chore(deps): Bump github.com/cosmos/cosmos-sdk from 0.50.9 to 0.50.11

[dependabot]

Bumps github.com/cosmos/cosmos-sdk from 0.50.9 to 0.50.11.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.50.11

Cosmos SDK v0.50.11 Release Notes

💬 Release Discussion

🚀 Highlights

We are back on schedule for our monthly v0.50.x patch releases. The last two months, next to ramping up on v0.52 and v2, we added a few bug fixes and (UX) improvements.

Notable changes:

• Fix ABS-0043/ABS-0044.
• New Linux-only backend that adds Linux kernel's keyctl support
• Skip sims test when running dry on validators

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Maintenance Policy

Cosmos SDK Olympus (v0.52) final release is approaching really soon. That means the Eden line (v0.50.x) will soon only be supported for bug fixes only, as per our release policy. Earlier versions are not maintained.

Note, that the next SDK release, v0.52, does not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

Start integrating with Cosmos SDK Eden (v0.52) and enjoy and the new features and performance improvements.

v0.50.10

Cosmos SDK v0.50.10 Release Notes

💬 Release Discussion

🚀 Highlights

For this month patch release of the v0.50.x line, some bugs were fixed.

Notably, we fixed the following:

• Add the root command module-hash-by-height to query and retrieve module hashes at a specific height
• PreBlock events (mainly x/upgrade) are now emitted (this time, for real)
• A fix in runtime baseapp option ordering, giving issue when other modules were having options

📝 Changelog

Check out the changelog for an exhaustive list of changes, or compare changes from the last release.

Refer to the upgrading guide when migrating from v0.47.x to v0.50.1. Note, that the next SDK release, v0.52, will not include x/params migration, when migrating from < v0.47, v0.50.x or v0.47.x, is a mandatory migration.

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.50.11 - 2024-12-16

Features

• (crypto/keyring) #21653 New Linux-only backend that adds Linux kernel's keyctl support.

Improvements

• (server) #21941 Regenerate addrbook.json for in place testnet.

Bug Fixes

• Fix ABS-0043/ABS-0044 Limit recursion depth for unknown field detection and unpack any
• (server) #22564 Fix fallback genesis path in server
• (x/group) #22425 Proper address rendering in error
• (sims) #21906 Skip sims test when running dry on validators
• (cli) #21919 Query address-by-acc-num by account_id instead of id.
• (x/group) #22229 Accept 1 and try in CLI for group proposal exec.

v0.50.10 - 2024-09-20

Features

• (cli) #20779 Added module-hash-by-height command to query and retrieve module hashes at a specified blockchain height, enhancing debugging capabilities.
• (cli) #21372 Added a bulk-add-genesis-account genesis command to add many genesis accounts at once.
• (types/collections) #21724 Added LegacyDec collection value.

Improvements

• (x/bank) #21460 Added Sender attribute in MsgMultiSend event.
• (genutil) #21701 Improved error messages for genesis validation.
• (testutil/integration) #21816 Allow to pass baseapp options in NewIntegrationApp.

Bug Fixes

• (runtime) #21769 Fix baseapp options ordering to avoid overwriting options set by modules.
• (x/consensus) #21493 Fix regression that prevented to upgrade to > v0.50.7 without consensus version params.
• (baseapp) #21256 Halt height will not commit the block indicated, meaning that if halt-height is set to 10, only blocks until 9 (included) will be committed. This is to go back to the original behavior before a change was introduced in v0.50.0.
• (baseapp) #21444 Follow-up, Return PreBlocker events in FinalizeBlockResponse.
• (baseapp) #21413 Fix data race in sdk mempool.

Commits

• eb1a8e8 chore: prep v0.50.11 release notes (#22898)
• ba7ac45 Merge commit from fork
• 679ca5e chore: edit changelog store (partial backport #22864) (#22884)
• 3b082b5 build(deps): Bump cosmossdk.io/x/tx from 0.13.6-0.20241003112805-ff8789a02871...
• d62bcbd fix(x/tx): fix amino json drift from legacy spec (backport #21825) (#22088)
• 4a73a1e fix(client/v2/autocli): add CoinDec flag (backport #22817) (#22821)
• 96a3016 chore: prepare v0.50.11 (#22643)
• 43ac3df build(deps): Bump github.com/cosmos/iavl from 1.2.0 to 1.2.2 (#22662)
• 7bb2a3d build(deps): Bump github.com/cosmos/cosmos-db from 1.0.2 to 1.1.0 (#22638)
• 8210b50 fix(client/v2/autocli): prevent duplicate addition of customCommands (backpor...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[okdas]

@Olshansk
A previous attempt to upgrade to v0.50.10 was not done due to issues with mockgen in #865.
We need to dedicate resources to fix that, and upgrade to v0.50.11.

[Olshansk]

@okdas

1. Can you create a github issue for next month to upgrade to the latest version of the cosmos SDK?
2. Do you think dependantbot is worth it? I obviously understand it's value, but in practice, I feel like it's a distraction, creates noise and forces a context switch when we don't need it.

[okdas]

1. Can you create a github issue for next month to upgrade to the latest version of the cosmos SDK?

While this upgrade is to bump us to v0.50.11, I created a ticket to go to v0.52, which is coming soon. #1016. Does this look good or you think we should upgrade to v0.50.11 first? If so I'll create a separate one.

2. Do you think dependantbot is worth it? I obviously understand it's value, but in practice, I feel like it's a distraction, creates noise and forces a context switch when we don't need it.

In my opinion, Dependabot is essential, but it requires proper configuration. Initially, I set it up to create only pull requests when a security vulnerability is discovered in a dependency. That feature alone is worth keeping. However, if you feel that there are distractions, we should adjust the configuration. I suspect that the docusaurus stuff might not be configured correctly.

This PR was created because there is a security vulnerability addressed in cosmos-sdk.