Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/cosmos/cosmos-sdk from 0.40.0-rc5 to 0.42.2 #60

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 22, 2021

Bumps github.com/cosmos/cosmos-sdk from 0.40.0-rc5 to 0.42.2.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.42.2

Cosmos SDK v0.42.2 "Stargate" Release Notes

This maintenance release includes various bugfixes and performance improvements, and it does not introduce any breaking changes.

See the Cosmos SDK v0.42.2 milestone on our issue tracker for further details.

Keyring UX improvement

A number of macOS users have reported that their operating system's keychain prompt them for password to unlock the keyring when using the os backend before executing any action. This release includes a small fix that automatically adjusts applications keyring trust so that users are prompted for password only once when the keyring is unlocked.

Tx search results support for order-by

Although the Tendermint Core's RPC tx_search endpoint has been supporting an order-by parameter for quite some time now, the Cosmos SDK did not respect the order-by parameter and incorrectly set the requests order-by to "" (null). This releases introduces the relevant order-by parameter support when searching through Txs.

Multisig accounts and v0.40 genesis files migration

This release includes a bug fix for a v0.39 to v0.42 migration issue affecting genesis files that contain multisig accounts.

v0.42.1

Cosmos SDK v0.42.1 "Stargate" Release Notes

This release fixes security vulnerability identified in the simapp.

v0.42.0

Cosmos SDK v0.42.0 "Stargate" Release Notes

This release includes an important security fix for all non Cosmos Hub chains (e.g. any chain that does not use the default cosmos bech32 prefix), and a few performance improvements.

See the Cosmos SDK v0.42.0 milestone on our issue tracker for further details.

Security fix: validator address conversion in evidence handling

The security fix resolves the issue regarding incorrect handling of validators' consensus addresses. Because of this incorrect handling, Cosmos SDK apps that were not using the default cosmos Bech32 address prefix were not able to jail validators that committed misbehaviors such as double signing.

Although the issue does not affect the Cosmos Hub, this issue potentially renders the v0.41 and v0.40 release series unsafe for most chains.

Full header is emitted on IBC UpdateClient message event

The event emitted by the IBC UpdateClient message now contains the full header. This change makes header tracking easier and improves the handling of misbehaviors.

v0.42.0-alpha1

Pre-release of v0.42.0, which includes the introduction of:

  • x/authz

... (truncated)

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.42.2 - 2021-03-19

Improvements

  • (grpc) #8815 Add orderBy parameter to TxsByEvents endpoint.
  • (cli) #8826 Add trust to macOS Keychain for caller app by default.
  • (store) #8811 store/cachekv: use typed types/kv.List instead of container/list.List

Bug Fixes

  • (crypto) #8841 Fix legacy multisig amino marshaling, allowing migrations to work between v0.39 and v0.40+.
  • (cli) #8873 add --output-document to multisign-batch.

v0.42.1 - 2021-03-10

This release fixes security vulnerability identified in the simapp.

v0.42.0 - 2021-03-08

IMPORTANT: This release contains an important security fix for all non Cosmos Hub chains running Stargate version of the Cosmos SDK (>0.40). Non-hub chains should not be using any version of the SDK in the v0.40.x or v0.41.x release series. See #8461 for more details.

Improvements

  • (x/ibc) #8624 Emit full header in IBC UpdateClient message.
  • (x/crisis) #8621 crisis invariants names now print to loggers.

Bug fixes

  • (x/evidence) #8461 Fix bech32 prefix in evidence validator address conversion
  • (x/gov) #8806 Fix q gov proposals command's mishandling of the --status parameter's values.

v0.41.4 - 2021-03-02

Features

  • #7787 Add multisign-batch command.

Bug fixes

  • #8730 Allow REST endpoint to query txs with multisig addresses.
  • #8680 Fix missing timestamp in GetTxsEvent response #8732.
  • #8681 Fix missing error message when calling GetTxsEvent #8732
  • (server) #8641 Fix Tendermint and application configuration reading from file
  • (client/keys) [#8639] (cosmos/cosmos-sdk#8639) Fix keys migrate for mulitisig, offline, and ledger keys. The migrate command now takes a positional old_home_dir argument.

Improvements

  • (store/cachekv), (x/bank/types) #8719 algorithmically fix pathologically slow code
  • #8701 Upgrade tendermint v0.34.8.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 22, 2021

The following labels could not be found: automerge.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 22, 2021
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 25, 2021

Superseded by #62.

@dependabot dependabot bot closed this Mar 25, 2021
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/cosmos/cosmos-sdk-0.42.2 branch March 25, 2021 06:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants