From 2fee473e99bc81e612f479a6502e11a33114f375 Mon Sep 17 00:00:00 2001 From: Anton Kaliaev Date: Thu, 24 Oct 2024 11:33:06 +0400 Subject: [PATCH 1/7] fix(state/indexer): copy value (#4321) Because, in cometbft-db v0.13+, the iterator is being reused so we need to always copy key and value if we're storing them in a map or other in-memory structure. Closes #4295 --- go.mod | 6 ++---- go.sum | 4 ++-- state/indexer/block/kv/kv.go | 12 ++++++++---- state/txindex/kv/kv.go | 7 ++++++- test/e2e/docker/Dockerfile | 2 +- 5 files changed, 19 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 2d7710205e6..4ac49eaa191 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,6 @@ module github.com/cometbft/cometbft -go 1.22.2 - -toolchain go1.22.7 +go 1.22.7 require ( github.com/BurntSushi/toml v1.4.0 @@ -41,7 +39,7 @@ require ( github.com/Masterminds/semver/v3 v3.3.0 github.com/btcsuite/btcd/btcec/v2 v2.3.4 github.com/btcsuite/btcd/btcutil v1.1.6 - github.com/cometbft/cometbft-db v0.12.0 + github.com/cometbft/cometbft-db v0.14.1 github.com/cosmos/gogoproto v1.7.0 github.com/go-git/go-git/v5 v5.12.0 github.com/gofrs/uuid v4.4.0+incompatible diff --git a/go.sum b/go.sum index e3b6a05b273..529af948d2f 100644 --- a/go.sum +++ b/go.sum @@ -85,8 +85,8 @@ github.com/cockroachdb/redact v1.1.5 h1:u1PMllDkdFfPWaNGMyLD1+so+aq3uUItthCFqzwP github.com/cockroachdb/redact v1.1.5/go.mod h1:BVNblN9mBWFyMyqK1k3AAiSxhvhfK2oOZZ2lK+dpvRg= github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06 h1:zuQyyAKVxetITBuuhv3BI9cMrmStnpT18zmgmTxunpo= github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06/go.mod h1:7nc4anLGjupUW/PeY5qiNYsdNXj7zopG+eqsS7To5IQ= -github.com/cometbft/cometbft-db v0.12.0 h1:v77/z0VyfSU7k682IzZeZPFZrQAKiQwkqGN0QzAjMi0= -github.com/cometbft/cometbft-db v0.12.0/go.mod h1:aX2NbCrjNVd2ZajYxt1BsiFf/Z+TQ2MN0VxdicheYuw= +github.com/cometbft/cometbft-db v0.14.1 h1:SxoamPghqICBAIcGpleHbmoPqy+crij/++eZz3DlerQ= +github.com/cometbft/cometbft-db v0.14.1/go.mod h1:KHP1YghilyGV/xjD5DP3+2hyigWx0WTp9X+0Gnx0RxQ= github.com/containerd/continuity v0.3.0 h1:nisirsYROK15TAMVukJOUyGJjz4BNQJBVsNvAXZJ/eg= github.com/containerd/continuity v0.3.0/go.mod h1:wJEAIwKOm/pBZuBd0JmeTvnLquTB1Ag8espWhkykbPM= github.com/cosmos/gogoproto v1.7.0 h1:79USr0oyXAbxg3rspGh/m4SWNyoz/GLaAh0QlCe2fro= diff --git a/state/indexer/block/kv/kv.go b/state/indexer/block/kv/kv.go index 3840e053a33..0533c4b61fe 100644 --- a/state/indexer/block/kv/kv.go +++ b/state/indexer/block/kv/kv.go @@ -385,11 +385,15 @@ FOR_LOOP: } func (idx *BlockerIndexer) setTmpHeights(tmpHeights map[string][]byte, it dbm.Iterator) { - // If we return attributes that occur within the same events, then store the event sequence in the - // result map as well + // If we return attributes that occur within the same events, then store the + // event sequence in the result map as well. eventSeq, _ := parseEventSeqFromEventKey(it.Key()) - retVal := it.Value() - tmpHeights[string(retVal)+strconv.FormatInt(eventSeq, 10)] = it.Value() + + // Copy the value because the iterator will be reused. + value := make([]byte, len(it.Value())) + copy(value, it.Value()) + + tmpHeights[string(value)+strconv.FormatInt(eventSeq, 10)] = value } diff --git a/state/txindex/kv/kv.go b/state/txindex/kv/kv.go index 0e1b25a89d6..f807735feff 100644 --- a/state/txindex/kv/kv.go +++ b/state/txindex/kv/kv.go @@ -342,7 +342,12 @@ func lookForHash(conditions []syntax.Condition) (hash []byte, ok bool, err error func (*TxIndex) setTmpHashes(tmpHeights map[string][]byte, key, value []byte) { eventSeq := extractEventSeqFromKey(key) - tmpHeights[string(value)+eventSeq] = value + + // Copy the value because the iterator will be reused. + valueCopy := make([]byte, len(value)) + copy(valueCopy, value) + + tmpHeights[string(valueCopy)+eventSeq] = valueCopy } // match returns all matching txs by hash that meet a given condition and start diff --git a/test/e2e/docker/Dockerfile b/test/e2e/docker/Dockerfile index 81794cae2c1..9768528c8b7 100644 --- a/test/e2e/docker/Dockerfile +++ b/test/e2e/docker/Dockerfile @@ -1,7 +1,7 @@ # We need to build in a Linux environment to support C libraries, e.g. RocksDB. # We use Debian instead of Alpine, so that we can use binary database packages # instead of spending time compiling them. -FROM cometbft/cometbft-db-testing:v0.12.0 +FROM cometbft/cometbft-db-testing:v0.14.1 RUN apt-get -qq update -y && apt-get -qq upgrade -y >/dev/null From 048bb7a47d2022c6a930b4d6358ce301c44d1cf6 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Thu, 24 Oct 2024 15:33:20 +0000 Subject: [PATCH 2/7] chore: use decred secp256k1 directly (backport #4294) (#4328) Use `github.com/decred/dcrd/dcrec/secp256k1/v4` directly rather than `github.com/btcsuite/btcd/btcec/v2` which is just a wrapper around the underlying decred library. Inspired by https://github.com/cosmos/cosmos-sdk/pull/15018 `github.com/btcsuite/btcd/btcec/v2` has a very annoying breaking change when upgrading from `v2.3.3` to `v2.3.4`. The easiest way to workaround this is to just remove the wrapper. Would be very nice if you could backport this to v0.37.x and v0.38.x. References: - https://github.com/btcsuite/btcd/issues/2221 - https://github.com/cometbft/cometbft/pull/3728 - https://github.com/zeta-chain/node/pull/2934 --- #### PR checklist - [ ] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments
This is an automatic backport of pull request #4294 done by [Mergify](https://mergify.com). --------- Co-authored-by: Alex Gartner Co-authored-by: Anton Kaliaev --- .../features/4294-remove-secp256k1-wrapper.md | 1 + .golangci.yml | 51 +++++++++++++++++++ crypto/secp256k1/secp256k1.go | 14 ++--- crypto/secp256k1/secp256k1_internal_test.go | 2 +- crypto/secp256k1/secp256k1_test.go | 7 ++- go.mod | 8 ++- go.sum | 11 ++-- 7 files changed, 69 insertions(+), 25 deletions(-) create mode 100644 .changelog/unreleased/features/4294-remove-secp256k1-wrapper.md diff --git a/.changelog/unreleased/features/4294-remove-secp256k1-wrapper.md b/.changelog/unreleased/features/4294-remove-secp256k1-wrapper.md new file mode 100644 index 00000000000..ca1333d6f8b --- /dev/null +++ b/.changelog/unreleased/features/4294-remove-secp256k1-wrapper.md @@ -0,0 +1 @@ +- `[crypto]` use decred secp256k1 directly ([#4294](https://github.com/cometbft/cometbft/pull/4294)) \ No newline at end of file diff --git a/.golangci.yml b/.golangci.yml index 24116994dae..7585abcf7b2 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -76,6 +76,7 @@ linters-settings: - github.com/spf13 - github.com/stretchr/testify/require - github.com/syndtr/goleveldb + - github.com/decred/dcrd/dcrec/secp256k1/v4 test: files: - "$test" @@ -96,3 +97,53 @@ linters-settings: - github.com/prometheus/client_golang/prometheus/promhttp - github.com/spf13 - github.com/stretchr/testify + - github.com/decred/dcrd/dcrec/secp256k1/v4 + + revive: + enable-all-rules: true + rules: + - name: comment-spacings # temporarily disabled + disabled: true + - name: max-public-structs + disabled: true + - name: cognitive-complexity + disabled: true + - name: argument-limit + disabled: true + - name: cyclomatic + disabled: true + - name: deep-exit + disabled: true + - name: file-header + disabled: true + - name: function-length + disabled: true + - name: function-result-limit + disabled: true + - name: line-length-limit + disabled: true + - name: flag-parameter + disabled: true + - name: add-constant + disabled: true + - name: empty-lines + disabled: true + - name: import-shadowing + disabled: true + - name: modifies-value-receiver + disabled: true + - name: confusing-naming + disabled: true + - name: defer + disabled: true + - name: unchecked-type-assertion + disabled: true + - name: unhandled-error + disabled: true + arguments: + - "fmt.Printf" + - "fmt.Print" + - "fmt.Println" + gosec: + excludes: + - G115 diff --git a/crypto/secp256k1/secp256k1.go b/crypto/secp256k1/secp256k1.go index 51d462c0bed..fdf5727c722 100644 --- a/crypto/secp256k1/secp256k1.go +++ b/crypto/secp256k1/secp256k1.go @@ -8,9 +8,9 @@ import ( "io" "math/big" - secp256k1 "github.com/btcsuite/btcd/btcec/v2" - "github.com/btcsuite/btcd/btcec/v2/ecdsa" - "golang.org/x/crypto/ripemd160" //nolint: staticcheck // necessary for Bitcoin address format + "github.com/decred/dcrd/dcrec/secp256k1/v4" + "github.com/decred/dcrd/dcrec/secp256k1/v4/ecdsa" + "golang.org/x/crypto/ripemd160" //nolint: gosec,staticcheck // necessary for Bitcoin address format "github.com/cometbft/cometbft/crypto" cmtjson "github.com/cometbft/cometbft/libs/json" @@ -43,9 +43,9 @@ func (privKey PrivKey) Bytes() []byte { // PubKey performs the point-scalar multiplication from the privKey on the // generator point to get the pubkey. func (privKey PrivKey) PubKey() crypto.PubKey { - _, pubkeyObject := secp256k1.PrivKeyFromBytes(privKey) + secpPrivKey := secp256k1.PrivKeyFromBytes(privKey) - pk := pubkeyObject.SerializeCompressed() + pk := secpPrivKey.PubKey().SerializeCompressed() return PubKey(pk) } @@ -126,7 +126,7 @@ func GenPrivKeySecp256k1(secret []byte) PrivKey { // Sign creates an ECDSA signature on curve Secp256k1, using SHA256 on the msg. // The returned signature will be of the form R || S (in lower-S form). func (privKey PrivKey) Sign(msg []byte) ([]byte, error) { - priv, _ := secp256k1.PrivKeyFromBytes(privKey) + priv := secp256k1.PrivKeyFromBytes(privKey) sum := sha256.Sum256(msg) sig := ecdsa.SignCompact(priv, sum[:], false) @@ -199,7 +199,7 @@ func (pubKey PubKey) VerifySignature(msg []byte, sigStr []byte) bool { // parse the signature: signature := signatureFromBytes(sigStr) - // Reject malleable signatures. libsecp256k1 does this check but btcec doesn't. + // Reject malleable signatures. libsecp256k1 does this check but decred doesn't. // see: https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/signature_nocgo.go#L90-L93 // Serialize() would negate S value if it is over half order. // Hence, if the signature is different after Serialize() if should be rejected. diff --git a/crypto/secp256k1/secp256k1_internal_test.go b/crypto/secp256k1/secp256k1_internal_test.go index ae1f55e4926..c2f77412d6b 100644 --- a/crypto/secp256k1/secp256k1_internal_test.go +++ b/crypto/secp256k1/secp256k1_internal_test.go @@ -7,7 +7,7 @@ import ( "github.com/stretchr/testify/require" - secp256k1 "github.com/btcsuite/btcd/btcec/v2" + "github.com/decred/dcrd/dcrec/secp256k1/v4" ) func Test_genPrivKey(t *testing.T) { diff --git a/crypto/secp256k1/secp256k1_test.go b/crypto/secp256k1/secp256k1_test.go index 195d9dde709..18de0d29682 100644 --- a/crypto/secp256k1/secp256k1_test.go +++ b/crypto/secp256k1/secp256k1_test.go @@ -6,13 +6,12 @@ import ( "testing" "github.com/btcsuite/btcd/btcutil/base58" + underlyingsecp256k1 "github.com/decred/dcrd/dcrec/secp256k1/v4" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/cometbft/cometbft/crypto" "github.com/cometbft/cometbft/crypto/secp256k1" - - underlyingSecp256k1 "github.com/btcsuite/btcd/btcec/v2" ) type keyData struct { @@ -75,7 +74,7 @@ func TestSecp256k1LoadPrivkeyAndSerializeIsIdentity(t *testing.T) { // This function creates a private and public key in the underlying libraries format. // The private key is basically calling new(big.Int).SetBytes(pk), which removes leading zero bytes - priv, _ := underlyingSecp256k1.PrivKeyFromBytes(privKeyBytes[:]) + priv := underlyingsecp256k1.PrivKeyFromBytes(privKeyBytes[:]) // this takes the bytes returned by `(big int).Bytes()`, and if the length is less than 32 bytes, // pads the bytes from the left with zero bytes. Therefore these two functions composed // result in the identity function on privKeyBytes, hence the following equality check @@ -87,7 +86,7 @@ func TestSecp256k1LoadPrivkeyAndSerializeIsIdentity(t *testing.T) { func TestGenPrivKeySecp256k1(t *testing.T) { // curve oder N - N := underlyingSecp256k1.S256().N + N := underlyingsecp256k1.S256().N tests := []struct { name string secret []byte diff --git a/go.mod b/go.mod index 4ac49eaa191..94f0eb78a01 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,9 @@ go 1.22.7 require ( github.com/BurntSushi/toml v1.4.0 github.com/adlio/schema v1.3.6 + github.com/btcsuite/btcd/btcutil v1.1.6 github.com/cenkalti/backoff v2.2.1+incompatible // indirect + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 github.com/fortytw2/leaktest v1.3.0 github.com/go-kit/kit v0.13.0 github.com/go-kit/log v0.2.1 @@ -37,8 +39,6 @@ require github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 require ( github.com/Masterminds/semver/v3 v3.3.0 - github.com/btcsuite/btcd/btcec/v2 v2.3.4 - github.com/btcsuite/btcd/btcutil v1.1.6 github.com/cometbft/cometbft-db v0.14.1 github.com/cosmos/gogoproto v1.7.0 github.com/go-git/go-git/v5 v5.12.0 @@ -70,11 +70,9 @@ require ( github.com/containerd/continuity v0.3.0 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect github.com/dgraph-io/badger/v4 v4.2.0 // indirect github.com/dgraph-io/ristretto v0.1.1 // indirect - github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 // indirect - github.com/docker/cli v23.0.1+incompatible // indirect + github.com/docker/cli v24.0.7+incompatible // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/dustin/go-humanize v1.0.1 // indirect diff --git a/go.sum b/go.sum index 529af948d2f..b98bd6c5b36 100644 --- a/go.sum +++ b/go.sum @@ -33,12 +33,9 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r github.com/btcsuite/btcd v0.20.1-beta/go.mod h1:wVuoA8VJLEcwgqHBwHmzLRazpKxTv13Px/pDuV7OomQ= github.com/btcsuite/btcd v0.22.0-beta.0.20220111032746-97732e52810c/go.mod h1:tjmYdS6MLJ5/s0Fj4DbLgSbDHbEqLJrtnHecBFkdz5M= github.com/btcsuite/btcd v0.23.5-0.20231215221805-96c9fd8078fd/go.mod h1:nm3Bko6zh6bWP60UxwoT5LzdGJsQJaPo6HjduXq9p6A= -github.com/btcsuite/btcd v0.24.2 h1:aLmxPguqxza+4ag8R1I2nnJjSu2iFn/kqtHTIImswcY= github.com/btcsuite/btcd v0.24.2/go.mod h1:5C8ChTkl5ejr3WHj8tkQSCmydiMEPB0ZhQhehpq7Dgg= github.com/btcsuite/btcd/btcec/v2 v2.1.0/go.mod h1:2VzYrv4Gm4apmbVVsSq5bqf1Ec8v56E48Vt0Y/umPgA= github.com/btcsuite/btcd/btcec/v2 v2.1.3/go.mod h1:ctjw4H1kknNJmRN4iP1R7bTQ+v3GJkZBd6mui8ZsAZE= -github.com/btcsuite/btcd/btcec/v2 v2.3.4 h1:3EJjcN70HCu/mwqlUsGK8GcNVyLVxFDlWurTXGPFfiQ= -github.com/btcsuite/btcd/btcec/v2 v2.3.4/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04= github.com/btcsuite/btcd/btcutil v1.0.0/go.mod h1:Uoxwv0pqYWhD//tfTiipkxNfdhG9UrLwaeswfjfdF0A= github.com/btcsuite/btcd/btcutil v1.1.0/go.mod h1:5OapHB7A2hBBWLm48mmw4MOHNJCcUBTwmWH/0Jn8VHE= github.com/btcsuite/btcd/btcutil v1.1.5/go.mod h1:PSZZ4UitpLBWzxGd5VGOrLnmOjtPP/a6HaFo12zMs00= @@ -46,7 +43,6 @@ github.com/btcsuite/btcd/btcutil v1.1.6 h1:zFL2+c3Lb9gEgqKNzowKUPQNb8jV7v5Oaodi/ github.com/btcsuite/btcd/btcutil v1.1.6/go.mod h1:9dFymx8HpuLqBnsPELrImQeTQfKBQqzqGbbV3jK55aE= github.com/btcsuite/btcd/chaincfg/chainhash v1.0.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc= github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc= -github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0 h1:59Kx4K6lzOW5w6nFlA0v5+lk/6sjybR934QNHSJZPTQ= github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc= github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA= github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= @@ -111,11 +107,10 @@ github.com/dgraph-io/badger/v4 v4.2.0 h1:kJrlajbXXL9DFTNuhhu9yCx7JJa4qpYWxtE8Bzu github.com/dgraph-io/badger/v4 v4.2.0/go.mod h1:qfCqhPoWDFJRx1gp5QwwyGo8xk1lbHUxvK9nK0OGAak= github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= +github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2 h1:tdlZCpZ/P9DhczCTSixgIKmwPv6+wP5DGjqLYw5SUiA= github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= -github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WAFKLNi6ZS0675eEUC9y3AlwSbQu1Y= -github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= -github.com/docker/cli v23.0.1+incompatible h1:LRyWITpGzl2C9e9uGxzisptnxAn1zfZKXy13Ul2Q5oM= -github.com/docker/cli v23.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg= +github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0= github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= From 0514a09531a1572a3a478a19c851b91f1999ba55 Mon Sep 17 00:00:00 2001 From: Andy Nogueira Date: Thu, 24 Oct 2024 15:02:04 -0400 Subject: [PATCH 3/7] Release v0.38.13 (#4331) [CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.13/CHANGELOG.md) #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments --- .../4295-copy-value-state-indexer.md | 2 ++ .../dependencies/4059-update-cometbft-db.md | 0 .../dependencies/4321-update-cometbft-db.md | 2 ++ .../features/4294-remove-secp256k1-wrapper.md | 0 .changelog/v0.38.13/summary.md | 7 ++++ CHANGELOG.md | 33 ++++++++++++++++++- version/version.go | 2 +- 7 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 .changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md rename .changelog/{unreleased => v0.38.13}/dependencies/4059-update-cometbft-db.md (100%) create mode 100644 .changelog/v0.38.13/dependencies/4321-update-cometbft-db.md rename .changelog/{unreleased => v0.38.13}/features/4294-remove-secp256k1-wrapper.md (100%) create mode 100644 .changelog/v0.38.13/summary.md diff --git a/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md b/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md new file mode 100644 index 00000000000..769426a002a --- /dev/null +++ b/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md @@ -0,0 +1,2 @@ +- `[state/indexer]` Fix the tx_search results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator. This issue only arises when upgrading to cometbft-db v0.13 or later. + ([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Thanks @faddat for reporting the issue. diff --git a/.changelog/unreleased/dependencies/4059-update-cometbft-db.md b/.changelog/v0.38.13/dependencies/4059-update-cometbft-db.md similarity index 100% rename from .changelog/unreleased/dependencies/4059-update-cometbft-db.md rename to .changelog/v0.38.13/dependencies/4059-update-cometbft-db.md diff --git a/.changelog/v0.38.13/dependencies/4321-update-cometbft-db.md b/.changelog/v0.38.13/dependencies/4321-update-cometbft-db.md new file mode 100644 index 00000000000..7fdd007fb58 --- /dev/null +++ b/.changelog/v0.38.13/dependencies/4321-update-cometbft-db.md @@ -0,0 +1,2 @@ +- Bump cometbft-db version to v0.14.1 + ([\#4321](https://github.com/cometbft/cometbft/pull/4321)) diff --git a/.changelog/unreleased/features/4294-remove-secp256k1-wrapper.md b/.changelog/v0.38.13/features/4294-remove-secp256k1-wrapper.md similarity index 100% rename from .changelog/unreleased/features/4294-remove-secp256k1-wrapper.md rename to .changelog/v0.38.13/features/4294-remove-secp256k1-wrapper.md diff --git a/.changelog/v0.38.13/summary.md b/.changelog/v0.38.13/summary.md new file mode 100644 index 00000000000..8b45341039a --- /dev/null +++ b/.changelog/v0.38.13/summary.md @@ -0,0 +1,7 @@ +*October 24, 2024* + +This patch release addresses the issue where tx_search was not returning all results, which only arises when upgrading +to CometBFT-DB version 0.13 or later. It includes a fix in the state indexer to resolve this problem. We recommend +upgrading to this patch release if you are affected by this issue. + + diff --git a/CHANGELOG.md b/CHANGELOG.md index e620b6586ef..a423bff8d0b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,30 @@ # CHANGELOG +## v0.38.13 + +*October 24, 2024* + +This patch release addresses the issue where the `tx_search` JSON-RPC endpoint was not returning all results. It includes a fix in the state +indexer to resolve this problem. We recommend upgrading to this patch release if you are affected by this issue. + +### BUG FIXES + +- `[state/indexer]` Fix the `tx_search` results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator + ([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Thanks @faddat for reporting the issue. + +### DEPENDENCIES + +- `[go/runtime]` Bump Go version to 1.22 + ([\#4073](https://github.com/cometbft/cometbft/pull/4073)) +- Bump cometbft-db version to v0.12.0 + ([\#4073](https://github.com/cometbft/cometbft/pull/4073)) +- Bump cometbft-db version to v0.14.1 + ([\#4321](https://github.com/cometbft/cometbft/pull/4321)) + +### FEATURES + +- `[crypto]` use decred secp256k1 directly ([#4294](https://github.com/cometbft/cometbft/pull/4294)) + ## v0.38.12 *September 3, 2024* @@ -158,6 +183,10 @@ This release contains a few bug fixes and performance improvements. - `[mempool]` Before updating the mempool, consider it as full if rechecking is still in progress. This will stop accepting transactions in the mempool if the node can't keep up with re-CheckTx. ([\#3314](https://github.com/cometbft/cometbft/pull/3314)) +- `[metrics]` Add `evicted_txs` metric to mempool + ([\#4019](https://github.com/cometbft/cometbft/pull/4019)) +- `[log]` Change "mempool is full" log to debug level + ([\#4123](https://github.com/cometbft/cometbft/pull/4123)) ## v0.38.7 @@ -285,6 +314,8 @@ Please check the list below for further details. ([\#1825](https://github.com/cometbft/cometbft/pull/1825)) - `[blocksync]` wait for `poolRoutine` to stop in `(*Reactor).OnStop` ([\#1879](https://github.com/cometbft/cometbft/pull/1879)) +- `[metrics]` Call unused `rejected_txs` metric in mempool + ([\#4019](https://github.com/cometbft/cometbft/pull/4019)) ### IMPROVEMENTS @@ -359,7 +390,7 @@ gossip. ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) - `[config]` Add mempool parameters `experimental_max_gossip_connections_to_persistent_peers` and `experimental_max_gossip_connections_to_non_persistent_peers` for limiting the number of peers to - which the node gossip transactions. + which the node gossip transactions. ([\#1558](https://github.com/cometbft/cometbft/pull/1558)) ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) diff --git a/version/version.go b/version/version.go index c00b4f8ffe2..458932794f3 100644 --- a/version/version.go +++ b/version/version.go @@ -3,7 +3,7 @@ package version const ( // TMVersionDefault is the used as the fallback version of CometBFT // when not using git describe. It is formatted with semantic versioning. - TMCoreSemVer = "0.38.12" + TMCoreSemVer = "0.38.13" // ABCISemVer is the semantic version of the ABCI protocol ABCISemVer = "2.0.0" ABCIVersion = ABCISemVer From 5544864558da838d2dfb1072929e1ee7715b497e Mon Sep 17 00:00:00 2001 From: Andy Nogueira Date: Thu, 24 Oct 2024 22:51:19 -0400 Subject: [PATCH 4/7] release v0.38.13 (fixed changelog) (#4333) [CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.13/CHANGELOG.md) #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments --- .../1558-experimental-gossip-limiting.md | 2 +- .../4019-mempool-metric-rejected-txs.md | 0 .../4295-copy-value-state-indexer.md | 3 +- .../dependencies/4059-update-cometbft-db.md | 2 -- .../4019-mempool-metric-evicted-txs.md | 0 .../improvements/4123-mempool-is-full-log.md | 2 ++ .../improvements/4123-mempool-is-full-log.md | 2 -- CHANGELOG.md | 28 ++++++++++--------- 8 files changed, 20 insertions(+), 19 deletions(-) rename .changelog/{v0.38.3 => v0.38.13}/bug-fixes/4019-mempool-metric-rejected-txs.md (100%) rename .changelog/{v0.38.8 => v0.38.13}/improvements/4019-mempool-metric-evicted-txs.md (100%) create mode 100644 .changelog/v0.38.13/improvements/4123-mempool-is-full-log.md delete mode 100644 .changelog/v0.38.8/improvements/4123-mempool-is-full-log.md diff --git a/.changelog/v0.38.1/improvements/1558-experimental-gossip-limiting.md b/.changelog/v0.38.1/improvements/1558-experimental-gossip-limiting.md index 6931cef8274..58fc6c6f863 100644 --- a/.changelog/v0.38.1/improvements/1558-experimental-gossip-limiting.md +++ b/.changelog/v0.38.1/improvements/1558-experimental-gossip-limiting.md @@ -4,6 +4,6 @@ ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) - `[config]` Add mempool parameters `experimental_max_gossip_connections_to_persistent_peers` and `experimental_max_gossip_connections_to_non_persistent_peers` for limiting the number of peers to - which the node gossip transactions. + which the node gossip transactions. ([\#1558](https://github.com/cometbft/cometbft/pull/1558)) ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) diff --git a/.changelog/v0.38.3/bug-fixes/4019-mempool-metric-rejected-txs.md b/.changelog/v0.38.13/bug-fixes/4019-mempool-metric-rejected-txs.md similarity index 100% rename from .changelog/v0.38.3/bug-fixes/4019-mempool-metric-rejected-txs.md rename to .changelog/v0.38.13/bug-fixes/4019-mempool-metric-rejected-txs.md diff --git a/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md b/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md index 769426a002a..2ffeb7a04c9 100644 --- a/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md +++ b/.changelog/v0.38.13/bug-fixes/4295-copy-value-state-indexer.md @@ -1,2 +1,3 @@ - `[state/indexer]` Fix the tx_search results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator. This issue only arises when upgrading to cometbft-db v0.13 or later. - ([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Thanks @faddat for reporting the issue. + ([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Special thanks to @faddat for reporting the issue. + diff --git a/.changelog/v0.38.13/dependencies/4059-update-cometbft-db.md b/.changelog/v0.38.13/dependencies/4059-update-cometbft-db.md index 22900e5e765..8c957a22a38 100644 --- a/.changelog/v0.38.13/dependencies/4059-update-cometbft-db.md +++ b/.changelog/v0.38.13/dependencies/4059-update-cometbft-db.md @@ -1,4 +1,2 @@ - `[go/runtime]` Bump Go version to 1.22 ([\#4073](https://github.com/cometbft/cometbft/pull/4073)) -- Bump cometbft-db version to v0.12.0 - ([\#4073](https://github.com/cometbft/cometbft/pull/4073)) diff --git a/.changelog/v0.38.8/improvements/4019-mempool-metric-evicted-txs.md b/.changelog/v0.38.13/improvements/4019-mempool-metric-evicted-txs.md similarity index 100% rename from .changelog/v0.38.8/improvements/4019-mempool-metric-evicted-txs.md rename to .changelog/v0.38.13/improvements/4019-mempool-metric-evicted-txs.md diff --git a/.changelog/v0.38.13/improvements/4123-mempool-is-full-log.md b/.changelog/v0.38.13/improvements/4123-mempool-is-full-log.md new file mode 100644 index 00000000000..a68573d0c14 --- /dev/null +++ b/.changelog/v0.38.13/improvements/4123-mempool-is-full-log.md @@ -0,0 +1,2 @@ +- `[log]` Change "mempool is full" log to debug level + ([\#4123](https://github.com/cometbft/cometbft/pull/4123)) Special thanks to @yihuang. diff --git a/.changelog/v0.38.8/improvements/4123-mempool-is-full-log.md b/.changelog/v0.38.8/improvements/4123-mempool-is-full-log.md deleted file mode 100644 index 68f187e658d..00000000000 --- a/.changelog/v0.38.8/improvements/4123-mempool-is-full-log.md +++ /dev/null @@ -1,2 +0,0 @@ -- `[log]` Change "mempool is full" log to debug level - ([\#4123](https://github.com/cometbft/cometbft/pull/4123)) diff --git a/CHANGELOG.md b/CHANGELOG.md index a423bff8d0b..40196034c61 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,20 +4,21 @@ *October 24, 2024* -This patch release addresses the issue where the `tx_search` JSON-RPC endpoint was not returning all results. It includes a fix in the state -indexer to resolve this problem. We recommend upgrading to this patch release if you are affected by this issue. +This patch release addresses the issue where tx_search was not returning all results, which only arises when upgrading +to CometBFT-DB version 0.13 or later. It includes a fix in the state indexer to resolve this problem. We recommend +upgrading to this patch release if you are affected by this issue. ### BUG FIXES -- `[state/indexer]` Fix the `tx_search` results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator - ([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Thanks @faddat for reporting the issue. +- `[metrics]` Call unused `rejected_txs` metric in mempool + ([\#4019](https://github.com/cometbft/cometbft/pull/4019)) +- `[state/indexer]` Fix the tx_search results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator. This issue only arises when upgrading to cometbft-db v0.13 or later. + ([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Special thanks to @faddat for reporting the issue. ### DEPENDENCIES - `[go/runtime]` Bump Go version to 1.22 ([\#4073](https://github.com/cometbft/cometbft/pull/4073)) -- Bump cometbft-db version to v0.12.0 - ([\#4073](https://github.com/cometbft/cometbft/pull/4073)) - Bump cometbft-db version to v0.14.1 ([\#4321](https://github.com/cometbft/cometbft/pull/4321)) @@ -25,6 +26,13 @@ indexer to resolve this problem. We recommend upgrading to this patch release if - `[crypto]` use decred secp256k1 directly ([#4294](https://github.com/cometbft/cometbft/pull/4294)) +### IMPROVEMENTS + +- `[metrics]` Add `evicted_txs` metric to mempool + ([\#4019](https://github.com/cometbft/cometbft/pull/4019)) +- `[log]` Change "mempool is full" log to debug level + ([\#4123](https://github.com/cometbft/cometbft/pull/4123)) Special thanks to @yihuang. + ## v0.38.12 *September 3, 2024* @@ -183,10 +191,6 @@ This release contains a few bug fixes and performance improvements. - `[mempool]` Before updating the mempool, consider it as full if rechecking is still in progress. This will stop accepting transactions in the mempool if the node can't keep up with re-CheckTx. ([\#3314](https://github.com/cometbft/cometbft/pull/3314)) -- `[metrics]` Add `evicted_txs` metric to mempool - ([\#4019](https://github.com/cometbft/cometbft/pull/4019)) -- `[log]` Change "mempool is full" log to debug level - ([\#4123](https://github.com/cometbft/cometbft/pull/4123)) ## v0.38.7 @@ -314,8 +318,6 @@ Please check the list below for further details. ([\#1825](https://github.com/cometbft/cometbft/pull/1825)) - `[blocksync]` wait for `poolRoutine` to stop in `(*Reactor).OnStop` ([\#1879](https://github.com/cometbft/cometbft/pull/1879)) -- `[metrics]` Call unused `rejected_txs` metric in mempool - ([\#4019](https://github.com/cometbft/cometbft/pull/4019)) ### IMPROVEMENTS @@ -390,7 +392,7 @@ gossip. ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) - `[config]` Add mempool parameters `experimental_max_gossip_connections_to_persistent_peers` and `experimental_max_gossip_connections_to_non_persistent_peers` for limiting the number of peers to - which the node gossip transactions. + which the node gossip transactions. ([\#1558](https://github.com/cometbft/cometbft/pull/1558)) ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) From e5c7d398fee7c924bebcdb89b8a1baf717ff198d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 05:57:41 +0000 Subject: [PATCH 5/7] build(deps): Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 (#4385) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.4 to 1.20.5.
Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.5 / 2024-10-15

  • [BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/client_golang&package-manager=go_modules&previous-version=1.20.4&new-version=1.20.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 94f0eb78a01..70ba59b4c6a 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/minio/highwayhash v1.0.3 github.com/ory/dockertest v3.3.5+incompatible github.com/pkg/errors v0.9.1 - github.com/prometheus/client_golang v1.20.4 + github.com/prometheus/client_golang v1.20.5 github.com/prometheus/client_model v0.6.1 github.com/prometheus/common v0.59.1 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 diff --git a/go.sum b/go.sum index b98bd6c5b36..95e8d85fb53 100644 --- a/go.sum +++ b/go.sum @@ -300,8 +300,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.20.4 h1:Tgh3Yr67PaOv/uTqloMsCEdeuFTatm5zIq5+qNN23vI= -github.com/prometheus/client_golang v1.20.4/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= +github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= From be0ad58dfa2009cfb37e0aa533e8331560749639 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 06:05:22 +0000 Subject: [PATCH 6/7] build(deps): Bump google.golang.org/grpc from 1.67.0 to 1.67.1 (#4383) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.67.0 to 1.67.1.
Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.67.1

Bug Fixes

  • transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (#7667)
  • xds/server: Fix xDS Server memory leak. (#7681)
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.67.0&new-version=1.67.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 70ba59b4c6a..132fd80b852 100644 --- a/go.mod +++ b/go.mod @@ -32,7 +32,7 @@ require ( github.com/stretchr/testify v1.9.0 golang.org/x/crypto v0.27.0 golang.org/x/net v0.29.0 - google.golang.org/grpc v1.67.0 + google.golang.org/grpc v1.67.1 ) require github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 diff --git a/go.sum b/go.sum index 95e8d85fb53..cb1f46d44cc 100644 --- a/go.sum +++ b/go.sum @@ -509,8 +509,8 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.67.0 h1:IdH9y6PF5MPSdAntIcpjQ+tXO41pcQsfZV2RxtQgVcw= -google.golang.org/grpc v1.67.0/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= +google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= +google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= From 5226a8de292bf1a7028a7196e22e452e6b33d3eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 06:14:04 +0000 Subject: [PATCH 7/7] build(deps): Bump golang.org/x/crypto from 0.27.0 to 0.28.0 (#4379) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.27.0 to 0.28.0.
Commits
  • adef4cc go.mod: update golang.org/x dependencies
  • a0819fb sha3: fix cSHAKE initialization for extremely large N and or S
  • 42ee18b ssh: return ServerAuthError after too many auth failures
  • 9e92970 bn256: add missing symbols in comment
  • See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.27.0&new-version=0.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 16 ++++++++-------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/go.mod b/go.mod index 132fd80b852..282e6b6c59f 100644 --- a/go.mod +++ b/go.mod @@ -30,7 +30,7 @@ require ( github.com/spf13/cobra v1.8.1 github.com/spf13/viper v1.19.0 github.com/stretchr/testify v1.9.0 - golang.org/x/crypto v0.27.0 + golang.org/x/crypto v0.28.0 golang.org/x/net v0.29.0 google.golang.org/grpc v1.67.1 ) @@ -129,8 +129,8 @@ require ( go.uber.org/multierr v1.10.0 // indirect golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect golang.org/x/mod v0.17.0 // indirect - golang.org/x/sys v0.25.0 // indirect - golang.org/x/text v0.18.0 // indirect + golang.org/x/sys v0.26.0 // indirect + golang.org/x/text v0.19.0 // indirect golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect gopkg.in/ini.v1 v1.67.0 // indirect diff --git a/go.sum b/go.sum index cb1f46d44cc..96b25a7fdf8 100644 --- a/go.sum +++ b/go.sum @@ -389,8 +389,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= -golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= +golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= +golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= @@ -460,15 +460,15 @@ golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= -golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= -golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= +golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= +golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -477,8 +477,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= -golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= +golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=