Bump github.com/cometbft/cometbft from 0.38.21 to 0.38.23

[dependabot]

Bumps github.com/cometbft/cometbft from 0.38.21 to 0.38.23.

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.23

What's Changed

• fix(types): properly handle nil votes (backport #5777) by @​mergify[bot] in cometbft/cometbft#5782
• fix(blocksync): prevent maxPeerHeight poisoning (backport #5803) by @​mergify[bot] in cometbft/cometbft#5806
• fix(light): stop witness comparison after divergence checks (backport #5820) by @​mergify[bot] in cometbft/cometbft#5826
• fix(abci): prevent panic on unlock in socket server panic recovery (backport #5593) by @​mergify[bot] in cometbft/cometbft#5830
• test(consensus): fix flaky TestByzantinePrevoteEquivocation (backport #5814) by @​mergify[bot] in cometbft/cometbft#5841

Full Changelog: cometbft/cometbft@v0.38.22...v0.38.23

v0.38.22

What's Changed

• chore: add additional evidence validation (backport #5638) by @​mergify[bot] in cometbft/cometbft#5639
• fix(blocksync): ExtendedCommit verification via verified next blocks last commit (backport #5629) by @​mergify[bot] in cometbft/cometbft#5640
• fix(blocksync): use full commit verification in blocksync (backport #5711) by @​mergify[bot] in cometbft/cometbft#5727
• fix(blocksync): ensure full verification of second.LastCommit during sync (backport #5753) by @​mergify[bot] in cometbft/cometbft#5756

Full Changelog: cometbft/cometbft@v0.38.21...v0.38.22

Changelog

Sourced from github.com/cometbft/cometbft's changelog.

v0.38.23

BUG FIXES

• [types] Fix nil vote handling (#5777)
• [light]: stop witness comparison after divergence checks (#5820)
• [abci] fix(abci): prevent panic on unlock in socket server panic recovery (#5593)

v0.38.22

April 10, 2026

BUG FIXES

• [evidence] Add validation for Light Client Attack evidence ByzantineValidators (#5638)
• [blocksync] fix(blocksync): ExtendedCommit verification via next blocks LastCommit (#5629)
• [blocksync] Modify blocksync to use full commit verification instead of light (#5663)
• [abci] fix(abci): prevent panic on unlock in socket server panic recovery (#5593)

IMPROVEMENTS

• [ci]: add lp2p testnet (#5643)
• [mempool] feat!(p2p): introduce follower-mode. Improve lib-p2p integraap access
• [types] Add validation for AuthorityParams.Authority field in consensus params, enforcing a maximum length of 256 characters (#5511)
• [mempool] perf(mempool/cache): Optimize LRUTxCache.Remove to reduce lock contention and map access (#5244)
• [e2e] add support for testing different keytypes, including BLS (#3513)
• [crypto] Reduce BLS signature size to 48 bytes by increasing pubkey size to 192 bytes (#3624)
• [p2p] feat(lp2p): make reactor queue configurable (#5662)
• [cli] print lib-p2p peer id (#5667)
• [p2p] Add warning when go-libp2p transport is enabled, conveying that the setting should only be activated if it can be enabled simultaneously for all validators and peer IDs have been predetermined and exchanged (#5692)
• [p2p] feat(p2p): add adaptive sync for comet-p2p (#5705)

FEATURES

... (truncated)

Commits

• feb2aea chore: changelog updates for v0.38.23 (#5848)
• bb50165 changelog updates for v0.38.33
• a82d977 test(consensus): fix flaky TestByzantinePrevoteEquivocation (backport #5814) ...
• 5acce5a fix(abci): prevent panic on unlock in socket server panic recovery (backport ...
• 20818d7 fix(light): stop witness comparison after divergence checks (backport #5820) ...
• 4928b26 fix(blocksync): prevent maxPeerHeight poisoning (backport #5803) (#5806)
• 5ca419e fix(types): properly handle nil votes (backport #5777) (#5782)
• 6e5f768 chore: prep changelog for release (#5767)
• 0214cbc prep changelog for release
• ce162f9 chore: changelog cleanup (#5764)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)