Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump tendermint from 0.35.0 to 0.37.0 #914

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 31, 2024

Bumps tendermint from 0.35.0 to 0.37.0.

Release notes

Sourced from tendermint's releases.

v0.37.0

May 31st, 2024

This release restores the commit verification interfaces of PredicateVerifier from tendermint-rs 0.35.0 and lower, but retains the performance improvements made in version 0.36.0.

This version also brings a few new features to the HTTP RPC client, notably a way to specify the User-Agent to send along HTTP requests, as well as a way to override the underlying reqwest client.

Additionally, this release fixes a couple of issues with the serde-based deserialization of the FinalizeBlock and Event types.

BREAKING CHANGES

  • [tendermint-proto] Upgrade tonic to v0.11 (#1422)
  • [tendermint-light-client-verifier] Restores the commit verification interfaces of PredicateVerifier<P, C, V> from <= 0.35.0 (#1423)
    • verify_commit(&self. untrusted: &UntrustedBlockState<'_>) is restored, as in <= 0.35.0.
    • verify_commit(&self, untrusted: &UntrustedBlockState<'_>, trusted: &TrustedBlockState<'_>,) introduced in 0.36.0 is renamed to verify_commit_against_trusted. The performance improvements made in the 0.36.0 release are still intact.

FEATURES

  • [tendermint-rpc] Add a way to specify custom User-Agent for HttpClient (#1425)
  • [tendermint-rpc] Add a client() method on transport::http::Builder to override the underlying reqwest client (#1421)
  • [tendermint-rpc] Add a from_raw_parts() method on transport::http::HttpClient to allow supplying the underlying reqwest client (#1421)

BUG FIXES

  • [tendermint] Fix FinalizeBlock::validator_updates deserialization as nullable (#1428)
  • [tendermint-abci] Add serde default annotation for Event::type to match omitempty in the Go implementation (#1416)

v0.36.0

This release brings substantial performance improvements to the voting power computation within the light client, improves the handling of misformed blocks (eg. with empty last_commit on non-first block) when decoding them from Protobuf or RPC responses, and adds missing serde derives on some Protobuf definitions.

This release also technically contains a breaking change in tendermint-proto, but this should not impact normal use of the library, as the ToPrimitive impl that was removed on BlockIdFlag trait did not provide any additional functionality.

BREAKING CHANGES

  • [tendermint-proto] Remove redundant impl of num_traits::ToPrimitive for BlockIDFlag (#1389)

  • [tendermint] Change EventAttribute's key and value fields from String to Vec<u8> for Tendermint v0.34, as enforced by the Protobuf schema for Tendermint v0.34. tendermint::abci::EventAttribute is now an enum, to account for version 0.34 and 0.37+, therefore the key, value and index fields now have to be retrieved through the key_str()/key_bytes, value_str()/value_bytes() and index() methods. (#1400).

  • [light-client-verifier] Rework VerificationPredicates and VotingPowerCalculator by introducing methods which check validators and signers overlap at once. The motivation of this is to avoid checking the same signature multiple times.

    Consider a validator is in old and new set. Previously their signature would be verified twice. Once by call to has_sufficient_validators_overlap method and second time by call to has_sufficient_signers_overlap method.

    With the new interface, has_sufficient_validators_and_signers_overlap is called and it can be implemented to remember which signatures have been verified.

    As a side effect of those changes, signatures are now verified in the order of validator’s power which may further reduce number of signatures which need to be verified.

    (#1410)

FEATURES

  • [tendermint-proto] Add missing serde derives on Protobuf definitions (#1389)

... (truncated)

Changelog

Sourced from tendermint's changelog.

v0.37.0

May 30th, 2024

This release restores the commit verification interfaces of PredicateVerifier from tendermint-rs 0.35.0 and lower, but retains the performance improvements made in version 0.36.0.

This version also brings a few new features to the HTTP RPC client, notably a way to specify the User-Agent to send along HTTP requests, as well as a way to override the underlying reqwest client.

Additionally, this release fixes a couple of issues with the serde-based deserialization of the FinalizeBlock and Event types.

BREAKING CHANGES

  • [tendermint-proto] Upgrade tonic to v0.11 (#1422)
  • [tendermint-light-client-verifier] Restores the commit verification interfaces of PredicateVerifier<P, C, V> from <= 0.35.0 (#1423)
    • verify_commit(&self. untrusted: &UntrustedBlockState<'_>) is restored, as in <= 0.35.0.
    • verify_commit(&self, untrusted: &UntrustedBlockState<'_>, trusted: &TrustedBlockState<'_>,) introduced in 0.36.0 is renamed to verify_commit_against_trusted. The performance improvements made in the 0.36.0 release are still intact.

FEATURES

  • [tendermint-rpc] Add a way to specify custom User-Agent for HttpClient (#1425)
  • [tendermint-rpc] Add a client() method on transport::http::Builder to override the underlying reqwest client (#1421)
  • [tendermint-rpc] Add a from_raw_parts() method on transport::http::HttpClient to allow supplying the underlying reqwest client (#1421)

BUG FIXES

  • [tendermint] Fix FinalizeBlock::validator_updates deserialization as nullable (#1428)
  • [tendermint-abci] Add serde default annotation for Event::type to match omitempty in the Go implementation (#1416)

v0.36.0

April 25th, 2024

This release brings substantial performance improvements to the voting power computation within the light client, improves the handling of misformed blocks (eg. with empty last_commit on non-first block) when decoding them from Protobuf or RPC responses, and adds missing serde derives on some Protobuf definitions.

This release also technically contains a breaking change in tendermint-proto, but this should not impact normal use of the library, as the ToPrimitive impl that was removed on BlockIdFlag trait did not provide any additional functionality.

BREAKING CHANGES

  • [tendermint-proto] Remove redundant impl of num_traits::ToPrimitive for BlockIDFlag (#1389)

  • [tendermint] Change EventAttribute's key and value fields from String to Vec<u8> for Tendermint v0.34, as enforced by the Protobuf schema for Tendermint v0.34. tendermint::abci::EventAttribute is now an enum, to account for version 0.34 and 0.37+, therefore the key, value and index fields now have to be retrieved through the key_str()/key_bytes, value_str()/value_bytes() and index() methods. (#1400).

  • [light-client-verifier] Rework VerificationPredicates and VotingPowerCalculator by introducing methods which check validators and signers overlap at once. The motivation of this is to avoid checking the same signature multiple times.

    Consider a validator is in old and new set. Previously their signature would

... (truncated)

Commits
  • 94a5fc0 Release v0.37.0 (#1431)
  • 9697006 fix(tendermint): Make FinalizeBlock::validator_updates nullable when deseri...
  • ec37ad2 fix(abci): Add serde default for Event::type (#1416)
  • 4ae4db6 Fix changelog entry
  • 04356a3 feat(rpc): Allow overriding the underlying reqwest client of the `HttpClien...
  • 2135196 feat(rpc): add a way to provide a custom User-Agent (#1429)
  • 87455bc chore(docs): typo fix (#1384)
  • 9331d5c chore: remove repetitive words (#1418)
  • c00441f light-client-verifier: 🌱 restore verify_commit() interface (#1423)
  • 10e91bc Add changelog entry for #1422 in the .changelog directory instead of the CHAN...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [tendermint](https://github.com/informalsystems/tendermint-rs) from 0.35.0 to 0.37.0.
- [Release notes](https://github.com/informalsystems/tendermint-rs/releases)
- [Changelog](https://github.com/informalsystems/tendermint-rs/blob/main/CHANGELOG.md)
- [Commits](informalsystems/tendermint-rs@v0.35.0...v0.37.0)

---
updated-dependencies:
- dependency-name: tendermint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants