PeggyJV / gravity-bridge

A CosmosSDK application for moving assets on and off of EVM based, POW chains
Apache License 2.0
57 stars 57 forks source link

Bump github.com/cosmos/cosmos-sdk from 0.45.10 to 0.47.3 in /module #530

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps github.com/cosmos/cosmos-sdk from 0.45.10 to 0.47.3.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.47.3

Cosmos SDK v0.47.3 Release Notes

πŸ’¬ Release Discussion

πŸš€ Highlights

Missed the v0.47.0 announcement? Read it here. For this third patch release of the v0.47.x line, some of the notable changes include:

  • The barberry security vulnerability is resolved. All chains using Cosmos SDK v0.47.0-v0.47.2 are advised to upgrade to v0.47.3 immediately. A chain is not affected by the vulnerability as soon as 33%+1 of the voting power has upgraded. A chain is safe from halting as soon as 66%+1 of the voting power has upgraded. Coordinate with your validators to upgrade as soon as possible. The upgrade can be applied as a rolling upgrade across the validators or as a coordinated upgrade. Networks should decide which option gets them upgraded quicker.
  • A command to be able to bootstrap comet from a local snapshot with <app> comet bootstrap-state.
  • Commands to manage snapshots: Add snapshot.Cmd(appCreator) to your chain root command for using them.
  • The default logger is now cosmossdk.io/log, which supports coloring πŸŸ₯🟩πŸŸͺ🟦 and filtering again.
  • A bug fix in x/group migration. Chains migrating from v0.46.x to v0.47.x must use at least v0.47.3.

Check out the changelog for an exhaustive list of changes or compare changes from last release.

Refer to the upgrading guide when migrating from v0.46.x to v0.47.0.

v0.47.2

Cosmos SDK v0.47.2 Release Notes

πŸ’¬ Release Discussion

πŸ“ Changelog

Check out the changelog for an exhaustive list of changes or compare changes from last release.

Refer to the upgrading guide when migrating from v0.46.x to v0.47.0.

πŸš€ Highlights

For this second patch release of the v0.47.x line, we focused on fixing bugs and improving the developer experience. Missed the v0.47.0 announcement? Read it here.

Notably, a fix for loading archival states (thank you @​catShaark). Additionally, the release fixes an issue where querying previous block heights would return an incorrect timestamp.

v0.47.1

Cosmos SDK v0.47.1 Release Notes

πŸ’¬ Release Discussion

πŸ“ Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from last release.

... (truncated)

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.47.3 - 2023-06-08

Features

  • (baseapp) #16290 Add circuit breaker setter in baseapp.
  • (x/group) #16191 Add EventProposalPruned event to group module whenever a proposal is pruned.
  • (tx) #15992 Add WithExtensionOptions in tx Factory to allow SetExtensionOptions with given extension options.

Improvements

  • (baseapp) #16407 Make DefaultProposalHandler.ProcessProposalHandler return a ProcessProposal NoOp when using none or a NoOp mempool.
  • (deps) #16083 Bumps proto-builder image to 0.13.0.
  • (client) #16075 Partly revert #15953 and factory.Prepare now does nothing in offline mode.
  • (server) #15984 Use cosmossdk.io/log package for logging instead of CometBFT logger. NOTE: v0.45 and v0.46 were not using CometBFT logger either. This keeps the same underlying logger (zerolog) as in v0.45.x+ and v0.46.x+ but now properly supporting filtered logging.
  • (gov) #15979 Improve gov error message when failing to convert v1 proposal to v1beta1.
  • (store) #16067 Add local snapshots management commands.
  • (server) #16061 Add Comet bootstrap command.
  • (snapshots) #16060 Support saving and restoring snapshot locally.
  • (x/staking) #16068 Update simulation to allow non-EOA accounts to stake.
  • (server) #16142 Remove JSON Indentation from the GRPC to REST gateway's responses. (Saving bandwidth)
  • (types) #16145 Rename interface ExtensionOptionI back to TxExtensionOptionI to avoid breaking change.
  • (baseapp) #16193 Add Close method to BaseApp for custom app to cleanup resource in graceful shutdown.

Bug Fixes

  • Fix barberry security vulnerability.
  • (server) #16395 Do not override some Comet config is purposely set differently in InterceptConfigsPreRunHandler.
  • (store) #16449 Fix StateSync Restore by excluding memory store.
  • (cli) #16312 Allow any addresses in client.ValidatePromptAddress.
  • (x/group) #16017 Correctly apply account number in group v2 migration.

API Breaking Changes

  • (testutil) #14991 The testutil/testdata_pulsar package has moved to testutil/testdata/testpb. Chains will not notice this breaking change as this package contains testing utilities only used by the SDK internally.

v0.47.2 - 2023-04-27

Improvements

  • (x/evidence) #15908 Update the equivocation handler to work with ICS by removing a pubkey check that was performing a no-op for consumer chains.
  • (x/slashing) #15908 Remove the validators' pubkey check in the signature handler in order to work with ICS.
  • (deps) #15957 Bump CometBFT to v0.37.1.
  • (store) #15683 rootmulti.Store.CacheMultiStoreWithVersion now can handle loading archival states that don't persist any of the module stores the current state has.
  • #15448 Automatically populate the block timestamp for historical queries. In contexts where the block timestamp is needed for previous states, the timestamp will now be set. Note, when querying against a node it must be re-synced in order to be able to automatically populate the block timestamp. Otherwise, the block timestamp will be populated for heights going forward once upgraded.
  • #14019 Remove the interface casting to allow other implementations of a CommitMultiStore.
  • (simtestutil) #15903 Add AppStateFnWithExtendedCbs with moduleStateCb callback function to allow access moduleState.

Bug Fixes

  • (baseapp) #15789 Ensure PrepareProposal and ProcessProposal respect InitialHeight set by CometBFT when set to a value greater than 1.

... (truncated)

Commits


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/PeggyJV/gravity-bridge/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.