Bump github.com/cosmos/cosmos-sdk from 0.38.4 to 0.39.1

[dependabot-preview]

Bumps github.com/cosmos/cosmos-sdk from 0.38.4 to 0.39.1.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.39.1 - The Launchpad Series

Cosmos SDK v0.39.1 Release Notes

This release fixes the issue affecting the accounts migration from v0.38 to v0.39.

See the Cosmos SDK 0.39.1 milestone on our issue tracker for details.

Remove custom JSON serialization for account types

Account types JSON serialization has now changed to Amino. Changes are significant (e.g. integers are treated as strings) thus it is required to migrate the exported state of an application before restarting the node with a more recent version of the Cosmos SDK.

REST server's --unsafe-cors mode

This a UX improvement back ported from master that allows developers to disable CORS restrictions during app development and testing by passing the --unsafe-cors option to the client's rest-server command.

Tendermint 0.33.7

Tendermint 0.33.7 brings an important regression fix. Please refer to this bug report for more information.

v0.39.0 Launchpad

Cosmos SDK v0.39.0 Release Notes

This is the inaugural release of the Cosmos SDK 0.39 «Launchpad» release series.

See the CHANGELOG.md file or the Cosmos SDK 0.39.0 milestone on our issue tracker for details.

Changes to IAVL and store pruning

The pruning features introduced in the 0.38 release series are buggy and might lead to data loss, even after upgrading to v0.39.0. When upgrading from 0.38 it is important to follow the instructions below, to prevent data loss and database corruption.

Note: there are are several breaking changes with regard to IAVL, stores, and pruning settings that affect command line clients, server configuration, and Golang API.

Migrate an application from 0.38.5 to 0.39.0

The IAVL's v0.13.0 release introduced a pruning functionality that turned out to be buggy and flawed. IAVL's new v0.14.0 release now commits and flushes every state to disk as it did in pre-v0.13.0 release. The SDK's multi-store will track and ensure the proper heights are pruned. The operator can now set the pruning options by passing a pruning configuration via command line option or app.toml. The pruning flag supports the following options: default, everything, nothing, custom - see docs for further details. If the operator chooses custom, they may want to provide either of the granular pruning values:

• pruning-keep-recent
• pruning-keep-every
• pruning-interval

The former two options dictate how many recent versions are kept on disk and the offset of what versions are kept after that

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

[v0.39.1]

• (x/auth) #6861 Remove public key Bech32 encoding for all account types for JSON serialization, instead relying on direct Amino encoding. In addition, JSON serialization utilizes Amino instead of the Go stdlib, so integers are treated as strings.
• (client) #6853 Add --unsafe-cors flag.

[v0.39.0]

Improvements

• (deps) Bump Tendermint version to v0.33.6
• (deps) Bump IAVL version to v0.14.0
• (client) #5585 CLIContext additions:
  • Introduce QueryABCI that returns the full abci.ResponseQuery with inclusion Merkle proofs.
  • Added prove flag for Merkle proof verification.
• (x/staking) #6791) Close {UBDQueue,RedelegationQueu}Iterator once used.

API Breaking Changes

• (baseapp) #5837 Transaction simulation now returns a SimulationResponse which contains the GasInfo and Result from the execution.

Client Breaking Changes

• (x/auth) #6745 Remove BaseAccount's custom JSON {,un}marshalling.

Bug Fixes

• (store) #6475 Revert IAVL pruning functionality introduced in v0.13.0, where the IAVL no longer keeps states in-memory in which it flushes periodically. IAVL now commits and flushes every state to disk as it did pre-v0.13.0. The SDK's multi-store will track and ensure the proper heights are pruned. The operator can set the pruning options via a pruning config via the CLI or through app.toml. The pruning flag exposes default|everything|nothing|custom as options -- see docs for further details. If the operator chooses custom, they may provide granular pruning options pruning-keep-recent, pruning-keep-every, and pruning-interval. The former two options dictate how many recent versions are kept on disk and the offset of what versions are kept after that respectively, and the latter defines the height interval in which versions are deleted in a batch. Note, there are some client-facing API breaking changes with regard to IAVL, stores, and pruning settings.
• (x/distribution) #6210 Register MsgFundCommunityPool in distribution amino codec.
• (types) #5741 Prevent ChainAnteDecorators() from panicking when empty AnteDecorator slice is supplied.
• (baseapp) #6306 Prevent events emitted by the antehandler from being persisted between transactions.
• (client/keys) #5091 keys parse does not honor client app's configuration.
• (x/bank) #6674 Create account if recipient does not exist on handing MsgMultiSend.
• (x/auth) #6287 Fix nonce stuck when sending multiple transactions from an account in a same block.

[v0.38.5] - 2020-07-02

Improvements

• (tendermint) Bump Tendermint version to v0.33.6.

Commits

• 6a624c3 Merge pull request #6921 from cosmos/backport/v0.39.x
• 3e263c8 incorporate Ethan Frey's suggestion
• b903c4a test case with real genesis data (#6995)
• a6ab122 update changelog
• 1efac36 update RELEASE_NOTES.md
• 8084428 Update x/auth/legacy/v0_39/types.go
• 65ec8e6 Merge PR #6937: Bump Tendermint to v0.33.7
• 9beb119 Merge PR #6938: Fix v0.39 migrate test
• 9b94892 Update x/auth/legacy/v0_38/types.go
• d92a491 Update x/auth/legacy/v0_39/types.go
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)