Merge branch 'cosmos:main' into main

.github/CODEOWNERS

@@ -1,2 +1,2 @@
 # CODEOWNERS: https://help.github.com/articles/about-codeowners/
-* @jackzampolin @jtieri @boojamya @mark-rushakoff
+* @jtieri @boojamya @agouin

.github/workflows/interchaintest.yml

@@ -147,15 +147,20 @@ jobs:
     outputs:
       matrix: ${{ steps.set-matrix.outputs.matrix }}
     steps:
-    - name: Checkout code
-      uses: actions/checkout@v4
-
-    - name: Generate matrix
-      id: set-matrix
-      run: |
-        # Run the command and convert its output to a JSON array
-        TESTS=$(cd interchaintest && go test -list ^TestScenario ./... | grep -v "^ok " | jq -R -s -c 'split("\n")[:-1]')
-        echo "matrix=${TESTS}" >> $GITHUB_OUTPUT
+      - name: Set up Go 1.21
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21'
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Generate matrix
+        id: set-matrix
+        run: |
+          # Run the command and convert its output to a JSON array
+          TESTS=$(cd interchaintest && go test -list ^TestScenario ./... | grep -v "^ok " | grep -v "proto: duplicate proto type registered" | jq -R -s -c 'split("\n")[:-1]')
+          echo "matrix=${TESTS}" >> $GITHUB_OUTPUT
   
   # Note : This job will not start until prepare-scenario-matrix completes sucessfully
   scenarios:

.github/workflows/strangelove-project-management.yaml

@@ -0,0 +1,20 @@
+name: Strangelove Project Management
+
+on:
+  issues:
+    types:
+        - opened
+        - transferred
+        - reopened
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          # You can target a project in a different organization
+          # to the issue
+          project-url: https://github.com/orgs/strangelove-ventures/projects/4
+          github-token: ${{ secrets.strangelove_motherboard_access_token }}

CHANGELOG.md

@@ -25,6 +25,11 @@
 * [\#1231](https://github.com/cosmos/relayer/pull/1231) Reduce get bech32 prefix when get signer.
 * [\#1302](https://github.com/cosmos/relayer/pull/1302) Avoid packet get relayed when estimated gas is higher than max gas.
 * [\#1303](https://github.com/cosmos/relayer/pull/1303) Add missing max gas amount on txf to avoid estimate less gas when simualte runTx.
+* [\#1324](https://github.com/cosmos/relayer/pull/1324) Add log-level in global config.
+* [\#1325](https://github.com/cosmos/relayer/pull/1325) Ignore only file not exist error when loadConfigFile.
+* [\#1326](https://github.com/cosmos/relayer/pull/1326) Avoid sending channel close confirm message after channel get closed successfully.
+* [\#1364](https://github.com/cosmos/relayer/pull/1364) Include feegrant message when calculate gas.
+* [\#1390](https://github.com/cosmos/relayer/pull/1390) Avoid no concrete type registered for type URL error of EthAccount.
 
 ## v0.9.3
 

Makefile

@@ -123,7 +123,7 @@ build-gaia:
 .PHONY: two-chains test test-integration interchaintest install build lint coverage clean
 
 PACKAGE_NAME          := github.com/cosmos/relayer
-GOLANG_CROSS_VERSION  ?= v1.19.4
+GOLANG_CROSS_VERSION  ?= v1.21.5
 
 SYSROOT_DIR     ?= sysroots
 SYSROOT_ARCHIVE ?= sysroots.tar.bz2

README.md

@@ -200,8 +200,8 @@ Additional information on how IBC works can be found [here](https://ibc.cosmos.n
 
 ## Security Notice
 
-If you would like to report a security critical bug related to the relayer repo,
-please reach out @jackzampolin or @Ethereal0ne on telegram.
+If you would like to report a security bug related to the relayer repo,
+please follow the instructions in [SECURITY.md](SECURITY.md).
 
 ## Code of Conduct
 

SECURITY.md

@@ -0,0 +1,53 @@
+# Coordinated Vulnerability Disclosure Policy
+
+The Cosmos ecosystem believes that strong security is a blend of highly
+technical security researchers who care about security and the forward
+progression of the ecosystem and the attentiveness and openness of Cosmos core
+contributors to help continually secure our operations.
+
+> **IMPORTANT**: *DO NOT* open public issues on this repository for security
+> vulnerabilities.
+
+## Reporting a Vulnerability
+
+| Reporting methods                                             | Bounty eligible |
+|---------------------------------------------------------------|-----------------|
+| [HackerOne program][h1]                                       |       yes       |
+| [[email protected]](mailto:[email protected])       |       no        |
+
+Issues identified in this repository may be eligible for a [bug bounty][h1]. For your report to be bounty
+eligible it must be reported exclusively through the [HackerOne Bug Bounty][h1].
+
+If you do not wish to be eligible for a bounty or do not want to use the HackerOne platform to report an
+issue, please send your report via email to [[email protected]](mailto:[email protected]) with
+reproduction steps and details of the issue.
+
+### Guidelines
+
+We require that all researchers:
+
+* Abide by this policy to disclose vulnerabilities, and avoid posting
+  vulnerability information in public places, including GitHub, Discord,
+  Telegram, and Twitter.
+* Make every effort to avoid privacy violations, degradation of user experience,
+  disruption to production systems (including but not limited to the Cosmos
+  Hub), and destruction of data.
+* Keep any information about vulnerabilities that you’ve discovered confidential
+  between yourself and the Cosmos engineering team until the issue has been
+  resolved and disclosed.
+* Avoid posting personally identifiable information, privately or publicly.
+
+If you follow these guidelines when reporting an issue to us, we commit to:
+
+* Not pursue or support any legal action related to your research on this
+  vulnerability
+* Work with you to understand, resolve and ultimately disclose the issue in a
+  timely fashion
+
+## Coordinated Vulnerability Disclosure Policy and Safe Harbor
+
+For the most up-to-date version of the policies that govern vulnerability disclosure, please consult the [HackerOne program page](https://hackerone.com/cosmos?type=team&view_policy=true).
+
+The policy hosted on HackerOne is the official Coordinated Vulnerability Disclosure policy and Safe Harbor for the Interchain Stack, and the teams and infrastructure it supports, and it supersedes previous security policies that have been used in the past by individual teams and projects with targets in scope of the program.
+
+[h1]: https://hackerone.com/cosmos