chore(deps): Bump the patch-updates group across 1 directory with 10 updates

[dependabot]

Bumps the patch-updates group with 5 updates in the / directory:

Package	From	To
cosmossdk.io/math	1.5.0	1.5.3
github.com/celestiaorg/go-libp2p-messenger	0.2.0	0.2.2
github.com/klauspost/reedsolomon	1.12.1	1.12.4
github.com/libp2p/go-libp2p-pubsub	0.13.0	0.13.1
google.golang.org/grpc	1.71.0	1.71.1

Updates cosmossdk.io/math from 1.5.0 to 1.5.3

Commits

• 2c6117e refactor: remove Dec type (#24375)
• b49e864 perf(staking): optimize endblock by reducing bech32 conversions (#24354)
• f758346 docs: clean up app wiring docs (#24393)
• b0057cc build(deps): Bump actions/create-github-app-token from 1.12.0 to 2.0.2 (#24382)
• 197119d build(deps): Bump github.com/cosmos/cosmos-sdk from 0.53.0-rc.1 to 0.53.0-rc....
• 427cbee fix: vuln check workflow (#24389)
• e29139f fix(baseapp): Fix post handler error always results in code 1 (#24261)
• 0d68f65 docs: include upgrade reference in docs (#24380)
• 405f29d chore: use new depinject tag (#24377)
• d6f3ede fix(t/tx): fix data race for "err" shared variable in getSignersFunc (#24344)
• Additional commits viewable in compare view

Updates github.com/celestiaorg/go-libp2p-messenger from 0.2.0 to 0.2.2

Release notes

Sourced from github.com/celestiaorg/go-libp2p-messenger's releases.

v0.2.2

What's Changed

• docs: fix godoc for Broadcast by @​rootulp in celestiaorg/go-libp2p-messenger#26
• ci: update go version by @​Wondertan in celestiaorg/go-libp2p-messenger#28
• chore: update to latest libp2p by @​Wondertan in celestiaorg/go-libp2p-messenger#27
• refactor!: extended Message interface by @​Wondertan in celestiaorg/go-libp2p-messenger#29
• chore: bump libp2p and other deps by @​Wondertan in celestiaorg/go-libp2p-messenger#30
• Generics! by @​Wondertan in celestiaorg/go-libp2p-messenger#21
• chore: bump workflows by @​Wondertan in celestiaorg/go-libp2p-messenger#37

New Contributors

• @​rootulp made their first contribution in celestiaorg/go-libp2p-messenger#26

Full Changelog: celestiaorg/go-libp2p-messenger@v0.2.0...v0.2.2

Commits

• 5268864 chore: bump workflows
• 4375780 chore: deps bump
• c21411a Update README.md
• bcad3a4 refactor: extract message constructor out of the Message interface
• d847ef3 test: simplify stream duplicates test
• 176c6e8 chore: deflake last test; really thousands runs in a row locally with not fai...
• 737f67f refactor: use of generics, finally
• 414bda5 refactor: rework options to be detached from the Massenger struct
• 275a831 chore: update to go 1.19
• 209f905 chore: bump libp2p and other deps
• Additional commits viewable in compare view

Updates github.com/klauspost/reedsolomon from 1.12.1 to 1.12.4

Release notes

Sourced from github.com/klauspost/reedsolomon's releases.

v1.12.4

What's Changed

• Make ARM SVE code vector length agnostic by @​fwessels in klauspost/reedsolomon#285
• Test asm slice reads/writes in race tests by @​klauspost in klauspost/reedsolomon#286

Full Changelog: klauspost/reedsolomon@v1.12.3...v1.12.4

v1.12.3

What's Changed

• Fix incorrect output on Graviton4 processor by @​fwessels in klauspost/reedsolomon#283

RETRACTS v1.12.2

Full Changelog: klauspost/reedsolomon@v1.12.2...v1.12.3

v1.12.2

What's Changed

• Support for ARM SVE and better performance for NEON by @​fwessels in klauspost/reedsolomon#281
• benchmark: Add CSV header by @​klauspost in klauspost/reedsolomon#277
• Remove double load on 64 byte loop init by @​klauspost in klauspost/reedsolomon#279

New Contributors

• @​AndersTrier made their first contribution in klauspost/reedsolomon#275

Full Changelog: klauspost/reedsolomon@v1.12.1...v1.12.2

Commits

• 6a9df69 Test asm slice reads/writes in race tests (#286)
• 67157af Make ARM SVE code vector length agnostic (#285)
• 3412d52 Fix build for Graviton4 processor (#283)
• 7202dfc Support for ARM SVE and better performance for NEON (#281)
• d4574a5 tests: Bump CI to Go 1.22 (#280)
• ea0a106 Remove double load on 64 byte loop init (#279)
• 465e91a benchmark: Add CSV header (#277)
• 85a5e93 Remove dead code in fwht (#275)
• fd7f7a5 Update README.md
• 4e91954 Update link in README.md (#273)
• See full diff in compare view

Updates github.com/libp2p/go-libp2p from 0.41.0 to 0.41.1

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.41.1

What's Changed

7059eb52 conngater: fix incorrect err return value (#3219) 74c68600 fix(libp2phttp): bound NewStream timeout (#3225) ccc48499 webrtc: fix memory leak with udpmux.muxedConnection context (#3243) 99a511f7 connmgr: fix transport association bug (#3221) eb3ff9f8 autonatv2: fix server dial data request policy (#3247) 8ce45df1 Release v0.41.1

Full Changelog: libp2p/go-libp2p@v0.41.0...v0.41.1

Commits

• 8ce45df Release v0.41.1
• eb3ff9f autonatv2: fix server dial data request policy (#3247)
• 99a511f connmgr: fix transport association bug (#3221)
• ccc4849 webrtc: fix memory leak with udpmux.muxedConnection context (#3243)
• 74c6860 fix(libp2phttp): bound NewStream timeout (#3225)
• 7059eb5 conngater: fix incorrect err return value (#3219)
• See full diff in compare view

Updates github.com/libp2p/go-libp2p-pubsub from 0.13.0 to 0.13.1

Release notes

Sourced from github.com/libp2p/go-libp2p-pubsub's releases.

v0.13.1

What's Changed

• ci: uci/update-go by @​web3-bot in libp2p/go-libp2p-pubsub#595
• Upgrade go-libp2p to v0.39.1 by @​gammazero in libp2p/go-libp2p-pubsub#598
• feat: avoid repeated checksum calculations by @​arajasek in libp2p/go-libp2p-pubsub#599
• feat: WithValidatorData publishing option by @​Wondertan in libp2p/go-libp2p-pubsub#603

New Contributors

• @​arajasek made their first contribution in libp2p/go-libp2p-pubsub#599

Full Changelog: libp2p/go-libp2p-pubsub@v0.13.0...v0.13.1

Commits

• 6872638 feat: WithValidatorData publishing option (#603)
• f486808 feat: avoid repeated checksum calculations (#599)
• b50197e Upgrade go-libp2p to v0.39.1 (#598)
• bfcc7c4 ci: uci/update-go (#595)
• See full diff in compare view

Updates github.com/prometheus/client_golang from 1.21.0 to 1.21.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.21.1 / 2025-03-04

This release addresses a performance regression introduced in #1661 -- thanks to all who reported this quickly: @​chlunde, @​dethi, @​aaronbee @​tsuna @​kakkoyun 💪🏽. This patch release also fixes the iOS build.

We will be hardening the release process even further (#1759, #1761) to prevent this in future, sorry for the inconvenience!

The high concurrency optimization is planned to be eventually reintroduced, however in a much safer manner, potentially in a separate API.

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low concurrency cases #1757
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags. #1758

• Revert "exponential backoff for CAS operations on floats" and cut 1.21.1 by @​bwplotka in prometheus/client_golang#1757
• Fix ios build for 1.21.1 by @​bwplotka in prometheus/client_golang#1758

Full Changelog: prometheus/client_golang@v1.21.0...v1.21.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.21.1 / 2025-03-04

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low contention cases.
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags.

Commits

• 8a42da3 Fix ios build. (#1758)
• 40c62f7 Merge pull request #1757 from prometheus/revert-121cas
• 689f590 Cut 1.21.1
• 9e567a7 Revert "Add: exponential backoff for CAS operations on floats (#1661)"
• See full diff in compare view

Updates golang.org/x/crypto from 0.35.0 to 0.36.0

Commits

• 49bf5b8 go.mod: update golang.org/x dependencies
• 24852b6 ssh: add decode support for banners
• bbc689c ssh: use a more straightforward return value
• See full diff in compare view

Updates golang.org/x/sync from 0.11.0 to 0.12.0

Commits

• b637f27 errgroup: drop support for Go versions before 1.20
• 960bf1f all: upgrade go directive to at least 1.23.0 [generated]
• See full diff in compare view

Updates golang.org/x/text from 0.22.0 to 0.23.0

Commits

• 566b44f go.mod: update golang.org/x dependencies
• d5156da collate/build: do not use println in tests
• 221d88c x/text: fix scientific notation by removing extraneous spaces
• b18c107 internal/export/unicode: change C comment to mention unassigned code points
• 835f8ac language: use a more straightforward return value
• ae68efb internal/export/unicode: add CategoryAliases, Cn, and LC
• 518d9c0 all: upgrade go directive to at least 1.23.0 [generated]
• See full diff in compare view

Updates google.golang.org/grpc from 1.71.0 to 1.71.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.71.1

Bug Fixes

• grpc: fix a bug causing an extra Read from the compressor if a compressed message is the same size as the limit. This could result in a panic with the built-in gzip compressor (#8178)
• xds: restore the behavior of reading the bootstrap config before creating the first xDS client instead of at package init time (#8164)
• stats/opentelemetry: use TextMapPropagator and TracerProvider from TraceOptions instead of OpenTelemetry globals (#8166)
• client: fix races when an http proxy is configured that could lead to deadlocks or panics (#8195)
• client: fix bug causing RPC failures with message "no children to pick from" when using a custom resolver that calls the deprecated NewAddress API (#8149)
• wrr: fix slow processing of address updates that could result in problems including RPC failures for servers with a large number of backends (#8179)

Commits

• cdbdb75 Change version to v1.71.1 (#8206)
• 3a93562 Cherry-pick #8195 into v1.71.x (#8202)
• 208e03b Cherry-pick #8164 #8166 to v1.71.x (#8182)
• 8b7d2fe grpc: fix bug causing an extra Read if a compressed message is the same size ...
• 9c81a91 resolver: Make EndpointMap's Get, Set and Delete operations O(1) (#8179) (#8184)
• 8d46b21 grpc: Add endpoints in resolverWrapper.NewAddress (#8149) (#8151)
• 4775bba Change version to 1.71.1-dev (#8106)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.