chore(deps): Bump the npm_and_yarn group across 1 directory with 6 updates

[dependabot]

Bumps the npm_and_yarn group with 5 updates in the / directory:

Package	From	To
@lit-protocol/lit-node-client	3.1.1	5.0.0
axios	0.21.4	1.6.8
@cosmjs/stargate	0.30.1	0.32.3
@lit-protocol/lit-node-client-nodejs	2.2.63	5.0.0
undici	5.28.2	5.28.4

Updates @lit-protocol/lit-node-client from 3.1.1 to 5.0.0

Release notes

Sourced from @​lit-protocol/lit-node-client's releases.

5.0.0

Breaking Changes

• Removes ipfs-http-client: resolves build issues when running in nextjs

• Now using cross-fetch instead of directly injecting node-fetch as a polyfill solution for fetch LIT-Protocol/js-sdk@22293a2

• Changes getLatestBlockhash() on the LitNodeClient to be an async method. This was previously a synchronous call. LIT-Protocol/js-sdk@83a070b

Bug Fixes

• Fixesnode-fetch not found exceptions in NextJs

• Fix to global polyfill of Buffer causing errors: LIT-Protocol/js-sdk@618fbf8

• Addition of static eth wallet auth method in lit auth client LIT-Protocol/js-sdk@05d9494

• Fix to ILitNodeClient interface compatibility LIT-Protocol/js-sdk@8efcb0f

Commits

• See full diff in compare view

Updates axios from 0.21.4 to 1.6.8

Release notes

Sourced from axios's releases.

Release v1.6.8

Release notes:

Bug Fixes

• AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
• import: use named export for EventEmitter; (7320430)
• vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

• Jay
• Dmitriy Mozgovoy
• Mitchell
• Emmanuel
• Lucas Keller
• Aditya Mogili
• Miroslav Petrov

Release v1.6.7

Release notes:

Bug Fixes

• capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

• Dmitriy Mozgovoy
• zhoulixiang

Release v1.6.6

Release notes:

Bug Fixes

• fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
• wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

• Ilya Priven
• Zao Soula

Release v1.6.5

Release notes:

Bug Fixes

• ci: refactor notify action as a job of publish action; (#6176) (0736f95)
• dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.8 (2024-03-15)

Bug Fixes

• AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
• import: use named export for EventEmitter; (7320430)
• vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

• Jay
• Dmitriy Mozgovoy
• Mitchell
• Emmanuel
• Lucas Keller
• Aditya Mogili
• Miroslav Petrov

1.6.7 (2024-01-25)

Bug Fixes

• capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

• Dmitriy Mozgovoy
• zhoulixiang

1.6.6 (2024-01-24)

Bug Fixes

• fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
• wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

• Ilya Priven
• Zao Soula

1.6.5 (2024-01-05)

Bug Fixes

• ci: refactor notify action as a job of publish action; (#6176) (0736f95)

... (truncated)

Commits

• ab3f0f9 chore(release): v1.6.8 (#6303)
• 2656612 fix(AxiosHeaders): fix AxiosHeaders conversion to an object during config mer...
• 7320430 fix(import): use named export for EventEmitter;
• 8786e0f fix(vulnerability): update follow-redirects to 1.15.6 (#6300)
• d844227 chore: update and bump deps (#6238)
• caa0625 docs: update README responseEncoding types (#6194)
• 41c4584 docs: Update README.md to point to current axios version in CDN links (#6196)
• bf6974f chore(ci): add npm tag action; (#6231)
• a52e4d9 chore(release): v1.6.7 (#6204)
• 2b69888 chore: remove unnecessary check (#6186)
• Additional commits viewable in compare view

Updates @cosmjs/stargate from 0.30.1 to 0.32.3

Changelog

Sourced from @​cosmjs/stargate's changelog.

[0.32.3] - 2024-03-08

Changed

• @​cosmjs/amino: Add IBC denom support to parseCoins and use the same implementation in all those imports:

  import { parseCoins } from "@cosmjs/proto-signing";
  // equals
  import { parseCoins } from "@cosmjs/stargate";
  // equals
  import { parseCoins } from "@cosmjs/amino";

• @​cosmjs/stargate: Let parseRawLog gracefully handle empty strings to better support Cosmos SDK 0.50 inputs. (#1564)

#1564: cosmos/cosmjs#1564

Fixed

• @​cosmjs/encoding: Avoid using replacement character in doc comment to make external tools happy. (#1570)
• @​cosmjs/cosmwasm-stargate: Use events instead of log parsing to receive information in SigningCosmWasmClient. This is required to support Cosmos SDK 0.50+ where the rawLog field is empty. (#1564)

#1564: cosmos/cosmjs#1564 #1570: cosmos/cosmjs#1570

[0.32.2] - 2023-12-19

Fixed

• @​cosmjs/stargate: Update validation of GasPrice.fromString to allow using IBC denoms as gas denom. (#1522)

#1522: cosmos/cosmjs#1522

Changed

• @​cosmjs/tendermint-rpc: Require protocol to be set in endpoint URLs (https://, http://, wss:// or ws://). Otherwise an error is raised instead of falling back to ws://. (#1527)

#1527: cosmos/cosmjs#1527

[0.32.1] - 2023-12-04

... (truncated)

Commits

• 917bd4c Set version 0.32.3
• f94b230 Merge pull request #1564 from cosmos/wasmd-0.50
• 5cfd592 Add CHANGELOG entry for logs -> events
• 5478dc2 Avoid using logs in example
• add1898 Fix more tests
• 7c68060 Fix wasm events length
• 0d83ef8 Update event handling in tests
• 65d80c2 Remove extra scripts/wasmd/setup.sh
• 874612b Let parseRawLog gracefully handle empty strings
• 188bb1f Restore first send
• Additional commits viewable in compare view

Updates @lit-protocol/lit-node-client-nodejs from 2.2.63 to 5.0.0

Release notes

Sourced from @​lit-protocol/lit-node-client-nodejs's releases.

5.0.0

Breaking Changes

• Removes ipfs-http-client: resolves build issues when running in nextjs

• Now using cross-fetch instead of directly injecting node-fetch as a polyfill solution for fetch LIT-Protocol/js-sdk@22293a2

• Changes getLatestBlockhash() on the LitNodeClient to be an async method. This was previously a synchronous call. LIT-Protocol/js-sdk@83a070b

Bug Fixes

• Fixesnode-fetch not found exceptions in NextJs

• Fix to global polyfill of Buffer causing errors: LIT-Protocol/js-sdk@618fbf8

• Addition of static eth wallet auth method in lit auth client LIT-Protocol/js-sdk@05d9494

• Fix to ILitNodeClient interface compatibility LIT-Protocol/js-sdk@8efcb0f

Cayenne

No release notes provided.

Commits

• See full diff in compare view

Updates jose from 4.15.4 to 4.15.5

Release notes

Sourced from jose's releases.

v4.15.5

Fixes

• add a maxOutputLength option to zlib inflate (1b91d88), fixes CVE-2024-28176

Changelog

Sourced from jose's changelog.

4.15.5 (2024-03-07)

Fixes

• add a maxOutputLength option to zlib inflate (1b91d88)

Commits

• 765aafd chore(release): 4.15.5
• b36e45e test: add export check to x509 pem import tests
• e839ecb test: stop testing JWE RSA1_5 Algorithm
• 1b91d88 fix: add a maxOutputLength option to zlib inflate
• 9ca2b24 build: remove release action
• f3035d8 chore: cleanup after release
• See full diff in compare view

Updates undici from 5.28.2 to 5.28.4

Release notes

Sourced from undici's releases.

v5.28.4

⚠️ Security Release ⚠️

• Fixes GHSA-m4v8-wqvr-p9f7 CVE-2024-30260
• Fixes GHSA-9qxr-qj54-h672 CVE-2024-30261

Full Changelog: nodejs/undici@v5.28.3...v5.28.4

v5.28.3

⚠️ Security Release ⚠️

Fixes:

• CVE-2024-24758 Proxy-Authorization header not cleared on cross-origin redirect in fetch

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

Commits

• fb98306 Bumped v5.28.4
• 2b39440 Merge pull request from GHSA-9qxr-qj54-h672
• 64e3402 Merge pull request from GHSA-m4v8-wqvr-p9f7
• 723c4e7 Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"
• 0e9d54b skip failing test due to Node.js changes
• e71cb4c Bumped v5.28.3
• 20c65b8 Fix tests for Node.js v20.11.0 (#2618)
• 8ec52cd Fix tests for Node.js v21 (#2609)
• d3aa574 Merge pull request from GHSA-3787-6prv-h9w3
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.