Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.29.0 to 0.30.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/prometheus/common/releases">github.com/prometheus/common's releases</a>.</em></p>
<blockquote>
<h2>v0.30.0</h2>
<p>Add the ability to enable HTTP2 again via an env variable</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8d1c9f84e3"><code>8d1c9f8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/common/issues/286">#286</a> from roidelapluie/http2-env</li>
<li><a href="5f27aa2705"><code>5f27aa2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/common/issues/316">#316</a> from prometheus/mem/fix_linter_errors</li>
<li><a href="b5c358997c"><code>b5c3589</code></a> Enable HTTP 2 via env variable</li>
<li><a href="08ac5ff5ae"><code>08ac5ff</code></a> Fix linter errors</li>
<li><a href="a1b6ede203"><code>a1b6ede</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/common/issues/313">#313</a> from roidelapluie/refactorsigv4</li>
<li><a href="a44452df20"><code>a44452d</code></a> Refactor sigv4 in tests</li>
<li><a href="448ba39595"><code>448ba39</code></a> Add sigv4 module (<a href="https://github-redirect.dependabot.com/prometheus/common/issues/310">#310</a>)</li>
<li>See full diff in <a href="https://github.com/prometheus/common/compare/v0.29.0...v0.30.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/spf13/cast](https://github.com/spf13/cast) from 1.3.1 to 1.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="3f42935ca9"><code>3f42935</code></a> github: Also run tests on Windows</li>
<li><a href="02aebd9419"><code>02aebd9</code></a> Update README.md</li>
<li><a href="a9f3cbf098"><code>a9f3cbf</code></a> Remove .travis.yml</li>
<li><a href="57c98fb578"><code>57c98fb</code></a> Create go.yml</li>
<li><a href="22b2b540ce"><code>22b2b54</code></a> Adjust timezone logic</li>
<li><a href="e4dda5f5f1"><code>e4dda5f</code></a> Add ToTimeInDefaultLocation/E</li>
<li><a href="c3e59ced67"><code>c3e59ce</code></a> travis: Bump Go versions</li>
<li><a href="8d17101741"><code>8d17101</code></a> Convert error slice to string slice</li>
<li><a href="580a25aa7d"><code>580a25a</code></a> feat: updating ToStringSliceE to support some other slices</li>
<li>See full diff in <a href="https://github.com/spf13/cast/compare/v1.3.1...v1.4.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.3 to 1.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spf13/cobra/releases">github.com/spf13/cobra's releases</a>.</em></p>
<blockquote>
<h2>v1.2.1</h2>
<h3>Bug fixes</h3>
<ul>
<li>Quickfix for <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1437">spf13/cobra#1437</a> after v1.2.0 where parallel use of the <code>cmd.RegisterFlagCompletionFunc()</code> (and subsequent map) now works correctly and flag completions now work again</li>
</ul>
<h2>v1.2.0 - The completions release</h2>
<h1>🌠 v1.2.0 - The completions release</h1>
<p>Welcome to v1.2.0 of Cobra! This release focuses on code completions, several critical bug fixes, some documentation updates, and security bumps. Upgrading should be simple but note please take note of the introduction of completions V2 and their default use. The v1 completions library is still available, but will be <em>deprecated</em> in the future. Please open an issue with any problems!</p>
<hr />
<h2>New Features</h2>
<ul>
<li>Automatically adds <code>completion</code> command for shell completions. If a <code>completion</code> command is already provided, uses that instead. This will <em>automatically</em> provide shell completions for bash, zsh, fish, and PowerShell <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1192">spf13/cobra#1192</a>
<ul>
<li>Users can configure the command auto creation:
<ul>
<li>disable the creation of the completion command</li>
<li>disable completion descriptions</li>
<li>disable the <code>--no-descriptions</code> flag for "always on" completion descriptions</li>
</ul>
</li>
</ul>
</li>
<li>Introduction of bash completions V2, a uniform completion approach which include completion descriptions. The V1 bash completions are still available <em>and will be deprecated</em> in a latter release - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1146">spf13/cobra#1146</a>
<ul>
<li>Note that projects providing completion through a different command name (say a command named "complete") will continue to use v1 for their own command but will also provide cobra's implicit "completion" command which will use v2, unless of course, these projects take the time to disable the default "completion" command as noted above.</li>
</ul>
</li>
<li>Commands now support context being passed to completions - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1265">spf13/cobra#1265</a>
<ul>
<li>An example can be found here: <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1265#issuecomment-734551031">spf13/cobra#1265</a></li>
</ul>
</li>
<li>Removed dependency on<code>mitchellh/go-homedir</code> in favor of core Go <code>os.UserHomeDir()</code> - <a href="8eaca5f0f4</a></li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fix trailing whitespace not being handled in powershell completion scripts <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1342">spf13/cobra#1342</a></li>
<li>Bash completion variable leak fix <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1352">spf13/cobra#1352</a></li>
<li>Fish shell completions correctly ignore trailing empty lines <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1284">spf13/cobra#1284</a></li>
<li>PowerShell completions fix for "no file comp directive" - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1363">spf13/cobra#1363</a></li>
<li>Custom completions now correctly handle multiple shorthand flags together - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1258">spf13/cobra#1258</a></li>
<li>zsh completions now correctly handle <code>ShellDirectiveCompletionNoSpace</code> and file completion all the time - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1213">spf13/cobra#1213</a></li>
<li>Multiple fixes / improvements to the fish shell support - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1249">spf13/cobra#1249</a></li>
<li>Fix home directory config not loading correctly - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1282">spf13/cobra#1282</a></li>
<li>Fix for <code>RegisterFlagCompletionFunc</code> as a global var not working in multi-threaded programs: <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1423">spf13/cobra#1423</a></li>
<li>Custom completions correctly do not complete flags after args when interspersed is false <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1308">#1308</a></li>
</ul>
<h2>Testing</h2>
<ul>
<li>Deprecated Travis CI. Now fully using Github Actions - <a href="d0f318d45b</a></li>
<li>Added test cases and enhancements (thank you to everyone for taking the time to add tests to your PRs!)</li>
<li>Shoutout to <a href="https://github.com/marckhouzam"><code>@marckhouzam</code></a> and <a href="https://github.com/Luap99"><code>@Luap99</code></a> for their hard work on a cobra command completions testing library. <a href="https://github.com/marckhouzam/cobra-completion-testing">Check out the repo here!</a></li>
</ul>
<h2>Security</h2>
<ul>
<li>Bump viper to 1.8.1. This corrects several issues with vulnerabilities existing in the dependency tree - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1433">spf13/cobra#1433</a></li>
</ul>
<h2>Other</h2>
<ul>
<li>Add PR labeler with pull_request_target to enable tests to run from forks - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1338">spf13/cobra#1338</a></li>
<li>CI using MSYS2 windows machines pull latest - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1366">spf13/cobra#1366</a></li>
<li>Multiple small fixes to spelling / documentation - <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1349">spf13/cobra#1349</a> <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1417">spf13/cobra#1417</a> <a href="https://github-redirect.dependabot.com/spf13/cobra/pull/1434">spf13/cobra#1434</a></li>
</ul>
<p><em><em>Thank you to <em>all</em> our amazing contributors 🐍🚀</em></em></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/spf13/cobra/blob/master/CHANGELOG.md">github.com/spf13/cobra's changelog</a>.</em></p>
<blockquote>
<h1>Cobra Changelog</h1>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="de187e874d"><code>de187e8</code></a> Fix flag completion (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1438">#1438</a>)</li>
<li><a href="07861c800d"><code>07861c8</code></a> Fix documentation (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1434">#1434</a>)</li>
<li><a href="5738d6b72d"><code>5738d6b</code></a> Add install instructions for zsh on Mac OS (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1417">#1417</a>)</li>
<li><a href="5d46ac904d"><code>5d46ac9</code></a> custom comp: do not complete flags after args when interspersed is false (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1308">#1308</a>)</li>
<li><a href="3c8a19ecd3"><code>3c8a19e</code></a> fix RegisterFlagCompletionFunc concurrent map writes error (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1423">#1423</a>)</li>
<li><a href="2dea4f2ef3"><code>2dea4f2</code></a> Bump to viper 1.8.1 (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1433">#1433</a>)</li>
<li><a href="b36196066e"><code>b361960</code></a> Bash completion V2 with completion descriptions (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1146">#1146</a>)</li>
<li><a href="d0f318d45b"><code>d0f318d</code></a> ci: deprecate Travis CI</li>
<li><a href="8eaca5f0f4"><code>8eaca5f</code></a> drop mitchellh/go-homedir (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/853">#853</a>)</li>
<li><a href="ace6b14345"><code>ace6b14</code></a> readme: split 'Getting Started' into 'user_guide.md'</li>
<li>Additional commits viewable in <a href="https://github.com/spf13/cobra/compare/v1.1.3...v1.2.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.26.0 to 1.27.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/protocolbuffers/protobuf-go/releases">google.golang.org/protobuf's releases</a>.</em></p>
<blockquote>
<h2>v1.27.1</h2>
<p>Notable changes since <a href="https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.27.0">v1.27.0</a>:</p>
<ul>
<li><a href="https://golang.org/cl/331149">CL/331149</a>: cmd/protoc-gen-go: fix generation of enum defaults</li>
</ul>
<h2>v1.27.0</h2>
<ul>
<li><a href="https://github.com/protocolbuffers/protobuf-go/blob/HEAD/#v1.27-overview">Overview</a></li>
<li><a href="https://github.com/protocolbuffers/protobuf-go/blob/HEAD/#v1.27-notable-changes">Notable changes</a>
<ul>
<li><a href="https://github.com/protocolbuffers/protobuf-go/blob/HEAD/#v1.27-reflection-ranging">Reflectively ranging over a message</a></li>
</ul>
</li>
<li><a href="https://github.com/protocolbuffers/protobuf-go/blob/HEAD/#v1.27-breaking-changes">Upcoming breakage changes</a></li>
</ul>
<h2>Overview <!-- raw HTML omitted --><!-- raw HTML omitted --></h2>
<p>The release provides new functionality for iterating through a message using protobuf reflection. There are some minor changes to the code generator.</p>
<h2>Notable changes <!-- raw HTML omitted --><!-- raw HTML omitted --></h2>
<p><strong>New features:</strong></p>
<ul>
<li><a href="https://golang.org/cl/309669">CL/309669</a>: testing/protopack: add Message.UnmarshalAbductive</li>
</ul>
<p><strong>Bug fixes:</strong></p>
<ul>
<li><a href="https://golang.org/cl/317430">CL/317430</a>: encoding/prototext: fix skipping of unknown fields</li>
<li><a href="https://golang.org/cl/321529">CL/321529</a>: internal/impl: support typed nil source for Merge of aberrant messages</li>
</ul>
<p><strong>Generator changes</strong></p>
<ul>
<li><a href="https://golang.org/cl/305574">CL/305574</a>: cmd/protoc-gen-go: remove generation of the ExtensionRangeArray method</li>
<li><a href="https://golang.org/cl/319649">CL/319649</a>: cmd/protoc-gen-go: avoid referencing remote enum values by name</li>
<li><a href="https://golang.org/cl/316949">CL/316949</a>: compiler/protogen: relax rules for valid import paths</li>
<li><a href="https://golang.org/cl/306209">CL/306209</a>: cmd/protoc-gen-go: add protoc suffix</li>
</ul>
<h3>Reflectively ranging over a message <!-- raw HTML omitted --><!-- raw HTML omitted --></h3>
<ul>
<li><a href="https://golang.org/cl/236540">CL/236540</a>: reflect: add protopath and protorange packages</li>
</ul>
<p>The new <a href="https://pkg.go.dev/google.golang.org/protobuf/reflect/protorange"><code>reflect/protorange</code></a> package supports recursively ranging through all populated fields of a message. There are many use cases for such a feature. See <a href="https://pkg.go.dev/google.golang.org/protobuf/reflect/protorange#pkg-examples">the examples for inspiration</a>.</p>
<h2>Upcoming breakage changes <!-- raw HTML omitted --><!-- raw HTML omitted --></h2>
<p>This release removes generation of the <code>ExtensionRangeArray</code> method, as originally announced since the <a href="https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.20.0#v1.20-breaking-changes">v1.20.0 release on March 2nd, 2020</a>. Our analysis of the <a href="https://proxy.golang.org/">entire public module proxy</a> found no static usages of this method. This method is pseudo-internal to the implementation and we expect removal of it to have no material impact. If something is broken by this change, please file an issue and we can consider re-generating this method in a patch release.</p>
<p>There are no <em>new</em> upcoming breaking changes to announce in this release.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b92717ecb6"><code>b92717e</code></a> all: release v1.27.1</li>
<li><a href="177d70e4ab"><code>177d70e</code></a> README.md: mention protopath and protorange packages</li>
<li><a href="aa432c0868"><code>aa432c0</code></a> cmd/protoc-gen-go: fix generation of enum defaults</li>
<li><a href="49b6f723d3"><code>49b6f72</code></a> all: start v1.27.0-devel</li>
<li><a href="3f51f05e40"><code>3f51f05</code></a> all: release v1.27.0</li>
<li><a href="dc57387746"><code>dc57387</code></a> release.bash: make work on Linux</li>
<li><a href="21e33cc910"><code>21e33cc</code></a> reflect/protoregistry: restore conflicting file names check</li>
<li><a href="426f20bc78"><code>426f20b</code></a> release.bash: make work on macOS</li>
<li><a href="febffdd88e"><code>febffdd</code></a> reflect/protoregistry: permit conflicting file names</li>
<li><a href="4c193d18ec"><code>4c193d1</code></a> compiler/protogen: relax rules for valid import paths</li>
<li>Additional commits viewable in <a href="https://github.com/protocolbuffers/protobuf-go/compare/v1.26.0...v1.27.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
## Description
Closes: #9562
---
### Author Checklist
*All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.*
I have...
- [x] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title
- [x] added `!` to the type prefix if API or client breaking change
- [x] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting))
- [x] provided a link to the relevant issue or specification
- [x] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules)
- [x] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing)
- [ ] added a changelog entry to `CHANGELOG.md`
- [ ] included comments for [documenting Go code](https://blog.golang.org/godoc)
- [ ] updated the relevant documentation or specification
- [ ] reviewed "Files changed" and left comments if necessary
- [ ] confirmed all CI checks have passed
### Reviewers Checklist
*All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.*
I have...
- [x] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title
- [x] confirmed `!` in the type prefix if API or client breaking change
- [ ] confirmed all author checklist items have been addressed
- [ ] reviewed state machine logic
- [ ] reviewed API design and naming
- [ ] reviewed documentation is accurate
- [ ] reviewed tests and test coverage
- [ ] manually tested (if applicable)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.1 to 1.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spf13/viper/releases">github.com/spf13/viper's releases</a>.</em></p>
<blockquote>
<h2>v1.8.0</h2>
<p>This is a maintenance release primarily containing fixes and improvements. The most prominent change is the etcd update to <a href="https://github.com/etcd-io/etcd/releases/tag/v3.5.0">3.5.0</a>. Thanks to proper Go modules support, the dependency graph became much smaller.</p>
<p>## Changes</p>
<h3>Added</h3>
<ul>
<li>Allow BindEnv to register multiple environment variables</li>
<li>Support for accessing slices</li>
<li>Experimental WASM support: Viper compiles on WASM</li>
<li>INI load options</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Ensure <code>BindPFlag</code> detects a nil flag parameter</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Merging a key into a nil target</li>
<li>Panics during saving INI files</li>
</ul>
<h3>Security</h3>
<ul>
<li>Updated etcd to 3.5 which should make a lot of false positive vulnerability reports disappear</li>
</ul>
<hr />
<p>In addition to the above changes, this release comes with tons of minor improvements, documentation changes an dependency updates. Find more details in the <a href="https://github.com/spf13/viper/milestone/4?closed=1">1.8.0</a> milestone.</p>
<p><strong>Many thanks to everyone who contributed to this release!</strong></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="faa8ba0c53"><code>faa8ba0</code></a> chore: update gotestsum</li>
<li><a href="65ee98690c"><code>65ee986</code></a> chore(lint): fix gofumpt</li>
<li><a href="04ef5fa07d"><code>04ef5fa</code></a> chore: update golangci-lint</li>
<li><a href="acd965b54e"><code>acd965b</code></a> Add ini load options argument</li>
<li><a href="5f4d053c3e"><code>5f4d053</code></a> chore(deps): update dependencies</li>
<li><a href="dd57ae6279"><code>dd57ae6</code></a> chore(deps): update etcd</li>
<li><a href="cdb5e5976f"><code>cdb5e59</code></a> Fix merging a key into a nil target</li>
<li><a href="36be6bf91f"><code>36be6bf</code></a> feat: make sure Viper compiles on WASM</li>
<li><a href="727a41c38a"><code>727a41c</code></a> doc: add a note about concurent Get/Set to godoc</li>
<li><a href="cb41ae0ab8"><code>cb41ae0</code></a> doc: discuss concurrency in README</li>
<li>Additional commits viewable in <a href="https://github.com/spf13/viper/compare/v1.7.1...v1.8.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/armon/go-metrics](https://github.com/armon/go-metrics) from 0.3.8 to 0.3.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/armon/go-metrics/releases">github.com/armon/go-metrics's releases</a>.</em></p>
<blockquote>
<h2>v0.3.9</h2>
<p>Adds a new <code>Stream</code> method that provides a streaming HTTP 1.x handler that will return a news set of metrics every interval.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f792dbc8f4"><code>f792dbc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/armon/go-metrics/issues/125">#125</a> from dnephin/dnephin/stream-metrics</li>
<li><a href="01db6876d8"><code>01db687</code></a> inmem: reduce the interface to Stream</li>
<li><a href="056fff3a32"><code>056fff3</code></a> inmem: add support for streaming metrics as intervals complete</li>
<li><a href="96c40ac2d9"><code>96c40ac</code></a> inmem: Inline a few functions into getInterval</li>
<li>See full diff in <a href="https://github.com/armon/go-metrics/compare/v0.3.8...v0.3.9">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.22.0 to 1.23.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="117cb53bc6"><code>117cb53</code></a> Fix copying stack setting in logger's Output method (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/325">#325</a>)</li>
<li><a href="e05605c215"><code>e05605c</code></a> Use github.com/coreos/go-systemd/v22 (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/322">#322</a>)</li>
<li><a href="6ed1127758"><code>6ed1127</code></a> Fix panic on disabled event with CallerSkipFrame</li>
<li><a href="47a03bc5eb"><code>47a03bc</code></a> Add ability to customize internal json marshaler (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/318">#318</a>)</li>
<li><a href="ffbd37b8d7"><code>ffbd37b</code></a> Add Func log method (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/321">#321</a>)</li>
<li>See full diff in <a href="https://github.com/rs/zerolog/compare/v1.22.0...v1.23.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.28.0 to 0.29.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="8281fb2779"><code>8281fb2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/common/issues/308">#308</a> from austince/feat/with-idle-conn-timeout</li>
<li><a href="5018d4d329"><code>5018d4d</code></a> Add WithIdleConnTimeout HTTP client option</li>
<li>See full diff in <a href="https://github.com/prometheus/common/compare/v0.28.0...v0.29.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
* build(deps): bump github.com/golang/protobuf from 1.4.3 to 1.5.1
Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.4.3 to 1.5.1.
- [Release notes](https://github.com/golang/protobuf/releases)
- [Commits](https://github.com/golang/protobuf/compare/v1.4.3...v1.5.1)
Signed-off-by: dependabot[bot] <support@github.com>
* run go mod tidy
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alessio Treglia <alessio@tendermint.com>
Co-authored-by: Marko <marbar3778@yahoo.com>
Updates cosmos/go-bip39 to version v1.0.0 which
features performance upgrades that bring 12+ searches
down from 24.3us to 1.4us (so 108.33ns per fetch)
after PR https://github.com/cosmos/go-bip39/pull/2.
* Add test that panics
* Add panic in abci query
* Move proto gen files to correct place
* Add panic handler in grpc server
* Fix test
* Fix build
* Use %v
* Better panic message
* Fix tests
Co-authored-by: Aleksandr Bezobchuk <alexanderbez@users.noreply.github.com>
* types/Coin: compile and reuse Regexps to reduce massive RAM+CPU burn
Fixes a resource (CPU+RAM) burn from recompiling Regexps which would
consume 1.2+MiB of RAM and 1.1ms per ParseCoin invocation, which means
that 1,000 invocations would consume 1.2GiB of RAM and >1second.
With the change, ParseCoin now takes 3.2us down from 1.1ms, with
dramatic results:
name old time/op new time/op delta
ParseCoin-8 1.04ms ± 4% 0.00ms ± 1% -99.69% (p=0.000 n=9+10)
name old alloc/op new alloc/op delta
ParseCoin-8 1.20MB ± 0% 0.00MB ± 0% -99.94% (p=0.000 n=10+10)
name old allocs/op new allocs/op delta
ParseCoin-8 17.8k ± 0% 0.0k ± 0% -99.89% (p=0.000 n=10+10)
Fixes#7986.
* replace the CoinDenomRegex variable with SetCoinDenomRegex() (#7998)
Co-authored-by: Federico Kunze <31522760+fedekunze@users.noreply.github.com>
Co-authored-by: Alessio Treglia <alessio@tendermint.com>
* Updated gRCP version to v1.33.1 since v1.33.0 was deleted (see https://github.com/grpc/grpc-go/issues/3945)
* Updated CHANGELOG
* Updated CHANGELOG
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* bump to tendermint v0.34-rc6
* update go.mod
* tendermint version is now accessible as tmversion.TMCoreSemVer
* add changelog entry
Co-authored-by: Amaury Martiny <amaury.martiny@protonmail.com>
* Add test for /block_results
* Fix test
* Use http RPC client
* Fix temporarily block_results
* Use init
* Add flag back
* Remove init
* Update TM master
* Address comments
* Fix build
* require refactor
* Add build flag back
* More timeout on test
* fix timeout-minutes
Co-authored-by: Aaron Craelius <aaron@regen.network>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
dependabot[bot]
Robert Zaremba
Marko
Andrea Giacobino
Alessio Treglia
Frojdi Dymylja
SaReN
MD Aleem
Aaron Craelius
Federico Kunze
Emmanuel T Odeke
Aleksandr Bezobchuk
Amaury
Riccardo Montagnin
Cory