chore(deps): bump github.com/cosmos/cosmos-sdk from 0.50.4 to 0.50.6

[dependabot[bot]]

Bumps github.com/cosmos/cosmos-sdk from 0.50.4 to 0.50.6.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.50.6

Cosmos SDK v0.50.6 Release Notes

💬 Release Discussion

🚀 Highlights

For this month patch release of the v0.50.x line, a few features and improvements were added to the SDK.

Notably, we added and fixed the following:

• Add start customizability to start command options. Customize how an application starts with the new StartCommandHandler field in server.StartCmdOptions struct.
• Fixing GHSA-4j93-fm92-rp4m in x/feegrant and x/authz modules. The upgrade instuctions were provided in the v0.50.4 release notes.

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Refer to the upgrading guide when migrating from v0.47.x to v0.50.1. Note, that the next SDK release, v0.51, will not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

v0.50.5

Cosmos SDK v0.50.5 Release Notes

💬 Release Discussion

🚀 Highlights

This is time for another patch release of Cosmos SDK Eden. This release includes a few notable fixes:

• Fix a bypass delegator slashing: GHSA-86h5-xcpx-cfqc
• Fix an issue in baseapp.ValidateVoteExtensions helper: GHSA-95rx-m9m5-m94v
• Allow to provide custom signers for x/auth/tx using depinject

We recommended to upgrade to this patch release as soon as possible.
When upgrading from <= v0.50.4, please ensure that 2/3 of the validator power upgrade to v0.50.5.

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Refer to the upgrading guide when migrating from v0.47.x to v0.50.1. Note, that the next SDK release, v0.51, will not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.50.6 - 2024-04-22

Features

• (types) #19759 Align SignerExtractionAdapter in PriorityNonceMempool Remove.
• (client) #19870 Add new query command wait-tx. Alias event-query-tx-for to wait-tx for backward compatibility.

Improvements

• (telemetry) #19903 Conditionally emit metrics based on enablement.
  • Introduction of Now Function: Added a new function called Now to the telemetry package. It returns the current system time if telemetry is enabled, or a zero time if telemetry is not enabled.
  • Atomic Global Variable: Implemented an atomic global variable to manage the state of telemetry's enablement. This ensures thread safety for the telemetry state.
  • Conditional Telemetry Emission: All telemetry functions have been updated to emit metrics only when telemetry is enabled. They perform a check with isTelemetryEnabled() and return early if telemetry is disabled, minimizing unnecessary operations and overhead.
• (deps) #19810 Upgrade prometheus version and fix API breaking change due to prometheus bump.
• (deps) #19810 Bump cosmossdk.io/store to v1.1.0.
• (server) #19884 Add start customizability to start command options.
• (x/gov) #19853 Emit depositor in EventTypeProposalDeposit.
• (x/gov) #19844 Emit the proposer of governance proposals.
• (baseapp) #19616 Don't share gas meter in tx execution.

Bug Fixes

• (x/authz) #20114 Follow up of GHSA-4j93-fm92-rp4m for x/authz.
• (crypto) #19691 Fix tx sign doesn't throw an error when incorrect Ledger is used.
• (baseapp) #19970 Fix default config values to use no-op mempool as default.
• (crypto) #20027 secp256r1 keys now implement gogoproto's customtype interface.
• (x/bank) #20028 Align query with multi denoms for send-enabled.

v0.50.5 - 2024-03-12

Features

• (baseapp) #19626 Add DisableBlockGasMeter option to BaseApp, which removes the block gas meter during transaction execution.

Improvements

• (x/distribution) #19707 Add autocli config for DelegationTotalRewards for CLI consistency with q rewards commands in previous versions.
• (x/auth) #19651 Allow empty public keys in GetSignBytesAdapter.

Bug Fixes

• (x/gov) #19725 Fetch a failed proposal tally from proposal.FinalTallyResult in the gprc query.
• (types) #19709 Fix skip staking genesis export when using CoreAppModuleAdaptor / CoreAppModuleBasicAdaptor for it.
• (x/auth) #19549 Accept custom get signers when injecting x/auth/tx.
• (x/staking) Fix a possible bypass of delegator slashing: GHSA-86h5-xcpx-cfqc
• (baseapp) Fix a bug in baseapp.ValidateVoteExtensions helper (GHSA-95rx-m9m5-m94v). The helper has been fixed and for avoiding API breaking changes currentHeight and chainID arguments are ignored. Those arguments are removed from the helper in v0.51+.

Commits

• c4d9a49 chore: update v0.50.6 release notes (#20124)
• fcb9d84 fix(x/authz,x/feegrant): check blocked address (#20102)
• 0a682f7 fix: use timestamp for sim log file name (backport #20108) (#20111)
• 4bd0e02 chore: prepare v0.50.6 (#19998)
• 2a32f42 feat(client/v2): implement version filtering using annotation (backport #2008...
• a2abf1a build(deps): Bump github.com/cosmos/cosmos-proto from 1.0.0-beta.4 to 1.0.0-b...
• 49c3ae6 fix: secp256r1 json missing quotes (backport #20060) (#20069)
• 9941498 fix(baseapp): don't share global gas meter in tx execution (backport #19616) ...
• dafcc78 feat(x/bank): support depinject for send restrictions (backport #20014) (#20024)
• d6a0fa1 build(deps): Bump cosmossdk.io/x/tx from 0.13.1 to 0.13.2 (#20042)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @bot-anik.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai[bot]]

[!IMPORTANT]

Auto Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger a review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[dependabot[bot]]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

[dependabot[bot]]

Looks like github.com/cosmos/cosmos-sdk is up-to-date now, so this is no longer needed.