build(deps): bump github.com/libp2p/go-libp2p-core from 0.6.1 to 0.9.0

[dependabot-preview[bot]]

Bumps github.com/libp2p/go-libp2p-core from 0.6.1 to 0.9.0.

Release notes

Sourced from github.com/libp2p/go-libp2p-core's releases.

v0.9.0

In this release, we removed a number functions and types that have long been deprecated:

• crypto/KeyStretcher and crypto.StretchedKeys (#203)
• Bytes method from the crypto.Key interface (#204)
• peer.IDB58Decode, peer.IDB58Encode, peer.IdHexDecode, peer.IdHexEncode (#205)
• insecure.New constructor for the insecure transport (#206)

v0.8.6

No release notes provided.

v0.8.5

Introduces a context option to signify simultaneous connect for hole punching.

v0.8.4

Introduces an Event to detect TCP & UDP NAT Device Type.

v0.8.3

Adds support for forcing a direct connection with a peer even if we already have a relayed connection.

v0.8.2

• #175 -- Adds support for transient connections.

v0.8.1

• Introduce a sec.SecureMuxer interface which can select security protocols and open outbound connections with simultaneous open. It is a wrapper around the SecureTransport interface.

v0.8.0 introduces a BREAKING interface change: MuxedConn.OpenStream and Conn.NewStream now both take a context.Context. This allows stream multiplexer implementations to unblock OpenStream when requested to do so.

Release v0.7.0

This is release includes a significant BREAKING CHANGE to the stream interface.

Previously, Close() closed streams for writing, but left them open for reading. Unfortunately, this meant streams would not be garbage collected until either (a) an EOF had been read on the stream or (b) Reset had been called. While technically documented, this behavior was extraordinarily surprising and most libp2p applications end up misusing and leaking streams (leading to memory leaks).

A CloseRead function has been introduced to close a stream for reading only (writing is still allowed).

• Any in-progress Read calls will be interrupted with a non-EOF error.
• No further calls to Read will succeed.
• The handling of new incoming data on the stream after calling close is implementation defined. Currently,
  • Yamux and Mplex will throw away incoming data on a closed stream.
  • QUIC will return an error to the sender.

Close now closes the stream for both reading and writing. Close is equivalent to calling CloseRead and CloseWrite. Importantly, Close will not wait for any form of acknowledgment. If acknowledgment is required, the caller must call CloseWrite, then wait on the stream for a response (or an EOF), then call Close() to free the stream object.

When done with a stream, the user must call either Close() or Reset() to discard the stream, even after calling CloseRead() and/or CloseWrite().

Commits

• ea6cbf9 feat: remove unused metrics (#208)
• 6e24b97 feat: keep addresses for longer (#207)
• 1262f60 remove deprecated key stretching struct / function (#203)
• d28ef63 remove deprecated Bytes method from the Key interface (#204)
• 6cef973 remove deprecated functions in the peer package (#205)
• e952b37 remove deprecated constructor for the insecure transport (#206)
• 8c04ed1 feat: add helper functions for working with addr infos (#202)
• ef6e277 fix: make timestamps strictly increasing (#201)
• e5b6740 ci: use github-actions for compatibility testing (#200)
• aec4faa sync: update CI config files (#189)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[marten-seemann]

@dependabot ignore this dependency