* Revert "abci: Add unsynchronized local client (#9660)"
This reverts commit 45071d1f23.
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* proxy: Add unsync local client creator
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* e2e: Extend tests
Extend the E2E tests to randomly choose between the sync (default) and
unsync (new) local client creator.
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* abci: Remove redundant interface constraint
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* abci: Remove irrelevant doc comment
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* proxy: Remove backticks in doc comments
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* e2e: Remove unnecessary gap between doc comment and struct
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* Add pending changelog entry
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* e2e: Expand on BuiltinProxyMode param docstring
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* Remove builtin proxy mode config option from CI test
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* e2e: Make builtin proxy mode option testnet-wide
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* e2e: Embed sync/unsync notion in node protocol
The approach of randomly generating the proxy mode across testnets
resulted in a totally uneven ratio of sync to unsync modes for all
testnets that happened to have a protocol of "builtin".
This commit adapts the E2E tests to have a new ABCI protocol option:
"builtin_unsync". This results in a better spread of sync/unsync choices
for generated testnets.
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* e2e: Remove unused type
Signed-off-by: Thane Thomson <connect@thanethomson.com>
Signed-off-by: Thane Thomson <connect@thanethomson.com>
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.2.0 to 0.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="1e63c2f08a"><code>1e63c2f</code></a> http2: limit canonical header cache by bytes, not entries</li>
<li><a href="3247b5b4f2"><code>3247b5b</code></a> go.mod: update golang.org/x dependencies</li>
<li><a href="ecf7fda6a5"><code>ecf7fda</code></a> http2: deflake TestTransportMaxFrameReadSize</li>
<li><a href="0833b63547"><code>0833b63</code></a> publicsuffix: embed table data</li>
<li><a href="ecf091a024"><code>ecf091a</code></a> publicsuffix: update table to latest list from publicsuffix.org</li>
<li><a href="2f8c3d16b3"><code>2f8c3d1</code></a> http2: add Transport.MaxReadFrameSize configuration setting</li>
<li><a href="0e478a2a5f"><code>0e478a2</code></a> http2: add SETTINGS_HEADER_TABLE_SIZE support</li>
<li>See full diff in <a href="https://github.com/golang/net/compare/v0.2.0...v0.4.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.3.0 to 0.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="eb2c406296"><code>eb2c406</code></a> go.mod: update golang.org/x dependencies</li>
<li><a href="2c476679df"><code>2c47667</code></a> cryptobyte: add support for ReadASN1Integer into []byte</li>
<li>See full diff in <a href="https://github.com/golang/crypto/compare/v0.3.0...v0.4.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/bufbuild/buf](https://github.com/bufbuild/buf) from 1.9.0 to 1.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/bufbuild/buf/releases">github.com/bufbuild/buf's releases</a>.</em></p>
<blockquote>
<h2>v1.10.0</h2>
<ul>
<li>When using managed mode, setting <code>enabled: false</code> now no longer fails <code>buf generate</code>
and instead prints a warning log and ignores managed mode options.</li>
<li>Add <code>csharp_namespace</code> option to managed mode, allowing <code>except</code>, which excludes
modules from managed mode, and <code>override</code>, which specifies <code>csharp_namespace</code> values
per module, overriding the default value. By default, when managed mode is enabled,
<code>csharp_namespace</code> is set to the package name with each package sub-name capitalized.</li>
<li>Promote <code>buf convert</code> to stable, keep <code>buf beta convert</code> aliased in the beta command.</li>
<li>Add <code>Types</code> filter to <code>buf generate</code> command to specify types (message, enum,
service) that should be included in the image. When specified, the resulting
image will only include descriptors to describe the requested types.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/bufbuild/buf/blob/main/CHANGELOG.md">github.com/bufbuild/buf's changelog</a>.</em></p>
<blockquote>
<h2>[v1.10.0] - 2022-12-07</h2>
<ul>
<li>When using managed mode, setting <code>enabled: false</code> now no longer fails <code>buf generate</code>
and instead prints a warning log and ignores managed mode options.</li>
<li>Add <code>csharp_namespace</code> option to managed mode, allowing <code>except</code>, which excludes
modules from managed mode, and <code>override</code>, which specifies <code>csharp_namespace</code> values
per module, overriding the default value. By default, when managed mode is enabled,
<code>csharp_namespace</code> is set to the package name with each package sub-name capitalized.</li>
<li>Promote <code>buf convert</code> to stable, keep <code>buf beta convert</code> aliased in the beta command.</li>
<li>Add <code>Types</code> filter to <code>buf generate</code> command to specify types (message, enum,
service) that should be included in the image. When specified, the resulting
image will only include descriptors to describe the requested types.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ebb191e826"><code>ebb191e</code></a> Release v1.10.0 (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1655">#1655</a>)</li>
<li><a href="9dac6b347e"><code>9dac6b3</code></a> update to go 1.19.4 (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1654">#1654</a>)</li>
<li><a href="77d1d99892"><code>77d1d99</code></a> TCN-787 complete type filtering on buf generate (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1628">#1628</a>)</li>
<li><a href="a176201a40"><code>a176201</code></a> [BSR-999] Audit Curated Plugin creation (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1647">#1647</a>)</li>
<li><a href="4d2fe29b23"><code>4d2fe29</code></a> revisions for SchemaService (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1634">#1634</a>)</li>
<li><a href="7473396828"><code>7473396</code></a> TokenService include userID in requests (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1650">#1650</a>)</li>
<li><a href="37fdb30b7c"><code>37fdb30</code></a> add AdminService CreateMachineUser rpc (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1636">#1636</a>)</li>
<li><a href="4cf31a1d9c"><code>4cf31a1</code></a> mark previous templates/plugins deprecated (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1638">#1638</a>)</li>
<li><a href="00f361f554"><code>00f361f</code></a> Promote buf convert to stable (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1574">#1574</a>)</li>
<li><a href="5149f7f87e"><code>5149f7f</code></a> apimodule: test resolver and fix nil exception (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1635">#1635</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/bufbuild/buf/compare/v1.9.0...v1.10.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
We only use JavaScript packages in the dependencies for our docs theme, and every time I update the dependencies it breaks the rendering entirely for some unknown reason. Plus, we're going to be removing the theme anyways and replacing our docs rendering with a Jekyll-based one.
Should reduce Dependabot noise a little.
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
This pull request adds a report on the major bandwidth usage within Tendermint.
[Rendered](https://github.com/tendermint/tendermint/blob/wb/p2p-rfc/docs/rfc/rfc-027-p2p-message-bandwidth-report.md)
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
* Rejects empty transactions in the example kvstore
* Add code for rejected transaction; Add test for txn rejection;
* Apply suggestions from code review
Co-authored-by: Sergio Mena <sergio@informal.systems>
This pull requests sets up the e2e tests to be able to support multiple versions within the same test network. This is achieved through a few simple changes:
* Each node takes a `version` parameter in the testnet manifest. This dictates which version of the testapp to use. If not set, the locally available version is used.
* Adds a `testapp-docker.yml` workflow that publishes the testapp to docker hub so that tagged versions may be available for use in a multi-version test network.
This change does not actually add a testnetwork that does multi-version testing. Since no previous versions of the testapp have been published to dockerhub, there are not old versions available to test against. We'll either need to configure this after the next minor release which will trigger a testapp to be pushed to dockerhub, or push an image from the previous version of Tendermint so that the multiversion test has an old version to pull.
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
The primary aim of this PR is to improve the failure messages we get a little. Seeing the latest commit is often useless, and it's probably better to just get a direct link to a list of commits for that specific branch so we can see what's been committed since the previous nightly run.
This PR also makes one minor improvement in the use of the now-deprecated `set-output` syntax for workflows, upgrading it to use the new approach as per https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
Fixes the issue observed in an [e2e test run](https://github.com/tendermint/tendermint/actions/runs/3588927225). The issue arises when the e2e runner process cannot connect to the remote node. In the previous version of this code, the runner would simply skip the transaction if the client couldn't connect. This pull request resurrects that behavior.
---
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
Updates the discussion of prepareProposal in the go tutorials to mention tx_max_bytes limitation to transaction set size.
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
The "toml" annotation of "send no load" had a typo (`send_no_laod`).
This is suspected to have caused failures in e2e, however I couldn't reproduce the error locally, so not sure this will fix it. Still, the typo needs to be fixed in any case.
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
The docs theme unfortunately wraps code blocks inside tables, breaking the names and making them somewhat unreadable. This removes all the backticks from the metric names and tags.
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
Our documentation build process is rather finicky. I noticed yet another build failure that doesn't actually cause the docs site build to fail - see https://github.com/tendermint/tendermint/actions/runs/3578638807/jobs/6019002654
Basically the `docs/post.sh` script deletes the `.vuepress/public/rpc` directory after generating the docs for a specific version of Tendermint, and then the `docs/pre.sh` script attempts to copy the next version's OpenAPI script into `.vuepress/public/rpc` but that directory doesn't exist.
For some reason this doesn't cause the npm build process to fail - it just results in the OpenAPI doc not being available.
This is hard to test locally because our docs build process currently relies on checking out specific branches to do the full docs site build: 4290ad2982/Makefile (L290-L300)
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
List of typos in comments and functions.
* L26: `conflictinge` seems to be `conflicting`
* L77: `melevolent` seems to be `malevolent`
* L218, L226: `challendingBlock` seems to be `challengingBlock`
* L375: `heght` seems to be `height`
* L395: `avoud` seems to be `avoid`
---
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
Follows from #9734, porting to `main`.
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
This change reduces the number of Precommit messages sent to peers by 50%.
During the `ApplyNewRoundStepMessage`, we update the known state of the peer sending us the message.
We set the value of `ps.PRS.Precommits` to nil in this method if the peer is entering a new height or round.
34ca3fb474/consensus/reactor.go (L1368)
We then assign `ps.PRS.LastCommit = ps.PRS.Precommits` if the peer is entering a new height only - this does not happen during just a round change. This therefore results in `ps.PRS.LastCommit` having the value `nil`.
When the `LastCommit` bit field is seen as `nil` in the reactor, an empty bit field is initialized.
34ca3fb474/consensus/reactor.go (L1273)
The code responsible for gossiping votes from the previous height uses this `LastCommit` value and, seeing an empty `LastCommit` will resend every `Precommit` from the previous height since it lost the information it previously had detailing which precommits from the previous height the peer had.
This can be seen in the code responsible for gossiping precommits from the previous height:
34ca3fb474/consensus/reactor.go (L773)
Where this code grabs the, previously `nil`, `LastCommit` bit field:
34ca3fb474/consensus/reactor.go (L1204-L1212)
---
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
Fixes the tendermint OSS-Fuzz build by adjusting for some infra changes that were made in OSS-Fuzz.
---
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
## NOTE: this pr exclusively runs commands from the makefile found here
This PR ONLY runs `make format` ... then `make mockery`
Its purpose is to ensure that the review scope of other PR's, which changed .go files and thus triggered the linter that only runs conditionally, have smaller review
scopes, and should be merged before:
https://github.com/tendermint/tendermint/pull/9738https://github.com/tendermint/tendermint/pull/9739https://github.com/tendermint/tendermint/pull/9742
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
Since starting off as a wee validator, I've been mystified by the volume of p2p logspam, which often makes it impossible to monitor other tasks. Thus, routine p2p events, have been cast into the land of debug.
---
#### PR checklist
- [x] Tests written/updated, or no tests needed
- [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [x] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
noticed this place is still printing unreadable apphash, convert to hex string
---
#### PR checklist
- [ ] Tests written/updated, or no tests needed
- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
- [ ] Updated relevant documentation (`docs/`) and code comments, or no
documentation updates needed
* fix abci-cli help
* add test
* fix script
* debugging CI
* revert the changes for verifying CI
* update pending log
Co-authored-by: Sergio Mena <sergio@informal.systems>
Bumps [github.com/vektra/mockery/v2](https://github.com/vektra/mockery) from 2.14.1 to 2.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/vektra/mockery/releases">github.com/vektra/mockery/v2's releases</a>.</em></p>
<blockquote>
<h2>v2.15.0</h2>
<h2>Changelog</h2>
<ul>
<li>e9abbc5 Add multiarch container builds</li>
<li>a55c02d Merge pull request <a href="https://github-redirect.dependabot.com/vektra/mockery/issues/515">#515</a> from mathieupost/master</li>
<li>1951b28 Merge pull request <a href="https://github-redirect.dependabot.com/vektra/mockery/issues/518">#518</a> from arbourd/add-multiarch-builds</li>
<li>434dc3b update to go 1.19</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1951b28508"><code>1951b28</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/vektra/mockery/issues/518">#518</a> from arbourd/add-multiarch-builds</li>
<li><a href="a55c02d74a"><code>a55c02d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/vektra/mockery/issues/515">#515</a> from mathieupost/master</li>
<li><a href="e9abbc5fde"><code>e9abbc5</code></a> Add multiarch container builds</li>
<li><a href="434dc3bb14"><code>434dc3b</code></a> update to go 1.19</li>
<li>See full diff in <a href="https://github.com/vektra/mockery/compare/v2.14.1...v2.15.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
