Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(spec): merge main into spec/consensus-gossip #2594

Merged
merged 600 commits into from
Mar 12, 2024
Merged

chore(spec): merge main into spec/consensus-gossip #2594

merged 600 commits into from
Mar 12, 2024

Conversation

lasarojc
Copy link
Contributor

thanethomson and others added 30 commits December 1, 2023 03:25
@thanethomson
Prepare main for v1.x backport branch (#1714)
463c24c 
* ci: Add nightly E2E workflow for v1.x branch

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* ci: Enable weekly Dependabot updates for v1.x branch

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* changelog: Remove unreleased entries

Remove unreleased entries because they will land in the `v1.0.0-alpha.1`
release in #1710 and will then be ported to `main` in a subsequent PR.

Signed-off-by: Thane Thomson <connect@thanethomson.com>

---------

Signed-off-by: Thane Thomson <connect@thanethomson.com>
@dependabot
build(deps): Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#1720)
f0178eb 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0.
- [Commits](golang/crypto@v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump golang.org/x/net from 0.18.0 to 0.19.0 (#1719)
4199a82 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.18.0 to 0.19.0.
- [Commits](golang/net@v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@melekes @thanethomson
types: validate Validator#Address field (#1715)
63fe7bf 
* types: validate Validator#Address field

* fix TestProposerSelection3

* add a changelog entry

* fix two more tests

* Update .changelog/unreleased/improvements/1715-validate-validator-address

Co-authored-by: Thane Thomson <connect@thanethomson.com>

---------

Co-authored-by: Thane Thomson <connect@thanethomson.com>
@thanethomson
Enable Mergify backports for v1.x branch (#1724)
82853c0 
Signed-off-by: Thane Thomson <connect@thanethomson.com>
@thanethomson
deps: Bump cometbft-db to v0.9.0 (#1725)
9cccc8c 
* deps: Temporarily bump cometbft-db to use latest commit

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* e2e: Temporarily use cometbft-db-testing:latest image as base image

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* Bump cometbft-db to v0.9.0

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* Add changelog entry

Signed-off-by: Thane Thomson <connect@thanethomson.com>

---------

Signed-off-by: Thane Thomson <connect@thanethomson.com>
@mzabaluev
buf improvements prior to publishing on BSR (#1726)
7c9a732 
* proto: bump gogo-proto dependency in buf.lock

* proto: exclude tendermint directory from buf build

We don't want the legacy tendermint files to be used in code generation,
we don't lint them either.
@mzabaluev
proto: give our buf module a name (#1734)
df820cf
@thanethomson
deps: Bump cometbft-db to v0.9.1 (#1737)
037a4a1 
* deps: Bump cometbft-db version to v0.9.1

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* test/e2e: Bump cometbft-db-testing base image to v0.9.1

Signed-off-by: Thane Thomson <connect@thanethomson.com>

---------

Signed-off-by: Thane Thomson <connect@thanethomson.com>
@thanethomson
chore: Update root docs (#1740)
999692e 
* Import v1.0.0-alpha.1 changelog entries

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* Import root doc changes from v1.x branch

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* Import changelog config from v1.x branch

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* unclog build

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* Fix changelog entry and put it in v1.0.0-alpha.1

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* unclog build

Signed-off-by: Thane Thomson <connect@thanethomson.com>

---------

Signed-off-by: Thane Thomson <connect@thanethomson.com>
@troykessler @melekes @thanethomson
fix: increase abci socket message size limit to 2GB (#1730)
092b918 
* fix: increase abci socket message size to 2GB

* fix: added .changelog

* Update .changelog/unreleased/improvements/1730-increase-abci-socket-message-size-limit

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

* fix: use MaxInt32 as message size for 32-bit systems

* Update .changelog/unreleased/improvements/1730-increase-abci-socket-message-size-limit

---------

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
Co-authored-by: Thane Thomson <connect@thanethomson.com>
@mzabaluev
proto: make comment in README more Markdowny (#1743)
5694bf3 
Use the link label syntax to hide comment text.
@lllleven @lasarojc
fix: Txs Validate (#1687)
eb5d9ce 
* fix: The calculation method of tx size returned by calling proxyapp should be consistent with that of mempool

* Revert CHANGELOG.md

entries should go into .changelog

---------

Co-authored-by: lasaro <lasaro@informal.systems>
Co-authored-by: lasaro <lasaro@gmail.com>
@lasarojc
Add test missing in #1687 (#1712)
ce0215c 
* Experimenting the fix from lx-xiang

* Fixes name in the example

* Reverts fix, so it is merged from the proper branch.

* Adds a test that fails because the validate is wrong and accepts a block that is larger than it should.

* Add changelog for the original PR

* Update internal/state/execution_test.go
@melekes @werty144
perf(state): batch save State (#1735)
76b1cce 
* done stateDB writes batching

* remove forgotten debug print

* remove forgotten comments

* format code

* add a changelog entry

* fix changelog

---------

Co-authored-by: werty144 <anton-paramonov2000@yandex.ru>
@adizere @melekes
Update CODE_OF_CONDUCT.md (#1708)
bde1111 
* Update CODE_OF_CONDUCT.md

Updated the contact email to an `informal.systems` one, and some nits.

* Update CODE_OF_CONDUCT.md

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

---------

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
@lasarojc
[e2e] Fixes prepareProposal not to return oversized set of transactio…
0bf3f0a 
…ns (#1756)

* Fixes prepareProposal not to return oversized set of transactions

* Update test/e2e/app/app.go

* Fix linting error

* add changelog entry

* Avoid marshalling the tx twice

* removing unneeded changelog
@melekes @werty144 @thanethomson
perf(store): Batch save Block (#1755)
30c9cde 
* batching in store

* save only small blocks as 1 batch

* add changelog

* extract const

* Update .changelog/unreleased/improvements/1755-batch-save-block.md

Co-authored-by: Thane Thomson <connect@thanethomson.com>

* simplify code

* no need to panic on closing batch

---------

Co-authored-by: werty144 <anton-paramonov2000@yandex.ru>
Co-authored-by: Thane Thomson <connect@thanethomson.com>
@sukey2008
Fix: Fix minor typos (#1780)
9c801fd
@sergio-mena @jmalicevic
VerifyCommitLight and VerifyCommitLightTrusting _never_ check all…
b70c4ab 
… signatures (#1750)

* [e2e] Repro evidence bug: not checking all signatures

* _Only_ callsites in the light client should be skipping verification of commit signatures

* Address PR comments

* Rename UT

---------

Co-authored-by: Jasmina Malicevic <jasmina.dustinac@gmail.com>
@wieso-itzi
Fix typo in encoding.md (#1801)
d8a1c59 
function "emptyHash" in the example was written "empthHash"
@melekes
chore(docs): small improvements (#1781)
9020ce2 
* docs: remove "Run" section from install

The "Quick Start" guide does a much better job explaining what is
happening, and readers should follow that guide instead.

* docs: move "CometBFT Quality Assurance" down

No reason to have “CometBFT Quality Assurance” as a second item. The
target audience for that document is probably security researchers - not
the primary audience.

* docs: remove cmdKVStore func in favor of link

I can’t see a single reason why users need to see the source code of
that function in order to progress with the abci-cli tool.

Also the link should point to kvstore app, not abci-cli tool!

* docs: swap abci-cli and getting-started items

https://docs.cometbft.com/v0.38/app-dev/getting-started#first-cometbft-app
should go before https://docs.cometbft.com/v0.38/app-dev/abci-cli
because the latter is used to test ABCI applications. And by this point,
the reader doesn’t have an app to test.

* docs: remove "Committing a Block" from validators page

not clear what’s the reason of explaining consensus details in the
validators section. If a validator wants to get familiar with consensus,
shouldn’t it go to consensus spec / page?

* docs: make it clear who curates the validator set

“Validators are expected to be online, and the set of validators is
permissioned/curated by some external process.” This sentence is
confusing to me. The set is curated by the ABCI application.

* docs: replace EndBlock with FinalizeBlock

* docs: add Bash script to compile persistent peers string

Getting an ID from every machine is tedious and can be streamlined with
a script, which, given IPs, collects IDs and outputs the command to run
CometBFT.
@dependabot
build(deps): Bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#…
7a7a3a1 
…1797)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.10.1 to 5.11.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.10.1...v5.11.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump actions/setup-go from 4 to 5 (#1794)
6e094b9 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump actions/stale from 8 to 9 (#1795)
2a5c06d 
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump github.com/spf13/viper from 1.17.0 to 1.18.1 (#1796)
148eebd 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.17.0 to 1.18.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.17.0...v1.18.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@hoangdv2429 @bodhi-crypo @thanethomson
Chore/fix other typos (#1809)
c2af320 
* fix: typos with spell checker

* fix review

* proto

* docs

* others

* revert wrong fixs from prev

* revert this as well

* Update adr-020-block-size.md

Co-authored-by: Thane Thomson <connect@thanethomson.com>

* Update encoder.go

Co-authored-by: Thane Thomson <connect@thanethomson.com>

* Update msgs_test.go

Co-authored-by: Thane Thomson <connect@thanethomson.com>

---------

Co-authored-by: alex <152680487+azukiboy@users.noreply.github.com>
Co-authored-by: Thane Thomson <connect@thanethomson.com>
@melekes
chore(spec): specify which fields must be deterministic (#1804)
7c6951f 
* spec: specify which fields must be deterministic

Closes #1622

* proto: add comment to `events` field

* spec: align spec for CheckTx Response with implementation

* change No to N/A in methods not involved in SMR

* change No to N/A in Info method as well

* same for snapshot
@sergio-mena
Small improvements in #1806 not present in #1750 (#1808)
149ac1e
@sergio-mena
Add changelog for #1749 (#1807)
437391a
lasarojc and others added 23 commits March 5, 2024 15:49
@lasarojc @sergio-mena
spec(abci): fixes the spec to inform about the presence of invalid ex…
b537697 
…tensions in `last_commit` (#2423)

Implements strategy 1a, as described in #2361 

---

#### PR checklist

- [ ] Tests written/updated
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [ ] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec

---------

Co-authored-by: Sergio Mena <sergio@informal.systems>
@cason @sergio-mena
fix(pbts): block Time must be Canonical (#2493)
5c719c6 
Motivated by [this
comment](#2205 (comment)).

---

#### PR checklist

- [x] Tests written/updated
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [x] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec

---------

Co-authored-by: Sergio Mena <sergio@informal.systems>
@sergio-mena
feat(e2e): Add manifest option clock_skew and corresponding backend…
75a8264 
… functionality (#2454)

Contributes to #2453

**Please review the first three commits independently**. Each of them
addresses a separate concern:

* Commit#1: add backend clock skew functionality
* Commit#2: make sure we're using `cmttime` where we should, and nuke
`time.Until` and `time.Since` where needed (this is a repetitive commit)
* Commit#3: add the `e2e` infra and connect it to the backend
functionality
* Commit#4: changelog

Regarding Commit#2, I've tried to limit the changes to the bare minimum:
* p2p is left out
* any usage of time that simply measures time elapsed locally was left
alone
* I didn't touch low level libraries that seem to have come from
elsewhere (low level: not importing any cometbft package)
* I did modify some UTs, mainly for readability (to be consistent with
the prod code they are testing). These changes are not needed, strictly
speaking, as we are not introducing skew in UTs (we're not even
compiling the skew code there).
* I didn't touch any other part that won't be part of the `cometbft`
production binary, e.g., the `e2e` runner, the `e2e` tests, etc.

---

#### PR checklist

- [x] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [x] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@minhngoc274
fix(mempool): converting to uint64 before additions to avoid overflows (
551fc9b 
#2498)

Closes #2445
<!--

Please add a reference to the issue that this PR addresses and indicate
which
files are most critical to review. If it fully addresses a particular
issue,
please include "Closes #XXX" (where "XXX" is the issue number).

If this PR is non-trivial/large/complex, please ensure that you have
either
created an issue that the team's had a chance to respond to, or had some
discussion with the team prior to submitting substantial pull requests.
The team
can be reached via GitHub Discussions or the Cosmos Network Discord
server in
the #cometbft channel. GitHub Discussions is preferred over Discord as
it
allows us to keep track of conversations topically.
https://github.com/cometbft/cometbft/discussions

If the work in this PR is not aligned with the team's current
priorities, please
be advised that it may take some time before it is merged - especially
if it has
not yet been discussed with the team.

See the project board for the team's current priorities:
https://github.com/orgs/cometbft/projects/1

-->

---

#### PR checklist

- [ ] Tests written/updated
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [ ] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@mzabaluev
refactor!: Rename skip_sign_extension to skip_extension_signing (#…
ec21d4d 
…2522)

Follow-up and bikeshedding after #2519:

- Rename the added field to `skip_extension_signing` which reads better.
- Update the `tendermint.privval.SignVoteRequest` definition as per the
current practice.

---

#### PR checklist

- [ ] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [x] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@nenadmilosevic95
docs(ADR): ADR-108 updated to account for the new changes in the gram…
63a7796 
…mar and code. (#2528)

<!--

Please add a reference to the issue that this PR addresses and indicate
which
files are most critical to review. If it fully addresses a particular
issue,
please include "Closes #XXX" (where "XXX" is the issue number).

If this PR is non-trivial/large/complex, please ensure that you have
either
created an issue that the team's had a chance to respond to, or had some
discussion with the team prior to submitting substantial pull requests.
The team
can be reached via GitHub Discussions or the Cosmos Network Discord
server in
the #cometbft channel. GitHub Discussions is preferred over Discord as
it
allows us to keep track of conversations topically.
https://github.com/cometbft/cometbft/discussions

If the work in this PR is not aligned with the team's current
priorities, please
be advised that it may take some time before it is merged - especially
if it has
not yet been discussed with the team.

See the project board for the team's current priorities:
https://github.com/orgs/cometbft/projects/1

-->

---

Closes #353. This PR updates ADR-108 to account for the new grammar with
vote extensions and the latest changes in the code.

#### PR checklist

- [ ] Tests written/updated
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [ ] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec

---------

Co-authored-by: nenadmilosevic95 <nenad@informal.systems>
@sergio-mena
feat(e2e): add generator support for clock skew + env variable rename (
78a0b45 
…#2488)

Contributes to #2453 

Follow-up from #2454.

* Generator will add random clock skew between -.5s and 95.5s to all
non-quorum validators. Nightly tests are passing with this in my local
laptop
* Renamed CLOCK_SKEW to COMETBFT_CLOCK_SKEW out of precaution, as the
former is too general

---

#### PR checklist

- [ ] Tests written/updated
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [ ] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@mzabaluev
spec(proto): add cometbft.privval.v1beta2 proto package (#2529)
99a5794 
The package is added to represent the privval protocol in CometBFT
0.38.x, since the added field in `SignVoteRequest` (in a string of PRs
ending in #2522) and removal of the (unused) `Errors` enum make v1
different.

---

#### PR checklist

- [ ] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [x] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [x] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@sergio-mena
Merge branch 'feature/pbts' into main
3eea263
@keroro520
chore: improving error handling in the PendingEvidence (#2550)
f1a2ed4
@melekes
feat(blocksync)!: set the max number of (concurrently) downloaded blo…
d58acd8 
…cks to {peersCount * 20} (#2467)

where 20 is the new max requests per peer.

Previously, the number of requesters (and consequently the number of
requested blocks) was 600 and did not depend on the number of peers.
There's no point in creating more than that since N of requests per peer
is capped and we know the number of peers.

Closes #2465
Fixes #1283
[api-breaking]

---

#### PR checklist

- [x] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [x] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@dependabot
build(deps): Bump bufbuild/buf-setup-action from 1.29.0 to 1.30.0 (#2557
ed8c305 
)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.29.0 to 1.30.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.30.0</h2>
<p>Release v1.30.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/517ee23296d5caf38df31c21945e6a54bbc8a89f"><code>517ee23</code></a>
Release v1.30.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/195">#195</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/5e2ef857fc2a4d5c87904c626eb42a844b08095c"><code>5e2ef85</code></a>
Check action bundles buf correctly (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/190">#190</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/46a2967ea50b8a012e948cb23d2468b84227e1e5"><code>46a2967</code></a>
Correct buf CLI version (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/189">#189</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/ba063e7e02649462888c30705e28fa002fed840f"><code>ba063e7</code></a>
Release v1.29.0-1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/187">#187</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/abf079cff7cba30a0cfffda3b302fccfc061e3b0"><code>abf079c</code></a>
Upgrade dependencies and node v20 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/185">#185</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/71c62afa859a83fef3e99267971d9b67716ff328"><code>71c62af</code></a>
Create add-to-project workflow (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/184">#184</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.29.0...v1.30.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.29.0&new-version=1.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#…
9c1cc02 
…2560)

Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/protobuf&package-manager=go_modules&previous-version=1.32.0&new-version=1.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump golang.org/x/net from 0.21.0 to 0.22.0 (#2562)
0e1a8c4 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to
0.22.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/7ee34a078aecd23a99f205bded144e5246a27d7c"><code>7ee34a0</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/c289c7ab4f437bb502e685daaae72426126d5595"><code>c289c7a</code></a>
websocket: re-add documentation for DialConfig</li>
<li><a
href="https://github.com/golang/net/commit/9fb4a8c9216d09f29d58e45a79cc2065d1b5bbf5"><code>9fb4a8c</code></a>
http2: send an error of FLOW_CONTROL_ERROR when exceed the maximum
octets</li>
<li><a
href="https://github.com/golang/net/commit/3dfd003ad338913e62ad1e56020aee316f1ffe59"><code>3dfd003</code></a>
websocket: add support for dialing with context</li>
<li><a
href="https://github.com/golang/net/commit/fa1142799318d3fa3632ecfd9f318ffa040e7c4c"><code>fa11427</code></a>
quic: move package out of internal</li>
<li><a
href="https://github.com/golang/net/commit/591be7f10be18b4b24250868fb61a93c2e5af3f4"><code>591be7f</code></a>
quic: fix UDP on big-endian Linux, tests on various architectures</li>
<li><a
href="https://github.com/golang/net/commit/34cc4464c5cb7947126d80f9d75b4c16d229337d"><code>34cc446</code></a>
quic: temporarily disable networking tests failing on various
platforms</li>
<li><a
href="https://github.com/golang/net/commit/4bdc6df28ea746166f486314f8848eb9b25b9073"><code>4bdc6df</code></a>
quic: expand package docs, and document Stream</li>
<li><a
href="https://github.com/golang/net/commit/22cbde9a565f4e40b5060a41d5e5171adcff673e"><code>22cbde9</code></a>
quic: set ServerName in client connection TLSConfig</li>
<li><a
href="https://github.com/golang/net/commit/57e4cc7d885a72ee5111b227ba5790ea5a170656"><code>57e4cc7</code></a>
quic: handle PATH_CHALLENGE and PATH_RESPONSE frames</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/net/compare/v0.21.0...v0.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.21.0&new-version=0.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@andynog
fix(cmd/cometbft/commands/version): update the output for v1 (#2546)
26733d5 
close: #2543 

updated the `cometbft version` command for `v1`, now it shows something
like

```
$ cometbft version 
1.0.0-dev+3eea263eb
```

as opposed to the previous one, something like `0.39.0-dev`
@dependabot
build(deps): Bump docker/build-push-action from 5.1.0 to 5.2.0 (#2558)
2e3ed60 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 5.1.0 to 5.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia"><code>@​favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/af5a7ed5ba88268d5278f7203fb52cd833f66d6e"><code>af5a7ed</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1074">#1074</a>
from crazy-max/build-cmd-debug</li>
<li><a
href="https://github.com/docker/build-push-action/commit/2a85189a6c719593171342d3d43d4034e8c81513"><code>2a85189</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/6c2079483ed8cd675d71b5a395b81fa9a19eddc8"><code>6c20794</code></a>
disable quotes detection for &quot;outputs&quot; input</li>
<li><a
href="https://github.com/docker/build-push-action/commit/afdf0c0a6772ea0bc8c6af61d5dc2df8823c85de"><code>afdf0c0</code></a>
chore: debug build cmd and args</li>
<li><a
href="https://github.com/docker/build-push-action/commit/00ae31ab6ef216583e63647d8865f52da6b99a13"><code>00ae31a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1070">#1070</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/701942b6e528fc34d632c5c53bd634912ba058e9"><code>701942b</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/90e54d0b1d5131362b7f9132ab941f7ce5e50080"><code>90e54d0</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.14.0 to
0.18.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/831ca179d3cf91cf0c90ca465a408fa61e2129a2"><code>831ca17</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1066">#1066</a>
from crazy-max/ci-local-cache</li>
<li><a
href="https://github.com/docker/build-push-action/commit/6bd0e5492f011213e04f0c8e4c420bf0783d2a64"><code>6bd0e54</code></a>
ci: local-cache job to test local cache feature</li>
<li><a
href="https://github.com/docker/build-push-action/commit/b3eddbb94c4146a0988a620b01720afe50639271"><code>b3eddbb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1057">#1057</a>
from docker/dependabot/npm_and_yarn/undici-5.28.3</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump github.com/prometheus/common from 0.49.0 to 0.50.0 (#…
c7e078e 
…2559)

Bumps
[github.com/prometheus/common](https://github.com/prometheus/common)
from 0.49.0 to 0.50.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/common/releases">github.com/prometheus/common's
releases</a>.</em></p>
<blockquote>
<h2>v0.50.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/594">prometheus/common#594</a></li>
<li>Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 in /sigv4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/593">prometheus/common#593</a></li>
<li>Bump github.com/aws/aws-sdk-go from 1.50.27 to 1.50.29 in /sigv4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/prometheus/common/pull/592">prometheus/common#592</a></li>
<li>Bump github.com/aws/aws-sdk-go from 1.50.29 to 1.50.31 in /sigv4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/prometheus/common/pull/595">prometheus/common#595</a></li>
<li>Remove unused 'Host' member from HTTPClientConfig by <a
href="https://github.com/bboreham"><code>@​bboreham</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/597">prometheus/common#597</a></li>
<li>Add OpenMetrics unit support by <a
href="https://github.com/vesari"><code>@​vesari</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/544">prometheus/common#544</a></li>
<li>Remove deprecated version function by <a
href="https://github.com/SuperQ"><code>@​SuperQ</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/591">prometheus/common#591</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/599">prometheus/common#599</a></li>
<li>Bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/600">prometheus/common#600</a></li>
<li>Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/601">prometheus/common#601</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.49.0...v0.50.0">https://github.com/prometheus/common/compare/v0.49.0...v0.50.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/common/commit/944239ffc0e3fc882e0e9411c50c77a30f9c2960"><code>944239f</code></a>
Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (<a
href="https://redirect.github.com/prometheus/common/issues/601">#601</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/5f10b85efe3fb5d04e2c4852144b6f9371dbccad"><code>5f10b85</code></a>
Bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (<a
href="https://redirect.github.com/prometheus/common/issues/600">#600</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/a14ff554b6555698da8f5dc473e740d8b8ea3cde"><code>a14ff55</code></a>
Update common Prometheus files (<a
href="https://redirect.github.com/prometheus/common/issues/599">#599</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/6aadcf4fef4168593e8c054fe0f6d65d35600c21"><code>6aadcf4</code></a>
Remove deprecated version function (<a
href="https://redirect.github.com/prometheus/common/issues/591">#591</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/1e6ac24b9802499ed8c70d986085047f1347f935"><code>1e6ac24</code></a>
Add unit (<a
href="https://redirect.github.com/prometheus/common/issues/544">#544</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/4199f18c3e92b285c6549348f09bcb586de5a735"><code>4199f18</code></a>
Remove unused 'Host' member from HTTPClientConfig (<a
href="https://redirect.github.com/prometheus/common/issues/597">#597</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/fa71e6aff7dec5fef034df84fbdb7273927ad286"><code>fa71e6a</code></a>
Bump github.com/aws/aws-sdk-go from 1.50.29 to 1.50.31 in /sigv4 (<a
href="https://redirect.github.com/prometheus/common/issues/595">#595</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/8a9fd7a77dadf1659bd257072e86b86fca7634c5"><code>8a9fd7a</code></a>
Bump github.com/aws/aws-sdk-go from 1.50.27 to 1.50.29 in /sigv4 (<a
href="https://redirect.github.com/prometheus/common/issues/592">#592</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/83443676f5f9e8762cfcae136c2cc09dca26fd3d"><code>8344367</code></a>
Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 in /sigv4 (<a
href="https://redirect.github.com/prometheus/common/issues/593">#593</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/0117d2f83906123068ba52ca66b95aa48e6dd7a0"><code>0117d2f</code></a>
Update common Prometheus files (<a
href="https://redirect.github.com/prometheus/common/issues/594">#594</a>)</li>
<li>See full diff in <a
href="https://github.com/prometheus/common/compare/v0.49.0...v0.50.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/common&package-manager=go_modules&previous-version=0.49.0&new-version=0.50.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): Bump google.golang.org/grpc from 1.62.0 to 1.62.1 (#2563)
06826da 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from
1.62.0 to 1.62.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's
releases</a>.</em></p>
<blockquote>
<h2>Release 1.62.1</h2>
<h1>Bug Fixes</h1>
<ul>
<li>xds: fix a bug that results in <code>no matching virtual host
found</code> RPC errors due to a difference between the target and LDS
resource names (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6997">#6997</a>)</li>
<li>server: fixed stats handler data <code>InPayload.Length</code> for
unary RPC calls (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6766">#6766</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/hueypark"><code>@​hueypark</code></a></li>
</ul>
</li>
<li>grpc: the experimental <code>RecvBufferPool</code>
<code>DialOption</code> and <code>ServerOption</code> are now active
during unary RPCs with compression (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6766">#6766</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/hueypark"><code>@​hueypark</code></a></li>
</ul>
</li>
<li>grpc: trim whitespaces in <code>accept-encoding</code> header before
determining compressors
<ul>
<li>Special Thanks: <a
href="https://github.com/sercand"><code>@​sercand</code></a></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-go/commit/9952aa83979822b5915c3fcb2bb0f60afe55aa7d"><code>9952aa8</code></a>
Change version to 1.62.1 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7020">#7020</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/d7334c477d1ea670fa8d5fa12f06a2bfe4f41d4f"><code>d7334c4</code></a>
fix enabling compression by trimming whitespaces in accept encoding
header (#...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/d076e14b4849f4262f6f50042a9370ec5ce0116d"><code>d076e14</code></a>
rpc_util: Fix RecvBufferPool deactivation issues (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6766">#6766</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/9d981b0eb01a1ccd61f16593461277e95e83a34b"><code>9d981b0</code></a>
cherry-pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/6997">#6997</a> to
1.62.x release branch (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6979">#6979</a>)
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/7018">#7018</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/7c4b5533d07d5d7d01aa71145c32af27ac6e1a4d"><code>7c4b553</code></a>
Switch version to 1.62.1-dev (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6995">#6995</a>)</li>
<li>See full diff in <a
href="https://github.com/grpc/grpc-go/compare/v1.62.0...v1.62.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.62.0&new-version=1.62.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @hvanz
build(deps): Bump golang.org/x/crypto from 0.20.0 to 0.21.0 (#2561)
613d602 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from
0.20.0 to 0.21.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/crypto/commit/7067223927c4e3f3bb91a5c6e0d2aae83df74e7a"><code>7067223</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/crypto/commit/0d2316b26734542fda0a2df69f586b811740edf4"><code>0d2316b</code></a>
ssh/test: work around for TestCiphers failures on macOS</li>
<li>See full diff in <a
href="https://github.com/golang/crypto/compare/v0.20.0...v0.21.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.20.0&new-version=0.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com>
@melekes
feat(blocksync): sort peers by download rate & multiple requests for …
f8366fc 
…closer blocks (#2475)

It can be reviewed commit by commit.

1. Request the block N from peer B immediately after getting
`NoBlockResponse` from peer A
a718fb4
2. Sort peers by download rate (the fastest peer is picked first)
cf19851
3. Request a block from peer B if we are approaching pool's height (less
than 50 blocks) and the current peer A is slow in sending us the block
e06ebfe
e97007f

Closes #2379 

### Benchmarks

Osmosis:

without this PR (baseline): 11.45m
with this PR: 7.29m
~ 36% decrease

---

#### PR checklist

- [x] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [x] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [x] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@lasarojc
feat(pbts): Adjusts PBTS metrics buckets (#2578)
2f0dc67 
Contributes to #2480
@melekes
fix(blocksync): use timer instead of time.After (#2584)
8dedbc0 
`time.After` gets reset after each iteration of the `for` loop, which is
not what we want. We want the timer to fire after 30 sec if both peers
(first and second) don't respond.
@sergio-mena
fix: temporary fix for api dependency (#2589)
f307c0c 
The current `go.mod` points to CometBFT version `v1.0.0-alpha.1`. After
merging `feature/pbts` onto `main` there are changes in protobufs that
aren't included in that version.

This PR add a temporary fix that will work until:
* we tag a new `alpha` version of CometBFT
* we tag the final `api` version as part of the release process

---

#### PR checklist

- [ ] Tests written/updated
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments
- [ ] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec
@lasarojc lasarojc marked this pull request as ready for review March 12, 2024 12:39
@lasarojc lasarojc requested review from a team as code owners March 12, 2024 12:39
@lasarojc lasarojc merged commit e7dd0ab into spec/consensus-gossip Mar 12, 2024
46 of 47 checks passed
@lasarojc lasarojc deleted the lasarojc/merge_to_consensus_gossip branch March 12, 2024 13:51
lasarojc added a commit that referenced this pull request Mar 12, 2024
@lasarojc
Revert "chore(spec): merge main into spec/consensus-gossip (#2594)"
0f6a7c9 
This reverts commit e7dd0ab.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adizere adizere adizere approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet