chore(deps): bump github.com/tendermint/tendermint from 0.35.6 to 0.35.9 #13

Closed

dependabot[bot] wants to merge 1 commits from dependabot/go_modules/github.com/tendermint/tendermint-0.35.9 into main

pull from: dependabot/go_modules/github.com/tendermint/tendermint-0.35.9

merge into: cerc-io:main

cerc-io:main

cerc-io:zach/prefix

cerc-io:roy/rm-hardcoded-records

cerc-io:roy/graphql-to-ipld

cerc-io:roy/qol-improvements

cerc-io:murali/gql

cerc-io:murali/update-fork

cerc-io:murali/record-attributes

cerc-io:aleem/fix-lint-errors

cerc-io:murali/CIDFromJSONBytes

cerc-io:update-validator-doc-v0.8.0

cerc-io:feature_test_record_types

cerc-io:aleem/25-wasmd

cerc-io:release-v0.8.0

cerc-io:nameservice_tests_github

cerc-io:auction_tests

cerc-io:all_test_stuff

cerc-io:fix_cid_generation

cerc-io:run_tests_github_action

cerc-io:0-7-0-upgrade-guide

cerc-io:murali/sdk-integration-tests

cerc-io:murali/quick-fix

cerc-io:dboreham/sdk-integration-test

cerc-io:console_release

cerc-io:release-v0.3.1-dev

cerc-io:release-v0.6.0

cerc-io:anil/lint

cerc-io:murali/to_ipld_prime

cerc-io:docs

cerc-io:release-v0.2.0-dev

cerc-io:ian/smt

Conversation 1 Commits 1 Files Changed 2 +157 -45

dependabot[bot] commented 2022-08-30 19:56:18 +00:00 (Migrated from github.com)

Copy Link

Bumps github.com/tendermint/tendermint from 0.35.6 to 0.35.9.

Changelog

Sourced from github.com/tendermint/tendermint's changelog.

v0.35.9

July 20, 2022

This release fixes a deadlock that could occur in some cases when using the priority mempool with the ABCI socket client.

BUG FIXES

• [mempool] #9030 rework lock discipline to mitigate callback deadlocks (@​creachadair)

v0.35.8

July 12, 2022

Special thanks to external contributors on this release: @​joeabbey

This release fixes an unbounded heap growth issue in the implementation of the priority mempool, as well as some configuration, logging, and peer dialing improvements in the non-legacy p2p stack. It also adds a new opt-in "simple-priority" value for the p2p.queue-type setting, that should improve gossip performance for non-legacy peer networks.

BREAKING CHANGES

• CLI/RPC/Config

  • [node] #8902 Always start blocksync and avoid misconfiguration (@​tychoish)

FEATURES

• [cli] #8675 Add command to force compact goleveldb databases (@​cmwaters)

IMPROVEMENTS

• [p2p] #8914 #8875 Improvements to peer dialing (backported). (@​tychoish)
• [p2p] #8820 add eviction metrics and cleanup dialing error handling (backport #8819) (@​tychoish)
• [logging] #8896 Do not pre-process log results (backport #8895). (@​tychoish)
• [p2p] #8956 Simpler priority queue (backport #8929). (@​tychoish)

BUG FIXES

• [mempool] #8944 Fix unbounded heap growth in the priority mempool. (@​creachadair)
• [p2p] #8869 Set empty timeouts to configed values. (backport #8847). (@​williambanfield)

v0.35.7

June 16, 2022

... (truncated)

Commits

• 9d1dd56 Prepare changelog for Release v0.35.9. (#9057)
• f6bbd83 migration: scope key migration to stores (#9005) (#9027)
• 3e96a37 spec: merge v0.35 spec into tendermint (#9018)
• 183e249 Prepare changelog for candidate v0.35.9-rc0 (#9040)
• 22ed610 mempool: rework lock discipline to mitigate callback deadlocks (#9030)
• 32761ec build(deps): Bump github.com/golangci/golangci-lint (#9037)
• 5edc9e3 build(deps): Bump pgregory.net/rapid from 0.4.7 to 0.4.8 (#9015)
• 6b18dfc Extract a library from the confix command-line tool. (backport #9012) (#9025)
• 9f25221 config: fix the comments on p2p.queue-type (#9021)
• 819e7f4 build(deps): Bump google.golang.org/grpc from 1.47.0 to 1.48.0 (#8992)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/tendermint/tendermint](https://github.com/tendermint/tendermint) from 0.35.6 to 0.35.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tendermint/tendermint/blob/v0.35.9/CHANGELOG.md">github.com/tendermint/tendermint's changelog</a>.</em></p> <blockquote> <h2>v0.35.9</h2> <p>July 20, 2022</p> <p>This release fixes a deadlock that could occur in some cases when using the priority mempool with the ABCI socket client.</p> <h3>BUG FIXES</h3> <ul> <li>[mempool] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/9030">#9030</a> rework lock discipline to mitigate callback deadlocks (<a href="https://github.com/creachadair"><code>@​creachadair</code></a>)</li> </ul> <h2>v0.35.8</h2> <p>July 12, 2022</p> <p>Special thanks to external contributors on this release: <a href="https://github.com/joeabbey"><code>@​joeabbey</code></a></p> <p>This release fixes an unbounded heap growth issue in the implementation of the priority mempool, as well as some configuration, logging, and peer dialing improvements in the non-legacy p2p stack. It also adds a new opt-in &quot;simple-priority&quot; value for the <code>p2p.queue-type</code> setting, that should improve gossip performance for non-legacy peer networks.</p> <h3>BREAKING CHANGES</h3> <ul> <li> <p>CLI/RPC/Config</p> <ul> <li>[node] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8902">#8902</a> Always start blocksync and avoid misconfiguration (<a href="https://github.com/tychoish"><code>@​tychoish</code></a>)</li> </ul> </li> </ul> <h3>FEATURES</h3> <ul> <li>[cli] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8675">#8675</a> Add command to force compact goleveldb databases (<a href="https://github.com/cmwaters"><code>@​cmwaters</code></a>)</li> </ul> <h3>IMPROVEMENTS</h3> <ul> <li>[p2p] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8914">#8914</a> <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8875">#8875</a> Improvements to peer dialing (backported). (<a href="https://github.com/tychoish"><code>@​tychoish</code></a>)</li> <li>[p2p] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8820">#8820</a> add eviction metrics and cleanup dialing error handling (backport <a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/8819">#8819</a>) (<a href="https://github.com/tychoish"><code>@​tychoish</code></a>)</li> <li>[logging] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8896">#8896</a> Do not pre-process log results (backport <a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/8895">#8895</a>). (<a href="https://github.com/tychoish"><code>@​tychoish</code></a>)</li> <li>[p2p] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8956">#8956</a> Simpler priority queue (backport <a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/8929">#8929</a>). (<a href="https://github.com/tychoish"><code>@​tychoish</code></a>)</li> </ul> <h3>BUG FIXES</h3> <ul> <li>[mempool] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8944">#8944</a> Fix unbounded heap growth in the priority mempool. (<a href="https://github.com/creachadair"><code>@​creachadair</code></a>)</li> <li>[p2p] <a href="https://github-redirect.dependabot.com/tendermint/tendermint/pull/8869">#8869</a> Set empty timeouts to configed values. (backport <a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/8847">#8847</a>). (<a href="https://github.com/williambanfield"><code>@​williambanfield</code></a>)</li> </ul> <h2>v0.35.7</h2> <p>June 16, 2022</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tendermint/tendermint/commit/9d1dd560e6a5423f07fdde2426c1d47ac4a22849"><code>9d1dd56</code></a> Prepare changelog for Release v0.35.9. (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9057">#9057</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/f6bbd8302cb0d6c9f625efd5065a5c42c4a858a1"><code>f6bbd83</code></a> migration: scope key migration to stores (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9005">#9005</a>) (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9027">#9027</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/3e96a376b02b3462beb0d4195a72fce239a98f31"><code>3e96a37</code></a> spec: merge v0.35 spec into tendermint (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9018">#9018</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/183e24970996d17d34a8c6732c7d1b21815f8de3"><code>183e249</code></a> Prepare changelog for candidate v0.35.9-rc0 (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9040">#9040</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/22ed610083cb8275a954406296832149c4cc1dcd"><code>22ed610</code></a> mempool: rework lock discipline to mitigate callback deadlocks (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9030">#9030</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/32761ec729fa1a82849424a7eb66fdf01be3c02a"><code>32761ec</code></a> build(deps): Bump github.com/golangci/golangci-lint (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9037">#9037</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/5edc9e3a152a1e7dc89c72d4d353bca1941df729"><code>5edc9e3</code></a> build(deps): Bump pgregory.net/rapid from 0.4.7 to 0.4.8 (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9015">#9015</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/6b18dfcea145007bd7403d3f466a4a1741956751"><code>6b18dfc</code></a> Extract a library from the confix command-line tool. (backport <a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9012">#9012</a>) (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9025">#9025</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/9f2522148bd32f3bf830e974d01d19a897f27431"><code>9f25221</code></a> config: fix the comments on p2p.queue-type (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/9021">#9021</a>)</li> <li><a href="https://github.com/tendermint/tendermint/commit/819e7f4bdd1b2ed73509b257da54897bce081421"><code>819e7f4</code></a> build(deps): Bump google.golang.org/grpc from 1.47.0 to 1.48.0 (<a href="https://github-redirect.dependabot.com/tendermint/tendermint/issues/8992">#8992</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tendermint/tendermint/compare/v0.35.6...v0.35.9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

dependabot[bot] commented 2022-08-30 20:00:29 +00:00 (Migrated from github.com)

Copy Link

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Pull request closed

This pull request cannot be reopened because the branch was deleted.

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

Something isn't working

  

C:CLI

  

C:Crypto

  

C:Encoding

  

C:Proto

  

C:Types

  

dependencies

Pull requests that update a dependency file

  

docker

Pull requests that update Docker code

  

documentation

Improvements or additions to documentation

  

duplicate

This issue or pull request already exists

  

enhancement

New feature or request

  

go

Pull requests that update Go code

  

good first issue

Good for newcomers

  

help wanted

Extra attention is needed

  

high priority

  

in progress

currently working on

  

invalid

This doesn't seem right

  

javascript

Pull requests that update Javascript code

  

low priority

  

medium priority

  

question

Further information is requested

  

Status: Stale

  

Type: ADR

  

Type: Build

  

Type: CI

  

Type: Docs

  

Type: Tests

  

urgent

Top priority issue

  

wontfix

This will not be worked on

  

Copied from Github

An issue or PR manually copied from GitHub.

  

Kind/Breaking

Breaking change that won't be backward compatible

  

Kind/Bug

Something is not working

  

Kind/Documentation

Documentation changes

  

Kind/Enhancement

Improve existing functionality

  

Kind/Feature

New functionality

  

Kind/Security

This is security issue

  

Kind/Testing

Issue or pull request related to testing

  

Priority

Critical

The priority is critical

  

Priority

High

The priority is high

  

Priority

Low

The priority is low

  

Priority

Medium

The priority is medium

  

Reviewed

Confirmed

Issue has been confirmed

  

Reviewed

Duplicate

This issue or pull request already exists

  

Reviewed

Invalid

Invalid issue

  

Reviewed

Won't Fix

This issue won't be fixed

  

Status

Abandoned

Somebody has started to work on this but abandoned work

  

Status

Blocked

Something is blocking this issue or pull request

  

Status

Need More Info

Feedback is required to reproduce issue or to continue work

No Label

bug

C:CLI

C:Crypto

C:Encoding

C:Proto

C:Types

dependencies

docker

documentation

duplicate

enhancement

go

good first issue

help wanted

high priority

in progress

invalid

javascript

low priority

medium priority

question

Status: Stale

Type: ADR

Type: Build

Type: CI

Type: Docs

Type: Tests

urgent

wontfix

Copied from Github

Kind/Breaking

Kind/Bug

Kind/Documentation

Kind/Enhancement

Kind/Feature

Kind/Security

Kind/Testing

Priority

Critical

Priority

High

Priority

Low

Priority

Medium

Reviewed

Confirmed

Reviewed

Duplicate

Reviewed

Invalid

Reviewed

Won't Fix

Status

Abandoned

Status

Blocked

Status

Need More Info

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cerc-io/laconicd#13

No description provided.