From fe4894f4482b49c9bfe93382a2409f26c6f3f712 Mon Sep 17 00:00:00 2001
From: Thane Thomson <connect@thanethomson.com>
Date: Wed, 14 Jun 2023 16:24:20 -0400
Subject: [PATCH] Release v0.34.29 (#973)

* changelog: Clean up and reorder

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* changelog: Add missing entries

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* changelog: Release v0.34.29

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* Rebuild changelog

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* version: Bump to v0.34.29

Signed-off-by: Thane Thomson <connect@thanethomson.com>

* test/e2e: Use Debian Bullseye as base image

Golang recently started offering Debian Bookworm as the default distro
for `golang:1.19`, which provides a newer version of RocksDB than what
we support in cometbft-db.

For now this pins the image to Bullseye, which is the base image we have
been using for some time now.

Signed-off-by: Thane Thomson <connect@thanethomson.com>

---------

Signed-off-by: Thane Thomson <connect@thanethomson.com>
---
 .../771-kvindexer-parsing-big-ints.md         |  2 --
 .../bug-fixes/771-pubsub-parsing-big-ints.md  |  3 --
 .../865-fix-peerstate-marshaljson.md          |  2 --
 .../bug-fixes/890-mempool-fix-cache.md        |  1 -
 .../771-kvindexer-parsing-big-ints.md         |  2 ++
 .../bug-fixes/771-pubsub-parsing-big-ints.md  |  4 +++
 .../654-rpc-rm-response-data-logs.md          |  0
 .../security-fixes/788-rpc-client-pw.md       |  3 ++
 .../794-cli-debug-kill-unsafe-cast.md         |  2 ++
 .../865-fix-peerstate-marshaljson.md          |  3 ++
 .../security-fixes/890-mempool-fix-cache.md   |  3 ++
 .changelog/v0.34.29/summary.md                |  4 +++
 CHANGELOG.md                                  | 36 +++++++++++++++++++
 test/e2e/docker/Dockerfile                    |  2 +-
 version/version.go                            |  2 +-
 15 files changed, 59 insertions(+), 10 deletions(-)
 delete mode 100644 .changelog/unreleased/bug-fixes/771-kvindexer-parsing-big-ints.md
 delete mode 100644 .changelog/unreleased/bug-fixes/771-pubsub-parsing-big-ints.md
 delete mode 100644 .changelog/unreleased/bug-fixes/865-fix-peerstate-marshaljson.md
 delete mode 100644 .changelog/unreleased/bug-fixes/890-mempool-fix-cache.md
 create mode 100644 .changelog/v0.34.29/bug-fixes/771-kvindexer-parsing-big-ints.md
 create mode 100644 .changelog/v0.34.29/bug-fixes/771-pubsub-parsing-big-ints.md
 rename .changelog/{unreleased => v0.34.29}/improvements/654-rpc-rm-response-data-logs.md (100%)
 create mode 100644 .changelog/v0.34.29/security-fixes/788-rpc-client-pw.md
 create mode 100644 .changelog/v0.34.29/security-fixes/794-cli-debug-kill-unsafe-cast.md
 create mode 100644 .changelog/v0.34.29/security-fixes/865-fix-peerstate-marshaljson.md
 create mode 100644 .changelog/v0.34.29/security-fixes/890-mempool-fix-cache.md
 create mode 100644 .changelog/v0.34.29/summary.md

diff --git a/.changelog/unreleased/bug-fixes/771-kvindexer-parsing-big-ints.md b/.changelog/unreleased/bug-fixes/771-kvindexer-parsing-big-ints.md
deleted file mode 100644
index ee6b31bf3b4..00000000000
--- a/.changelog/unreleased/bug-fixes/771-kvindexer-parsing-big-ints.md
+++ /dev/null
@@ -1,2 +0,0 @@
-- `[state/kvindex]` Querying event attributes that are bigger than int64 is now enabled.
-  ([\#771](https://github.com/cometbft/cometbft/pull/771))
\ No newline at end of file
diff --git a/.changelog/unreleased/bug-fixes/771-pubsub-parsing-big-ints.md b/.changelog/unreleased/bug-fixes/771-pubsub-parsing-big-ints.md
deleted file mode 100644
index 749b30d5b50..00000000000
--- a/.changelog/unreleased/bug-fixes/771-pubsub-parsing-big-ints.md
+++ /dev/null
@@ -1,3 +0,0 @@
-- `[pubsub]` Pubsub queries are now able to parse big integers (larger than int64). Very big floats 
-   are also properly parsed into very big integers instead of being truncated to int64. 
-  ([\#771](https://github.com/cometbft/cometbft/pull/771))
\ No newline at end of file
diff --git a/.changelog/unreleased/bug-fixes/865-fix-peerstate-marshaljson.md b/.changelog/unreleased/bug-fixes/865-fix-peerstate-marshaljson.md
deleted file mode 100644
index 318bda315c5..00000000000
--- a/.changelog/unreleased/bug-fixes/865-fix-peerstate-marshaljson.md
+++ /dev/null
@@ -1,2 +0,0 @@
-- `[consensus]` Avoid recursive call after rename to (*PeerState).MarshalJSON
-  ([\#863](https://github.com/cometbft/cometbft/pull/863))
diff --git a/.changelog/unreleased/bug-fixes/890-mempool-fix-cache.md b/.changelog/unreleased/bug-fixes/890-mempool-fix-cache.md
deleted file mode 100644
index 34dae0463a7..00000000000
--- a/.changelog/unreleased/bug-fixes/890-mempool-fix-cache.md
+++ /dev/null
@@ -1 +0,0 @@
-- `[mempool/clist_mempool]` \#890 Prevent a transaction to appear twice in the mempool  (@otrack)
diff --git a/.changelog/v0.34.29/bug-fixes/771-kvindexer-parsing-big-ints.md b/.changelog/v0.34.29/bug-fixes/771-kvindexer-parsing-big-ints.md
new file mode 100644
index 00000000000..4a0000db6d3
--- /dev/null
+++ b/.changelog/v0.34.29/bug-fixes/771-kvindexer-parsing-big-ints.md
@@ -0,0 +1,2 @@
+- `[state/kvindex]` Querying event attributes that are bigger than int64 is now
+  enabled. ([\#771](https://github.com/cometbft/cometbft/pull/771))
diff --git a/.changelog/v0.34.29/bug-fixes/771-pubsub-parsing-big-ints.md b/.changelog/v0.34.29/bug-fixes/771-pubsub-parsing-big-ints.md
new file mode 100644
index 00000000000..fc5f25a90ff
--- /dev/null
+++ b/.changelog/v0.34.29/bug-fixes/771-pubsub-parsing-big-ints.md
@@ -0,0 +1,4 @@
+- `[pubsub]` Pubsub queries are now able to parse big integers (larger than
+  int64). Very big floats are also properly parsed into very big integers
+  instead of being truncated to int64.
+  ([\#771](https://github.com/cometbft/cometbft/pull/771))
diff --git a/.changelog/unreleased/improvements/654-rpc-rm-response-data-logs.md b/.changelog/v0.34.29/improvements/654-rpc-rm-response-data-logs.md
similarity index 100%
rename from .changelog/unreleased/improvements/654-rpc-rm-response-data-logs.md
rename to .changelog/v0.34.29/improvements/654-rpc-rm-response-data-logs.md
diff --git a/.changelog/v0.34.29/security-fixes/788-rpc-client-pw.md b/.changelog/v0.34.29/security-fixes/788-rpc-client-pw.md
new file mode 100644
index 00000000000..430b7b5ac4b
--- /dev/null
+++ b/.changelog/v0.34.29/security-fixes/788-rpc-client-pw.md
@@ -0,0 +1,3 @@
+- `[rpc/jsonrpc/client]` **Low severity** - Prevent RPC
+  client credentials from being inadvertently dumped to logs
+  ([\#788](https://github.com/cometbft/cometbft/pull/788))
diff --git a/.changelog/v0.34.29/security-fixes/794-cli-debug-kill-unsafe-cast.md b/.changelog/v0.34.29/security-fixes/794-cli-debug-kill-unsafe-cast.md
new file mode 100644
index 00000000000..782eccd9d58
--- /dev/null
+++ b/.changelog/v0.34.29/security-fixes/794-cli-debug-kill-unsafe-cast.md
@@ -0,0 +1,2 @@
+- `[cmd/cometbft/commands/debug/kill]` **Low severity** - Fix unsafe int cast in
+  `debug kill` command ([\#794](https://github.com/cometbft/cometbft/pull/794))
diff --git a/.changelog/v0.34.29/security-fixes/865-fix-peerstate-marshaljson.md b/.changelog/v0.34.29/security-fixes/865-fix-peerstate-marshaljson.md
new file mode 100644
index 00000000000..fdd9172c209
--- /dev/null
+++ b/.changelog/v0.34.29/security-fixes/865-fix-peerstate-marshaljson.md
@@ -0,0 +1,3 @@
+- `[consensus]` **Low severity** - Avoid recursive call after rename to
+  `(*PeerState).MarshalJSON`
+  ([\#863](https://github.com/cometbft/cometbft/pull/863))
diff --git a/.changelog/v0.34.29/security-fixes/890-mempool-fix-cache.md b/.changelog/v0.34.29/security-fixes/890-mempool-fix-cache.md
new file mode 100644
index 00000000000..bad30efc7ab
--- /dev/null
+++ b/.changelog/v0.34.29/security-fixes/890-mempool-fix-cache.md
@@ -0,0 +1,3 @@
+- `[mempool/clist_mempool]` **Low severity** - Prevent a transaction from
+  appearing twice in the mempool
+  ([\#890](https://github.com/cometbft/cometbft/pull/890): @otrack)
diff --git a/.changelog/v0.34.29/summary.md b/.changelog/v0.34.29/summary.md
new file mode 100644
index 00000000000..7ecb2739409
--- /dev/null
+++ b/.changelog/v0.34.29/summary.md
@@ -0,0 +1,4 @@
+*June 14, 2023*
+
+Provides several minor bug fixes, as well as fixes for several low-severity
+security issues.
diff --git a/CHANGELOG.md b/CHANGELOG.md
index b89bd251530..7ecaaaa713e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,41 @@
 # CHANGELOG
 
+## v0.34.29
+
+*June 14, 2023*
+
+Provides several minor bug fixes, as well as fixes for several low-severity
+security issues.
+
+### BUG FIXES
+
+- `[state/kvindex]` Querying event attributes that are bigger than int64 is now
+  enabled. ([\#771](https://github.com/cometbft/cometbft/pull/771))
+- `[pubsub]` Pubsub queries are now able to parse big integers (larger than
+  int64). Very big floats are also properly parsed into very big integers
+  instead of being truncated to int64.
+  ([\#771](https://github.com/cometbft/cometbft/pull/771))
+
+### IMPROVEMENTS
+
+- `[rpc]` Remove response data from response failure logs in order
+  to prevent large quantities of log data from being produced
+  ([\#654](https://github.com/cometbft/cometbft/issues/654))
+
+### SECURITY FIXES
+
+- `[rpc/jsonrpc/client]` **Low severity** - Prevent RPC
+  client credentials from being inadvertently dumped to logs
+  ([\#788](https://github.com/cometbft/cometbft/pull/788))
+- `[cmd/cometbft/commands/debug/kill]` **Low severity** - Fix unsafe int cast in
+  `debug kill` command ([\#794](https://github.com/cometbft/cometbft/pull/794))
+- `[consensus]` **Low severity** - Avoid recursive call after rename to
+  `(*PeerState).MarshalJSON`
+  ([\#863](https://github.com/cometbft/cometbft/pull/863))
+- `[mempool/clist_mempool]` **Low severity** - Prevent a transaction from
+  appearing twice in the mempool
+  ([\#890](https://github.com/cometbft/cometbft/pull/890): @otrack)
+
 ## v0.34.28
 
 *April 26, 2023*
diff --git a/test/e2e/docker/Dockerfile b/test/e2e/docker/Dockerfile
index 6f0f337cf22..4e7ad3f8adf 100644
--- a/test/e2e/docker/Dockerfile
+++ b/test/e2e/docker/Dockerfile
@@ -1,7 +1,7 @@
 # We need to build in a Linux environment to support C libraries, e.g. RocksDB.
 # We use Debian instead of Alpine, so that we can use binary database packages
 # instead of spending time compiling them.
-FROM golang:1.19
+FROM golang:1.19-bullseye
 
 RUN apt-get -qq update -y && apt-get -qq upgrade -y >/dev/null
 RUN apt-get -qq install -y libleveldb-dev librocksdb-dev >/dev/null
diff --git a/version/version.go b/version/version.go
index 36c9901711b..ea80cbcf366 100644
--- a/version/version.go
+++ b/version/version.go
@@ -3,7 +3,7 @@ package version
 const (
 	// TMCoreSemVer is the used as the fallback version of CometBFT Core
 	// when not using git describe. It is formatted with semantic versioning.
-	TMCoreSemVer = "0.34.28"
+	TMCoreSemVer = "0.34.29"
 	// ABCISemVer is the semantic version of the ABCI library
 	ABCISemVer = "0.17.0"