Merge upstream v0.38.15 #5

marcello33 · 2024-11-22T13:40:32Z

Merge upstream tag v0.38.15

… (backport cometbft#2016) (cometbft#2145) This is an automatic backport of pull request cometbft#2016 done by [Mergify](https://mergify.com). Cherry-pick of f4d73cd has failed: ``` On branch mergify/bp/v0.38.x/pr-2016 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit f4d73cd. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: blocksync/msgs.go modified: blocksync/reactor.go Unmerged paths: (use "git add <file>..." to mark resolution) added by them: .changelog/v0.38.3/improvements/2016-blocksync-avoid-double-calling-block-from-proto.md ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…cometbft#2180) Bumps [styfle/cancel-workflow-action](https://github.com/styfle/cancel-workflow-action) from 0.12.0 to 0.12.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/styfle/cancel-workflow-action/releases">styfle/cancel-workflow-action's releases</a>.</em></p> <blockquote> <h2>0.12.1</h2> <h3>Patches</h3> <ul> <li>Fix: bump to node20: <a href="https://github.com/styfle/cancel-workflow-action/issues/212">#212</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/styfle/cancel-workflow-action/commit/85880fa0301c86cca9da44039ee3bb12d3bedbfa"><code>85880fa</code></a> 0.12.1</li> <li><a href="https://github.com/styfle/cancel-workflow-action/commit/00326b1bd66ff5f5cc497a20eb0e6a95d9bdc5f7"><code>00326b1</code></a> fix: bump to node20 (<a href="https://github.com/styfle/cancel-workflow-action/issues/212">#212</a>)</li> <li>See full diff in <a href="https://github.com/styfle/cancel-workflow-action/compare/0.12.0...0.12.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=styfle/cancel-workflow-action&package-manager=github_actions&previous-version=0.12.0&new-version=0.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…metbft#2179) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.28.1 to 1.29.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.29.0</h2> <p>Release v1.29.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/88db93f5d74ffa329bb43e42aa95cd822697d214"><code>88db93f</code></a> Release v1.29.0 (<a href="https://github.com/bufbuild/buf-setup-action/issues/181">#181</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.28.1...v1.29.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.28.1&new-version=1.29.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ft#2047) (cometbft#2196) This is an automatic backport of pull request cometbft#2047 done by [Mergify](https://mergify.com). Cherry-pick of a8991d6 has failed: ``` On branch mergify/bp/v0.38.x/pr-2047 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit a8991d6. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: privval/signer_listener_endpoint.go modified: privval/signer_listener_endpoint_test.go Unmerged paths: (use "git add <file>..." to mark resolution) added by them: .changelog/v0.38.3/bug-fixes/2047-privval-retry-accepting-conn.md ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…ocks (backport cometbft#1408) (cometbft#2139) This is an automatic backport of pull request cometbft#1408 done by [Mergify](https://mergify.com). Cherry-pick of 28ad4d2 has failed: ``` On branch mergify/bp/v0.38.x/pr-1408 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 28ad4d2. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: consensus/state.go modified: consensus/state_test.go modified: crypto/merkle/proof.go modified: evidence/pool_test.go modified: state/execution_test.go modified: types/event_bus_test.go modified: types/part_set.go modified: types/part_set_test.go Unmerged paths: (use "git add/rm <file>..." as appropriate to mark resolution) deleted by us: internal/consensus/errors.go both modified: state/store_test.go both modified: store/store_test.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Daniel <daniel.cason@informal.systems> Co-authored-by: Sergio Mena <sergio@informal.systems> Co-authored-by: Andy Nogueira <me@andynogueira.dev>

…ckport cometbft#2253) (cometbft#2255) This is an automatic backport of pull request cometbft#2253 done by [Mergify](https://mergify.com). Cherry-pick of db7a70c has failed: ``` On branch mergify/bp/v0.38.x/pr-2253 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit db7a70c. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: go.sum Unmerged paths: (use "git add <file>..." to mark resolution) both modified: go.mod ``` Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) (cometbft#2270) This is an automatic backport of pull request cometbft#2267 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Sergio Mena <sergio@informal.systems>

…(backport cometbft#1892) (cometbft#2313) This is an automatic backport of pull request cometbft#1892 done by [Mergify](https://mergify.com). Cherry-pick of 460f58c has failed: ``` On branch mergify/bp/v0.38.x/pr-1892 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 460f58c. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Unmerged paths: (use "git add <file>..." to mark resolution) both modified: docs/core/configuration.md no changes added to commit (use "git add" and/or "git commit -a") ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…ometbft#2338) This is an automatic backport of pull request cometbft#2331 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Andy Nogueira <me@andynogueira.dev>

…ft#2342) This is an automatic backport of pull request cometbft#2330 done by [Mergify](https://mergify.com). Cherry-pick of a6cc64d has failed: ``` On branch mergify/bp/v0.38.x/pr-2330 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit a6cc64d. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: docs/introduction/README.md Unmerged paths: (use "git add <file>..." to mark resolution) both modified: docs/core/running-in-production.md both modified: docs/core/subscription.md ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Andy Nogueira <me@andynogueira.dev> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

to unblock development  --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments - [ ] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec

…ometbft#2334) This is an automatic backport of pull request cometbft#2094 done by [Mergify](https://mergify.com). Cherry-pick of 6722f33 has failed: ``` On branch mergify/bp/v0.38.x/pr-2094 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 6722f33. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/improvements/2094-e2e-load-max-txs.md modified: test/e2e/pkg/manifest.go modified: test/e2e/runner/load.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: test/e2e/pkg/testnet.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com> Co-authored-by: hvanz <hernan.vanzetto@gmail.com> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

This is an automatic backport of pull request cometbft#1427 done by [Mergify](https://mergify.com). Cherry-pick of 91445e5 has failed: ``` On branch mergify/bp/v0.38.x/pr-1427 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 91445e5. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: mempool/errors.go modified: mempool/mempool.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: mempool/clist_mempool.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Aiden X <caichao.xu@gmail.com> Co-authored-by: hvanz <hernan.vanzetto@gmail.com> Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com>

…ometbft#2362) (cometbft#2375) This is an automatic backport of pull request cometbft#2362 done by [Mergify](https://mergify.com). Cherry-pick of a45ee35 has failed: ``` On branch mergify/bp/v0.38.x/pr-2362 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit a45ee35. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/features/2362-e2e-block-max-bytes.md modified: test/e2e/runner/setup.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: test/e2e/pkg/manifest.go both modified: test/e2e/pkg/testnet.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com> Co-authored-by: hvanz <hernan.vanzetto@gmail.com>

This is an automatic backport of pull request cometbft#2383 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

… (cometbft#2437) This is an automatic backport of pull request cometbft#2414 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: DragonKid <idragonkid@gmail.com>

…ft#2346) (cometbft#2441) This is an automatic backport of pull request cometbft#2346 done by [Mergify](https://mergify.com). Cherry-pick of e623c44 has failed: ``` On branch mergify/bp/v0.38.x/pr-2346 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit e623c44. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: consensus/state.go modified: types/vote.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: types/vote_test.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…2434) (cometbft#2451) This is an automatic backport of pull request cometbft#2434 done by [Mergify](https://mergify.com). Cherry-pick of 8bf81d4 has failed: ``` On branch mergify/bp/v0.38.x/pr-2434 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit 8bf81d4. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/improvements/2434-jsonrpc-websocket-basic-auth.md Unmerged paths: (use "git add <file>..." to mark resolution) both modified: rpc/jsonrpc/client/ws_client.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Matt Ketmo <matthieu@moquet.net> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…nged` while rollback at a special height (backport cometbft#2136) (cometbft#2457) This is an automatic backport of pull request cometbft#2136 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Ethan <cosinlinker@gmail.com>

…ft#2459) (cometbft#2464) This is an automatic backport of pull request cometbft#2459 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…ometbft#2485) This is an automatic backport of pull request cometbft#2483 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Sergio Mena <sergio@informal.systems>

…etbft#2509) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <ul> <li><code>cache-binary</code> input to enable/disable caching binary to GHA cache backend by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://github.com/docker/setup-buildx-action/pull/300">docker/setup-buildx-action#300</a></li> <li>build(deps): bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a href="https://github.com/docker/setup-buildx-action/pull/282">docker/setup-buildx-action#282</a></li> <li>build(deps): bump <code>@docker/actions-toolkit</code> from 0.12.0 to 0.17.0 in <a href="https://github.com/docker/setup-buildx-action/pull/281">docker/setup-buildx-action#281</a> <a href="https://github.com/docker/setup-buildx-action/pull/284">docker/setup-buildx-action#284</a> <a href="https://github.com/docker/setup-buildx-action/pull/299">docker/setup-buildx-action#299</a></li> <li>build(deps): bump uuid from 9.0.0 to 9.0.1 in <a href="https://github.com/docker/setup-buildx-action/pull/271">docker/setup-buildx-action#271</a></li> <li>build(deps): bump undici from 5.26.3 to 5.28.3 in <a href="https://github.com/docker/setup-buildx-action/pull/297">docker/setup-buildx-action#297</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/0d103c3126aa41d772a8362f6aa67afac040f80c"><code>0d103c3</code></a> Merge pull request <a href="https://github.com/docker/setup-buildx-action/issues/300">#300</a> from crazy-max/cache-binary</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/f19477aacd2ccdd80bdd9fbec62762494a0a767e"><code>f19477a</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a4180f835da34b09329293a0b481b5666f80fe81"><code>a4180f8</code></a> cache-binary input to enable/disable caching binary to GHA cache backend</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/524315340de4f701033248e1ee6a0197904b1134"><code>5243153</code></a> Merge pull request <a href="https://github.com/docker/setup-buildx-action/issues/299">#299</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/3679a540239bdf202e26eeb4431159bcdea9c39c"><code>3679a54</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/37a22a2fb2c4ebcab21ecf45608143b890d732c1"><code>37a22a2</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.17.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/65afe610a110d2c4d102a28949259935a323043c"><code>65afe61</code></a> Merge pull request <a href="https://github.com/docker/setup-buildx-action/issues/297">#297</a> from docker/dependabot/npm_and_yarn/undici-5.28.3</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/fcb8f722fd7e9a83a2f57fc6c9124259661542f3"><code>fcb8f72</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/f62b9a17c0f199a60048d54f30e75f61af13aa85"><code>f62b9a1</code></a> Merge pull request <a href="https://github.com/docker/setup-buildx-action/issues/298">#298</a> from crazy-max/bump-gha</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/74c5b717e5e6f00c85a46548cbc0bfd7016969c6"><code>74c5b71</code></a> bump codecov/codecov-action from 3 to 4</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.0.0&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tensions in `last_commit` (backport cometbft#2423) (cometbft#2525) This is an automatic backport of pull request cometbft#2423 done by [Mergify](https://mergify.com). Cherry-pick of b537697 has failed: ``` On branch mergify/bp/v0.38.x/pr-2423 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit b537697. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: modified: spec/abci/abci++_comet_expected_behavior.md modified: spec/abci/abci++_example_scenarios.md Unmerged paths: (use "git add <file>..." to mark resolution) both modified: spec/abci/abci++_app_requirements.md both modified: spec/abci/abci++_basic_concepts.md both modified: spec/abci/abci++_methods.md ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: lasaro <lasaro@informal.systems>

…metbft#2566) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.29.0 to 1.30.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's releases</a>.</em></p> <blockquote> <h2>v1.30.0</h2> <p>Release v1.30.0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/517ee23296d5caf38df31c21945e6a54bbc8a89f"><code>517ee23</code></a> Release v1.30.0 (<a href="https://github.com/bufbuild/buf-setup-action/issues/195">#195</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/5e2ef857fc2a4d5c87904c626eb42a844b08095c"><code>5e2ef85</code></a> Check action bundles buf correctly (<a href="https://github.com/bufbuild/buf-setup-action/issues/190">#190</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/46a2967ea50b8a012e948cb23d2468b84227e1e5"><code>46a2967</code></a> Correct buf CLI version (<a href="https://github.com/bufbuild/buf-setup-action/issues/189">#189</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/ba063e7e02649462888c30705e28fa002fed840f"><code>ba063e7</code></a> Release v1.29.0-1 (<a href="https://github.com/bufbuild/buf-setup-action/issues/187">#187</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/abf079cff7cba30a0cfffda3b302fccfc061e3b0"><code>abf079c</code></a> Upgrade dependencies and node v20 (<a href="https://github.com/bufbuild/buf-setup-action/issues/185">#185</a>)</li> <li><a href="https://github.com/bufbuild/buf-setup-action/commit/71c62afa859a83fef3e99267971d9b67716ff328"><code>71c62af</code></a> Create add-to-project workflow (<a href="https://github.com/bufbuild/buf-setup-action/issues/184">#184</a>)</li> <li>See full diff in <a href="https://github.com/bufbuild/buf-setup-action/compare/v1.29.0...v1.30.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.29.0&new-version=1.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…bft#2567) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v5.2.0</h2> <ul> <li>Disable quotes detection for <code>outputs</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li> <li>Warn about ignored inputs by <a href="https://github.com/favonia"><code>@favonia</code></a> in <a href="https://github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in <a href="https://github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li> <li>Bump undici from 5.26.3 to 5.28.3 in <a href="https://github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/af5a7ed5ba88268d5278f7203fb52cd833f66d6e"><code>af5a7ed</code></a> Merge pull request <a href="https://github.com/docker/build-push-action/issues/1074">#1074</a> from crazy-max/build-cmd-debug</li> <li><a href="https://github.com/docker/build-push-action/commit/2a85189a6c719593171342d3d43d4034e8c81513"><code>2a85189</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/6c2079483ed8cd675d71b5a395b81fa9a19eddc8"><code>6c20794</code></a> disable quotes detection for "outputs" input</li> <li><a href="https://github.com/docker/build-push-action/commit/afdf0c0a6772ea0bc8c6af61d5dc2df8823c85de"><code>afdf0c0</code></a> chore: debug build cmd and args</li> <li><a href="https://github.com/docker/build-push-action/commit/00ae31ab6ef216583e63647d8865f52da6b99a13"><code>00ae31a</code></a> Merge pull request <a href="https://github.com/docker/build-push-action/issues/1070">#1070</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/701942b6e528fc34d632c5c53bd634912ba058e9"><code>701942b</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/90e54d0b1d5131362b7f9132ab941f7ce5e50080"><code>90e54d0</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0</li> <li><a href="https://github.com/docker/build-push-action/commit/831ca179d3cf91cf0c90ca465a408fa61e2129a2"><code>831ca17</code></a> Merge pull request <a href="https://github.com/docker/build-push-action/issues/1066">#1066</a> from crazy-max/ci-local-cache</li> <li><a href="https://github.com/docker/build-push-action/commit/6bd0e5492f011213e04f0c8e4c420bf0783d2a64"><code>6bd0e54</code></a> ci: local-cache job to test local cache feature</li> <li><a href="https://github.com/docker/build-push-action/commit/b3eddbb94c4146a0988a620b01720afe50639271"><code>b3eddbb</code></a> Merge pull request <a href="https://github.com/docker/build-push-action/issues/1057">#1057</a> from docker/dependabot/npm_and_yarn/undici-5.28.3</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com>

…ks (backport cometbft#2467) (cometbft#2515) Manual backport of cometbft#2467

…closer blocks (backport cometbft#2475) (cometbft#2576) This is an automatic backport of pull request cometbft#2475 done by [Mergify](https://mergify.com). Cherry-pick of f8366fc has failed: ``` On branch mergify/bp/v0.38.x/pr-2475 Your branch is up to date with 'origin/v0.38.x'. You are currently cherry-picking commit f8366fc. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Changes to be committed: new file: .changelog/unreleased/improvements/2475-blocksync-2nd-request.md new file: .changelog/unreleased/improvements/2475-blocksync-no-block-response.md new file: .changelog/unreleased/improvements/2475-blocksync-sort-peers.md modified: blocksync/reactor.go Unmerged paths: (use "git add <file>..." to mark resolution) both modified: blocksync/pool.go ``` To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> --------- Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…) (cometbft#2587) This is an automatic backport of pull request cometbft#2584 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…ft#4328) Use `github.com/decred/dcrd/dcrec/secp256k1/v4` directly rather than `github.com/btcsuite/btcd/btcec/v2` which is just a wrapper around the underlying decred library. Inspired by cosmos/cosmos-sdk#15018 `github.com/btcsuite/btcd/btcec/v2` has a very annoying breaking change when upgrading from `v2.3.3` to `v2.3.4`. The easiest way to workaround this is to just remove the wrapper. Would be very nice if you could backport this to v0.37.x and v0.38.x. References: - btcsuite/btcd#2221 - cometbft#3728 - zeta-chain/node#2934 --- #### PR checklist - [ ] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#4294 done by [Mergify](https://mergify.com). --------- Co-authored-by: Alex Gartner <github@agartner.com> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

[CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.13/CHANGELOG.md) #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments

…1.20.5 (cometbft#4385) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.4 to 1.20.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's releases</a>.</em></p> <blockquote> <h2>v1.20.5 / 2024-10-15</h2> <p>We decided to revert <a href="https://github.com/prometheus/client_golang/pull/1424">the <code>testutil</code> change</a> that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the <a href="https://github.com/grafana/mimir/pull/9624#issuecomment-2413401565">exact error message</a>.</p> <p>Going forward, we plan to reinforce our release testing strategy <a href="https://github.com/prometheus/client_golang/issues/1646">[1]</a>,<a href="https://github.com/prometheus/client_golang/issues/1648">[2]</a> and deliver an enhanced <a href="https://github.com/prometheus/client_golang/issues/1639"><code>testutil</code> package/module</a> with more flexible and safer APIs.</p> <p>Thanks to <a href="https://github.com/dashpole"><code>@dashpole</code></a> <a href="https://github.com/dgrisonnet"><code>@dgrisonnet</code></a> <a href="https://github.com/kakkoyun"><code>@kakkoyun</code></a> <a href="https://github.com/ArthurSens"><code>@ArthurSens</code></a> <a href="https://github.com/vesari"><code>@vesari</code></a> <a href="https://github.com/logicalhan"><code>@logicalhan</code></a> <a href="https://github.com/krajorama"><code>@krajorama</code></a> <a href="https://github.com/bwplotka"><code>@bwplotka</code></a> who helped in this patch release! 🤗</p> <h3>Changelog</h3> <p>[BUGFIX] testutil: Reverted <a href="https://github.com/prometheus/client_golang/issues/1424">#1424</a>; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. <a href="https://github.com/prometheus/client_golang/issues/1645">#1645</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's changelog</a>.</em></p> <blockquote> <h2>1.20.5 / 2024-10-15</h2> <ul> <li>[BUGFIX] testutil: Reverted <a href="https://github.com/prometheus/client_golang/issues/1424">#1424</a>; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prometheus/client_golang/commit/48e12a185519fd76b4e514b597483781d9ba4093"><code>48e12a1</code></a> Merge pull request <a href="https://github.com/prometheus/client_golang/issues/1645">#1645</a> from prometheus/cut-1204-pr1424</li> <li><a href="https://github.com/prometheus/client_golang/commit/504ad9bf5c6419449d2cacf8cf8855bfdcfcfc18"><code>504ad9b</code></a> Cut 1.20.5; update comments.</li> <li><a href="https://github.com/prometheus/client_golang/commit/584a7ce3d935e4fdca7b893f5f741d59f3289140"><code>584a7ce</code></a> Revert "testutil compareMetricFamilies: make less error-prone (<a href="https://github.com/prometheus/client_golang/issues/1424">#1424</a>)"</li> <li>See full diff in <a href="https://github.com/prometheus/client_golang/compare/v1.20.4...v1.20.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/client_golang&package-manager=go_modules&previous-version=1.20.4&new-version=1.20.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…bft#4383) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.67.0 to 1.67.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.67.1</h2> <h1>Bug Fixes</h1> <ul> <li>transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (<a href="https://github.com/grpc/grpc-go/issues/7667">#7667</a>)</li> <li>xds/server: Fix xDS Server memory leak. (<a href="https://github.com/grpc/grpc-go/issues/7681">#7681</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/3f95b38ded016ebf32507fc7cb6baeb2f15aef59"><code>3f95b38</code></a> Update version to 1.67.1 (<a href="https://github.com/grpc/grpc-go/issues/7682">#7682</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/4f6c5f2348afe333a3552aa4c4854eae62e22353"><code>4f6c5f2</code></a> xds/server: Fix xDS Server leak (<a href="https://github.com/grpc/grpc-go/issues/7664">#7664</a>) (<a href="https://github.com/grpc/grpc-go/issues/7681">#7681</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/935f8cb5ac28f604d696d8ca9f5187e75551c185"><code>935f8cb</code></a> transport: Fix reporting of bytes read while reading headers (<a href="https://github.com/grpc/grpc-go/issues/7660">#7660</a>) (<a href="https://github.com/grpc/grpc-go/issues/7667">#7667</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/02bbb657b6e68e7f838f51e71722630d34060fb2"><code>02bbb65</code></a> Change version to 1.67.1-dev (<a href="https://github.com/grpc/grpc-go/issues/7605">#7605</a>)</li> <li>See full diff in <a href="https://github.com/grpc/grpc-go/compare/v1.67.0...v1.67.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.67.0&new-version=1.67.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

…#4379) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.27.0 to 0.28.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/adef4cc1a8c2ca4da1b1f4e6c976b59ca22dbfb8"><code>adef4cc</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/a0819fbb0244af70857f03b6984e1d4f93e6cabf"><code>a0819fb</code></a> sha3: fix cSHAKE initialization for extremely large N and or S</li> <li><a href="https://github.com/golang/crypto/commit/42ee18b963777d907bbef3e59665cf80968d57e6"><code>42ee18b</code></a> ssh: return ServerAuthError after too many auth failures</li> <li><a href="https://github.com/golang/crypto/commit/9e92970a1eb41e446822e037016aa89d24c0ce7a"><code>9e92970</code></a> bn256: add missing symbols in comment</li> <li>See full diff in <a href="https://github.com/golang/crypto/compare/v0.27.0...v0.28.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.27.0&new-version=0.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

…ometbft#4380) Bumps google.golang.org/protobuf from 1.34.2 to 1.35.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/protobuf&package-manager=go_modules&previous-version=1.34.2&new-version=1.35.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

…1 to 4.3.0 (cometbft#4381) Bumps [github.com/decred/dcrd/dcrec/secp256k1/v4](https://github.com/decred/dcrd) from 4.0.1 to 4.3.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/decred/dcrd/commit/08d8572807872f2b9737f8a118b16c320a04b077"><code>08d8572</code></a> secp256k1: Prepare v4.3.0.</li> <li><a href="https://github.com/decred/dcrd/commit/fe9a28cd1e4f341105001496b135a58d09717647"><code>fe9a28c</code></a> secp256k1: No allocs in slow scalar base mult path.</li> <li><a href="https://github.com/decred/dcrd/commit/2104419fc012bb162222a5e0a2c06e4d806cbfae"><code>2104419</code></a> wire: Fix typo in comment.</li> <li><a href="https://github.com/decred/dcrd/commit/b9d8d49c901bb7cbb19ed36d636c3e3d86a1fe43"><code>b9d8d49</code></a> wire: add p2p mixing messages</li> <li><a href="https://github.com/decred/dcrd/commit/25adf60a9f4e12aec13565f6345f769965b0135a"><code>25adf60</code></a> secp256k1: Add scalar base mult variant benchmarks.</li> <li><a href="https://github.com/decred/dcrd/commit/2ee2ebeb678398d3f9333a2cfa937378efe27cfb"><code>2ee2ebe</code></a> secp256k1: Add TinyGo support.</li> <li><a href="https://github.com/decred/dcrd/commit/c6322d513aee03139d91a4e45490dc02d070f278"><code>c6322d5</code></a> docker: Update image to golang:1.22.1-alpine3.19.</li> <li><a href="https://github.com/decred/dcrd/commit/20dedca001392442f83a7d5b218fe54a92c1c565"><code>20dedca</code></a> server: Update required minimum protocol version.</li> <li><a href="https://github.com/decred/dcrd/commit/eb3de8e7299ba919d4ccd67cb1b56a17030f85b7"><code>eb3de8e</code></a> docs: Update README.md to required Go 1.21/1.22.</li> <li><a href="https://github.com/decred/dcrd/commit/fedbaf982b460c7b639d1c577efe51e3f255f8dc"><code>fedbaf9</code></a> build: Test against Go 1.22.</li> <li>Additional commits viewable in <a href="https://github.com/decred/dcrd/compare/dcrjson/v4.0.1...dcrec/secp256k1/v4.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/decred/dcrd/dcrec/secp256k1/v4&package-manager=go_modules&previous-version=4.0.1&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.29.0 to 0.30.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/6cc5ac4e9a03d73b331eb1d6db98a02e558243b7"><code>6cc5ac4</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/f88258d67e0f0f144c79964ca05bb81d51ee8411"><code>f88258d</code></a> websocket: update nhooyr.io/websocket to github.com/coder/websocket</li> <li><a href="https://github.com/golang/net/commit/7191757bc637cf79a7ece0546e33f903bf5e9709"><code>7191757</code></a> http2: add support for net/http HTTP2 config field</li> <li><a href="https://github.com/golang/net/commit/4790dc7047441aed4889873cdd30e1e6adf49735"><code>4790dc7</code></a> http2: add support for server-originated pings</li> <li><a href="https://github.com/golang/net/commit/541dbe58b6bc869fc1c7de361846682a34365325"><code>541dbe5</code></a> http2: add Server.WriteByteTimeout</li> <li><a href="https://github.com/golang/net/commit/3c333c0c5288a7cf127e427ddda5b1b54020a2b4"><code>3c333c0</code></a> route: fix address parsing of messages on Darwin</li> <li>See full diff in <a href="https://github.com/golang/net/compare/v0.29.0...v0.30.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.29.0&new-version=0.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…metbft#4414) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

…to 24 hours (backport cometbft#4377) (cometbft#4425) close: cometbft#3519 Adjust `reconnectBackOffBaseSeconds` to increase reconnect retries to up 1 day (~24 hours). The new value can be validated here: https://go.dev/play/p/k8F5rS-i24p, which will show that the total time is increased to almost 24 hours. Initial reconnecting time: 2m8.493s Total reconnecting time. : 23h55m56.249s The `reconnectBackOffBaseSeconds` is increased by a bit over 10% (from 3.0 to 3.4 seconds) so this would not affect reconnection retries too much. #### PR checklist - [ ] ~~Tests written/updated~~ - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [x] Updated relevant documentation (`docs/` or `spec/`) and code comments <hr>This is an automatic backport of pull request cometbft#4377 done by [Mergify](https://mergify.com). --------- Co-authored-by: Andy Nogueira <me@andynogueira.dev>

[CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.14/CHANGELOG.md#v03814)

…cometbft#4442) This reverts commit 28a308f. --- #### PR checklist - [ ] Tests written/updated - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments

Part of cometbft#4444. Retracts `v0.38.14`. --- #### PR checklist ~- [ ] Tests written/updated~ - [ ] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) ~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments~

Part of cometbft#4444. Release `v0.38.15`.

Release v0.38.15

sonarqubecloud · 2024-11-22T13:46:08Z

Quality Gate failed

Failed conditions
1 Security Hotspot
8.3% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

mergify bot and others added 30 commits January 26, 2024 19:37

feat(blocksync): set the max number of (concurrently) downloaded bloc…

6d606ce

…ks (backport cometbft#2467) (cometbft#2515) Manual backport of cometbft#2467

mergify bot and others added 22 commits October 24, 2024 15:33

build(deps): Bump bufbuild/buf-setup-action from 1.45.0 to 1.46.0 (co…

c71de55

…metbft#4414) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

chore: use the latest cometbft-db in v0.38.x (cometbft#4297)

28a308f

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

Merge commit from fork

3a023da

build: v0.38.14 (cometbft#4437)

ce0949e

[CHANGELOG](https://github.com/cometbft/cometbft/blob/release/v0.38.14/CHANGELOG.md#v03814)

test: fix TestStateDoesntCrashOnInvalidVote (cometbft#4439)

d8980f9

Release v0.38.15 (cometbft#4447)

e8eb5bd

Part of cometbft#4444. Release `v0.38.15`.

Merge tag 'tags/v0.38.15' into mardizzone/upstream-v0.38.15

3663058

Release v0.38.15

add: deps via tidy

b52351d

chg: fix issues in secp256k1

62005f3

marcello33 requested review from avalkov, Raneet10 and pratikspatil024 November 22, 2024 13:47

Raneet10 approved these changes Nov 22, 2024

View reviewed changes

avalkov approved these changes Nov 25, 2024

View reviewed changes

pratikspatil024 approved these changes Nov 25, 2024

View reviewed changes

marcello33 merged commit c53688a into develop Nov 25, 2024
15 of 17 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge upstream v0.38.15 #5

Merge upstream v0.38.15 #5

marcello33 commented Nov 22, 2024

sonarqubecloud bot commented Nov 22, 2024

Merge upstream v0.38.15 #5

Merge upstream v0.38.15 #5

Conversation

marcello33 commented Nov 22, 2024

sonarqubecloud bot commented Nov 22, 2024

Quality Gate failed