[Snyk] Upgrade xxhash-wasm from 1.0.1 to 1.0.2

[nazarhussain]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade xxhash-wasm from 1.0.1 to 1.0.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.
• The recommended version was released a month ago, on 2022-11-02.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Cross-site Request Forgery (CSRF) SNYK-JS-FASTIFY-3136527	496/1000 Why? Recently disclosed, Has a fix available, CVSS 4.2	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: xxhash-wasm

• 1.0.2 - 2022-11-02
  
  • Add support for Typescript's nodenext module resolution (#33)
• 1.0.1 - 2022-01-19
  
  • Export data types separately + fixed bigint data type (#28)

from xxhash-wasm GitHub release notes

Commit messages

Package name: xxhash-wasm

• dbe852d v1.0.2
• e785a5e Upgrade yarn to 3.2.4
• cb68153 Update Node versions of actions
• 18c2295 Reword the v1.0.0 release message in the Readme
• aad322e Re-run yarn install to fix cache (`.yarn/install-state.gz`)
• 1986f5c Merge dependabot updates
• 2900b62 Bump minimist from 1.2.5 to 1.2.7 (Find proper types #35)
• 7551801 Upgrade dependencies
• 95a68f0 Add support for Typescript's `nodenext` module resolution (E2E tests for checking our client implementation #33)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[github-actions]

Performance Report

✔️ no performance regression detected

Full benchmark results

Benchmark suite	Current: bde7e93	Previous: a27f675	Ratio
getPubkeys - index2pubkey - req 1000 vs - 250000 vc	1.9014 ms/op	2.4102 ms/op	0.79
getPubkeys - validatorsArr - req 1000 vs - 250000 vc	63.134 us/op	83.576 us/op	0.76
BLS verify - blst-native	2.1805 ms/op	1.8587 ms/op	1.17
BLS verifyMultipleSignatures 3 - blst-native	4.4947 ms/op	3.8212 ms/op	1.18
BLS verifyMultipleSignatures 8 - blst-native	9.7204 ms/op	8.2298 ms/op	1.18
BLS verifyMultipleSignatures 32 - blst-native	35.333 ms/op	29.763 ms/op	1.19
BLS aggregatePubkeys 32 - blst-native	48.222 us/op	40.014 us/op	1.21
BLS aggregatePubkeys 128 - blst-native	189.11 us/op	154.77 us/op	1.22
getAttestationsForBlock	84.106 ms/op	102.59 ms/op	0.82
isKnown best case - 1 super set check	503.00 ns/op	435.00 ns/op	1.16
isKnown normal case - 2 super set checks	493.00 ns/op	416.00 ns/op	1.19
isKnown worse case - 16 super set checks	494.00 ns/op	418.00 ns/op	1.18
CheckpointStateCache - add get delete	8.9440 us/op	9.5430 us/op	0.94
validate gossip signedAggregateAndProof - struct	5.0306 ms/op	4.2934 ms/op	1.17
validate gossip attestation - struct	2.3759 ms/op	2.0319 ms/op	1.17
pickEth1Vote - no votes	2.1850 ms/op	2.2945 ms/op	0.95
pickEth1Vote - max votes	19.162 ms/op	24.885 ms/op	0.77
pickEth1Vote - Eth1Data hashTreeRoot value x2048	12.583 ms/op	12.174 ms/op	1.03
pickEth1Vote - Eth1Data hashTreeRoot tree x2048	20.846 ms/op	22.590 ms/op	0.92
pickEth1Vote - Eth1Data fastSerialize value x2048	1.4668 ms/op	1.7706 ms/op	0.83
pickEth1Vote - Eth1Data fastSerialize tree x2048	14.045 ms/op	15.515 ms/op	0.91
bytes32 toHexString	1.0080 us/op	1.1560 us/op	0.87
bytes32 Buffer.toString(hex)	763.00 ns/op	722.00 ns/op	1.06
bytes32 Buffer.toString(hex) from Uint8Array	1.0620 us/op	988.00 ns/op	1.07
bytes32 Buffer.toString(hex) + 0x	784.00 ns/op	729.00 ns/op	1.08
Object access 1 prop	0.38600 ns/op	0.38900 ns/op	0.99
Map access 1 prop	0.31800 ns/op	0.29400 ns/op	1.08
Object get x1000	10.982 ns/op	17.293 ns/op	0.64
Map get x1000	1.1030 ns/op	0.99900 ns/op	1.10
Object set x1000	79.944 ns/op	129.22 ns/op	0.62
Map set x1000	51.993 ns/op	80.680 ns/op	0.64
Return object 10000 times	0.44180 ns/op	0.37380 ns/op	1.18
Throw Error 10000 times	5.9568 us/op	6.0063 us/op	0.99
fastMsgIdFn sha256 / 200 bytes	4.9120 us/op	4.3180 us/op	1.14
fastMsgIdFn h32 xxhash / 200 bytes	615.00 ns/op	585.00 ns/op	1.05
fastMsgIdFn h64 xxhash / 200 bytes	864.00 ns/op	843.00 ns/op	1.02
fastMsgIdFn sha256 / 1000 bytes	15.534 us/op	13.297 us/op	1.17
fastMsgIdFn h32 xxhash / 1000 bytes	763.00 ns/op	724.00 ns/op	1.05
fastMsgIdFn h64 xxhash / 1000 bytes	971.00 ns/op	903.00 ns/op	1.08
fastMsgIdFn sha256 / 10000 bytes	133.77 us/op	113.26 us/op	1.18
fastMsgIdFn h32 xxhash / 10000 bytes	2.6120 us/op	2.4210 us/op	1.08
fastMsgIdFn h64 xxhash / 10000 bytes	1.9350 us/op	1.8980 us/op	1.02
enrSubnets - fastDeserialize 64 bits	2.8800 us/op	3.0080 us/op	0.96
enrSubnets - ssz BitVector 64 bits	842.00 ns/op	822.00 ns/op	1.02
enrSubnets - fastDeserialize 4 bits	415.00 ns/op	452.00 ns/op	0.92
enrSubnets - ssz BitVector 4 bits	862.00 ns/op	864.00 ns/op	1.00
prioritizePeers score -10:0 att 32-0.1 sync 2-0	90.514 us/op	103.33 us/op	0.88
prioritizePeers score 0:0 att 32-0.25 sync 2-0.25	139.57 us/op	123.75 us/op	1.13
prioritizePeers score 0:0 att 32-0.5 sync 2-0.5	232.35 us/op	232.27 us/op	1.00
prioritizePeers score 0:0 att 64-0.75 sync 4-0.75	351.62 us/op	488.16 us/op	0.72
prioritizePeers score 0:0 att 64-1 sync 4-1	458.09 us/op	459.43 us/op	1.00
RateTracker 1000000 limit, 1 obj count per request	198.97 ns/op	197.56 ns/op	1.01
RateTracker 1000000 limit, 2 obj count per request	150.87 ns/op	150.66 ns/op	1.00
RateTracker 1000000 limit, 4 obj count per request	134.81 ns/op	122.41 ns/op	1.10
RateTracker 1000000 limit, 8 obj count per request	122.60 ns/op	112.18 ns/op	1.09
RateTracker with prune	4.2800 us/op	4.9580 us/op	0.86
array of 16000 items push then shift	51.631 us/op	2.8493 us/op	18.12
LinkedList of 16000 items push then shift	12.720 ns/op	19.102 ns/op	0.67
array of 16000 items push then pop	228.69 ns/op	258.35 ns/op	0.89
LinkedList of 16000 items push then pop	12.291 ns/op	17.672 ns/op	0.70
array of 24000 items push then shift	77.389 us/op	3.9921 us/op	19.39
LinkedList of 24000 items push then shift	13.191 ns/op	23.929 ns/op	0.55
array of 24000 items push then pop	197.75 ns/op	236.69 ns/op	0.84
LinkedList of 24000 items push then pop	12.449 ns/op	20.212 ns/op	0.62
intersect bitArray bitLen 8	10.695 ns/op	11.862 ns/op	0.90
intersect array and set length 8	147.76 ns/op	191.86 ns/op	0.77
intersect bitArray bitLen 128	55.747 ns/op	61.943 ns/op	0.90
intersect array and set length 128	1.8921 us/op	2.4589 us/op	0.77
Buffer.concat 32 items	1.8320 ns/op	1.9920 ns/op	0.92
pass gossip attestations to forkchoice per slot	3.6385 ms/op	4.2042 ms/op	0.87
computeDeltas	4.8168 ms/op	6.4392 ms/op	0.75
computeProposerBoostScoreFromBalances	807.05 us/op	921.49 us/op	0.88
altair processAttestation - 250000 vs - 7PWei normalcase	3.3500 ms/op	4.3733 ms/op	0.77
altair processAttestation - 250000 vs - 7PWei worstcase	5.6942 ms/op	7.3524 ms/op	0.77
altair processAttestation - setStatus - 1/6 committees join	182.93 us/op	216.37 us/op	0.85
altair processAttestation - setStatus - 1/3 committees join	357.26 us/op	411.55 us/op	0.87
altair processAttestation - setStatus - 1/2 committees join	513.73 us/op	568.76 us/op	0.90
altair processAttestation - setStatus - 2/3 committees join	681.88 us/op	727.95 us/op	0.94
altair processAttestation - setStatus - 4/5 committees join	944.27 us/op	1.0107 ms/op	0.93
altair processAttestation - setStatus - 100% committees join	1.1440 ms/op	1.1993 ms/op	0.95
altair processBlock - 250000 vs - 7PWei normalcase	24.826 ms/op	30.177 ms/op	0.82
altair processBlock - 250000 vs - 7PWei normalcase hashState	37.835 ms/op	39.501 ms/op	0.96
altair processBlock - 250000 vs - 7PWei worstcase	82.106 ms/op	95.698 ms/op	0.86
altair processBlock - 250000 vs - 7PWei worstcase hashState	103.17 ms/op	105.57 ms/op	0.98
phase0 processBlock - 250000 vs - 7PWei normalcase	3.3354 ms/op	4.2404 ms/op	0.79
phase0 processBlock - 250000 vs - 7PWei worstcase	51.202 ms/op	49.054 ms/op	1.04
altair processEth1Data - 250000 vs - 7PWei normalcase	699.84 us/op	1.0308 ms/op	0.68
vc - 250000 eb 1 eth1 1 we 0 wn 0 - smpl 15	6.7420 us/op	10.148 us/op	0.66
vc - 250000 eb 0.95 eth1 0.1 we 0.05 wn 0 - smpl 219	22.150 us/op	27.046 us/op	0.82
vc - 250000 eb 0.95 eth1 0.3 we 0.05 wn 0 - smpl 42	10.297 us/op	11.745 us/op	0.88
vc - 250000 eb 0.95 eth1 0.7 we 0.05 wn 0 - smpl 18	7.2490 us/op	11.297 us/op	0.64
vc - 250000 eb 0.1 eth1 0.1 we 0 wn 0 - smpl 1020	96.946 us/op	110.05 us/op	0.88
vc - 250000 eb 0.03 eth1 0.03 we 0 wn 0 - smpl 11777	905.13 us/op	1.0843 ms/op	0.83
vc - 250000 eb 0.01 eth1 0.01 we 0 wn 0 - smpl 141069	12.004 ms/op	15.340 ms/op	0.78
vc - 250000 eb 0 eth1 0 we 0 wn 0 - smpl 250000	21.285 ms/op	26.927 ms/op	0.79
vc - 250000 eb 0 eth1 0 we 0 wn 0 nocache - smpl 250000	72.431 ms/op	89.026 ms/op	0.81
vc - 250000 eb 0 eth1 1 we 0 wn 0 - smpl 250000	36.766 ms/op	48.508 ms/op	0.76
vc - 250000 eb 0 eth1 1 we 0 wn 0 nocache - smpl 250000	122.70 ms/op	134.51 ms/op	0.91
Tree 40 250000 create	649.95 ms/op	969.11 ms/op	0.67
Tree 40 250000 get(125000)	230.94 ns/op	288.75 ns/op	0.80
Tree 40 250000 set(125000)	2.1958 us/op	3.3881 us/op	0.65
Tree 40 250000 toArray()	28.090 ms/op	36.109 ms/op	0.78
Tree 40 250000 iterate all - toArray() + loop	28.153 ms/op	36.238 ms/op	0.78
Tree 40 250000 iterate all - get(i)	115.33 ms/op	115.38 ms/op	1.00
MutableVector 250000 create	12.821 ms/op	17.405 ms/op	0.74
MutableVector 250000 get(125000)	11.059 ns/op	13.457 ns/op	0.82
MutableVector 250000 set(125000)	573.26 ns/op	846.74 ns/op	0.68
MutableVector 250000 toArray()	5.9493 ms/op	8.3288 ms/op	0.71
MutableVector 250000 iterate all - toArray() + loop	6.1127 ms/op	8.5025 ms/op	0.72
MutableVector 250000 iterate all - get(i)	2.5915 ms/op	3.4440 ms/op	0.75
Array 250000 create	5.9650 ms/op	7.6232 ms/op	0.78
Array 250000 clone - spread	3.3078 ms/op	4.4313 ms/op	0.75
Array 250000 get(125000)	1.5190 ns/op	1.7850 ns/op	0.85
Array 250000 set(125000)	1.4900 ns/op	1.7830 ns/op	0.84
Array 250000 iterate all - loop	154.49 us/op	167.86 us/op	0.92
effectiveBalanceIncrements clone Uint8Array 300000	155.42 us/op	107.26 us/op	1.45
effectiveBalanceIncrements clone MutableVector 300000	640.00 ns/op	1.3470 us/op	0.48
effectiveBalanceIncrements rw all Uint8Array 300000	248.79 us/op	252.50 us/op	0.99
effectiveBalanceIncrements rw all MutableVector 300000	146.08 ms/op	276.45 ms/op	0.53
phase0 afterProcessEpoch - 250000 vs - 7PWei	200.09 ms/op	190.42 ms/op	1.05
phase0 beforeProcessEpoch - 250000 vs - 7PWei	58.733 ms/op	112.60 ms/op	0.52
altair processEpoch - mainnet_e81889	556.65 ms/op	615.08 ms/op	0.90
mainnet_e81889 - altair beforeProcessEpoch	109.89 ms/op	155.34 ms/op	0.71
mainnet_e81889 - altair processJustificationAndFinalization	17.819 us/op	27.956 us/op	0.64
mainnet_e81889 - altair processInactivityUpdates	8.9060 ms/op	11.648 ms/op	0.76
mainnet_e81889 - altair processRewardsAndPenalties	79.975 ms/op	154.84 ms/op	0.52
mainnet_e81889 - altair processRegistryUpdates	2.7370 us/op	6.0420 us/op	0.45
mainnet_e81889 - altair processSlashings	686.00 ns/op	1.6030 us/op	0.43
mainnet_e81889 - altair processEth1DataReset	779.00 ns/op	1.5620 us/op	0.50
mainnet_e81889 - altair processEffectiveBalanceUpdates	1.9634 ms/op	2.2916 ms/op	0.86
mainnet_e81889 - altair processSlashingsReset	4.2600 us/op	9.1840 us/op	0.46
mainnet_e81889 - altair processRandaoMixesReset	4.3470 us/op	9.9200 us/op	0.44
mainnet_e81889 - altair processHistoricalRootsUpdate	756.00 ns/op	1.6070 us/op	0.47
mainnet_e81889 - altair processParticipationFlagUpdates	2.1240 us/op	5.8590 us/op	0.36
mainnet_e81889 - altair processSyncCommitteeUpdates	511.00 ns/op	1.2590 us/op	0.41
mainnet_e81889 - altair afterProcessEpoch	201.11 ms/op	197.48 ms/op	1.02
phase0 processEpoch - mainnet_e58758	495.29 ms/op	554.41 ms/op	0.89
mainnet_e58758 - phase0 beforeProcessEpoch	184.19 ms/op	257.85 ms/op	0.71
mainnet_e58758 - phase0 processJustificationAndFinalization	18.154 us/op	27.225 us/op	0.67
mainnet_e58758 - phase0 processRewardsAndPenalties	101.39 ms/op	151.04 ms/op	0.67
mainnet_e58758 - phase0 processRegistryUpdates	9.7340 us/op	11.808 us/op	0.82
mainnet_e58758 - phase0 processSlashings	609.00 ns/op	1.1600 us/op	0.53
mainnet_e58758 - phase0 processEth1DataReset	611.00 ns/op	1.2840 us/op	0.48
mainnet_e58758 - phase0 processEffectiveBalanceUpdates	2.1317 ms/op	2.9966 ms/op	0.71
mainnet_e58758 - phase0 processSlashingsReset	3.6290 us/op	7.7390 us/op	0.47
mainnet_e58758 - phase0 processRandaoMixesReset	4.4350 us/op	9.9300 us/op	0.45
mainnet_e58758 - phase0 processHistoricalRootsUpdate	692.00 ns/op	1.4410 us/op	0.48
mainnet_e58758 - phase0 processParticipationRecordUpdates	3.8640 us/op	9.5880 us/op	0.40
mainnet_e58758 - phase0 afterProcessEpoch	165.04 ms/op	163.44 ms/op	1.01
phase0 processEffectiveBalanceUpdates - 250000 normalcase	2.0051 ms/op	2.6330 ms/op	0.76
phase0 processEffectiveBalanceUpdates - 250000 worstcase 0.5	2.2182 ms/op	3.5800 ms/op	0.62
altair processInactivityUpdates - 250000 normalcase	41.124 ms/op	45.780 ms/op	0.90
altair processInactivityUpdates - 250000 worstcase	33.943 ms/op	48.024 ms/op	0.71
phase0 processRegistryUpdates - 250000 normalcase	7.0150 us/op	12.975 us/op	0.54
phase0 processRegistryUpdates - 250000 badcase_full_deposits	420.61 us/op	425.91 us/op	0.99
phase0 processRegistryUpdates - 250000 worstcase 0.5	176.29 ms/op	235.26 ms/op	0.75
altair processRewardsAndPenalties - 250000 normalcase	76.718 ms/op	97.153 ms/op	0.79
altair processRewardsAndPenalties - 250000 worstcase	110.35 ms/op	136.87 ms/op	0.81
phase0 getAttestationDeltas - 250000 normalcase	12.287 ms/op	13.862 ms/op	0.89
phase0 getAttestationDeltas - 250000 worstcase	12.108 ms/op	13.679 ms/op	0.89
phase0 processSlashings - 250000 worstcase	5.6329 ms/op	6.6113 ms/op	0.85
altair processSyncCommitteeUpdates - 250000	301.12 ms/op	297.18 ms/op	1.01
BeaconState.hashTreeRoot - No change	570.00 ns/op	541.00 ns/op	1.05
BeaconState.hashTreeRoot - 1 full validator	73.451 us/op	64.060 us/op	1.15
BeaconState.hashTreeRoot - 32 full validator	728.25 us/op	687.96 us/op	1.06
BeaconState.hashTreeRoot - 512 full validator	7.4139 ms/op	6.9610 ms/op	1.07
BeaconState.hashTreeRoot - 1 validator.effectiveBalance	92.312 us/op	82.477 us/op	1.12
BeaconState.hashTreeRoot - 32 validator.effectiveBalance	1.3083 ms/op	1.2861 ms/op	1.02
BeaconState.hashTreeRoot - 512 validator.effectiveBalance	17.550 ms/op	18.471 ms/op	0.95
BeaconState.hashTreeRoot - 1 balances	63.074 us/op	52.833 us/op	1.19
BeaconState.hashTreeRoot - 32 balances	638.03 us/op	659.44 us/op	0.97
BeaconState.hashTreeRoot - 512 balances	7.6145 ms/op	6.0713 ms/op	1.25
BeaconState.hashTreeRoot - 250000 balances	101.50 ms/op	85.666 ms/op	1.18
aggregationBits - 2048 els - zipIndexesInBitList	26.309 us/op	49.447 us/op	0.53
regular array get 100000 times	62.073 us/op	67.486 us/op	0.92
wrappedArray get 100000 times	61.212 us/op	67.375 us/op	0.91
arrayWithProxy get 100000 times	28.109 ms/op	28.662 ms/op	0.98
ssz.Root.equals	489.00 ns/op	585.00 ns/op	0.84
byteArrayEquals	473.00 ns/op	584.00 ns/op	0.81
shuffle list - 16384 els	11.324 ms/op	11.142 ms/op	1.02
shuffle list - 250000 els	169.26 ms/op	166.35 ms/op	1.02
processSlot - 1 slots	13.919 us/op	12.490 us/op	1.11
processSlot - 32 slots	2.0126 ms/op	1.7587 ms/op	1.14
getEffectiveBalanceIncrementsZeroInactive - 250000 vs - 7PWei	404.56 us/op	390.96 us/op	1.03
getCommitteeAssignments - req 1 vs - 250000 vc	5.4184 ms/op	5.3038 ms/op	1.02
getCommitteeAssignments - req 100 vs - 250000 vc	7.9811 ms/op	7.3533 ms/op	1.09
getCommitteeAssignments - req 1000 vs - 250000 vc	8.5663 ms/op	7.8098 ms/op	1.10
RootCache.getBlockRootAtSlot - 250000 vs - 7PWei	7.7300 ns/op	11.520 ns/op	0.67
state getBlockRootAtSlot - 250000 vs - 7PWei	1.1080 us/op	1.3360 us/op	0.83
computeProposers - vc 250000	18.500 ms/op	18.103 ms/op	1.02
computeEpochShuffling - vc 250000	172.86 ms/op	174.49 ms/op	0.99
getNextSyncCommittee - vc 250000	302.01 ms/op	302.22 ms/op	1.00

by benchmarkbot/action

[wemeetagain]

@nazarhussain can you please turn off snyk PRs or else configure them to also update yarn.lock?

[dapplion]

Also opening PRs with @nazarhussain personal access token is bad optics. Would prefer to be opened with a user related to the bot

[nazarhussain]

@wemeetagain @dapplion The automatic PRs are disabled for Snyk. There were few fix PRs I was creating manually from its UI to tests some configurations.