build(deps): bump the minor-updates group with 5 updates

[dependabot]

Bumps the minor-updates group with 5 updates:

Package	From	To
github.com/evstack/ev-node	1.0.0-rc.4.0.20260216131057-1da76345e4b9	1.1.0-rc.1
github.com/libp2p/go-libp2p	0.47.0	0.48.0
github.com/rs/zerolog	1.34.0	1.35.0
google.golang.org/genproto/googleapis/api	0.0.0-20260128011058-8636f8732409	0.0.0-20260316180232-0b37fe3546d5
google.golang.org/grpc	1.79.3	1.80.0

Updates github.com/evstack/ev-node from 1.0.0-rc.4.0.20260216131057-1da76345e4b9 to 1.1.0-rc.1

Release notes

Sourced from github.com/evstack/ev-node's releases.

v1.1.0-rc.1 (2026-03-31)

ev-node v1.1.0-rc.1

This is a release candidate for v1.1.0, focused on new features and stability improvements. It introduces:

• AWS & GCP KMS signer backend support
• Forced inclusion namespace event subscriptions
• Several bug fixes addressing memory management, sync reliability, and DA client resilience.

Operators running v1.0.0 are encouraged to test this release candidate before the stable v1.1.0 release.

Tested upgrade paths

• ev-node v1.0.0 -> ev-node v1.1.0-rc.1

---

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.1.0-rc.1
• ghcr.io/evstack/ev-node-grpc:v1.1.0-rc.1
• ghcr.io/evstack/ev-node-testapp:v1.1.0-rc.1

v1.0.0

A major part of the Evolve Stack has been released. Introducing the v1.0.0 release of ev-node and execution/evm. Those packages are LTS.

Full Changelog

For a complete list of all changes including new features, improvements, and bug fixes, see CHANGELOG.md.

Images

• ghcr.io/evstack/ev-node-evm:v1.0.0
• ghcr.io/evstack/ev-node-grpc:v1.0.0-rc.6
• ghcr.io/evstack/ev-node-testapp:v1.0.0

Changelog

Sourced from github.com/evstack/ev-node's changelog.

v1.1.0-rc.1

Added

• Add AWS & GCP KMS signer backend #3171
• Subscribe to forced inclusion namespace events #3146
• Display block source in sync log #3193

Fixed

• Avoid evicting yet to be processed heights #3204
• Bound Badger index cache memory to prevent growth with chain length 3209
• Refetch latest da height instead of da height +1 when P2P is offline #3201
• Fix race on startup sync. #3162
• Strict raft state. #3167
• Retry fetching the timestamp on error in da-client #3166

v1.0.0

Fixed

• Persist cache snapshot only once at shutdown to avoid Badger vlog increase. #3153

v1.0.0-rc.5

Added

• Add disaster recovery for sequencer
  • Catch up possible DA-only blocks when restarting. #3057
  • Verify DA and P2P state on restart (prevent double-signing). #3061
• Node pruning support. #2984
  • Two different sort of pruning implemented: Classic pruning (all): prunes given HEAD-n blocks from the databases, including store metadatas. Auto Storage Optimization (metadata): prunes only the state metadatas, keeps all blocks. By using one or the other, you are losing the ability to rollback or replay transactions earlier than HEAD-n. When using classic pruning, you aren't able to fetch blocks prior to HEAD-n.

Fixed

• Fix block timer to account for execution time. Previously, the block timer reset to the full block_time duration after ProduceBlock completed, making the effective interval block_time + execution_time. Now the timer subtracts elapsed execution time so blocks are produced at the configured cadence.

Changes

• Store pending blocks separately from executed blocks key. #3073
• Fixes issues with force inclusion verification on sync nodes. #3057
• Add flag to local-da to produce empty DA blocks (closer to the real system). #3057

... (truncated)

Commits

• See full diff in compare view

Updates github.com/libp2p/go-libp2p from 0.47.0 to 0.48.0

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.48.0

A relatively minor update. Most changes were related to internal cleanup and getting the transport interop tests running again.

🔦 Highlights

• When listening on 0.0.0.0, BasicHost.AllAddrs returns all the interface addrs of the machine. In v0.47 we'd unwittingly introduced this change, but on discussion decided to commit to it as returning all the addresses was correct. In the absence of this behaviour, there's no way for a user to get all the addrs the libp2p host is listening on. See libp2p/go-libp2p#3460 for the discussion about this. #3468
• Fix Deterministic WebTransport Key Generation for Go 1.26 #3320
• Fix mocknet: make stream deadline methods noop instead of returning error

What's Changed

• update go-netroute dependency by @​MarcoPolo in libp2p/go-libp2p#3421
• add backwards compatibility for doctur with legacy behavior by @​jpserrat in libp2p/go-libp2p#3457
• quicreuse: fix incorrect skip in TestReuseListenOnSpecificInterface by @​MarcoPolo in libp2p/go-libp2p#3417
• Update to Go 1.25 by @​MarcoPolo in libp2p/go-libp2p#3462
• refactor: apply go fix modernizers from Go 1.26 by @​gammazero in libp2p/go-libp2p#3463
• webrtc: upgrade pion deps by @​sukunrt in libp2p/go-libp2p#3469
• fix(mocknet): make stream deadline methods noop instead of returning error by @​walldiss in libp2p/go-libp2p#3471
• basichost: advertise all interface addrs for unspecified listen addrs by @​sukunrt in libp2p/go-libp2p#3468
• Bump transport interop Go toolchain by @​MarcoPolo in libp2p/go-libp2p#3477
• ci: remove go-version parameter to default to go.mod version by @​MarcoPolo in libp2p/go-libp2p#3474
• refactor(webtransport): Use keygen package for deterministic ecdsa key by @​MarcoPolo in libp2p/go-libp2p#3320
• CI: Ignore known incompatibility with webtransport versions in interop test by @​MarcoPolo in libp2p/go-libp2p#3478

New Contributors

• @​jpserrat made their first contribution in libp2p/go-libp2p#3457
• @​walldiss made their first contribution in libp2p/go-libp2p#3471

Full Changelog: libp2p/go-libp2p@v0.47.0...v0.48.0

Commits

• 062200b Release v0.48.0
• 061805d lint yaml file
• be060d7 Ignore known incompatibility with webtransport versions in interop test
• 418cf8f refactor(webtransport): Use keygen package for deterministic ecdsa key
• 93a9158 ci: remove go-version parameter to default to go.mod version
• 8bb624d Bump transport interop Go toolchain
• 7d0752e basichost: advertise all interface addrs for unspecified listen addrs (#3468)
• 67f4f58 fix(mocknet): make stream deadline methods noop instead of returning error (...
• 7198ad3 webrtc: upgrade pion deps (#3469)
• e16f35e refactor: apply go fix modernizers from Go 1.26 (#3463)
• Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.34.0 to 1.35.0

Commits

• 1396655 Bump CI Go matrix minimum from 1.21 to 1.23
• 4b65a2f Bump actions/cache from 4 to 5 (#741)
• b835796 Bump actions/setup-go from 5 to 6 (#742)
• 134caf8 Added sanitization of journald keys (#751)
• e133b6a Added variadic StrsV, ObjectsV, and StringersV (#752)
• 82017d8 Bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0 (#753)
• 2f5b8a9 fix: UpdateContext skips Nop and zero-value loggers (#754)
• d64c9a7 Add slog.Handler implementation for zerolog (#755)
• a0d61dc fix: return dict to Event pool (#749)
• f6fbd33 Test coverage improvements (#748)
• Additional commits viewable in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20260128011058-8636f8732409 to 0.0.0-20260316180232-0b37fe3546d5

Commits

• See full diff in compare view

Updates google.golang.org/grpc from 1.79.3 to 1.80.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.80.0

Behavior Changes

• balancer: log a warning if a balancer is registered with uppercase letters, as balancer names should be lowercase. In a future release, balancer names will be treated as case-insensitive; see #5288 for details. (#8837)
• xds: update resource error handling and re-resolution logic (#8907)
  • Re-resolve all LOGICAL_DNS clusters simultaneously when re-resolution is requested.
  • Fail all in-flight RPCs immediately upon receipt of listener or route resource errors, instead of allowing them to complete.

Bug Fixes

• xds: support the LB policy configured in LOGICAL_DNS cluster resources instead of defaulting to pick_first. (#8733)
• credentials/tls: perform per-RPC authority validation against the leaf certificate instead of the entire peer certificate chain. (#8831)
• xds: enabling A76 ring hash endpoint keys no longer causes EDS resources with invalid proxy metadata to be NACKed when HTTP CONNECT (gRFC A86) is disabled. (#8875)
• xds: validate that the sum of endpoint weights in a locality does not exceed the maximum uint32 value. (#8899)
  • Special Thanks: @​RAVEYUS
• xds: fix incorrect proto field access in the weighted round robin (WRR) configuration where blackout_period was used instead of weight_expiration_period. (#8915)
  • Special Thanks: @​gregbarasch
• xds/rbac: handle addresses with ports in IP matchers. (#8990)

New Features

• ringhash: enable gRFC A76 (endpoint hash keys and request hash headers) by default. (#8922)

Performance Improvements

• credentials/alts: pool write buffers to reduce memory allocations and usage. (#8919)
• grpc: enable the use of pooled write buffers for buffering HTTP/2 frame writes by default. This reduces memory usage when connections are idle. Use the WithSharedWriteBuffer dial option or the SharedWriteBuffer server option to disable this feature. (#8957)
• xds/priority: stop caching child LB policies removed from the configuration. This will help reduce memory and cpu usage when localities are constantly switching between priorities. (#8997)
• mem: add a faster tiered buffer pool; use the experimental mem.NewBinaryTieredBufferPool function to create such pools. (#8775)

Commits

• 397e45e Change version to 1.80.0 (#8948)
• 64ebf0a Cherry-pick #8997 to v1.80.x (#9027)
• e45ed24 xds/rbac: add additional handling for addresses with ports (#8990) (#9022)
• c78d26e Cherry-pick #8957 to v1.80.x (#9007)
• bd7cd3c grpc: enforce strict path checking for incoming requests on the server (#8987)
• b6597b3 xds/clusterimpl: use xdsConfig for updates and remove redundant fields from L...
• 1d4fa8a xds: change cdsbalancer to use update from dependency manager (#8907)
• 8f47d36 attributes: Replace internal map with linked list (#8933)
• 22e1ee8 xds: add panic recovery in xdsclient resource unmarshalling. (#8895)
• 7136e99 credentials/alts: Pool write buffers (#8919)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: T:dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.