58b9e4f03d
Bumps [github.com/bufbuild/buf](https://github.com/bufbuild/buf) from 1.8.0 to 1.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf/releases">github.com/bufbuild/buf's releases</a>.</em></p> <blockquote> <h2>v1.9.0</h2> <ul> <li> <p>New compiler that is faster and uses less memory than the outgoing one.</p> <ul> <li>When generating source code info, the new compiler is 20% faster, and allocates 13% less memory.</li> <li>If <em>not</em> generating source code info, the new compiler is 50% faster and allocates 35% less memory.</li> <li>In addition to allocating less memory through the course of a compilation, the new compiler releases some memory much earlier, allowing it to be garbage collected much sooner. This means that by the end of a very large compilation process, less than half as much memory is live/pinned to the heap, decreasing overall memory pressure.</li> </ul> <p>The new compiler also addresses a few bugs where Buf would accept proto sources that protoc would reject:</p> <ul> <li>In proto3 files, field and enum names undergo a validation that they are sufficiently different so that there will be no conflicts in JSON names.</li> <li>Fully-qualified names of elements (like a message, enum, or service) may not conflict with package names.</li> <li>A oneof or extend block may not contain empty statements.</li> <li>Package names may not be >= 512 characters in length or contain > 100 dots.</li> <li>Nesting depth of messages may not be > 32.</li> <li>Field types and method input/output types may not refer to synthetic map entry messages.</li> </ul> </li> <li> <p>Push lint and breaking configuration to the registry.</p> </li> <li> <p>Include <code>LICENSE</code> file in the module on <code>buf push</code>.</p> </li> <li> <p>Formatter better edits/preserves whitespace around inline comments.</p> </li> <li> <p>Formatter correctly indents multi-line block (C-style) comments.</p> </li> <li> <p>Formatter now indents trailing comments at the end of an indented block body (including contents of message and array literals and elements in compact options) the same as the rest of the body (instead of out one level, like the closing punctuation).</p> </li> <li> <p>Formatter uses a compact, single-line representation for array and message literals in option values that are sufficiently simple (single scalar element or field).</p> </li> <li> <p><code>buf beta convert</code> flags have changed from <code>--input</code> to <code>--from</code> and <code>--output</code>/<code>-o</code> to <code>--to</code></p> </li> <li> <p>Fully qualified type names now must be passed to the <code>input</code> argument and <code>--type</code> flag separately</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bufbuild/buf/blob/main/CHANGELOG.md">github.com/bufbuild/buf's changelog</a>.</em></p> <blockquote> <h2>[v1.9.0] - 2022-10-19</h2> <ul> <li> <p>New compiler that is faster and uses less memory than the outgoing one.</p> <ul> <li>When generating source code info, the new compiler is 20% faster, and allocates 13% less memory.</li> <li>If <em>not</em> generating source code info, the new compiler is 50% faster and allocates 35% less memory.</li> <li>In addition to allocating less memory through the course of a compilation, the new compiler releases some memory much earlier, allowing it to be garbage collected much sooner. This means that by the end of a very large compilation process, less than half as much memory is live/pinned to the heap, decreasing overall memory pressure.</li> </ul> <p>The new compiler also addresses a few bugs where Buf would accept proto sources that protoc would reject:</p> <ul> <li>In proto3 files, field and enum names undergo a validation that they are sufficiently different so that there will be no conflicts in JSON names.</li> <li>Fully-qualified names of elements (like a message, enum, or service) may not conflict with package names.</li> <li>A oneof or extend block may not contain empty statements.</li> <li>Package names may not be >= 512 characters in length or contain > 100 dots.</li> <li>Nesting depth of messages may not be > 32.</li> <li>Field types and method input/output types may not refer to synthetic map entry messages.</li> </ul> </li> <li> <p>Push lint and breaking configuration to the registry.</p> </li> <li> <p>Include <code>LICENSE</code> file in the module on <code>buf push</code>.</p> </li> <li> <p>Formatter better edits/preserves whitespace around inline comments.</p> </li> <li> <p>Formatter correctly indents multi-line block (C-style) comments.</p> </li> <li> <p>Formatter now indents trailing comments at the end of an indented block body (including contents of message and array literals and elements in compact options) the same as the rest of the body (instead of out one level, like the closing punctuation).</p> </li> <li> <p>Formatter uses a compact, single-line representation for array and message literals in option values that are sufficiently simple (single scalar element or field).</p> </li> <li> <p><code>buf beta convert</code> flags have changed from <code>--input</code> to <code>--from</code> and <code>--output</code>/<code>-o</code> to <code>--to</code></p> </li> <li> <p>fully qualified type names now must be parsed to the <code>input</code> argument and <code>--type</code> flag separately</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="0d39fac763"><code>0d39fac</code></a> Update to v1.9.0 (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1511">#1511</a>)</li> <li><a href="9033632c0f"><code>9033632</code></a> Update CHANGELOG.md (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1510">#1510</a>)</li> <li><a href="3bafb05ee5"><code>3bafb05</code></a> Update CHANGELOG.md (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1501">#1501</a>)</li> <li><a href="ff03a69a0f"><code>ff03a69</code></a> Use protocompile as the compiler (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1463">#1463</a>)</li> <li><a href="bda6cf66c4"><code>bda6cf6</code></a> avoid panic in OptionExtensionDescriptor (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1506">#1506</a>)</li> <li><a href="a39cbab60f"><code>a39cbab</code></a> BSR-578/Protobuf definition for updating metadata (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1483">#1483</a>)</li> <li><a href="e7889dcecf"><code>e7889dc</code></a> move convert command tests to where commands are tested (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1507">#1507</a>)</li> <li><a href="85bed09780"><code>85bed09</code></a> Change field option packed type to optional</li> <li><a href="760da6748b"><code>760da67</code></a> bufmodule: test NewModuleForBucket (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1486">#1486</a>)</li> <li><a href="045f5685fc"><code>045f568</code></a> update makego and go dependencies (<a href="https://github-redirect.dependabot.com/bufbuild/buf/issues/1495">#1495</a>)</li> <li>Additional commits viewable in <a href="https://github.com/bufbuild/buf/compare/v1.8.0...v1.9.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Tendermint
Byzantine-Fault Tolerant State Machine Replication. Or Blockchain, for short.
| Branch | Tests | Linting |
|---|---|---|
| main |  |
 |
Tendermint Core is a Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines.
For protocol details, refer to the Tendermint Specification.
For detailed analysis of the consensus protocol, including safety and liveness proofs, read our paper, "The latest gossip on BFT consensus".
Documentation
Complete documentation can be found on the website.
Releases
Please do not depend on main as your production branch. Use
releases instead.
Tendermint has been in the production of private and public environments, most notably the blockchains of the Cosmos Network. we haven't released v1.0 yet since we are making breaking changes to the protocol and the APIs. See below for more details about versioning.
In any case, if you intend to run Tendermint in production, we're happy to help. You can contact us over email or join the chat.
More on how releases are conducted can be found here.
Security
To report a security vulnerability, see our bug bounty program. For examples of the kinds of bugs we're looking for, see our security policy.
We also maintain a dedicated mailing list for security updates. We will only ever use this mailing list to notify you of vulnerabilities and fixes in Tendermint Core. You can subscribe here.
Minimum requirements
| Requirement | Notes |
|---|---|
| Go version | Go 1.18 or higher |
Install
See the install instructions.
Quick Start
Contributing
Please abide by the Code of Conduct in all interactions.
Before contributing to the project, please take a look at the contributing guidelines and the style guide. You may also find it helpful to read the specifications, and familiarize yourself with our Architectural Decision Records (ADRs) and Request For Comments (RFCs).
Versioning
Semantic Versioning
Tendermint uses Semantic Versioning to determine when and how the version changes. According to SemVer, anything in the public API can change at any time before version 1.0.0
To provide some stability to users of 0.X.X versions of Tendermint, the MINOR version is used to signal breaking changes across Tendermint's API. This API includes all publicly exposed types, functions, and methods in non-internal Go packages as well as the types and methods accessible via the Tendermint RPC interface.
Breaking changes to these public APIs will be documented in the CHANGELOG.
Upgrades
In an effort to avoid accumulating technical debt prior to 1.0.0, we do not guarantee that breaking changes (ie. bumps in the MINOR version) will work with existing Tendermint blockchains. In these cases you will have to start a new blockchain, or write something custom to get the old data into the new chain. However, any bump in the PATCH version should be compatible with existing blockchain histories.
For more information on upgrading, see UPGRADING.md.
Supported Versions
Because we are a small core team, we only ship patch updates, including security updates, to the most recent minor release and the second-most recent minor release. Consequently, we strongly recommend keeping Tendermint up-to-date. Upgrading instructions can be found in UPGRADING.md.
Resources
Libraries
- Cosmos SDK; A framework for building applications in Golang
- Tendermint in Rust
- ABCI Tower
Applications
Research
- The latest gossip on BFT consensus
- Master's Thesis on Tendermint
- Original Whitepaper: "Tendermint: Consensus Without Mining"
- Tendermint Core Blog
- Cosmos Blog
Join us!
Tendermint Core is maintained by Interchain GmbH. If you'd like to work full-time on Tendermint Core, we're hiring!
Funding for Tendermint Core development comes primarily from the Interchain Foundation, a Swiss non-profit. The Tendermint trademark is owned by Tendermint Inc., the for-profit entity that also maintains tendermint.com.