build(deps): bump the minor-updates group across 1 directory with 4 updates

[dependabot]

Bumps the minor-updates group with 2 updates in the / directory: github.com/evstack/ev-node and golang.org/x/net.

Updates github.com/evstack/ev-node from 1.0.0-rc.4.0.20260216131057-1da76345e4b9 to 1.1.0

Release notes

Sourced from github.com/evstack/ev-node's releases.

v1.1.0

This is a minor feature and bugfix release building on v1.0.0. It introduces AWS & GCP KMS signer backend support. Additionally several internal improvements have happened, notably publisher-mode synchronization for failover scenarios, forced inclusion namespace event subscriptions.

Upgrade from v1.0.0 is recommended for all operators for enhanced stability.

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0

v1.1.0-rc.2 (2026-04-07)

ev-node v1.1.0-rc.2

⚠️ This is a draft release. Please verify its content before publishing

This is a maintenance and reliability release candidate, containing targeted: improvements to P2P stability, failover handling, and execution layer correctness.

Operators running v1.1.0-rc.1 are encouraged to upgrade.

Tested upgrade paths

• ev-node v1.0.0-rc.1 -> ev-node v1.1.0-rc.2

---

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0-rc.2

v1.1.0-rc.1 (2026-03-31)

ev-node v1.1.0-rc.1

This is a release candidate for v1.1.0, focused on new features and stability improvements. It introduces:

• AWS & GCP KMS signer backend support
• Forced inclusion namespace event subscriptions
• Several bug fixes addressing memory management, sync reliability, and DA client resilience.

Operators running v1.0.0 are encouraged to test this release candidate before the stable v1.1.0 release.

Tested upgrade paths

• ev-node v1.0.0 -> ev-node v1.1.0-rc.1

... (truncated)

Changelog

Sourced from github.com/evstack/ev-node's changelog.

v1.1.0

No changes from v1.1.0-rc.2.

v1.1.0-rc.2

Changes

• Added publisher-mode synchronization option for failover scenarios with early P2P infrastructure readiness #3222
• Improve P2P transient network failure #3212
• Improve execution/evm check for stored meta not stale #3221

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

v1.0.0

Fixed

• Persist cache snapshot only once at shutdown to avoid Badger vlog increase. #3153

v1.0.0-rc.5

Added

• Add disaster recovery for sequencer
  • Catch up possible DA-only blocks when restarting. #3057
  • Verify DA and P2P state on restart (prevent double-signing). #3061
• Node pruning support. #2984
  • Two different sort of pruning implemented: Classic pruning (all): prunes given HEAD-n blocks from the databases, including store metadatas. Auto Storage Optimization (metadata): prunes only the state metadatas, keeps all blocks. By using one or the other, you are losing the ability to rollback or replay transactions earlier than HEAD-n. When using classic pruning, you aren't able to fetch blocks prior to HEAD-n.

... (truncated)

Commits

• See full diff in compare view

Updates github.com/libp2p/go-libp2p from 0.47.0 to 0.48.0

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.48.0

A relatively minor update. Most changes were related to internal cleanup and getting the transport interop tests running again.

🔦 Highlights

• When listening on 0.0.0.0, BasicHost.AllAddrs returns all the interface addrs of the machine. In v0.47 we'd unwittingly introduced this change, but on discussion decided to commit to it as returning all the addresses was correct. In the absence of this behaviour, there's no way for a user to get all the addrs the libp2p host is listening on. See libp2p/go-libp2p#3460 for the discussion about this. #3468
• Fix Deterministic WebTransport Key Generation for Go 1.26 #3320
• Fix mocknet: make stream deadline methods noop instead of returning error

What's Changed

• update go-netroute dependency by @​MarcoPolo in libp2p/go-libp2p#3421
• add backwards compatibility for doctur with legacy behavior by @​jpserrat in libp2p/go-libp2p#3457
• quicreuse: fix incorrect skip in TestReuseListenOnSpecificInterface by @​MarcoPolo in libp2p/go-libp2p#3417
• Update to Go 1.25 by @​MarcoPolo in libp2p/go-libp2p#3462
• refactor: apply go fix modernizers from Go 1.26 by @​gammazero in libp2p/go-libp2p#3463
• webrtc: upgrade pion deps by @​sukunrt in libp2p/go-libp2p#3469
• fix(mocknet): make stream deadline methods noop instead of returning error by @​walldiss in libp2p/go-libp2p#3471
• basichost: advertise all interface addrs for unspecified listen addrs by @​sukunrt in libp2p/go-libp2p#3468
• Bump transport interop Go toolchain by @​MarcoPolo in libp2p/go-libp2p#3477
• ci: remove go-version parameter to default to go.mod version by @​MarcoPolo in libp2p/go-libp2p#3474
• refactor(webtransport): Use keygen package for deterministic ecdsa key by @​MarcoPolo in libp2p/go-libp2p#3320
• CI: Ignore known incompatibility with webtransport versions in interop test by @​MarcoPolo in libp2p/go-libp2p#3478

New Contributors

• @​jpserrat made their first contribution in libp2p/go-libp2p#3457
• @​walldiss made their first contribution in libp2p/go-libp2p#3471

Full Changelog: libp2p/go-libp2p@v0.47.0...v0.48.0

Commits

• 062200b Release v0.48.0
• 061805d lint yaml file
• be060d7 Ignore known incompatibility with webtransport versions in interop test
• 418cf8f refactor(webtransport): Use keygen package for deterministic ecdsa key
• 93a9158 ci: remove go-version parameter to default to go.mod version
• 8bb624d Bump transport interop Go toolchain
• 7d0752e basichost: advertise all interface addrs for unspecified listen addrs (#3468)
• 67f4f58 fix(mocknet): make stream deadline methods noop instead of returning error (...
• 7198ad3 webrtc: upgrade pion deps (#3469)
• e16f35e refactor: apply go fix modernizers from Go 1.26 (#3463)
• Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.34.0 to 1.35.0

Commits

• 1396655 Bump CI Go matrix minimum from 1.21 to 1.23
• 4b65a2f Bump actions/cache from 4 to 5 (#741)
• b835796 Bump actions/setup-go from 5 to 6 (#742)
• 134caf8 Added sanitization of journald keys (#751)
• e133b6a Added variadic StrsV, ObjectsV, and StringersV (#752)
• 82017d8 Bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0 (#753)
• 2f5b8a9 fix: UpdateContext skips Nop and zero-value loggers (#754)
• d64c9a7 Add slog.Handler implementation for zerolog (#755)
• a0d61dc fix: return dict to Event pool (#749)
• f6fbd33 Test coverage improvements (#748)
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits

• a8d1fc1 go.mod: update golang.org/x dependencies
• 056ac74 quic: avoid depending on golang.org/x/sys/unix
• c85f611 http3: add http3 package for testing in std
• 805fc81 http2: add transport API tests
• e63b894 http2: support testing via net/http.Transport.RoundTrip
• 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
• 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
• 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
• 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
• 228a67a internal/http3: add CloseIdleConnections support in transport
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: T:dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.