build(deps): Bump the all-go group across 3 directories with 1 update

[dependabot]

Bumps the all-go group with 1 update in the / directory: github.com/celestiaorg/go-header.
Bumps the all-go group with 1 update in the /apps/evm directory: github.com/celestiaorg/go-header.
Bumps the all-go group with 1 update in the /apps/testapp directory: github.com/celestiaorg/go-header.

Updates github.com/celestiaorg/go-header from 0.8.0 to 0.8.1

Release notes

Sourced from github.com/celestiaorg/go-header's releases.

v0.8.1

What's Changed

• fix(sync): write to tail metric in newTail by @​tschuyebuhl in celestiaorg/go-header#363

New Contributors

• @​tschuyebuhl made their first contribution in celestiaorg/go-header#363

Full Changelog: celestiaorg/go-header@v0.8.0...v0.8.1

Commits

• 3ab204c write to tail metric in newTail (#363)
• See full diff in compare view

Updates github.com/celestiaorg/go-header from 0.8.0 to 0.8.1

Release notes

Sourced from github.com/celestiaorg/go-header's releases.

v0.8.1

What's Changed

• fix(sync): write to tail metric in newTail by @​tschuyebuhl in celestiaorg/go-header#363

New Contributors

• @​tschuyebuhl made their first contribution in celestiaorg/go-header#363

Full Changelog: celestiaorg/go-header@v0.8.0...v0.8.1

Commits

• 3ab204c write to tail metric in newTail (#363)
• See full diff in compare view

Updates github.com/celestiaorg/go-header from 0.8.0 to 0.8.1

Release notes

Sourced from github.com/celestiaorg/go-header's releases.

v0.8.1

What's Changed

• fix(sync): write to tail metric in newTail by @​tschuyebuhl in celestiaorg/go-header#363

New Contributors

• @​tschuyebuhl made their first contribution in celestiaorg/go-header#363

Full Changelog: celestiaorg/go-header@v0.8.0...v0.8.1

Commits

• 3ab204c write to tail metric in newTail (#363)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

The latest Buf updates on your PR. Results from workflow CI / buf-check (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	⏩ skipped	✅ passed	✅ passed	Jan 27, 2026, 10:35 AM

[claude]

Claude finished @dependabot[bot]'s task in 1m 36s —— View job

---

Comprehensive Code Review

Tasks

• Review dependency update changes
• Check CI status
• Analyze upstream changes
• Verify consistency across modules
• Analyze usage and potential impact
• Provide final assessment

---

Summary

This PR updates github.com/celestiaorg/go-header from v0.8.0 to v0.8.1 across all modules in the project. This is a patch version update that includes a bug fix for tail metric handling.

Change Analysis

1. Dependency Update Scope

The update is applied consistently across 14 files in 6 module directories:

• Root module (go.mod, go.sum)
• apps/evm/ (direct dependency)
• apps/testapp/ (direct dependency)
• apps/grpc/ (indirect dependency)
• test/e2e/ (indirect dependency)
• tools/da-debug/ (indirect dependency)
• execution/evm/ and execution/evm/test/ (go.sum only)

✅ Consistency Check: PASSED - All go.mod files show consistent version v0.8.1, and all go.sum files contain matching hashes.

2. Upstream Change Impact Assessment

The v0.8.1 release includes a single commit:

• Fix: "write to tail metric in newTail" (celestiaorg/go-header#363)

This is a metrics instrumentation fix that ensures a tail metric is properly written when creating a new tail in the sync mechanism. This is a non-breaking bug fix that improves observability.

Impact on ev-node:

• The go-header library is heavily used in ev-node's sync infrastructure (pkg/sync/sync_service.go)
• The fix improves metric reporting for header synchronization without changing any public APIs
• No code changes required in ev-node
• Risk Level: VERY LOW - This is purely a bug fix that improves internal metric tracking

3. Usage Analysis

The go-header library is a critical dependency in ev-node:

Primary usage locations:

• pkg/sync/sync_service.go:11-14 - Core sync service imports go-header components
• types/header.go:11 - Base header type definitions
• types/signed_header.go - Signed header implementation
• block/internal/syncing/p2p_handler.go - P2P synchronization handling

Purpose:
The library provides the foundation for ev-node's block header and data synchronization across the P2P network. It handles:

• Header storage and retrieval
• P2P exchange protocols
• Syncing mechanisms between nodes
• GossipSub broadcasting

4. Code Quality & Security

✅ No Breaking Changes - This is a patch version (0.8.0 → 0.8.1) following semantic versioning
✅ No API Changes - The fix is internal to the library
✅ No Security Issues - Bug fix improves observability
✅ Dependency Consistency - All modules updated uniformly
✅ Go Module Integrity - Hash checksums properly updated in all go.sum files

5. CI Status

Current CI status:

• ✅ Semantic Pull Request: PASSED
• ⏳ Main CI workflow: IN PROGRESS
• ⏳ PR checks: IN PROGRESS

The Buf checks have already passed, indicating no protobuf-related issues.

---

Recommendations

1. ✅ APPROVE AND MERGE - This is a safe, low-risk dependency update
2. ⏳ WAIT FOR CI - Wait for the main CI workflow to complete to ensure all tests pass
3. 📊 OBSERVE METRICS - After deployment, verify that tail metrics are now properly reported (this is the bug that was fixed)

---

Detailed Review Findings

Architecture & Modularity

✅ Excellent - The modular go.mod structure across apps/, test/, and tools/ is well-maintained. The dependency update respects the module boundaries and maintains version consistency.

Error Handling & Resilience

✅ No Changes Required - The bug fix in go-header improves metric reporting but doesn't affect error handling paths in ev-node.

Performance & Resource Efficiency

✅ Neutral to Positive - The metric fix may have a negligible performance improvement by ensuring metrics are written correctly, but no significant performance impact expected.

Testing & Reliability

⏳ Awaiting CI Results - The PR includes proper go.sum hash updates, which ensures reproducible builds. Waiting for CI to confirm all integration tests pass.

Documentation

✅ Good - The PR description clearly documents the upstream changes and the scope of the update. The pkg/sync/README.md documents the dependency on go-header.

---

Conclusion

This is a well-structured, low-risk dependency update that:

• Fixes a bug in metric reporting
• Maintains version consistency across all modules
• Follows semantic versioning principles
• Has no breaking changes or security concerns

Recommendation: APPROVE after CI completes successfully

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 57.98%. Comparing base (2325ace) to head (b1ab8b0).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3015   +/-   ##
=======================================
  Coverage   57.98%   57.98%           
=======================================
  Files         110      110           
  Lines       10522    10522           
=======================================
  Hits         6101     6101           
  Misses       3770     3770           
  Partials      651      651           

Flag	Coverage Δ
combined	57.98% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.