search

confio / tgrade

The Tgrade Blockchain Binary, based on the Cosmos SDK and wasmd
Apache License 2.0
31 stars 10 forks source link

Bump github.com/cosmos/ibc-go/v3 from 3.1.0 to 3.3.0 #458

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps github.com/cosmos/ibc-go/v3 from 3.1.0 to 3.3.0.

Release notes

Sourced from github.com/cosmos/ibc-go/v3's releases.

v3.3.0

This release includes a fix for a security vulnerability identified in the ICS27 host submodule. User funds in accounts and staking delegations are NOT at risk.

This release uses Cosmos SDK v0.45.8 and Tendermint v0.34.21. For more information, see Cosmos SDK v0.45.8 Release Notes and Tendermint v0.34.21 Changelog.

We present here the other changes in this release. Please see the v3.3.0 changelog for more information.

apps/27-interchain-accounts

  • The InterchainAccount query RPC method and CLI query have been added to the controller submodule to allow end users the ability to inspect the interchain account address generated on the host chain.
  • Nil checks have been added to ensure services are not registered for nil host or controller keepers.

To learn more about ibc-go versioning, please read our RELEASES.md.

IMPORTANT: Please read the migration guides for any versions of ibc-go that you might be going through when upgrading to this version. For example: if you upgrade from the IBC module contained in the Cosmos SDK 0.42.0 to SDK v0.45.8 and ibc-go v3.3.0, please follow:

  1. The migration from SDK 0.41.x or 0.42.x to the IBC module in the ibc-go repository based on the SDK v0.44.x.
  2. The migration from ibc-go v1 to v2.
  3. The migration from ibc-go v2 to v3.
  4. The migration to add support for transfers of tokens whose base denomination contains slashes.

v3.2.1

This release bumps the Cosmos SDK from v0.45.7 to v0.45.8 and Tendermint from v0.34.20 to v0.34.21. For more information, see Cosmos SDK v0.45.8 Release Notes and Tendermint v0.34.21 Changelog.

To learn more about ibc-go versioning, please read our RELEASES.md.

IMPORTANT: Please read the migration guides for any versions of ibc-go that you might be going through when upgrading to this version. For example: if you upgrade from the IBC module contained in the Cosmos SDK 0.42.0 to SDK v0.45.8 and ibc-go v3.2.1, please follow:

  1. The migration from SDK 0.41.x or 0.42.x to the IBC module in the ibc-go repository based on the SDK v0.44.x.
  2. The migration from ibc-go v1 to v2.
  3. The migration from ibc-go v2 to v3.
  4. The migration to add support for transfers of tokens whose base denomination contains slashes.

v3.2.0

Please note that, according to ibc-go's semantic versioning, this release requires a coordinated upgrade because it contains state-machine breaking changes. This release requires also running a migration.

This release bumps the Go version to v1.18 and the Cosmos SDK to v0.45.7 (for more information, see Cosmos SDK v0.45.7 Release Notes), and introduces several improvements and bug fixes. We present here a summary of the most relevant changes. Please see the v3.2.0 changelog for the full set of changes included in this release.

apps/transfer

... (truncated)

Changelog

Sourced from github.com/cosmos/ibc-go/v3's changelog.

v3.3.0 - 2022-09-20

Dependencies

  • #2286 Bump SDK version to v0.45.8 and Tendermint to v0.34.21.

Features

  • (apps/27-interchain-accounts) #2193 Adding InterchainAccount gRPC query endpont to ICS27 controller submodule to allow users to retrieve registered interchain account addresses.

Bug Fixes

  • (27-interchain-accounts) #2308 Nil checks have been added to ensure services are not registered for nil host or controller keepers.

v3.2.0 - 2022-08-12

Dependencies

  • #1627 Bump Go version to 1.18
  • #1905 Bump SDK version to v0.45.7

State Machine Breaking

  • (apps/transfer) #1907 Blocked module account addresses are no longer allowed to send IBC transfers.
  • (apps/27-interchain-accounts) #1882 Explicitly check length of interchain account packet data in favour of nil check.

Improvements

  • (core/02-client) #1570 Emitting an event when handling an upgrade client proposal.
  • (modules/light-clients/07-tendermint) #1713 Allow client upgrade proposals to update TrustingPeriod. See ADR-026 for context.
  • (app/20-transfer) #1680 Adds migration to correct any malformed trace path information of tokens with denoms that contains slashes. The transfer module consensus version has been bumped to 2.
  • (app/20-transfer) #1730 parse the ics20 denomination provided via a packet using the channel identifier format specified by ibc-go.
  • (core/client) #1740 Add cosmos_proto.implements_interface to adhere to guidelines in Cosmos SDK ADR 019 for annotating google.protobuf.Any types

Bug Fixes

  • (modules/core/04-channel)#1919 Fixed formatting of sequence for packet "acknowledgement written" logs.
Commits
  • 250157f update changelog for v3.3.0 release
  • 2c06894 fix: add nil checks for controller and host keeper services (backport #2308) ...
  • 4b3d3b8 Merge pull request from GHSA-832c-mq9v-367r
  • 2abfd4f release/v3.3.x - Bump SDK to v0.45.8 and Tendermint to v0.34.21 (#2286)
  • 59f22c5 feat: adding interchain account address query to controller submodule (backpo...
  • 3d61f16 chore: fix broken link to bank module spec (backport #2201) (#2208)
  • 5562746 remove empty line in comments
  • 82aafb0 gofumpt v3.2.x (#1735)
  • 62593e2 fix broken link (#2059) (#2096)
  • 06f5e34 Update CHANGELOG.md
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
alpe commented 2 years ago

This requires a migration and has to be done manual

dependabot[bot] commented 2 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.