Skip to content

fix: bump comet for tachyon advisory#622

Merged
johnletey merged 3 commits into
mainfrom
john/bump-comet
Jan 23, 2026
Merged

fix: bump comet for tachyon advisory#622
johnletey merged 3 commits into
mainfrom
john/bump-comet

Conversation

@johnletey

Copy link
Copy Markdown
Member

No description provided.

@johnletey
johnletey requested a review from boojamya January 23, 2026 16:27
@johnletey johnletey self-assigned this Jan 23, 2026
@johnletey
johnletey requested a review from a team as a code owner January 23, 2026 16:27
@coderabbitai

coderabbitai Bot commented Jan 23, 2026

Copy link
Copy Markdown

Walkthrough

This PR adds v11.2.0 changelog entries (dated Jan 23, 2026) documenting a CometBFT dependency upgrade to v0.38.21 to address CSA-2026-001 and notes minor recovery improvements for several IBC light clients.

Changes

Cohort / File(s) Summary
Changelog entries
.changelog/v11.2.0/dependencies/622-bump-comet.md, .changelog/v11.2.0/summary.md, CHANGELOG.md
Add v11.2.0 release notes (Jan 23, 2026): bump CometBFT to v0.38.21 for CSA-2026-001 and document recovery of expired IBC light clients for several chains.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested reviewers

  • boojamya
  • g-luca
  • MalteHerrmann

Poem

🐰 A tiny hop, a careful note,
CometBFT warmed to stay afloat,
v11.2.0 penned with safety bright,
Changelogs tidy, snug at night. ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 inconclusive)
Check name Status Explanation Resolution
Description check ❓ Inconclusive No pull request description was provided by the author, making it impossible to assess whether it relates to the changeset. Add a description explaining the security advisory (CSA-2026-001), why the CometBFT bump is necessary, and the impact of the changes.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately reflects the main change: bumping CometBFT to address a security advisory (CSA-2026-001), which is the primary objective of the PR.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.


Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents
In @.changelog/v11.2.0/dependencies/622-bump-comet.md:
- Line 1: The changelog entry wrongly references the security advisory
"CSA-2026-001" for the CometBFT bump; update the line that mentions v0.38.21 and
the advisory so it no longer cites CSA-2026-001—either remove the advisory
reference entirely or replace it with the correct CometBFT advisory identifier
(if one exists) that corresponds to v0.38.21; ensure the text mentioning
"v0.38.21" and the advisory string is edited, and verify go.mod and go.sum
remain unchanged.

Comment thread .changelog/v11.2.0/dependencies/622-bump-comet.md

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents
In `@CHANGELOG.md`:
- Line 5: Replace the emphasized date string "*Jan 23, 2026*" with
non-emphasized text (either plain text "Jan 23, 2026" or a proper Markdown
heading like "## Jan 23, 2026") to eliminate emphasis-as-heading formatting;
locate the exact token "*Jan 23, 2026*" in CHANGELOG.md and remove the
surrounding asterisks or convert it to the desired heading level.

Comment thread CHANGELOG.md
@johnletey
johnletey merged commit 2b84ab8 into main Jan 23, 2026
40 checks passed
@johnletey
johnletey deleted the john/bump-comet branch January 23, 2026 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants