Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: use latest cometbft-db in v0.38.x #4296

Closed
wants to merge 367 commits into from

Conversation

faddat
Copy link
Contributor

@faddat faddat commented Oct 15, 2024


PR checklist

  • Tests written/updated
  • Changelog entry added in .changelog (we use unclog to manage our changelog)
  • Updated relevant documentation (docs/ or spec/) and code comments

mergify bot and others added 30 commits November 17, 2023 12:59
* docs: various improvements (cometbft#1603)

* docs: fix Query return parameters

* docs: fix the number of ABCI connections

ABCI creates 4 connections, not 3

* docs: bump cleveldb version

1.20 is 6 years old! 1.23 was released on Feb 24, 2021

* docs: remove check from PrepareProposal

This check only confuses readers. PrepareProposal returns
`proposal.Txs` (original list), not `txs`. Thus for loop is essentially
noop and can be removed. Even if we modify PrepareProposal to return
txs, it confuses application devs since CometBFT respects the limit when
creating a proposal! Therefore, application devs should only check the
limit when modifying the transactions, which is not the case here.

* docs: minor highlighting

* docs: fix syntax error

missing comma

* docs: fix [email protected]/proto/merge.go:123:28: type error

go: go1.21.3 darwin/amd64
cometbft: v0.38.0

```
../../../go/pkg/mod/github.com/cosmos/[email protected]/proto/merge.go:123:28:
type func(x *descriptorpb.FileDescriptorProto, y
*descriptorpb.FileDescriptorProto) bool of func(x, y
*descriptorpb.FileDescriptorProto) bool {…} does not match inferred type
func(a *descriptorpb.FileDescriptorProto, b
*descriptorpb.FileDescriptorProto) int for func(a E, b E) int
```

* docs: add missing double quote

* docs: make the same changes in go guide

- add a note about gogoproto
- simplify PrepareProposal
- add missing double quote

* docs: remove XXX

will create a separate PR updating gogoproto for v0.38

* Revert "docs: remove XXX"

This reverts commit a4a1a04.

(cherry picked from commit a05b73e)

# Conflicts:
#	docs/guides/go-built-in.md

* fix merge conflict

---------

Co-authored-by: Anton Kaliaev <[email protected]>
* Build changelog for v0.38.1 release

Signed-off-by: Thane Thomson <[email protected]>

* version: Bump to v0.38.1

Signed-off-by: Thane Thomson <[email protected]>

---------

Signed-off-by: Thane Thomson <[email protected]>
* proto: Update README

Signed-off-by: Thane Thomson <[email protected]>

* Add versions to table for clarity

Signed-off-by: Thane Thomson <[email protected]>

---------

Signed-off-by: Thane Thomson <[email protected]>
(cherry picked from commit ee99bf5)

Co-authored-by: Thane Thomson <[email protected]>
…bft#1660)

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v5.0.0...v5.1.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…metbft#1661)

Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/bufbuild/buf-setup-action/releases)
- [Commits](bufbuild/buf-setup-action@v1.28.0...v1.28.1)

---
updated-dependencies:
- dependency-name: bufbuild/buf-setup-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#1414) (cometbft#1668)

As part of porting the cosmos-sdk simulator to running on top of
its testutil/network runner, we need a way to simulate adversarial
network connections between validators. This change adds the
existing fuzzing configuration of P2PConfig to MConnConfig and uses it
to conditionally create an unreliable connection in MultiplexTransport.

Co-authored-by: Elias Naur <[email protected]>
Co-authored-by: Sergio Mena <[email protected]>
(cherry picked from commit 245185a)

Co-authored-by: Elias Naur <[email protected]>
* mempool: add `nop` mempool (cometbft#1643)

* add `nop` mempool

See
[ADR-111](cometbft#1585)

* implement NopMempool and NopMempoolReactor

modify node.go logic

I had to add NopMempoolReactor to pass it to RPC in order not to change
it.

* check config instead of asserting for nil

* start writing docs

* add changelog

* move changelog

* expand docs

* remove unused func arguments

* add simple test

* make linter happy again

* doc fixes

Co-authored-by: Sergio Mena <[email protected]>

* rename mempoolReactor to waitSyncP2PReactor

* improve changelog message

* allow empty string for backwards compatibility

cometbft#1643 (comment)

* make ErrNotAllowed private

* mention `create_empty_blocks` in toml

https://github.com/cometbft/cometbft/pull/1643/files#r1400434715

* return nil instead of closed channel

https://github.com/cometbft/cometbft/pull/1643/files#r1400252575

The reader will block forever, which is exactly what we need.

* grammar fixes

Co-authored-by: lasaro <[email protected]>

* update changelog entry

* adapt ADR to implementation

* remove old ToC entry

---------

Co-authored-by: Andy Nogueira <[email protected]>
Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: lasaro <[email protected]>
(cherry picked from commit bc83503)

# Conflicts:
#	config/config.go
#	config/toml.go
#	docs/architecture/README.md
#	docs/architecture/adr-111-nop-mempool.md
#	docs/core/configuration.md
#	node/node.go
#	node/setup.go

* fix merge conflicts

* add a missing ToC entry

---------

Co-authored-by: Anton Kaliaev <[email protected]>
…ometbft#1685)

* docs: various small improvements (part 2) (cometbft#1683)

* docs: fix the number of connections CometBFT opens

to the ABCI app

* docs: fix link formatting

* docs: make it explicit that default is TCP for ABCI

* docs: replace 'supermajority' with 2/3+

2/3+ is easier to understand. also this is the first time the reader is
seeing the word 'supermajority', which might be confusing without the
defition. The defition for supermajority is absent (maybe it's in the
spec though)

* add a link to jq

* suggestions from Lasaro

(cherry picked from commit 96abada)

# Conflicts:
#	docs/app-dev/indexing-transactions.md
#	docs/core/block-structure.md

* fixes after merge

---------

Co-authored-by: Anton Kaliaev <[email protected]>
…ometbft#1688)

* Do not block indefinitely on the semaphore (cometbft#1654)

* Do not block indefinitely on the semaphore

* Cancel the context, irrespective of the flow followed

* Makes the code more readable

* Improving comment

* make linter happy

* Updating comments to match

* Commenting out `select` and leaving it as TODO for when Contexts are more widely used

* Cleaned up comments

(cherry picked from commit 2679498)

# Conflicts:
#	test/e2e/pkg/manifest.go

* fixes conflict

---------

Co-authored-by: lasaro <[email protected]>
* Add changelog entry

* unclog release

* unclog build

* version: Bump version to v0.38.2

* unclog build
…etbft#1721)

* types: validate Validator#Address field (cometbft#1715)

* types: validate Validator#Address field

* fix TestProposerSelection3

* add a changelog entry

* fix two more tests

* Update .changelog/unreleased/improvements/1715-validate-validator-address

Co-authored-by: Thane Thomson <[email protected]>

---------

Co-authored-by: Thane Thomson <[email protected]>
(cherry picked from commit 63fe7bf)

# Conflicts:
#	state/store_test.go
#	store/store_test.go

* fix conflicts

---------

Co-authored-by: Anton Kaliaev <[email protected]>
…t#1730) (cometbft#1745)

* fix: increase abci socket message size limit to 2GB (cometbft#1730)

* fix: increase abci socket message size to 2GB

* fix: added .changelog

* Update .changelog/unreleased/improvements/1730-increase-abci-socket-message-size-limit

Co-authored-by: Anton Kaliaev <[email protected]>

* fix: use MaxInt32 as message size for 32-bit systems

* Update .changelog/unreleased/improvements/1730-increase-abci-socket-message-size-limit

---------

Co-authored-by: Anton Kaliaev <[email protected]>
Co-authored-by: Thane Thomson <[email protected]>
(cherry picked from commit 092b918)

* Rename 1730-increase-abci-socket-message-size-limit to 1730-increase-abci-socket-message-size-limit.md

---------

Co-authored-by: Troy Kessler <[email protected]>
Co-authored-by: Thane Thomson <[email protected]>
* fix: The calculation method of tx size returned by calling proxyapp should be consistent with that of mempool

* Revert CHANGELOG.md

entries should go into .changelog

---------

Co-authored-by: lasaro <[email protected]>
Co-authored-by: lasaro <[email protected]>
(cherry picked from commit eb5d9ce)

Co-authored-by: leven <[email protected]>
…1759)

* Add test missing in cometbft#1687 (cometbft#1712)

* Experimenting the fix from lx-xiang

* Fixes name in the example

* Reverts fix, so it is merged from the proper branch.

* Adds a test that fails because the validate is wrong and accepts a block that is larger than it should.

* Add changelog for the original PR

* Update internal/state/execution_test.go

(cherry picked from commit ce0215c)

# Conflicts:
#	abci/example/kvstore/kvstore.go

* Solve conflict in the backport

---------

Co-authored-by: lasaro <[email protected]>
* perf(state): batch save `State` (cometbft#1735)

* done stateDB writes batching

* remove forgotten debug print

* remove forgotten comments

* format code

* add a changelog entry

* fix changelog

---------

Co-authored-by: werty144 <[email protected]>
(cherry picked from commit 76b1cce)

* remove duplicate changelog entry

---------

Co-authored-by: Anton Kaliaev <[email protected]>
* Update CODE_OF_CONDUCT.md

Updated the contact email to an `informal.systems` one, and some nits.

* Update CODE_OF_CONDUCT.md

Co-authored-by: Anton Kaliaev <[email protected]>

---------

Co-authored-by: Anton Kaliaev <[email protected]>
(cherry picked from commit bde1111)

Co-authored-by: Adi Seredinschi <[email protected]>
…ns (backport cometbft#1756) (cometbft#1773)

* [e2e] Fixes prepareProposal not to return oversized set of transactions (cometbft#1756)

* Fixes prepareProposal not to return oversized set of transactions

* Update test/e2e/app/app.go

* Fix linting error

* add changelog entry

* Avoid marshalling the tx twice

* removing unneeded changelog

(cherry picked from commit 0bf3f0a)

# Conflicts:
#	test/e2e/app/app.go

* Resolves conflict

---------

Co-authored-by: lasaro <[email protected]>
* batching in store

* save only small blocks as 1 batch

* add changelog

* extract const

* Update .changelog/unreleased/improvements/1755-batch-save-block.md

Co-authored-by: Thane Thomson <[email protected]>

* simplify code

* no need to panic on closing batch

---------

Co-authored-by: werty144 <[email protected]>
Co-authored-by: Thane Thomson <[email protected]>
(cherry picked from commit 30c9cde)

Co-authored-by: Anton Kaliaev <[email protected]>
* chore(docs): small improvements (cometbft#1781)

* docs: remove "Run" section from install

The "Quick Start" guide does a much better job explaining what is
happening, and readers should follow that guide instead.

* docs: move "CometBFT Quality Assurance" down

No reason to have “CometBFT Quality Assurance” as a second item. The
target audience for that document is probably security researchers - not
the primary audience.

* docs: remove cmdKVStore func in favor of link

I can’t see a single reason why users need to see the source code of
that function in order to progress with the abci-cli tool.

Also the link should point to kvstore app, not abci-cli tool!

* docs: swap abci-cli and getting-started items

https://docs.cometbft.com/v0.38/app-dev/getting-started#first-cometbft-app
should go before https://docs.cometbft.com/v0.38/app-dev/abci-cli
because the latter is used to test ABCI applications. And by this point,
the reader doesn’t have an app to test.

* docs: remove "Committing a Block" from validators page

not clear what’s the reason of explaining consensus details in the
validators section. If a validator wants to get familiar with consensus,
shouldn’t it go to consensus spec / page?

* docs: make it clear who curates the validator set

“Validators are expected to be online, and the set of validators is
permissioned/curated by some external process.” This sentence is
confusing to me. The set is curated by the ABCI application.

* docs: replace EndBlock with FinalizeBlock

* docs: add Bash script to compile persistent peers string

Getting an ID from every machine is tedious and can be streamlined with
a script, which, given IPs, collects IDs and outputs the command to run
CometBFT.

(cherry picked from commit 9020ce2)

# Conflicts:
#	docs/app-dev/abci-cli.md
#	docs/core/validators.md
#	docs/data-companion/README.md

* fix conflicts

* correct number for qa item

---------

Co-authored-by: Anton Kaliaev <[email protected]>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… signatures (backport cometbft#1750) (cometbft#1800)

* `VerifyCommitLight` and `VerifyCommitLightTrusting` _never_ check all signatures (cometbft#1750)

* [e2e] Repro evidence bug: not checking all signatures

* _Only_ callsites in the light client should be skipping verification of commit signatures

* Address PR comments

* Rename UT

---------

Co-authored-by: Jasmina Malicevic <[email protected]>
(cherry picked from commit b70c4ab)

# Conflicts:
#	types/validation_test.go

* Revert "`VerifyCommitLight` and `VerifyCommitLightTrusting` _never_ check all signatures (cometbft#1750)"

This reverts commit c14ff96.

* `VerifyCommitLight` and `VerifyCommitLightTrusting` _never_ check all signatures (cometbft#1750)

* [e2e] Repro evidence bug: not checking all signatures

* _Only_ callsites in the light client should be skipping verification of commit signatures

* Address PR comments

* Rename UT

---------

Co-authored-by: Jasmina Malicevic <[email protected]>

---------

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Jasmina Malicevic <[email protected]>
…etbft#1804) (cometbft#1813)

* chore(spec): specify which fields must be deterministic (cometbft#1804)

* spec: specify which fields must be deterministic

Closes cometbft#1622

* proto: add comment to `events` field

* spec: align spec for CheckTx Response with implementation

* change No to N/A in methods not involved in SMR

* change No to N/A in Info method as well

* same for snapshot

(cherry picked from commit 7c6951f)

# Conflicts:
#	proto/cometbft/abci/v1/types.proto
#	spec/abci/abci++_basic_concepts.md
#	spec/abci/abci++_methods.md

* fix conflicts

---------

Co-authored-by: Anton Kaliaev <[email protected]>
(cherry picked from commit 437391a)

Co-authored-by: Sergio Mena <[email protected]>
…ft#1798) (cometbft#1832)

* chore(docs): explain the effect of `timeout_propose` (cometbft#1798)

* docs: explain the effect of `timeout_propose`

on the proposer selection process.

Closes cometbft#1586

* fix example

Co-authored-by: Hernán Vanzetto <[email protected]>

* small improvement

cometbft#1798 (comment)

* fix typo

---------

Co-authored-by: Hernán Vanzetto <[email protected]>
(cherry picked from commit 61d508e)

# Conflicts:
#	docs/core/configuration.md
#	test/e2e/pkg/infra/digitalocean/digitalocean.go

* fix conflicts

---------

Co-authored-by: Anton Kaliaev <[email protected]>
* Backport changelog for cometbft#896

* cometbft#896 was committed before , so moving it to the right release
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ft#1863)

* Updates go crypto package to v0.17.0 (cometbft#1859)

(cherry picked from commit fd87fda)

# Conflicts:
#	go.mod
#	go.sum

* Solving conflict

---------

Co-authored-by: lasaro <[email protected]>
dependabot bot and others added 23 commits September 9, 2024 05:00
…metbft#4024)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.39.0 to 1.40.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.40.1</h2>
<p>Release v1.40.1</p>
<h2>v1.40.0</h2>
<p>Release v1.40.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/2dbfb63c8b0cc4f1707ba5dd23017e998a25b2f0"><code>2dbfb63</code></a>
Release v1.40.1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/223">#223</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/51c53201f0da34af376e0b998c889ebb2813d479"><code>51c5320</code></a>
Release v1.40.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/222">#222</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.39.0...v1.40.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.39.0&new-version=1.40.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rejected_txs` (backport cometbft#4019) (cometbft#4052)

#### PR checklist

- [ ] Tests written/updated
- [x] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
- [X] Updated relevant documentation (`docs/` or `spec/`) and code
comments
<hr>This is an automatic backport of pull request cometbft#4019 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: Hernán Vanzetto <[email protected]>
Co-authored-by: hvanz <[email protected]>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
### Context
We are updating CometBFT dependencies to fix new CVE vulnerabilities.
Cometbft-db v0.9.5 updates its Go version to 1.22 and updates some of
its dependencies vulnerable to CVEs.
See its
[CHANGELOG](https://github.com/cometbft/cometbft-db/blob/v0.9.x/CHANGELOG.md#v095)

### This Change
This PR updates cometbft-db to v0.9.5.

---

#### PR checklist

~- [ ] Tests written/updated~
- [ ] Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)
~- [ ] Updated relevant documentation (`docs/` or `spec/`) and code
comments~
<hr>This is an automatic backport of pull request cometbft#4059 done by
[Mergify](https://mergify.com).<hr>This is an automatic backport of pull
request cometbft#4072 done by [Mergify](https://mergify.com).

---------

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <[email protected]>
…ft#2073)

This is an automatic backport of pull request cometbft#2046 done by
[Mergify](https://mergify.com).
Cherry-pick of 2bbb5c1 has failed:
```
On branch mergify/bp/v0.38.x/pr-2046
Your branch is up to date with 'origin/v0.38.x'.

You are currently cherry-picking commit 2bbb5c1.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   scripts/mockery_generate.sh
	deleted:    tools/proto/Dockerfile
	deleted:    tools/tools.go
	modified:   types/params.go

Unmerged paths:
  (use "git add/rm <file>..." as appropriate to mark resolution)
	both modified:   go.mod
	both modified:   go.sum
	deleted by them: tools/README.md

```


To fix up this pull request, you can check it out locally. See
documentation:
https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

---


<details>
<summary>Mergify commands and options</summary>

<br />

More conditions and actions can be found in the
[documentation](https://docs.mergify.com/).

You can also trigger Mergify actions by commenting on this pull request:

- `@Mergifyio refresh` will re-evaluate the rules
- `@Mergifyio rebase` will rebase this PR on its base branch
- `@Mergifyio update` will merge the base branch into this PR
- `@Mergifyio backport <destination>` will backport this PR on
`<destination>` branch

Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you
can:

- look at your merge queues
- generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com
</details>

---------

Co-authored-by: Jacob Gadikian <[email protected]>
Co-authored-by: Anton Kaliaev <[email protected]>
…3910)

Bumps [gonum.org/v1/gonum](https://github.com/gonum/gonum) from 0.12.0
to 0.15.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gonum/gonum/releases">gonum.org/v1/gonum's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.1</h2>
<p>Release v0.15.1 is a bug fix release in the v0.15 branch.</p>
<p>Fixes since v0.15.0:</p>
<p>b6147192 stat/distuv: correct Gamma Mode() and LogProb(0)/Prob(0) for
alpha &lt;= 1
5bc3fec2 mat: fix dst matrix shape check in QR.RTo
354eb431 mat: calculate Q elements lazily when calling QR.At</p>
<h2>v0.15.0</h2>
<p>Release v0.15.0 is a minor release in the v0.15 branch.</p>
<p>Bug fixes/improvements since v0.14.0:</p>
<p>269815f0 spatial/curve: new package to constuct 2-, 3- and 4-D
Hilbert curves
b27ae13f lapack/gonum: add Dptcon
55edfc1d lapack/testlapack: add dlanst
3462e90a lapack/gonum: add Dptsv
44d84c93 lapack/gonum: add Dpttrs
c4e3bfbe lapack/gonum: add Dpttrf
fa306f21 lapack/gonum: handle NaN and Inf input to Dgecon
db43f45c graph/path: do not keep duplicate paths in YenKShortestPaths
5e05b179 lapack/gonum: fix accumulation in Dlassq
606793d4 stat/distmv: add EigenSym interface
ff24a548 stat/distmv: add special case in NormalRandCov for mat.EigenSym
83fd3a6d mat: add RawValues and RawQ to EigenSym
999e48d0 mat: make EigenSym satisfy Matrix
71ca02b7 mat: delegate to SolveTo method in *Dense.Solve
f560d5cb stat/distmv: add NormalRandCov
b2722176 mat: make LQ satisfy Matrix
78bc3a48 mat: add VecDense.Permute
6e2f5c58 lapack/gonum: require exact length of tau in QR routines
bd767ae5 mat: don't panic in Dims on zero Cholesky types
45b74210 mat: make QR satisfy Matrix
aef3c5f3 mat: make LU satisfy Matrix
2d1137f1 mat: add LU.RowPivots and deprecate LU.Pivot
ef75f4dd mat: return U and ColumnPivots from PivotedCholesky
5f74663e mat: add Dense.PermuteRows and PermuteCols
ff3e3209 lapack/lapack64: add Geqp3 and clean up docs
7df15c33 lapack/gonum: clean up Dgghrd and its test
f0a57a45 lapack/gonum: add Dgghrd and its test
7bed099d lapack/gonum: clean up Dlanhs and its test
aa92aa08 spatial/kdtree: update value in place in NKeeper.Keep</p>
<h2>v0.14.0</h2>
<p>Release v0.14.0 is a minor release in the v0.14 branch.</p>
<p>API breaking changes:</p>
<p>9e7bb936 graph/path: allow cost-based Yen shortest path
calculation</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gonum/gonum/commit/bdcda9a453049449163d160b98285b64ec8093a1"><code>bdcda9a</code></a>
graph: use slices package for sorting and reversing slices</li>
<li><a
href="https://github.com/gonum/gonum/commit/a9b228ed6bdcfafd52ce8ba413595310823a0004"><code>a9b228e</code></a>
A+C: add Tristan Nicholls</li>
<li><a
href="https://github.com/gonum/gonum/commit/1f29d7b1d1724243c9f4a156cb1e16c9cbb15de1"><code>1f29d7b</code></a>
mat: calculate Q elements lazily when calling QR.At</li>
<li><a
href="https://github.com/gonum/gonum/commit/f1a62e187e273b2d99f9c2a04fa8931df9c22947"><code>f1a62e1</code></a>
mat: fix dst matrix shape check in QR.RTo</li>
<li><a
href="https://github.com/gonum/gonum/commit/4cb1c6f4a863dd4bde148d9b8736b7d69af4b75b"><code>4cb1c6f</code></a>
ci,mod: update to go1.23</li>
<li><a
href="https://github.com/gonum/gonum/commit/0c62273e338b91cd9578ed93572c693ba55e1eaa"><code>0c62273</code></a>
A+C: add Dirk Müller</li>
<li><a
href="https://github.com/gonum/gonum/commit/0efa2841bf9d1f6ad3b4f5638089c8d6cc72f51e"><code>0efa284</code></a>
A+C: add Tom Payne</li>
<li><a
href="https://github.com/gonum/gonum/commit/f48364e31d40fb9c3b6de7b7d20223edd6d49779"><code>f48364e</code></a>
interp: increase speed of findSegment</li>
<li><a
href="https://github.com/gonum/gonum/commit/1dd194f95b64cda4727b9548bcd2471b4372c7c8"><code>1dd194f</code></a>
stat/distuv: correct Gamma Mode doc comment</li>
<li><a
href="https://github.com/gonum/gonum/commit/35bb474ac513c77971be8e1e9ab2bd1eaca07c79"><code>35bb474</code></a>
stat/distuv: correct Gamma Mode() and LogProb(0)/Prob(0) for alpha &lt;=
1</li>
<li>Additional commits viewable in <a
href="https://github.com/gonum/gonum/compare/v0.12.0...v0.15.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gonum.org/v1/gonum&package-manager=go_modules&previous-version=0.12.0&new-version=0.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…metbft#4096)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.40.1 to 1.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.41.0</h2>
<p>Release v1.41.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/2881ede27923557cb71f4ddc8954905c2639d1fb"><code>2881ede</code></a>
Release v1.41.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/224">#224</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.40.1...v1.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.40.1&new-version=1.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4123) (cometbft#4145)

it happens in benchmark or production when traffic is high, the log
frequency is very high because it's triggered by p2p tx propagation
message.

Solution:
- change it to debug level
<hr>This is an automatic backport of pull request cometbft#4123 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: yihuang <[email protected]>
Co-authored-by: Andy Nogueira <[email protected]>
…metbft#4160)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.41.0 to 1.42.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.42.0</h2>
<p>Release v1.42.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/a8b4a18369a5feb07d4bf9cb2b24f81d105d7bab"><code>a8b4a18</code></a>
Release v1.42.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/225">#225</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.41.0...v1.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.41.0&new-version=1.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bft#4194)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.7.0 to 6.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.8.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.37.1 to 0.38.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1230">docker/build-push-action#1230</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/32945a339266b759abcbdc89316275140b0fc960"><code>32945a3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1230">#1230</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e0fe9cf0f26132beab7b62929bd647eef9e7df31"><code>e0fe9cf</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/8f1ff6bf9a836299c21b10f942be49efb52a832c"><code>8f1ff6b</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.37.1 to
0.38.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.7.0&new-version=6.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4207)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git)
from 5.11.0 to 5.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's
releases</a>.</em></p>
<blockquote>
<h2>v5.12.0</h2>
<h2>What's Changed</h2>
<ul>
<li>git: Worktree.AddWithOptions: add skipStatus option when providing a
specific path by <a
href="https://github.com/moranCohen26"><code>@​moranCohen26</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li>
<li>git: Signer: fix usage of crypto.Signer interface by <a
href="https://github.com/wlynch"><code>@​wlynch</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1029">go-git/go-git#1029</a></li>
<li>git: Remote, fetch, adds the prune option. by <a
href="https://github.com/juliens"><code>@​juliens</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li>
<li>git: Add crypto.Signer option to CommitOptions. by <a
href="https://github.com/wlynch"><code>@​wlynch</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li>
<li>git: Worktree checkout tag hash id (<a
href="https://redirect.github.com/go-git/go-git/issues/959">#959</a>) by
<a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/966">go-git/go-git#966</a></li>
<li>git: Worktree, Don't panic on empty or root path when checking if it
is valid by <a
href="https://github.com/tim775"><code>@​tim775</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li>
<li>git: Add commit validation for Reset by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1048">go-git/go-git#1048</a></li>
<li>git: worktree_commit, Fix amend commit to apply changes. Fixes <a
href="https://redirect.github.com/go-git/go-git/issues/1024">#1024</a>
by <a href="https://github.com/onee-only"><code>@​onee-only</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/1045">go-git/go-git#1045</a></li>
<li>git: Implement Merge function with initial
<code>FastForwardMerge</code> support by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1044">go-git/go-git#1044</a></li>
<li>plumbing: object, Make first commit visible on logs filtered with
filename. Fixes <a
href="https://redirect.github.com/go-git/go-git/issues/191">#191</a> by
<a href="https://github.com/onee-only"><code>@​onee-only</code></a> in
<a
href="https://redirect.github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li>
<li>plumbing: no panic in printStats function. Fixes <a
href="https://redirect.github.com/go-git/go-git/issues/177">#177</a> by
<a href="https://github.com/nodivbyzero"><code>@​nodivbyzero</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/971">go-git/go-git#971</a></li>
<li>plumbing: object, Optimize logging with file. by <a
href="https://github.com/onee-only"><code>@​onee-only</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1046">go-git/go-git#1046</a></li>
<li>plumbing: object, check legitimacy in (*Tree).Encode by <a
href="https://github.com/niukuo"><code>@​niukuo</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li>
<li>plumbing: format/gitattributes, close file in ReadAttributesFile by
<a href="https://github.com/prskr"><code>@​prskr</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li>
<li>plumbing: check setAuth error. Fixes <a
href="https://redirect.github.com/go-git/go-git/issues/185">#185</a> by
<a href="https://github.com/nodivbyzero"><code>@​nodivbyzero</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/969">go-git/go-git#969</a></li>
<li>plumbing: object, fix variable defaultUtf8CommitMessageEncoding name
spell error by <a
href="https://github.com/Jerry-yz"><code>@​Jerry-yz</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li>
<li>utils: merkletrie, calculate filesystem node's hash lazily. by <a
href="https://github.com/candid82"><code>@​candid82</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li>
<li>utils: update comment in node.go's Hash() by <a
href="https://github.com/codablock"><code>@​codablock</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li>
<li>_example: fix 404 link and added ssh-agent clone link by <a
href="https://github.com/grinish21"><code>@​grinish21</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li>
<li>_example: checkout-branch example by <a
href="https://github.com/dlambda"><code>@​dlambda</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li>
<li>_example: example for git clone using ssh-agent by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/998">go-git/go-git#998</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/candid82"><code>@​candid82</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/825">go-git/go-git#825</a></li>
<li><a href="https://github.com/codablock"><code>@​codablock</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/992">go-git/go-git#992</a></li>
<li><a href="https://github.com/Jerry-yz"><code>@​Jerry-yz</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/987">go-git/go-git#987</a></li>
<li><a href="https://github.com/wlynch"><code>@​wlynch</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/996">go-git/go-git#996</a></li>
<li><a
href="https://github.com/moranCohen26"><code>@​moranCohen26</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/994">go-git/go-git#994</a></li>
<li><a href="https://github.com/grinish21"><code>@​grinish21</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/1022">go-git/go-git#1022</a></li>
<li><a href="https://github.com/prskr"><code>@​prskr</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/1018">go-git/go-git#1018</a></li>
<li><a href="https://github.com/dlambda"><code>@​dlambda</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/446">go-git/go-git#446</a></li>
<li><a href="https://github.com/juliens"><code>@​juliens</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/366">go-git/go-git#366</a></li>
<li><a href="https://github.com/onee-only"><code>@​onee-only</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/1036">go-git/go-git#1036</a></li>
<li><a href="https://github.com/tim775"><code>@​tim775</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/1042">go-git/go-git#1042</a></li>
<li><a href="https://github.com/niukuo"><code>@​niukuo</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/967">go-git/go-git#967</a></li>
<li><a
href="https://github.com/avoidalone"><code>@​avoidalone</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/1047">go-git/go-git#1047</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/go-git/go-git/commit/302dddeda962e4bb3477a8e4080bc6f5a253e2bb"><code>302ddde</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/1060">#1060</a>
from go-git/dependabot/go_modules/github.com/gliderl...</li>
<li><a
href="https://github.com/go-git/go-git/commit/6bba34deab858ad5d74733686f0a8b4c2940f388"><code>6bba34d</code></a>
build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7</li>
<li><a
href="https://github.com/go-git/go-git/commit/feaeb36df2438dd5f861be2c1041f4e07c126233"><code>feaeb36</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/937">#937</a>
from matejrisek/feature/rename-short-fields</li>
<li><a
href="https://github.com/go-git/go-git/commit/7959a42552a99b2e2df21a6aacafc97b2b5c7457"><code>7959a42</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/1052">#1052</a>
from go-git/dependabot/go_modules/github.com/skeema/...</li>
<li><a
href="https://github.com/go-git/go-git/commit/4c17ce7c6a7936a61cea17bee56daf5d9c2b21e4"><code>4c17ce7</code></a>
build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2</li>
<li><a
href="https://github.com/go-git/go-git/commit/3f77e6f0292bdabb6368a42ef0f5fa925ed42f60"><code>3f77e6f</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/1048">#1048</a>
from pjbgf/fix-reset-validation</li>
<li><a
href="https://github.com/go-git/go-git/commit/6af38e000608a795320cd17c99491853f0b8ad3a"><code>6af38e0</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/1047">#1047</a>
from avoidalone/master</li>
<li><a
href="https://github.com/go-git/go-git/commit/e6c3e58198d176c497bb2dba1a2adb9302597676"><code>e6c3e58</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/1044">#1044</a>
from pjbgf/ff-merge</li>
<li><a
href="https://github.com/go-git/go-git/commit/04f7b23cbb85040a276ab2b7d6879223779451fd"><code>04f7b23</code></a>
*: fix some comments</li>
<li><a
href="https://github.com/go-git/go-git/commit/f4f1a876e622c45ed51d05df1298d421a6868fcc"><code>f4f1a87</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/971">#971</a>
from nodivbyzero/fix-177-diff-print-file-stats</li>
<li>Additional commits viewable in <a
href="https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.11.0&new-version=5.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ometbft#4205)

Bumps
[github.com/sasha-s/go-deadlock](https://github.com/sasha-s/go-deadlock)
from 0.3.1 to 0.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sasha-s/go-deadlock/releases">github.com/sasha-s/go-deadlock's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add missing sync.NewCond wrapper by <a
href="https://github.com/ncw"><code>@​ncw</code></a> in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li>
<li>fixed the comment of Opts.DeadlockTimeout in deadlock.go by <a
href="https://github.com/h3n4l"><code>@​h3n4l</code></a> in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li>
<li>deadlock: Add TryLock wrappers by <a
href="https://github.com/jrajahalme"><code>@​jrajahalme</code></a> in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li>
<li>Reuse timers with sync.Pool by <a
href="https://github.com/millfort"><code>@​millfort</code></a> in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/31">sasha-s/go-deadlock#31</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ncw"><code>@​ncw</code></a> made their
first contribution in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/22">sasha-s/go-deadlock#22</a></li>
<li><a href="https://github.com/h3n4l"><code>@​h3n4l</code></a> made
their first contribution in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/23">sasha-s/go-deadlock#23</a></li>
<li><a
href="https://github.com/jrajahalme"><code>@​jrajahalme</code></a> made
their first contribution in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/30">sasha-s/go-deadlock#30</a></li>
<li><a href="https://github.com/millfort"><code>@​millfort</code></a>
made their first contribution in <a
href="https://redirect.github.com/sasha-s/go-deadlock/pull/31">sasha-s/go-deadlock#31</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sasha-s/go-deadlock/compare/v0.3.1...v0.3.3">https://github.com/sasha-s/go-deadlock/compare/v0.3.1...v0.3.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/464d34347a399b840a4f963cc96dfc993ccf8c62"><code>464d343</code></a>
update github workflows to test on go 1.23</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/564b73de7bb88918c298624d530f83efcec20cbf"><code>564b73d</code></a>
update goid</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/ed6f7f6d979ce0a3df1ba7683c7735373a9a97c7"><code>ed6f7f6</code></a>
Reuse timers with sync.Pool (<a
href="https://redirect.github.com/sasha-s/go-deadlock/issues/31">#31</a>)</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/20e556a2e9adcf7184892aeb8d5f254293e505d7"><code>20e556a</code></a>
deadlock: Add TryLock wrappers (<a
href="https://redirect.github.com/sasha-s/go-deadlock/issues/30">#30</a>)</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/5afde13977e624ab3bd64e5801f75f9e8eb1f41b"><code>5afde13</code></a>
fixed the comment of Opts.DeadlockTimeout in deadlock.go (<a
href="https://redirect.github.com/sasha-s/go-deadlock/issues/23">#23</a>)</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/f58e13930c01bb88ec001b9eddffa3c2afcadbeb"><code>f58e139</code></a>
Add missing sync.NewCond wrapper (<a
href="https://redirect.github.com/sasha-s/go-deadlock/issues/22">#22</a>)</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/4a6d8f385ee1559eaf7147969730022208b3506f"><code>4a6d8f3</code></a>
Create go.yml</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/e8cdaa485d8bad7743135de6082a4332c83592c4"><code>e8cdaa4</code></a>
update go versions in CI</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/1182f7860fd571d1092e0483285e995aff8a0a70"><code>1182f78</code></a>
Update Readme.md</li>
<li><a
href="https://github.com/sasha-s/go-deadlock/commit/82c26c5c235b3c675d9ddfda5792ab33a1f171f8"><code>82c26c5</code></a>
migrate to travis-ci.com</li>
<li>See full diff in <a
href="https://github.com/sasha-s/go-deadlock/compare/v0.3.1...v0.3.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/sasha-s/go-deadlock&package-manager=go_modules&previous-version=0.3.1&new-version=0.3.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
)

Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.7 to
1.10.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lib/pq/releases">github.com/lib/pq's
releases</a>.</em></p>
<blockquote>
<h2>v1.10.9</h2>
<ul>
<li>Fixes backwards incompat bug with 1.13.</li>
<li>Fixes pgpass issue</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lib/pq/commit/2a217b94f5ccd3de31aec4152a541b9ff64bed05"><code>2a217b9</code></a>
add version check for go 1.15 (<a
href="https://redirect.github.com/lib/pq/issues/1123">#1123</a>)</li>
<li><a
href="https://github.com/lib/pq/commit/d8d93a38df0048951ff15830d793024f890f6c3c"><code>d8d93a3</code></a>
fix handle pgpass (<a
href="https://redirect.github.com/lib/pq/issues/1120">#1120</a>)</li>
<li><a
href="https://github.com/lib/pq/commit/c10fcfec9389c2e257cf50b7e6d218dde1d062f4"><code>c10fcfe</code></a>
remove stray debugging code</li>
<li><a
href="https://github.com/lib/pq/commit/96e73eb9aa7ba849b24eae15477456d8bbb1c9b7"><code>96e73eb</code></a>
conn: Implement driver.Validator, SessionResetter for cancelation</li>
<li><a
href="https://github.com/lib/pq/commit/922c00e176fb3960d912dc2c7f67ea2cf18d27b0"><code>922c00e</code></a>
Update codeql-analysis.yml</li>
<li><a
href="https://github.com/lib/pq/commit/a2a317360bd33f51c5804bde348c35a65f5644b1"><code>a2a3173</code></a>
Update test.yml</li>
<li><a
href="https://github.com/lib/pq/commit/3a6282fb835a9901f95a9ba9c3b21e16afed61f3"><code>3a6282f</code></a>
Reduced the complexity of handlePgpass (<a
href="https://redirect.github.com/lib/pq/issues/1101">#1101</a>)</li>
<li><a
href="https://github.com/lib/pq/commit/133ac67c2960135f7e0823cb7ba858101ba3d87f"><code>133ac67</code></a>
Improved the performance of CopyIn and CopyInSchema and added
BufferQuoteIden...</li>
<li>See full diff in <a
href="https://github.com/lib/pq/compare/v1.10.7...v1.10.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/lib/pq&package-manager=go_modules&previous-version=1.10.7&new-version=1.10.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ometbft#4204)

Bumps
[github.com/prometheus/common](https://github.com/prometheus/common)
from 0.57.0 to 0.59.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/common/releases">github.com/prometheus/common's
releases</a>.</em></p>
<blockquote>
<h2>v0.59.1</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(utf8): Fix multiple metric name inside braces validation by <a
href="https://github.com/fedetorres93"><code>@​fedetorres93</code></a>
in <a
href="https://redirect.github.com/prometheus/common/pull/691">prometheus/common#691</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.59.0...v0.59.1">https://github.com/prometheus/common/compare/v0.59.0...v0.59.1</a></p>
<h2>v0.59.0</h2>
<h2>What's Changed</h2>
<ul>
<li>expfmt: Add WithEscapingScheme to help construct Formats by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/688">prometheus/common#688</a></li>
<li>Change the default escape method to UnderscoreEscaping by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/690">prometheus/common#690</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.58.0...v0.59.0">https://github.com/prometheus/common/compare/v0.58.0...v0.59.0</a></p>
<h2>v0.58.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: mention new promslog package in package list in README by <a
href="https://github.com/tjhop"><code>@​tjhop</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/683">prometheus/common#683</a></li>
<li>Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/684">prometheus/common#684</a></li>
<li>Bump golang.org/x/net from 0.27.0 to 0.28.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/685">prometheus/common#685</a></li>
<li>Remove secret file existence check in Validate for headers by <a
href="https://github.com/roidelapluie"><code>@​roidelapluie</code></a>
in <a
href="https://redirect.github.com/prometheus/common/pull/687">prometheus/common#687</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.57.0...v0.58.0">https://github.com/prometheus/common/compare/v0.57.0...v0.58.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/common/commit/be8a747a1cf9f34dd301ff4e9f8527262e66c153"><code>be8a747</code></a>
fix(utf8): Fix multiple metric name inside braces validation (<a
href="https://redirect.github.com/prometheus/common/issues/691">#691</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/bf4843e30aed46215093a79e381b07ba8df96e0a"><code>bf4843e</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/common/issues/690">#690</a>
from ywwg/owilliams/default-escaping</li>
<li><a
href="https://github.com/prometheus/common/commit/01da22614fd688ce9040f3c72169b09b8104eec1"><code>01da226</code></a>
Change the default escape method to UnderscoreEscaping</li>
<li><a
href="https://github.com/prometheus/common/commit/4f8e8f4cacf11e4d69d587e30d99ae7d88cc0878"><code>4f8e8f4</code></a>
expfmt: Add WithEscapingScheme to help construct Formats (<a
href="https://redirect.github.com/prometheus/common/issues/688">#688</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/b1880d0dabb633dbf29b999c6a046637efb602fe"><code>b1880d0</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/common/issues/687">#687</a>
from roidelapluie/checkheader</li>
<li><a
href="https://github.com/prometheus/common/commit/334963d1a28ee07975f6777cf65539ecddb89ae0"><code>334963d</code></a>
Change the logic for SetDirectory</li>
<li><a
href="https://github.com/prometheus/common/commit/d64a7472ab6d74cc6b7984cd36f0c5c6129b7a68"><code>d64a747</code></a>
Remove secret file existence check in Validate for headers</li>
<li><a
href="https://github.com/prometheus/common/commit/06c24259364465e6a0728c58dd1f1c99cc07fc3d"><code>06c2425</code></a>
Bump golang.org/x/net from 0.27.0 to 0.28.0 (<a
href="https://redirect.github.com/prometheus/common/issues/685">#685</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/4606c0a4f9447038e704e4d928b1d0e587e81e63"><code>4606c0a</code></a>
Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (<a
href="https://redirect.github.com/prometheus/common/issues/684">#684</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/d98411bbf37c7f936cef6d32a6ca965588521b4d"><code>d98411b</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/common/issues/683">#683</a>
from tjhop/docs/promslog-README</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/common/compare/v0.57.0...v0.59.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/common&package-manager=go_modules&previous-version=0.57.0&new-version=0.59.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ft#4208)

Bumps [github.com/adlio/schema](https://github.com/adlio/schema) from
1.3.3 to 1.3.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/adlio/schema/releases">github.com/adlio/schema's
releases</a>.</em></p>
<blockquote>
<h2>v1.3.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump golang.org/x/net from 0.10.0 to 0.23.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/30">adlio/schema#30</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/adlio/schema/compare/v1.3.5...v1.3.6">https://github.com/adlio/schema/compare/v1.3.5...v1.3.6</a></p>
<h2>v1.3.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix embedded migrations example by <a
href="https://github.com/kalafut"><code>@​kalafut</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/24">adlio/schema#24</a></li>
<li>Bump golang.org/x/crypto from 0.1.0 to 0.17.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/27">adlio/schema#27</a></li>
<li>Bump github.com/docker/docker from 20.10.24+incompatible to
24.0.7+incompatible by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/26">adlio/schema#26</a></li>
<li>Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/28">adlio/schema#28</a></li>
<li>Bump github.com/docker/docker from 24.0.7+incompatible to
24.0.9+incompatible by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/29">adlio/schema#29</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/adlio/schema/compare/v1.3.4...v1.3.5">https://github.com/adlio/schema/compare/v1.3.4...v1.3.5</a></p>
<h2>v1.3.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump golang.org/x/net from 0.0.0-20220617184016-355a448f1bc9 to
0.7.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/18">adlio/schema#18</a></li>
<li>Update golangci-lint by <a
href="https://github.com/adlio"><code>@​adlio</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/22">adlio/schema#22</a></li>
<li>Bump golang.org/x/crypto from 0.0.0-20201016220609-9e8e0b390897 to
0.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/19">adlio/schema#19</a></li>
<li>Bump github.com/docker/docker from 20.10.17+incompatible to
20.10.24+incompatible by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/21">adlio/schema#21</a></li>
<li>Bump github.com/opencontainers/runc from 1.1.3 to 1.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/adlio/schema/pull/20">adlio/schema#20</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/adlio/schema/compare/v1.3.3...v1.3.4">https://github.com/adlio/schema/compare/v1.3.3...v1.3.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/adlio/schema/commit/3dd37bbbdaec4b0a8e864122ffc5941d79dd37a0"><code>3dd37bb</code></a>
Merge pull request <a
href="https://redirect.github.com/adlio/schema/issues/30">#30</a> from
adlio/dependabot/go_modules/golang.org/x/net-0.23.0</li>
<li><a
href="https://github.com/adlio/schema/commit/898b2da7fa18496ac02ff8c7cc4a6ad1089e4040"><code>898b2da</code></a>
Bump golang.org/x/net from 0.10.0 to 0.23.0</li>
<li><a
href="https://github.com/adlio/schema/commit/3d4bda6646decc46eb5e70806d6ef0aa446f6271"><code>3d4bda6</code></a>
Merge pull request <a
href="https://redirect.github.com/adlio/schema/issues/29">#29</a> from
adlio/dependabot/go_modules/github.com/docker/doc...</li>
<li><a
href="https://github.com/adlio/schema/commit/6cab430cf151260ed7fd86a8a81ea3454b1f2830"><code>6cab430</code></a>
Merge pull request <a
href="https://redirect.github.com/adlio/schema/issues/28">#28</a> from
adlio/dependabot/go_modules/github.com/opencontai...</li>
<li><a
href="https://github.com/adlio/schema/commit/60e7bc511525c50d2da6453b7613f6b466edc6f7"><code>60e7bc5</code></a>
Bump github.com/docker/docker</li>
<li><a
href="https://github.com/adlio/schema/commit/1084587924d92a067d1d94f9e958b9865b307ac2"><code>1084587</code></a>
Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12</li>
<li><a
href="https://github.com/adlio/schema/commit/1b012c934c70723f04025310c1607683f9d95a1c"><code>1b012c9</code></a>
Merge pull request <a
href="https://redirect.github.com/adlio/schema/issues/26">#26</a> from
adlio/dependabot/go_modules/github.com/docker/doc...</li>
<li><a
href="https://github.com/adlio/schema/commit/2330eec246224f782e2f6997b544839445ab0576"><code>2330eec</code></a>
Merge pull request <a
href="https://redirect.github.com/adlio/schema/issues/27">#27</a> from
adlio/dependabot/go_modules/golang.org/x/crypto-0...</li>
<li><a
href="https://github.com/adlio/schema/commit/99d0e6c6c17eaf98330aa592b0f51aa7acb807be"><code>99d0e6c</code></a>
Adjust CircleCI config</li>
<li><a
href="https://github.com/adlio/schema/commit/64f56765a6101f32541967f7360b4c58a61c68ce"><code>64f5676</code></a>
Bump golang.org/x/crypto from 0.1.0 to 0.17.0</li>
<li>Additional commits viewable in <a
href="https://github.com/adlio/schema/compare/v1.3.3...v1.3.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/adlio/schema&package-manager=go_modules&previous-version=1.3.3&new-version=1.3.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ft#4206)

Bumps [github.com/go-kit/kit](https://github.com/go-kit/kit) from 0.12.0
to 0.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/go-kit/kit/releases">github.com/go-kit/kit's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.0</h2>
<p>Go kit v0.13.0 is released, containing mostly minor fixes and
dependency updates.</p>
<h2>What's Changed</h2>
<ul>
<li>Remove unused code by <a
href="https://github.com/sashamelentyev"><code>@​sashamelentyev</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1188">go-kit/kit#1188</a></li>
<li>Use errors.Is for error handling by <a
href="https://github.com/sashamelentyev"><code>@​sashamelentyev</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1187">go-kit/kit#1187</a></li>
<li>Fix docs by <a
href="https://github.com/sashamelentyev"><code>@​sashamelentyev</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1198">go-kit/kit#1198</a></li>
<li>Refactor metrics/cloudwatch by <a
href="https://github.com/sina-devel"><code>@​sina-devel</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1202">go-kit/kit#1202</a></li>
<li>README: add chaseSpace/kit, closes <a
href="https://redirect.github.com/go-kit/kit/issues/1027">#1027</a> by
<a
href="https://github.com/peterbourgon"><code>@​peterbourgon</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1052">go-kit/kit#1052</a></li>
<li>feat: move from <code>streadway/amqp</code> to
<code>rabbitmq-amqp091-go</code> by <a
href="https://github.com/Juneezee"><code>@​Juneezee</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1210">go-kit/kit#1210</a></li>
<li>feat(http): make interceptingWriter reimplement common interfaces by
<a href="https://github.com/Reasno"><code>@​Reasno</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1212">go-kit/kit#1212</a></li>
<li>Fixes Framework Beego URL by <a
href="https://github.com/vpereira01"><code>@​vpereira01</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1219">go-kit/kit#1219</a></li>
<li>Fixed instancer loop logic that was causing Consul to get spammed by
<a href="https://github.com/jkratz55"><code>@​jkratz55</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1215">go-kit/kit#1215</a></li>
<li>go.mod | go.sum: update dependencies for prometheus client_golang by
<a href="https://github.com/vcruzmj"><code>@​vcruzmj</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1225">go-kit/kit#1225</a></li>
<li>ci: add go 1.18 by <a
href="https://github.com/sashamelentyev"><code>@​sashamelentyev</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1233">go-kit/kit#1233</a></li>
<li>Update README.md by <a
href="https://github.com/cxtruong70"><code>@​cxtruong70</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1239">go-kit/kit#1239</a></li>
<li>ci: add go 1.19 by <a
href="https://github.com/sashamelentyev"><code>@​sashamelentyev</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1245">go-kit/kit#1245</a></li>
<li>go.mod | go.sum: Update nats-io/jwt/v2 &amp; nats-io/nats-server/v2
dependencies to fix CVE-2021-3127 &amp; CVE-2022-24450 by <a
href="https://github.com/denopink"><code>@​denopink</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1237">go-kit/kit#1237</a></li>
<li>Update link pointing to protobuf generator by <a
href="https://github.com/sagikazarmark"><code>@​sagikazarmark</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1248">go-kit/kit#1248</a></li>
<li>Update github.com/hashicorp/serf and github.com/hashicorp/consul/api
to fix CVE-2019-19794 by <a
href="https://github.com/francogeller"><code>@​francogeller</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1250">go-kit/kit#1250</a></li>
<li>Replace microgen with the maintained fork by <a
href="https://github.com/ShayNehmad-RecoLabs"><code>@​ShayNehmad-RecoLabs</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1254">go-kit/kit#1254</a></li>
<li>Remove dead link to code generator from README by <a
href="https://github.com/heymatthew"><code>@​heymatthew</code></a> in <a
href="https://redirect.github.com/go-kit/kit/pull/1256">go-kit/kit#1256</a></li>
<li>README: update codegen link to truss by <a
href="https://github.com/matthewhartstonge"><code>@​matthewhartstonge</code></a>
in <a
href="https://redirect.github.com/go-kit/kit/pull/1262">go-kit/kit#1262</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/sashamelentyev"><code>@​sashamelentyev</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1188">go-kit/kit#1188</a></li>
<li><a
href="https://github.com/sina-devel"><code>@​sina-devel</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1202">go-kit/kit#1202</a></li>
<li><a href="https://github.com/Juneezee"><code>@​Juneezee</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1210">go-kit/kit#1210</a></li>
<li><a href="https://github.com/Reasno"><code>@​Reasno</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1212">go-kit/kit#1212</a></li>
<li><a
href="https://github.com/vpereira01"><code>@​vpereira01</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1219">go-kit/kit#1219</a></li>
<li><a href="https://github.com/jkratz55"><code>@​jkratz55</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1215">go-kit/kit#1215</a></li>
<li><a href="https://github.com/vcruzmj"><code>@​vcruzmj</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1225">go-kit/kit#1225</a></li>
<li><a
href="https://github.com/cxtruong70"><code>@​cxtruong70</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1239">go-kit/kit#1239</a></li>
<li><a href="https://github.com/denopink"><code>@​denopink</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1237">go-kit/kit#1237</a></li>
<li><a
href="https://github.com/francogeller"><code>@​francogeller</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1250">go-kit/kit#1250</a></li>
<li><a
href="https://github.com/ShayNehmad-RecoLabs"><code>@​ShayNehmad-RecoLabs</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1254">go-kit/kit#1254</a></li>
<li><a
href="https://github.com/heymatthew"><code>@​heymatthew</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1256">go-kit/kit#1256</a></li>
<li><a
href="https://github.com/matthewhartstonge"><code>@​matthewhartstonge</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-kit/kit/pull/1262">go-kit/kit#1262</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0">https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/go-kit/kit/commit/dfe43fa6a8d72c23e2205d0b80e762346e203f78"><code>dfe43fa</code></a>
README: update codegen link to truss (<a
href="https://redirect.github.com/go-kit/kit/issues/1262">#1262</a>)</li>
<li><a
href="https://github.com/go-kit/kit/commit/7f14cb4dc16cd4005dc7770c131ae685cc4943b7"><code>7f14cb4</code></a>
Remove dead link to code generator from README (<a
href="https://redirect.github.com/go-kit/kit/issues/1256">#1256</a>)</li>
<li><a
href="https://github.com/go-kit/kit/commit/e923d5df8514423885b3a6d25cd44ae1d1db6d9d"><code>e923d5d</code></a>
Replace microgen with the maintained fork (<a
href="https://redirect.github.com/go-kit/kit/issues/1254">#1254</a>)</li>
<li><a
href="https://github.com/go-kit/kit/commit/a7ba4fa4e2898501f7f0969fee1050ff7a55e9e9"><code>a7ba4fa</code></a>
Update github.com/hashicorp/serf and github.com/hashicorp/consul/api (<a
href="https://redirect.github.com/go-kit/kit/issues/1250">#1250</a>)</li>
<li><a
href="https://github.com/go-kit/kit/commit/04090c3c7422dd9e1f20908709b00c58e36c2dae"><code>04090c3</code></a>
Update link pointing to protobuf generator (<a
href="https://redirect.github.com/go-kit/kit/issues/1248">#1248</a>)</li>
<li><a
href="https://github.com/go-kit/kit/commit/62c81a0f3047b5d4a6e437c7c2d5eda799fe91c3"><code>62c81a0</code></a>
Update nats-io/jwt/v2 &amp; nats-io/nats-server/v2 dependencies to fix
CVE-2021-3...</li>
<li><a
href="https://github.com/go-kit/kit/commit/0cd2b272b599cb0cda4b16c5de50370d29e0298c"><code>0cd2b27</code></a>
Merge pull request <a
href="https://redirect.github.com/go-kit/kit/issues/1245">#1245</a> from
sashamelentyev/patch-1</li>
<li><a
href="https://github.com/go-kit/kit/commit/35bf40162e2583c662d5cb0487a5ca5e7e984de8"><code>35bf401</code></a>
ci: add go 1.19</li>
<li><a
href="https://github.com/go-kit/kit/commit/50c38262a8c71be2532f45100e622025bc5ffedf"><code>50c3826</code></a>
Update README.md (<a
href="https://redirect.github.com/go-kit/kit/issues/1239">#1239</a>)</li>
<li><a
href="https://github.com/go-kit/kit/commit/44ed82941aa3943b669b41ba3736d05b0383a8e8"><code>44ed829</code></a>
ci: add go 1.18 (<a
href="https://redirect.github.com/go-kit/kit/issues/1233">#1233</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-kit/kit&package-manager=go_modules&previous-version=0.12.0&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…1.20.4 (cometbft#4203)

Bumps
[github.com/prometheus/client_golang](https://github.com/prometheus/client_golang)
from 1.20.1 to 1.20.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's
releases</a>.</em></p>
<blockquote>
<h2>v1.20.4</h2>
<ul>
<li>[BUGFIX] histograms: Fix a possible data race when appending
exemplars vs metrics gather. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a></li>
</ul>
<h2>v1.20.3</h2>
<ul>
<li>[BUGFIX] histograms: Fix possible data race when appending
exemplars. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a></li>
</ul>
<h2>v1.20.2</h2>
<ul>
<li>[BUGFIX] promhttp: Unset Content-Encoding header when data is
uncompressed. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1596">#1596</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's
changelog</a>.</em></p>
<blockquote>
<h2>Unreleased</h2>
<ul>
<li>[BUGFIX] histograms: Fix possible data race when appending exemplars
vs metrics gather. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a></li>
</ul>
<h2>1.20.3 / 2024-09-05</h2>
<ul>
<li>[BUGFIX] histograms: Fix possible data race when appending
exemplars. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a></li>
</ul>
<h2>1.20.2 / 2024-08-23</h2>
<ul>
<li>[BUGFIX] promhttp: Unset Content-Encoding header when data is
uncompressed. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1596">#1596</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/client_golang/commit/05fcde9fe4eb93d3fb7b56ebe51acf80536f0583"><code>05fcde9</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a>
from krajorama/data-race-in-histogram-write</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/209f4c041ed1764866f44dd053a8d94aa051c610"><code>209f4c0</code></a>
Add changelog</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/1e398ccb1259d20836e3003885bdd949cb21e635"><code>1e398cc</code></a>
native histogram: Fix race between Write and addExemplar</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/ef2f87ea986252194ea960187b20b409180044dd"><code>ef2f87e</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1620">#1620</a>
from prometheus/arthursens/prepare-1.20.3</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/937ac63d3d2dda83847f4ca842d62edabce4e743"><code>937ac63</code></a>
Add changelog entry for 1.20.3</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/6e9914db5af255f5def17d54a7ca9c531771f4ca"><code>6e9914d</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a>
from krajorama/index-out-of-range-native-histogram-e...</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/d6b8c8925bd16626cf168e642eb70724b17a0d61"><code>d6b8c89</code></a>
Update comments with more explanations</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/504566f07c680f68743c3a5d239dede48538c7ec"><code>504566f</code></a>
Use simplified solution from <a
href="https://redirect.github.com/prometheus/client_golang/issues/1609">#1609</a>
for the data race</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/dc8e9a4d8a4c7c64d5ae2c9d29a91bb1407d549b"><code>dc8e9a4</code></a>
fix: native histogram: Simplify and fix addExemplar</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/dc819ceb1b0f906f1ab124f7492693970733a54d"><code>dc819ce</code></a>
Use a trivial solution to <a
href="https://redirect.github.com/prometheus/client_golang/issues/1605">#1605</a></li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/client_golang/compare/v1.20.1...v1.20.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/client_golang&package-manager=go_modules&previous-version=1.20.1&new-version=1.20.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…bft#4202)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from
1.66.1 to 1.67.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's
releases</a>.</em></p>
<blockquote>
<h2>Release 1.67.0</h2>
<h1>Bug Fixes</h1>
<ul>
<li>ringhash: when used with multiple EDS priorities, fix bug that could
prevent a higher priority from recovering from transient failure. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7364">#7364</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/atollena"><code>@​atollena</code></a></li>
</ul>
</li>
</ul>
<h1>Behavior Changes</h1>
<ul>
<li>In accordance with <a
href="https://tools.ietf.org/html/rfc7540#section-3.3">RFC 7540</a>,
clients and servers will now reject TLS connections that don't support
ALPN. This can be disabled by setting the environment variable
<code>GRPC_ENFORCE_ALPN_ENABLED</code> to <code>false</code> (case
insensitive). Please file a bug if you encounter any issues with this
behavior. The environment variable to revert this behavior will be
removed in an upcoming release. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7535">#7535</a>)</li>
</ul>
<h2>Release 1.66.2</h2>
<h1>Dependencies</h1>
<ul>
<li>Remove unintentional dependency on the <code>testing</code> package
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/7579">#7579</a>)</li>
<li>Remove unintentional dependency on the <code>flate</code> package
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/7595">#7595</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/ash2k"><code>@​ash2k</code></a></li>
</ul>
</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>client: fix a bug that prevented memory reuse after handling unary
RPCs (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7571">#7571</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/coxley"><code>@​coxley</code></a></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-go/commit/6f50403edb0c2db1bb557168cf4e6f87ea2efdb5"><code>6f50403</code></a>
Change version to 1.67.0 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7604">#7604</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/3c3a0257a33b59b0d0a072696775b53392c7d8ae"><code>3c3a025</code></a>
mem: replace flate.Reader reference (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7595">#7595</a>)
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/7637">#7637</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/3ffb98b2c93a9a633f7415893c40946e2a6a6e89"><code>3ffb98b</code></a>
.*: fix revive lints <code>redefines-builtin-id</code> (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7552">#7552</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/56660492e4a669c8c0f02bd7f31ad31a3ef59883"><code>5666049</code></a>
vet: enforce revive linter (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7589">#7589</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/c6ad07fa041eea78cd6757a51f252dd407105452"><code>c6ad07f</code></a>
protoc: regenerate protos (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7590">#7590</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/70f19eecd168b0ea1f15e991170576bf36f74b40"><code>70f19ee</code></a>
credentials/tls: default GRPC_ENFORCE_ALPN_ENABLED to true (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7535">#7535</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/92111dc36694c570dc873b9a5a461ef953ea2b54"><code>92111dc</code></a>
xds: keep ads flow control local to xdsclient/transport package (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7578">#7578</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/535bdce10d2c1127e526e986b04b38995fe84712"><code>535bdce</code></a>
estats: remove dependency on testing package (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7579">#7579</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/0f03c747b13b41c3601ee835f1f8bf0f457b3fd2"><code>0f03c74</code></a>
.*: fix revive lint issues <code>unused-parameter</code> (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7580">#7580</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/6147c81cd047f0237c9bfa553fb61ce74bfa37aa"><code>6147c81</code></a>
stats/opentelemetry: Optimize slice allocations (<a
href="https://redirect.github.com/grpc/grpc-go/issues/7525">#7525</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc-go/compare/v1.66.1...v1.67.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.66.1&new-version=1.67.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…metbft#4265)

Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.42.0 to 1.44.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.44.0</h2>
<p>Release v1.44.0</p>
<h2>v1.43.0</h2>
<p>Release v1.43.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/e7628ee2d941d14dc87d468ed93bdb35c2f7bfea"><code>e7628ee</code></a>
Release v1.44.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/227">#227</a>)</li>
<li><a
href="https://github.com/bufbuild/buf-setup-action/commit/62ee92603c244ad0da98bab36a834a999a5329e6"><code>62ee926</code></a>
Release v1.43.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/226">#226</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.42.0...v1.44.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.42.0&new-version=1.44.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bft#4266)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.8.0 to 6.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.38.0 to 0.39.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1234">docker/build-push-action#1234</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1232">docker/build-push-action#1232</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0">https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/4f58ea79222b3b9dc2c8bbdd6debcef730109a75"><code>4f58ea7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1234">#1234</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/49b5ea61c60477d214908bb6e23ce05c074ef04e"><code>49b5ea6</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/13c9fddd72db0ce3cd9d87eb53e0480d2a32a77b"><code>13c9fdd</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.38.0 to
0.39.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e44afff3590e1d4f93b6adc72376512edb012a7c"><code>e44afff</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1232">#1232</a>
from docker/dependabot/npm_and_yarn/path-to-regexp-6...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/67ebad331f4ca45e39184b280dbacb11eb3beae0"><code>67ebad3</code></a>
chore(deps): Bump path-to-regexp from 6.2.2 to 6.3.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.8.0&new-version=6.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hernán Vanzetto <[email protected]>
…etbft#4264)

Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.6.1 to 3.7.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.7.1</h2>
<ul>
<li>Switch back to <code>uuid</code> package by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/369">docker/setup-buildx-action#369</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.7.0...v3.7.1">https://github.com/docker/setup-buildx-action/compare/v3.7.0...v3.7.1</a></p>
<h2>v3.7.0</h2>
<ul>
<li>Always set <code>buildkitd-flags</code> if opt-in by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/363">docker/setup-buildx-action#363</a></li>
<li>Remove <code>uuid</code> package and switch to <code>crypto</code>
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/366">docker/setup-buildx-action#366</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.39.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/362">docker/setup-buildx-action#362</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/354">docker/setup-buildx-action#354</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.0">https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/c47758b77c9736f4b2ef4073d4d51994fabfe349"><code>c47758b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/369">#369</a>
from crazy-max/revert-crypto</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/8fea3825134d99989287350b6429e3e86fa5d320"><code>8fea382</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/2874e980e877332a8fe575054d8c083109b8fede"><code>2874e98</code></a>
switch back to uuid package</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/8026d2bc3645ea78b0d2544766a1225eb5691f89"><code>8026d2b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/362">#362</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/e51aab53e9e6264bc11f62da6fbc352686b2147f"><code>e51aab5</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/fd7390e14dc77aa9df3fbc8a021cf91ac9fe7aa5"><code>fd7390e</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.35.0 to
0.39.0</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/910a3040053b5bd9636a487f0054cfe150829ae7"><code>910a304</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/366">#366</a>
from crazy-max/remove-uuid</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/3623ee443e01d4daf9e9107d28e162a058c52ca8"><code>3623ee4</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/e0e5ecf670bf33d756abc55962778de1286f70e1"><code>e0e5ecf</code></a>
remove uuid package and switch to crypto</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/5334dd0cdd27e0ac92d6c98d35f3398fcc13195f"><code>5334dd0</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/363">#363</a>
from crazy-max/set-buildkitd-flags-optin</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.6.1&new-version=3.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…metbft#4288)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@faddat
Copy link
Contributor Author

faddat commented Oct 15, 2024

sorry, this is a very bad PR!

@faddat faddat closed this Oct 15, 2024
Copy link
Contributor

mergify bot commented Oct 15, 2024

⚠️ The sha of the head commit of this PR conflicts with #4297. Mergify cannot evaluate rules on this PR. ⚠️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.