Bump the dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the dependencies group with 7 updates in the / directory:

Package	From	To
github.com/attestantio/go-eth2-client	0.21.6	0.21.10
github.com/ethereum/go-ethereum	1.13.14	1.14.7
github.com/herumi/bls-eth-go-binary	1.33.0	1.35.0
github.com/itchyny/gojq	0.12.15	0.12.16
github.com/prometheus/client_golang	1.19.0	1.19.1
github.com/rs/zerolog	1.32.0	1.33.0
github.com/spf13/cobra	1.8.0	1.8.1

Updates github.com/attestantio/go-eth2-client from 0.21.6 to 0.21.10

Changelog

Sourced from github.com/attestantio/go-eth2-client's changelog.

0.21.10:

• better validator state when balance not supplied

0.21.9:

• enable custom timeouts for POSTs

0.21.8:

• remove Lodestar proposals workaround
• add client headers for events stream

0.21.7:

• use POST for specific validator and validator balance information

Commits

• b3d8c14 Better handling of validator state when no balance is present.
• f925432 Better handling of empty responses.
• 633b784 Formatting.
• 512fdce Bump version.
• 2450464 Enable per-request timeout for POSTs.
• 22abb36 Enable per-request timeout for POSTs.
• 166b693 Release 0.21.8
• eff49f7 Use xxxxx rather than *** to mask sensitive data in URLs.
• 73945ba Set appropriate Accept header for events.
• 0138132 Add client headers for events stream.
• Additional commits viewable in compare view

Updates github.com/ethereum/go-ethereum from 1.13.14 to 1.14.7

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

Trident (v1.14.7)

This is a hot-fix release for a bug (#30139) which affects only the previous release. Users of v1.14.6 are kindly requested to update.

For a full rundown of the changes please consult the Geth 1.14.7 release milestone.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Talaria (v1.14.6)

Geth v1.14.6 is a maintenance release, but it does ship with the experimental witness building validation code used in @​karalabe's "cross validation" proposal. Note that the engine API part is not included in this release.

---

Shipped features:

• Add stateless witness builder and (self-)cross validator (#29719, #29807, #29970, #30024)
• Set a 2KB hard limit for p2p handshake messages (#30029)
• Improved display of database statistics (#29948)

Shipped bugfixes:

• Fix issue in which the beacon root contract balance would not be saved in developer mode, causing an error on restart (#29963)
• Fix shutdown crash when geth runs in blsync mode (#29946)
• Fix data races in snapshot access (#30001, #30011)
• Fix out of bounds access in json unmarshalling (#30014)
• Add missing lock in peer discovery (#29960)

For a full rundown of the changes please consult the Geth 1.14.6 release milestone.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Bothros (v1.14.5)

Geth v1.14.5 is a hotfix release that addresses a regression introduced in v1.14.4, which prevented the node from discovering other peers in certain networking setups (#29944). It is otherwise identical to v1.14.4.

---

Geth v1.14.4 in a usual maintenance release, but it does ship a 5-7% block import speed improvement. Furthermore, v1.14.4 also finally includes an Ether supply live tracer, that you can enable via --vmtrace supply. Also please note, the default value for miner tip enforcement was dropped from 1 gwei to 0.001 gwei (block producers can change this via --miner.gasprice).

... (truncated)

Commits

• aa55f5e Merge branch 'master' into release/1.14
• 0aafbb3 params: go-ethereum v1.14.7 stable
• 803dc6b core/txpool/blobpool: revert #29989, WLock on Nonce (#30142)
• 37590b2 eth/catalyst: fix params in failure log (#30131)
• 10467ac go.mod: update uint256 to 1.3.0 (#30134)
• c4b4d05 crypto: remove hardcoded value for secp256k1.N (#30126)
• 2d9d423 build: upgrade -dlgo version to Go 1.22.5 (#30112)
• c6cae0f Merge remote-tracking branch 'gballet/release-1.14.6'
• aadddf3 params: release Geth v1.14.6
• 640e0f1 params: begin v1.14.7 release cycle
• Additional commits viewable in compare view

Updates github.com/herumi/bls-eth-go-binary from 1.33.0 to 1.35.0

Commits

• 9390510 fix(release): added libs for windows
• d4424cc fix(release): added libs for ios/ios simulator
• 7950887 fix(release): added libs for darwin
• f7f8c5c fix(release): added libs for android
• 4405dd6 fix(release): added libs for linux(amd64/arm64)
• dc41984 [skip ci] Merge branch 'master' into release
• ff01503 -lstdc++ is unnecessary on linux
• 371b182 [skip ci]Merge branch 'master' into release
• f13490a update bls v1.89
• 938a82c Merge branch 'dev'
• Additional commits viewable in compare view

Updates github.com/holiman/uint256 from 1.2.4 to 1.3.0

Release notes

Sourced from github.com/holiman/uint256's releases.

Fitcher Penrose (v1.3.0)

The 1.3.0-release contains a lot of optimizations, contributed by @​AaronChen0. Thanks for all the contributions! Other than that, a breaking change in the ssz-interface implementation and a bugfix.

What's Changed

• optimizations to Mul, squared, Exp, Set, DivMod, Byte, Lsh, Rsh, SRsh, ExtendSign, AddMod, MulOverflow, MulMod, MulDivOverflow, MulModWithReciprocal , Mod, Sqrt by @​AaronChen0 in (holiman/uint256#152, holiman/uint256#153, holiman/uint256#154, holiman/uint256#158, holiman/uint256#165, holiman/uint256#166, holiman/uint256#167, holiman/uint256#168, holiman/uint256#169, holiman/uint256#172, holiman/uint256#173, holiman/uint256#174

• Fixes a bug in SetBytes29 (holiman/uint256#157)

• Test-improvements, now using golang-native fuzzing instead of gofuzz-based fuzzing by @​holiman (holiman/uint256#163, holiman/uint256#164)

• The method MarshalSSZTo was removed, and has been replaced by MarshalSSZAppend and MarshalSSZInto. This is an intentionally breaking change, forcing users to explicitly choose which implementation they desire. For more info, see holiman/uint256#171

Full Changelog: holiman/uint256@v1.2.4...v1.2.5

---

The uint256 release naming-convention is "fictional mathematicians", later expanded into "fictional scientists", due to the dearth of fiction about mathematicians.

Fitcher Penrose appears in Amitav Ghosh's Ibis-trilogy, part II, "River of Smoke". He is a botanist collecting rare plants in Asia.

Commits

• 75a5209 conversion: replace MarshalSSZTo with MarshalSSZAppend and `MarshalSSZInt...
• b3cb927 uint256: optimize Sqrt (#174)
• 8dfcfde uint256: optimize mod, DivMod (#173)
• b85bc2a uint256: optimize MulMod, MulModWithReciprocal (#172)
• 70cbe2b uint256: optimize div-related functions by removing unnecessary computation (...
• 11a325c uint256: optimize div-related functions by reducing bounds check (#168)
• 66a4528 uint256: minor improvement for Mul (#167)
• 5ecf78c uint256: optimize umul (MulOverflow, MulMod, MulModWithReciprocal, MulDivOver...
• 34f0760 uint256: optimize AddMod (#165)
• 09331ab make oss-fuzz integration work again (#164)
• Additional commits viewable in compare view

Updates github.com/itchyny/gojq from 0.12.15 to 0.12.16

Release notes

Sourced from github.com/itchyny/gojq's releases.

Release v0.12.16

• fix offset of query parsing error on multi-byte characters
• fix tests of exp10 and atan2 failing on some platforms
• fix debug/1 to be available only when debug/0 is defined
• improve parser to allow binary operators as object values
• improve compiler to emit error if query is missing

Changelog

Sourced from github.com/itchyny/gojq's changelog.

v0.12.16 (2024-06-01)

• fix offset of query parsing error on multi-byte characters
• fix tests of exp10 and atan2 failing on some platforms
• fix debug/1 to be available only when debug/0 is defined
• improve parser to allow binary operators as object values
• improve compiler to emit error if query is missing

Commits

• 0607aa5 bump up version to 0.12.16
• 0709341 update CHANGELOG.md for v0.12.16
• 1324e6e update dependencies
• 01355e9 improve parser to allow binary operators as object values
• a41a5f8 fix debug/1 function to be available only when debug/0 is defined
• f694c1b fix a benchmark test BenchmarkCompile
• f2559f6 remove private compare function
• 0cd3a66 improve compiler to abort with error if query is missing
• 422cc9d refactor stringify function declarations of query
• 1130c4e refactor program body, rename rules, remove empty actions in parser
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.19.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

• Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

• @​lukasauk made their first contribution in prometheus/client_golang#1494

Full Changelog: prometheus/client_golang@v1.19.0...v1.19.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

Commits

• 6e3f4b1 Cut 1.19.1 (#1494)
• cad1bfa Merge pull request #1454 from prometheus/small-nits
• 0aa8c9f Rephrase incompatibility with common v0.48.0
• See full diff in compare view

Updates github.com/rs/zerolog from 1.32.0 to 1.33.0

Commits

• c78e50e Add fields order (#550)
• 8582bed fix: use TimestampFunc in busrt sampler (#671) (#672)
• 7d9db06 Allow setting floating point precision in JSON. (#663)
• e5aa7e3 Revert #662
• 0efa414 Fix panic caused by an extra malformed level field (#665)
• eb081e1 chore: fix some typos in comments (#667)
• 2d899f0 set debug log color (#662)
• 74cf37a Add EmptyFields method to remove all the fileds from logger (#575)
• e5edd4b Refactor: make code in comment valid and runable (#654)
• 582007f Add a time.Location to ConsoleWriter. (This allows UTC timestamps.) (#531)
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

• Add env variable to suppress completion descriptions on create by @​scop in spf13/cobra#1938

🐛 Bug fixes

• Micro-optimizations by @​scop in spf13/cobra#1957

🔧 Maintenance

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @​dependabot in spf13/cobra#2127
• Consistent annotation names by @​nirs in spf13/cobra#2140
• Remove fully inactivated linters by @​nirs in spf13/cobra#2148
• Address golangci-lint deprecation warnings, enable some more linters by @​scop in spf13/cobra#2152

🧪 Testing & CI/CD

• Add test for func in cobra.go by @​korovindenis in spf13/cobra#2094
• ci: test golang 1.22 by @​cyrilico in spf13/cobra#2113
• Optimized and added more linting by @​scop in spf13/cobra#2099
• build(deps): bump actions/setup-go from 4 to 5 by @​dependabot in spf13/cobra#2087
• build(deps): bump actions/labeler from 4 to 5 by @​dependabot in spf13/cobra#2086
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in spf13/cobra#2108
• build(deps): bump actions/cache from 3 to 4 by @​dependabot in spf13/cobra#2102

✏️ Documentation

• Fixes and docs for usage as plugin by @​nirs in spf13/cobra#2070
• flags: clarify documentation that LocalFlags related function do not modify the state by @​niamster in spf13/cobra#2064
• chore: remove repetitive words by @​racerole in spf13/cobra#2122
• Add LXC to the list of projects using Cobra @​VaradBelwalkar in spf13/cobra#2071
• Update projects_using_cobra.md by @​marcuskohlberg in spf13/cobra#2089
• [chore]: update projects using cobra by @​cmwylie19 in spf13/cobra#2093
• Add Taikun CLI to list of projects by @​Smidra in spf13/cobra#2098
• Add Incus to the list of projects using Cobra by @​montag451 in spf13/cobra#2118

... (truncated)

Commits

• e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
• 8003b74 Remove fully inactivated linters (#2148)
• 5c2c1d6 Consistent annotation names (#2140)
• 5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
• 0fc86c2 docs: update user guide (#2128)
• 6b5f577 More linting (#2099)
• bd914e5 fix: remove deprecated io/ioutils package (#2120)
• 1f80fa2 chore: remove repetitive words (#2122)
• c69ae4c ci: test golang 1.22 (#2113)
• a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions