build(deps): bump github.com/obolnetwork/charon from 0.18.0 to 0.19.0

[dependabot]

Bumps github.com/obolnetwork/charon from 0.18.0 to 0.19.0.

Release notes

Sourced from github.com/obolnetwork/charon's releases.

v0.19.0 - 2024-01-15

We are delighted to announce the release of Charon v0.19.0! This release brings bug fixes and improvements to the Charon codebase, and supports running DV clusters on the next Ethereum fork, Dencun.

While this version supports older Ethereum forks, v0.19.0 is the first release to fully support Dencun, so it is not possible to run mixed v0.18.0 and v0.19.0 clusters after the fork.

⚠️ This is an urgent release for Goerli Distributed Validator clusters. Please upgrade before 6:32 UTC on January 17, 2024. Clusters on other networks can wait and observe a smooth fork transition on Goerli first before upgrading before their network's hardfork date. ⚠️

A note on Produce Block endpoint V3

The Charon team is working towards supporting the Produce Block V3 endpoint, but in the meantime v0.19.0 will still only support V2 endpoints.

At the time of releasing not all validator clients support the new Produce Block V3 endpoint, for those that do, set the following flags on your validator client to ensure your validator asks for v2 blocks until a version of charon supports the v3 endpoint:

• Lodestar: --useProduceBlockV3=false as CLI parameter at startup
• Lighthouse: --produce-block-v3=false as CLI parameter at startup
• Teku: --Xblock-v3-enabled=false as CLI parameter at startup
• Nimbus automatically falls back to V2 endpoints

Full Changelog: v0.18.0..v0.19.0

Feature

• On-disk logging facility #2671 (#2713)
• Update charon to comply with go-eth2-client v0.19.5 #2708 (#2709)
• make final deneb changes #2729 (#2734)
• Return dependent root from validatorapi #2736 (#2748,#2739)
• Add --testnet-* flags to support custom test networks. #2690 (#2715)

Bug

• Check for active validators in the upcoming epoch instead of the current or past epoch #2721 (#2727)
• fix synthetic proposal when block not found #2695 (#2702)

Refactor

• Fix go-eth2-client v0.19.7 changes #2750 (#2751)
• Remove leadercast #2505 (#2719)

Misc

• Remove stable feature flags #2720 (#2735)

What's Changed

• [obolapi: update publish lock timeout to 30s (#2685)](ObolNetwork/charon#2685)

• [app/version: bump to v0.19-dev (#2686)](ObolNetwork/charon#2686)

• [testutil/genchangelog: generate logs for latest rc release (#2688)](ObolNetwork/charon#2688)

• [eth2wrap: fix synthetic block proposals (#2693)](ObolNetwork/charon#2693)

... (truncated)

Commits

• ea9814e app/version: bump to v0.19-rc (#2775)
• 347a7d1 build(deps): Bump github.com/attestantio/go-eth2-client from 0.19.7 to 0.19.8...
• f6a9bac build(deps): Bump google.golang.org/protobuf from 1.31.1-0.20231027082548-f4a...
• d0bd02b build(deps): Bump golang.org/x/sync from 0.5.0 to 0.6.0 (#2767)
• a197e83 build(deps): Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 (...
• 9d1e38f build(deps): Bump golang.org/x/term from 0.15.0 to 0.16.0 (#2768)
• f3e629d *: update protoc-gen-go to v1.32 (#2769)
• 76a9230 build(deps): Bump github.com/holiman/uint256 from 1.2.2 to 1.2.4 (#2754)
• 3b485e0 app/featureset: split qbft_timers_ab_test feature flag (#2762)
• 52162e4 cluster/manifest: correct load cluster error (#2759)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.