-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): Bump github.com/cometbft/cometbft from 0.37.4 to 0.38.10 in /tools/rosetta #527
Conversation
The following labels could not be found: |
WalkthroughThe recent updates to the Rosetta project's Changes
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configuration File (
|
Bumps [github.com/cometbft/cometbft](https://github.com/cometbft/cometbft) from 0.37.4 to 0.38.10. - [Release notes](https://github.com/cometbft/cometbft/releases) - [Changelog](https://github.com/cometbft/cometbft/blob/v0.38.10/CHANGELOG.md) - [Commits](cometbft/cometbft@v0.37.4...v0.38.10) --- updated-dependencies: - dependency-name: github.com/cometbft/cometbft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
800191e
to
590b96a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Files ignored due to path filters (1)
tools/rosetta/go.sum
is excluded by!**/*.sum
Files selected for processing (1)
- tools/rosetta/go.mod (7 hunks)
Additional comments not posted (8)
tools/rosetta/go.mod (8)
39-39
: Minor update approved forgogoproto
.The update from
v1.4.10
tov1.4.11
is a minor version change, likely including small improvements or bug fixes.
83-83
: New indirect dependencycurve25519-voi
approved.The addition of
curve25519-voi
suggests enhanced cryptographic support. Ensure that its inclusion aligns with project requirements and does not introduce vulnerabilities.
9-9
: Verify compatibility withcometbft
v0.38.10.The update from
v0.37.5
tov0.38.10
includes bug fixes and performance improvements. Ensure that the project remains compatible with these changes, especially regarding ABCI response handling and peer connections.
91-91
: Verify process metrics functionality withprocfs
v0.12.0.The update from
v0.8.0
tov0.12.0
may include enhancements or bug fixes. Ensure that process metrics functionality is consistent with the new version.
54-54
: Verify logging functionality withlogfmt
v0.6.0.The update from
v0.5.1
tov0.6.0
may include logging enhancements. Ensure that logging in the project functions as expected with the new version.
108-108
: Verify error handling withmultierr
v1.10.0.The update from
v1.9.0
tov1.10.0
likely includes improvements in error handling. Ensure that error handling in the project is compatible with the new version.Verification successful
No direct usage of
multierr
found in the codebase.The
multierr
package is listed as an indirect dependency and is not directly used in the codebase. Therefore, the update to v1.10.0 should not impact the project's error handling directly. Ensure that any dependencies usingmultierr
are compatible with the new version.Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash # Description: Verify error handling with `multierr` v1.10.0. # Test: Search for usage of `multierr` to ensure error handling is intact. rg --type go 'multierr'Length of output: 23
Script:
#!/bin/bash # Description: Check for usage of `multierr` and inspect dependencies in go.mod. # Search for any usage of `multierr` in the codebase. rg --type go 'multierr' # List all dependencies in go.mod to find any that might use `multierr`. cat tools/rosetta/go.modLength of output: 6027
90-90
: Verify metrics functionality withprometheus/common
v0.42.0.The update from
v0.37.0
tov0.42.0
may include metrics enhancements. Ensure that metrics collection and reporting are consistent with the new version.Verification successful
Metrics functionality verified with
prometheus/common
v0.42.0.The
expfmt
package fromprometheus/common
is used for encoding metrics and verifying content types. The tests confirm that metrics are encoded correctly, ensuring compatibility with the new version. No issues found with the update.Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash # Description: Verify metrics functionality with `prometheus/common` v0.42.0. # Test: Search for usage of `prometheus/common` to ensure metrics functionality is intact. rg --type go 'prometheus/common'Length of output: 157
Script:
#!/bin/bash # Extract relevant sections from metrics.go and metrics_test.go to analyze usage of prometheus/common. # Extract code from metrics.go rg --type go --context 5 'prometheus/common' telemetry/metrics.go # Extract code from metrics_test.go rg --type go --context 5 'prometheus/common' telemetry/metrics_test.goLength of output: 726
Script:
#!/bin/bash # Extract detailed usage of expfmt from metrics.go and metrics_test.go to analyze its impact. # Extract detailed usage from metrics.go rg --type go 'expfmt' telemetry/metrics.go -A 10 # Extract detailed usage from metrics_test.go rg --type go 'expfmt' telemetry/metrics_test.go -A 10Length of output: 1517
80-80
: Verify protobuf functionality withgolang_protobuf_extensions
v1.0.4.The update from
v1.0.2-0.20181231171920-c182affec369
tov1.0.4
likely includes improvements or bug fixes. Ensure that protobuf functionality is consistent with the new version.
Superseded by #541. |
Bumps github.com/cometbft/cometbft from 0.37.4 to 0.38.10.
Release notes
Sourced from github.com/cometbft/cometbft's releases.
... (truncated)
Changelog
Sourced from github.com/cometbft/cometbft's changelog.
... (truncated)
Commits
5f59b42
chore: releasev0.38.10
(#3515)c2405cc
feat: do not start indexer service (back port: #3331) (#3496)641d528
doc(changelog): move recent HackerOne changelogs to 'bug fixes' (#3479)0792c8b
fix: invalidtxs_results
returned for legacy ABCI responses (backport #3031...a1b6c68
feat(libs/pubsub): allow dash symbol in event type/attribute (backport #3456)...fcac713
changelog: moving entry (#3396) to right location (#3457)f2b42d7
build(deps): Bump docker/build-push-action from 6.2.0 to 6.3.0 (#3440)a392c28
build(deps): Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 (#3439)9ca0b49
perf(p2p/conn): Remove unneeded global pool buffers in secret connection (bac...0aeebd5
fix(blocksync): don't block in blocksync if our voting power is blocking the ...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Summary by CodeRabbit
New Features
Bug Fixes
Chores