Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump github.com/cosmos/cosmos-sdk from 0.46.0 to 0.46.3 in /store/tools/ics23 #269

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Oct 21, 2022

Bumps github.com/cosmos/cosmos-sdk from 0.46.0 to 0.46.3.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.46.3

Cosmos SDK v0.46.3 Release Notes

This is a security release for the Dragonberry security advisory. Please upgrade ASAP.

Next to this, we have also included a few minor bugfixes.

Chains must add the following to their go.mod for the application:

replace github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23/go v0.8.0

Bumping the SDK version should be smooth, however, feel free to tag core devs to review your upgrading PR:

v0.46.2

Cosmos SDK v0.46.2 Release Notes

This release introduces a number of bug fixes, features and improvements.

Please see the CHANGELOG for an exhaustive list of changes.

Full Commit History: cosmos/cosmos-sdk@v0.46.1...v0.46.2

v0.46.1

Cosmos SDK v0.46.1 Release Notes

This release introduces a few bug fixes and improvements.

Notably, the crisis invariant check has been speed up (thanks to a Juno bounty) and the default priority mechanism has been improved to depend on gas price instead of fee. In addition, Tendermint has been upgraded to 0.34.21.

Please see the CHANGELOG for an exhaustive list of changes.

Full Commit History: cosmos/cosmos-sdk@v0.46.0...v0.46.1

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.46.3 - 2022-10-20

ATTENTION:

This is a security release for the Dragonberry security advisory.

All users should upgrade immediately.

Users must add a replace directive in their go.mod for the new ics23 package in the SDK:

replace github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23/go v8.0.0

Features

  • #13435 Extend error context when a simulation fails.
  • (grpc) #13485 Implement a new gRPC query, /cosmos/base/node/v1beta1/config, which provides operator configuration.
  • (cli) #13147 Add the --append flag to the sign-batch CLI cmd to combine the messages and sign those txs which are created with --generate-only.
  • (cli) #13454 sign-batch CLI can now read multiple transaction files.

Improvements

  • #13586 Bump Tendermint to v0.34.22.
  • (auth) #13460 The q auth address-by-id CLI command has been renamed to q auth address-by-acc-num to be more explicit. However, the old address-by-id version is still kept as an alias, for backwards compatibility.
  • #13433 Remove dead code in cacheMergeIterator Domain().

Bug Fixes

  • Implement dragonberry security patch.
  • (store) #13459 Don't let state listener observe the uncommitted writes.
  • #12548 Prevent signing from wrong key while using multisig.

API Breaking Changes

  • (server) #13485 The Application service now requires the RegisterNodeService method to be implemented.

v0.46.2 - 2022-10-03

API Breaking Changes

  • (cli) #13089 Fix rollback command don't actually delete multistore versions, added method RollbackToVersion to interface CommitMultiStore and added method CommitMultiStore to Application interface.
  • (cli) #13089 NewRollbackCmd now takes an appCreator types.AppCreator.

Features

  • (cli) #13207 Reduce user's password prompts when calling keyring List() function.
  • (cli) #13353 Add tx group draft-proposal command for generating group proposal JSONs (skeleton).
  • (cli) #13304 Add tx gov draft-proposal command for generating proposal JSONs (skeleton).

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

faddat and others added 4 commits August 1, 2022 18:21
Bumps [github.com/cosmos/cosmos-sdk](https://github.com/cosmos/cosmos-sdk) from 0.46.0 to 0.46.3.
- [Release notes](https://github.com/cosmos/cosmos-sdk/releases)
- [Changelog](https://github.com/cosmos/cosmos-sdk/blob/main/CHANGELOG.md)
- [Commits](cosmos/cosmos-sdk@v0.46.0...v0.46.3)

---
updated-dependencies:
- dependency-name: github.com/cosmos/cosmos-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Oct 21, 2022

The following labels could not be found: A:automerge.

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Oct 27, 2022

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

4 similar comments
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Oct 31, 2022

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 16, 2022

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 17, 2022

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Dec 5, 2022

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@github-actions
Copy link

github-actions bot commented Jan 5, 2023

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the Stale label Jan 5, 2023
@github-actions github-actions bot closed this Jan 10, 2023
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 10, 2023

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/go_modules/store/tools/ics23/github.com/cosmos/cosmos-sdk-0.46.3 branch January 10, 2023 00:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
C:Store dependencies Pull requests that update a dependency file Stale
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant