build(deps): Bump github.com/umee-network/umee/v4 from 4.0.0 to 4.1.0 in /price-feeder

[dependabot]

Bumps github.com/umee-network/umee/v4 from 4.0.0 to 4.1.0.

Release notes

Sourced from github.com/umee-network/umee/v4's releases.

v4.1.0

Release Notes

Release Procedure is defined in the CONTRIBUTING document.

v4.1.0

This release contains several fixes designed to make lending and borrowing more resilient during price outages. Short summary of changes is available in the Changelog

• Price Feeder V2.1.0 is recommended for use with this release. Upgrading price feeder can be done immediately by any validators who have not already switched. It does not need to be simultaneously with the chain upgrade.

Please Note:

Building from source will automatically link the libwasmvm.x86_64.so created as a part of the build process (you must build on the same host as you run the binary, or copy the libwasmvm.x86_64.so your lib directory).

If you build on system other than Linux amd64, then you need to download appropriate version of libwasmvm (eg from CosmWasm/wasmvm Releases) or build it from source (you will need Rust toolchain).

Otherwise you have to download libwasmvm. Please check Supported Platforms. Example:

wget https://raw.githubusercontent.com/CosmWasm/wasmvm/v1.1.1/internal/api/libwasmvm.$(uname -m).so -P /lib/

Upgrade instructions

• Note: Skip this step if you build binary from source and are able to properly link libwasmvm.
  • Download libwasmvm:

$ wget https://raw.githubusercontent.com/CosmWasm/wasmvm/v1.1.1/internal/api/libwasmvm.$(uname -m).so -O /lib/libwasmvm.$(uname -m).so

• Wait for software upgrade proposal to pass and trigger the chain upgrade.
• Swap binaries.
• Restart the chain.
• Ensure latest Peggo (v1.4.0) is running
• Ensure latest Price Feeder (v2.1.0) is running

You can use Cosmovisor → see instructions.

NOTE: BEFORE the upgrade, make sure the binary is working and libwasmvm is in your system. You can test it by running ./umeed-v4.1.0 --version.

Docker

Docker images are available in ghcr.io umee-network repository.

v4.1.0-rc4

... (truncated)

Changelog

Sourced from github.com/umee-network/umee/v4's changelog.

v4.1.0 - 2023-02-15

Features

• 1808 Blacklisted tokens automatically cleared from token registry if they have not yet been supplied.

Fixes

• 1812 MaxCollateralShare now works during partial oracle outages when certain conditions are safe.
• 1736 Blacklisted tokens no longer add themselves back to the oracle accept list.
• 1807 Fixes BNB ibc denom in 4.1 migration
• 1821 Allow safe leverage operations during partial oracle outages.
• 1845 Fix validator power calculation during oracle ballot counting.

v4.0.1 - 2023-02-10

Fixes

• 1800 Handle non-capitalized assets when calling the historacle data.

Commits

• 7179ad9 docs: 4.1 branch release notes (#1868)
• a2ae569 fix(oracle): power vote calculation (#1852) (#1859)
• 9ee52ca chore: change upgrade name to rc4 (#1858)
• 6874111 fix: ballot sorting (backport #1851) (#1857)
• 844532c chore: add 4.1.0-rc3 migration (backport #1846) (#1849)
• f49bae9 fix: getting bonded validator power in oracle endblocker (backport #1845) (#1...
• b0d054a rush plan name fix (#1833)
• 43253fe fix!: allow safe leverage operations during partial oracle outages (backport ...
• 0682da0 fix: skip BNB migration instead of error if no BNB denom present (#1825) (#1827)
• 60983ad fix: bnb migration (#1823) (#1824)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Dependabot tried to add @TessorNetwork/core-devs as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/TessorNetwork/nebula/pulls/34/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the teams you specified is not a collaborator of the TessorNetwork/nebula repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request

[dependabot]

The following labels could not be found: A:Automerge, T:Dependencies.