merge upstream until v0.38.19 #31
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I don't see this on main branch, so this is just a patch for v0.38.x --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
Closes cometbft#4945 <hr>This is an automatic backport of pull request cometbft#4946 done by [Mergify](https://mergify.com). --------- Co-authored-by: Anton Kaliaev <[email protected]> Co-authored-by: Zachary Becker <[email protected]>
…etbft#4936) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.8.0 to 3.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.9.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca"><code>f7ce87c</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/404">#404</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/aa1e2a0b496d6cd3474071c7b0ab0eea5948de3a"><code>aa1e2a0</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/673e00877621ac201ca3084ec053b85e9b65063e"><code>673e008</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.53.0 to 0.54.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ba31df4664624f17e1b1ef1c9c85ed1ca9463a6d"><code>ba31df4</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/402">#402</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/5475af18ec6f58d53e9452495e8db373e6dcb469"><code>5475af1</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/acacad903e45f670c1e2d4638f4ee5f24b03e6b6"><code>acacad9</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.48.0 to 0.53.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/6a25f988bdfa969e96a38fc9f843ea31e0b5df27"><code>6a25f98</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/396">#396</a> from crazy-max/bake-v6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ca1af179f5dc207dc723446d832eb3f77d3912dc"><code>ca1af17</code></a> update bake-action to v6</li> <li>See full diff in <a href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Closes: cometbft#4950 --- #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#4949 done by [Mergify](https://mergify.com). --------- Co-authored-by: Zachary Becker <[email protected]>
…etbft#4972) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.13.0 to 6.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.14.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.53.0 to 0.55.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1324">docker/build-push-action#1324</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0">https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/0adf9959216b96bec444f325f1e493d4aa344497"><code>0adf995</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1324">#1324</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/d88cd289df60c51a4111f165d65e205c8e913937"><code>d88cd28</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/3d09a6bd705280a63155d5f61da35bb42301fe96"><code>3d09a6b</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.53.0 to 0.55.0</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…metbft#5008) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.9.0 to 3.10.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.10.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2"><code>b5ca514</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1418a4ef330cff3d80e8707b47780be815fb20db"><code>1418a4e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/93acf831ce48bc806b62b1e892b89fca8bf213e0"><code>93acf83</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0</li> <li>See full diff in <a href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…etbft#5009) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.14.0 to 6.15.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.15.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.55.0 to 0.56.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1330">docker/build-push-action#1330</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0">https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/471d1dc4e07e5cdedd4c2171150001c434f0b7a4"><code>471d1dc</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1330">#1330</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/b89ff0a6f27deae3d7f5803e80f1de9415b673c8"><code>b89ff0a</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/1e3ae3a4d3bba144fbd440e91219e1cd3bc38d69"><code>1e3ae3a</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.55.0 to 0.56.0</li> <li><a href="https://github.com/docker/build-push-action/commit/b16f42f92abaeb7610fd7fc99ab230d13e79e275"><code>b16f42f</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1325">#1325</a> from crazy-max/buildx-edge</li> <li><a href="https://github.com/docker/build-push-action/commit/dc0fea5e62c3379ed8d79ee70c09796499a5f799"><code>dc0fea5</code></a> ci: update buildx to edge and buildkit to latest</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.10.0 to 0.11.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/sync/commit/fe3591bd8a96873abc98bb9d2d5c62f27efca3e9"><code>fe3591b</code></a> sync/errgroup: improve documentation for semaphore limit behavior</li> <li>See full diff in <a href="https://github.com/golang/sync/compare/v0.10.0...v0.11.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Anton Kaliaev <[email protected]>
…t#4992) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.1 to 1.9.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spf13/cobra/releases">github.com/spf13/cobra's releases</a>.</em></p> <blockquote> <h2>v1.9.1</h2> <h3>🐛 Fixes</h3> <ul> <li>Fix CompletionFunc implementation by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2234">spf13/cobra#2234</a></li> <li>Revert "Make detection for test-binary more universal (<a href="https://redirect.github.com/spf13/cobra/issues/2173">#2173</a>)" by <a href="https://github.com/marckhouzam"><code>@marckhouzam</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2235">spf13/cobra#2235</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/spf13/cobra/compare/v1.9.0...v1.9.1">https://github.com/spf13/cobra/compare/v1.9.0...v1.9.1</a></p> <h2>v1.9.0</h2> <h2>✨ Features</h2> <ul> <li>Allow linker to perform deadcode elimination for program using Cobra by <a href="https://github.com/aarzilli"><code>@aarzilli</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/1956">spf13/cobra#1956</a></li> <li>Add default completion command even if there are no other sub-commands by <a href="https://github.com/marckhouzam"><code>@marckhouzam</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/1559">spf13/cobra#1559</a></li> <li>Add CompletionWithDesc helper by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2231">spf13/cobra#2231</a></li> </ul> <h2>🐛 Fixes</h2> <ul> <li>Fix deprecation comment for Command.SetOutput by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2172">spf13/cobra#2172</a></li> <li>Replace deprecated ioutil usage by <a href="https://github.com/nirs"><code>@nirs</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2181">spf13/cobra#2181</a></li> <li>Fix --version help and output for plugins by <a href="https://github.com/nirs"><code>@nirs</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2180">spf13/cobra#2180</a></li> <li>Allow to reset the templates to the default by <a href="https://github.com/marckhouzam"><code>@marckhouzam</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2229">spf13/cobra#2229</a></li> </ul> <h2>🤖 Completions</h2> <ul> <li>Make Powershell completion work in constrained mode by <a href="https://github.com/lstemplinger"><code>@lstemplinger</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2196">spf13/cobra#2196</a></li> <li>Improve detection for flags that accept multiple values by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2210">spf13/cobra#2210</a></li> <li>add CompletionFunc type to help with completions by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2220">spf13/cobra#2220</a></li> <li>Add similar whitespace escape logic to bash v2 completions than in other completions by <a href="https://github.com/kangasta"><code>@kangasta</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/1743">spf13/cobra#1743</a></li> <li>Print ActiveHelp for bash along other completions by <a href="https://github.com/marckhouzam"><code>@marckhouzam</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2076">spf13/cobra#2076</a></li> <li>fix(completions): Complete map flags multiple times by <a href="https://github.com/gabe565"><code>@gabe565</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2174">spf13/cobra#2174</a></li> <li>fix(bash): nounset unbound file filter variable on empty extension by <a href="https://github.com/scop"><code>@scop</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2228">spf13/cobra#2228</a></li> </ul> <h2>🧪 Testing</h2> <ul> <li>Test also with go 1.23 by <a href="https://github.com/nirs"><code>@nirs</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2182">spf13/cobra#2182</a></li> <li>Make detection for test-binary more universal by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2173">spf13/cobra#2173</a></li> </ul> <h2>✍🏼 Documentation</h2> <ul> <li>docs: update README.md by <a href="https://github.com/eltociear"><code>@eltociear</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2197">spf13/cobra#2197</a></li> <li>Improve site formatting by <a href="https://github.com/nirs"><code>@nirs</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2183">spf13/cobra#2183</a></li> <li>doc: add Conduit by <a href="https://github.com/raulb"><code>@raulb</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2230">spf13/cobra#2230</a></li> <li>doc: azion project added to the list of CLIs that use cobra by <a href="https://github.com/maxwelbm"><code>@maxwelbm</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2198">spf13/cobra#2198</a></li> <li>Fix broken links in active_help.md by <a href="https://github.com/vuil"><code>@vuil</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2202">spf13/cobra#2202</a></li> <li>chore: fix function name in comment by <a href="https://github.com/zhuhaicity"><code>@zhuhaicity</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2216">spf13/cobra#2216</a></li> </ul> <h2>🔧 Dependency upgrades</h2> <ul> <li>build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2206">spf13/cobra#2206</a></li> <li>Update to latest go-md2man by <a href="https://github.com/mikelolasagasti"><code>@mikelolasagasti</code></a> in <a href="https://redirect.github.com/spf13/cobra/pull/2201">spf13/cobra#2201</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spf13/cobra/commit/40b5bc1437a564fc795d388b23835e84f54cd1d1"><code>40b5bc1</code></a> Revert "Make detection for test-binary more universal (<a href="https://redirect.github.com/spf13/cobra/issues/2173">#2173</a>)" (<a href="https://redirect.github.com/spf13/cobra/issues/2235">#2235</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/a97f9fd47b290016526c8af2dac0531fea5cd773"><code>a97f9fd</code></a> fix CompletionFunc implementation (<a href="https://redirect.github.com/spf13/cobra/issues/2234">#2234</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/5f9c40898e795a9fb0fd5ca83b6e05c3720523d1"><code>5f9c408</code></a> chore: Upgrade dependencies for v1.9.0 (<a href="https://redirect.github.com/spf13/cobra/issues/2233">#2233</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/24ada7fe71e3a3a8741dd52e0a7fc3b97450535a"><code>24ada7f</code></a> Remove the default "completion" cmd if it is alone (<a href="https://redirect.github.com/spf13/cobra/issues/1559">#1559</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/680936a2200be363c61feda8cd29287f0726a48c"><code>680936a</code></a> New logo</li> <li><a href="https://github.com/spf13/cobra/commit/8cb30f9ca53a004a6fe88c5cfcc79ac7b24fc638"><code>8cb30f9</code></a> feat: add CompletionWithDesc helper (<a href="https://redirect.github.com/spf13/cobra/issues/2231">#2231</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/17b6dca2ffaf6113cbd1cf433ec988fa7d63c6f3"><code>17b6dca</code></a> doc: add Conduit (<a href="https://redirect.github.com/spf13/cobra/issues/2230">#2230</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/ab5cadcc1bbe224b329726fc5f8b99d6f93e9805"><code>ab5cadc</code></a> Allow to reset the templates to the default (<a href="https://redirect.github.com/spf13/cobra/issues/2229">#2229</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/4ba5566f5704a9c0d205e1ef3efc4896156d33fa"><code>4ba5566</code></a> fix(bash): nounset unbound file filter variable on empty extension (<a href="https://redirect.github.com/spf13/cobra/issues/2228">#2228</a>)</li> <li><a href="https://github.com/spf13/cobra/commit/41b26ec8bb59dfba580f722201bf371c4f5703dd"><code>41b26ec</code></a> Print ActiveHelp for bash along other completions (<a href="https://redirect.github.com/spf13/cobra/issues/2076">#2076</a>)</li> <li>Additional commits viewable in <a href="https://github.com/spf13/cobra/compare/v1.8.1...v1.9.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.34.0 to 0.35.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/df97a48b7bf2f79d63b98d48185389824125a2cf"><code>df97a48</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/2dab271ff1b7396498746703d88fefcddcc5cec7"><code>2dab271</code></a> route: treat short sockaddr lengths as unspecified</li> <li><a href="https://github.com/golang/net/commit/b914489dfb743e20a8cef8c4586d9329303f7511"><code>b914489</code></a> internal/http3: refactor in prep for sharing transport/server code</li> <li><a href="https://github.com/golang/net/commit/ebd23f8b4b6645821a91bf9da4a10b3d30a98fb2"><code>ebd23f8</code></a> route: fix parsing network address of length zero</li> <li><a href="https://github.com/golang/net/commit/938a9fb94e41285a443b0882dbc46f2a4c6ed484"><code>938a9fb</code></a> internal/http3: add request/response body transfer</li> <li><a href="https://github.com/golang/net/commit/145b2d7b6deef8ae469696157bcb974d045cfc05"><code>145b2d7</code></a> internal/http3: add RoundTrip</li> <li><a href="https://github.com/golang/net/commit/5bda71aec0d0242e8b2cc529863c6484c0f1f24b"><code>5bda71a</code></a> internal/http3: define connection and stream error types</li> <li><a href="https://github.com/golang/net/commit/3c1185a39b172f62f67243986cf710bd74776347"><code>3c1185a</code></a> internal/http3: return error on mid-frame EOF</li> <li><a href="https://github.com/golang/net/commit/a6c2c7f3642a8abe22535078b3b40ba3e4fcb9f0"><code>a6c2c7f</code></a> http2, internal/httpcommon: factor out common request header logic for h2/h3</li> <li><a href="https://github.com/golang/net/commit/c72e89d6a9e44335237356faeef3b98d5c1fa770"><code>c72e89d</code></a> internal/http3: QPACK encoding and decoding</li> <li>Additional commits viewable in <a href="https://github.com/golang/net/compare/v0.34.0...v0.35.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…0 to 4.4.0 (cometbft#4997) Bumps [github.com/decred/dcrd/dcrec/secp256k1/v4](https://github.com/decred/dcrd) from 4.3.0 to 4.4.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/decred/dcrd/commit/f98d08ef138a99711dbbc86c569935ded8d6a986"><code>f98d08e</code></a> secp256k1: Prepare v4.4.0.</li> <li><a href="https://github.com/decred/dcrd/commit/cb51153239a666e46f98c6834fdd7ea71d086221"><code>cb51153</code></a> mixing: Prepare v0.5.0.</li> <li><a href="https://github.com/decred/dcrd/commit/35c5572f652a1837326c85d9c8811f1394ddea2e"><code>35c5572</code></a> crypto/rand: Prepare v1.0.1.</li> <li><a href="https://github.com/decred/dcrd/commit/1ddfc95a4dc8e0139aa7a6af863a0f2b64e86638"><code>1ddfc95</code></a> mixclient: Wait for runs to finish before closing client</li> <li><a href="https://github.com/decred/dcrd/commit/b77edc3a837d42ea46e0bfecb05189feecd7de4c"><code>b77edc3</code></a> mixclient: Wait for KEs from all attempted sessions</li> <li><a href="https://github.com/decred/dcrd/commit/921b7c30aec1a1fde2afef1dfc82b70cf8e16d73"><code>921b7c3</code></a> docs: Update README.md to required Go 1.23/1.24.</li> <li><a href="https://github.com/decred/dcrd/commit/bcb663b5aaf8ab63699e2669b90e94c7e872ef1d"><code>bcb663b</code></a> build: Test against Go 1.24.</li> <li><a href="https://github.com/decred/dcrd/commit/53648fbb64ed48aead8b3619bdd24392891fe1f6"><code>53648fb</code></a> build: Update golangci-lint to v1.64.5.</li> <li><a href="https://github.com/decred/dcrd/commit/ecc32f7dcccc77331dde0a2c4725288f6a678e7e"><code>ecc32f7</code></a> certgen: Use t.TempDir in tests.</li> <li><a href="https://github.com/decred/dcrd/commit/a7466552329ebddbaf7abfe18e4c89477eaa11f8"><code>a746655</code></a> build: Update to latest action versions.</li> <li>Additional commits viewable in <a href="https://github.com/decred/dcrd/compare/dcrec/secp256k1/v4.3.0...dcrec/secp256k1/v4.4.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4994) Bumps google.golang.org/protobuf from 1.36.4 to 1.36.5. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…1.21.0 (cometbft#4995) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.5 to 1.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's releases</a>.</em></p> <blockquote> <h2>v1.21.0 / 2025-02-19</h2> <p>:warning: This release contains potential breaking change if you upgrade <code>github.com/prometheus/common</code> to 0.62+ together with client_golang (and depend on the strict, legacy validation for the label names). New common version <a href="https://redirect.github.com/prometheus/common/pull/724">changes <code>model.NameValidationScheme</code> global variable</a>, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change <code>model.NameValidationScheme</code> to old <code>model.LegacyValidation</code> value in your project <code>init</code> function.⚠️ </p> <ul> <li>[BUGFIX] gocollector: Fix help message for runtime/metric metrics. <a href="https://redirect.github.com/prometheus/client_golang/issues/1583">#1583</a></li> <li>[BUGFIX] prometheus: Fix <code>Desc.String()</code> method for no labels case. <a href="https://redirect.github.com/prometheus/client_golang/issues/1687">#1687</a></li> <li>[PERF] prometheus: Optimize popular <code>prometheus.BuildFQName</code> function; now up to 30% faster. <a href="https://redirect.github.com/prometheus/client_golang/issues/1665">#1665</a></li> <li>[PERF] prometheus: Optimize <code>Inc</code>, <code>Add</code> and <code>Observe</code> cumulative metrics; now up to 50% faster under high concurrent contention. <a href="https://redirect.github.com/prometheus/client_golang/issues/1661">#1661</a></li> <li>[CHANGE] Upgrade prometheus/common to 0.62.0 which changes <code>model.NameValidationScheme</code> global variable. <a href="https://redirect.github.com/prometheus/client_golang/issues/1712">#1712</a></li> <li>[CHANGE] Add support for Go 1.23. <a href="https://redirect.github.com/prometheus/client_golang/issues/1602">#1602</a></li> <li>[FEATURE] process_collector: Add support for Darwin systems. <a href="https://redirect.github.com/prometheus/client_golang/issues/1600">#1600</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1616">#1616</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1625">#1625</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1675">#1675</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1715">#1715</a></li> <li>[FEATURE] api: Add ability to invoke <code>CloseIdleConnections</code> on api.Client using <code>api.Client.(CloseIdler).CloseIdleConnections()</code> casting. <a href="https://redirect.github.com/prometheus/client_golang/issues/1513">#1513</a></li> <li>[FEATURE] promhttp: Add <code>promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples</code> option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). <a href="https://redirect.github.com/prometheus/client_golang/issues/1408">#1408</a></li> <li>[FEATURE] prometheus: Add <code>NewConstNativeHistogram</code> function. <a href="https://redirect.github.com/prometheus/client_golang/issues/1654">#1654</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's changelog</a>.</em></p> <blockquote> <h2>1.21.0 / 2025-02-17</h2> <p>:warning: This release contains potential breaking change if you upgrade <code>github.com/prometheus/common</code> to 0.62+ together with client_golang. :warning:</p> <p>New common version <a href="https://redirect.github.com/prometheus/common/pull/724">changes <code>model.NameValidationScheme</code> global variable</a>, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change <code>model.NameValidationScheme</code> to old <code>model.LegacyValidation</code> value in your project <code>init</code> function.</p> <ul> <li>[BUGFIX] gocollector: Fix help message for runtime/metric metrics. <a href="https://redirect.github.com/prometheus/client_golang/issues/1583">#1583</a></li> <li>[BUGFIX] prometheus: Fix <code>Desc.String()</code> method for no labels case. <a href="https://redirect.github.com/prometheus/client_golang/issues/1687">#1687</a></li> <li>[ENHANCEMENT] prometheus: Optimize popular <code>prometheus.BuildFQName</code> function; now up to 30% faster. <a href="https://redirect.github.com/prometheus/client_golang/issues/1665">#1665</a></li> <li>[ENHANCEMENT] prometheus: Optimize <code>Inc</code>, <code>Add</code> and <code>Observe</code> cumulative metrics; now up to 50% faster under high concurrent contention. <a href="https://redirect.github.com/prometheus/client_golang/issues/1661">#1661</a></li> <li>[CHANGE] Upgrade prometheus/common to 0.62.0 which changes <code>model.NameValidationScheme</code> global variable. <a href="https://redirect.github.com/prometheus/client_golang/issues/1712">#1712</a></li> <li>[CHANGE] Add support for Go 1.23. <a href="https://redirect.github.com/prometheus/client_golang/issues/1602">#1602</a></li> <li>[FEATURE] process_collector: Add support for Darwin systems. <a href="https://redirect.github.com/prometheus/client_golang/issues/1600">#1600</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1616">#1616</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1625">#1625</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1675">#1675</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1715">#1715</a></li> <li>[FEATURE] api: Add ability to invoke <code>CloseIdleConnections</code> on api.Client using <code>api.Client.(CloseIdler).CloseIdleConnections()</code> casting. <a href="https://redirect.github.com/prometheus/client_golang/issues/1513">#1513</a></li> <li>[FEATURE] promhttp: Add <code>promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples</code> option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). <a href="https://redirect.github.com/prometheus/client_golang/issues/1408">#1408</a></li> <li>[FEATURE] prometheus: Add <code>NewConstNativeHistogram</code> function. <a href="https://redirect.github.com/prometheus/client_golang/issues/1654">#1654</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/client_golang/commit/eaf03ef9509cf7e0e56a7d0eda1f11a05506f045"><code>eaf03ef</code></a> Cut 1.21.0 (<a href="https://redirect.github.com/prometheus/client_golang/issues/1737">#1737</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/f1f89dc6c527ddf1e80b49c4f56b2c52b164105c"><code>f1f89dc</code></a> Cut 1.21.0-rc.0 (<a href="https://redirect.github.com/prometheus/client_golang/issues/1718">#1718</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/c923f7c8e40301ccf857e28f655a241695c470d7"><code>c923f7c</code></a> Revert "ci: daggerize test and lint pipelines (<a href="https://redirect.github.com/prometheus/client_golang/issues/1534">#1534</a>)" (<a href="https://redirect.github.com/prometheus/client_golang/issues/1717">#1717</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/1bcda802c13d6334110e088bbef96d32c1c05db7"><code>1bcda80</code></a> process collector: Fixed pedantic registry failures on darwin with cgo. (<a href="https://redirect.github.com/prometheus/client_golang/issues/1715">#1715</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/038b37aea518190a66e2d4df5d231e549eed7759"><code>038b37a</code></a> tutorials/whatsup: Updated deps (<a href="https://redirect.github.com/prometheus/client_golang/issues/1716">#1716</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/56a24311d5ef75b4c198516ed1c4555318ec729a"><code>56a2431</code></a> docs: Add RELEASE.md for the release process (<a href="https://redirect.github.com/prometheus/client_golang/issues/1690">#1690</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/cbd9526e6ddc36b3cec0407b70e86e8249edf4ed"><code>cbd9526</code></a> Merge pull request <a href="https://redirect.github.com/prometheus/client_golang/issues/1713">#1713</a> from prometheus/dependabot/go_modules/tutorials/what...</li> <li><a href="https://github.com/prometheus/client_golang/commit/80b5a2a705c6cf39bf08260d06fd130024affbd5"><code>80b5a2a</code></a> build(deps): bump golang.org/x/net in /tutorials/whatsup</li> <li><a href="https://github.com/prometheus/client_golang/commit/1a822a841f0ae8c1b93d6cbd3748d881e9023e05"><code>1a822a8</code></a> Upgrade to prometheus/common 0.62.0 with breaking change (<a href="https://redirect.github.com/prometheus/client_golang/issues/1712">#1712</a>)</li> <li><a href="https://github.com/prometheus/client_golang/commit/7b39d0144166aa94cc8ce4125bcb3b0da89aad5e"><code>7b39d01</code></a> Update common Prometheus files (<a href="https://redirect.github.com/prometheus/client_golang/issues/1708">#1708</a>)</li> <li>Additional commits viewable in <a href="https://github.com/prometheus/client_golang/compare/v1.20.5...v1.21.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ft#5166) --- #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5164 done by [Mergify](https://mergify.com). --------- Co-authored-by: Zachary Becker <[email protected]>
…) (cometbft#5168) Previously, we would only push a single arm64 image. Evidence: https://hub.docker.com/r/cometbft/e2e-node/tags<hr>This is an automatic backport of pull request cometbft#5014 done by [Mergify](https://mergify.com). --------- Co-authored-by: Anton Kaliaev <[email protected]> Co-authored-by: Zachary Becker <[email protected]>
cometbft#5171) --- Adding supported version to version tag here. Will backport to v1.x and v0.38.x where those images are built. #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5169 done by [Mergify](https://mergify.com). Co-authored-by: Zachary Becker <[email protected]>
…metbft#5174) --- Since in a later step we are creating a multi arch build, my understanding is that tagging each build independently can cause a race condition on dockerhub's side. Since we are seeing single architecture builds on dockerhub, this will hopefully fix it. #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5173 done by [Mergify](https://mergify.com). Co-authored-by: Zachary Becker <[email protected]>
--- The way the old docker file worked, it would build images and tag them, but that tag gets overwritten by the multi-architecture build. This is very confusing because there is times during build where the multi-architecture build only has amd64 for a minute or so, then it only has arm64 for a minute or so, and assuming the job doesn't fail, it eventually becomes a true multi architecture image. This PR instead creates a separate tag for the single architecture build to make the intermediate steps a bit clearer, and in case of failure doesn't accidently leave a multi-arch build in a single-arch state. This can safely be backported to v1.x and v0.38.x #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5176 done by [Mergify](https://mergify.com). --------- Co-authored-by: Zachary Becker <[email protected]>
--- This is a refactor of the CometBFT docker image build. The current state of this build is completely broken. It builds an amd64 and an arm64 version, and publishes each of them individually without doing a multi-arch image. The result is only the arch that finishes last ends up tagged. This PR will make the single-arch builds tagged with arch specific labels, and the current labels with be multi-arch builds. #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5179 done by [Mergify](https://mergify.com). --------- Co-authored-by: Zachary Becker <[email protected]>
--- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5214 done by [Mergify](https://mergify.com). Co-authored-by: Zachary Becker <[email protected]>
…tbft#5222) --- I removed .git from the .dockerignore because it's used during building. Doing multistage builds should keep it out of the runtime build. Open to alternative ideas. #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5220 done by [Mergify](https://mergify.com). --------- Co-authored-by: Zachary Becker <[email protected]>
--- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
…bft#5240) This adds a reindex command to the CLI interface. The command was already implemented, and included in a previous tendermint release (`0.34.x`) but the backport was missed during the tendermint -> cometbft transition. This is a useful command to repipe events to a destination sink, for example because of a migration, or if an event was lost because the sink was offline. This has been a recurring source of pain for us (Penumbra), and we didn't realize it existed until now. First, adding to `main`, and I will open backports to `0.38.x` and `0.37.x`. --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5209 done by [Mergify](https://mergify.com). Co-authored-by: Erwan Or <[email protected]> Co-authored-by: Zachary Becker <[email protected]>
adds metrics for: - how long it took to get to quorum of precommits - the total votes and voting power percentage accumulated within the timeout commit period
--- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
Follows cosmos/gaia#3529 #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
--- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
--- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#5313) Closes cometbft#5275 This should be back ported all the way to 0.38. Note that in v1 and 0.38 there is no blockCommitCache so that part should be left out. --- #### PR checklist - [ ] Tests written/updated - [ x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5276 done by [Mergify](https://mergify.com). --------- Co-authored-by: Jasmina Malicevic <[email protected]> Co-authored-by: aljo242 <[email protected]>
- clean up go.mod by organizing / grouping - remove unused `third_party` dir - properly set cometbft semver for upcoming v0.38.19
…t#5325) Related: cometbft#5150 Closes: https://linear.app/cosmoslabs/issue/STACK-1504/fix-consistent-flake-in-cometbft-ci-before-further-work --- #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments
…#5324) (cometbft#5407) --- Updates the consensus reactor to validate that a received proposal will not contain more parts than the amount of chunks that it would take to build a block whos size is equal to `ConsensusParams.Block.MaxBytes`. Original PR is here cometbft#5309, but reopened since the contributor stopped replying. #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#5324 done by [Mergify](https://mergify.com). Co-authored-by: Alex | Interchain Labs <[email protected]> Co-authored-by: arsushi <[email protected]> Co-authored-by: Abdul Malek <[email protected]> Co-authored-by: Matt Acciai <[email protected]> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Tyler <[email protected]> Co-authored-by: maradini77 <[email protected]>
Release v0.38.18
* add VaidateBasic to BitArray to ensure Bits and len(Elems) are valid * call ValidateBasic on BitArrays when receiving as a msg from exteranl nodes * enfore SetIndex is not setting out of bounds * add guard to getNumTrueIndices getNumTrueIndices will index out of bounds if Bits and Elems have a mismatch where len(elems) != (bits+63)/64, this guard makes it simply return 0 if this mismatch is present * changelog * fix missing import for v0.38.x * update changelog for release of v0.38.19 * remove duplicate bug fixes from unreleased * fix changelog date * fix lint * fix expected error string in test
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…in permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…ain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…olygon/cometbft into mardizzone/upstream-v0.38.18
|
pratikspatil024
approved these changes
Oct 14, 2025
avalkov
approved these changes
Oct 14, 2025
lucca30
approved these changes
Oct 14, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge from upstream until version
v0.38.19