build(deps): bump the all-dependencies group with 2 updates

[dependabot]

Bumps the all-dependencies group with 2 updates: github.com/ipfs/boxo and github.com/libp2p/go-libp2p.

Updates github.com/ipfs/boxo from 0.24.0 to 0.24.2

Release notes

Sourced from github.com/ipfs/boxo's releases.

v0.24.2

What's Changed

• chore: update go-libp2p to v0.37.0 by @​gammazero in ipfs/boxo#699
• bitswap(session): fix slice prealloc by @​Wondertan in ipfs/boxo#702

Full Changelog: ipfs/boxo@v0.24.1...v0.24.2

This release was brought to you by the Shipyard team.

v0.24.1

What's Changed

• chore: update go-multiaddr-dns by @​gammazero in ipfs/boxo#684
• Merge release v0.24.0 by @​gammazero in ipfs/boxo#685
• chore: go-libp2p v0.36.5 by @​lidel in ipfs/boxo#686
• fix(routing/http/client): avoid escaping comma query separator by @​lidel in ipfs/boxo#688
• refactor: reuse timers instead of time.After in loops by @​gammazero in ipfs/boxo#687
• refactor: bitswap client does not need ProviderQueryManager by @​gammazero in ipfs/boxo#676
• feat(routing/http/client): DefaultProtocolFilter for IPIP-484 by @​lidel in ipfs/boxo#689
• fix(bitswap/session): cleanup live wants on cancel by @​Wondertan in ipfs/boxo#690
• fix: bitswap performance issue by @​gammazero in ipfs/boxo#692
• chore: update dependencies by @​gammazero in ipfs/boxo#693

Full Changelog: ipfs/boxo@v0.24.0...v0.24.1

This release was brought to you by the Shipyard team.

Changelog

Sourced from github.com/ipfs/boxo's changelog.

[v0.24.2]

Changed

• updated to go-libp2p to v0.37.0
• ipns/pb: removed use of deprecated Exporter (SA1019, golang/protobuf#1640, 9a7055)

Fixed

• bitswap/client: fix panic if current live count is greater than broadcast limit #702

[v0.24.1]

Changed

• routing/http/client: creating delegated routing client with New now defaults to querying delegated routing server with DefaultProtocolFilter (IPIP-484) #689
• updated go-libp2p to v0.36.5
• updated dependencies #693
• update go-libp2p-kad-dht to v0.27.0

Fixed

• routing/http/client: optional address and protocol filter parameters from IPIP-484 use human-readable , instead of %2C. #688
• bitswap/client Cleanup live wants when wants are canceled. This prevents live wants from continuing to get rebroadcasted even after the wants are canceled. #690
• Fix problem adding invalid CID to exhausted wants list resulting in possible performance issue. #692

Commits

• 814ad5d Merge pull request #707 from ipfs/release-v0.24.2
• 08dee8c docs: changelog
• 6b0b5ce bump version to v0.24.2
• 114a70a tidy changelog
• 78817b5 bitswap(session): fix slice prealloc (#702)
• 8585b82 chore: update go-libp2p to v0.37.0 (#699)
• a9085af Merge pull request #706 from ipfs/release-v0.24.1
• 88cdbca Merge branch 'main' into release-v0.24.1
• 0ff6f30 update changelog
• f999bec Update go-libp2p-kad-dbt (#698)
• Additional commits viewable in compare view

Updates github.com/libp2p/go-libp2p from 0.36.4 to 0.37.0

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.37.0

Breaking Changes

• The libp2p.MultiaddrResolver option now takes an interface rather than a specific pointer. This decouples the resolver from a specific implementation and also defines a better interface that is aware of bounds.
  • The swarm exports a new type ResolverFromMaDNS that implements this interface from a *madns.Resolver. The one line diff is essentially:

  -libp2p.MultiaddrResolver(rslv)
  +libp2p.MultiaddrResolver(swarm.ResolverFromMaDNS{Resolver: rslv})

🔦 Highlights

HTTP Peer ID Authentication (#2854)

Authenticate a peer's identity over HTTP. This works on both libp2p stream backed HTTP transports and standard HTTP transports. There is also browser support in the js-libp2p module: https://github.com/libp2p/js-libp2p-http-fetch/tree/main.

See the spec for more details on how it works: https://github.com/libp2p/specs/blob/master/http/peer-id-auth.md

Experimental WithFxOption (#2956)

A new libp2p Config option lets you add custom Fx options to the libp2p constructor. Use this to get access to and provide libp2p services.

For example, this allows you to easily get a reference to the ID Service of a libp2p Node. Refer to this test for a concrete code example: https://github.com/libp2p/go-libp2p/blob/c4c3a34545aab54b5b825a7adbd6a3db2c680afa/fx_options_test.go#L50-L60

In the future we'd like to expose the Fx options libp2p uses to construct itself so that users can better customize their libp2p nodes and integrate it seamlessly into their applications.

Changelog

From v0.36.5 to v0.37.0

• feat: Add WithFxOption (#2956)
• Make BlackHoleState type public (#2917)
• connmgr: reduce log level for untagging untracked peers
• feat(websocket): switch the underlying http server logger to use ipfs/go-log (#2985)
• fix(websocket): re-enable websocket transport test (#2987)
• relay: make only 1 reservation per peer (#2974)
• libp2phttp: HTTP Peer ID Authentication (#2854)
• chore: update quic-go to v0.48.1
• Add backoff for updating local IP addresses on error (#2999) Reporting credit to @​elecbug
• fix: swarm: refactor address resolution (#2990)
• peerstore: limit number of non connected peers in addrbook (#2971)
• swarm: add a peer dial latency metric (#2959)
• autonat: fix interaction with autorelay (#2967)

Full Changelog: libp2p/go-libp2p@v0.36.5...v0.37.0

New Contributors

... (truncated)

Commits

• 83d458c Release v0.37.0 (#3013)
• c4c3a34 feat: Add WithFxOption (#2956)
• 3d63fd6 Use fork of release-check (#3018)
• f120c6d chore: update quic-go to v0.48.1 (#3016)
• aebc4eb chore: update imports to use slices package (#3007)
• b1a0919 Change latency metrics buckets (#3012)
• ed0d8c9 chore: bump deps in preparation for v0.37.0 (#3011)
• b9cb861 autonat: fix interaction with autorelay (#2967)
• af2042c swarm: add a peer dial latency metric (#2959)
• 26c9014 peerstore: limit number of non connected peers in addrbook (#2971)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions