From 3b238f9ba3a696e7a19eb6428b4a07fc96d40160 Mon Sep 17 00:00:00 2001 From: Youngtaek Yoon Date: Mon, 11 Sep 2023 01:02:28 +0000 Subject: [PATCH 1/9] docs: update links in x/foundation README.md (#1120) * Update README.md * Update CHANGELOG.md --- CHANGELOG.md | 3 ++- x/foundation/README.md | 13 +++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index dc328bf36d..9bd7e21260 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -44,6 +44,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Improvements * (third_party/proto) [\#1037](https://github.com/Finschia/finschia-sdk/pull/1037) change the proof.proto path to third_party/proto/confio * (ostracon) [\#1057](https://github.com/Finschia/finschia-sdk/pull/1057) Bump up Ostracon from to v1.1.1 +* (docs) [\#1120](https://github.com/Finschia/finschia-sdk/pull/1120) Update links in x/foundation README.md ### Bug Fixes * (ledger) [\#1040](https://github.com/Finschia/finschia-sdk/pull/1040) fix a bug(unable to connect nano S plus ledger on ubuntu) @@ -59,4 +60,4 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Document Updates * (readme) [\#997](https://github.com/finschia/finschia-sdk/pull/997) fix swagger url -* (docs) [\#1059](https://github.com/Finschia/finschia-sdk/pull/1059) create ERRORS.md for x/module \ No newline at end of file +* (docs) [\#1059](https://github.com/Finschia/finschia-sdk/pull/1059) create ERRORS.md for x/module diff --git a/x/foundation/README.md b/x/foundation/README.md index 62c4bacfe5..9e972d3ced 100644 --- a/x/foundation/README.md +++ b/x/foundation/README.md @@ -84,7 +84,6 @@ threshold and percentage. Any chain developer can extend upon these two, by creating custom decision policies, as long as they adhere to the `DecisionPolicy` interface: -+++ https://github.com/Finschia/finschia-sdk/blob/392277a33519d289154e8da27f05f9a6788ab076/x/foundation/foundation.go#L90-L103 +++ https://github.com/Finschia/finschia-sdk/blob/392277a33519d289154e8da27f05f9a6788ab076/x/foundation/foundation.go#L90-L103 ### Threshold decision policy @@ -93,6 +92,8 @@ A threshold decision policy defines a threshold of yes votes (based on a tally of voter weights) that must be achieved in order for a proposal to pass. For this decision policy, abstain and veto are simply treated as no's. ++++ https://github.com/Finschia/finschia-sdk/blob/ba75f8e7845a740afdce6e5f1c91f1a97433b7e2/proto/lbm/foundation/v1/foundation.proto#L63-L77 + ### Percentage decision policy A percentage decision policy is similar to a threshold decision policy, except @@ -101,6 +102,8 @@ It's more suited for a foundation where the membership can be updated, as the percentage threshold stays the same, and doesn't depend on how the number of members get updated. ++++ https://github.com/Finschia/finschia-sdk/blob/ba75f8e7845a740afdce6e5f1c91f1a97433b7e2/proto/lbm/foundation/v1/foundation.proto#L79-L93 + ### Outsourcing decision policy A outsourcing decision policy is a policy set after `x/foundation` decides to @@ -108,6 +111,8 @@ outsource its proposal relevant features to other modules (e.g. `x/group`). It means one can expect that any states relevant to the feature must be removed in the update to this policy. ++++ https://github.com/Finschia/finschia-sdk/blob/ba75f8e7845a740afdce6e5f1c91f1a97433b7e2/proto/lbm/foundation/v1/foundation.proto#L115-L121 + ## Proposal Any foundation member(s) can submit a proposal for the foundation policy @@ -243,8 +248,6 @@ the [Msg/WithdrawFromTreasury](#msgwithdrawfromtreasury). +++ https://github.com/Finschia/finschia-sdk/blob/392277a33519d289154e8da27f05f9a6788ab076/proto/lbm/foundation/v1/authz.proto#L9-L13 -+++ https://github.com/Finschia/finschia-sdk/blob/392277a33519d289154e8da27f05f9a6788ab076/x/foundation/authz.pb.go#L27-L30 - ### CreateValidatorAuthorization `CreateValidatorAuthorization` implements the `Authorization` interface for the @@ -257,8 +260,6 @@ url of `Msg/CreateValidator`), or the chain cannot be started. +++ https://github.com/Finschia/finschia-sdk/blob/392277a33519d289154e8da27f05f9a6788ab076/proto/lbm/stakingplus/v1/authz.proto#L9-L15 -+++ https://github.com/Finschia/finschia-sdk/blob/392277a33519d289154e8da27f05f9a6788ab076/x/stakingplus/authz.pb.go#L27-L31 - ## Foundation Treasury `x/foundation` intercepts the rewards prior to its distribution @@ -451,7 +452,7 @@ The authority of the following modules are candidates of censorship authority: One may specify `CENSORSHIP_AUTHORITY_UNSPECIFIED` to remove the censorship. -+++ https://github.com/Finschia/finschia-sdk/blob/d9428ec5d825dfd9964f510e32bd03a01adade8c/proto/lbm/foundation/v1/tx.proto#L25-L34 ++++ https://github.com/Finschia/finschia-sdk/blob/d9428ec5d825dfd9964f510e32bd03a01adade8c/proto/lbm/foundation/v1/foundation.proto#L26-L35 The message handling should fail if: From 8eb450b580175c8bf2a3b8f46971cf573e54ee1f Mon Sep 17 00:00:00 2001 From: TAKASE Ryo Date: Mon, 11 Sep 2023 16:34:00 +0900 Subject: [PATCH 2/9] chore: fix tag comments in github actions workflow docker.yml (#1078) * Update docker.yml Fix some comments in workflows. * docs: add this PR to CHANGELOG --- .github/workflows/docker.yml | 4 ++-- CHANGELOG.md | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 7d3b8a79c1..11ef9a2e79 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -6,8 +6,8 @@ on: - rc*/* push: tags: - - "v[0-9]+.[0-9]+.[0-9]+" # Push events to matching v*, i.e. v1.0, v20.15.10 - - "v[0-9]+.[0-9]+.[0-9]+-rc*" # Push events to matching v*, i.e. v1.0-rc1, v20.15.10-rc5 + - "v[0-9]+.[0-9]+.[0-9]+" # Push events to matching v*, i.e. v20.15.10 + - "v[0-9]+.[0-9]+.[0-9]+-rc*" # Push events to matching v*, i.e. v20.15.10-rc5, v20.15.10-rc12+build1 env: registry: docker.io repository: finschia/finschia-simapp diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bd7e21260..65a1ac801c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -57,6 +57,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Build, CI * (build,ci) [\#1043](https://github.com/Finschia/finschia-sdk/pull/1043) Update golang version to 1.20 +* (ci) [\#1078](https://github.com/Finschia/finschia-sdk/pull/1078) fix tag comments in github actions workflow docker.yml ### Document Updates * (readme) [\#997](https://github.com/finschia/finschia-sdk/pull/997) fix swagger url From 816ca3d603d01590ed1c6dc3995568fba6f7d60c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 01:03:00 +0000 Subject: [PATCH 3/9] chore(deps): Bump golang.org/x/crypto from 0.11.0 to 0.13.0 (#1111) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.11.0 to 0.13.0.
Commits
  • 0d375be go.mod: update golang.org/x dependencies
  • b4ddeed go.mod: update golang.org/x dependencies
  • edc325d ssh: fix call to Fatalf from a non-test goroutine
  • eab9315 ssh: add diffie-hellman-group16-sha512 kex
  • ddfa821 ssh: ignore invalid MACs and KEXs just like we do for ciphers
  • d08e19b x509roots/fallback: update bundle
  • 12e1fcd internal/wycheproof: skip all tests in short test mode
  • 3f8f064 ssh: prefer sha256 based RSA key algorithms
  • 5df3b59 ssh: disable client agent tests on Windows
  • 2e82bdd fix TestValidTerminalMode: missing output from echo SHELL $SHELL
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.11.0&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- go.mod | 8 ++++---- go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index df5b9dc17f..ad40cb4f38 100644 --- a/go.mod +++ b/go.mod @@ -47,7 +47,7 @@ require ( github.com/tendermint/go-amino v0.16.0 github.com/tendermint/tendermint v0.34.24 github.com/tendermint/tm-db v0.6.7 - golang.org/x/crypto v0.11.0 + golang.org/x/crypto v0.13.0 golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 google.golang.org/grpc v1.57.0 @@ -119,9 +119,9 @@ require ( github.com/zondax/ledger-go v0.14.1 // indirect go.etcd.io/bbolt v1.3.6 // indirect golang.org/x/net v0.12.0 // indirect - golang.org/x/sys v0.10.0 // indirect - golang.org/x/term v0.10.0 // indirect - golang.org/x/text v0.11.0 // indirect + golang.org/x/sys v0.12.0 // indirect + golang.org/x/term v0.12.0 // indirect + golang.org/x/text v0.13.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index b03db6f97b..5e92541f81 100644 --- a/go.sum +++ b/go.sum @@ -714,8 +714,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= -golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= +golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= +golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -889,11 +889,11 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= -golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= -golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= +golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU= +golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -902,8 +902,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= From a23bfadb4c7750d9a189f1d07b1c323fd4c2433e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 01:04:37 +0000 Subject: [PATCH 4/9] chore(deps): Bump github.com/go-kit/kit from 0.12.0 to 0.13.0 (#1097) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [github.com/go-kit/kit](https://github.com/go-kit/kit) from 0.12.0 to 0.13.0.
Release notes

Sourced from github.com/go-kit/kit's releases.

v0.13.0

Go kit v0.13.0 is released, containing mostly minor fixes and dependency updates.

What's Changed

New Contributors

Full Changelog: https://github.com/go-kit/kit/compare/v0.12.0...v0.13.0

Commits
  • dfe43fa README: update codegen link to truss (#1262)
  • 7f14cb4 Remove dead link to code generator from README (#1256)
  • e923d5d Replace microgen with the maintained fork (#1254)
  • a7ba4fa Update github.com/hashicorp/serf and github.com/hashicorp/consul/api (#1250)
  • 04090c3 Update link pointing to protobuf generator (#1248)
  • 62c81a0 Update nats-io/jwt/v2 & nats-io/nats-server/v2 dependencies to fix CVE-2021-3...
  • 0cd2b27 Merge pull request #1245 from sashamelentyev/patch-1
  • 35bf401 ci: add go 1.19
  • 50c3826 Update README.md (#1239)
  • 44ed829 ci: add go 1.18 (#1233)
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-kit/kit&package-manager=go_modules&previous-version=0.12.0&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ad40cb4f38..fca07d2da0 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/cosmos/go-bip39 v1.0.0 github.com/cosmos/iavl v0.19.4 github.com/cosmos/ledger-cosmos-go v0.12.2 - github.com/go-kit/kit v0.12.0 + github.com/go-kit/kit v0.13.0 github.com/gogo/gateway v1.1.0 github.com/gogo/protobuf v1.3.3 github.com/golang/mock v1.6.0 diff --git a/go.sum b/go.sum index 5e92541f81..dfad0e0933 100644 --- a/go.sum +++ b/go.sum @@ -200,8 +200,8 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o= -github.com/go-kit/kit v0.12.0 h1:e4o3o3IsBfAKQh5Qbbiqyfu97Ku7jrO/JbohvztANh4= -github.com/go-kit/kit v0.12.0/go.mod h1:lHd+EkCZPIwYItmGDDRdhinkzX2A1sj+M9biaEaizzs= +github.com/go-kit/kit v0.13.0 h1:OoneCcHKHQ03LfBpoQCUfCluwd2Vt3ohz+kvbJneZAU= +github.com/go-kit/kit v0.13.0/go.mod h1:phqEHMMUbyrCFCTgH48JueqrM3md2HcAZ8N3XE4FKDg= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= github.com/go-kit/log v0.2.1 h1:MRVx0/zhvdseW+Gza6N9rVzU/IVzaeE1SFI4raAhmBU= github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= From 0f2534ef6392780904624856900d12a8cbd7f12c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 01:05:41 +0000 Subject: [PATCH 5/9] chore(deps): Bump github.com/hashicorp/golang-lru from 0.5.5-0.20210104140557-80c98217689d to 1.0.2 (#1074) Bumps [github.com/hashicorp/golang-lru](https://github.com/hashicorp/golang-lru) from 0.5.5-0.20210104140557-80c98217689d to 1.0.2.
Release notes

Sourced from github.com/hashicorp/golang-lru's releases.

Last release of v0/v1 code base

This release is the same as v0.6.0. It allows projects depending on the v0 code to upgrade safely to v1. This is the last release of v0/v1 code. Dependent projects should upgrade to v2.

Pointer to v0/v2

This is a placeholder tag to instruct people to explicitly use v0 tags or use the v2 module.

Tagging prior to v2

This is likely the last tag prior to the switch to generics and the v2 package.

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hashicorp/golang-lru&package-manager=go_modules&previous-version=0.5.5-0.20210104140557-80c98217689d&new-version=1.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index fca07d2da0..13530beb23 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/gorilla/mux v1.8.0 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/grpc-ecosystem/grpc-gateway v1.16.0 - github.com/hashicorp/golang-lru v0.5.5-0.20210104140557-80c98217689d + github.com/hashicorp/golang-lru v1.0.2 github.com/hdevalence/ed25519consensus v0.1.0 github.com/improbable-eng/grpc-web v0.15.0 github.com/jhump/protoreflect v1.12.1-0.20220721211354-060cc04fc18b diff --git a/go.sum b/go.sum index dfad0e0933..1726a5183e 100644 --- a/go.sum +++ b/go.sum @@ -353,8 +353,8 @@ github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09 github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.5-0.20210104140557-80c98217689d h1:dg1dEPuWpEqDnvIw251EVy4zlP8gWbsGj4BsUKCRpYs= -github.com/hashicorp/golang-lru v0.5.5-0.20210104140557-80c98217689d/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= +github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= From 9e2cda2156077b3dcb92787d1beb8cbe4aaef49d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 05:15:24 +0000 Subject: [PATCH 6/9] chore(deps): Bump docker/metadata-action from 4 to 5 (#1125) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5.
Release notes

Sourced from docker/metadata-action's releases.

v5.0.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.6.0...v5.0.0

v4.6.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.5.0...v4.6.0

v4.5.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.4.0...v4.5.0

v4.4.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0

v4.3.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.2.0...v4.3.0

v4.2.0

  • Add tz attribute to handlebar date function by @​chroju (#251)
  • Bump minimatch from 3.0.4 to 3.1.2 (#242)
  • Bump csv-parse from 5.3.1 to 5.3.3 (#245)
  • Bump json5 from 2.2.0 to 2.2.3 (#252)

Full Changelog: https://github.com/docker/metadata-action/compare/v4.1.1...v4.2.0

v4.1.1

  • Revert changes to set associated head sha on pull request event by @​crazy-max (#239)
    • User can still set associated head sha on PR by setting the env var DOCKER_METADATA_PR_HEAD_SHA=true
  • Bump csv-parse from 5.3.0 to 5.3.1 (#237)

Full Changelog: https://github.com/docker/metadata-action/compare/v4.1.0...v4.1.1

... (truncated)

Upgrade guide

Sourced from docker/metadata-action's upgrade guide.

Upgrade notes

v2 to v3

  • Repository has been moved to docker org. Replace crazy-max/ghaction-docker-meta@v2 with docker/metadata-action@v5
  • The default bake target has been changed: ghaction-docker-meta > docker-metadata-action

v1 to v2

inputs

New Unchanged Removed
tags images tag-sha
flavor sep-tags tag-edge
labels sep-labels tag-edge-branch
tag-semver
tag-match
tag-match-group
tag-latest
tag-schedule
tag-custom
tag-custom-only
label-custom

tag-sha

tags: |
  type=sha

tag-edge / tag-edge-branch

tags: |
  # default branch
</tr></table>

... (truncated)

Commits
  • 96383f4 Merge pull request #320 from docker/dependabot/npm_and_yarn/csv-parse-5.5.0
  • f138b96 chore: update generated content
  • 9cf7015 Bump csv-parse from 5.4.0 to 5.5.0
  • 5a8a5ff Merge pull request #315 from docker/dependabot/npm_and_yarn/handlebars-4.7.8
  • 2279d9a chore: update generated content
  • c659933 Bump handlebars from 4.7.7 to 4.7.8
  • 48d23cc Merge pull request #333 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
  • b83ffb4 chore: update generated content
  • 3207f24 Bump @​actions/core from 1.10.0 to 1.10.1
  • 63f4a26 Merge pull request #328 from crazy-max/update-node20
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 11ef9a2e79..ed1dd3ca22 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -27,7 +27,7 @@ jobs: password: ${{secrets.DOCKERHUB_TOKEN}} - name: extract metadata for docker id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{env.registry}}/${{env.repository}} tags: | From 78deaf07dbe12f4bd7667ef026724a718e7d6093 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 05:15:37 +0000 Subject: [PATCH 7/9] chore(deps): Bump docker/login-action from 2 to 3 (#1124) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
Release notes

Sourced from docker/login-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/login-action/compare/v2.2.0...v3.0.0

v2.2.0

Full Changelog: https://github.com/docker/login-action/compare/v2.1.0...v2.2.0

v2.1.0

  • Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
  • Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
  • Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
  • Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: https://github.com/docker/login-action/compare/v2.0.0...v2.1.0

Commits
  • 343f7c4 Merge pull request #599 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • aad0f97 chore: update generated content
  • 2e0cd39 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • 203bc9c Merge pull request #588 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • 2199648 chore: update generated content
  • b489376 build(deps): bump the proxy-agent-dependencies group with 1 update
  • 7c309e7 Merge pull request #598 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
  • 0ccf222 chore: update generated content
  • 56d703e Merge pull request #597 from docker/dependabot/github_actions/aws-actions/con...
  • 24d3b35 build(deps): bump @​actions/core from 1.10.0 to 1.10.1
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index ed1dd3ca22..3c258da30f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -19,7 +19,7 @@ jobs: with: fetch-depth: 0 - name: login to the registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 if: github.event_name != 'pull_request' with: registry: ${{env.registry}} From 2d4f3b9df512f94a63b30bbf8f2c1c00393ca648 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 05:17:23 +0000 Subject: [PATCH 8/9] chore(deps): Bump docker/build-push-action from 4 to 5 (#1123) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5.
Release notes

Sourced from docker/build-push-action's releases.

v5.0.0

Full Changelog: https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0

v4.2.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1

v4.2.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0

v4.1.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1

v4.1.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0

Commits
  • 0565240 Merge pull request #959 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
  • 3ab07f8 chore: update generated content
  • b9e7e4d chore(deps): Bump @​actions/core from 1.10.0 to 1.10.1
  • 04d1a3b Merge pull request #954 from crazy-max/update-node20
  • 1a4d1a1 chore: node 20 as default runtime
  • 675965c chore: update generated content
  • 58ee34c chore: fix author in package.json
  • c97c406 fix ProxyConfig type when checking length
  • 47d5369 vendor: bump @​docker/actions-toolkit from 0.8.0 to 0.12.0
  • 8895c74 chore: update dev dependencies
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 3c258da30f..c16d36cb40 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -33,7 +33,7 @@ jobs: tags: | type=semver,pattern={{version}} - name: docker build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: push: ${{github.event_name != 'pull_request'}} build-args: ARCH=x86_64 From ef6aaf3275c7142039ab5940e2d90323f90a5149 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 05:17:35 +0000 Subject: [PATCH 9/9] chore(deps): Bump actions/cache from 3.3.1 to 3.3.2 (#1119) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 3.3.2.
Release notes

Sourced from actions/cache's releases.

v3.3.2

What's Changed

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v3...v3.3.2

Changelog

Sourced from actions/cache's changelog.

3.3.1

  • Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.2

  • Fixes bug with Azure SDK causing blob downloads to get stuck.
Commits
  • 704facf Merge pull request #1236 from actions/bethanyj28/bump-version
  • 17e2888 Add to RELEASES.md
  • 667d8fd bump action version to 3.3.2
  • f7ebb81 Consume latest toolkit and fix dangling promise bug (#1217)
  • 67b839e Merge pull request #1187 from jorendorff/jorendorff/rm-add-to-project
  • 57f0e3f Remove actions to add new PRs and issues to a project board
  • 04f198b Merge pull request #1132 from vorburger/bazel-example
  • bd9b49b Merge branch 'main' into bazel-example
  • ea05037 Merge pull request #1122 from actions/pdotl-patch-1
  • 6a1a45d Merge branch 'main' into pdotl-patch-1
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3.3.1&new-version=3.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- .github/workflows/release-sims.yml | 8 ++++---- .github/workflows/sims.yml | 10 +++++----- .github/workflows/sims_normal.yml | 8 ++++---- .github/workflows/test.yml | 2 +- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/release-sims.yml b/.github/workflows/release-sims.yml index 239846448f..e966613260 100644 --- a/.github/workflows/release-sims.yml +++ b/.github/workflows/release-sims.yml @@ -43,7 +43,7 @@ jobs: - name: install runsim run: | export GO111MODULE="on" && go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -56,7 +56,7 @@ jobs: - uses: actions/setup-go@v4.0.1 with: go-version: '1.20' - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -76,7 +76,7 @@ jobs: - uses: actions/setup-go@v4.0.1 with: go-version: '1.20' - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -96,7 +96,7 @@ jobs: - uses: actions/setup-go@v4.0.1 with: go-version: '1.20' - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary diff --git a/.github/workflows/sims.yml b/.github/workflows/sims.yml index c034a376f0..c7d6ee27be 100644 --- a/.github/workflows/sims.yml +++ b/.github/workflows/sims.yml @@ -42,7 +42,7 @@ jobs: run: go version - name: Install runsim run: export GO111MODULE="on" && go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -64,7 +64,7 @@ jobs: !**/**_test.go go.mod go.sum - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -93,7 +93,7 @@ jobs: go.sum SET_ENV_NAME_INSERTIONS: 1 SET_ENV_NAME_LINES: 1 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -122,7 +122,7 @@ jobs: go.sum SET_ENV_NAME_INSERTIONS: 1 SET_ENV_NAME_LINES: 1 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -151,7 +151,7 @@ jobs: go.sum SET_ENV_NAME_INSERTIONS: 1 SET_ENV_NAME_LINES: 1 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary diff --git a/.github/workflows/sims_normal.yml b/.github/workflows/sims_normal.yml index 1b17703083..50e0e2b4fc 100644 --- a/.github/workflows/sims_normal.yml +++ b/.github/workflows/sims_normal.yml @@ -29,7 +29,7 @@ jobs: run: go version - name: Install runsim run: export GO111MODULE="on" && go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -44,7 +44,7 @@ jobs: go-version: '1.20' - name: Display go version run: go version - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -62,7 +62,7 @@ jobs: go-version: '1.20' - name: Display go version run: go version - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary @@ -80,7 +80,7 @@ jobs: go-version: '1.20' - name: Display go version run: go version - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-runsim-binary diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 59d85cbcd0..49c1d0aae2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -29,7 +29,7 @@ jobs: - name: install tparse run: | go install github.com/mfridman/tparse@v0.8.3 - - uses: actions/cache@v3.3.1 + - uses: actions/cache@v3.3.2 with: path: ~/go/bin key: ${{ runner.os }}-go-tparse-binary