Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump cosmwasm-std from 1.5.2 to 1.5.4 #11

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Apr 24, 2024

Bumps cosmwasm-std from 1.5.2 to 1.5.4.

Release notes

Sourced from cosmwasm-std's releases.

v1.5.4

The release notes are available in CHANGELOG.md. For upgrading contracts also consult MIGRATING.md.\n\nAttached there are some build artifacts generated at this tag. Those are for development purposes only! Please use crates.io to find the packages of this release.

v1.5.3

The release notes are available in CHANGELOG.md. For upgrading contracts also consult MIGRATING.md.\n\nAttached there are some build artifacts generated at this tag. Those are for development purposes only! Please use crates.io to find the packages of this release.

Changelog

Sourced from cosmwasm-std's changelog.

[1.5.4]

Fixed

  • cosmwasm-std: Fix CWA-2024-002

Added

  • cosmwasm-std: Implement &T + T and &T op &T for Uint64, Uint128, Uint256 and Uint512; improve panic message for Uint64::add and Uint512::add (#2092)
  • cosmwasm-std: Add Uint{64,128,256,512}::strict_add and ::strict_sub which are like the Add/Sub implementations but const. (#2098, #2107)

#2092: CosmWasm/cosmwasm#2092 #2098: CosmWasm/cosmwasm#2098 #2107: CosmWasm/cosmwasm#2107

Changed

  • cosmwasm-std: Let Timestamp::plus_nanos/::minus_nanos use Uint64::strict_add/::strict_sub and document overflows. (#2098, #2107)

#2098: CosmWasm/cosmwasm#2098 #2107: CosmWasm/cosmwasm#2107

Fixed

  • cosmwasm-std: Correctly deallocate vectors that were turned into a Region via release_buffer (#2062)

#2062: CosmWasm/cosmwasm#2062

[1.5.3]

Changed

  • cosmwasm-vm: Read Region from Wasm memory as bytes and convert to Region afterwards (#2005)

#2005: CosmWasm/cosmwasm#2005

Commits
  • 95bfc2d Set version: 1.5.4
  • eff79bc Fix
  • 9f88e7c fix: avoid div with zero in assert_approx_eq (#2101) (#2113)
  • 41b1d16 Rename math functions to strict_add/strict_sub (backport #2107) (#2110)
  • 695970c Use newly added panicking_add/panicking_sub for Timestamp math (backport #209...
  • a39a171 Implement add for Uint* more consistently
  • d65150f Adjust documentation
  • 26d23c2 Update packages/std/src/memory.rs
  • 2b26879 Remove AsRef\<[u8]> bounds
  • 61e12f9 Abstract away the source behind an unsafe trait
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [cosmwasm-std](https://github.com/CosmWasm/cosmwasm) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/CosmWasm/cosmwasm/releases)
- [Changelog](https://github.com/CosmWasm/cosmwasm/blob/v1.5.4/CHANGELOG.md)
- [Commits](CosmWasm/cosmwasm@v1.5.2...v1.5.4)

---
updated-dependencies:
- dependency-name: cosmwasm-std
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants