chore(deps): bump the go_modules group across 1 directory with 8 updates

[dependabot]

Bumps the go_modules group with 8 updates in the /tests/connect directory:

Package	From	To
filippo.io/edwards25519	1.1.0	1.1.1
github.com/cometbft/cometbft	0.38.18	0.38.21
github.com/consensys/gnark-crypto	0.18.0	0.18.1
github.com/cosmos/ibc-go/v8	8.4.0	8.7.0
github.com/docker/docker	25.0.6+incompatible	25.0.13+incompatible
github.com/ulikunitz/xz	0.5.12	0.5.14
go.opentelemetry.io/otel/sdk	1.37.0	1.40.0
golang.org/x/crypto	0.41.0	0.45.0

Updates filippo.io/edwards25519 from 1.1.0 to 1.1.1

Commits

• d1c650a extra: initialize receiver in MultiScalarMult
• See full diff in compare view

Updates github.com/cometbft/cometbft from 0.38.18 to 0.38.21

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.21

What's Changed

• chore(statesync): add max snapshot chunks configuration (v0.38.x) by @​mattac21 in cometbft/cometbft#5548
• test: add unit tests for TotalVotingPowerSafe (backport #5570) by @​mergify[bot] in cometbft/cometbft#5581

Full Changelog: cometbft/cometbft@v0.38.20...v0.38.21

v0.38.20

What's Changed

• Create NOTICE (backport #5495) by @​mergify[bot] in cometbft/cometbft#5496
• chore: add voting power validation (v0.38.x) by @​technicallyty in cometbft/cometbft#5520

Full Changelog: cometbft/cometbft@v0.38.19...v0.38.20

v0.38.19

This is a security patch release to the CometBFT v0.38.x family that fixes GHSA-hrhf-2vcr-ghch

What's Changed

• chore: fix test docker image by @​aljo242 in cometbft/cometbft#5299
• chore: refactor changelogs by @​aljo242 in cometbft/cometbft#5303
• chore: update and fix mockery tooling on v0.38 by @​aljo242 in cometbft/cometbft#5301
• chore: fix the linter by @​aljo242 in cometbft/cometbft#5304
• fix(store): Properly prune extended commits (backport #5276) by @​mergify[bot] in cometbft/cometbft#5313
• chore: clean up the repo by @​aljo242 in cometbft/cometbft#5315
• fix: remove exposed dockertest port to unblock postgres test by @​almk-dev in cometbft/cometbft#5325
• fix(consensus/reactor): reject oversized proposals (backport #5324) by @​mergify[bot] in cometbft/cometbft#5407
• GHSA-hrhf-2vcr-ghch

Full Changelog: cometbft/cometbft@v0.38.18...v0.38.19

Changelog

Sourced from github.com/cometbft/cometbft's changelog.

CHANGELOG

UNRELEASED

DEPENDENCIES

BUG FIXES

• [evidence] Add validation for Light Client Attack evidence ByzantineValidators (#5638)
• [types] Fix buffer offset bug in ProposerPriorityHash that caused hash collisions when validator priorities differed (#5613)
• [p2p] fix(privval): Ephemeral Port Exhaustion (#5433)
• [blocksync] fix(blocksync): ExtendedCommit verification via next blocks LastCommit (#5629)
• [p2p] fix(lp2p): enforce stream max size (#5647)
• [metrics] fix(metrics)!: peer_send_queue_size (#5648)
• [statesync] fix adaptive_sync and streamline stateSync logic (#5663)

IMPROVEMENTS

• [ci]: add lp2p testnet (#5643)
• [mempool] feat!(p2p): introduce follower-mode. Improve lib-p2p integraap access
• [types] Add validation for AuthorityParams.Authority field in consensus params, enforcing a maximum length of 256 characters (#5511)
• [mempool] perf(mempool/cache): Optimize LRUTxCache.Remove to reduce lock contention and map access (#5244)
• [e2e] add support for testing different keytypes, including BLS (#3513)
• [crypto] Reduce BLS signature size to 48 bytes by increasing pubkey size to 192 bytes (#3624
• [statesync] Add configurable max-snapshot-chunks parameter to validate max amount of chunks in a SnapshotResponse. (#5549)
• [p2p] feat(lp2p): make reactor queue configurable (#5662)
• [cli] print lib-p2p peer id (#5667)
• [p2p] Add warning when go-libp2p transport is enabled, conveying that the setting should only be activated if it can be enabled simultaneously for all validators and peer IDs have been predetermined and exchanged (#5692)
• [p2p] feat(p2p): add adaptive sync for comet-p2p (#5705)

FEATURES

• [p2p] feat(lp2p): implemented resource limiter (#5671)
• [p2p] feat(consensus): add adaptive sync blocksync-to-consensus ingestion (#5633)

... (truncated)

Commits

• c56d64e Merge commit from fork
• 01d5ea5 test: add unit tests for TotalVotingPowerSafe (backport #5570) (#5581)
• bd517d2 test: remove unnecessary loop variable capture
• 7c43155 test: add coverage for TotalVotingPowerSafe
• eeb4a59 fix test cases in validation
• 161f7ac fix tests
• a4e41a1 fix linter errors
• 26dc17f Add ValidateBlock tests for median time
• c36a8ed fix verbs
• dcf7e3b add test and fix a test
• Additional commits viewable in compare view

Updates github.com/consensys/gnark-crypto from 0.18.0 to 0.18.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.18.1] - 2025-10-28

Docs

• add CHANGELOG for 0.18.1

Perf

• limit memory allocation during Vector deserialization (#759)

Commits

• fb04e95 docs: add CHANGELOG for 0.18.1
• 0a4d04a perf: limit memory allocation during Vector deserialization (#759)
• See full diff in compare view

Updates github.com/cosmos/ibc-go/v8 from 8.4.0 to 8.7.0

Release notes

Sourced from github.com/cosmos/ibc-go/v8's releases.

v8.7.0

This release contains a fix for ISA-2025-001.

This version addresses a security vulnerability in IBC-go's deserialisation of acknowledgements and we strongly encourage everyone in the affected versions to update their chain immediately. This patch is not state-breaking, so chains can upgrade in a rolling manner. This does not have to be a co-ordinated upgrade. However, validators should upgrade as soon as possible when the release is made available. If the vulnerability is exploited before 2/3 is patched, the chain will halt.

Full Changelog: cosmos/ibc-go@v8.6.1...v8.7.0

---

To learn more about ibc-go versioning, please read our RELEASES.md.

IMPORTANT: Please read the migration guides for any versions of ibc-go that you might be going through when upgrading to this version. For example: if you upgrade from the IBC module contained in the Cosmos SDK 0.42.0 to SDK v0.50.9 and ibc-go v8.5.1, please follow:

1. The migration from SDK 0.41.x or 0.42.x to the IBC module in the ibc-go repository based on the SDK v0.44.x.
2. The migration from ibc-go v1 to v2.
3. The migration from ibc-go v2 to v3.
4. The migration from ibc-go v3 to v4.
5. The migration from ibc-go v4 to v5.
6. The migration from ibc-go v5 to v6.
7. The migration from ibc-go v6 to v7.
8. The migration from ibc-go v7 to v7.1.
9. The migration from ibc-go v7.2 to v7.3.
10. The migration from ibc-go v7 to v8.
11. The migration from ibc-go v8 to v8.1.

v8.6.1

This release contains a fix to ASA-2025-004

It is recommended to upgrade to this version as soon as possible.

Full Changelog: cosmos/ibc-go@v8.5.3...v8.6.1

---

To learn more about ibc-go versioning, please read our RELEASES.md.

IMPORTANT: Please read the migration guides for any versions of ibc-go that you might be going through when upgrading to this version. For example: if you upgrade from the IBC module contained in the Cosmos SDK 0.42.0 to SDK v0.50.9 and ibc-go v8.5.1, please follow:

1. The migration from SDK 0.41.x or 0.42.x to the IBC module in the ibc-go repository based on the SDK v0.44.x.
2. The migration from ibc-go v1 to v2.
3. The migration from ibc-go v2 to v3.
4. The migration from ibc-go v3 to v4.
5. The migration from ibc-go v4 to v5.
6. The migration from ibc-go v5 to v6.
7. The migration from ibc-go v6 to v7.
8. The migration from ibc-go v7 to v7.1.
9. The migration from ibc-go v7.2 to v7.3.
10. The migration from ibc-go v7 to v8.
11. The migration from ibc-go v8 to v8.1.

... (truncated)

Changelog

Sourced from github.com/cosmos/ibc-go/v8's changelog.

v8.7.0 - 2025-03-12

• ISA-2025-001 Fix ISA-2025-001

v8.6.1 - 2025-02-27

• ASA-2025-004 Fix ASA-2025-004

v8.5.2 - 2024-11-05

Testing

• #7430 Update the block proposer in test chains for each block.

Bug Fixes

• (core/03-connection) #7397 Skip the genesis validation connectionID for localhost client.

v8.5.1 - 2024-09-13

Bug Fixes

• (apps/27-interchain-accounts) #7277 Use GogoResolver when populating module query safe allow list to avoid panics from unresolvable protobuf dependencies.

v8.5.0 - 2024-08-30

Dependencies

• #6828 Bump Cosmos SDK to v0.50.9.
• #7222 Update ics23 to v0.11.0.

State Machine Breaking

• (core/03-connection) #7129 Remove verification of self client and consensus state from connection handshake.

Commits

• 53eaba1 chore: update changelog and retract v8.6.1
• 17b2240 Merge commit from fork
• 59987d5 fix: remove packet data remarshaling (#8065)
• 91dda01 chore: update redacted
• d346160 Merge branch 'gjermund/redact-v8.0-to-v8.5.2' into release/v8.6.x
• 60137a2 Merge commit from fork
• 7ae302c chore: update changelog and redact
• da27d9f chore: retract v8.5.3 (#7888)
• f0a2873 Chore/revert ibc proto updates (#7887)
• c3af326 chore: update changelog for v8.5.3 (#7876)
• Additional commits viewable in compare view

Updates github.com/docker/docker from 25.0.6+incompatible to 25.0.13+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v25.0.13

25.0.13

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

• moby/moby, 25.0.13 milestone
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Prevent restoration of iptables rules for deleted networks and containers on firewalld reload. moby/moby#50445
• Fix Swarm services becoming unreachable from published ports after a firewalld reload. moby/moby#50445
• Improve the reliability of the Swarm overlay network control plane by fixing longstanding issues with NetworkDB. moby/moby#50511
• Improve the reliability of Swarm overlay container networks by fixing longstanding issues with the overlay network driver. moby/moby#50551

v25.0.12

25.0.12

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

• moby/moby, 25.0.12 milestone
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix an issue where all new tasks in the Swarm could get stuck in the PENDING state forever after scaling up a service with placement preferences. moby/moby#50203
• Fix an issue which made DNS service discovery for Swarm services unreliable. moby/moby#50230

Packaging updates

• Update Go toolchain to go1.23.9. moby/moby#50053

v25.0.11

25.0.11

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

• moby/moby, 25.0.11 milestone
• Changes to the Engine API, see API version history.

Networking

• [25.0] Backport network fixes by @​dperny in moby/moby#50005

Known Issues

• Some Swarm services are not discoverable over DNS moby/moby#50129

Full Changelog: moby/moby@v25.0.10...v25.0.11

v25.0.10

25.0.10

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

... (truncated)

Commits

• 165516e Merge pull request #50551 from corhere/backport-25.0/libn/all-the-overlay-fixes
• f099e91 libnetwork: handle coalesced endpoint events
• bace1b8 libnetwork/d/overlay: handle coalesced peer updates
• f9e5429 libn/d/win/overlay: dedupe NetworkDB definitions
• fc3df55 libn/d/overlay: extract hashable address types
• b22872a libnetwork/driverapi: make EventNotify optional
• c7e17ae libn/networkdb: report prev value in update events
• d60c71a libnetwork/d/overlay: fix logical race conditions
• ad54b8f libn/d/overlay: fix encryption race conditions
• 8075689 libn/d/overlay: inline secMapWalk into only caller
• Additional commits viewable in compare view

Updates github.com/ulikunitz/xz from 0.5.12 to 0.5.14

Commits

• 7184815 Preparation of release v0.5.14
• 88ddf1d Address Security Issue GHSA-jc7w-c686-c4v9
• c8314b8 Add new package xio with WriteCloserStack
• See full diff in compare view

Updates go.opentelemetry.io/otel/sdk from 1.37.0 to 1.40.0

Changelog

Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.40.0/0.62.0/0.16.0] 2026-02-02

Added

• Add AlwaysRecord sampler in go.opentelemetry.io/otel/sdk/trace. (#7724)
• Add Enabled method to all synchronous instrument interfaces (Float64Counter, Float64UpDownCounter, Float64Histogram, Float64Gauge, Int64Counter, Int64UpDownCounter, Int64Histogram, Int64Gauge,) in go.opentelemetry.io/otel/metric. This stabilizes the synchronous instrument enabled feature, allowing users to check if an instrument will process measurements before performing computationally expensive operations. (#7763)
• Add go.opentelemetry.io/otel/semconv/v1.39.0 package. The package contains semantic conventions from the v1.39.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.38.0. (#7783, #7789)

Changed

• Improve the concurrent performance of HistogramReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar by 4x. (#7443)
• Improve the concurrent performance of FixedSizeReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar. (#7447)
• Improve performance of concurrent histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7474)
• Improve performance of concurrent synchronous gauge measurements in go.opentelemetry.io/otel/sdk/metric. (#7478)
• Add experimental observability metrics in go.opentelemetry.io/otel/exporters/stdout/stdoutmetric. (#7492)
• Exporter in go.opentelemetry.io/otel/exporters/prometheus ignores metrics with the scope go.opentelemetry.io/contrib/bridges/prometheus. This prevents scrape failures when the Prometheus exporter is misconfigured to get data from the Prometheus bridge. (#7688)
• Improve performance of concurrent exponential histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7702)
• The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)
• The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)

Fixed

• Fix bad log message when key-value pairs are dropped because of key duplication in go.opentelemetry.io/otel/sdk/log. (#7662)
• Fix DroppedAttributes on Record in go.opentelemetry.io/otel/sdk/log to not count the non-attribute key-value pairs dropped because of key duplication. (#7662)
• Fix SetAttributes on Record in go.opentelemetry.io/otel/sdk/log to not log that attributes are dropped when they are actually not dropped. (#7662)
• Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to correctly handle HTTP/2 GOAWAY frame. (#7794)
• WithHostID detector in go.opentelemetry.io/otel/sdk/resource to use full path for ioreg command on Darwin (macOS). (#7818)

Deprecated

• Deprecate go.opentelemetry.io/otel/exporters/zipkin. For more information, see the OTel blog post deprecating the Zipkin exporter. (#7670)

[1.39.0/0.61.0/0.15.0/0.0.14] 2025-12-05

Added

• Greatly reduce the cost of recording metrics in go.opentelemetry.io/otel/sdk/metric using hashing for map keys. (#7175)
• Add WithInstrumentationAttributeSet option to go.opentelemetry.io/otel/log, go.opentelemetry.io/otel/metric, and go.opentelemetry.io/otel/trace packages. This provides a concurrent-safe and performant alternative to WithInstrumentationAttributes by accepting a pre-constructed attribute.Set. (#7287)
• Add experimental observability for the Prometheus exporter in go.opentelemetry.io/otel/exporters/prometheus. Check the go.opentelemetry.io/otel/exporters/prometheus/internal/x package documentation for more information. (#7345)
• Add experimental observability metrics in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (#7353)
• Add temporality selector functions DeltaTemporalitySelector, CumulativeTemporalitySelector, LowMemoryTemporalitySelector to go.opentelemetry.io/otel/sdk/metric. (#7434)
• Add experimental observability metrics for simple log processor in go.opentelemetry.io/otel/sdk/log. (#7548)
• Add experimental observability metrics in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#7459)

... (truncated)

Commits

• a3a5317 Release v1.40.0 (#7859)
• 77785da chore(deps): update github/codeql-action action to v4.32.1 (#7858)
• 56fa1c2 chore(deps): update module github.com/clipperhouse/uax29/v2 to v2.5.0 (#7857)
• 298cbed Upgrade semconv use to v1.39.0 (#7854)
• 3264bf1 refactor: modernize code (#7850)
• fd5d030 chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
• 8d3b4cb chore(deps): update actions/cache action to v5.0.3 (#7847)
• 91f7cad chore(deps): update github.com/timakin/bodyclose digest to 73d1f95 (#7845)
• fdad1eb chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
• c46d3ba chore(deps): update golang.org/x/telemetry digest to fcf36f6 (#7843)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.45.0

Commits

• 4e0068c go.mod: update golang.org/x dependencies
• e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
• f91f7a7 ssh/agent: prevent panic on malformed constraint
• 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
• bcf6a84 acme: pass context to request
• b4f2b62 ssh: fix error message on unsupported cipher
• 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
• 122a78f go.mod: update golang.org/x dependencies
• c0531f9 all: eliminate vet diagnostics
• 0997000 all: fix some comments
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud