f3278e8b68
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.2.1 to 1.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spf13/cobra/releases">github.com/spf13/cobra's releases</a>.</em></p> <blockquote> <h1>v1.3.0 - The Fall 2021 release 🍁</h1> <h2>Completion fixes & enhancements 💇🏼</h2> <p>In <code>v1.2.0</code>, we introduced a new model for completions. Thanks to everyone for trying it, giving feedback, and providing numerous fixes! Continue to work with the new model as the old one (as noted in code comments) will be deprecated in a coming release.</p> <ul> <li><code>DisableFlagParsing</code> now triggers custom completions for flag names <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1161">#1161</a></li> <li>Fixed unbound variables in bash completions causing edge case errors <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1321">#1321</a></li> <li><code>help</code> completion formatting improvements & fixes <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1444">#1444</a></li> <li>All completions now follow the <code>help</code> example: short desc are now capitalized and removes extra spacing from long description <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1455">#1455</a></li> <li>Typo fixes in bash & zsh completions <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1459">#1459</a></li> <li>Fixed mixed tab/spaces indentation in completion scripts. Now just 4 spaces <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1473">#1473</a></li> <li>Support for different bash completion options. Bash completions v2 supports descriptions and requires descriptions to be removed for <code>menu-complete</code>, <code>menu-complete-backward</code> and <code>insert-completions</code>. These descriptions are now purposefully removed in support of this model. <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1509">#1509</a></li> <li>Fix for invalid shell completions when using <code>~/.cobra.yaml</code>. Log message <code>Using config file: ~/.cobra.yaml</code> now printed to stderr <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1510">#1510</a></li> <li>Removes unnecessary trailing spaces from completion command descriptions <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1520">#1520</a></li> <li>Option to hid default <code>completion</code> command <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1541">#1541</a></li> <li>Remove <code>__complete</code> command for programs without subcommands <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1563">#1563</a></li> </ul> <h2>Generator changes ⚙️</h2> <p>Thanks to <a href="https://github.com/spf13"><code>@spf13</code></a> for providing a number of changes to the Cobra generator tool, streamlining it for new users!</p> <ul> <li>The Cobra generator now <em>won't</em> automatically include Viper and cleans up a number of unused imports when not using Viper.</li> <li>The Cobra generator's default license is now <code>none</code></li> <li>The Cobra generator now works with Go modules</li> <li>Documentation to reflect these changes</li> </ul> <h2>New Features ⭐</h2> <ul> <li>License can be specified by their SPDX identifiers <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1159">#1159</a></li> <li><code>MatchAll</code> allows combining several PositionalArgs to work in concert. This now allows for enabling composing <code>PositionalArgs</code> <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/896">#896</a></li> </ul> <h2>Bug Fixes 🐛</h2> <ul> <li>Fixed multiple error message from cobra <code>init</code> boilerplates <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1463">#1463</a> <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1552">#1552</a> <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1557">#1557</a></li> </ul> <h2>Testing 👀</h2> <ul> <li>Now testing golang 1.16.x and 1.17.x in CI <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1425">#1425</a></li> <li>Fix for running diff test to ignore CR for windows <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/949">#949</a></li> <li>Added helper functions and reduced code reproduction in <code>args_test</code> <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1426">#1426</a></li> <li>Now using official <code>golangci-lint</code> github action <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1477">#1477</a></li> </ul> <h2>Security 🔏</h2> <ul> <li>Added GitHub dependabot <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1427">#1427</a></li> <li>Now using Viper <code>v1.10.0</code> <ul> <li>There is a known CVE in an <em>indirect</em> dependency from <code>viper</code>: <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1538">spf13/cobra#1538</a>. This will be patched in a future release</li> </ul> </li> </ul> <h2>Documentation 📝</h2> <ul> <li>Multiple projects added to the <code>projects_using_cobra.md</code> file: <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1377">#1377</a> <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1501">#1501</a> <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1454">#1454</a></li> <li>Removed ToC from main readme file as it is now automagically displayed by GitHub <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1429">#1429</a></li> <li>Documentation correct for when the <code>--author</code> flag is specified <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1009">#1009</a></li> <li><code>shell_completions.md</code> has an easier to use snippet for copying and pasting shell completions <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1372">#1372</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="178edbb247"><code>178edbb</code></a> Bump github.com/spf13/viper from 1.9.0 to 1.10.0 (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1561">#1561</a>)</li> <li><a href="9054739e08"><code>9054739</code></a> Remove __complete cmd for program without subcmds (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1563">#1563</a>)</li> <li><a href="19c9c74384"><code>19c9c74</code></a> Always include the os package import when generating the root command (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1557">#1557</a>)</li> <li><a href="01e05b8ea1"><code>01e05b8</code></a> Bump github.com/spf13/viper from 1.8.1 to 1.9.0 (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1554">#1554</a>)</li> <li><a href="36bff0a4d5"><code>36bff0a</code></a> fix root.go.golden (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1552">#1552</a>)</li> <li><a href="1854bb5c96"><code>1854bb5</code></a> Fix some typos (mostly found by codespell) (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1514">#1514</a>)</li> <li><a href="ff2c55e323"><code>ff2c55e</code></a> chore(ci): use golangci-lint-action (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1477">#1477</a>)</li> <li><a href="1beb476da9"><code>1beb476</code></a> fix: Duplicate error message from cobra init boilerplates (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1463">#1463</a>)</li> <li><a href="6f84ef4875"><code>6f84ef4</code></a> Provide option to hide default 'completion' cmd (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1541">#1541</a>)</li> <li><a href="ee75a2b1ed"><code>ee75a2b</code></a> Remove trailing spaces from bash completion command description (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1520">#1520</a>)</li> <li>Additional commits viewable in <a href="https://github.com/spf13/cobra/compare/v1.2.1...v1.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Tendermint
Byzantine-Fault Tolerant State Machines. Or Blockchain, for short.
| Branch | Tests | Coverage | Linting |
|---|---|---|---|
| master |  |
 |
 |
Tendermint Core is a Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines.
For protocol details, see the specification.
For detailed analysis of the consensus protocol, including safety and liveness proofs, see our recent paper, "The latest gossip on BFT consensus".
Releases
Please do not depend on master as your production branch. Use releases instead.
Tendermint has been in the production of private and public environments, most notably the blockchains of the Cosmos Network. we haven't released v1.0 yet since we are making breaking changes to the protocol and the APIs. See below for more details about versioning.
In any case, if you intend to run Tendermint in production, we're happy to help. You can contact us over email or join the chat.
More on how releases are conducted can be found here.
Security
To report a security vulnerability, see our bug bounty program. For examples of the kinds of bugs we're looking for, see our security policy.
We also maintain a dedicated mailing list for security updates. We will only ever use this mailing list to notify you of vulnerabilities and fixes in Tendermint Core. You can subscribe here.
Minimum requirements
| Requirement | Notes |
|---|---|
| Go version | Go1.17 or higher |
Documentation
Complete documentation can be found on the website.
Install
See the install instructions.
Quick Start
- Single node
- Local cluster using docker-compose
- Remote cluster using Terraform and Ansible
- Join the Cosmos testnet
Contributing
Please abide by the Code of Conduct in all interactions.
Before contributing to the project, please take a look at the contributing guidelines and the style guide. You may also find it helpful to read the specifications, watch the Developer Sessions, and familiarize yourself with our Architectural Decision Records.
Versioning
Semantic Versioning
Tendermint uses Semantic Versioning to determine when and how the version changes. According to SemVer, anything in the public API can change at any time before version 1.0.0
To provide some stability to users of 0.X.X versions of Tendermint, the MINOR version is used to signal breaking changes across Tendermint's API. This API includes all publicly exposed types, functions, and methods in non-internal Go packages as well as the types and methods accessible via the Tendermint RPC interface.
Breaking changes to these public APIs will be documented in the CHANGELOG.
Upgrades
In an effort to avoid accumulating technical debt prior to 1.0.0, we do not guarantee that breaking changes (ie. bumps in the MINOR version) will work with existing Tendermint blockchains. In these cases you will have to start a new blockchain, or write something custom to get the old data into the new chain. However, any bump in the PATCH version should be compatible with existing blockchain histories.
For more information on upgrading, see UPGRADING.md.
Supported Versions
Because we are a small core team, we only ship patch updates, including security updates, to the most recent minor release and the second-most recent minor release. Consequently, we strongly recommend keeping Tendermint up-to-date. Upgrading instructions can be found in UPGRADING.md.
Resources
Tendermint Core
We keep a public up-to-date version of our roadmap here
For details about the blockchain data structures and the p2p protocols, see the Tendermint specification.
For details on using the software, see the documentation which is also hosted at: https://docs.tendermint.com/master/
Tools
Benchmarking is provided by tm-load-test.
Additional tooling can be found in /docs/tools.
Applications
- Cosmos SDK; a cryptocurrency application framework
- Ethermint; Ethereum on Tendermint
- Many more
Research
- The latest gossip on BFT consensus
- Master's Thesis on Tendermint
- Original Whitepaper: "Tendermint: Consensus Without Mining"
- Tendermint Core Blog
- Cosmos Blog
Join us!
Tendermint Core is maintained by Interchain GmbH. If you'd like to work full-time on Tendermint Core, we're hiring!
Funding for Tendermint Core development comes primarily from the Interchain Foundation, a Swiss non-profit. The Tendermint trademark is owned by Tendermint Inc., the for-profit entity that also maintains tendermint.com.