Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump github.com/ipfs/kubo from 0.16.0 to 0.19.0 in /go #160

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 11, 2023

Bumps github.com/ipfs/kubo from 0.16.0 to 0.19.0.

Release notes

Sourced from github.com/ipfs/kubo's releases.

v0.19.0

Overview

🔦 Highlights

Improving the libp2p resource management integration

There are further followups up on libp2p resource manager improvements in Kubo 0.18.0 and 0.18.1:

  1. ipfs swarm limits and ipfs swarm stats have been replaced by ipfs swarm resources to provide a single/combined view for limits and their current usage in a more intuitive ordering.
  2. Removal of Swarm.ResourceMgr.Limits config. Instead the power user can specify limits in a .json file that are fed directly to go-libp2p. This allows the power user to take advantage of the new resource manager types introduced in go-libp2p 0.25 including "use default", "unlimited", "block all".
    • Note: we don't expect most users to need these capablities, but they are there if so.
  3. Doc updates.

Gateways

Signed IPNS Record response format

This release implements IPIP-351 and adds Gateway support for returning signed (verifiable) ipns-record (0x0300) when /ipns/{libp2p-key} is requested with either Accept: application/vnd.ipfs.ipns-record HTTP header or ?format=ipns-record URL query parameter.

The Gateway in Kubo already supported trustless, verifiable retrieval of immutable /ipfs/ namespace. With ?format=ipns-record, light HTTP clients are now able to get the same level of verifiability for IPNS websites.

Tooling is limited at the moment, but we are working on go-libipfs examples that illustrate the verifiable HTTP client pattern.

Example: fetch IPNS record over HTTP and inspect it with ipfs name inspect --verify
$ FILE_CID=$(echo "Hello IPFS" | ipfs add --cid-version 1 -q)
$ IPNS_KEY=$(ipfs key gen test)
$ ipfs name publish /ipfs/$FILE_CID --key=test --ttl=30m
Published to k51q..dvf1: /ipfs/bafk..z244
$ curl "http://127.0.0.1:8080/ipns/$IPNS_KEY?format=ipns-record" > signed.ipns-record
$ ipfs name inspect --verify $IPNS_KEY < signed.ipns-record
Value:         "/ipfs/bafk..."
</tr></table> 

... (truncated)

Commits
  • 1963219 Merge pull request #9697 from ipfs/release-v0.19.0
  • 1386592 docs: update changelog
  • 8221061 chore: update version
  • 754264f Merge pull request #9707 from ipfs/changelog-0.19
  • 7ea6e32 chore: update go-libp2p to v0.26.3 (#9737)
  • a22db79 fix: canonicalize user defined headers
  • 6cdc3c8 fix: apply API.HTTPHeaders to /webui redirect
  • 010e22b feat: add heap allocs to 'ipfs diag profile'
  • 3c35a0c chore: bump go-libipfs@v0.6.2
  • af79d84 fix: future proof with > rcmgr.DefaultLimit for new enum rcmgr values
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [github.com/ipfs/kubo](https://github.com/ipfs/kubo) from 0.16.0 to 0.19.0.
- [Release notes](https://github.com/ipfs/kubo/releases)
- [Changelog](https://github.com/ipfs/kubo/blob/master/CHANGELOG.md)
- [Commits](ipfs/kubo@v0.16.0...v0.19.0)

---
updated-dependencies:
- dependency-name: github.com/ipfs/kubo
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 11, 2023
@jefft0
Copy link
Collaborator

jefft0 commented May 15, 2023

Need to do a general update of the kubo version.

@jefft0 jefft0 added the backlog label May 15, 2023
@jefft0 jefft0 marked this pull request as draft August 7, 2023 13:08
@jefft0 jefft0 removed the backlog label Aug 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant