build(deps): bump github.com/libp2p/go-libp2p from 0.14.0 to 6.0.23+incompatible

[dependabot]

Bumps github.com/libp2p/go-libp2p from 0.14.0 to 6.0.23+incompatible.

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.24.0

Breaking Changes

Constructor options

• removed the deprecated libp2p.DefaultStaticRelays and libp2p.StaticRelays options. Static relays can be configured as an option to libp2p.EnableAutoRelay
• libp2p.Security now requires passing in a constructor (previously, it also allowed passing in a fully constructed security transport)
• libp2p.Muxer now requires passing in a fully constructed muxer (previously, it also allowed passing in a muxer constructor)
• Removed libp2pquic.DisableReuseport and libp2pquic.WithMetrics. These options are now available in the quicreuse package (quicreuse.DisableReuseport and quicreuse.WithMetrics), and can be enabled by using the libp2p.QUICReuse option (example: libp2p.QUICReuse(quicreuse.NewConnManager, quicreuse.DisableReuseport, quicreuse.WithMetrics)).

Under the hood, we now use fx in the construction of the host, which lead to a great simplification of our setup logic (see libp2p/go-libp2p#1858 for details).

QUIC Versions

When we first rolled out QUIC support in 2020, QUIC wasn't an RFC yet (in fact, we were involved in the standardization process at the IETF!). Back then, we rolled out support for QUIC draft-29. This version is almost identical to RFC 9000, so there was never a good reason to force an update.

Now that rust-libp2p is shipping QUIC support, we decided to finally initiate the update. We do so by introducing a new multiaddress component: /ip4/1.2.3.4/udp/4001/quic now denotes a multiaddr that uses QUIC draft-29 (as it has before, we're just making it explicit now). QUIC v1 would use /ip4/1.2.3.4/udp/4001/quic-v1. We intend to keep support for QUIC draft-29 for roughly half a year, and disable listening on draft-29 addresses after that.

Depending on how you configure your node, you might need to update the addresses you're listening on (i.e. change quic => quic-v1 in the addresses, or duplicate the QUIC addresses).

🔦 Highlights

WebTransport

We added experimental WebTransport support in our last release. Since then, we're using some magic to allow running QUIC and WebTransport on the same port. This means that users who've already configured port forwarding / firewall rules for QUIC don't need to do anything to allow WebTransport connections to their node.

Optimized Stream Multiplexer Selection

When dialing a TCP connection to another libp2p node, we perform the following steps:

1. TCP 3-way handshake: 1 RTT
2. multistream-select to negotiate the security protocol (TLS 1.3 or Noise): 1 RTT
3. security handshake: 1 RTT
4. multistream-select to negotiate the stream multiplexer (yamux or mplex)

In total, this handshakes takes 4 RTTs. In this release, we optimize this handshake by inlining the stream multiplexer negotiation into the security handshake. On the wire, this looks very different for TLS 1.3 and for Noise, but the result is the same: we know which stream multiplexer to use when the handshake finishes, and can therefore save one roundtrip on every handshake. Head to the specification to learn how this works in detail.

🐞 Bugfixes since v0.23.4

• libp2p/go-libp2p#1849
• libp2p/go-libp2p#1834
• libp2p/go-libp2p#1835
• libp2p/go-libp2p#1855
• #1847
• #1852

Changelog

• github.com/libp2p/go-libp2p:
  • release v0.24.0 (#1934) (libp2p/go-libp2p#1934)
  • chore: update deps (#1932) (libp2p/go-libp2p#1932)

... (truncated)

Commits

• 9356373 gx publish 6.0.23
• f6dce9a gx publish 6.0.22
• 91514ce Merge pull request #465 from libp2p/fix/mock-race-really
• 80c5998 really fix the race in mock
• 8af9bc6 gx publish 6.0.21
• 1e38b9e Merge pull request #464 from libp2p/fix/mock-race
• 841a627 fix a data-race in the mock net
• f046774 gx publish 6.0.20
• 6a74328 Merge pull request #462 from libp2p/fix/no-custom-field
• 30e4db2 Merge pull request #463 from libp2p/fix/basic-host-test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: topic/dependencies.