Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump Go to 1.22 (backport #4059) #4073

Merged
merged 6 commits into from
Sep 11, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Sep 11, 2024

Context

We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of its dependencies vulnerable to CVEs.
See its CHANGELOG

This Change

This PR updates cometbft-db to v0.9.5.


PR checklist

- [ ] Tests written/updated

  • Changelog entry added in .changelog (we use unclog to manage our changelog)
    - [ ] Updated relevant documentation (docs/ or spec/) and code comments

This is an automatic backport of pull request #4059 done by [Mergify](https://mergify.com).
This is an automatic backport of pull request #4072 done by [Mergify](https://mergify.com).

### Context
We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of
its dependencies vulnerable to CVEs.
See its
[CHANGELOG](https://github.com/cometbft/cometbft-db/blob/v0.9.x/CHANGELOG.md#v095)

### This Change
This PR updates cometbft-db to v0.9.5.

---

#### PR checklist

~- [ ] Tests written/updated~
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments~
<hr>This is an automatic backport of pull request #4059 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: Alessandro Sforzin <alessandro@informal.systems>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
(cherry picked from commit 3215ee1)

# Conflicts:
#	.github/workflows/e2e-long-37x.yml
#	.github/workflows/e2e-nightly-34x.yml
#	.github/workflows/e2e-nightly-main.yml
#	README.md
#	UPGRADING.md
#	abci/client/mocks/client.go
#	abci/types/mocks/application.go
#	docs/guides/go-built-in.md
#	docs/guides/go.md
#	go.mod
#	go.sum
#	proxy/mocks/app_conn_consensus.go
#	proxy/mocks/app_conn_mempool.go
#	proxy/mocks/app_conn_query.go
#	proxy/mocks/app_conn_snapshot.go
#	scripts/metricsgen/metricsgen.go
#	state/indexer/mocks/block_indexer.go
#	state/mocks/block_store.go
#	state/mocks/store.go
#	state/txindex/mocks/tx_indexer.go
#	test/docker/Dockerfile
#	test/e2e/docker/Dockerfile
@mergify mergify bot requested a review from a team as a code owner September 11, 2024 06:19
@mergify mergify bot added the conflicts label Sep 11, 2024
Copy link
Contributor Author

mergify bot commented Sep 11, 2024

Cherry-pick of 3215ee1 has failed:

On branch mergify/bp/v0.38.x/pr-4072
Your branch is up to date with 'origin/v0.38.x'.

You are currently cherry-picking commit 3215ee16a.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	new file:   .changelog/unreleased/dependencies/4059-update-cometbft-db.md
	modified:   .github/workflows/build.yml
	modified:   .github/workflows/check-generated.yml
	modified:   .github/workflows/e2e-manual-multiversion.yml
	modified:   .github/workflows/e2e-manual.yml
	deleted:    .github/workflows/e2e-nightly-37x.yml
	modified:   .github/workflows/e2e.yml
	modified:   .github/workflows/fuzz-nightly.yml
	modified:   .github/workflows/govulncheck.yml
	modified:   .github/workflows/lint.yml
	modified:   .github/workflows/pre-release.yml
	modified:   .github/workflows/release-version.yml
	modified:   .github/workflows/release.yml
	modified:   .github/workflows/tests.yml
	modified:   DOCKER/Dockerfile
	modified:   crypto/secp256k1/secp256k1.go
	modified:   evidence/mocks/block_store.go
	modified:   light/rpc/mocks/light_client.go
	modified:   mempool/mocks/mempool.go
	modified:   p2p/mocks/peer.go
	modified:   proxy/mocks/client_creator.go
	modified:   state/mocks/evidence_pool.go
	modified:   statesync/mocks/state_provider.go

Unmerged paths:
  (use "git add/rm <file>..." as appropriate to mark resolution)
	deleted by us:   .github/workflows/e2e-long-37x.yml
	deleted by them: .github/workflows/e2e-nightly-34x.yml
	deleted by them: .github/workflows/e2e-nightly-main.yml
	both modified:   README.md
	both modified:   UPGRADING.md
	both modified:   abci/client/mocks/client.go
	both modified:   abci/types/mocks/application.go
	both modified:   docs/guides/go-built-in.md
	both modified:   docs/guides/go.md
	both modified:   go.mod
	both modified:   go.sum
	both modified:   proxy/mocks/app_conn_consensus.go
	both modified:   proxy/mocks/app_conn_mempool.go
	both modified:   proxy/mocks/app_conn_query.go
	both modified:   proxy/mocks/app_conn_snapshot.go
	both modified:   scripts/metricsgen/metricsgen.go
	both modified:   state/indexer/mocks/block_indexer.go
	both modified:   state/mocks/block_store.go
	both modified:   state/mocks/store.go
	both modified:   state/txindex/mocks/tx_indexer.go
	both modified:   test/docker/Dockerfile
	both modified:   test/e2e/docker/Dockerfile

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@mergify mergify bot added the backport-to-v0.38.x-experimental Tell Mergify to backport the PR to v0.38.x-experimental label Sep 11, 2024
@melekes melekes changed the title build(deps): Bump Go to 1.22 (backport #4059) (backport #4072) build(deps): Bump Go to 1.22 (backport #4059) Sep 11, 2024
@mergify mergify bot merged commit d480d00 into v0.38.x Sep 11, 2024
21 checks passed
@mergify mergify bot deleted the mergify/bp/v0.38.x/pr-4072 branch September 11, 2024 06:49
mergify bot added a commit that referenced this pull request Sep 11, 2024
### Context
We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of
its dependencies vulnerable to CVEs.
See its
[CHANGELOG](https://github.com/cometbft/cometbft-db/blob/v0.9.x/CHANGELOG.md#v095)

### This Change
This PR updates cometbft-db to v0.9.5.

---

#### PR checklist

~- [ ] Tests written/updated~
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments~
<hr>This is an automatic backport of pull request #4059 done by
[Mergify](https://mergify.com).<hr>This is an automatic backport of pull
request #4072 done by [Mergify](https://mergify.com).

---------

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
(cherry picked from commit d480d00)
mergify bot added a commit that referenced this pull request Sep 11, 2024
### Context
We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of
its dependencies vulnerable to CVEs.
See its
[CHANGELOG](https://github.com/cometbft/cometbft-db/blob/v0.9.x/CHANGELOG.md#v095)

### This Change
This PR updates cometbft-db to v0.9.5.

---

#### PR checklist

~- [ ] Tests written/updated~
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments~
<hr>This is an automatic backport of pull request #4059 done by
[Mergify](https://mergify.com).<hr>This is an automatic backport of pull
request #4072 done by [Mergify](https://mergify.com).<hr>This is an
automatic backport of pull request #4073 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
sh-cha pushed a commit to initia-labs/cometbft that referenced this pull request Nov 4, 2024
* build(deps): Bump github.com/minio/highwayhash from 1.0.2 to 1.0.3 (#3914)

Bumps
[github.com/minio/highwayhash](https://github.com/minio/highwayhash)
from 1.0.2 to 1.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/minio/highwayhash/releases">github.com/minio/highwayhash's
releases</a>.</em></p>
<blockquote>
<h2>Version v1.0.3</h2>
<p>Added support for ARM SVE instructions, resulting in performance
improvements over existing NEON implementation.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/minio/highwayhash/commit/030a8b332625f1501d534324055b1de810fe9233"><code>030a8b3</code></a>
Disable SVE2 support until tested on real hardware (not just
emulator)</li>
<li><a
href="https://github.com/minio/highwayhash/commit/b2d40df9d11faf657708d4b24a24b7b92c5b23d9"><code>b2d40df</code></a>
Fix build on non-ARM architectures</li>
<li><a
href="https://github.com/minio/highwayhash/commit/ff8131595115a8e3d2af219b1ded0d11658baf2a"><code>ff81315</code></a>
Update function for SVE2</li>
<li><a
href="https://github.com/minio/highwayhash/commit/a48b3f20491775094a4cbb7d93da8ab945c7ecbf"><code>a48b3f2</code></a>
Add separate test case for Update function</li>
<li><a
href="https://github.com/minio/highwayhash/commit/3346a584da73836f01ab720398a8d61999ff35e4"><code>3346a58</code></a>
ARM SVE code for update method</li>
<li><a
href="https://github.com/minio/highwayhash/commit/6a9c19b1156f8704d73a73a2d8ba2ef653988f25"><code>6a9c19b</code></a>
Update ARM performance on Graviton3</li>
<li><a
href="https://github.com/minio/highwayhash/commit/1304c103e59f69c73f8b461d5c65a6bce0b11395"><code>1304c10</code></a>
&gt; Warning: 1 issue was detected with this workflow: git checkout
HEAD^2 is no...</li>
<li><a
href="https://github.com/minio/highwayhash/commit/b6f6ef7b89a1265fd1e2cf0ec1c513ec5027de0f"><code>b6f6ef7</code></a>
Upgrade CI versions</li>
<li><a
href="https://github.com/minio/highwayhash/commit/1a96f281b5c687cf18030f723e303c6093a3c3d0"><code>1a96f28</code></a>
Bump golang.org/x/sys from 0.0.0-20190130150945-aca44879d564 to
0.1.0</li>
<li><a
href="https://github.com/minio/highwayhash/commit/9cb37b8cb4e3ed1cf7e0fda944dce3e64c35bddc"><code>9cb37b8</code></a>
Fix build tags for newer Go.</li>
<li>Additional commits viewable in <a
href="https://github.com/minio/highwayhash/compare/v1.0.2...v1.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/minio/highwayhash&package-manager=go_modules&previous-version=1.0.2&new-version=1.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump github.com/prometheus/common from 0.55.0 to 0.57.0 (#3911)

Bumps
[github.com/prometheus/common](https://github.com/prometheus/common)
from 0.55.0 to 0.57.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/common/releases">github.com/prometheus/common's
releases</a>.</em></p>
<blockquote>
<h2>v0.57.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: new promslog and promslog/flag packages to wrap log/slog by <a
href="https://github.com/tjhop"><code>@​tjhop</code></a> in <a
href="https://github.com/prometheus/common/pull/677">prometheus/common#677</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/tjhop"><code>@​tjhop</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/677">prometheus/common#677</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.56.0...v0.57.0">https://github.com/prometheus/common/compare/v0.56.0...v0.57.0</a></p>
<h2>v0.56.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Don't always fetch a OAuth2 token, if the secret from a file didn't
change by <a
href="https://github.com/multani"><code>@​multani</code></a> in <a
href="https://github.com/prometheus/common/pull/647">prometheus/common#647</a></li>
<li>remove dependency to github.com/prometheus/client_golang by <a
href="https://github.com/ilius"><code>@​ilius</code></a> in <a
href="https://github.com/prometheus/common/pull/662">prometheus/common#662</a></li>
<li>Bump github.com/aws/aws-sdk-go from 1.54.7 to 1.54.11 in /sigv4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://github.com/prometheus/common/pull/661">prometheus/common#661</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/664">prometheus/common#664</a></li>
<li>Revert <a
href="https://github.com/prometheus/common/issues/576">#576</a>
and add deprecation notice by <a
href="https://github.com/SuperQ"><code>@​SuperQ</code></a> in <a
href="https://github.com/prometheus/common/pull/665">prometheus/common#665</a></li>
<li>Bump golang.org/x/net from 0.26.0 to 0.27.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github.com/prometheus/common/pull/667">prometheus/common#667</a></li>
<li>use basic string in IsValidLegacyMetricName by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://github.com/prometheus/common/pull/668">prometheus/common#668</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/672">prometheus/common#672</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/674">prometheus/common#674</a></li>
<li>Bump github.com/aws/aws-sdk-go from 1.54.19 to 1.55.5 in /sigv4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://github.com/prometheus/common/pull/671">prometheus/common#671</a></li>
<li>sigv4: support nil body by <a
href="https://github.com/roidelapluie"><code>@​roidelapluie</code></a>
in <a
href="https://github.com/prometheus/common/pull/673">prometheus/common#673</a></li>
<li>Fix overflows of untyped int constants on 32-bit by <a
href="https://github.com/dswarbrick"><code>@​dswarbrick</code></a> in <a
href="https://github.com/prometheus/common/pull/675">prometheus/common#675</a></li>
<li>Update client_golang by <a
href="https://github.com/SuperQ"><code>@​SuperQ</code></a> in <a
href="https://github.com/prometheus/common/pull/676">prometheus/common#676</a></li>
<li>Update golangci lint by <a
href="https://github.com/roidelapluie"><code>@​roidelapluie</code></a>
in <a
href="https://github.com/prometheus/common/pull/679">prometheus/common#679</a></li>
<li>expfmt: Add UTF-8 syntax support in text_parse.go by <a
href="https://github.com/fedetorres93"><code>@​fedetorres93</code></a>
in <a
href="https://github.com/prometheus/common/pull/670">prometheus/common#670</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/681">prometheus/common#681</a></li>
<li>fix(utf8): provide a method for explicitly checking label names for
legacy validity by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://github.com/prometheus/common/pull/682">prometheus/common#682</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/multani"><code>@​multani</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/647">prometheus/common#647</a></li>
<li><a href="https://github.com/ilius"><code>@​ilius</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/662">prometheus/common#662</a></li>
<li><a
href="https://github.com/dswarbrick"><code>@​dswarbrick</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/675">prometheus/common#675</a></li>
<li><a
href="https://github.com/fedetorres93"><code>@​fedetorres93</code></a>
made their first contribution in <a
href="https://github.com/prometheus/common/pull/670">prometheus/common#670</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.55.0...v0.56.0">https://github.com/prometheus/common/compare/v0.55.0...v0.56.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/common/commit/9bbc9cb5e3685e0dbb85461dde3385509a507550"><code>9bbc9cb</code></a>
Merge pull request <a
href="https://github.com/prometheus/common/issues/677">#677</a>
from tjhop/feat/add-promslog-pkg</li>
<li><a
href="https://github.com/prometheus/common/commit/6ea2584af7f3a2c136ccf2f7844d9d7015680479"><code>6ea2584</code></a>
feat: new promslog and promslog/flag packages to wrap log/slog</li>
<li><a
href="https://github.com/prometheus/common/commit/6623230f2fa6d06f840b03469d6d786172c4a74f"><code>6623230</code></a>
Provide a method for explicitly checking label names for legacy
validity. (<a
href="https://github.com/prometheus/common/issues/682">#682</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/19d07967696b0039bc5b76fc1e72f2be289961e1"><code>19d0796</code></a>
Merge pull request <a
href="https://github.com/prometheus/common/issues/681">#681</a>
from prometheus/repo_sync</li>
<li><a
href="https://github.com/prometheus/common/commit/29a2d2c75f018a6b6da1309e44b8210a7c48406e"><code>29a2d2c</code></a>
Update common Prometheus files</li>
<li><a
href="https://github.com/prometheus/common/commit/8968b6c1d012c44709ce098644b57d681a5eb571"><code>8968b6c</code></a>
expfmt: Add UTF-8 syntax support in text_parse.go (<a
href="https://github.com/prometheus/common/issues/670">#670</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/cd4bcc02f4479542b7b360049c2ce7db52d3163d"><code>cd4bcc0</code></a>
Update golangci lint (<a
href="https://github.com/prometheus/common/issues/679">#679</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/2cac84e1490776cacb3f46f14e7adbaf8dcb4596"><code>2cac84e</code></a>
Update client_golang (<a
href="https://github.com/prometheus/common/issues/676">#676</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/79c0459359c4f5fa2113241540dca24054c1b348"><code>79c0459</code></a>
Merge pull request <a
href="https://github.com/prometheus/common/issues/675">#675</a>
from dswarbrick/fix-32bit-overflows</li>
<li><a
href="https://github.com/prometheus/common/commit/008d7b8628857284ef9162e41a8734f1e479dd80"><code>008d7b8</code></a>
Fix overflows of untyped int constants on 32-bit</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/common/compare/v0.55.0...v0.57.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/common&package-manager=go_modules&previous-version=0.55.0&new-version=0.57.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump bufbuild/buf-setup-action from 1.38.0 to 1.39.0 (#3938)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.38.0 to 1.39.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.39.0</h2>
<p>Release v1.39.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/54abbed4fe8d8d45173eca4798b0c39a53a7b658"><code>54abbed</code></a>
Release v1.39.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/221">#221</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.38.0...v1.39.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.38.0&new-version=1.39.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump slackapi/slack-github-action from 1.26.0 to 1.27.0 (#3939)

Bumps
[slackapi/slack-github-action](https://github.com/slackapi/slack-github-action)
from 1.26.0 to 1.27.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/slackapi/slack-github-action/releases">slackapi/slack-github-action's
releases</a>.</em></p>
<blockquote>
<h2>Slack Send V1.27.0</h2>
<h2>What's changed</h2>
<p>This release introduces an optional <code>payload-delimiter</code>
parameter for flattening nested objects with a customized delimiter
before the payload is sent to Slack Workflow Builder when using workflow
webhook triggers.</p>
<pre lang="diff"><code>  - name: Send a custom flattened payload
    uses: slackapi/slack-github-action@v1.27.0
+   with:
+     payload-delimiter: &quot;_&quot;
    env:
      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
</code></pre>
<p>Setting this value to an underscore (<code>_</code>) is recommended
when using nested inputs within Workflow Builder to match expected input
formats of Workflow Builder, but the actual value can be changed to
something else! This &quot;flattening&quot; behavior
<strong>did</strong> exist prior to this version, but used a period
(<code>.</code>) which is not valid for webook inputs in Workflow
Builder.</p>
<!-- raw HTML omitted -->
<p>The resulting output of flattened objects is not always clear, but
the following can hopefully serve as a quick reference as well as <a
href="https://github.com/slackapi/slack-github-action/blob/5d1fb07d3c4f410b8d278134c714edff31264beb/test/slack-send-test.js#L264-L319">these
specs</a> when using <code>_</code> as the delimiter:</p>
<p><strong>Input</strong>:</p>
<pre lang="json"><code>{
    &quot;apples&quot;: &quot;tree&quot;,
    &quot;bananas&quot;: {
        &quot;truthiness&quot;: true
    }
}
</code></pre>
<p><strong>Output</strong>:</p>
<pre lang="json"><code>{
    &quot;apples&quot;: &quot;tree&quot;,
    &quot;bananas_truthiness&quot;: &quot;true&quot;
}
</code></pre>
<p>Notice that <code>bananas_truthiness</code> is also stringified in
this process, as part of updating values to match the expected inputs of
Workflow Builder!</p>
<!-- raw HTML omitted -->
<h2>Changes</h2>
<p>In addition to the changes above, the following lists all of the
changes since the prior version with the <strong>complete
changelog</strong> changes found here: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0">https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0</a></p>
<h4>🎁 Enhancements</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/37ebaef184d7626c5f204ab8d3baff4262dd30f0"><code>37ebaef</code></a>
Automatic compilation</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/5d1fb07d3c4f410b8d278134c714edff31264beb"><code>5d1fb07</code></a>
chore(release): tag version 1.27.0</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/3bc06716971bb1dc2899ccd0332da69b8b778356"><code>3bc0671</code></a>
chore(deps): bump axios to 1.7.5 (<a
href="https://github.com/slackapi/slack-github-action/issues/332">#332</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/b452451af72f751bd902edfbbc084a8b2e6e5031"><code>b452451</code></a>
feat: make the payload delimiter configurable for workflow webhook
triggers (...</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/c50e848fe18b1da5665e19286e3c9b86ad1b3bf5"><code>c50e848</code></a>
build(deps-dev): bump mocha from 10.5.2 to 10.7.0 (<a
href="https://github.com/slackapi/slack-github-action/issues/328">#328</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/e4a9c4b6853f8b64ba9fee848d3f30198f9427c1"><code>e4a9c4b</code></a>
build(deps): bump <code>@​slack/web-api</code> from 7.2.0 to 7.3.2 (<a
href="https://github.com/slackapi/slack-github-action/issues/327">#327</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/9a7f0fa18816ae797b801ec2c27a04499fc2381b"><code>9a7f0fa</code></a>
build(deps-dev): bump chai from 4.4.1 to 4.5.0 (<a
href="https://github.com/slackapi/slack-github-action/issues/326">#326</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/73b7062b8dccf12c0d62626d19953ea628e418ba"><code>73b7062</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 48.5.0 to 48.10.2 (<a
href="https://github.com/slackapi/slack-github-action/issues/325">#325</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/3d5207b5cf109bd2640ec20613ed7f29ab46e853"><code>3d5207b</code></a>
build(deps): bump https-proxy-agent from 7.0.4 to 7.0.5 (<a
href="https://github.com/slackapi/slack-github-action/issues/320">#320</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/4e15b6a964ca554d1a7b7a56850baa97e8316be2"><code>4e15b6a</code></a>
build(deps): bump <code>@​slack/web-api</code> from 7.0.4 to 7.2.0 (<a
href="https://github.com/slackapi/slack-github-action/issues/323">#323</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=slackapi/slack-github-action&package-manager=github_actions&previous-version=1.26.0&new-version=1.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump bufbuild/buf-setup-action from 1.39.0 to 1.40.1 (#4024)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.39.0 to 1.40.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.40.1</h2>
<p>Release v1.40.1</p>
<h2>v1.40.0</h2>
<p>Release v1.40.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/2dbfb63c8b0cc4f1707ba5dd23017e998a25b2f0"><code>2dbfb63</code></a>
Release v1.40.1 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/223">#223</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/51c53201f0da34af376e0b998c889ebb2813d479"><code>51c5320</code></a>
Release v1.40.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/222">#222</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.39.0...v1.40.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.39.0&new-version=1.40.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: Bump go toolchain to `1.22.7` on `v0.38.x` (#4065)

* feat(mempool/metrics): Add new `evicted_txs` metric and call unused `rejected_txs` (backport #4019) (#4052)

#### PR checklist

- [ ] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [X] Updated relevant documentation (`docs/` or `spec/`) and code
comments
<hr>This is an automatic backport of pull request #4019 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com>
Co-authored-by: hvanz <hernan.vanzetto@gmail.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump Go to 1.22 (backport #4059) (#4073)

### Context
We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of
its dependencies vulnerable to CVEs.
See its
[CHANGELOG](https://github.com/cometbft/cometbft-db/blob/v0.9.x/CHANGELOG.md#v095)

### This Change
This PR updates cometbft-db to v0.9.5.

---

#### PR checklist

~- [ ] Tests written/updated~
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments~
<hr>This is an automatic backport of pull request #4059 done by
[Mergify](https://mergify.com).<hr>This is an automatic backport of pull
request #4072 done by [Mergify](https://mergify.com).

---------

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

* misc(tools)!: remove `tools` package (backport #2046) (#2073)

This is an automatic backport of pull request #2046 done by
[Mergify](https://mergify.com).
Cherry-pick of 2bbb5c1095e38ad81eff9bff024e8f3f0e054d78 has failed:
```
On branch mergify/bp/v0.38.x/pr-2046
Your branch is up to date with 'origin/v0.38.x'.

You are currently cherry-picking commit 2bbb5c109.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   scripts/mockery_generate.sh
	deleted:    tools/proto/Dockerfile
	deleted:    tools/tools.go
	modified:   types/params.go

Unmerged paths:
  (use "git add/rm <file>..." as appropriate to mark resolution)
	both modified:   go.mod
	both modified:   go.sum
	deleted by them: tools/README.md

```


To fix up this pull request, you can check it out locally. See
documentation:
https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

---


<details>
<summary>Mergify commands and options</summary>

<br />

More conditions and actions can be found in the
[documentation](https://docs.mergify.com/).

You can also trigger Mergify actions by commenting on this pull request:

- `@Mergifyio refresh` will re-evaluate the rules
- `@Mergifyio rebase` will rebase this PR on its base branch
- `@Mergifyio update` will merge the base branch into this PR
- `@Mergifyio backport <destination>` will backport this PR on
`<destination>` branch

Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you
can:

- look at your merge queues
- generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com
</details>

---------

Co-authored-by: Jacob Gadikian <jacobgadikian@gmail.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

* build(deps): Bump gonum.org/v1/gonum from 0.12.0 to 0.15.1 (#3910)

Bumps [gonum.org/v1/gonum](https://github.com/gonum/gonum) from 0.12.0
to 0.15.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gonum/gonum/releases">gonum.org/v1/gonum's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.1</h2>
<p>Release v0.15.1 is a bug fix release in the v0.15 branch.</p>
<p>Fixes since v0.15.0:</p>
<p>b6147192 stat/distuv: correct Gamma Mode() and LogProb(0)/Prob(0) for
alpha &lt;= 1
5bc3fec2 mat: fix dst matrix shape check in QR.RTo
354eb431 mat: calculate Q elements lazily when calling QR.At</p>
<h2>v0.15.0</h2>
<p>Release v0.15.0 is a minor release in the v0.15 branch.</p>
<p>Bug fixes/improvements since v0.14.0:</p>
<p>269815f0 spatial/curve: new package to constuct 2-, 3- and 4-D
Hilbert curves
b27ae13f lapack/gonum: add Dptcon
55edfc1d lapack/testlapack: add dlanst
3462e90a lapack/gonum: add Dptsv
44d84c93 lapack/gonum: add Dpttrs
c4e3bfbe lapack/gonum: add Dpttrf
fa306f21 lapack/gonum: handle NaN and Inf input to Dgecon
db43f45c graph/path: do not keep duplicate paths in YenKShortestPaths
5e05b179 lapack/gonum: fix accumulation in Dlassq
606793d4 stat/distmv: add EigenSym interface
ff24a548 stat/distmv: add special case in NormalRandCov for mat.EigenSym
83fd3a6d mat: add RawValues and RawQ to EigenSym
999e48d0 mat: make EigenSym satisfy Matrix
71ca02b7 mat: delegate to SolveTo method in *Dense.Solve
f560d5cb stat/distmv: add NormalRandCov
b2722176 mat: make LQ satisfy Matrix
78bc3a48 mat: add VecDense.Permute
6e2f5c58 lapack/gonum: require exact length of tau in QR routines
bd767ae5 mat: don't panic in Dims on zero Cholesky types
45b74210 mat: make QR satisfy Matrix
aef3c5f3 mat: make LU satisfy Matrix
2d1137f1 mat: add LU.RowPivots and deprecate LU.Pivot
ef75f4dd mat: return U and ColumnPivots from PivotedCholesky
5f74663e mat: add Dense.PermuteRows and PermuteCols
ff3e3209 lapack/lapack64: add Geqp3 and clean up docs
7df15c33 lapack/gonum: clean up Dgghrd and its test
f0a57a45 lapack/gonum: add Dgghrd and its test
7bed099d lapack/gonum: clean up Dlanhs and its test
aa92aa08 spatial/kdtree: update value in place in NKeeper.Keep</p>
<h2>v0.14.0</h2>
<p>Release v0.14.0 is a minor release in the v0.14 branch.</p>
<p>API breaking changes:</p>
<p>9e7bb936 graph/path: allow cost-based Yen shortest path
calculation</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gonum/gonum/commit/bdcda9a453049449163d160b98285b64ec8093a1"><code>bdcda9a</code></a>
graph: use slices package for sorting and reversing slices</li>
<li><a
href="https://github.com/gonum/gonum/commit/a9b228ed6bdcfafd52ce8ba413595310823a0004"><code>a9b228e</code></a>
A+C: add Tristan Nicholls</li>
<li><a
href="https://github.com/gonum/gonum/commit/1f29d7b1d1724243c9f4a156cb1e16c9cbb15de1"><code>1f29d7b</code></a>
mat: calculate Q elements lazily when calling QR.At</li>
<li><a
href="https://github.com/gonum/gonum/commit/f1a62e187e273b2d99f9c2a04fa8931df9c22947"><code>f1a62e1</code></a>
mat: fix dst matrix shape check in QR.RTo</li>
<li><a
href="https://github.com/gonum/gonum/commit/4cb1c6f4a863dd4bde148d9b8736b7d69af4b75b"><code>4cb1c6f</code></a>
ci,mod: update to go1.23</li>
<li><a
href="https://github.com/gonum/gonum/commit/0c62273e338b91cd9578ed93572c693ba55e1eaa"><code>0c62273</code></a>
A+C: add Dirk Müller</li>
<li><a
href="https://github.com/gonum/gonum/commit/0efa2841bf9d1f6ad3b4f5638089c8d6cc72f51e"><code>0efa284</code></a>
A+C: add Tom Payne</li>
<li><a
href="https://github.com/gonum/gonum/commit/f48364e31d40fb9c3b6de7b7d20223edd6d49779"><code>f48364e</code></a>
interp: increase speed of findSegment</li>
<li><a
href="https://github.com/gonum/gonum/commit/1dd194f95b64cda4727b9548bcd2471b4372c7c8"><code>1dd194f</code></a>
stat/distuv: correct Gamma Mode doc comment</li>
<li><a
href="https://github.com/gonum/gonum/commit/35bb474ac513c77971be8e1e9ab2bd1eaca07c79"><code>35bb474</code></a>
stat/distuv: correct Gamma Mode() and LogProb(0)/Prob(0) for alpha &lt;=
1</li>
<li>Additional commits viewable in <a
href="https://github.com/gonum/gonum/compare/v0.12.0...v0.15.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gonum.org/v1/gonum&package-manager=go_modules&previous-version=0.12.0&new-version=0.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump bufbuild/buf-setup-action from 1.40.1 to 1.41.0 (#4096)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.40.1 to 1.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.41.0</h2>
<p>Release v1.41.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/2881ede27923557cb71f4ddc8954905c2639d1fb"><code>2881ede</code></a>
Release v1.41.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/224">#224</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.40.1...v1.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.40.1&new-version=1.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(mempool): change "mempool is full" log level to debug (backport #4123) (#4145)

it happens in benchmark or production when traffic is high, the log
frequency is very high because it's triggered by p2p tx propagation
message.

Solution:
- change it to debug level
<hr>This is an automatic backport of pull request #4123 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: yihuang <yi.codeplayer@gmail.com>
Co-authored-by: Andy Nogueira <me@andynogueira.dev>

* build(deps): Bump bufbuild/buf-setup-action from 1.41.0 to 1.42.0 (#4160)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.41.0 to 1.42.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.42.0</h2>
<p>Release v1.42.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/a8b4a18369a5feb07d4bf9cb2b24f81d105d7bab"><code>a8b4a18</code></a>
Release v1.42.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/225">#225</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.41.0...v1.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.41.0&new-version=1.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump docker/build-push-action from 6.7.0 to 6.8.0 (#4194)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.7.0 to 6.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.8.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.37.1 to 0.38.0 in
<a
href="https://github.com/docker/build-push-action/pull/1230">docker/build-push-action#1230</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/32945a339266b759abcbdc89316275140b0fc960"><code>32945a3</code></a>
Merge pull request <a
href="https://github.com/docker/build-push-action/issues/1230">#1230</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e0fe9cf0f26132beab7b62929bd647eef9e7df31"><code>e0fe9cf</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/8f1ff6bf9a836299c21b10f942be49efb52a832c"><code>8f1ff6b</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.37.1 to
0.38.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.7.0&new-version=6.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (#4207)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git)
from 5.11.0 to 5.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's
releases</a>.</em></p>
<blockquote>
<h2>v5.12.0</h2>
<h2>What's Changed</h2>
<ul>
<li>git: Worktree.AddWithOptions: add skipStatus option when providing a
specific path by <a
href="https://github.com/moranCohen26"><code>@​moranCohen26</code></a>
in <a
href="https://github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li>
<li>git: Signer: fix usage of crypto.Signer interface by <a
href="https://github.com/wlynch"><code>@​wlynch</code></a> in <a
href="https://github.com/go-git/go-git/pull/1029">go-git/go-git#1029</a></li>
<li>git: Remote, fetch, adds the prune option. by <a
href="https://github.com/juliens"><code>@​juliens</code></a> in <a
href="https://github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li>
<li>git: Add crypto.Signer option to CommitOptions. by <a
href="https://github.com/wlynch"><code>@​wlynch</code></a> in <a
href="https://github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li>
<li>git: Worktree checkout tag hash id (<a
href="https://github.com/go-git/go-git/issues/959">#959</a>) by
<a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://github.com/go-git/go-git/pull/966">go-git/go-git#966</a></li>
<li>git: Worktree, Don't panic on empty or root path when checking if it
is valid by <a
href="https://github.com/tim775"><code>@​tim775</code></a> in <a
href="https://github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li>
<li>git: Add commit validation for Reset by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://github.com/go-git/go-git/pull/1048">go-git/go-git#1048</a></li>
<li>git: worktree_commit, Fix amend commit to apply changes. Fixes <a
href="https://github.com/go-git/go-git/issues/1024">#1024</a>
by <a href="https://github.com/onee-only"><code>@​onee-only</code></a>
in <a
href="https://github.com/go-git/go-git/pull/1045">go-git/go-git#1045</a></li>
<li>git: Implement Merge function with initial
<code>FastForwardMerge</code> support by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://github.com/go-git/go-git/pull/1044">go-git/go-git#1044</a></li>
<li>plumbing: object, Make first commit visible on logs filtered with
filename. Fixes <a
href="https://github.com/go-git/go-git/issues/191">#191</a> by
<a href="https://github.com/onee-only"><code>@​onee-only</code></a> in
<a
href="https://github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li>
<li>plumbing: no panic in printStats function. Fixes <a
href="https://github.com/go-git/go-git/issues/177">#177</a> by
<a href="https://github.com/nodivbyzero"><code>@​nodivbyzero</code></a>
in <a
href="https://github.com/go-git/go-git/pull/971">go-git/go-git#971</a></li>
<li>plumbing: object, Optimize logging with file. by <a
href="https://github.com/onee-only"><code>@​onee-only</code></a> in <a
href="https://github.com/go-git/go-git/pull/1046">go-git/go-git#1046</a></li>
<li>plumbing: object, check legitimacy in (*Tree).Encode by <a
href="https://github.com/niukuo"><code>@​niukuo</code></a> in <a
href="https://github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li>
<li>plumbing: format/gitattributes, close file in ReadAttributesFile by
<a href="https://github.com/prskr"><code>@​prskr</code></a> in <a
href="https://github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li>
<li>plumbing: check setAuth error. Fixes <a
href="https://github.com/go-git/go-git/issues/185">#185</a> by
<a href="https://github.com/nodivbyzero"><code>@​nodivbyzero</code></a>
in <a
href="https://github.com/go-git/go-git/pull/969">go-git/go-git#969</a></li>
<li>plumbing: object, fix variable defaultUtf8CommitMessageEncoding name
spell error by <a
href="https://github.com/Jerry-yz"><code>@​Jerry-yz</code></a> in <a
href="https://github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li>
<li>utils: merkletrie, calculate filesystem node's hash lazily. by <a
href="https://github.com/candid82"><code>@​candid82</code></a> in <a
href="https://github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li>
<li>utils: update comment in node.go's Hash() by <a
href="https://github.com/codablock"><code>@​codablock</code></a> in <a
href="https://github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li>
<li>_example: fix 404 link and added ssh-agent clone link by <a
href="https://github.com/grinish21"><code>@​grinish21</code></a> in <a
href="https://github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li>
<li>_example: checkout-branch example by <a
href="https://github.com/dlambda"><code>@​dlambda</code></a> in <a
href="https://github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li>
<li>_example: example for git clone using ssh-agent by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://github.com/go-git/go-git/pull/998">go-git/go-git#998</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/candid82"><code>@​candid82</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li>
<li><a href="https://github.com/codablock"><code>@​codablock</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li>
<li><a href="https://github.com/Jerry-yz"><code>@​Jerry-yz</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li>
<li><a href="https://github.com/wlynch"><code>@​wlynch</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li>
<li><a
href="https://github.com/moranCohen26"><code>@​moranCohen26</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li>
<li><a href="https://github.com/grinish21"><code>@​grinish21</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li>
<li><a href="https://github.com/prskr"><code>@​prskr</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li>
<li><a href="https://github.com/dlambda"><code>@​dlambda</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li>
<li><a href="https://github.com/juliens"><code>@​juliens</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li>
<li><a href="https://github.com/onee-only"><code>@​onee-only</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li>
<li><a href="https://github.com/tim775"><code>@​tim775</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li>
<li><a href="https://github.com/niukuo"><code>@​niukuo</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li>
<li><a
href="https://github.com/avoidalone"><code>@​avoidalone</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/1047">go-git/go-git#1047</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/go-git/go-git/commit/302dddeda962e4bb3477a8e4080bc6f5a253e2bb"><code>302ddde</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1060">#1060</a>
from go-git/dependabot/go_modules/github.com/gliderl...</li>
<li><a
href="https://github.com/go-git/go-git/commit/6bba34deab858ad5d74733686f0a8b4c2940f388"><code>6bba34d</code></a>
build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7</li>
<li><a
href="https://github.com/go-git/go-git/commit/feaeb36df2438dd5f861be2c1041f4e07c126233"><code>feaeb36</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/937">#937</a>
from matejrisek/feature/rename-short-fields</li>
<li><a
href="https://github.com/go-git/go-git/commit/7959a42552a99b2e2df21a6aacafc97b2b5c7457"><code>7959a42</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1052">#1052</a>
from go-git/dependabot/go_modules/github.com/skeema/...</li>
<li><a
href="https://github.com/go-git/go-git/commit/4c17ce7c6a7936a61cea17bee56daf5d9c2b21e4"><code>4c17ce7</code></a>
build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2</li>
<li><a
href="https://github.com/go-git/go-git/commit/3f77e6f0292bdabb6368a42ef0f5fa925ed42f60"><code>3f77e6f</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1048">#1048</a>
from pjbgf/fix-reset-validation</li>
<li><a
href="https://github.com/go-git/go-git/commit/6af38e000608a795320cd17c99491853f0b8ad3a"><code>6af38e0</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1047">#1047</a>
from avoidalone/master</li>
<li><a
href="https://github.com/go-git/go-git/commit/e6c3e58198d176c497bb2dba1a2adb9302597676"><code>e6c3e58</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1044">#1044</a>
from pjbgf/ff-merge</li>
<li><a
href="https://github.com/go-git/go-git/commit/04f7b23cbb85040a276ab2b7d6879223779451fd"><code>04f7b23</code></a>
*: fix some comments</li>
<li><a
href="https://github.com/go-git/go-git/commit/f4f1a876e622c45ed51d05df1298d421a6868fcc"><code>f4f1a87</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/971">#971</a>
from nodivbyzero/fix-177-diff-print-file-stats</li>
<li>Additional commits viewable in <a
href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.11.0&new-version=5.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump github.com/sasha-s/go-deadlock from 0.3.1 to 0.3.5 (#4205)

Bumps
[github.com/sasha-s/go-deadlock](https://github.com/sasha-s/go-deadlock)
from 0.3.1 to 0.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sasha-s/go-deadlock/releases">github.com/sasha-s/go-deadlock's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add missing sync.NewCond wrapper by <a
href="https://github.com/ncw"><code>@​ncw</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li>
<li>fixed the comment of Opts.DeadlockTimeout in deadlock.go by <a
href="https://github.com/h3n4l"><code>@​h3n4l</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li>
<li>deadlock: Add TryLock wrappers by <a
href="https://github.com/jrajahalme"><code>@​jrajahalme</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li>
<li>Reuse timers with sync.Pool by <a
href="https://github.com/millfort"><code>@​millfort</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/31">sasha-s/go-deadlock#31</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ncw"><code>@​ncw</code></a> made their
first contribution in <a
href="https://github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li>
<li><a href="https://github.com/h3n4l"><code>@​h3n4l</code></a> made
their first contribution in <a
href="https://github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li>
<li><a
href="https://github.com/jrajahalme"><code>@​jrajahalme</code></a> made
their first contribution in <a
href="https://github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li>
<li><a href="https://github.com/millfort"><code>@​millfor…
beer-1 added a commit to initia-labs/cometbft that referenced this pull request Nov 13, 2024
* build(deps): Bump github.com/minio/highwayhash from 1.0.2 to 1.0.3 (#3914)

Bumps
[github.com/minio/highwayhash](https://github.com/minio/highwayhash)
from 1.0.2 to 1.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/minio/highwayhash/releases">github.com/minio/highwayhash's
releases</a>.</em></p>
<blockquote>
<h2>Version v1.0.3</h2>
<p>Added support for ARM SVE instructions, resulting in performance
improvements over existing NEON implementation.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/minio/highwayhash/commit/030a8b332625f1501d534324055b1de810fe9233"><code>030a8b3</code></a>
Disable SVE2 support until tested on real hardware (not just
emulator)</li>
<li><a
href="https://github.com/minio/highwayhash/commit/b2d40df9d11faf657708d4b24a24b7b92c5b23d9"><code>b2d40df</code></a>
Fix build on non-ARM architectures</li>
<li><a
href="https://github.com/minio/highwayhash/commit/ff8131595115a8e3d2af219b1ded0d11658baf2a"><code>ff81315</code></a>
Update function for SVE2</li>
<li><a
href="https://github.com/minio/highwayhash/commit/a48b3f20491775094a4cbb7d93da8ab945c7ecbf"><code>a48b3f2</code></a>
Add separate test case for Update function</li>
<li><a
href="https://github.com/minio/highwayhash/commit/3346a584da73836f01ab720398a8d61999ff35e4"><code>3346a58</code></a>
ARM SVE code for update method</li>
<li><a
href="https://github.com/minio/highwayhash/commit/6a9c19b1156f8704d73a73a2d8ba2ef653988f25"><code>6a9c19b</code></a>
Update ARM performance on Graviton3</li>
<li><a
href="https://github.com/minio/highwayhash/commit/1304c103e59f69c73f8b461d5c65a6bce0b11395"><code>1304c10</code></a>
&gt; Warning: 1 issue was detected with this workflow: git checkout
HEAD^2 is no...</li>
<li><a
href="https://github.com/minio/highwayhash/commit/b6f6ef7b89a1265fd1e2cf0ec1c513ec5027de0f"><code>b6f6ef7</code></a>
Upgrade CI versions</li>
<li><a
href="https://github.com/minio/highwayhash/commit/1a96f281b5c687cf18030f723e303c6093a3c3d0"><code>1a96f28</code></a>
Bump golang.org/x/sys from 0.0.0-20190130150945-aca44879d564 to
0.1.0</li>
<li><a
href="https://github.com/minio/highwayhash/commit/9cb37b8cb4e3ed1cf7e0fda944dce3e64c35bddc"><code>9cb37b8</code></a>
Fix build tags for newer Go.</li>
<li>Additional commits viewable in <a
href="https://github.com/minio/highwayhash/compare/v1.0.2...v1.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/minio/highwayhash&package-manager=go_modules&previous-version=1.0.2&new-version=1.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump github.com/prometheus/common from 0.55.0 to 0.57.0 (#3911)

Bumps
[github.com/prometheus/common](https://github.com/prometheus/common)
from 0.55.0 to 0.57.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/common/releases">github.com/prometheus/common's
releases</a>.</em></p>
<blockquote>
<h2>v0.57.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: new promslog and promslog/flag packages to wrap log/slog by <a
href="https://github.com/tjhop"><code>@​tjhop</code></a> in <a
href="https://github.com/prometheus/common/pull/677">prometheus/common#677</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/tjhop"><code>@​tjhop</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/677">prometheus/common#677</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.56.0...v0.57.0">https://github.com/prometheus/common/compare/v0.56.0...v0.57.0</a></p>
<h2>v0.56.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Don't always fetch a OAuth2 token, if the secret from a file didn't
change by <a
href="https://github.com/multani"><code>@​multani</code></a> in <a
href="https://github.com/prometheus/common/pull/647">prometheus/common#647</a></li>
<li>remove dependency to github.com/prometheus/client_golang by <a
href="https://github.com/ilius"><code>@​ilius</code></a> in <a
href="https://github.com/prometheus/common/pull/662">prometheus/common#662</a></li>
<li>Bump github.com/aws/aws-sdk-go from 1.54.7 to 1.54.11 in /sigv4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://github.com/prometheus/common/pull/661">prometheus/common#661</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/664">prometheus/common#664</a></li>
<li>Revert <a
href="https://github.com/prometheus/common/issues/576">#576</a>
and add deprecation notice by <a
href="https://github.com/SuperQ"><code>@​SuperQ</code></a> in <a
href="https://github.com/prometheus/common/pull/665">prometheus/common#665</a></li>
<li>Bump golang.org/x/net from 0.26.0 to 0.27.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github.com/prometheus/common/pull/667">prometheus/common#667</a></li>
<li>use basic string in IsValidLegacyMetricName by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://github.com/prometheus/common/pull/668">prometheus/common#668</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/672">prometheus/common#672</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/674">prometheus/common#674</a></li>
<li>Bump github.com/aws/aws-sdk-go from 1.54.19 to 1.55.5 in /sigv4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://github.com/prometheus/common/pull/671">prometheus/common#671</a></li>
<li>sigv4: support nil body by <a
href="https://github.com/roidelapluie"><code>@​roidelapluie</code></a>
in <a
href="https://github.com/prometheus/common/pull/673">prometheus/common#673</a></li>
<li>Fix overflows of untyped int constants on 32-bit by <a
href="https://github.com/dswarbrick"><code>@​dswarbrick</code></a> in <a
href="https://github.com/prometheus/common/pull/675">prometheus/common#675</a></li>
<li>Update client_golang by <a
href="https://github.com/SuperQ"><code>@​SuperQ</code></a> in <a
href="https://github.com/prometheus/common/pull/676">prometheus/common#676</a></li>
<li>Update golangci lint by <a
href="https://github.com/roidelapluie"><code>@​roidelapluie</code></a>
in <a
href="https://github.com/prometheus/common/pull/679">prometheus/common#679</a></li>
<li>expfmt: Add UTF-8 syntax support in text_parse.go by <a
href="https://github.com/fedetorres93"><code>@​fedetorres93</code></a>
in <a
href="https://github.com/prometheus/common/pull/670">prometheus/common#670</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://github.com/prometheus/common/pull/681">prometheus/common#681</a></li>
<li>fix(utf8): provide a method for explicitly checking label names for
legacy validity by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://github.com/prometheus/common/pull/682">prometheus/common#682</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/multani"><code>@​multani</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/647">prometheus/common#647</a></li>
<li><a href="https://github.com/ilius"><code>@​ilius</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/662">prometheus/common#662</a></li>
<li><a
href="https://github.com/dswarbrick"><code>@​dswarbrick</code></a> made
their first contribution in <a
href="https://github.com/prometheus/common/pull/675">prometheus/common#675</a></li>
<li><a
href="https://github.com/fedetorres93"><code>@​fedetorres93</code></a>
made their first contribution in <a
href="https://github.com/prometheus/common/pull/670">prometheus/common#670</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.55.0...v0.56.0">https://github.com/prometheus/common/compare/v0.55.0...v0.56.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/common/commit/9bbc9cb5e3685e0dbb85461dde3385509a507550"><code>9bbc9cb</code></a>
Merge pull request <a
href="https://github.com/prometheus/common/issues/677">#677</a>
from tjhop/feat/add-promslog-pkg</li>
<li><a
href="https://github.com/prometheus/common/commit/6ea2584af7f3a2c136ccf2f7844d9d7015680479"><code>6ea2584</code></a>
feat: new promslog and promslog/flag packages to wrap log/slog</li>
<li><a
href="https://github.com/prometheus/common/commit/6623230f2fa6d06f840b03469d6d786172c4a74f"><code>6623230</code></a>
Provide a method for explicitly checking label names for legacy
validity. (<a
href="https://github.com/prometheus/common/issues/682">#682</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/19d07967696b0039bc5b76fc1e72f2be289961e1"><code>19d0796</code></a>
Merge pull request <a
href="https://github.com/prometheus/common/issues/681">#681</a>
from prometheus/repo_sync</li>
<li><a
href="https://github.com/prometheus/common/commit/29a2d2c75f018a6b6da1309e44b8210a7c48406e"><code>29a2d2c</code></a>
Update common Prometheus files</li>
<li><a
href="https://github.com/prometheus/common/commit/8968b6c1d012c44709ce098644b57d681a5eb571"><code>8968b6c</code></a>
expfmt: Add UTF-8 syntax support in text_parse.go (<a
href="https://github.com/prometheus/common/issues/670">#670</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/cd4bcc02f4479542b7b360049c2ce7db52d3163d"><code>cd4bcc0</code></a>
Update golangci lint (<a
href="https://github.com/prometheus/common/issues/679">#679</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/2cac84e1490776cacb3f46f14e7adbaf8dcb4596"><code>2cac84e</code></a>
Update client_golang (<a
href="https://github.com/prometheus/common/issues/676">#676</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/79c0459359c4f5fa2113241540dca24054c1b348"><code>79c0459</code></a>
Merge pull request <a
href="https://github.com/prometheus/common/issues/675">#675</a>
from dswarbrick/fix-32bit-overflows</li>
<li><a
href="https://github.com/prometheus/common/commit/008d7b8628857284ef9162e41a8734f1e479dd80"><code>008d7b8</code></a>
Fix overflows of untyped int constants on 32-bit</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/common/compare/v0.55.0...v0.57.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/common&package-manager=go_modules&previous-version=0.55.0&new-version=0.57.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump bufbuild/buf-setup-action from 1.38.0 to 1.39.0 (#3938)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.38.0 to 1.39.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.39.0</h2>
<p>Release v1.39.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/54abbed4fe8d8d45173eca4798b0c39a53a7b658"><code>54abbed</code></a>
Release v1.39.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/221">#221</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.38.0...v1.39.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.38.0&new-version=1.39.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump slackapi/slack-github-action from 1.26.0 to 1.27.0 (#3939)

Bumps
[slackapi/slack-github-action](https://github.com/slackapi/slack-github-action)
from 1.26.0 to 1.27.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/slackapi/slack-github-action/releases">slackapi/slack-github-action's
releases</a>.</em></p>
<blockquote>
<h2>Slack Send V1.27.0</h2>
<h2>What's changed</h2>
<p>This release introduces an optional <code>payload-delimiter</code>
parameter for flattening nested objects with a customized delimiter
before the payload is sent to Slack Workflow Builder when using workflow
webhook triggers.</p>
<pre lang="diff"><code>  - name: Send a custom flattened payload
    uses: slackapi/slack-github-action@v1.27.0
+   with:
+     payload-delimiter: &quot;_&quot;
    env:
      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
</code></pre>
<p>Setting this value to an underscore (<code>_</code>) is recommended
when using nested inputs within Workflow Builder to match expected input
formats of Workflow Builder, but the actual value can be changed to
something else! This &quot;flattening&quot; behavior
<strong>did</strong> exist prior to this version, but used a period
(<code>.</code>) which is not valid for webook inputs in Workflow
Builder.</p>
<!-- raw HTML omitted -->
<p>The resulting output of flattened objects is not always clear, but
the following can hopefully serve as a quick reference as well as <a
href="https://github.com/slackapi/slack-github-action/blob/5d1fb07d3c4f410b8d278134c714edff31264beb/test/slack-send-test.js#L264-L319">these
specs</a> when using <code>_</code> as the delimiter:</p>
<p><strong>Input</strong>:</p>
<pre lang="json"><code>{
    &quot;apples&quot;: &quot;tree&quot;,
    &quot;bananas&quot;: {
        &quot;truthiness&quot;: true
    }
}
</code></pre>
<p><strong>Output</strong>:</p>
<pre lang="json"><code>{
    &quot;apples&quot;: &quot;tree&quot;,
    &quot;bananas_truthiness&quot;: &quot;true&quot;
}
</code></pre>
<p>Notice that <code>bananas_truthiness</code> is also stringified in
this process, as part of updating values to match the expected inputs of
Workflow Builder!</p>
<!-- raw HTML omitted -->
<h2>Changes</h2>
<p>In addition to the changes above, the following lists all of the
changes since the prior version with the <strong>complete
changelog</strong> changes found here: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0">https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0</a></p>
<h4>🎁 Enhancements</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/37ebaef184d7626c5f204ab8d3baff4262dd30f0"><code>37ebaef</code></a>
Automatic compilation</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/5d1fb07d3c4f410b8d278134c714edff31264beb"><code>5d1fb07</code></a>
chore(release): tag version 1.27.0</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/3bc06716971bb1dc2899ccd0332da69b8b778356"><code>3bc0671</code></a>
chore(deps): bump axios to 1.7.5 (<a
href="https://github.com/slackapi/slack-github-action/issues/332">#332</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/b452451af72f751bd902edfbbc084a8b2e6e5031"><code>b452451</code></a>
feat: make the payload delimiter configurable for workflow webhook
triggers (...</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/c50e848fe18b1da5665e19286e3c9b86ad1b3bf5"><code>c50e848</code></a>
build(deps-dev): bump mocha from 10.5.2 to 10.7.0 (<a
href="https://github.com/slackapi/slack-github-action/issues/328">#328</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/e4a9c4b6853f8b64ba9fee848d3f30198f9427c1"><code>e4a9c4b</code></a>
build(deps): bump <code>@​slack/web-api</code> from 7.2.0 to 7.3.2 (<a
href="https://github.com/slackapi/slack-github-action/issues/327">#327</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/9a7f0fa18816ae797b801ec2c27a04499fc2381b"><code>9a7f0fa</code></a>
build(deps-dev): bump chai from 4.4.1 to 4.5.0 (<a
href="https://github.com/slackapi/slack-github-action/issues/326">#326</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/73b7062b8dccf12c0d62626d19953ea628e418ba"><code>73b7062</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 48.5.0 to 48.10.2 (<a
href="https://github.com/slackapi/slack-github-action/issues/325">#325</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/3d5207b5cf109bd2640ec20613ed7f29ab46e853"><code>3d5207b</code></a>
build(deps): bump https-proxy-agent from 7.0.4 to 7.0.5 (<a
href="https://github.com/slackapi/slack-github-action/issues/320">#320</a>)</li>
<li><a
href="https://github.com/slackapi/slack-github-action/commit/4e15b6a964ca554d1a7b7a56850baa97e8316be2"><code>4e15b6a</code></a>
build(deps): bump <code>@​slack/web-api</code> from 7.0.4 to 7.2.0 (<a
href="https://github.com/slackapi/slack-github-action/issues/323">#323</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=slackapi/slack-github-action&package-manager=github_actions&previous-version=1.26.0&new-version=1.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump bufbuild/buf-setup-action from 1.39.0 to 1.40.1 (#4024)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.39.0 to 1.40.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.40.1</h2>
<p>Release v1.40.1</p>
<h2>v1.40.0</h2>
<p>Release v1.40.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/2dbfb63c8b0cc4f1707ba5dd23017e998a25b2f0"><code>2dbfb63</code></a>
Release v1.40.1 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/223">#223</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/51c53201f0da34af376e0b998c889ebb2813d479"><code>51c5320</code></a>
Release v1.40.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/222">#222</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.39.0...v1.40.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.39.0&new-version=1.40.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: Bump go toolchain to `1.22.7` on `v0.38.x` (#4065)

* feat(mempool/metrics): Add new `evicted_txs` metric and call unused `rejected_txs` (backport #4019) (#4052)

#### PR checklist

- [ ] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [X] Updated relevant documentation (`docs/` or `spec/`) and code
comments
<hr>This is an automatic backport of pull request #4019 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: Hernán Vanzetto <15466498+hvanz@users.noreply.github.com>
Co-authored-by: hvanz <hernan.vanzetto@gmail.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

* build(deps): Bump Go to 1.22 (backport #4059) (#4073)

### Context
We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of
its dependencies vulnerable to CVEs.
See its
[CHANGELOG](https://github.com/cometbft/cometbft-db/blob/v0.9.x/CHANGELOG.md#v095)

### This Change
This PR updates cometbft-db to v0.9.5.

---

#### PR checklist

~- [ ] Tests written/updated~
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments~
<hr>This is an automatic backport of pull request #4059 done by
[Mergify](https://mergify.com).<hr>This is an automatic backport of pull
request #4072 done by [Mergify](https://mergify.com).

---------

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

* misc(tools)!: remove `tools` package (backport #2046) (#2073)

This is an automatic backport of pull request #2046 done by
[Mergify](https://mergify.com).
Cherry-pick of 2bbb5c1095e38ad81eff9bff024e8f3f0e054d78 has failed:
```
On branch mergify/bp/v0.38.x/pr-2046
Your branch is up to date with 'origin/v0.38.x'.

You are currently cherry-picking commit 2bbb5c109.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   scripts/mockery_generate.sh
	deleted:    tools/proto/Dockerfile
	deleted:    tools/tools.go
	modified:   types/params.go

Unmerged paths:
  (use "git add/rm <file>..." as appropriate to mark resolution)
	both modified:   go.mod
	both modified:   go.sum
	deleted by them: tools/README.md

```


To fix up this pull request, you can check it out locally. See
documentation:
https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

---


<details>
<summary>Mergify commands and options</summary>

<br />

More conditions and actions can be found in the
[documentation](https://docs.mergify.com/).

You can also trigger Mergify actions by commenting on this pull request:

- `@Mergifyio refresh` will re-evaluate the rules
- `@Mergifyio rebase` will rebase this PR on its base branch
- `@Mergifyio update` will merge the base branch into this PR
- `@Mergifyio backport <destination>` will backport this PR on
`<destination>` branch

Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you
can:

- look at your merge queues
- generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com
</details>

---------

Co-authored-by: Jacob Gadikian <jacobgadikian@gmail.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

* build(deps): Bump gonum.org/v1/gonum from 0.12.0 to 0.15.1 (#3910)

Bumps [gonum.org/v1/gonum](https://github.com/gonum/gonum) from 0.12.0
to 0.15.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gonum/gonum/releases">gonum.org/v1/gonum's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.1</h2>
<p>Release v0.15.1 is a bug fix release in the v0.15 branch.</p>
<p>Fixes since v0.15.0:</p>
<p>b6147192 stat/distuv: correct Gamma Mode() and LogProb(0)/Prob(0) for
alpha &lt;= 1
5bc3fec2 mat: fix dst matrix shape check in QR.RTo
354eb431 mat: calculate Q elements lazily when calling QR.At</p>
<h2>v0.15.0</h2>
<p>Release v0.15.0 is a minor release in the v0.15 branch.</p>
<p>Bug fixes/improvements since v0.14.0:</p>
<p>269815f0 spatial/curve: new package to constuct 2-, 3- and 4-D
Hilbert curves
b27ae13f lapack/gonum: add Dptcon
55edfc1d lapack/testlapack: add dlanst
3462e90a lapack/gonum: add Dptsv
44d84c93 lapack/gonum: add Dpttrs
c4e3bfbe lapack/gonum: add Dpttrf
fa306f21 lapack/gonum: handle NaN and Inf input to Dgecon
db43f45c graph/path: do not keep duplicate paths in YenKShortestPaths
5e05b179 lapack/gonum: fix accumulation in Dlassq
606793d4 stat/distmv: add EigenSym interface
ff24a548 stat/distmv: add special case in NormalRandCov for mat.EigenSym
83fd3a6d mat: add RawValues and RawQ to EigenSym
999e48d0 mat: make EigenSym satisfy Matrix
71ca02b7 mat: delegate to SolveTo method in *Dense.Solve
f560d5cb stat/distmv: add NormalRandCov
b2722176 mat: make LQ satisfy Matrix
78bc3a48 mat: add VecDense.Permute
6e2f5c58 lapack/gonum: require exact length of tau in QR routines
bd767ae5 mat: don't panic in Dims on zero Cholesky types
45b74210 mat: make QR satisfy Matrix
aef3c5f3 mat: make LU satisfy Matrix
2d1137f1 mat: add LU.RowPivots and deprecate LU.Pivot
ef75f4dd mat: return U and ColumnPivots from PivotedCholesky
5f74663e mat: add Dense.PermuteRows and PermuteCols
ff3e3209 lapack/lapack64: add Geqp3 and clean up docs
7df15c33 lapack/gonum: clean up Dgghrd and its test
f0a57a45 lapack/gonum: add Dgghrd and its test
7bed099d lapack/gonum: clean up Dlanhs and its test
aa92aa08 spatial/kdtree: update value in place in NKeeper.Keep</p>
<h2>v0.14.0</h2>
<p>Release v0.14.0 is a minor release in the v0.14 branch.</p>
<p>API breaking changes:</p>
<p>9e7bb936 graph/path: allow cost-based Yen shortest path
calculation</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gonum/gonum/commit/bdcda9a453049449163d160b98285b64ec8093a1"><code>bdcda9a</code></a>
graph: use slices package for sorting and reversing slices</li>
<li><a
href="https://github.com/gonum/gonum/commit/a9b228ed6bdcfafd52ce8ba413595310823a0004"><code>a9b228e</code></a>
A+C: add Tristan Nicholls</li>
<li><a
href="https://github.com/gonum/gonum/commit/1f29d7b1d1724243c9f4a156cb1e16c9cbb15de1"><code>1f29d7b</code></a>
mat: calculate Q elements lazily when calling QR.At</li>
<li><a
href="https://github.com/gonum/gonum/commit/f1a62e187e273b2d99f9c2a04fa8931df9c22947"><code>f1a62e1</code></a>
mat: fix dst matrix shape check in QR.RTo</li>
<li><a
href="https://github.com/gonum/gonum/commit/4cb1c6f4a863dd4bde148d9b8736b7d69af4b75b"><code>4cb1c6f</code></a>
ci,mod: update to go1.23</li>
<li><a
href="https://github.com/gonum/gonum/commit/0c62273e338b91cd9578ed93572c693ba55e1eaa"><code>0c62273</code></a>
A+C: add Dirk Müller</li>
<li><a
href="https://github.com/gonum/gonum/commit/0efa2841bf9d1f6ad3b4f5638089c8d6cc72f51e"><code>0efa284</code></a>
A+C: add Tom Payne</li>
<li><a
href="https://github.com/gonum/gonum/commit/f48364e31d40fb9c3b6de7b7d20223edd6d49779"><code>f48364e</code></a>
interp: increase speed of findSegment</li>
<li><a
href="https://github.com/gonum/gonum/commit/1dd194f95b64cda4727b9548bcd2471b4372c7c8"><code>1dd194f</code></a>
stat/distuv: correct Gamma Mode doc comment</li>
<li><a
href="https://github.com/gonum/gonum/commit/35bb474ac513c77971be8e1e9ab2bd1eaca07c79"><code>35bb474</code></a>
stat/distuv: correct Gamma Mode() and LogProb(0)/Prob(0) for alpha &lt;=
1</li>
<li>Additional commits viewable in <a
href="https://github.com/gonum/gonum/compare/v0.12.0...v0.15.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gonum.org/v1/gonum&package-manager=go_modules&previous-version=0.12.0&new-version=0.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump bufbuild/buf-setup-action from 1.40.1 to 1.41.0 (#4096)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.40.1 to 1.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.41.0</h2>
<p>Release v1.41.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/2881ede27923557cb71f4ddc8954905c2639d1fb"><code>2881ede</code></a>
Release v1.41.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/224">#224</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.40.1...v1.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.40.1&new-version=1.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(mempool): change "mempool is full" log level to debug (backport #4123) (#4145)

it happens in benchmark or production when traffic is high, the log
frequency is very high because it's triggered by p2p tx propagation
message.

Solution:
- change it to debug level
<hr>This is an automatic backport of pull request #4123 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: yihuang <yi.codeplayer@gmail.com>
Co-authored-by: Andy Nogueira <me@andynogueira.dev>

* build(deps): Bump bufbuild/buf-setup-action from 1.41.0 to 1.42.0 (#4160)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.41.0 to 1.42.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.42.0</h2>
<p>Release v1.42.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/a8b4a18369a5feb07d4bf9cb2b24f81d105d7bab"><code>a8b4a18</code></a>
Release v1.42.0 (<a
href="https://github.com/bufbuild/buf-setup-action/issues/225">#225</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.41.0...v1.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.41.0&new-version=1.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump docker/build-push-action from 6.7.0 to 6.8.0 (#4194)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.7.0 to 6.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.8.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.37.1 to 0.38.0 in
<a
href="https://github.com/docker/build-push-action/pull/1230">docker/build-push-action#1230</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/32945a339266b759abcbdc89316275140b0fc960"><code>32945a3</code></a>
Merge pull request <a
href="https://github.com/docker/build-push-action/issues/1230">#1230</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e0fe9cf0f26132beab7b62929bd647eef9e7df31"><code>e0fe9cf</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/8f1ff6bf9a836299c21b10f942be49efb52a832c"><code>8f1ff6b</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.37.1 to
0.38.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.7.0&new-version=6.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (#4207)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git)
from 5.11.0 to 5.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's
releases</a>.</em></p>
<blockquote>
<h2>v5.12.0</h2>
<h2>What's Changed</h2>
<ul>
<li>git: Worktree.AddWithOptions: add skipStatus option when providing a
specific path by <a
href="https://github.com/moranCohen26"><code>@​moranCohen26</code></a>
in <a
href="https://github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li>
<li>git: Signer: fix usage of crypto.Signer interface by <a
href="https://github.com/wlynch"><code>@​wlynch</code></a> in <a
href="https://github.com/go-git/go-git/pull/1029">go-git/go-git#1029</a></li>
<li>git: Remote, fetch, adds the prune option. by <a
href="https://github.com/juliens"><code>@​juliens</code></a> in <a
href="https://github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li>
<li>git: Add crypto.Signer option to CommitOptions. by <a
href="https://github.com/wlynch"><code>@​wlynch</code></a> in <a
href="https://github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li>
<li>git: Worktree checkout tag hash id (<a
href="https://github.com/go-git/go-git/issues/959">#959</a>) by
<a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://github.com/go-git/go-git/pull/966">go-git/go-git#966</a></li>
<li>git: Worktree, Don't panic on empty or root path when checking if it
is valid by <a
href="https://github.com/tim775"><code>@​tim775</code></a> in <a
href="https://github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li>
<li>git: Add commit validation for Reset by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://github.com/go-git/go-git/pull/1048">go-git/go-git#1048</a></li>
<li>git: worktree_commit, Fix amend commit to apply changes. Fixes <a
href="https://github.com/go-git/go-git/issues/1024">#1024</a>
by <a href="https://github.com/onee-only"><code>@​onee-only</code></a>
in <a
href="https://github.com/go-git/go-git/pull/1045">go-git/go-git#1045</a></li>
<li>git: Implement Merge function with initial
<code>FastForwardMerge</code> support by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://github.com/go-git/go-git/pull/1044">go-git/go-git#1044</a></li>
<li>plumbing: object, Make first commit visible on logs filtered with
filename. Fixes <a
href="https://github.com/go-git/go-git/issues/191">#191</a> by
<a href="https://github.com/onee-only"><code>@​onee-only</code></a> in
<a
href="https://github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li>
<li>plumbing: no panic in printStats function. Fixes <a
href="https://github.com/go-git/go-git/issues/177">#177</a> by
<a href="https://github.com/nodivbyzero"><code>@​nodivbyzero</code></a>
in <a
href="https://github.com/go-git/go-git/pull/971">go-git/go-git#971</a></li>
<li>plumbing: object, Optimize logging with file. by <a
href="https://github.com/onee-only"><code>@​onee-only</code></a> in <a
href="https://github.com/go-git/go-git/pull/1046">go-git/go-git#1046</a></li>
<li>plumbing: object, check legitimacy in (*Tree).Encode by <a
href="https://github.com/niukuo"><code>@​niukuo</code></a> in <a
href="https://github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li>
<li>plumbing: format/gitattributes, close file in ReadAttributesFile by
<a href="https://github.com/prskr"><code>@​prskr</code></a> in <a
href="https://github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li>
<li>plumbing: check setAuth error. Fixes <a
href="https://github.com/go-git/go-git/issues/185">#185</a> by
<a href="https://github.com/nodivbyzero"><code>@​nodivbyzero</code></a>
in <a
href="https://github.com/go-git/go-git/pull/969">go-git/go-git#969</a></li>
<li>plumbing: object, fix variable defaultUtf8CommitMessageEncoding name
spell error by <a
href="https://github.com/Jerry-yz"><code>@​Jerry-yz</code></a> in <a
href="https://github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li>
<li>utils: merkletrie, calculate filesystem node's hash lazily. by <a
href="https://github.com/candid82"><code>@​candid82</code></a> in <a
href="https://github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li>
<li>utils: update comment in node.go's Hash() by <a
href="https://github.com/codablock"><code>@​codablock</code></a> in <a
href="https://github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li>
<li>_example: fix 404 link and added ssh-agent clone link by <a
href="https://github.com/grinish21"><code>@​grinish21</code></a> in <a
href="https://github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li>
<li>_example: checkout-branch example by <a
href="https://github.com/dlambda"><code>@​dlambda</code></a> in <a
href="https://github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li>
<li>_example: example for git clone using ssh-agent by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://github.com/go-git/go-git/pull/998">go-git/go-git#998</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/candid82"><code>@​candid82</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li>
<li><a href="https://github.com/codablock"><code>@​codablock</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li>
<li><a href="https://github.com/Jerry-yz"><code>@​Jerry-yz</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li>
<li><a href="https://github.com/wlynch"><code>@​wlynch</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li>
<li><a
href="https://github.com/moranCohen26"><code>@​moranCohen26</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li>
<li><a href="https://github.com/grinish21"><code>@​grinish21</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li>
<li><a href="https://github.com/prskr"><code>@​prskr</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li>
<li><a href="https://github.com/dlambda"><code>@​dlambda</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li>
<li><a href="https://github.com/juliens"><code>@​juliens</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li>
<li><a href="https://github.com/onee-only"><code>@​onee-only</code></a>
made their first contribution in <a
href="https://github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li>
<li><a href="https://github.com/tim775"><code>@​tim775</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li>
<li><a href="https://github.com/niukuo"><code>@​niukuo</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li>
<li><a
href="https://github.com/avoidalone"><code>@​avoidalone</code></a> made
their first contribution in <a
href="https://github.com/go-git/go-git/pull/1047">go-git/go-git#1047</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/go-git/go-git/commit/302dddeda962e4bb3477a8e4080bc6f5a253e2bb"><code>302ddde</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1060">#1060</a>
from go-git/dependabot/go_modules/github.com/gliderl...</li>
<li><a
href="https://github.com/go-git/go-git/commit/6bba34deab858ad5d74733686f0a8b4c2940f388"><code>6bba34d</code></a>
build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7</li>
<li><a
href="https://github.com/go-git/go-git/commit/feaeb36df2438dd5f861be2c1041f4e07c126233"><code>feaeb36</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/937">#937</a>
from matejrisek/feature/rename-short-fields</li>
<li><a
href="https://github.com/go-git/go-git/commit/7959a42552a99b2e2df21a6aacafc97b2b5c7457"><code>7959a42</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1052">#1052</a>
from go-git/dependabot/go_modules/github.com/skeema/...</li>
<li><a
href="https://github.com/go-git/go-git/commit/4c17ce7c6a7936a61cea17bee56daf5d9c2b21e4"><code>4c17ce7</code></a>
build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2</li>
<li><a
href="https://github.com/go-git/go-git/commit/3f77e6f0292bdabb6368a42ef0f5fa925ed42f60"><code>3f77e6f</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1048">#1048</a>
from pjbgf/fix-reset-validation</li>
<li><a
href="https://github.com/go-git/go-git/commit/6af38e000608a795320cd17c99491853f0b8ad3a"><code>6af38e0</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1047">#1047</a>
from avoidalone/master</li>
<li><a
href="https://github.com/go-git/go-git/commit/e6c3e58198d176c497bb2dba1a2adb9302597676"><code>e6c3e58</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/1044">#1044</a>
from pjbgf/ff-merge</li>
<li><a
href="https://github.com/go-git/go-git/commit/04f7b23cbb85040a276ab2b7d6879223779451fd"><code>04f7b23</code></a>
*: fix some comments</li>
<li><a
href="https://github.com/go-git/go-git/commit/f4f1a876e622c45ed51d05df1298d421a6868fcc"><code>f4f1a87</code></a>
Merge pull request <a
href="https://github.com/go-git/go-git/issues/971">#971</a>
from nodivbyzero/fix-177-diff-print-file-stats</li>
<li>Additional commits viewable in <a
href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.11.0&new-version=5.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): Bump github.com/sasha-s/go-deadlock from 0.3.1 to 0.3.5 (#4205)

Bumps
[github.com/sasha-s/go-deadlock](https://github.com/sasha-s/go-deadlock)
from 0.3.1 to 0.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sasha-s/go-deadlock/releases">github.com/sasha-s/go-deadlock's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add missing sync.NewCond wrapper by <a
href="https://github.com/ncw"><code>@​ncw</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li>
<li>fixed the comment of Opts.DeadlockTimeout in deadlock.go by <a
href="https://github.com/h3n4l"><code>@​h3n4l</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li>
<li>deadlock: Add TryLock wrappers by <a
href="https://github.com/jrajahalme"><code>@​jrajahalme</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li>
<li>Reuse timers with sync.Pool by <a
href="https://github.com/millfort"><code>@​millfort</code></a> in <a
href="https://github.com/sasha-s/go-deadlock/pull/31">sasha-s/go-deadlock#31</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ncw"><code>@​ncw</code></a> made their
first contribution in <a
href="https://github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li>
<li><a href="https://github.com/h3n4l"><code>@​h3n4l</code></a> made
their first contribution in <a
href="https://github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li>
<li><a
href="https://github.com/jrajahalme"><code>@​jrajahalme</code></a> made
their first contribution in <a
href="https://github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li>
<li><a href="https://github.com/millfort"><code>@​millfort<…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
automerge backport-to-v0.38.x-experimental Tell Mergify to backport the PR to v0.38.x-experimental
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant