build(deps): bump github.com/cometbft/cometbft from 0.38.12 to 0.38.15 (

#206)

Bumps
[github.com/cometbft/cometbft](https://github.com/cometbft/cometbft)
from 0.38.12 to 0.38.15.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cometbft/cometbft/releases">github.com/cometbft/cometbft's
releases</a>.</em></p>
<blockquote>
<h2>v0.38.15</h2>
<p>See the <a
href="https://github.com/cometbft/cometbft/blob/v0.38.15/CHANGELOG.md#v03815">CHANGELOG</a>
for this release.</p>
<h2>v0.38.13</h2>
<p>See the <a
href="https://github.com/cometbft/cometbft/blob/v0.38.13/CHANGELOG.md#v03813">CHANGELOG</a>
for this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cometbft/cometbft/blob/v0.38.15/CHANGELOG.md">github.com/cometbft/cometbft's
changelog</a>.</em></p>
<blockquote>
<h2>v0.38.15</h2>
<p><em>November 6, 2024</em></p>
<p>This release supersedes <a
href="https://github.com/cometbft/cometbft/blob/v0.38.15/#v03814"><code>v0.38.14</code></a>,
which mistakenly updated the Go version to
<code>1.23</code>, introducing an unintended breaking change. It sets
the Go version back
to <code>1.22.7</code> by reverting <a
href="https://redirect.github.com/cometbft/cometbft/pull/4297">#4297</a>.</p>
<p>The release includes the bug fixes, performance improvements, and
importantly,
the fix for the security vulnerability in the vote extensions (VE)
validation
logic that were part of <code>v0.38.14</code>. For more details, please
refer to <a
href="https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj">ASA-2024-011</a>.</p>
<h2>v0.38.14</h2>
<p><em>November 6, 2024</em></p>
<p>This release fixes a security vulnerability in the vote extensions
(VE)
validation logic. For more details, please refer to
<a
href="https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj">ASA-2024-011</a>.</p>
<p>We recommend upgrading ASAP if you’re using vote extensions (VE).</p>
<h3>BUG FIXES</h3>
<ul>
<li><code>[consensus]</code> Do not panic if the validator index of a
<code>Vote</code> message is out
of bounds, when vote extensions are enabled
(<a
href="https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj">#ABC-0021</a>)</li>
</ul>
<h3>DEPENDENCIES</h3>
<ul>
<li>Bump cometbft-db version to v0.15.0
(<a
href="https://redirect.github.com/cometbft/cometbft/pull/4297">#4297</a>)</li>
<li><code>[go/runtime]</code> Bump Go version to 1.23
(<a
href="https://redirect.github.com/cometbft/cometbft/pull/4297">#4297</a>)</li>
</ul>
<h3>IMPROVEMENTS</h3>
<ul>
<li><code>[p2p]</code> fix exponential backoff logic to increase
reconnect retries close to 24 hours
(<a
href="https://redirect.github.com/cometbft/cometbft/issues/3519">#3519</a>)</li>
</ul>
<h2>v0.38.13</h2>
<p><em>October 24, 2024</em></p>
<p>This patch release addresses the issue where tx_search was not
returning all results, which only arises when upgrading
to CometBFT-DB version 0.13 or later. It includes a fix in the state
indexer to resolve this problem. We recommend
upgrading to this patch release if you are affected by this issue.</p>
<h3>BUG FIXES</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cometbft/cometbft/commit/e8eb5bdc04f942e540ef6a063950da5d0ad19f22"><code>e8eb5bd</code></a>
Release v0.38.15 (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4447">#4447</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/f58e4b08c0683654909538c94db311124c909381"><code>f58e4b0</code></a>
Retract v0.38.14 (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4446">#4446</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/17d3bb66664cab6d6798c17e27198e15bbac1905"><code>17d3bb6</code></a>
Revert &quot;chore: use the latest cometbft-db in v0.38.x (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4297">#4297</a>)&quot;
(<a
href="https://redirect.github.com/cometbft/cometbft/issues/4442">#4442</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/d8980f927669d62bfd3ac5a4973ef9739a30d8de"><code>d8980f9</code></a>
test: fix TestStateDoesntCrashOnInvalidVote (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4439">#4439</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/ce0949ed2ff6a0d581c8316b96015e97e4f41eaa"><code>ce0949e</code></a>
build: v0.38.14 (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4437">#4437</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/3a023da3a72eeff951d3e6449c66f388015d376e"><code>3a023da</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/deef97fd67a67b3a087c983eb3b0f9e2dcd260a4"><code>deef97f</code></a>
fix(p2p): adjust backoff seconds to increase reconnect retries close to
24 ho...</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/28a308f22406c99d087f37c12719cfa8687f4961"><code>28a308f</code></a>
chore: use the latest cometbft-db in v0.38.x (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4297">#4297</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/c71de557e076eb19ff527530a3f3089584ddabdc"><code>c71de55</code></a>
build(deps): Bump bufbuild/buf-setup-action from 1.45.0 to 1.46.0 (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4414">#4414</a>)</li>
<li><a
href="https://github.com/cometbft/cometbft/commit/ab9cc83ec8921a13c05f533bcf3732642677b27c"><code>ab9cc83</code></a>
build(deps): Bump golang.org/x/net from 0.29.0 to 0.30.0 (<a
href="https://redirect.github.com/cometbft/cometbft/issues/4384">#4384</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cometbft/cometbft/compare/v0.38.12...v0.38.15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/cometbft/cometbft&package-manager=go_modules&previous-version=0.38.12&new-version=0.38.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

go.mod

@@ -19,7 +19,7 @@ require (
 	cosmossdk.io/x/upgrade v0.1.4
 	github.com/CosmWasm/wasmd v0.53.0
 	github.com/CosmWasm/wasmvm/v2 v2.1.3 // indirect
-	github.com/cometbft/cometbft v0.38.12
+	github.com/cometbft/cometbft v0.38.15
 	github.com/cosmos/cosmos-db v1.0.2
 	github.com/cosmos/cosmos-proto v1.0.0-beta.5
 	github.com/cosmos/cosmos-sdk v0.50.10
@@ -107,7 +107,6 @@ require (
 	github.com/bombsimon/wsl/v4 v4.4.1 // indirect
 	github.com/breml/bidichk v0.2.7 // indirect
 	github.com/breml/errchkjson v0.3.6 // indirect
-	github.com/btcsuite/btcd/btcec/v2 v2.3.4 // indirect
 	github.com/butuzov/ireturn v0.3.0 // indirect
 	github.com/butuzov/mirror v1.2.0 // indirect
 	github.com/bytedance/sonic v1.12.3 // indirect

go.sum

@@ -281,8 +281,8 @@ github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWX
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 github.com/VividCortex/gohistogram v1.0.0 h1:6+hBz+qvs0JOrrNhhmR7lFxo5sINxBCGXrdtl/UvroE=
 github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
-github.com/adlio/schema v1.3.3 h1:oBJn8I02PyTB466pZO1UZEn1TV5XLlifBSyMrmHl/1I=
-github.com/adlio/schema v1.3.3/go.mod h1:1EsRssiv9/Ce2CMzq5DoL7RiMshhuigQxrR4DMV9fHg=
+github.com/adlio/schema v1.3.6 h1:k1/zc2jNfeiZBA5aFTRy37jlBIuCkXCm0XmvpzCKI9I=
+github.com/adlio/schema v1.3.6/go.mod h1:qkxwLgPBd1FgLRHYVCmQT/rrBr3JH38J9LjmVzWNudg=
 github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c=
 github.com/alecthomas/assert/v2 v2.6.0 h1:o3WJwILtexrEUk3cUVal3oiQY2tfgr/FHWiz/v2n4FU=
 github.com/alecthomas/assert/v2 v2.6.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
@@ -344,8 +344,6 @@ github.com/btcsuite/btcd/btcec/v2 v2.3.4 h1:3EJjcN70HCu/mwqlUsGK8GcNVyLVxFDlWurT
 github.com/btcsuite/btcd/btcec/v2 v2.3.4/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04=
 github.com/btcsuite/btcd/btcutil v1.1.6 h1:zFL2+c3Lb9gEgqKNzowKUPQNb8jV7v5Oaodi/AYFd6c=
 github.com/btcsuite/btcd/btcutil v1.1.6/go.mod h1:9dFymx8HpuLqBnsPELrImQeTQfKBQqzqGbbV3jK55aE=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 h1:q0rUy8C/TYNBQS1+CGKw68tLOFYSNEs0TFnxxnS9+4U=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
 github.com/bufbuild/protocompile v0.6.0 h1:Uu7WiSQ6Yj9DbkdnOe7U4mNKp58y9WDMKDn28/ZlunY=
 github.com/bufbuild/protocompile v0.6.0/go.mod h1:YNP35qEYoYGme7QMtz5SBCoN4kL4g12jTtjuzRNdjpE=
 github.com/butuzov/ireturn v0.3.0 h1:hTjMqWw3y5JC3kpnC5vXmFJAWI/m31jaCYQqzkS6PL0=
@@ -425,8 +423,8 @@ github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06/go.mod h1:
 github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
 github.com/coinbase/rosetta-sdk-go/types v1.0.0 h1:jpVIwLcPoOeCR6o1tU+Xv7r5bMONNbHU7MuEHboiFuA=
 github.com/coinbase/rosetta-sdk-go/types v1.0.0/go.mod h1:eq7W2TMRH22GTW0N0beDnN931DW0/WOI1R2sdHNHG4c=
-github.com/cometbft/cometbft v0.38.12 h1:OWsLZN2KcSSFe8bet9xCn07VwhBnavPea3VyPnNq1bg=
-github.com/cometbft/cometbft v0.38.12/go.mod h1:GPHp3/pehPqgX1930HmK1BpBLZPxB75v/dZg8Viwy+o=
+github.com/cometbft/cometbft v0.38.15 h1:5veFd8k1uXM27PBg9sMO3hAfRJ3vbh4OmmLf6cVrqXg=
+github.com/cometbft/cometbft v0.38.15/go.mod h1:+wh6ap6xctVG+JOHwbl8pPKZ0GeqdPYqISu7F4b43cQ=
 github.com/cometbft/cometbft-db v0.14.1 h1:SxoamPghqICBAIcGpleHbmoPqy+crij/++eZz3DlerQ=
 github.com/cometbft/cometbft-db v0.14.1/go.mod h1:KHP1YghilyGV/xjD5DP3+2hyigWx0WTp9X+0Gnx0RxQ=
 github.com/containerd/continuity v0.4.3 h1:6HVkalIp+2u1ZLH1J/pYX2oBVXlJZvh1X1A7bEZ9Su8=