[Snyk] Upgrade @ethersproject/providers from 5.0.12 to 5.6.1 #79
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade @ethersproject/providers from 5.0.12 to 5.6.1. See this package in npm: https://www.npmjs.com/package/@ethersproject/providers See this project in Snyk: https://app.snyk.io/org/synergyaffirm/project/cc912851-f4a4-4fbd-9605-aa2ec36c0b1b?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade @ethersproject/providers from 5.0.12 to 5.6.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-WS-1296835
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @ethersproject/providers
-
5.6.1 - 2022-03-16
- Fix issue with CCIP Read using wrong sender. (#2478; 5998fea, 905e98a)
-
5.6.0 - 2022-03-10
- Tweaked test case to re-order transaction after event listeners added. (fa4a290)
- Ignore errors when resolving ENS resolver properties. (d160bac)
- Enable CCIP Read for ENS resolvers. (#2478; be518c3)
- Fix missing events on certain network conditions. (#1798, #1814, #1830, #2274, #2652; f67a9a8, f46aa75)
- Added defaultProvider option to omit specific Providers. (bae215e)
- Add support for pending blocks. (#2225; 54e6e57)
- Help URLs for errors. (#2489; 38e825c, c562150)
- Added CCIP support to provider.call. (#2478; ae23bb7)
- Adjust default maxPriorityFeePerGas to 1.5 gwei. (33a029e)
- Fix contracts when name resolution fails without any checks. (#2737; c2a6a01)
- Preserve explicit chainId in JsonRpcProvider during transaction serialization. (#2691; 6807a76)
- Fixed eth_chainId response for Eip1193Bridge. (#2711; 5f26fd5)
- Remove spurious console.log from Interface. (#2714; 4e8f004)
- Allow raw WebSocket to be passed into WebSocketProvider. (#2562, #2644; 9aac785)
- Added Cloudflare Worker support. (#1886; 2d98b4f, 1651389)
- Add support for EIP-2098 compact signatures. (#2246; f26074b)
- Add EIP-2544 Wildcard support. (#2477, #2582, #2583; 83891f9)
-
5.5.3 - 2022-01-31
- Fixed case-folding in schemes for ENS avatars. (#2500; 3f5bc6d)
- Added Kintsugi network. (#2434; ab13887)
- Fix browser random in WebWorkers. (#2405; 4ba63ac)
- Add support for IPFS metadata imageUrl in getAvatar. (#2426; 3d6a7ec)
- Do not swallow ENS not supported errors. (#2387; 2f57c6a)
-
5.5.2 - 2022-01-07
- Fixed test case for getAvatar; url has moved (617714d)
- Added basic redirect support. (42784b8)
- Added arbitrum and optimism to networks and providers. (#2335; 0844de4)
- Added support for data URLs for avatar metadata. (b8391b0)
- Fixed getAvatar for unconfigured ENS names. (1e1c93e)
-
5.5.1 - 2021-12-01
- Fixed abstract Provider signature issue. (#2190; 1bd9161)
-
5.5.0 - 2021-10-20
- Added ENS avatar support to provider. (#2185; ecce861)
- Fixed splitSignature logic for verifying EIP-2930 and EIP-1559 v. (#2084; 3de1b81)
- Include events on ContractFactory deployment transactions. (#1334; ab319f2)
- admin: fixed alias script. (#1494; 8f3d71d)
- Better errors when non-string address or ENS name is passed into Contracts or provider methods. (#1051; a5c6a46)
- Use personal_sign instead of eth_sign for message signing with JsonRpcSigner; added _legacySignMessage for legacy support. (#1542, #1840; 8947fd4)
- Removed extra wordlists from the dist files. (#2058, #2077; cb43a99)
- Fix issue when Solidity method collises with JavaScript prototype. (#1432, #2054, #2120; 0a8be37)
- Add support for Cloudflare Workers. (#1886; 6582ede)
- Added more information to some invalid argument errors. (#1130; f3c6d81)
- Fix compile-time error in new TypeScript version. (bee76a4)
- Adding customData support to transactions to assist L2 chains. (#1761; 68095a4)
- Added some explicit null results to previously implicit null results for ENS. (#1850; 0e5419e)
- Added BigNumber _difficulty to Block results. (#2001, #2036; a48552a)
- Removed redundant call to normalizing blockTag (1838). (d5b41ce)
- Fixed isBytes check for invalid length or elements. (#1964; 7a404fb)
- Fixed randomBytes not rejecting NaN as a length. (#1977; f8adf82)
- Allow any Networkish for getDefaultProvider. (#2031; cc250b2)
- Stop allowing commas in fixed numbers; left over from legacy comma support. (#2083; 45f3675)
- Export FallbackProviderConfig. (#2121; 48c9e0b)
-
5.4.5 - 2021-08-27
-
5.4.4 - 2021-08-18
-
5.4.3 - 2021-07-30
-
5.4.2 - 2021-07-23
-
5.4.1 - 2021-07-03
-
5.4.0 - 2021-06-26
-
5.3.1 - 2021-06-11
-
5.3.0 - 2021-06-01
-
5.2.0 - 2021-05-20
-
5.1.2 - 2021-04-20
-
5.1.1 - 2021-04-18
-
5.1.0 - 2021-03-30
-
5.0.24 - 2021-03-08
-
5.0.23 - 2021-02-13
-
5.0.22 - 2021-02-09
-
5.0.21 - 2021-02-03
-
5.0.20 - 2021-02-01
-
5.0.19 - 2021-01-14
-
5.0.18 - 2021-01-08
-
5.0.17 - 2020-11-26
-
5.0.16 - 2020-11-24
-
5.0.15 - 2020-11-18
-
5.0.14 - 2020-10-23
-
5.0.13 - 2020-10-19
-
5.0.12 - 2020-10-08
from @ethersproject/providers GitHub release notesEmbedding UMD with SRI:
Embedding UMD with SRI:
Embedding UMD with SRI:
Embedding UMD with SRI:
Embedding UMD with SRI:
Embedding UMD with SRI:
Read more
Commit messages
Package name: @ethersproject/providers
getLogsrequests to be "too broad" and "may get dropped"? ethers-io/ethers.js#1798, ethers.js misses events when Infura is a provider because of a race condition ethers-io/ethers.js#1814, Add Filter Support with Infura provider implementation for fetching events ethers-io/ethers.js#1830, Avoid skipping of events ethers-io/ethers.js#2274, Contract event listener not firing sometimes ethers-io/ethers.js#2652).getLogsrequests to be "too broad" and "may get dropped"? ethers-io/ethers.js#1798, ethers.js misses events when Infura is a provider because of a race condition ethers-io/ethers.js#1814, Add Filter Support with Infura provider implementation for fetching events ethers-io/ethers.js#1830, Avoid skipping of events ethers-io/ethers.js#2274, Contract event listener not firing sometimes ethers-io/ethers.js#2652).console.logcall ethers-io/ethers.js#2714).Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs