chore(deps): bump github.com/cometbft/cometbft from 0.38.11 to 0.38.12

[dependabot]

Bumps github.com/cometbft/cometbft from 0.38.11 to 0.38.12.

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.12

See the CHANGELOG for this release.

Changelog

Sourced from github.com/cometbft/cometbft's changelog.

v0.38.12

September 3, 2024

This release includes a security fix for the light client and is recommended for all users.

BUG FIXES

• [light] Cross-check proposer priorities in retrieved validator sets (#ASA-2024-009)
• [privval] Ignore duplicate privval listen when already connected (#3828

DEPENDENCIES

• [crypto/secp256k1] Adjust to breaking interface changes in btcec/v2 latest release, while avoiding breaking changes to local CometBFT functions (#3728)

IMPROVEMENTS

• [types] Check that proposer is one of the validators in ValidateBasic (#ASA-2024-009)
• [e2e] Add log_level option to manifest file (#3819).
• [e2e] Add log_format option to manifest file (#3836).

Commits

• 9722b6d v0.38.12 (#3982)
• 52c00a5 Merge commit from fork
• f2ae0f4 build(deps): Bump github.com/cosmos/gogoproto from 1.4.11 to 1.7.0 (#3912)
• cbedf6d build(deps): Bump github.com/BurntSushi/toml from 1.2.1 to 1.4.0 (#3908)
• 1013c80 test(mempool): Add two Update benchmarks (backport #3873) (#3892)
• 2fb0cdd build(deps): Bump github.com/rs/cors from 1.8.3 to 1.11.1 (#3907)
• dcbf359 build(deps): Bump github.com/Masterminds/semver/v3 from 3.2.0 to 3.3.0 (#3906)
• 8de81d5 build(deps): Bump golang.org/x/net from 0.26.0 to 0.28.0 (#3905)
• 221c744 fix(privval): CV ignore duplicate privval listen when connected (backport #38...
• 969c8d1 mempool: Fix the benchmarks (backport #934) (#3893)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[damiannolan]

closes: #7242 #7243 #7244 #7245 #7246

[crodriguezvega]

Thank you, @damiannolan!

[sonarcloud]

Quality Gate passed for 'ibc-go'

Issues
151 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud