build(deps): bump the go_modules group across 2 directories with 9 updates

[dependabot]

Bumps the go_modules group with 4 updates in the / directory: cosmossdk.io/x/tx, github.com/cometbft/cometbft, github.com/CosmWasm/wasmvm/v2 and github.com/docker/docker.
Bumps the go_modules group with 4 updates in the /tests/slinky directory: cosmossdk.io/x/tx, github.com/cometbft/cometbft, github.com/cosmos/cosmos-sdk and github.com/ethereum/go-ethereum.

Updates cosmossdk.io/x/tx from 0.13.4 to 1.1.0

Release notes

Sourced from cosmossdk.io/x/tx's releases.

Cosmovisor v1.1.0

Release Notes

New execution model

With this release we are shifting to a new CLI design:

• in the past, Cosmovisor was designed to act as a wrapper for a Cosmos App. An admin could link it and use it instead of the Cosmos App. When running it will pass all options and configuration parameters to the app. Hence the only way to configure the Cosmovisor was through environment variables.
• now, we are moving to a more traditional model, where Cosmovisor has it's own command set and is a true supervisor.

New commands have been added:

• run will start the Cosmos App and pass remaining arguments to the app (similar to npm run)
• help will display Cosmovisor help
• version will display both Cosmovisor and the associated app version.

The existing way of starting an app with Cosmovisor has been deprecated (cosmovisor [app params]) and will be removed in the future version. Please use cosmovisor run [app pararms] instead.

New Features

We added a new configuration option: DAEMON_BACKUP_DIR (as env variable). When set, Cosmovisor will create backup the app data backup in that directory (instead of using the app home directory) before running the update. See the README file for more details.

Bug Fixes

• Fixed cosmovisor version output when installed using 'go install github.com/cosmos/cosmos-sdk/cosmovisor/cmd/[email protected]'.

Changelog

For more details, please see the CHANGELOG.

Cosmovisor v1.0.0 Release Notes

This is the first major release of Cosmovisor. It changes the way Cosmovisor is searching for an upgrade event from an app. Instead of scanning standard input and standard output logs, the Cosmovisor observes the $DAEMON_HOME/upgrade-info.json file, that is produced by the x/upgrade module. The upgrade-info.json files is created by the x/upgrade module and contains information from the on-chain upgrade Plan record. Using the file based approach solved many outstanding problems: freezing when logs are too long, race condition with the x/upgrade handler, and potential exploit (if a chain would allow to log an arbitrary message, then an attacker could produce a fake upgrade signal and halt a chain or instrument a download of modified, hacked binary when the auto download option is enabled).

Auto downloads

Cosmovisor v1.0 supports auto downloads based on the information in the data/upgrade-info.json. In the Cosmos SDK < v0.44, that file doesn't contain upgrade.Plan.Info, that is needed for doing auto download. Hence Cosmovisor v1.0 auto download won't work with Apps updating from v0.43 and earlier.

NOTE: we don't recommend using auto download functionality. It can lead to potential chain halt when the upgrade Plan contains a bad link or the resource with the binary will be temporarily unavailable. We are planning on adding a upgrade verification command which can potentially solve this issue.

Other updates

• Changed default value of DAEMON_RESTART_AFTER_UPGRADE to true.
• Added version command, which prints both the Cosmovisor and the associated app version.
• Added help command, which prints the Cosmovisor help without passing it to the associated version. This is an exception, because normally, Cosmovisor passes all arguments to the associated app.

For more details, please see the CHANGELOG.

DB v1.0.0-beta.1

github.com/cosmos/cosmos-sdk/db (cosmos-sdk/db here an after) is a module in the Cosmos SDK repository. It is used in store/v2 instead of tendermint/tm-db which is now deprecated. cosmos-sdk/db extends the tendermint/tm-db interface. however, it only supports BaggerDB and RocksDB (the databases we tested, which provide snapshot functionality necessary for store/v2 and ADR-040 implementation).

... (truncated)

Changelog

Sourced from cosmossdk.io/x/tx's changelog.

Changelog

[Unreleased]

Every module contains its own CHANGELOG.md. Please refer to the module you are interested in.

Features

• (baseapp) #20291 Simulate nested messages.
• (client/keys) #21829 Add support for importing hex key using standard input.
• (x/auth/ante) #23128 Allow custom verifyIsOnCurve when validate tx for public key like ethsecp256k1.
• (x/auth/ante) #23283 Allow ed25519 transaction signatures.

... (truncated)

Commits

• be5e3aa feat(log): extend logger options (#15956)
• 851e9e8 docs: update roadmap for q2 (#15952)
• 91278f6 refactor(x/authz)!: Use KVStoreService, context.Context and return errors ins...
• 26faee9 refactor: bcrypt key derivation to aead (#509) (#15817)
• 428e19f refactor(x/distribution)!: Use KVStoreService, context.Context and return err...
• a6ea094 ci: skip fix registration for linting (#15965)
• 00b78fa refactor(x/auth): v2 adaptable tx instead of double decode (#15910)
• 1179285 feat(hubl): cache bech32 prefix (#15954)
• 6a8251a build(deps): bump cometbft to v0.37.1 (#15955)
• 6dfe735 refactor!: use KVStoreService and context.Context in x/bank (#15891)
• Additional commits viewable in compare view

Updates github.com/cometbft/cometbft from 0.38.15 to 0.38.17

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.17

See the CHANGELOG for this release.

v0.38.16

See the CHANGELOG for this release.

Changelog

Sourced from github.com/cometbft/cometbft's changelog.

v0.38.17

February 3, 2025

This release fixes two security issues (ASA-2025-001, ASA-2025-002). Users are encouraged to upgrade as soon as possible.

BUG FIXES

• [blocksync] Ban peer if it reports height lower than what was previously reported (ASA-2025-001)
• [types] Check that Part.Index equals Part.Proof.Index (ASA-2025-001)

DEPENDENCIES

• [go/runtime] Bump minimum Go version to 1.22.11 (#4891)

v0.38.16

December 20 2024

This release:

• fixes a bug that caused a node produce errors caused by the sending of next PEX requests too soon. As a consequence of this incorrect behavior a node would be marked as BAD.
• Adds a proper description of ExtendedVoteInfo and VoteInfo in the spec.

BUG FIXES

• [mocks] Mockery v2.49.0 broke the mocks. We had to add a .mockery.yaml to properly handle this change. (#4521)

Commits

• d03254d chore: v0.38.17 release (#4909)
• d8b51b4 build(deps): Bump google.golang.org/grpc from 1.69.4 to 1.70.0 (#4901)
• 415c0da Merge commit from fork
• 2cebfde Merge commit from fork
• 68f79b1 build(deps): Bump google.golang.org/protobuf from 1.36.3 to 1.36.4 (#4900)
• 4f70ba6 build(deps): bump Go version to 1.22.11 (#4891)
• 930813e build(deps): Bump docker/build-push-action from 6.12.0 to 6.13.0 (#4882)
• c86f898 build(deps): Bump github.com/prometheus/common from 0.61.0 to 0.62.0 (#4865)
• 807bd18 build(deps): Bump github.com/go-git/go-git/v5 from 5.13.0 to 5.13.2 (#4861)
• 7d8440b build(deps): Bump golang.org/x/net from 0.33.0 to 0.34.0 (#4859)
• Additional commits viewable in compare view

Updates github.com/CosmWasm/wasmvm/v2 from 2.1.2 to 2.1.5

Release notes

Sourced from github.com/CosmWasm/wasmvm/v2's releases.

v2.1.5

Fixes CWA-2025-001 and CWA-2025-002.

This patch is consensus breaking.

v2.1.4

• Add SimulateStoreCode
• Fix dangling pointer crash (#571)

v2.1.3

Fixes CWA-2024-007 and CWA-2024-008.

This is a consensus breaking patch.

Commits

• c41e997 [skip ci] Built release libraries
• 0c208b3 Set libwasmvm version to 2.1.5
• 58424a5 Fix tests
• 888a468 Bump cosmwasm
• 8d44a28 Fix
• 46a5569 [skip ci] Built release libraries
• 4077814 Merge pull request #616 from CosmWasm/mergify/bp/release/2.1/pr-612
• b3c1e13 Add test for StoreCodeUnchecked
• 577076b Fix unchecked flag
• a73721f [skip ci] Built release libraries
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.3.1+incompatible to 27.5.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.5.1

27.5.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.5.1 milestone
• moby/moby, 27.5.1 milestone

Bug fixes and enhancements

• Fixed an issue that could persistently prevent daemon startup after failure to initialize the default bridge. moby/moby#49307
• Add a DOCKER_IGNORE_BR_NETFILTER_ERROR environment variable. Setting it to 1 allows running on hosts that cannot load br_netfilter. Some things won't work, including disabling inter-container communication in a bridge network. With the userland proxy disabled, it won't be possible to access one container's published ports from another container on the same network. moby/moby#49306

Packaging updates

• Update Go runtime to 1.22.11 (fix CVE-2024-45341, CVE-2024-45336). moby/moby#49312, docker/docker-ce-packaging#1147, docker/cli#5762
• Update RootlessKit to v2.3.2 to support passt >= 2024_10_30.ee7d0b6. moby/moby#49304
• Update Buildx to v0.20.0. docker/docker-ce-packaging#1149

v27.5.0

27.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.5.0 milestone
• moby/moby, 27.5.0 milestone

Bugfixes and enhancements

• containerd image store: Fix passing a build context via tarball to the /build endpoint. moby/moby#49194
• Builder garbage collection policies without a keepStorage value now inherit the defaultKeepStorage limit as intended. moby/moby#49137
• Preserve network labels during daemon startup. moby/moby#49200
• Fix a potential race condition error when deleting a container. moby/moby#49239

Go SDK

• pkg/sysinfo: deprecate NumCPU. This utility has the same behavior as runtime.NumCPU. moby/moby#49247
• pkg/fileutils: deprecate GetTotalUsedFds: this function is only used internally and will be removed in the next release. moby/moby#49209
• pkg/ioutils: deprecate BytesPipe, NewBytesPipe, ErrClosed, WriteCounter, NewWriteCounter, NewReaderErrWrapper, NopFlusher, NopWriter, NopWriteCloser. They were only used internally and will be removed in the next release. moby/moby#49246, moby/moby#49255
• pkg/reexec: This package is deprecated and moved to a separate module. Use github.com/moby/sys/reexec instead. moby/moby#49135

Packaging updates

• Update containerd to v1.7.25 moby/moby#49253
• Update runc to v1.2.4 moby/moby#49243
• Update BuildKit to v0.18.2 moby/moby#48949
• Update Compose to v2.32.2 docker/docker-ce-packaging#1140

v27.5.0-rc.2

... (truncated)

Commits

• 4c9b3b0 Merge pull request #49317 from thaJeztah/27.x_backport_bump_dev_tools
• 0da7a26 Dockerfile: update compose to v2.32.4
• 4c8ec29 Dockerfile: update buildx to v0.20.0
• fbc854d Dockerfile: update docker CLI to v27.5.0
• 36c72d4 Merge pull request #49322 from thaJeztah/27.x_backport_bake-v6
• e85906c ci(bin-image): fix bake build
• 542e33c ci: update bake-action to v6
• c0df678 Merge pull request #49314 from vvoland/49313-27.x
• 95d1819 gha: Adjust release branches
• 13eca88 Merge pull request #49312 from thaJeztah/27.x_bump_golang_1.22.11
• Additional commits viewable in compare view

Updates github.com/golang/glog from 1.2.2 to 1.2.3

Release notes

Sourced from github.com/golang/glog's releases.

v1.2.3

What's Changed

• glog: check that stderr is valid before using it by default by @​chressie in golang/glog#72
• glog: fix typo by @​chressie in golang/glog#73

Full Changelog: golang/glog@v1.2.2...v1.2.3

Commits

• 04dbec0 glog: fix typo (#73)
• 459cf3b glog: check that stderr is valid before using it by default (#72)
• See full diff in compare view

Updates golang.org/x/crypto from 0.28.0 to 0.32.0

Commits

• 8929309 go.mod: update golang.org/x dependencies
• 4a75ba5 all: make function and struct comments match the names
• b4f1988 ssh: make the public key cache a 1-entry FIFO cache
• 7042ebc openpgp/clearsign: just use rand.Reader in tests
• 3e90321 go.mod: update golang.org/x dependencies
• 8c4e668 x509roots/fallback: update bundle
• 6018723 go.mod: update golang.org/x dependencies
• 71ed71b README: don't recommend go get
• 750a45f sha3: add MarshalBinary, AppendBinary, and UnmarshalBinary
• 36b1725 sha3: avoid trailing permutation
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.30.0 to 0.34.0

Commits

• 8da7ed1 go.mod: update golang.org/x dependencies
• 2124140 all: make function and struct comments match the names
• e9d95ba http2: do not surface errors from a conn's idle timer expiring
• c2be992 quic: remember which remote connection IDs have been retired
• dfc720d go.mod: update golang.org/x dependencies
• 8e66b04 html: use strings.EqualFold instead of lowering ourselves
• b935f7b html: avoid endless loop on error token
• 9af49ef route: remove unused sizeof* consts
• 6705db9 quic: clean up crypto streams when dropping packet protection keys
• 4ef7588 quic: handle ACK frame in packet which drops number space
• Additional commits viewable in compare view

Updates cosmossdk.io/x/tx from 0.13.4 to 1.1.0

Release notes

Sourced from cosmossdk.io/x/tx's releases.

Cosmovisor v1.1.0

Release Notes

New execution model

With this release we are shifting to a new CLI design:

• in the past, Cosmovisor was designed to act as a wrapper for a Cosmos App. An admin could link it and use it instead of the Cosmos App. When running it will pass all options and configuration parameters to the app. Hence the only way to configure the Cosmovisor was through environment variables.
• now, we are moving to a more traditional model, where Cosmovisor has it's own command set and is a true supervisor.

New commands have been added:

• run will start the Cosmos App and pass remaining arguments to the app (similar to npm run)
• help will display Cosmovisor help
• version will display both Cosmovisor and the associated app version.

The existing way of starting an app with Cosmovisor has been deprecated (cosmovisor [app params]) and will be removed in the future version. Please use cosmovisor run [app pararms] instead.

New Features

We added a new configuration option: DAEMON_BACKUP_DIR (as env variable). When set, Cosmovisor will create backup the app data backup in that directory (instead of using the app home directory) before running the update. See the README file for more details.

Bug Fixes

• Fixed cosmovisor version output when installed using 'go install github.com/cosmos/cosmos-sdk/cosmovisor/cmd/[email protected]'.

Changelog

For more details, please see the CHANGELOG.

Cosmovisor v1.0.0 Release Notes

This is the first major release of Cosmovisor. It changes the way Cosmovisor is searching for an upgrade event from an app. Instead of scanning standard input and standard output logs, the Cosmovisor observes the $DAEMON_HOME/upgrade-info.json file, that is produced by the x/upgrade module. The upgrade-info.json files is created by the x/upgrade module and contains information from the on-chain upgrade Plan record. Using the file based approach solved many outstanding problems: freezing when logs are too long, race condition with the x/upgrade handler, and potential exploit (if a chain would allow to log an arbitrary message, then an attacker could produce a fake upgrade signal and halt a chain or instrument a download of modified, hacked binary when the auto download option is enabled).

Auto downloads

Cosmovisor v1.0 supports auto downloads based on the information in the data/upgrade-info.json. In the Cosmos SDK < v0.44, that file doesn't contain upgrade.Plan.Info, that is needed for doing auto download. Hence Cosmovisor v1.0 auto download won't work with Apps updating from v0.43 and earlier.

NOTE: we don't recommend using auto download functionality. It can lead to potential chain halt when the upgrade Plan contains a bad link or the resource with the binary will be temporarily unavailable. We are planning on adding a upgrade verification command which can potentially solve this issue.

Other updates

• Changed default value of DAEMON_RESTART_AFTER_UPGRADE to true.
• Added version command, which prints both the Cosmovisor and the associated app version.
• Added help command, which prints the Cosmovisor help without passing it to the associated version. This is an exception, because normally, Cosmovisor passes all arguments to the associated app.

For more details, please see the CHANGELOG.

DB v1.0.0-beta.1

github.com/cosmos/cosmos-sdk/db (cosmos-sdk/db here an after) is a module in the Cosmos SDK repository. It is used in store/v2 instead of tendermint/tm-db which is now deprecated. cosmos-sdk/db extends the tendermint/tm-db interface. however, it only supports BaggerDB and RocksDB (the databases we tested, which provide snapshot functionality necessary for store/v2 and ADR-040 implementation).

... (truncated)

Changelog

Sourced from cosmossdk.io/x/tx's changelog.

Changelog

[Unreleased]

Every module contains its own CHANGELOG.md. Please refer to the module you are interested in.

Features

• (baseapp) #20291 Simulate nested messages.
• (client/keys) #21829 Add support for importing hex key using standard input.
• (x/auth/ante) #23128 Allow custom verifyIsOnCurve when validate tx for public key like ethsecp256k1.
• (x/auth/ante) #23283 Allow ed25519 transaction signatures.

... (truncated)

Commits

• be5e3aa feat(log): extend logger options (#15956)
• 851e9e8 docs: update roadmap for q2 (#15952)
• 91278f6 refactor(x/authz)!: Use KVStoreService, context.Context and return errors ins...
• 26faee9 refactor: bcrypt key derivation to aead (#509) (#15817)
• 428e19f refactor(x/distribution)!: Use KVStoreService, context.Context and return err...
• a6ea094 ci: skip fix registration for linting (#15965)
• 00b78fa refactor(x/auth): v2 adaptable tx instead of double decode (#15910)
• 1179285 feat(hubl): cache bech32 prefix (#15954)
• 6a8251a build(deps): bump cometbft to v0.37.1 (#15955)
• 6dfe735 refactor!: use KVStoreService and context.Context in x/bank (#15891)
• Additional commits viewable in compare view

Updates github.com/cometbft/cometbft from 0.38.15 to 0.38.17

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.17

See the CHANGELOG for this release.

v0.38.16

See the CHANGELOG for this release.

Changelog

Sourced from github.com/cometbft/cometbft's changelog.

v0.38.17

February 3, 2025

This release fixes two security issues (ASA-2025-001, ASA-2025-002). Users are encouraged to upgrade as soon as possible.

BUG FIXES

• [blocksync] Ban peer if it reports height lower than what was previously reported (ASA-2025-001)
• [types] Check that Part.Index equals Part.Proof.Index (ASA-2025-001)

DEPENDENCIES

• [go/runtime] Bump minimum Go version to 1.22.11 (#4891)

v0.38.16

December 20 2024

This release:

• fixes a bug that caused a node produce errors caused by the sending of next PEX requests too soon. As a consequence of this incorrect behavior a node would be marked as BAD.
• Adds a proper description of ExtendedVoteInfo and VoteInfo in the spec.

BUG FIXES

• [mocks] Mockery v2.49.0 broke the mocks. We had to add a .mockery.yaml to properly handle this change. (#4521)

Commits

• d03254d chore: v0.38.17 release (#4909)
• d8b51b4 build(deps): Bump google.golang.org/grpc from 1.69.4 to 1.70.0 (#4901)
• 415c0da Merge commit from fork
• 2cebfde Merge commit from fork
• 68f79b1 build(deps): Bump google.golang.org/protobuf from 1.36.3 to 1.36.4 (#4900)
• 4f70ba6 build(deps): bump Go version to 1.22.11 (#4891)
• 930813e build(deps): Bump docker/build-push-action from 6.12.0 to 6.13.0 (#4882)
• c86f898 build(deps): Bump github.com/prometheus/common from 0.61.0 to 0.62.0 (#4865)
• 807bd18 build(deps): Bump github.com/go-git/go-git/v5 from 5.13.0 to 5.13.2 (#4861)
• 7d8440b build(deps): Bump golang.org/x/net from 0.33.0 to 0.34.0 (#4859)
• Additional commits viewable in compare view

Updates github.com/golang/glog from 1.2.2 to 1.2.3

Release notes

Sourced from github.com/golang/glog's releases.

v1.2.3

What's Changed

• glog: check that stderr is valid before using it by default by @​chressie in golang/glog#72
• glog: fix typo by @​chressie in golang/glog#73

Full Changelog: golang/glog@v1.2.2...v1.2.3

Commits

• 04dbec0 glog: fix typo (#73)
• 459cf3b glog: check that stderr is valid before using it by default (#72)
• See full diff in compare view

Updates golang.org/x/crypto from 0.28.0 to 0.32.0

Commits

• 8929309 go.mod: update golang.org/x dependencies
• 4a75ba5 all: make function and struct comments match the names
• b4f1988 ssh: make the public key cache a 1-entry FIFO cache
• 7042ebc openpgp/clearsign: just use rand.Reader in tests
• 3e90321 go.mod: update golang.org/x dependencies
• 8c4e668 x509roots/fallback: update bundle
• 6018723 go.mod: update golang.org/x dependencies
• 71ed71b README: don't recommend go get
• 750a45f sha3: add MarshalBinary, AppendBinary, and UnmarshalBinary
• 36b1725 sha3: avoid trailing permutation
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.30.0 to 0.34.0

Commits

• 8da7ed1 go.mod: update golang.org/x dependencies
• 2124140 all: make function and struct comments match the names
• e9d95ba http2: do not surface errors from a conn's idle timer expiring
• c2be992 quic: remember which remote connection IDs have been retired
• dfc720d go.mod: update golang.org/x dependencies
• 8e66b04 html: use strings.EqualFold instead of lowering ourselves
• b935f7b html: avoid endless loop on error token
• 9af49ef route: remove unused sizeof* consts
• 6705db9 quic: clean up crypto streams when dropping packet protection keys
• 4ef7588 quic: handle ACK frame in packet which drops number space
• Additional commits viewable in compare view

Updates github.com/cosmos/cosmos-sdk from 0.50.9 to 0.50.11

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.50.11

Cosmos SDK v0.50.11 Release Notes

💬 Release Discussion

🚀 Highlights

We are back on schedule for our monthly v0.50.x patch releases. The last two months, next to ramping up on v0.52 and v2, we added a few bug fixes and (UX) improvements.

Notable changes:

• Fix ABS-0043/ABS-0044.
• New Linux-only backend that adds Linux kernel's keyctl support
• Skip sims test when running dry on validators

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Maintenance Policy

Cosmos SDK Olympus (v0.52) final release is approaching really soon. That means the Eden line (v0.50.x) will soon only be supported for bug fixes only, as per our release policy. Earlier versions are not maintained.

Note, that the next SDK release, v0.52, does not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

Start integrating with Cosmos SDK Eden (v0.52) and enjoy and the new features and performance improvements.

v0.50.10

Cosmos SDK v0.50.10 Release Notes

💬 Release Discussion

🚀 Highlights

For this month patch release of the v0.50.x line, some bugs were fixed.

Notably, we fixed the following:

• Add the root command module-hash-by-height to query and retrieve module hashes at a specific height
• PreBlock events (mainly x/upgrade) are now emitted (this time, for real)
• A fix in runtime baseapp option ordering, giving issue when other modules were having options

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Refer to the upgrading guide when migrating from v0.47.x to v0.50.1. Note, that the next SDK release, v0.52, will not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.50.11 - 2024-12-16

Features

• (crypto/keyring) #21653 New Linux-only backend that adds Linux kernel's keyctl support.

Improvements

• (server) #21941 Regenerate addrbook.json for in place testnet.

Bug Fixes

• Fix ABS-0043/ABS-0044 Limit recursion depth for unknown field detection and unpack any
• (server) #22564 Fix fallback genesis path in server
• (x/group) #22425 Proper address rendering in error
• (sims) #21906 Skip sims test when running dry on validators
• (cli) #21919 Query address-by-acc-num by account_id instead of id.
• (x/group) #22229 Accept 1 and try in CLI for group proposal exec.

v0.50.10 - 2024-09-20

Features

• (cli) #20779 Added module-hash-by-height command to query and retrieve module hashes at a specified blockchain height, enhancing debugging capabilities.
• (cli) #21372 Added a bulk-add-genesis-account genesis command to add many genesis accounts at once.
• (types/collections) #21724 Added LegacyDec collection value.

Improvements

• (x/bank) #21460 Added Sender attribute in MsgMultiSend event.
• (genutil) #21701 Improved error messages for genesis validation.
• (testutil/integration) #21816 Allow to pass baseapp options in NewIntegrationApp.

Bug Fixes

• (runtime) #21769 Fix baseapp options ordering to avoid overwriting options set by modules.
• (x/consensus) #21493 Fix regression that prevented to upgrade to > v0.50.7 without consensus version params.
• (baseapp) #21256 Halt height will not commit the block indicated, meaning that if halt-height is set to 10, only blocks until 9 (included) will be committed. This is to go back to the original behavior before a change was introduced in v0.50.0.
• (baseapp) #21444 Follow-up, Return PreBlocker events in FinalizeBlockResponse.
• (baseapp) #21413 Fix data race in sdk mempool.

Commits

• eb1a8e8 chore: prep v0.50.11 release notes (#22898)
• ba7ac45 Merge commit from fork
• 679ca5e chore: edit changelog store (partial backport #22864) (#22884)
• 3b082b5 build(deps): Bump cosmossdk.io/x/tx from 0.13.6-0.20241003112805-ff8789a02871...
• d62bcbd fix(x/tx): fix amino json drift from legacy spec (backport #21825) (#22088)
• 4a73a1e fix(client/v2/autocli): add CoinDec flag (backport #22817) (#22821)
• 96a3016 chore: prepare v0.50.11 (#22643)
• 43ac3df build(deps): Bump github.com/cosmos/iavl from 1.2.0 to 1.2.2 (#22662)
• 7bb2a3d build(deps): Bump github.com/cosmos/cosmos-db from 1.0.2 to 1.1.0 (#22638)
• 8210b50 fix(client/v2/autocli): prevent duplicate addition of customCommands (backpor...
• Additional commits viewable in compare view

Updates github.com/ethereum/go-ethereum from 1.14.7 to 1.14.13

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

Schwarzschild (v1.14.13)

This is a security release, fixing a vulnerability (CVE-2025-24883).

Please update your nodes ASAP.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Gei Hinnom (v1.14.12)

This release covers quite a lot of time, and has many changes across the codebase. In particular; changes in tracing and account management, optimizations in database, trie and evm, and, as always bugfixes.

This release removes the personal RPC namespace. It was already previously deprecated, and has not been accessible by default for nearly two years. We also removed the --unlock command-line parameter, with a view towards removing key/account management from the geth binary.

• Key management:
  • Remove --unlock command line flag from geth (#30737)
  • Remove personal RPC namespace (#30704)
• Builds:
  • RISC-V docker images (#30739)
  • ppa-builds for ubuntu 24.10 (#30580)
• Tracing:
  • invoke OnCodeChange-hook on selfdestruct (#30686, #30497)
  • improvements to flatCallTracer (#30539)
  • invoke tx-end hook in runtime helpers (#30711)
  • disableCode and disableStorage options for prestateTracer (#30648)
  • tracing of system calls (#30666)
  • Change to how chainconfig is passed to tracers (breaking change) (#30540)
  • add GetTransientState method to StateDB interface (#30531)
• Signing:
  • improved support for EIP-712 array types (#30620)
  • non-legacy transactions support for ledger wallets (#30180)
• Bugfixes:
  • Set basefee for AccessList based on given block, not chain tip (#30538)
  • Multiple issues in benchmarks (#30667)
  • Fix bug with resolving a payload (#30615)
• Database optimizations
  • Run pebble in non-sync mode (#30573, #29792). This change makes quite a big difference on certain OS:es, particularly MacOSX/Darwin, where it has been noted that fsync is notoriously slow.
  • Use to increasing level sizes (#30602), This change makes pebble use larger files, reducing the number of files from 160K to 10K.
• Assorted:
  • Make jwtsecretflag expand tilde
  • Work on verkle (#30672)
  • Work on EIP-7002 and EIP 7251 (#30571)
  • Implement EIP-7685 and EIP-6110 (flat requests enconding) (#30425)
  • Validation of EOF containers (#30418)

... (truncated)

Commits

• eb00f16 version: release go-ethereum v1.14.13 stable
• 159fb1a crypto: add IsOnCurve check (#31100)
• db93d49 build: retry PPA upload up to three times (#31099)
• 293a300 version: go-ethereum v1.14.12 stable
• f3c19b1 rpc: run tests in parallel (

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Skipped Deployment

Name	Status	Preview	Comments	Updated (UTC)
warden-help-center	⬜️ Ignored (Inspect)	Visit Preview		Feb 10, 2025 3:17pm

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.