crypto-com / tmkms-light

TEE-based Key Management System for Tendermint validators.
https://github.com/tendermint/tendermint/
Other
18 stars 16 forks source link

Bump tendermint-p2p from 0.30.0 to 0.32.1 #601

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps tendermint-p2p from 0.30.0 to 0.32.1.

Release notes

Sourced from tendermint-p2p's releases.

v0.32.0

📖 Release notes

What's Changed

New Contributors

Full Changelog: https://github.com/informalsystems/tendermint-rs/compare/v0.31.1...v0.32.0

v0.31.1

📖 Release notes

What's Changed

Full Changelog: https://github.com/informalsystems/tendermint-rs/compare/v0.31.0...v0.31.1

v0.31.0

📖 Release notes

What's Changed

Full Changelog: https://github.com/informalsystems/tendermint-rs/compare/v0.30.0...v0.31.0

Changelog

Sourced from tendermint-p2p's changelog.

v0.32.1

Fixed a bug with processing the latest_block_result endpoint result in the RPC client set to the 0.34 compatibility mode.

BUG FIXES

  • [tendermint-rpc] Use compatibility mode in implementations of the Client::latest_block_results method (#1326)

v0.32.0

May 3rd, 2023

This release notably comes with a fully featured light client attack detector, and introduces a CLI for the light client for verifying headers, detecting attacks against the light client, and reporting the evidence to primary and witness nodes.

It also adds a Verifier::verify_misbehaviour_header method for verifying headers coming from a misbehaviour evidence.

Moreover, the Client trait is now exposed by the tendermint-rpc without requiring the http-client or the websocket-client feature flags to be enabled.

BREAKING CHANGES

  • [tendermint-light-client-verifier] Rename Verifier::verify to Verifier::verify_update_header to better describe its purpose versus Verifier::verify_misbehaviour_header (#1294)

FEATURES

  • [tendermint-light-client-detector] Implement a light client attack detector, based on its Go version found in Comet (#1291)
  • [tendermint-light-client-verifier] Add Verifier::verify_misbehaviour_header for verifying headers coming from a misbehaviour evidence. The verification for these headers is a bit more relaxed in order to catch FLA attacks. In particular the "header in the future" check for the header should be skipped. (#1294)

IMPROVEMENTS

... (truncated)

Commits
  • dc9861d Release 0.32.1 (#1331)
  • 91ff1e4 Prepare release for v0.32.0 (#1314)
  • 6a4cd24 Loosen bounds on merkle hash arguments (#1311)
  • 2238d4b light-client: Add CLI for verifying headers, detecting and reporting light cl...
  • de10198 light-client: Attack detector and evidence reporting (#1292)
  • c137a3d rpc: Export Client trait unconditionally (#1305)
  • e298247 Remove nightly-only options in rustfmt config (#1303)
  • 9f0ee2b Disable Substrate no-std check as it won't build on latest nightlies (#1302)
  • 9e48f17 Add Verifier::verify_misbehaviour_header for verifying headers coming from ...
  • adf235f Prepare release v0.31.1 (#1298)
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

calvinaco commented 1 year ago

@dependabot rebase

dependabot[bot] commented 1 year ago

Superseded by #612.