build(deps): bump github.com/cosmos/cosmos-sdk from 0.46.2 to 0.46.3

[dependabot]

Bumps github.com/cosmos/cosmos-sdk from 0.46.2 to 0.46.3.

Release notes

Sourced from github.com/cosmos/cosmos-sdk's releases.

v0.46.3

Cosmos SDK v0.46.3 Release Notes

This is a security release for the Dragonberry security advisory. Please upgrade ASAP.

Next to this, we have also included a few minor bugfixes.

Chains must add the following to their go.mod for the application:

replace github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23/go v0.8.0

Bumping the SDK version should be smooth, however, feel free to tag core devs to review your upgrading PR:

• CET: @​tac0turtle, @​okwme, @​AdityaSripal, @​colin-axner, @​julienrbrt
• EST: @​ebuchman, @​alexanderbez, @​aaronc
• PST: @​jtremback, @​nicolaslara, @​czarcas7ic, @​p0mvn
• CDT: @​ValarDragon, @​zmanian

Changelog

Sourced from github.com/cosmos/cosmos-sdk's changelog.

v0.46.3 - 2022-10-20

ATTENTION:

This is a security release for the Dragonberry security advisory.

All users should upgrade immediately.

Users must add a replace directive in their go.mod for the new ics23 package in the SDK:

replace github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23/go v8.0.0

Features

• #13435 Extend error context when a simulation fails.
• (grpc) #13485 Implement a new gRPC query, /cosmos/base/node/v1beta1/config, which provides operator configuration.
• (cli) #13147 Add the --append flag to the sign-batch CLI cmd to combine the messages and sign those txs which are created with --generate-only.
• (cli) #13454 sign-batch CLI can now read multiple transaction files.

Improvements

• #13586 Bump Tendermint to v0.34.22.
• (auth) #13460 The q auth address-by-id CLI command has been renamed to q auth address-by-acc-num to be more explicit. However, the old address-by-id version is still kept as an alias, for backwards compatibility.
• #13433 Remove dead code in cacheMergeIterator Domain().

Bug Fixes

• Implement dragonberry security patch.
  • For applying the patch please refer to the RELEASE NOTES
• (store) #13459 Don't let state listener observe the uncommitted writes.
• #12548 Prevent signing from wrong key while using multisig.

API Breaking Changes

• (server) #13485 The Application service now requires the RegisterNodeService method to be implemented.

Commits

• 6d32deb chore: bump tendermint to 0.34.22 (#13586)
• facd40d Merge pull request from GHSA-3qp7-gj37-g9rx
• 8667eba refactor: Amend #13497 (#13577)
• 86e8bcb refactor: Improve AllocateTokens (backport #13524) (#13526)
• 2e3c378 chore: CHANGELOG update (backport #13536) (#13537)
• 37912ec feat: gRPC query for operator and chain configuration (backport #13485) (#13497)
• f877870 feat: add MsgServiceRouter to Baseapp (and runtime's provideCodecs) (backport...
• cb676e2 fix: state listener could observe discarded writes (backport #13459) (#13462)
• 982b891 refactor: Improve and clarify API around AccountAddressById (backport #134...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[faddat]

We should close this

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[codecov-commenter]

Codecov Report

Merging #2565 (d0bd595) into main (5260c77) will decrease coverage by 0.03%.
The diff coverage is 50.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2565      +/-   ##
==========================================
- Coverage   78.76%   78.73%   -0.04%     
==========================================
  Files         178      178              
  Lines       12298    12289       -9     
==========================================
- Hits         9687     9676      -11     
- Misses       2188     2190       +2     
  Partials      423      423              

Impacted Files	Coverage Δ
...ps/27-interchain-accounts/controller/types/msgs.go	91.11% <ø> (-1.05%)	⬇️
...ps/27-interchain-accounts/host/keeper/handshake.go	89.06% <ø> (-0.49%)	⬇️
modules/core/keeper/grpc_query.go	0.00% <0.00%> (ø)
modules/core/02-client/keeper/grpc_query.go	68.20% <100.00%> (ø)
...les/apps/27-interchain-accounts/host/ibc_module.go	90.00% <0.00%> (-5.00%)	⬇️

[colin-axner]

Can you run go mod tidy in e2e? Tests are failing

[crodriguezvega]

Superseded by #2647.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.