Bump the go_modules group group with 1 update

[dependabot]

Bumps the go_modules group group with 1 update: github.com/cosmos/cosmos-sdk.

Updates github.com/cosmos/cosmos-sdk from 0.50.4 to 0.50.5

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.50.5

Cosmos SDK v0.50.5 Release Notes

💬 Release Discussion

🚀 Highlights

This is time for another patch release of Cosmos SDK Eden. This release includes a few notable fixes:

• Fix a bypass delegator slashing: GHSA-86h5-xcpx-cfqc
• Fix an issue in baseapp.ValidateVoteExtensions helper: GHSA-95rx-m9m5-m94v
• Allow to provide custom signers for x/auth/tx using depinject

We recommended to upgrade to this patch release as soon as possible.
When upgrading from <= v0.50.4, please ensure that 2/3 of the validator power upgrade to v0.50.5.

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Refer to the upgrading guide when migrating from v0.47.x to v0.50.1. Note, that the next SDK release, v0.51, will not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.50.5 - 2024-03-12

Features

• (baseapp) #19626 Add DisableBlockGasMeter option to BaseApp, which removes the block gas meter during transaction execution.

Improvements

• (x/distribution) #19707 Add autocli config for DelegationTotalRewards for CLI consistency with q rewards commands in previous versions.
• (x/auth) #19651 Allow empty public keys in GetSignBytesAdapter.

Bug Fixes

• (x/gov) #19725 Fetch a failed proposal tally from proposal.FinalTallyResult in the gprc query.
• (types) #19709 Fix skip staking genesis export when using CoreAppModuleAdaptor / CoreAppModuleBasicAdaptor for it.
• (x/auth) #19549 Accept custom get signers when injecting x/auth/tx.
• (x/staking) Fix a possible bypass of delegator slashing: GHSA-86h5-xcpx-cfqc
• (baseapp) Fix a bug in baseapp.ValidateVoteExtensions helper (GHSA-95rx-m9m5-m94v). The helper has been fixed and for avoiding API breaking changes currentHeight and chainID arguments are ignored. Those arguments are removed from the helper in v0.51+.

Commits

• a321866 chore: prepare v0.50.5 (#19715)
• a877c47 fix(x/gov): grpc query tally for failed proposal (backport #19725) (#19727)
• c382225 feat(x/distribution): add rewards-by-validator autocli config (backport #1970...
• f055cde feat(baseapp): add option to disable block gas meter (#19626)
• 4467110 Merge pull request from GHSA-95rx-m9m5-m94v
• 6689e36 build(deps): Bump deps (backport #19655) (#19711)
• 3382e8e fix(types): check for HasABCIGenesis in CoreAppModuleBasicAdaptor (#19709)
• f9041cd refactor(x/auth): allow empty public keys for GetSignBytesAdapter (backport #...
• 2abd2ec feat(client/v2): marshal enum as string (#19653)
• 09a49fe build(deps): Bump cosmossdk.io/x/tx from 0.13.0 to 0.13.1 (#19665)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[coderabbitai]

Important

Auto Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit-tests for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.