Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: bump cosmos-sdk to v0.47.15-ics-lsm #2944

Merged
merged 2 commits into from
Jun 7, 2024
Merged

fix: bump cosmos-sdk to v0.47.15-ics-lsm #2944

merged 2 commits into from
Jun 7, 2024

Conversation

dreamer-zq
Copy link
Contributor

@dreamer-zq dreamer-zq commented Jun 7, 2024
edited by coderabbitai bot
Loading

This commit causes state machine breaking and resolves vulnerability LSM-2024-001

Summary by CodeRabbit

  • New Features
    • Upgraded the IRISHub module to cosmos-sdk version v0.47.15-ics-lsm, introducing significant changes to the state machine functionality.

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jun 7, 2024
edited
Loading

Walkthrough

In version 3.1.0, a significant update was made to the IRISHub module by upgrading the cosmos-sdk to version v0.47.15-ics-lsm. This change introduces a breaking modification in the state machine functionality, ensuring enhanced performance and capabilities.

Changes

Files/Paths Change Summary
IRISHub/... Upgraded cosmos-sdk to v0.47.15-ics-lsm, causing a breaking change in state machine functionality.

Poem

In the land of code, a change so grand,
IRISHub's state machine now takes a stand.
With cosmos-sdk bumped to a new height,
Version 3.1.0 shines so bright.
Breaking changes, but fear not,
For progress is the prize we've got.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@dreamer-zq
Copy link
Contributor Author

@coderabbitai review

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jun 7, 2024

@dreamer-zq, I will review the changes made in this pull request to ensure they align with the project's standards and effectively address the mentioned vulnerability. This will include examining the updated dependencies, any new code introduced, and the overall impact on the state machine.

Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai[bot]
coderabbitai bot reviewed Jun 7, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Outside diff range and nitpick comments (9)
CHANGELOG.md (9)

Line range hint 153-153: Correct the date format to "November 03rd, 2021" to "November 03, 2021".

- *November 03th, 2021*
+ *November 03, 2021*

Line range hint 170-170: Correct the date format from "April 21th, 2021" to "April 21, 2021".

- *April 21th, 2021*
+ *April 21, 2021*

Line range hint 270-270: Correct the date format from "Nov 22th, 2019" to "Nov 22, 2019".

- *Nov 22th, 2019*
+ *Nov 22, 2019*

Line range hint 347-347: Correct the date format from "Oct 2th, 2019" to "Oct 2, 2019".

- *Oct 2th, 2019*
+ *Oct 2, 2019*

Line range hint 364-364: Correct the date format from "Aug 22th, 2019" to "Aug 22, 2019".

- *Aug 22th, 2019*
+ *Aug 22, 2019*

Line range hint 433-433: Correct the date format from "May 31th, 2019" to "May 31, 2019".

- *May 31th, 2019*
+ *May 31, 2019*

Line range hint 492-492: Correct the date format from "Mar 22th, 2019" to "Mar 22, 2019".

- *Mar 22th, 2019*
+ *Mar 22, 2019*

Line range hint 595-595: Correct the date format from "January 21th, 2019" to "January 21, 2019".

- *January 21th, 2019*
+ *January 21, 2019*

Line range hint 882-882: Correct the date format from "September 22th, 2018" to "September 22, 2018".

- *September 22th, 2018*
+ *September 22, 2018*
Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7eac61c and 23355b3.

Files ignored due to path filters (2)
  • go.mod is excluded by !**/*.mod
  • go.sum is excluded by !**/*.sum
Files selected for processing (1)
  • CHANGELOG.md (1 hunks)
Additional context used
LanguageTool
CHANGELOG.md

[duplication] ~144-~144: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ....com//pull/2734) Bump up TIBC-Go * [TIBC-Go #247](https://github.com/bianjieai/tib...

[style] ~149-~149: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym. (ENGLISH_WORD_REPEAT_BEGINNING_RULE)
Context: ...uirements in a more flexible manner. * [irismod #269](https://github.com/irisnet/irism...

[inconsistency] ~153-~153: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...ulti Token) module ## 1.2.0 November 03th, 2021 ### Application * [#2681](htt...

[inconsistency] ~170-~170: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...e new REST endpoints. ## 1.1.1 April 21th, 2021 ### Application * [#2611](htt...

[style] ~261-~261: Unless you want to emphasize “not”, use “cannot” which is more common. (CAN_NOT_PREMIUM)
Context: ...es/2109) Fix the bug that the hash lock can not be specified in the CLI ### Applicatio...

[inconsistency] ~270-~270: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...sing rootstore version ## 0.16.0 Nov 22th, 2019 ### Breaking Changes * [API Br...

[inconsistency] ~347-~347: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...x the p2p panic error. ## 0.15.3 Oct 2th, 2019 ### Tendermint Bump Tendermint...

[inconsistency] ~364-~364: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...g on replay-last-block ## 0.15.1 Aug 22th, 2019 ### Application * [#1895](htt...

[inconsistency] ~433-~433: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...d mempool memory usage ## 0.14.1 May 31th, 2019 ### LCD (REST API) * [#1486](...

[inconsistency] ~492-~492: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...) Improve v0.13.1 docs ## 0.13.1 Mar 22th, 2019 ### LCD (REST API) * [#1339](...

[inconsistency] ~595-~595: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...multiple times ## 0.11.0-rc0 January 21th, 2019 * [iris] Move the upgrade tally...

[grammar] ~650-~650: The word “setup” is a noun. The verb is spelled with a white space. (NOUN_VERB_CONFUSION)
Context: ... and implement the governance module to setup the new voting, tally, and penalty rule...

[grammar] ~704-~704: The word ‘withdraw’ is not a noun. Did you mean “withdrawal”? (PREPOSITION_VERB)
Context: ...sal cmd * Add withdraw address into the withdraw tags list * Fix the monitor bug ## 0.9...

[inconsistency] ~882-~882: The suffix does not match the ordinal number. (ORDINAL_NUMBER_SUFFIX)
Context: ...ns of the irisnet ## 0.4.2 September 22th, 2018 BUG FIXES * Fix consensus fail...

Markdownlint
CHANGELOG.md

969-969: Expected: atx; Actual: atx_closed (MD003, heading-style)
Heading style

990-990: Expected: atx; Actual: atx_closed (MD003, heading-style)
Heading style

106-106: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

117-117: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

139-139: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

153-153: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

170-170: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

179-179: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

194-194: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

206-206: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

241-241: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

249-249: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

257-257: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

270-270: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

331-331: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

339-339: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

347-347: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

355-355: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

364-364: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

373-373: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

433-433: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

446-446: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

492-492: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

526-526: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

534-534: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

540-540: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

557-557: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

564-564: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

581-581: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

595-595: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

618-618: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

624-624: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

631-631: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

642-642: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

687-687: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

693-693: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

700-700: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

709-709: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

741-741: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

747-747: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

767-767: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

776-776: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

815-815: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

824-824: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

846-846: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

858-858: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

882-882: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

890-890: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

898-898: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

931-931: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

939-939: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

950-950: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

973-973: null (MD036, no-emphasis-as-heading)
Emphasis used instead of a heading

CHANGELOG.md

### State Machine Breaking

* (IRISHub) [\#2944](https://github.com/irisnet/irishub/pull/2944) Bump cosmos-sdk to v0.47.15-ics-lsm
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tip

Codebase Verification

The changelog entry for PR #2944 is correct but lacks comprehensiveness. The PR description includes important details about state machine breaking changes and a resolved vulnerability, which should be reflected in the changelog.

  • Update the changelog entry to include information about the state machine breaking changes and the resolved vulnerability.
Analysis chain

Ensure the changelog entry links to the correct PR and describes the update comprehensively.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the PR link and description in the changelog entry.

# Test: Search for the PR link and description in the changelog. Expect: Correct PR link and comprehensive description.
rg --type md $'https://github.com/irisnet/irishub/pull/2944'

Length of output: 175

Script:

#!/bin/bash
# Fetch the details of PR #2944 to verify the comprehensiveness of the changelog entry.
gh pr view 2944 --json title,body

Length of output: 596

@mitch1024 mitch1024 merged commit 62e3139 into release/v3.x Jun 7, 2024
1 check passed
@mitch1024 mitch1024 deleted the dreamer/v3.x branch June 7, 2024 07:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai coderabbitai left review comments

@mitch1024 mitch1024 mitch1024 approved these changes

@harvey-smith harvey-smith Awaiting requested review from harvey-smith

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dreamer-zq @mitch1024