build(deps): Bump github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6 #3780

dependabot · 2024-08-20T13:55:44Z

Bumps github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6.

Commits

bda7977 Merge pull request #2235 from AlexsandroRyan/pkg-update-checkmarx-cve
913f95b Updated github.com/btcsuite/btcd to address CVE-2024-34478
97400aa Merge pull request #2225 from Crypt-iQ/statusbytes_08062024
3eda1a5 blockchain: copy utxo status bytes to avoid UB
b161cd6 Merge pull request #2218 from guggero/btcec-fix
cefeeaa mod+rpcserver: bump to latest version of btcec
ff2e03e chore: fix some comments for struct field (#2214)
2134387 Merge pull request #2208 from kcalvinalvin/2024-07-01-close-blockfiles
e5d15fd btcec/ecdsa: remove error return value for SignCompact (#2211)
c9fae1a ffldb: close block files before deleting them
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close 8000 will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/btcsuite/btcd/btcutil](https://github.com/btcsuite/btcd) from 1.1.3 to 1.1.6. - [Release notes](https://github.com/btcsuite/btcd/releases) - [Changelog](https://github.com/btcsuite/btcd/blob/master/CHANGES) - [Commits](btcsuite/btcd@btcutil/v1.1.3...btcutil/v1.1.6) --- updated-dependencies: - dependency-name: github.com/btcsuite/btcd/btcutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

#3780) Bumps [github.com/btcsuite/btcd/btcutil](https://github.com/btcsuite/btcd) from 1.1.3 to 1.1.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/btcsuite/btcd/commit/bda7977a9abc4a27e5c089389f60e5d5117b5433"><code>bda7977</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2235">#2235</a> from AlexsandroRyan/pkg-update-checkmarx-cve</li> <li><a href="https://github.com/btcsuite/btcd/commit/913f95b2b258afac7b0139c4a1bef9f7e3c5bddc"><code>913f95b</code></a> Updated github.com/btcsuite/btcd to address CVE-2024-34478</li> <li><a href="https://github.com/btcsuite/btcd/commit/97400aa23ec3ebc94673c7ce37d14a26b60be9ec"><code>97400aa</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2225">#2225</a> from Crypt-iQ/statusbytes_08062024</li> <li><a href="https://github.com/btcsuite/btcd/commit/3eda1a58a24336c4c1aabe953f84b32a03da62cb"><code>3eda1a5</code></a> blockchain: copy utxo status bytes to avoid UB</li> <li><a href="https://github.com/btcsuite/btcd/commit/b161cd6a199b4e35acec66afc5aad221f05fe1e3"><code>b161cd6</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2218">#2218</a> from guggero/btcec-fix</li> <li><a href="https://github.com/btcsuite/btcd/commit/cefeeaa6b6a3d950eff894814e8a45adc898a0f8"><code>cefeeaa</code></a> mod+rpcserver: bump to latest version of btcec</li> <li><a href="https://github.com/btcsuite/btcd/commit/ff2e03e11233fa25c01cf4acbf76501fc008b31f"><code>ff2e03e</code></a> chore: fix some comments for struct field (<a href="https://redirect.github.com/btcsuite/btcd/issues/2214">#2214</a>)</li> <li><a href="https://github.com/btcsuite/btcd/commit/2134387ba8ff6d33d90afba285c5f0d52f3a0f6b"><code>2134387</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2208">#2208</a> from kcalvinalvin/2024-07-01-close-blockfiles</li> <li><a href="https://github.com/btcsuite/btcd/commit/e5d15fddb9c486dfe382bc95dc38d2fd247813bf"><code>e5d15fd</code></a> btcec/ecdsa: remove error return value for SignCompact (<a href="https://redirect.github.com/btcsuite/btcd/issues/2211">#2211</a>)</li> <li><a href="https://github.com/btcsuite/btcd/commit/c9fae1ac7cca6e6d55baec913286e483e28923a9"><code>c9fae1a</code></a> ffldb: close block files before deleting them</li> <li>Additional commits viewable in <a href="https://github.com/btcsuite/btcd/compare/btcutil/v1.1.3...btcutil/v1.1.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/btcsuite/btcd/btcutil&package-manager=go_modules&previous-version=1.1.3&new-version=1.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (cherry picked from commit 344eaf7)

…6 (backport #3780) (#3804) Bumps [github.com/btcsuite/btcd/btcutil](https://github.com/btcsuite/btcd) from 1.1.3 to 1.1.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/btcsuite/btcd/commit/bda7977a9abc4a27e5c089389f60e5d5117b5433"><code>bda7977</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2235">#2235</a> from AlexsandroRyan/pkg-update-checkmarx-cve</li> <li><a href="https://github.com/btcsuite/btcd/commit/913f95b2b258afac7b0139c4a1bef9f7e3c5bddc"><code>913f95b</code></a> Updated github.com/btcsuite/btcd to address CVE-2024-34478</li> <li><a href="https://github.com/btcsuite/btcd/commit/97400aa23ec3ebc94673c7ce37d14a26b60be9ec"><code>97400aa</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2225">#2225</a> from Crypt-iQ/statusbytes_08062024</li> <li><a href="https://github.com/btcsuite/btcd/commit/3eda1a58a24336c4c1aabe953f84b32a03da62cb"><code>3eda1a5</code></a> blockchain: copy utxo status bytes to avoid UB</li> <li><a href="https://github.com/btcsuite/btcd/commit/b161cd6a199b4e35acec66afc5aad221f05fe1e3"><code>b161cd6</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2218">#2218</a> from guggero/btcec-fix</li> <li><a href="https://github.com/btcsuite/btcd/commit/cefeeaa6b6a3d950eff894814e8a45adc898a0f8"><code>cefeeaa</code></a> mod+rpcserver: bump to latest version of btcec</li> <li><a href="https://github.com/btcsuite/btcd/commit/ff2e03e11233fa25c01cf4acbf76501fc008b31f"><code>ff2e03e</code></a> chore: fix some comments for struct field (<a href="https://redirect.github.com/btcsuite/btcd/issues/2214">#2214</a>)</li> <li><a href="https://github.com/btcsuite/btcd/commit/2134387ba8ff6d33d90afba285c5f0d52f3a0f6b"><code>2134387</code></a> Merge pull request <a href="https://redirect.github.com/btcsuite/btcd/issues/2208">#2208</a> from kcalvinalvin/2024-07-01-close-blockfiles</li> <li><a href="https://github.com/btcsuite/btcd/commit/e5d15fddb9c486dfe382bc95dc38d2fd247813bf"><code>e5d15fd</code></a> btcec/ecdsa: remove error return value for SignCompact (<a href="https://redirect.github.com/btcsuite/btcd/issues/2211">#2211</a>)</li> <li><a href="https://github.com/btcsuite/btcd/commit/c9fae1ac7cca6e6d55baec913286e483e28923a9"><code>c9fae1a</code></a> ffldb: close block files before deleting them</li> <li>Additional commits viewable in <a href="https://github.com/btcsuite/btcd/compare/btcutil/v1.1.3...btcutil/v1.1.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/btcsuite/btcd/btcutil&package-manager=go_modules&previous-version=1.1.3&new-version=1.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details><hr>This is an automatic backport of pull request #3780 done by [Mergify](https://mergify.com).

dependabot bot requested a review from a team as a code owner August 20, 2024 13:55

dependabot bot added automerge dependencies Dependency updates labels Aug 20, 2024

mergify bot added the backport-to-v0.38.x-experimental Tell Mergify to backport the PR to v0.38.x-experimental label Aug 20, 2024

melekes approved these changes Aug 20, 2024

View reviewed changes

melekes merged commit 344eaf7 into v0.38.x Aug 20, 2024
18 checks passed

melekes deleted the dependabot/go_modules/v0.38.x/github.com/btcsuite/btcd/btcutil-1.1.6 branch August 20, 2024 14:17

mergify bot mentioned this pull request Aug 20, 2024

build(deps): Bump github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6 (backport #3780) #3804

Merged

faddat mentioned this pull request Oct 15, 2024

chore: use latest cometbft-db in v0.38.x #4296

Closed

3 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): Bump github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6 #3780

build(deps): Bump github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6 #3780

Uh oh!

Uh oh!

Uh oh!

Uh oh!

build(deps): Bump github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6 #3780

build(deps): Bump github.com/btcsuite/btcd/btcutil from 1.1.3 to 1.1.6 #3780

Uh oh!

Conversation

Uh oh!

Uh oh!

Uh oh!