Bump github.com/ipfs/kubo from 0.22.0 to 0.23.0

[dependabot]

Bumps github.com/ipfs/kubo from 0.22.0 to 0.23.0.

Release notes

Sourced from github.com/ipfs/kubo's releases.

v0.23.0

• 💬 Discuss
• 🔦 Highlights
  • Mplex deprecation
  • Gateway: meaningful CAR responses on Not Found errors
  • Gateway: added Gateway.DisableHTMLErrors configuration option
  • Binary characters in file names: no longer works with old clients and new Kubo servers
  • Self-hosting /routing/v1 endpoint for delegated routing needs
  • Trustless Gateway Over Libp2p Experiment
  • Removal of /quic (https://github.com/ipfs/kubo/blob/HEAD/Draft 29) support
  • Better Caching of multiaddresses for providers in DHT servers
  • Fixed FUSE multiblock structures
• 📝 Changelog
• 👨‍👩‍👧‍👦 Contributors

Overview

🔦 Highlights

Mplex deprecation

Mplex is being deprecated, this is because it is unreliable and randomly drop streams when sending data too fast.

New pieces of code rely on backpressure, that means the stream will dynamicaly slow down the sending rate if data is getting backed up. Backpressure is provided by Yamux and QUIC.

In case you need compatibility with older implementations that do not ship with Yamux (like default's JS-IPFS) you can turned it back ON in the config with:

$ ipfs config --json Swarm.Transports.Multiplexers.Mplex 200

We will completely remove Mplex in v0.24 as it makes protocols very bad to implement, if you are in this situation you need to add yamux support to your other implementation.

Gateway: meaningful CAR responses on Not Found errors

When requesting a CAR from the gateway, the root of the CAR might no longer be meaningful. By default, the CAR root will be the last resolvable segment of the path. However, in situations where the path cannot be resolved, such as when the path does not exist, a CAR will be sent with a root of bafkqaaa (empty CID).

This CAR will contain all blocks necessary to validate that the path does not exist without having to trust the gateway.

Gateway: added Gateway.DisableHTMLErrors configuration option

The Gateway.DisableHTMLErrors configuration option forces errors to be

... (truncated)

Commits

• 3a1a041 Merge pull request #10165 from ipfs/release-v0.23.0
• c9d1c3b chore: update changelog for v0.23
• 7d26d78 fix: align systemd unit file with default IPFS installation path (#10163)
• bd36a9d docs: capitalize headers for consistency
• 23ca11e Merge commit '695bf66674931a138862b6fa2cb0b16dc2f6ddd8' into release-v0.23.0
• 695bf66 ci: gateway-conformance v0.4
• a4efea5 chore(deps): bump actions/checkout from 3 to 4
• de173df fix(commands/cid): error on CIDv0 w/ custom -b, upgrade to CIDv1 w/ custom -b...
• 600c71b chore: update version
• eb14336 Merge pull request #10148 from ipfs/fix-helia-ci
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[noslav]

@dependabot rebase

[dependabot]

Dependabot can't resolve your Go dependency files. Because of this, Dependabot cannot update this pull request.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.