build(deps): Bump the all-go group across 5 directories with 8 updates

[dependabot]

Bumps the all-go group with 3 updates in the / directory: cloud.google.com/go/kms, golang.org/x/crypto and golang.org/x/net.
Bumps the all-go group with 1 update in the /execution/evm directory: github.com/evstack/ev-node.
Bumps the all-go group with 2 updates in the /execution/grpc directory: golang.org/x/net and github.com/evstack/ev-node.
Bumps the all-go group with 2 updates in the /test/docker-e2e directory: github.com/celestiaorg/tastora and github.com/evstack/ev-node/execution/evm.
Bumps the all-go group with 1 update in the /test/e2e directory: github.com/celestiaorg/tastora.

Updates cloud.google.com/go/kms from 1.27.0 to 1.29.0

Release notes

Sourced from cloud.google.com/go/kms's releases.

kms: v1.29.0

v1.29.0 (2026-04-13)

retail: v1.29.0

v1.29.0 (2026-04-13)

Changelog

Sourced from cloud.google.com/go/kms's changelog.

1.29.0 (2024-05-29)

Features

• documentai: Make Layout Parser generally available in V1 (#10277) (dafecc9)

1.28.1 (2024-05-16)

Documentation

• documentai: Clarify the unavailability of some features (652ba8f)
• documentai: Updated comments (292e812)

1.28.0 (2024-05-01)

Features

• documentai: A new message FoundationModelTuningOptions is added (1d757c6)
• documentai: Support Chunk header and footer in Doc AI external proto (1d757c6)

Bug Fixes

• documentai: Bump x/net to v0.24.0 (ba31ed5)

Commits

• 664da02 chore: librarian release pull request: 20260326T071503Z (#14266)
• 0b388a0 chore: create empty README.md (#14263)
• 8d67792 feat(bigquery): add tracing telemetry to Table and Routine operations (#14216)
• 54f46f7 chore: format repo metadata (#14262)
• 9b18aaf chore: format snippet metadata (#14261)
• d5a18a4 feat(firestore): add raw execute options and move options (#14259)
• 18946f1 Fspq fix stages (#14253)
• 5bf0cf4 chore: update librarian-go image SHA (#14258)
• 009dc43 chore: update image SHA (#14256)
• 5e50d57 chore: librarian generate pull request: 20260325T071032Z (#14251)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.49.0 to 0.50.0

Commits

• 03ca0dc go.mod: update golang.org/x dependencies
• 8400f4a ssh: respect signer's algorithm preference in pickSignatureAlgorithm
• 81c6cb3 ssh: swap cbcMinPaddingSize to cbcMinPacketSize to get encLength
• See full diff in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits

• a8d1fc1 go.mod: update golang.org/x dependencies
• 056ac74 quic: avoid depending on golang.org/x/sys/unix
• c85f611 http3: add http3 package for testing in std
• 805fc81 http2: add transport API tests
• e63b894 http2: support testing via net/http.Transport.RoundTrip
• 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
• 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
• 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
• 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
• 228a67a internal/http3: add CloseIdleConnections support in transport
• Additional commits viewable in compare view

Updates google.golang.org/api from 0.273.1 to 0.274.0

Release notes

Sourced from google.golang.org/api's releases.

v0.274.0

0.274.0 (2026-04-02)

Features

• all: Auto-regenerate discovery clients (#3555) (0e634ae)

Changelog

Sourced from google.golang.org/api's changelog.

0.274.0 (2026-04-02)

Features

• all: Auto-regenerate discovery clients (#3555) (0e634ae)

Commits

• 6c759a2 chore(main): release 0.274.0 (#3556)
• 0e634ae feat(all): auto-regenerate discovery clients (#3555)
• 0f75259 chore: embargo aiplatform:v1beta1 temporarily (#3554)
• See full diff in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits

• a8d1fc1 go.mod: update golang.org/x dependencies
• 056ac74 quic: avoid depending on golang.org/x/sys/unix
• c85f611 http3: add http3 package for testing in std
• 805fc81 http2: add transport API tests
• e63b894 http2: support testing via net/http.Transport.RoundTrip
• 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
• 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
• 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
• 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
• 228a67a internal/http3: add CloseIdleConnections support in transport
• Additional commits viewable in compare view

Updates github.com/evstack/ev-node from 1.0.0 to 1.1.0

Release notes

Sourced from github.com/evstack/ev-node's releases.

v1.1.0

This is a minor feature and bugfix release building on v1.0.0. It introduces AWS & GCP KMS signer backend support. Additionally several internal improvements have happened, notably publisher-mode synchronization for failover scenarios, forced inclusion namespace event subscriptions.

Upgrade from v1.0.0 is recommended for all operators for enhanced stability.

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0

v1.1.0-rc.2 (2026-04-07)

ev-node v1.1.0-rc.2

⚠️ This is a draft release. Please verify its content before publishing

This is a maintenance and reliability release candidate, containing targeted: improvements to P2P stability, failover handling, and execution layer correctness.

Operators running v1.1.0-rc.1 are encouraged to upgrade.

Tested upgrade paths

• ev-node v1.0.0-rc.1 -> ev-node v1.1.0-rc.2

---

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0-rc.2

v1.1.0-rc.1 (2026-03-31)

ev-node v1.1.0-rc.1

This is a release candidate for v1.1.0, focused on new features and stability improvements. It introduces:

• AWS & GCP KMS signer backend support
• Forced inclusion namespace event subscriptions
• Several bug fixes addressing memory management, sync reliability, and DA client resilience.

Operators running v1.0.0 are encouraged to test this release candidate before the stable v1.1.0 release.

Tested upgrade paths

• ev-node v1.0.0 -> ev-node v1.1.0-rc.1

... (truncated)

Changelog

Sourced from github.com/evstack/ev-node's changelog.

v1.1.0

No changes from v1.1.0-rc.2.

v1.1.0-rc.2

Changes

• Added publisher-mode synchronization option for failover scenarios with early P2P infrastructure readiness #3222
• Improve P2P transient network failure #3212
• Improve execution/evm check for stored meta not stale #3221

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

Commits

• 6f09600 chore: correct vm ui link and include in json benchmark result (#3234)
• 536f57e build(deps): Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.1 to 1.99...
• d2a29e8 chore: prep rc.2 (#3231)
• d163059 fix: Publisher-mode synchronization option for failover scenario (#3222)
• 04c9cad feat(pkg/p2p): reconnect on disconnected peers (#3212)
• ff88b95 build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)
• 3d5591d build(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...
• a8bd8b2 build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...
• 920f0c9 build(deps): Bump extractions/setup-just from 3 to 4 (#3227)
• 022b565 chore: Better check for stored meta not stale (#3221)
• Additional commits viewable in compare view

Updates github.com/evstack/ev-node from 1.0.0 to 1.1.0

Release notes

Sourced from github.com/evstack/ev-node's releases.

v1.1.0

This is a minor feature and bugfix release building on v1.0.0. It introduces AWS & GCP KMS signer backend support. Additionally several internal improvements have happened, notably publisher-mode synchronization for failover scenarios, forced inclusion namespace event subscriptions.

Upgrade from v1.0.0 is recommended for all operators for enhanced stability.

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0

v1.1.0-rc.2 (2026-04-07)

ev-node v1.1.0-rc.2

⚠️ This is a draft release. Please verify its content before publishing

This is a maintenance and reliability release candidate, containing targeted: improvements to P2P stability, failover handling, and execution layer correctness.

Operators running v1.1.0-rc.1 are encouraged to upgrade.

Tested upgrade paths

• ev-node v1.0.0-rc.1 -> ev-node v1.1.0-rc.2

---

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0-rc.2

v1.1.0-rc.1 (2026-03-31)

ev-node v1.1.0-rc.1

This is a release candidate for v1.1.0, focused on new features and stability improvements. It introduces:

• AWS & GCP KMS signer backend support
• Forced inclusion namespace event subscriptions
• Several bug fixes addressing memory management, sync reliability, and DA client resilience.

Operators running v1.0.0 are encouraged to test this release candidate before the stable v1.1.0 release.

Tested upgrade paths

• ev-node v1.0.0 -> ev-node v1.1.0-rc.1

... (truncated)

Changelog

Sourced from github.com/evstack/ev-node's changelog.

v1.1.0

No changes from v1.1.0-rc.2.

v1.1.0-rc.2

Changes

• Added publisher-mode synchronization option for failover scenarios with early P2P infrastructure readiness #3222
• Improve P2P transient network failure #3212
• Improve execution/evm check for stored meta not stale #3221

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

Commits

• 6f09600 chore: correct vm ui link and include in json benchmark result (#3234)
• 536f57e build(deps): Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.1 to 1.99...
• d2a29e8 chore: prep rc.2 (#3231)
• d163059 fix: Publisher-mode synchronization option for failover scenario (#3222)
• 04c9cad feat(pkg/p2p): reconnect on disconnected peers (#3212)
• ff88b95 build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)
• 3d5591d build(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...
• a8bd8b2 build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...
• 920f0c9 build(deps): Bump extractions/setup-just from 3 to 4 (#3227)
• 022b565 chore: Better check for stored meta not stale (#3221)
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits

• a8d1fc1 go.mod: update golang.org/x dependencies
• 056ac74 quic: avoid depending on golang.org/x/sys/unix
• c85f611 http3: add http3 package for testing in std
• 805fc81 http2: add transport API tests
• e63b894 http2: support testing via net/http.Transport.RoundTrip
• 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
• 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
• 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
• 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
• 228a67a internal/http3: add CloseIdleConnections support in transport
• Additional commits viewable in compare view

Updates github.com/evstack/ev-node from 1.0.0 to 1.1.0

Release notes

Sourced from github.com/evstack/ev-node's releases.

v1.1.0

This is a minor feature and bugfix release building on v1.0.0. It introduces AWS & GCP KMS signer backend support. Additionally several internal improvements have happened, notably publisher-mode synchronization for failover scenarios, forced inclusion namespace event subscriptions.

Upgrade from v1.0.0 is recommended for all operators for enhanced stability.

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0

v1.1.0-rc.2 (2026-04-07)

ev-node v1.1.0-rc.2

⚠️ This is a draft release. Please verify its content before publishing

This is a maintenance and reliability release candidate, containing targeted: improvements to P2P stability, failover handling, and execution layer correctness.

Operators running v1.1.0-rc.1 are encouraged to upgrade.

Tested upgrade paths

• ev-node v1.0.0-rc.1 -> ev-node v1.1.0-rc.2

---

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0-rc.2

v1.1.0-rc.1 (2026-03-31)

ev-node v1.1.0-rc.1

This is a release candidate for v1.1.0, focused on new features and stability improvements. It introduces:

• AWS & GCP KMS signer backend support
• Forced inclusion namespace event subscriptions
• Several bug fixes addressing memory management, sync reliability, and DA client resilience.

Operators running v1.0.0 are encouraged to test this release candidate before the stable v1.1.0 release.

Tested upgrade paths

• ev-node v1.0.0 -> ev-node v1.1.0-rc.1

... (truncated)

Changelog

Sourced from github.com/evstack/ev-node's changelog.

v1.1.0

No changes from v1.1.0-rc.2.

v1.1.0-rc.2

Changes

• Added publisher-mode synchronization option for failover scenarios with early P2P infrastructure readiness #3222
• Improve P2P transient network failure #3212
• Improve execution/evm check for stored meta not stale #3221

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

Commits

• 6f09600 chore: correct vm ui link and include in json benchmark result (#3234)
• 536f57e build(deps): Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.1 to 1.99...
• d2a29e8 chore: prep rc.2 (#3231)
• d163059 fix: Publisher-mode synchronization option for failover scenario (#3222)
• 04c9cad feat(pkg/p2p): reconnect on disconnected peers (#3212)
• ff88b95 build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)
• 3d5591d build(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...
• a8bd8b2 build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...
• 920f0c9 build(deps): Bump extractions/setup-just from 3 to 4 (#3227)
• 022b565 chore: Better check for stored meta not stale (#3221)
• Additional commits viewable in compare view

Updates github.com/evstack/ev-node from 1.0.0 to 1.1.0

Release notes

Sourced from github.com/evstack/ev-node's releases.

v1.1.0

This is a minor feature and bugfix release building on v1.0.0. It introduces AWS & GCP KMS signer backend support. Additionally several internal improvements have happened, notably publisher-mode synchronization for failover scenarios, forced inclusion namespace event subscriptions.

Upgrade from v1.0.0 is recommended for all operators for enhanced stability.

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0

v1.1.0-rc.2 (2026-04-07)

ev-node v1.1.0-rc.2

⚠️ This is a draft release. Please verify its content before publishing

This is a maintenance and reliability release candidate, containing targeted: improvements to P2P stability, failover handling, and execution layer correctness.

Operators running v1.1.0-rc.1 are encouraged to upgrade.

Tested upgrade paths

• ev-node v1.0.0-rc.1 -> ev-node v1.1.0-rc.2

---

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.2
• ghcr.io/evstack/ev-node-testapp:v1.1.0-rc.2

v1.1.0-rc.1 (2026-03-31)

ev-node v1.1.0-rc.1

This is a release candidate for v1.1.0, focused on new features and stability improvements. It introduces:

• AWS & GCP KMS signer backend support
• Forced inclusion namespace event subscriptions
• Several bug fixes addressing memory management, sync reliability, and DA client resilience.

Operators running v1.0.0 are encouraged to test this release candidate before the stable v1.1.0 release.

Tested upgrade paths

• ev-node v1.0.0 -> ev-node v1.1.0-rc.1

... (truncated)

Changelog

Sourced from github.com/evstack/ev-node's changelog.

v1.1.0

No changes from v1.1.0-rc.2.

v1.1.0-rc.2

Changes

• Added publisher-mode synchronization option for failover scenarios with early P2P infrastructure readiness #3222
• Improve P2P transient network failure #3212
• Improve execution/evm check for stored meta not stale #3221

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

Commits

• 6f09600 chore: correct vm ui link and include in json benchmark result (#3234)
• 536f57e build(deps): Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.1 to 1.99...
• d2a29e8 chore: prep rc.2 (#3231)
• d163059 fix: Publisher-mode synchronization option for failover scenario (#3222)
• 04c9cad feat(pkg/p2p): reconnect on disconnected peers (#3212)
• ff88b95 build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)
• 3d5591d build(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...
• a8bd8b2 build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...
• 920f0c9 build(deps): Bump extractions/setup-just from 3 to 4 (#3227)
• 022b565 chore: Better check for stored meta not stale (#3221)
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits

• a8d1fc1 go.mod: update golang.org/x dependencies
• 056ac74 quic: avoid depending on golang.org/x/sys/unix
• c85f611 http3: add http3 package for testing in std
• 805fc81 http2: add transport API tests
• e63b894 http2: support testing via net/http.Transport.RoundTrip
• 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
• 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
• 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
• 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
• 228a67a internal/http3: add CloseIdleConnections support in transport
• Additional commits viewable in compare view

Updates github.com/celestiaorg/tastora from 0.17.0 to 0.18.0

Release notes

Sourced from github.com/celestiaorg/tastora's releases.

v0.18.0

What's Changed

• fix: flaky TestDockerKeyringTestSuite/TestBackend by @​rootulp in celestiaorg/tastora#192
• ci: add merge_group trigger to workflows by @​rootulp in celestiaorg/tastora#193
• chore: Update CODEOWNERS by @​rootulp in celestiaorg/tastora#190
• feat: add WithBlockWaitTimeout to ChainBuilder by @​rootulp in celestiaorg/tastora#189

Full Changelog: celestiaorg/tastora@v0.17.0...v0.18.0

Commits

• 73cff81 feat: add WithBlockWaitTimeout to ChainBuilder (#189)
• cfce4f0 chore: Update CODEOWNERS (#190)
• 08cea29 Merge pull request #193 from celestiaorg/fix/add-merge-group-trigger
• 792abd0 ci: add merge_group trigger to workflows
• f46602e Merge pull request #192 from rootulp/rootulp/fix-flaky-docker-keyring-test
• 700a7ac fix: log error when dockerKeyring initialization fails in Backend()
• 3e03c33 fix(test): wait for exec completion in DockerKeyringTestSuite setup
• See full diff in compare view

Updates github.com/evstack/ev-node/execution/evm from 1.0.0 to 1.0.1

Changelog

Sourced from github.com/evstack/ev-node/execution/evm's changelog.

Changelog

[Unreleased]

Changes

• Improve reaper to sustain txs burst better #3236

v1.1.0

No changes from v1.1.0-rc.2.

v1.1.0-rc.2

Changes

• Added publisher-mode synchronization option for failover scenarios with early P2P infrastructure readiness #3222
• Improve P2P transient network failure #3212
• Improve execution/evm check for stored meta not stale #3221

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

Commits

• d163059 fix: Publisher-mode synchronization option for failover scenario (#3222)
• 04c9cad feat(pkg/p2p): reconnect on disconnected peers (#3212)
• ff88b95 build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)
• 3d5591d build(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...
• a8bd8b2 build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...
• 920f0c9 build(deps): Bump extractions/setup-just from 3 to 4 (#3227)
• 022b565 chore: Better check for stored meta not stale (#3221)
• 4840f50 chore: mixed benchmark test (#3223)
• cc9f965 ci: optimize Go and Docker layer caching (#3213)
• 4a70e0b chore: prep app for v1.1.0-rc.1 (#3220)
• Additional commits viewable in compare view

Updates github.com/libp2p/go-libp2p from 0.47.0 to 0.48.0

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.48.0

A relatively minor update. Most changes were related to internal cleanup and getting the transport interop tests running again.

🔦 Highlights

• When listening on 0.0.0.0, BasicHost.AllAddrs returns all the interface addrs of the machine. In v0.47 we'd unwittingly introduced this change, but on discussion decided to commit to it as returning all the addresses was correct. In the absence of this behaviour, there's no way for a user to get all the addrs the libp2p host is listening on. See libp2p/go-libp2p#3460 for the discussion about this. #3468
• Fix Deterministic WebTransport Key Generation for Go 1.26 #3320
• Fix mocknet: make stream deadline methods noop instead of returning error

What's Changed

• update go-netroute dependency by @​MarcoPolo in libp2p/go-libp2p#3421
• add backwards compatibility for doctur with legacy behavior by @​jpserrat in libp2p/go-libp2p#3457
• quicreuse: fix incorrect skip in TestReuseListenOnSpecificInterface by @​MarcoPolo in libp2p/go-libp2p#3417
• Update to Go 1.25 by @​MarcoPolo in libp2p/go-libp2p#3462
• refactor: apply go fix modernizers from Go 1.26 by @​gammazero in libp2p/go-libp2p#3463
• webrtc: upgrade pion deps by @​sukunrt in libp2p/go-libp2p#3469
• fix(mocknet): make stream deadline methods noop instead of returning error by @​walldiss in libp2p/go-libp2p#3471
• basichost: advertise all interface addrs for unspecified listen addrs by @​sukunrt in libp2p/go-libp2p#3468
• Bump transport interop Go toolchain by @​MarcoPolo in libp2p/go-libp2p#3477
• ci: remove go-version parameter to default to go.mod version by @​MarcoPolo in libp2p/go-libp2p#3474
• refactor(webtransport): Use keygen package for deterministic ecdsa key by @​MarcoPolo in libp2p/go-libp2p#3320
• CI: Ignore known incompatibility with webtransport versions in interop test by @​MarcoPolo in libp2p/go-libp2p#3478

New Contributors

• @​jpserrat made their first contribution in libp2p/go-libp2p#3457
• @​walldiss made their first contribution in libp2p/go-libp2p#3471

Full Changelog: libp2p/go-libp2p@v0.47.0...v0.48.0

Commits

• 062200b Release v0.48.0
• 061805d lint yaml file
• be060d7 Ignore known incompatibility with webtransport versions in interop test
• 418cf8f refactor(webtransport): Use keygen package for deterministic ecdsa key
• 93a9158 ci: remove go-version parameter to default to go.mod version
• 8bb624d Bump transport interop Go toolchain
• 7d0752e basichost: advertise all interface addrs for unspecified listen addrs (#3468)
• 67f4f58 fix(mocknet): make stream deadline methods noop instead of returning error (...
• 7198ad3 webrtc: upgrade pion deps (#3469)
• e16f35e refactor: apply go fix modernizers from Go 1.26 (#3463)
• Additional commits viewable in compare view

Updates github.com/celestiaorg/tastora from 0.17.0 to 0.18.0

Release notes

Sourced from github.com/celestiaorg/tastora's releases.

v0.18.0

What's Changed

• fix: flaky TestDockerKeyringTestSuite/TestBackend by @​rootulp in celestiaorg/tastora#192
• ci: add merge_group trigger to workflows by @​rootulp in celestiaorg/tastora#193
• chore: Update CODEOWNERS by @​rootulp in celestiaorg/tastora#190
• feat: add WithBlockWaitTimeout to ChainBuilder by @​rootulp in celestiaorg/tastora#189

Full Changelog: celestiaorg/tastora@v0.17.0...v0.18.0

Commits

• 73cff81 feat: add WithBlockWaitTimeout to ChainBuilder (#189)
• cfce4f0 chore: Update CODEOWNERS (#190)
• 08cea29 Merge pull request #193 from celestiaorg/fix/add-merge-group-trigger
• 792abd0 ci: add merge_group trigger to workflows
• f46602e Merge pull request #192 from rootulp/rootulp/fix-flaky-docker-keyring-test
• 700a7ac fix: log error when dockerKeyring initialization fails in Backend()
• 3e03c33 fix(test): wait for exec completion in DockerKeyringTestSuite setup
• See full diff in compare view

Updates github.com/libp2p/go-libp2p from 0.47.0 to 0.48.0

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.48.0

A relatively minor update. Most changes were related to inte...

Description has been truncated

[claude]

Claude finished @julienrbrt's task in 2m 1s —— View job

---

PR Review

• Gather context (reading AGENTS.md, changed files, CI status)
• Analyze dependency updates
• Review go.mod/go.sum changes
• Check for any breaking changes or compatibility issues
• Post review findings

---

Summary

This is a clean, automated dependency bump touching only go.mod and go.sum files across 5 module roots. All updates are consistent — no version skew across modules. CI is queued.

---

Notable Changes

Internal (self-referencing) module updates

• github.com/evstack/ev-node v1.0.0 → v1.1.0 (in execution/evm, execution/grpc, test/docker-e2e, test/e2e)

• github.com/evstack/ev-node/execution/evm v1.0.0 → v1.0.1 (in test/docker-e2e)

  The v1.1.0 release adds AWS/GCP KMS signer backends, forced inclusion namespace event subscriptions, publisher-mode sync for failover, P2P reconnect improvements, and several memory/sync bug fixes. This is a meaningful functional upgrade worth validating against the P2P and KMS-related integration tests.

P2P behavioral change

• github.com/libp2p/go-libp2p v0.47.0 → v0.48.0 (in test/docker-e2e)

  BasicHost.AllAddrs now returns all interface addresses when listening on 0.0.0.0 (basichost: advertise all interface addrs for unspecified listen addrs libp2p/go-libp2p#3468). This was an intentional behavior restoration — without it there was no way to enumerate all listen addresses. However, in containerized or multi-interface environments, this means nodes may advertise more addresses than before. E2E / Docker tests that assert specific advertised addresses could be affected.

Security/stability fixes

• golang.org/x/crypto v0.49.0 → v0.50.0: Fixes SSH signer algorithm preference selection in pickSignatureAlgorithm. Low-risk for this project unless SSH is used directly.
• golang.org/x/net v0.52.0 → v0.53.0: Fixes HTTP/2 transport hang on bad SETTINGS frame and hpack header field escape. Directly relevant to gRPC connections used by this project.

Cloud SDK updates

• cloud.google.com/go/kms v1.27.0 → v1.29.0: Minor KMS feature additions, consistent with ev-node v1.1.0's new GCP KMS signer.
• google.golang.org/api v0.273.1 → v0.274.0: Auto-regenerated discovery client update.
• github.com/googleapis/gax-go/v2 v2.20.0 → v2.21.0: Minor Google API client helper update.

Testing infrastructure

• github.com/celestiaorg/tastora v0.16.1-prerelease → v0.18.0 (in test/docker-e2e and test/e2e): Adds WithBlockWaitTimeout to ChainBuilder, fixes a flaky Docker keyring test. The test/e2e module upgrades from a pre-release pseudo-version directly to v0.18.0, which is fine — no intermediate breaking changes noted.

Go toolchain alignment

• All modules now consistently specify go 1.25.7 — previously execution/evm, execution/grpc, and test/docker-e2e were on 1.25.6.

---

go.sum Size Delta

The execution/evm/go.sum grew by ~120 entries (vs 58 removed). This is fully explained by ev-node v1.1.0 introducing the AWS KMS signer, which pulls in the aws-sdk-go-v2 dependency tree plus associated cloud.google.com, filippo.io, and libp2p packages not previously in that module's graph. Expected and correct.

---

Observations

Version consistency across modules	All shared dependencies use identical versions ✓
go.mod/go.sum hygiene	Clean — no leftover old entries, sums match expected upgrade paths ✓
No code changes	Pure dependency update — no logic to review ✓
libp2p AllAddrs change	May affect Docker E2E address assertions — worth confirming tests pass ⚠️
ev-node v1.1.0 transitive deps	AWS SDK now in execution/evm's graph; expected due to KMS feature, but increases binary size

Overall: LGTM pending CI green. The libp2p address advertisement behavior change is the only item to watch — if Docker E2E tests pass, this is good to merge.

[julienrbrt]

@chatton it looks like the tastora releases do not contain what we need.

[github-actions]

The latest Buf updates on your PR. Results from workflow CI / buf-check (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	⏩ skipped	✅ passed	✅ passed	Apr 14, 2026, 8:04 AM

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 61.79%. Comparing base (2b1784a) to head (3220bec).
⚠️ Report is 5 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3251   +/-   ##
=======================================
  Coverage   61.79%   61.79%           
=======================================
  Files         120      120           
  Lines       12670    12670           
=======================================
  Hits         7830     7830           
  Misses       3962     3962           
  Partials      878      878           

Flag	Coverage Δ
combined	61.79% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[julienrbrt]

cc @chatton