Bump github.com/cosmos/cosmos-sdk from 0.43.0 to 0.44.2 in /testnet

[dependabot[bot]]

Bumps github.com/cosmos/cosmos-sdk from 0.43.0 to 0.44.2.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

Cosmos SDK v0.44.2 Release Notes

Recently, the Cosmos-SDK team became aware of a high-severity security vulnerability that impacts Cosmos-SDK v0.43.x and v0.44.x and can result in a consensus halt. User funds are NOT at risk; however, the vulnerability can result in a chain halt. This vulnerability does not impact the current Cosmos Hub, though other Cosmos-SDK based blockchains using v0.43.x or v0.44.x may be affected and are advised to update to v0.44.2 immediately.

Nodes can update their software independently of each other (no coordinated chain restart necessary), but should do so as soon as they are able.

A full disclosure will be published a week after the release.

Cosmos SDK v0.44.1 Release Notes

This release introduces bug fixes and improvements on the Cosmos SDK v0.44 series.

The main bug fix concerns all users performing in-place store migrations from v0.42 to v0.44. A source of non-determinism in the upgrade process has been detected and fixed in this release, causing consensus errors. As such, v0.44.0 is not safe to use when performing v0.42->v0.44 in-place store upgrades, please use this release v0.44.1 instead. This does not impact genesis JSON dump upgrades nor fresh chains starting with v0.44.

Another bug fix concerns calling the ABCI Query method using client.Context. We modified ABCI queries to use abci.QueryRequest's Height field if it is non-zero, otherwise continue using client.Context's height. This is a minor client-breaking change for users of the client.Context.

Some CLI fixes are also included, such as:

• using pre-configured data for the CLI add-genesis-account command (#9969),
• ensuring the init command reads the --home flag value correctly (#10104),
• fixing the error message when period or period-limit flag is not set on a feegrant grant transaction #10049.

v0.44.1 also includes performance improvements, namely:

• IAVL update to v0.17.1 which includes performance improvements on a batch load #10040,
• Speedup coins.AmountOf(), by removing many intermittent regex calls #10021,
• Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions #10026.

See the Cosmos SDK v0.44.1 milestone on our issue tracker for the exhaustive list of all changes.

Cosmos SDK v0.44.0 Release Notes

v0.44 is a security release which contains a consensus breaking change. It doesn't bring any new feature and it's a logical continuation of v0.43.

Consequences:

• v0.43 is discontinued;
• all chains should upgrade to v0.44. Update from v0.43 doesn't require any migration. Chains can upgrade directly from v0.42, in that case v0.43 migrations must be executed when upgrading to v0.44;
• all previously planned features for v0.44 are going to land in v0.45, with the same release schedule.

Please see Cosmos SDK v0.43.0 Release Notes.

Updates

For a comprehensive list of all breaking changes and improvements since the v0.42 "Stargate" release series, please see the CHANGELOG.

Client Breaking Changes

• Removed broadcast & encode legacy REST endpoints. Both requests should use the new gRPC-Gateway REST endpoints. Please see the REST Endpoints Migration guide to migrate to the new REST endpoints.

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.44.2 - 2021-10-12

Security Release. No breaking changes related to 0.44.x.

v0.44.1 - 2021-09-29

Improvements

• (store) #10040 Bump IAVL to v0.17.1 which includes performance improvements on a batch load.
• (types) #10021 Speedup coins.AmountOf(), by removing many intermittent regex calls.
• #10077 Remove telemetry on GasKV and CacheKV store Get/Set operations, significantly improving their performance.
• (store) #10026 Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions.

Bug Fixes

• #9969 fix: use keyring in config for add-genesis-account cmd.
• (x/genutil) #10104 Ensure the init command reads the --home flag value correctly.
• (x/feegrant) #10049 Fixed the error message when period or period-limit flag is not set on a feegrant grant transaction.

Client Breaking Changes

• #9879 Modify ABCI Queries to use abci.QueryRequest Height field if it is non-zero, otherwise continue using context height.

v0.44.0 - 2021-09-01

Features

• #9860 Emit transaction fee in ante handler fee decorator. The event type is tx and the attribute is fee.

Improvements

• (deps) #9956 Bump Tendermint to v0.34.12.

Deprecated

• (x/upgrade) #9906 Deprecate UpgradeConsensusState gRPC query since this functionality is only used for IBC, which now has its own IBC replacement

Bug Fixes

• #9965 Fixed simd version command output to report the right release tag.
• (x/upgrade) #10189 Removed potential sources of non-determinism in upgrades.

Client Breaking Changes

• #10041 Remove broadcast & encode legacy REST endpoints. Please see the REST Endpoints Migration guide to migrate to the new REST endpoints.

Commits

• 68ab790 Merge pull request from GHSA-2p6r-37p9-89p2
• 4e08d1c chore: Cosmos SDK v0.44.1 release notes (#10345)
• 8a73b26 chore: v0.44.1 release notes and changelog (#10261)
• 89be5a2 fix: removed potential sources of non-determinism in upgrades (backport #1018...
• 37f5069 fix: revert #10169 (amino multisig key unmarshalling) (#10193)
• cded906 perf: Remove telemetry from wrappings of store (backport #10077) (#10170)
• 6bc72e7 chore: bump IAVL version (backport #10040) (#10154)
• 22a4f50 perf: Make CacheKV store interleaved iterator and insertion not O(n^2) (backp...
• b4d7c1f fix: Incorrect error message when periodlimit is not set on a feegrant tx (ba...
• 7330f38 fix!: update ABCI query to use request height (backport #9879) (#10185)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.