…etbft#4264) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.6.1 to 3.7.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.7.1</h2> <ul> <li>Switch back to <code>uuid</code> package by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/369">docker/setup-buildx-action#369</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.7.0...v3.7.1">https://github.com/docker/setup-buildx-action/compare/v3.7.0...v3.7.1</a></p> <h2>v3.7.0</h2> <ul> <li>Always set <code>buildkitd-flags</code> if opt-in by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/363">docker/setup-buildx-action#363</a></li> <li>Remove <code>uuid</code> package and switch to <code>crypto</code> by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/366">docker/setup-buildx-action#366</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.35.0 to 0.39.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/362">docker/setup-buildx-action#362</a></li> <li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/354">docker/setup-buildx-action#354</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.0">https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/c47758b77c9736f4b2ef4073d4d51994fabfe349"><code>c47758b</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/369">#369</a> from crazy-max/revert-crypto</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/8fea3825134d99989287350b6429e3e86fa5d320"><code>8fea382</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/2874e980e877332a8fe575054d8c083109b8fede"><code>2874e98</code></a> switch back to uuid package</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/8026d2bc3645ea78b0d2544766a1225eb5691f89"><code>8026d2b</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/362">#362</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e51aab53e9e6264bc11f62da6fbc352686b2147f"><code>e51aab5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/fd7390e14dc77aa9df3fbc8a021cf91ac9fe7aa5"><code>fd7390e</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.35.0 to 0.39.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/910a3040053b5bd9636a487f0054cfe150829ae7"><code>910a304</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/366">#366</a> from crazy-max/remove-uuid</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/3623ee443e01d4daf9e9107d28e162a058c52ca8"><code>3623ee4</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e0e5ecf670bf33d756abc55962778de1286f70e1"><code>e0e5ecf</code></a> remove uuid package and switch to crypto</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/5334dd0cdd27e0ac92d6c98d35f3398fcc13195f"><code>5334dd0</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/363">#363</a> from crazy-max/set-buildkitd-flags-optin</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…metbft#4288) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Because, in cometbft-db v0.13+, the iterator is being reused so we need to always copy key and value if we're storing them in a map or other in-memory structure. Closes cometbft#4295
…ft#4328) Use `github.com/decred/dcrd/dcrec/secp256k1/v4` directly rather than `github.com/btcsuite/btcd/btcec/v2` which is just a wrapper around the underlying decred library. Inspired by cosmos/cosmos-sdk#15018 `github.com/btcsuite/btcd/btcec/v2` has a very annoying breaking change when upgrading from `v2.3.3` to `v2.3.4`. The easiest way to workaround this is to just remove the wrapper. Would be very nice if you could backport this to v0.37.x and v0.38.x. References: - btcsuite/btcd#2221 - cometbft#3728 - zeta-chain/node#2934 --- #### PR checklist - [ ] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#4294 done by [Mergify](https://mergify.com). --------- Co-authored-by: Alex Gartner <[email protected]> Co-authored-by: Anton Kaliaev <[email protected]>
[CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.13/CHANGELOG.md) #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
[CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.13/CHANGELOG.md) #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
…1.20.5 (cometbft#4385) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.4 to 1.20.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's releases</a>.</em></p> <blockquote> <h2>v1.20.5 / 2024-10-15</h2> <p>We decided to revert <a href="https://redirect.github.com/prometheus/client_golang/pull/1424">the <code>testutil</code> change</a> that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the <a href="https://redirect.github.com/grafana/mimir/pull/9624#issuecomment-2413401565">exact error message</a>.</p> <p>Going forward, we plan to reinforce our release testing strategy <a href="https://redirect.github.com/prometheus/client_golang/issues/1646">[1]</a>,<a href="https://redirect.github.com/prometheus/client_golang/issues/1648">[2]</a> and deliver an enhanced <a href="https://redirect.github.com/prometheus/client_golang/issues/1639"><code>testutil</code> package/module</a> with more flexible and safer APIs.</p> <p>Thanks to <a href="https://github.com/dashpole"><code>@dashpole</code></a> <a href="https://github.com/dgrisonnet"><code>@dgrisonnet</code></a> <a href="https://github.com/kakkoyun"><code>@kakkoyun</code></a> <a href="https://github.com/ArthurSens"><code>@ArthurSens</code></a> <a href="https://github.com/vesari"><code>@vesari</code></a> <a href="https://github.com/logicalhan"><code>@logicalhan</code></a> <a href="https://github.com/krajorama"><code>@krajorama</code></a> <a href="https://github.com/bwplotka"><code>@bwplotka</code></a> who helped in this patch release! 🤗</p> <h3>Changelog</h3> <p>[BUGFIX] testutil: Reverted <a href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. <a href="https://redirect.github.com/prometheus/client_golang/issues/1645">#1645</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's changelog</a>.</em></p> <blockquote> <h2>1.20.5 / 2024-10-15</h2> <ul> <li>[BUGFIX] testutil: Reverted <a href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/client_golang/commit/48e12a185519fd76b4e514b597483781d9ba4093"><code>48e12a1</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/client_golang/issues/1645">#1645</a> from prometheus/cut-1204-pr1424</li> <li><a href="https://github.com/prometheus/client_golang/commit/504ad9bf5c6419449d2cacf8cf8855bfdcfcfc18"><code>504ad9b</code></a> Cut 1.20.5; update comments.</li> <li><a href="https://github.com/prometheus/client_golang/commit/584a7ce3d935e4fdca7b893f5f741d59f3289140"><code>584a7ce</code></a> Revert "testutil compareMetricFamilies: make less error-prone (<a href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>)"</li> <li>See full diff in <a href="https://github.com/prometheus/client_golang/compare/v1.20.4...v1.20.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bft#4383) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.67.0 to 1.67.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.67.1</h2> <h1>Bug Fixes</h1> <ul> <li>transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7667">#7667</a>)</li> <li>xds/server: Fix xDS Server memory leak. (<a href="https://redirect.github.com/grpc/grpc-go/issues/7681">#7681</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/3f95b38ded016ebf32507fc7cb6baeb2f15aef59"><code>3f95b38</code></a> Update version to 1.67.1 (<a href="https://redirect.github.com/grpc/grpc-go/issues/7682">#7682</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/4f6c5f2348afe333a3552aa4c4854eae62e22353"><code>4f6c5f2</code></a> xds/server: Fix xDS Server leak (<a href="https://redirect.github.com/grpc/grpc-go/issues/7664">#7664</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/7681">#7681</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/935f8cb5ac28f604d696d8ca9f5187e75551c185"><code>935f8cb</code></a> transport: Fix reporting of bytes read while reading headers (<a href="https://redirect.github.com/grpc/grpc-go/issues/7660">#7660</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/7667">#7667</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/02bbb657b6e68e7f838f51e71722630d34060fb2"><code>02bbb65</code></a> Change version to 1.67.1-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/7605">#7605</a>)</li> <li>See full diff in <a href="https://github.com/grpc/grpc-go/compare/v1.67.0...v1.67.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…#4379) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.27.0 to 0.28.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/adef4cc1a8c2ca4da1b1f4e6c976b59ca22dbfb8"><code>adef4cc</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/a0819fbb0244af70857f03b6984e1d4f93e6cabf"><code>a0819fb</code></a> sha3: fix cSHAKE initialization for extremely large N and or S</li> <li><a href="https://github.com/golang/crypto/commit/42ee18b963777d907bbef3e59665cf80968d57e6"><code>42ee18b</code></a> ssh: return ServerAuthError after too many auth failures</li> <li><a href="https://github.com/golang/crypto/commit/9e92970a1eb41e446822e037016aa89d24c0ce7a"><code>9e92970</code></a> bn256: add missing symbols in comment</li> <li>See full diff in <a href="https://github.com/golang/crypto/compare/v0.27.0...v0.28.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4380) Bumps google.golang.org/protobuf from 1.34.2 to 1.35.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…1 to 4.3.0 (cometbft#4381) Bumps [github.com/decred/dcrd/dcrec/secp256k1/v4](https://github.com/decred/dcrd) from 4.0.1 to 4.3.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/decred/dcrd/commit/08d8572807872f2b9737f8a118b16c320a04b077"><code>08d8572</code></a> secp256k1: Prepare v4.3.0.</li> <li><a href="https://github.com/decred/dcrd/commit/fe9a28cd1e4f341105001496b135a58d09717647"><code>fe9a28c</code></a> secp256k1: No allocs in slow scalar base mult path.</li> <li><a href="https://github.com/decred/dcrd/commit/2104419fc012bb162222a5e0a2c06e4d806cbfae"><code>2104419</code></a> wire: Fix typo in comment.</li> <li><a href="https://github.com/decred/dcrd/commit/b9d8d49c901bb7cbb19ed36d636c3e3d86a1fe43"><code>b9d8d49</code></a> wire: add p2p mixing messages</li> <li><a href="https://github.com/decred/dcrd/commit/25adf60a9f4e12aec13565f6345f769965b0135a"><code>25adf60</code></a> secp256k1: Add scalar base mult variant benchmarks.</li> <li><a href="https://github.com/decred/dcrd/commit/2ee2ebeb678398d3f9333a2cfa937378efe27cfb"><code>2ee2ebe</code></a> secp256k1: Add TinyGo support.</li> <li><a href="https://github.com/decred/dcrd/commit/c6322d513aee03139d91a4e45490dc02d070f278"><code>c6322d5</code></a> docker: Update image to golang:1.22.1-alpine3.19.</li> <li><a href="https://github.com/decred/dcrd/commit/20dedca001392442f83a7d5b218fe54a92c1c565"><code>20dedca</code></a> server: Update required minimum protocol version.</li> <li><a href="https://github.com/decred/dcrd/commit/eb3de8e7299ba919d4ccd67cb1b56a17030f85b7"><code>eb3de8e</code></a> docs: Update README.md to required Go 1.21/1.22.</li> <li><a href="https://github.com/decred/dcrd/commit/fedbaf982b460c7b639d1c577efe51e3f255f8dc"><code>fedbaf9</code></a> build: Test against Go 1.22.</li> <li>Additional commits viewable in <a href="https://github.com/decred/dcrd/compare/dcrjson/v4.0.1...dcrec/secp256k1/v4.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4382) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.59.1 to 0.60.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/common/releases">github.com/prometheus/common's releases</a>.</em></p> <blockquote> <h2>v0.60.1</h2> <h2>What's Changed</h2> <ul> <li>promslog: Only log basename, not full path by <a href="https://github.com/roidelapluie"><code>@roidelapluie</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/705">prometheus/common#705</a></li> <li>Reload certificates even when no CA is used by <a href="https://github.com/roidelapluie"><code>@roidelapluie</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/707">prometheus/common#707</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/701">prometheus/common#701</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.60.0...v0.60.1">https://github.com/prometheus/common/compare/v0.60.0...v0.60.1</a></p> <h2>v0.60.0</h2> <h2>What's Changed</h2> <ul> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/692">prometheus/common#692</a></li> <li>slog: expose io.Writer by <a href="https://github.com/jkroepke"><code>@jkroepke</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/694">prometheus/common#694</a></li> <li>Synchronize common files from prometheus/prometheus by <a href="https://github.com/prombot"><code>@prombot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/695">prometheus/common#695</a></li> <li>promslog: use UTC timestamps for go-kit log style by <a href="https://github.com/dswarbrick"><code>@dswarbrick</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/696">prometheus/common#696</a></li> <li>feat: add <code>promslog.NewNopLogger()</code> convenience func by <a href="https://github.com/tjhop"><code>@tjhop</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/697">prometheus/common#697</a></li> <li>Bump golang.org/x/net from 0.28.0 to 0.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/699">prometheus/common#699</a></li> <li>Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/698">prometheus/common#698</a></li> <li>Update supported Go versions by <a href="https://github.com/SuperQ"><code>@SuperQ</code></a> in <a href="https://redirect.github.com/prometheus/common/pull/700">prometheus/common#700</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/common/compare/v0.59.1...v0.60.0">https://github.com/prometheus/common/compare/v0.59.1...v0.60.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/common/commit/653e0fa37b474f7af331bbfb409c0f654fb04a94"><code>653e0fa</code></a> Update common Prometheus files (<a href="https://redirect.github.com/prometheus/common/issues/701">#701</a>)</li> <li><a href="https://github.com/prometheus/common/commit/0d2e2e509b05032929d08ab69362a58ce540fcb1"><code>0d2e2e5</code></a> Reload certificates even when no CA is used (<a href="https://redirect.github.com/prometheus/common/issues/707">#707</a>)</li> <li><a href="https://github.com/prometheus/common/commit/a9d2e3ff1686621e6f772f7b503b12d242701c48"><code>a9d2e3f</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/common/issues/705">#705</a> from roidelapluie/sourcefile</li> <li><a href="https://github.com/prometheus/common/commit/fdc50c720a071b6796bcb5e08c3a1a03cc6ef121"><code>fdc50c7</code></a> promslog: Only log basename, not full path</li> <li><a href="https://github.com/prometheus/common/commit/dae848db5327d2a4e2e06cbe883093a71b4226d7"><code>dae848d</code></a> Update supported Go versions (<a href="https://redirect.github.com/prometheus/common/issues/700">#700</a>)</li> <li><a href="https://github.com/prometheus/common/commit/63ff77eeea3cfd552d81d455b44546db75a3b4ac"><code>63ff77e</code></a> Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (<a href="https://redirect.github.com/prometheus/common/issues/698">#698</a>)</li> <li><a href="https://github.com/prometheus/common/commit/b7aa68c1be77461e7ed0987ee66a288bbaa324ae"><code>b7aa68c</code></a> Bump golang.org/x/net from 0.28.0 to 0.29.0 (<a href="https://redirect.github.com/prometheus/common/issues/699">#699</a>)</li> <li><a href="https://github.com/prometheus/common/commit/4e3a6fd348a3c764fff5193cd0ee34eea4402318"><code>4e3a6fd</code></a> feat: add <code>promslog.NewNopLogger()</code> convenience func (<a href="https://redirect.github.com/prometheus/common/issues/697">#697</a>)</li> <li><a href="https://github.com/prometheus/common/commit/d66e745b02ad50e6763ec5a0765aae5014a6c188"><code>d66e745</code></a> promslog: use UTC timestamps for go-kit log style (<a href="https://redirect.github.com/prometheus/common/issues/696">#696</a>)</li> <li><a href="https://github.com/prometheus/common/commit/14bac55a992f7b83ab9d147a041e274606bdb607"><code>14bac55</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/common/issues/695">#695</a> from prometheus/repo_sync</li> <li>Additional commits viewable in <a href="https://github.com/prometheus/common/compare/v0.59.1...v0.60.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.29.0 to 0.30.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/6cc5ac4e9a03d73b331eb1d6db98a02e558243b7"><code>6cc5ac4</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/f88258d67e0f0f144c79964ca05bb81d51ee8411"><code>f88258d</code></a> websocket: update nhooyr.io/websocket to github.com/coder/websocket</li> <li><a href="https://github.com/golang/net/commit/7191757bc637cf79a7ece0546e33f903bf5e9709"><code>7191757</code></a> http2: add support for net/http HTTP2 config field</li> <li><a href="https://github.com/golang/net/commit/4790dc7047441aed4889873cdd30e1e6adf49735"><code>4790dc7</code></a> http2: add support for server-originated pings</li> <li><a href="https://github.com/golang/net/commit/541dbe58b6bc869fc1c7de361846682a34365325"><code>541dbe5</code></a> http2: add Server.WriteByteTimeout</li> <li><a href="https://github.com/golang/net/commit/3c333c0c5288a7cf127e427ddda5b1b54020a2b4"><code>3c333c0</code></a> route: fix address parsing of messages on Darwin</li> <li>See full diff in <a href="https://github.com/golang/net/compare/v0.29.0...v0.30.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…metbft#4414) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <[email protected]>
…to 24 hours (backport cometbft#4377) (cometbft#4425) close: cometbft#3519 Adjust `reconnectBackOffBaseSeconds` to increase reconnect retries to up 1 day (~24 hours). The new value can be validated here: https://go.dev/play/p/k8F5rS-i24p, which will show that the total time is increased to almost 24 hours. Initial reconnecting time: 2m8.493s Total reconnecting time. : 23h55m56.249s The `reconnectBackOffBaseSeconds` is increased by a bit over 10% (from 3.0 to 3.4 seconds) so this would not affect reconnection retries too much. #### PR checklist - [ ] ~~Tests written/updated~~ - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#4377 done by [Mergify](https://mergify.com). --------- Co-authored-by: Andy Nogueira <[email protected]>
…cometbft#4442) This reverts commit 28a308f. --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
Part of cometbft#4444. Retracts `v0.38.14`. --- #### PR checklist ~- [ ] Tests written/updated~ - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) ~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments~
Part of cometbft#4444. Release `v0.38.15`.
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
* fix: copy TxIndex TxBytes value * chore: changelog
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Branch for running the CI for tests: DO NOT MERGE
PR checklist
.changelog(we use unclog to manage our changelog)docs/orspec/) and code comments