welcome[bot]
commented
1 year ago Thank you for submitting this PR! A maintainer will be here shortly to review it. We are super grateful, but we are also overloaded! Help us by making sure that:
-
The context for this PR is clear, with relevant discussion, decisions and stakeholders linked/mentioned.
-
Your contribution itself is clear (code comments, self-review for the rest) and in its best form. Follow the code contribution guidelines if they apply.
Getting other community members to do a review would be great help too on complex PRs (you can ask in the chats/forums). If you are unsure about something, just leave us a comment. Next steps:
-
A maintainer will triage and assign priority to this PR, commenting on any missing things and potentially assigning a reviewer for high priority items.
-
The PR gets reviews, discussed and approvals as needed.
-
The PR is merged by maintainers when it has been approved and comments addressed.
We currently aim to provide initial feedback/triaging within two business days. Please keep an eye on any labelling actions, as these will indicate priorities and status of your contribution. We are very grateful for your contribution!
Upgrade go-libp2p-core v0.8.6 to go-libp2p-core v0.20.1 to remove indirect dependacy of btcd module which is vulnerable to CVE-2022-44797.
The latest version of go-libp2p-core does not use btcd at all.