Skip to content

Commit cdddbba

Browse files
nowoojnowooj
authored
Merge pull request #160 from xpladev/fix/1.7-security-patch-2
apply cosmos sdk security patch
2 parents cb466b2 + c845a2b commit cdddbba

File tree

2 files changed

+60
-60
lines changed

2 files changed

+60
-60
lines changed

go.mod

+20-20
Original file line numberDiff line numberDiff line change
@@ -13,11 +13,11 @@ require (
1313
cosmossdk.io/tools/confix v0.1.2
1414
cosmossdk.io/x/evidence v0.1.1
1515
cosmossdk.io/x/feegrant v0.1.1
16-
cosmossdk.io/x/tx v0.13.5
16+
cosmossdk.io/x/tx v0.13.7
1717
cosmossdk.io/x/upgrade v0.1.4
1818
github.com/CosmWasm/wasmd v0.53.2
1919
github.com/cometbft/cometbft v0.38.12
20-
github.com/cosmos/cosmos-db v1.0.2
20+
github.com/cosmos/cosmos-db v1.1.0
2121
github.com/cosmos/cosmos-proto v1.0.0-beta.5
2222
github.com/cosmos/cosmos-sdk v0.50.10
2323
github.com/cosmos/gogoproto v1.7.0
@@ -37,19 +37,19 @@ require (
3737
github.com/stretchr/testify v1.9.0
3838
github.com/xpladev/ethermint v0.24.0-xpla
3939
golang.org/x/sync v0.8.0
40-
google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237
41-
google.golang.org/grpc v1.64.1
42-
google.golang.org/protobuf v1.34.2
40+
google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142
41+
google.golang.org/grpc v1.67.1
42+
google.golang.org/protobuf v1.35.1
4343
gopkg.in/yaml.v2 v2.4.0
4444
)
4545

4646
require (
4747
cloud.google.com/go v0.112.1 // indirect
48-
cloud.google.com/go/compute/metadata v0.3.0 // indirect
48+
cloud.google.com/go/compute/metadata v0.5.0 // indirect
4949
cloud.google.com/go/iam v1.1.6 // indirect
5050
cloud.google.com/go/storage v1.38.0 // indirect
5151
cosmossdk.io/collections v0.4.0 // indirect
52-
cosmossdk.io/depinject v1.0.0 // indirect
52+
cosmossdk.io/depinject v1.1.0 // indirect
5353
cosmossdk.io/x/circuit v0.1.1 // indirect
5454
filippo.io/edwards25519 v1.0.0 // indirect
5555
github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
@@ -76,15 +76,15 @@ require (
7676
github.com/cockroachdb/errors v1.11.3 // indirect
7777
github.com/cockroachdb/fifo v0.0.0-20240606204812-0bbfbd93a7ce // indirect
7878
github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b // indirect
79-
github.com/cockroachdb/pebble v1.1.1 // indirect
79+
github.com/cockroachdb/pebble v1.1.2 // indirect
8080
github.com/cockroachdb/redact v1.1.5 // indirect
8181
github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06 // indirect
8282
github.com/coinbase/rosetta-sdk-go/types v1.0.0 // indirect
8383
github.com/cometbft/cometbft-db v0.11.0 // indirect
8484
github.com/cosmos/btcutil v1.0.5 // indirect
8585
github.com/cosmos/go-bip39 v1.0.0 // indirect
8686
github.com/cosmos/gogogateway v1.2.0 // indirect
87-
github.com/cosmos/iavl v1.2.0 // indirect
87+
github.com/cosmos/iavl v1.2.2 // indirect
8888
github.com/cosmos/ics23/go v0.11.0 // indirect
8989
github.com/cosmos/ledger-cosmos-go v0.13.3 // indirect
9090
github.com/cosmos/rosetta v0.50.2 // indirect
@@ -105,7 +105,7 @@ require (
105105
github.com/dustin/go-humanize v1.0.1 // indirect
106106
github.com/dvsekhvalnov/jose2go v1.6.0 // indirect
107107
github.com/edsrzf/mmap-go v1.0.0 // indirect
108-
github.com/emicklei/dot v1.6.1 // indirect
108+
github.com/emicklei/dot v1.6.2 // indirect
109109
github.com/fatih/color v1.16.0 // indirect
110110
github.com/felixge/httpsnoop v1.0.4 // indirect
111111
github.com/fsnotify/fsnotify v1.7.0 // indirect
@@ -122,11 +122,11 @@ require (
122122
github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
123123
github.com/gogo/googleapis v1.4.1 // indirect
124124
github.com/gogo/protobuf v1.3.2 // indirect
125-
github.com/golang/glog v1.2.0 // indirect
125+
github.com/golang/glog v1.2.2 // indirect
126126
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
127127
github.com/golang/mock v1.6.0 // indirect
128128
github.com/golang/snappy v0.0.4 // indirect
129-
github.com/google/btree v1.1.2 // indirect
129+
github.com/google/btree v1.1.3 // indirect
130130
github.com/google/go-cmp v0.6.0 // indirect
131131
github.com/google/gofuzz v1.2.0 // indirect
132132
github.com/google/orderedcode v0.0.1 // indirect
@@ -226,17 +226,17 @@ require (
226226
go.opentelemetry.io/otel/metric v1.24.0 // indirect
227227
go.opentelemetry.io/otel/trace v1.24.0 // indirect
228228
go.uber.org/multierr v1.11.0 // indirect
229-
golang.org/x/crypto v0.26.0 // indirect
229+
golang.org/x/crypto v0.27.0 // indirect
230230
golang.org/x/exp v0.0.0-20240404231335-c0f41cb1a7a0 // indirect
231-
golang.org/x/net v0.28.0 // indirect
232-
golang.org/x/oauth2 v0.21.0 // indirect
233-
golang.org/x/sys v0.24.0 // indirect
234-
golang.org/x/term v0.23.0 // indirect
235-
golang.org/x/text v0.17.0 // indirect
231+
golang.org/x/net v0.29.0 // indirect
232+
golang.org/x/oauth2 v0.22.0 // indirect
233+
golang.org/x/sys v0.25.0 // indirect
234+
golang.org/x/term v0.24.0 // indirect
235+
golang.org/x/text v0.18.0 // indirect
236236
golang.org/x/time v0.5.0 // indirect
237237
google.golang.org/api v0.171.0 // indirect
238238
google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
239-
google.golang.org/genproto/googleapis/rpc v0.0.0-20240709173604-40e1e62336c5 // indirect
239+
google.golang.org/genproto/googleapis/rpc v0.0.0-20240930140551-af27646dc61f // indirect
240240
gopkg.in/ini.v1 v1.67.0 // indirect
241241
gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce // indirect
242242
gopkg.in/yaml.v3 v3.0.1 // indirect
@@ -253,7 +253,7 @@ replace (
253253
github.com/99designs/keyring => github.com/cosmos/keyring v1.2.0
254254

255255
// xpla features
256-
github.com/cosmos/cosmos-sdk => github.com/xpladev/cosmos-sdk v0.50.10-xpla
256+
github.com/cosmos/cosmos-sdk => github.com/xpladev/cosmos-sdk v0.50.11-xpla
257257
github.com/cosmos/ledger-cosmos-go => github.com/xpladev/ledger-cosmos-go v0.13.3-xpla
258258

259259
// dgrijalva/jwt-go is deprecated and doesn't receive security updates.

0 commit comments

Comments
 (0)