Add missing dependabot changelog entries 1864, 1863, 1858, 1857, 1850. #1870
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WalkthroughThe changes involve fixing the validation for Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
Taztingo
previously approved these changes
Mar 7, 2024
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Review Status
Actionable comments generated: 0
Configuration used: CodeRabbit UI
Files selected for processing (2)
- .github/workflows/changelog.yml (1 hunks)
- CHANGELOG.md (1 hunks)
Additional comments: 3
.github/workflows/changelog.yml (1)
- 39-39: The correction of the
activationLabelsparameter from singular to plural is noted and aligns with the PR objectives to fix the automatic changelog entry generation. This change is crucial for the workflow's correct functioning.CHANGELOG.md (2)
- 50-53: Dependency updates are crucial for maintaining the project's security, performance, and compatibility. Ensure thorough testing and compatibility checks are performed to prevent potential issues.
- 46-46: Fixing the
MarkerTransferAuthorizationvalidation is critical for ensuring the integrity of marker transfers. Ensure comprehensive testing and review to cover all edge cases and prevent new vulnerabilities.
SpicyLemon
changed the title
Taztingo
previously approved these changes
Mar 7, 2024
…n didn't go as expected and it ended up with two).
Taztingo
previously approved these changes
Mar 7, 2024
iramiller
previously approved these changes
Mar 10, 2024
iramiller
approved these changes
Mar 10, 2024
Taztingo
approved these changes
Mar 11, 2024
SpicyLemon
added a commit
that referenced
this pull request
Mar 18, 2024
#1870) * Use activationLabels (instead of the deprecated activationLabel) in the changelog github action. * Add dependabot changelog entries that were missed previously. * Add missing # from a changelog entry link. * Undo the changelog github action change and let it be done in a different PR. * Combine the Dependencies sections (for some reason the merge from main didn't go as expected and it ended up with two).
SpicyLemon
added a commit
that referenced
this pull request
Mar 18, 2024
… 1872. (#1875) * Bump cosmossdk.io/math from 1.2.0 to 1.3.0 (#1857) Bumps [cosmossdk.io/math](https://github.com/cosmos/cosmos-sdk) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/cosmos/cosmos-sdk/releases) - [Changelog](https://github.com/cosmos/cosmos-sdk/blob/main/CHANGELOG.md) - [Commits](cosmos/cosmos-sdk@log/v1.2.0...log/v1.3.0) --- updated-dependencies: - dependency-name: cosmossdk.io/math dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 (#1858) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@v6.0.0...v6.0.1) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlton N Hanna <nullpointer0x00@gmail.com> * Bump google.golang.org/grpc from 1.61.1 to 1.62.0 (#1850) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.1 to 1.62.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.61.1...v1.62.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ira Miller <72319+iramiller@users.noreply.github.com> * Bump github.com/golang/protobuf from 1.5.3 to 1.5.4 (#1863) Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/golang/protobuf/releases) - [Commits](golang/protobuf@v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: github.com/golang/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google.golang.org/grpc from 1.62.0 to 1.62.1 (#1864) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1860) * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Switch the changelog action to use activationLabels (instead of the deprecated and maybe broken activationLabel). * Updated Changelog * Fix placement of new Dependencies section in the changelog. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daniel Wedul <github@wedul.com> Co-authored-by: SpicyLemon <SpicyLemon@users.noreply.github.com> * Bump bufbuild/buf-setup-action from 1.29.0 to 1.30.0 (#1871) * Bump bufbuild/buf-setup-action from 1.29.0 to 1.30.0 Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.29.0 to 1.30.0. - [Release notes](https://github.com/bufbuild/buf-setup-action/releases) - [Commits](bufbuild/buf-setup-action@v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: bufbuild/buf-setup-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updated Changelog --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Ira Miller <72319+iramiller@users.noreply.github.com> * Add missing dependabot changelog entries 1864, 1863, 1858, 1857, 1850. (#1870) * Use activationLabels (instead of the deprecated activationLabel) in the changelog github action. * Add dependabot changelog entries that were missed previously. * Add missing # from a changelog entry link. * Undo the changelog github action change and let it be done in a different PR. * Combine the Dependencies sections (for some reason the merge from main didn't go as expected and it ended up with two). * Bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 (#1872) * Bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@v6.0.1...v6.0.2) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Updated Changelog --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> * Remove extra changelog entries that haven't been backported yet. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlton N Hanna <nullpointer0x00@gmail.com> Co-authored-by: Ira Miller <72319+iramiller@users.noreply.github.com> Co-authored-by: SpicyLemon <SpicyLemon@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR adds the dependabot changelog entries that got missed.
The fix for that action is in #1860.
Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.
docs/) or specification (x/<module>/spec/)godoccomments.Unreleasedsection inCHANGELOG.mdFiles changedin the Github PR explorerCodecov Reportin the comment section below once CI passesSummary by CodeRabbit
Bug Fixes
MarkerTransferAuthorizationto ensure all coins and addresses are valid.Chores