perf(hubble): improve libp2p sync

[Wazzymandias]

Motivation

• Update libp2p to latest version for bug fixes, features, and performance
  • Some specific examples include (but not limited to): batch publishing, tunable message concurrency, exported types for Message Cache to allow extension (e.g with Bloom Filter)
  • The latest release conforms to newest spec of libp2p, which has subtle but important improvements to gossipsub

Change Summary

• Updated libp2p from 6.1.0 to 13.0.0
• Enabled batch publishing for significant reduction in Network I/O

Merge Checklist

Choose all relevant options below by adding an x now or at any time before submitting for review

• PR title adheres to the conventional commits standard
• PR has a changeset
• PR has been tagged with a change label(s) (i.e. documentation, feature, bugfix, or chore)
• PR includes documentation if necessary.
• All commits have been signed

Additional Context

Before

After

---

PR-Codex overview

This PR updates dependencies, refactors PeerId imports, and improves IP family handling.

Detailed summary

• Updated Node.js version to 21 in CI workflow
• Refactored PeerId imports to use @libp2p/interface
• Improved IP family handling in ipFamilyFromString function
• Updated dependencies related to libp2p, libp2p-gossipsub, libp2p-noise, and more

The following files were skipped due to too many changes: apps/hubble/src/test/e2e/gossipNetwork.test.ts, apps/hubble/src/test/e2e/gossipNetworkBundle.test.ts, apps/hubble/src/hubble.ts, apps/hubble/src/network/p2p/gossipNode.test.ts, apps/hubble/src/network/p2p/gossipNode.ts, apps/hubble/src/network/p2p/gossipNodeWorker.ts, yarn.lock

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

[changeset-bot]

⚠️ No Changeset found

Latest commit: 68d26aa

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
hub-monorepo	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 16, 2024 2:52am

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/protobufjs@7.2.5	Install script: postinstall Source: node scripts/postinstall	packages/hub-nodejs/examples/hello-world/package.json
Install scripts	npm/bigint-buffer@1.1.5	Install script: install Source: npm run rebuild || echo "Couldn't build bindings. Non-native version used."	packages/hub-nodejs/examples/hello-world/package.json
Install scripts	npm/vue-demi@0.14.6	Install script: postinstall Source: node ./scripts/postinstall.js	apps/hubble/www/package-lock.json apps/hubble/www/package.json
Install scripts	npm/protobufjs@7.2.6	Install script: postinstall Source: node scripts/postinstall	packages/hub-nodejs/examples/hello-world/package.json

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/protobufjs@7.2.5
• @SocketSecurity ignore npm/bigint-buffer@1.1.5
• @SocketSecurity ignore npm/vue-demi@0.14.6
• @SocketSecurity ignore npm/protobufjs@7.2.6

[adityapk00]

We should keep both 20 and 21 (but can remove 18) from the matrix

[adityapk00]

we can just "await id" right, and javascript will handle both the promise and non-promise cases

[adityapk00]

Can you remove this line from this PR. We'll remove this whole concept from the DiffSync v2 PR

[adityapk00]

Pretty cool. I thought upgrading will be very messy, but looks quite managable.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/runtime@7.23.1	None	+1	275 kB	nicolo-ribaudo
npm/@ethersproject/abi@5.7.0	None	0	498 kB	ricmoo
npm/@ethersproject/abstract-provider@5.7.0	None	0	61 kB	ricmoo
npm/@ethersproject/abstract-signer@5.7.0	None	0	82.2 kB	ricmoo
npm/@ethersproject/address@5.7.0	None	0	33.1 kB	ricmoo
npm/@ethersproject/base64@5.7.0	None	0	11.3 kB	ricmoo
npm/@ethersproject/basex@5.7.0	None	0	30.1 kB	ricmoo
npm/@ethersproject/bignumber@5.7.0	None	0	143 kB	ricmoo
npm/@ethersproject/bytes@5.7.0	None	0	80.9 kB	ricmoo
npm/@ethersproject/constants@5.7.0	None	0	18.7 kB	ricmoo
npm/@ethersproject/hash@5.7.0	None	0	257 kB	ricmoo
npm/@ethersproject/hdnode@5.7.0	None	0	80.7 kB	ricmoo
npm/@ethersproject/json-wallets@5.7.0	None	+1	2.56 MB	ricmoo
npm/@ethersproject/keccak256@5.7.0	None	+1	59 kB	ricmoo
npm/@ethersproject/logger@5.7.0	None	0	69.5 kB	ricmoo
npm/@ethersproject/networks@5.7.1	None	0	47.5 kB	ricmoo
npm/@ethersproject/pbkdf2@5.7.0	None	0	17.4 kB	ricmoo
npm/@ethersproject/properties@5.7.0	None	0	31 kB	ricmoo
npm/@ethersproject/providers@5.7.2	network	+2	1.33 MB	ricmoo
npm/@ethersproject/random@5.7.0	None	0	17.3 kB	ricmoo
npm/@ethersproject/rlp@5.7.0	None	0	29.6 kB	ricmoo
npm/@ethersproject/sha2@5.7.0	None	0	21.7 kB	ricmoo
npm/@ethersproject/signing-key@5.7.0	None	0	244 kB	ricmoo
npm/@ethersproject/strings@5.7.0	None	0	119 kB	ricmoo
npm/@ethersproject/transactions@5.7.0	None	0	89.6 kB	ricmoo
npm/@ethersproject/web@5.7.1	network	0	128 kB	ricmoo
npm/@ethersproject/wordlists@5.7.0	None	0	390 kB	ricmoo
npm/@farcaster/hub-nodejs@0.10.13	eval	+1	10.9 MB	sanjayprabhu
npm/@farcaster/hub-nodejs@0.10.19	eval Transitive: environment, filesystem, network	+34	20.4 MB	ecm_merkle
npm/@farcaster/hub-web@0.4.2	eval Transitive: environment, network	+17	57.2 MB	sanjayprabhu
npm/@lit-labs/ssr-dom-shim@1.1.2	environment	0	33.7 kB	lit-robot
npm/@lit/reactive-element@1.6.3	None	0	788 kB	lit-robot
npm/@metamask/safe-event-emitter@2.0.0	None	0	7.65 kB	whymarrh
npm/@motionone/animation@10.16.3	None	+2	135 kB	popmotion
npm/@motionone/dom@10.16.4	None	+2	533 kB	popmotion
npm/@motionone/types@10.16.3	None	0	11 kB	popmotion
npm/@motionone/utils@10.16.3	None	+1	41.9 kB	popmotion
npm/@noble/curves@1.3.0	None	0	1.39 MB	paulmillr
npm/@noble/hashes@1.3.0	None	0	737 kB	paulmillr
npm/@noble/hashes@1.3.3	None	0	761 kB	paulmillr
npm/@noble/secp256k1@1.7.1	None	0	111 kB	paulmillr
npm/@protobufjs/aspromise@1.1.2	None	0	9.05 kB	dcode
npm/@scure/base@1.1.5	None	0	79.4 kB	paulmillr
npm/@stablelib/random@1.0.2	None	+3	157 kB	dchest
npm/@types/node@18.15.3	None	0	3.62 MB	types
npm/@types/node@20.10.4	None	+1	4.01 MB	types
npm/@walletconnect/jsonrpc-http-connection@1.0.7	network	+5	683 kB	gancho_walletconnect
npm/@walletconnect/jsonrpc-provider@1.0.13	None	0	103 kB	gancho_walletconnect
npm/@walletconnect/jsonrpc-types@1.0.3	None	+1	188 kB	gancho_walletconnect
npm/@walletconnect/jsonrpc-utils@1.0.8	None	+1	345 kB	gancho_walletconnect
npm/@walletconnect/safe-json@1.0.2	None	0	215 kB	gancho_walletconnect
npm/abstract-level@1.0.3	None	+3	555 kB	vweevers
npm/bn.js@5.2.1	None	0	99 kB	fanatid
npm/bs58@4.0.1	None	+1	13.9 kB	dcousens
npm/call-bind@1.0.2	None	+1	39.9 kB	ljharb
npm/catering@2.1.1	None	0	5 kB	vweevers
npm/chokidar@3.5.3	environment, filesystem	+9	239 kB	paulmillr
npm/detect-browser@5.3.0	None	0	27 kB	damonoehlman
npm/elliptic@6.5.4	None	+4	247 kB	indutny
npm/eth-rpc-errors@4.0.2	None	+1	91.3 kB	rekmarks
npm/ethereumjs-util@6.2.1	None	+14	2.35 MB	holgerd77
npm/ethjs-util@0.1.6	None	+2	244 kB	silentcicero
npm/fp-ts@1.19.3	None	0	2 MB	gcanti
npm/get-caller-file@2.0.5	None	0	4.72 kB	stefanpenner
npm/get-intrinsic@1.2.1	eval	+3	74.7 kB	ljharb
npm/glob@7.2.0	filesystem Transitive: environment	+3	75.6 kB	isaacs
npm/graceful-fs@4.2.11	environment, filesystem	0	32.5 kB	isaacs
npm/hardhat@2.19.2	environment, filesystem, network, shell Transitive: eval, unsafe	+179	75.3 MB	fvictorio
npm/has-symbols@1.0.3	None	0	20.6 kB	ljharb
npm/is-typedarray@1.0.0	None	0	4.41 kB	hughsk
npm/json-rpc-engine@6.1.0	None	0	47.4 kB	rekmarks
npm/json-rpc-random-id@1.0.1	None	0	2.12 kB	kumavis
npm/minimatch@3.1.2	None	+3	57.8 kB	isaacs
npm/module-error@1.0.2	None	0	7.28 kB	vweevers
npm/node-gyp-build@4.7.1	environment, filesystem	0	13.4 kB	mafintosh
npm/normalize-path@3.0.0	None	0	9.22 kB	jonschlinkert
npm/picomatch@2.3.1	None	0	90 kB	mrmlnc
npm/preact@10.18.1	None	0	1.27 MB	jdecroock
npm/prettier@2.8.7	environment, filesystem, unsafe	0	11.2 MB	prettier-bot
npm/qrcode@1.5.3	filesystem Transitive: environment	+23	1.63 MB	soldair
npm/queue-microtask@1.2.3	None	0	8.37 kB	feross
npm/ripemd160@2.0.2	None	+1	15.9 kB	dcousens
npm/scrypt-js@3.0.1	None	0	226 kB	ricmoo
npm/string-width@4.2.3	None	+2	58.4 kB	sindresorhus
npm/tslib@1.14.1	None	0	34 kB	typescript-bot
npm/tsx@3.12.5	Transitive: environment, eval, filesystem, network, shell, unsafe	+28	201 MB	hirokiosame
npm/tsx@3.14.0	None	0	389 kB	hirokiosame
npm/typescript@5.0.2	None	0	39.2 MB	typescript-bot
npm/typescript@5.3.3	None	0	32 MB	typescript-bot
npm/uint8arrays@3.1.1	None	+1	624 kB	achingbrain
npm/undici-types@5.25.3	None	0	72.7 kB	matteo.collina
npm/use-sync-external-store@1.2.0	environment	+3	375 kB	gnoff
npm/viem@1.16.2	network	+1	5.3 MB	jmoxey
npm/viem@1.19.13	network	+1	6.26 MB	jmoxey
npm/vitepress@1.0.0-alpha.73	filesystem, network, shell, unsafe Transitive: environment, eval	+84	249 MB	brc-dd
npm/wagmi@1.4.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+167	62.4 MB	awkweb
npm/which-typed-array@1.1.11	None	+5	108 kB	ljharb
npm/yargs-parser@20.2.4	environment, filesystem	0	120 kB	oss-bot

🚮 Removed packages: npm/@altafonte/af-multiple-button@1.2.1, npm/@altafonte/create-stencil-component@1.1.0, npm/@altafonte/tooltip@1.0.0, npm/@angular-devkit/build-angular@0.1100.7, npm/@angular/animations@11.0.5, npm/@angular/cdk@11.0.3, npm/@angular/cli@11.0.5, npm/@angular/common@11.0.5, npm/@angular/compiler-cli@11.0.5, npm/@angular/compiler@11.0.5, npm/@angular/core@11.0.5, npm/@angular/forms@11.0.5, npm/@angular/material@11.0.3, npm/@angular/platform-browser-dynamic@11.0.5, npm/@angular/platform-browser@11.0.5, npm/@angular/router@11.0.5, npm/@betterer/cli@3.1.2, npm/@betterer/eslint@3.1.2, npm/@betterer/regexp@3.1.2, npm/@capacitor/core@2.5.0, npm/@farcaster/hub-nodejs@0.11.9, npm/@ionic/core@5.5.4, npm/@material/mwc-checkbox@0.20.0, npm/@material/mwc-formfield@0.20.0, npm/@material/mwc-radio@0.20.0, npm/@material/mwc-textarea@0.20.0, npm/@material/textfield@10.0.0, npm/@sentry/browser@6.19.7, npm/@stencil/postcss@2.1.0, npm/@types/d3-array@2.12.7, npm/@types/d3-axis@2.1.6, npm/@types/d3-color@2.0.6, npm/@types/d3-dispatch@2.0.4, npm/@types/d3-ease@2.0.4, npm/@types/d3-format@2.0.5, npm/@types/d3-geo@2.0.7, npm/@types/d3-interpolate@2.0.5, npm/@types/d3-scale@3.3.5, npm/@types/d3-selection@2.0.4, npm/@types/d3-shape@2.1.7, npm/@types/d3-time@2.1.4, npm/@types/d3-transition@2.0.5, npm/@types/d3-voronoi@1.1.12, npm/@types/file-saver@2.0.7, npm/@types/jwt-decode@3.1.0, npm/@types/lodash-es@4.17.12, npm/@types/node@14.18.63, npm/@types/puppeteer@5.4.7, npm/@types/resumablejs@1.0.6, npm/@types/roman-numerals@0.3.2, npm/@types/semver@7.5.8, npm/@types/showdown@1.9.4, npm/@types/spark-md5@3.0.4, npm/@types/swiper@5.4.3, npm/@typescript-eslint/eslint-plugin@4.33.0, npm/@typescript-eslint/parser@4.33.0, npm/@vaadin/vaadin-date-picker@5.0.0, npm/alphanum-sort@1.0.2, npm/angulartics2@10.1.0, npm/axios@0.21.4, npm/commander@10.0.1, npm/copy-text-to-clipboard@3.2.0, npm/crossfilter2@1.5.4, npm/csv-stringify@6.3.4, npm/cypress-dotenv@1.2.3, npm/cypress@6.9.1, npm/d3-array@2.12.1, npm/d3-axis@2.1.0, npm/d3-color@2.0.0, npm/d3-ease@2.0.0, npm/d3-format@2.0.0, npm/d3-geo@2.0.2, npm/d3-interpolate@2.0.1, npm/d3-scale@3.3.0, npm/d3-selection@2.0.0, npm/d3-time@2.1.1, npm/d3-transition@2.0.0, npm/d3-voronoi@1.1.4, npm/date-fns@2.30.0, npm/dc@4.2.7, npm/dotenv@8.6.0, npm/eslint-config-prettier@7.2.0, npm/eslint-plugin-etc@1.5.4, npm/eslint-plugin-sonarjs@0.6.0, npm/eslint-plugin-unicorn@28.0.2, npm/eslint@7.32.0, npm/file-saver@2.0.5, npm/fs-extra@9.1.0, npm/glob@7.1.6, npm/husky@5.2.0, npm/i18next@19.9.2, npm/pino-pretty@10.0.1, npm/pino@8.11.0

View full report↗︎