Merge branch 'main' into carlos/return-not-allowed-keys-in-error

.github/ISSUE_TEMPLATE/epic-tracker.md

@@ -33,7 +33,7 @@ v                     without deliberation
 
 ## QA scenarios
 
-<!-- Lists of manual QA tests that need be performed -->
+<!-- Lists of manual QA tests that need to be performed -->
 
 ## Automated e2e tests
 

.github/ISSUE_TEMPLATE/release-tracker.md

@@ -22,7 +22,7 @@ v                     without deliberation
 
 ### Backwards compatibility
 
-<!-- List of tests that need be performed with previous
+<!-- List of tests that need to be performed with previous
 versions of ibc-go to guarantee that no regression is introduced -->
 
 - [ ] [Compatibility tests](https://github.com/cosmos/ibc-go/actions/workflows/e2e-compatibility.yaml) pass for the release branch.

.github/PULL_REQUEST_TEMPLATE.md

@@ -41,7 +41,7 @@ Before we can merge this PR, please make sure that all the following items have
 checked off. If any of the checklist items are not applicable, please leave them but
 write a little note why.
 
-- [ ] Targeted PR against correct branch (see [CONTRIBUTING.md](https://github.com/cosmos/ibc-go/blob/main/docs/dev/pull-requests.md#pull-request-targeting)).
+- [ ] Targeted PR against the correct branch (see [CONTRIBUTING.md](https://github.com/cosmos/ibc-go/blob/main/docs/dev/pull-requests.md#pull-request-targeting)).
 - [ ] Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
 - [ ] Code follows the [module structure standards](https://github.com/cosmos/cosmos-sdk/blob/main/docs/build/building-modules/11-structure.md) and [Go style guide](../docs/dev/go-style-guide.md).
 - [ ] Wrote unit and integration [tests](https://github.com/cosmos/ibc-go/blob/main/testing/README.md#ibc-testing-package).

.github/workflows/docker.yml

@@ -23,7 +23,7 @@ jobs:
 
     - name: Extract metadata (tags, labels) for Docker
       id: meta
-      uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4
+      uses: docker/metadata-action@9dc751fe249ad99385a2583ee0d084c400eee04e
       with:
         images: ${{ env.REGISTRY }}/cosmos/${{ env.IMAGE_NAME }}
 

.github/workflows/e2e-compatibility-workflow-call.yaml

@@ -59,7 +59,7 @@ jobs:
           CHAIN_BINARY: 'simd'
           RELAYER_ID: '${{ matrix.relayer-type }}'
       - name: Upload Diagnostics
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         # we only want to upload logs on test failures.
         if: ${{ failure() }}
         continue-on-error: true

.github/workflows/e2e-test-workflow-call.yml

@@ -121,7 +121,7 @@ jobs:
       - name: Extract metadata (tags, labels) for Docker
         if: ${{ inputs.build-and-push-docker-image }}
         id: meta
-        uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4
+        uses: docker/metadata-action@9dc751fe249ad99385a2583ee0d084c400eee04e
         with:
           images: ${{ env.REGISTRY }}/cosmos/${{ env.IMAGE_NAME }}
 
@@ -168,7 +168,7 @@ jobs:
       - name: Extract metadata (tags, labels) for Docker
         if: ${{ inputs.build-and-push-docker-image-wasm }}
         id: meta
-        uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4
+        uses: docker/metadata-action@9dc751fe249ad99385a2583ee0d084c400eee04e
         with:
           images: ${{ env.REGISTRY }}/cosmos/${{ env.IMAGE_NAME_WASM }}
 
@@ -245,7 +245,7 @@ jobs:
           cd e2e
           make e2e-test test=${{ matrix.test }}
       - name: Upload Diagnostics
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         if: ${{ failure() && inputs.upload-logs }}
         continue-on-error: true
         with:

.github/workflows/release.yml

@@ -47,7 +47,7 @@ jobs:
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4
+        uses: docker/metadata-action@9dc751fe249ad99385a2583ee0d084c400eee04e
         with:
           images: ${{ env.REGISTRY }}/cosmos/${{ env.IMAGE_NAME }}
 

.github/workflows/test.yml

@@ -60,19 +60,19 @@ jobs:
       - name: Split pkgs into 4 files
         run: split -d -n l/4 pkgs.txt pkgs.txt.part.
       # cache multiple
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: '${{ github.sha }}-00'
           path: ./pkgs.txt.part.00
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: '${{ github.sha }}-01'
           path: ./pkgs.txt.part.01
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: '${{ github.sha }}-02'
           path: ./pkgs.txt.part.02
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: '${{ github.sha }}-03'
           path: ./pkgs.txt.part.03
@@ -95,15 +95,15 @@ jobs:
             **/**.go
             go.mod
             go.sum
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: '${{ github.sha }}-${{ matrix.part }}'
         if: env.GIT_DIFF
       - name: test & coverage report creation
         run: |
           cat pkgs.txt.part.${{ matrix.part }} | xargs go test -mod=readonly -timeout 30m -coverprofile=${{ matrix.part }}profile.out -covermode=atomic -tags='ledger test_ledger_mock'
         if: env.GIT_DIFF
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: '${{ github.sha }}-${{ matrix.part }}-coverage'
           path: ./${{ matrix.part }}profile.out
@@ -119,19 +119,19 @@ jobs:
             **/**.go
             go.mod
             go.sum
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: '${{ github.sha }}-00-coverage'
         if: env.GIT_DIFF
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: '${{ github.sha }}-01-coverage'
         if: env.GIT_DIFF
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: '${{ github.sha }}-02-coverage'
         if: env.GIT_DIFF
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: '${{ github.sha }}-03-coverage'
         if: env.GIT_DIFF

README.md

@@ -92,7 +92,8 @@ To report a security vulnerability, see our [Coordinated Vulnerability Disclosur
 
 The following audits have been performed on the `ibc-go` source code:
 
-- [ICS27 Interchain Accounts](https://github.com/cosmos/ibc-go/blob/main/docs/audits/Trail%20of%20Bits%20audit%20-%20Final%20Report.pdf) by Trail of Bits.
+- [ICS27 Interchain Accounts](https://github.com/cosmos/ibc-go/blob/main/docs/audits/27-interchain-accounts/Trail%20of%20Bits%20audit%20-%20Final%20Report.pdf) by Trail of Bits.
+- [ICS08 Wasm Clients](https://github.com/cosmos/ibc-go/blob/main/docs/audits/08-wasm/Ethan%20Frey%20-%20Wasm%20Client%20Review.pdf) by Ethan Frey/Confio.
 
 ## Quick Navigation
 

docs/architecture/adr-001-coin-source-tracing.md

@@ -26,7 +26,7 @@ to the receiving chain through IBC TAO logic. It is expected that the
 receiving chain will mint vouchers to the receiving address.
 
 2. Sender chain is acting as the sink zone. The coins (vouchers) are burned
-on the sender chain and then transferred to the receiving chain though IBC
+on the sender chain and then transferred to the receiving chain through IBC
 TAO logic. It is expected that the receiving chain, which had previously
 sent the original denomination, will unescrow the fungible token and send
 it to the receiving address.

docs/architecture/adr-002-go-module-versioning.md

@@ -30,7 +30,7 @@ For example, changing the go package version from `v2` to `v3` bumps the import
 If the Go module version is not incremented then attempting to go get a module @v3.0.0 without the suffix results in:
 `invalid version: module contains a go.mod file, so major version must be compatible: should be v0 or v1, not v3`
 
-Version validation was added in Go 1.13. This means is that in order to release a v3.0.0 git tag without a /v3 suffix on the module definition, the tag must explicitly **not** contain a go.mod file.
+Version validation was added in Go 1.13. This means that in order to release a v3.0.0 git tag without a /v3 suffix on the module definition, the tag must explicitly **not** contain a go.mod file.
 Not including a go.mod in our release is not a viable option.
 
 #### Attempting to import multiple go module versions for ibc-go

docs/architecture/adr-006-02-client-refactor.md

@@ -91,7 +91,7 @@ As @seunlanlege [states](https://github.com/cosmos/ibc-go/issues/284#issuecommen
 
 > I'm in support of these changes for 2 reasons:
 >
-> - This would allow light clients handle batch header updates in CheckHeaderAndUpdateState, for the special case of 11-beefy proving the finality for a batch of headers is much more space and time efficient than the space/time complexity of proving each individual headers in that batch, combined.
+> - This would allow light clients to handle batch header updates in CheckHeaderAndUpdateState, for the special case of 11-beefy proving the finality for a batch of headers is much more space and time efficient than the space/time complexity of proving each individual headers in that batch, combined.
 >
 > - This also allows for a single light client instance of 11-beefy be used to prove finality for every parachain connected to the relay chain (Polkadot/Kusama). We achieve this by setting the appropriate ConsensusState for individual parachain headers in CheckHeaderAndUpdateState
 

docs/docs/03-light-clients/04-wasm/03-integration.md

@@ -310,9 +310,29 @@ app.WasmClientKeeper = wasmkeeper.NewKeeperWithVM(
 In order to use the `08-wasm` module chains must update the [`AllowedClients` parameter in the 02-client submodule](https://github.com/cosmos/ibc-go/blob/main/proto/ibc/core/client/v1/client.proto#L103) of core IBC. This can be configured directly in the application upgrade handler with the sample code below:
 
 ```go
-params := clientKeeper.GetParams(ctx)
-params.AllowedClients = append(params.AllowedClients, exported.Wasm)
-clientKeeper.SetParams(ctx, params)
+import (
+  ...
+  wasmtypes "github.com/cosmos/ibc-go/modules/light-clients/08-wasm/types"
+  ...
+)
+
+...
+
+func CreateWasmUpgradeHandler(
+  mm *module.Manager,
+  configurator module.Configurator,
+  clientKeeper clientkeeper.Keeper,
+) upgradetypes.UpgradeHandler {
+  return func(ctx context.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) {
+    sdkCtx := sdk.UnwrapSDKContext(ctx)
+    // explicitly update the IBC 02-client params, adding the wasm client type
+    params := clientKeeper.GetParams(ctx)
+    params.AllowedClients = append(params.AllowedClients, wasmtypes.Wasm)
+    clientKeeper.SetParams(ctx, params)
+
+    return mm.RunMigrations(ctx, configurator, vm)
+  }
+}
 ```
 
 Or alternatively the parameter can be updated via a governance proposal (see at the bottom of section [`Creating clients`](../01-developer-guide/09-setup.md#creating-clients) for an example of how to do this).

e2e/semverutil/semver_test.go

@@ -37,6 +37,7 @@ func TestIsSupported(t *testing.T) {
 		{"supported semantic version", "v6.1.0", true},
 		{"supported semantic version", "v7.1.0", true},
 		{"supported semantic version", "v22.5.1", true},
+		{"supported semantic version pre-release", "v6.0.0-rc.0", false},
 		{"supported semantic version without v", "2.5.0", true},
 		{"unsupported semantic version", "v1.5.0", false},
 		{"unsupported semantic version", "v2.4.5", false},

e2e/testsuite/diagnostics/diagnostics.go

@@ -52,7 +52,7 @@ func Collect(t *testing.T, dc *dockerclient.Client, debugModeEnabled bool, chain
 
 	testContainers, err := dockerutil.GetTestContainers(ctx, t, dc)
 	if err != nil {
-		t.Logf("failed listing containers test cleanup: %s", err)
+		t.Logf("failed listing containers during test cleanup: %s", err)
 		return
 	}
 
@@ -72,7 +72,6 @@ func Collect(t *testing.T, dc *dockerclient.Client, debugModeEnabled bool, chain
 
 		logFile := fmt.Sprintf("%s/%s.log", containerDir, containerName)
 		if err := os.WriteFile(logFile, logsBz, defaultFilePerm); err != nil {
-			t.Logf("failed writing log file for container %s in test cleanup: %s", containerName, err)
 			continue
 		}
 
@@ -82,19 +81,18 @@ func Collect(t *testing.T, dc *dockerclient.Client, debugModeEnabled bool, chain
 		for _, chainName := range chainNames {
 			diagnosticFiles = append(diagnosticFiles, chainDiagnosticAbsoluteFilePaths(chainName)...)
 		}
+		diagnosticFiles = append(diagnosticFiles, relayerDiagnosticAbsoluteFilePaths()...)
 
 		for _, absoluteFilePathInContainer := range diagnosticFiles {
 			localFilePath := ospath.Join(containerDir, ospath.Base(absoluteFilePathInContainer))
 			if err := fetchAndWriteDiagnosticsFile(ctx, dc, container.ID, localFilePath, absoluteFilePathInContainer); err != nil {
-				t.Logf("failed to fetch and write file %s for container %s in test cleanup: %s", absoluteFilePathInContainer, containerName, err)
 				continue
 			}
 			t.Logf("successfully wrote diagnostics file %s", absoluteFilePathInContainer)
 		}
 
 		localFilePath := ospath.Join(containerDir, dockerInspectFileName)
 		if err := fetchAndWriteDockerInspectOutput(ctx, dc, container.ID, localFilePath); err != nil {
-			t.Logf("failed to fetch docker inspect output: %s", err)
 			continue
 		}
 		t.Logf("successfully wrote docker inspect output")
@@ -156,6 +154,14 @@ func chainDiagnosticAbsoluteFilePaths(chainName string) []string {
 	}
 }
 
+// relayerDiagnosticAbsoluteFilePaths returns a slice of absolute file paths (in the containers) which are the files that should be
+// copied locally when fetching diagnostics.
+func relayerDiagnosticAbsoluteFilePaths() []string {
+	return []string{
+		"/home/hermes/.hermes/config.toml",
+	}
+}
+
 // getE2EDir finds the e2e directory above the test.
 func getE2EDir(t *testing.T) (string, error) {
 	t.Helper()

e2e/testsuite/testsuite.go

@@ -135,13 +135,6 @@ func (s *E2ETestSuite) ConfigureRelayer(ctx context.Context, chainA, chainB ibc.
 	s.startRelayerFn = func(relayer ibc.Relayer) {
 		err := relayer.StartRelayer(ctx, eRep, pathName)
 		s.Require().NoError(err, fmt.Sprintf("failed to start relayer: %s", err))
-		s.T().Cleanup(func() {
-			if !s.T().Failed() {
-				if err := relayer.StopRelayer(ctx, eRep); err != nil {
-					s.T().Logf("error stopping relayer: %v", err)
-				}
-			}
-		})
 		// wait for relayer to start.
 		s.Require().NoError(test.WaitForBlocks(ctx, 10, chainA, chainB), "failed to wait for blocks")
 	}
@@ -377,9 +370,9 @@ func (s *E2ETestSuite) createChains(chainOptions ChainOptions) (ibc.Chain, ibc.C
 	// cleanup task which deletes all containers. By registering a cleanup function afterwards, it is executed first
 	// this allows us to process the logs before the containers are removed.
 	t.Cleanup(func() {
-		debugModeEnabled := LoadConfig().DebugConfig.DumpLogs
+		dumpLogs := LoadConfig().DebugConfig.DumpLogs
 		chains := []string{chainOptions.ChainASpec.ChainConfig.Name, chainOptions.ChainBSpec.ChainConfig.Name}
-		diagnostics.Collect(t, s.DockerClient, debugModeEnabled, chains...)
+		diagnostics.Collect(t, s.DockerClient, dumpLogs, chains...)
 	})
 
 	chains, err := cf.Chains(t.Name())