gravity-bridge
gravity-bridge copied to clipboard
Bump github.com/cosmos/cosmos-sdk from 0.43.0 to 0.44.2 in /testnet
Bumps github.com/cosmos/cosmos-sdk from 0.43.0 to 0.44.2.
Release notes
Sourced from github.com/cosmos/cosmos-sdk's releases.
Cosmos SDK v0.44.2 Release Notes
Recently, the Cosmos-SDK team became aware of a high-severity security vulnerability that impacts Cosmos-SDK v0.43.x and v0.44.x and can result in a consensus halt. User funds are NOT at risk; however, the vulnerability can result in a chain halt. This vulnerability does not impact the current Cosmos Hub, though other Cosmos-SDK based blockchains using v0.43.x or v0.44.x may be affected and are advised to update to v0.44.2 immediately.
Nodes can update their software independently of each other (no coordinated chain restart necessary), but should do so as soon as they are able.
A full disclosure will be published a week after the release.
Cosmos SDK v0.44.1 Release Notes
This release introduces bug fixes and improvements on the Cosmos SDK v0.44 series.
The main bug fix concerns all users performing in-place store migrations from v0.42 to v0.44. A source of non-determinism in the upgrade process has been detected and fixed in this release, causing consensus errors. As such, v0.44.0 is not safe to use when performing v0.42->v0.44 in-place store upgrades, please use this release v0.44.1 instead. This does not impact genesis JSON dump upgrades nor fresh chains starting with v0.44.
Another bug fix concerns calling the ABCI
Query
method usingclient.Context
. We modified ABCI queries to useabci.QueryRequest
'sHeight
field if it is non-zero, otherwise continue usingclient.Context
's height. This is a minor client-breaking change for users of theclient.Context
.Some CLI fixes are also included, such as:
- using pre-configured data for the CLI
add-genesis-account
command (#9969),- ensuring the
init
command reads the--home
flag value correctly (#10104),- fixing the error message when
period
orperiod-limit
flag is not set on a feegrant grant transaction #10049.v0.44.1 also includes performance improvements, namely:
- IAVL update to v0.17.1 which includes performance improvements on a batch load #10040,
- Speedup coins.AmountOf(), by removing many intermittent regex calls #10021,
- Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions #10026.
See the Cosmos SDK v0.44.1 milestone on our issue tracker for the exhaustive list of all changes.
Cosmos SDK v0.44.0 Release Notes
v0.44 is a security release which contains a consensus breaking change. It doesn't bring any new feature and it's a logical continuation of v0.43.
Consequences:
- v0.43 is discontinued;
- all chains should upgrade to v0.44. Update from v0.43 doesn't require any migration. Chains can upgrade directly from v0.42, in that case v0.43 migrations must be executed when upgrading to v0.44;
- all previously planned features for v0.44 are going to land in v0.45, with the same release schedule.
Please see Cosmos SDK v0.43.0 Release Notes.
Updates
For a comprehensive list of all breaking changes and improvements since the v0.42 "Stargate" release series, please see the CHANGELOG.
Client Breaking Changes
- Removed broadcast & encode legacy REST endpoints. Both requests should use the new gRPC-Gateway REST endpoints. Please see the REST Endpoints Migration guide to migrate to the new REST endpoints.
Changelog
Sourced from github.com/cosmos/cosmos-sdk's changelog.
v0.44.2 - 2021-10-12
Security Release. No breaking changes related to 0.44.x.
v0.44.1 - 2021-09-29
Improvements
- (store) #10040 Bump IAVL to v0.17.1 which includes performance improvements on a batch load.
- (types) #10021 Speedup coins.AmountOf(), by removing many intermittent regex calls.
- #10077 Remove telemetry on
GasKV
andCacheKV
store Get/Set operations, significantly improving their performance.- (store) #10026 Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions.
Bug Fixes
- #9969 fix: use keyring in config for add-genesis-account cmd.
- (x/genutil) #10104 Ensure the
init
command reads the--home
flag value correctly.- (x/feegrant) #10049 Fixed the error message when
period
orperiod-limit
flag is not set on a feegrant grant transaction.Client Breaking Changes
- #9879 Modify ABCI Queries to use
abci.QueryRequest
Height field if it is non-zero, otherwise continue using context height.v0.44.0 - 2021-09-01
Features
- #9860 Emit transaction fee in ante handler fee decorator. The event type is
tx
and the attribute isfee
.Improvements
Deprecated
- (x/upgrade) #9906 Deprecate
UpgradeConsensusState
gRPC query since this functionality is only used for IBC, which now has its own IBC replacementBug Fixes
- #9965 Fixed
simd version
command output to report the right release tag.- (x/upgrade) #10189 Removed potential sources of non-determinism in upgrades.
Client Breaking Changes
- #10041 Remove broadcast & encode legacy REST endpoints. Please see the REST Endpoints Migration guide to migrate to the new REST endpoints.
Commits
68ab790
Merge pull request from GHSA-2p6r-37p9-89p24e08d1c
chore: Cosmos SDK v0.44.1 release notes (#10345)8a73b26
chore: v0.44.1 release notes and changelog (#10261)89be5a2
fix: removed potential sources of non-determinism in upgrades (backport #1018...37f5069
fix: revert #10169 (amino multisig key unmarshalling) (#10193)cded906
perf: Remove telemetry from wrappings of store (backport #10077) (#10170)6bc72e7
chore: bump IAVL version (backport #10040) (#10154)22a4f50
perf: Make CacheKV store interleaved iterator and insertion not O(n^2) (backp...b4d7c1f
fix: Incorrect error message when periodlimit is not set on a feegrant tx (ba...7330f38
fix!: update ABCI query to use request height (backport #9879) (#10185)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.