Restyle [Snyk] Security upgrade axios from 0.18.1 to 0.20.0

[restyled-io]

Automated style fixes for #77, created by Restyled.

The following restylers made fixes:

• jq

To incorporate these changes, merge this Pull Request into the original. We
recommend using the Squash or Rebase strategies.

NOTE: As work continues on the original Pull Request, this process will
re-run and update (force-push) this Pull Request with updated style fixes as
necessary. If the style is fixed manually at any point (i.e. this process finds
no fixes to make), this Pull Request will be closed automatically.

Sorry if this was unexpected. To disable it, see our documentation.

[guardrails]

⚠️ We detected 130 security issues in this pull request:

Mode: paranoid | Total findings: 130 | Considered vulnerability: 130

Insecure Use of Regular Expressions (14)

Docs	Details
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 235 in 1223e7b if (!isExternalDirectCall(extDirectCall)) throw new Error('staticAnalysisCommon.js: not an external direct call Node')
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 250 in 1223e7b if (!isThisLocalCall(thisLocalCall.expression)) throw new Error('staticAnalysisCommon.js: not a this local call Node')
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 399 in 1223e7b if (!isLibraryCall(node.expression)) throw new Error('staticAnalysisCommon.js: not a library call Node')
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 587 in 1223e7b function isStorageVariableDeclaration (node: VariableDeclarationAstNode): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1002 in 1223e7b function expressionTypeDescription (node: any, typeRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1006 in 1223e7b function typeDescription (node: any, typeRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1010 in 1223e7b function nodeType (node: any, typeRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1018 in 1223e7b function memName (node: any, memNameRegex: any): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1022 in 1223e7b function operator (node: any, opRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-url-resolver/src/resolve.ts Line 87 in 1223e7b type: 'github',
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1007 in 1223e7b return new RegExp(typeRegex).test(node.typeDescriptions.typeString)
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1011 in 1223e7b return new RegExp(typeRegex).test(node.nodeType)
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1019 in 1223e7b return (node && !memNameRegex) || new RegExp(memNameRegex).test(node.name) || new RegExp(memNameRegex).test(node.memberName)
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1023 in 1223e7b return new RegExp(opRegex).test(node.operator)

More info on how to fix Insecure Use of Regular Expressions in TypeScript and JavaScript.

---

Insecure File Management (12)

Docs	Details
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 28 in 1223e7b const latestChangelog = fs.readFileSync(__dirname + '/changes.md', 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 29 in 1223e7b const oldChangelog = fs.readFileSync(__dirname + '/CHANGELOG.md', 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 33 in 1223e7b fs.unlinkSync(__dirname + '/CHANGELOG.md');
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 35 in 1223e7b fs.unlinkSync(__dirname + '/changes.md');
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 37 in 1223e7b fs.writeFileSync(__dirname + '/CHANGELOG.md', data);
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test.js Line 29 in 1223e7b inputJson.sources[shortFilename] = {content: fs.readFileSync(filename).toString()}
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test/init.js Line 16 in 1223e7b fs.readFile(filename, 'utf8', callback)
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test/init.js Line 18 in 1223e7b return fs.readFileSync(filename, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test/resources/testWeb3.js Line 6 in 1223e7b var data = init.readFile(require('path').resolve(__dirname, 'testWeb3.json'))
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-lib/test/init.js Line 16 in 1223e7b fs.readFile(filename, 'utf8', callback)
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-lib/test/init.js Line 18 in 1223e7b return fs.readFileSync(filename, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-lib/test/resources/testWeb3.js Line 6 in 1223e7b let data = init.readFile(require('path').resolve(__dirname, 'testWeb3.json'))

More info on how to fix Insecure File Management in JavaScript.

---

Vulnerable Libraries (104)

Severity	Details
Medium	acorn@5.7.3 (t) upgrade to: >5.7.3 || >6.4.0 || >7.1.0
High	bl@2.2.0 (t) upgrade to: >1.2.2 || >2.2.0 || 3.0.0 || >4.0.2
Low	onchange@3.3.0 upgrade to: >=7.1.0
Low	debug@2.6.9 (t) - no patch available
High	diff@1.4.0 (t) upgrade to: >=3.5.0
High	http-server@0.9.0 upgrade to: >=0.12.3
High	remix-solidity@0.1.12 upgrade to: >=0.0.1
Critical	growl@1.9.2 (t) upgrade to: >=1.10.2
Medium	hosted-git-info@2.7.1 (t) upgrade to: >=2.8.9 || >=3.0.8
High	http-proxy@1.17.0 (t) upgrade to: >=1.18.1
High	http-proxy-agent@1.0.0 (t) upgrade to: >2.0.0
High	https-proxy-agent@1.0.0 (t) upgrade to: >2.2.2
Low	ini@1.3.5 (t) upgrade to: >=1.3.6
Low	kind-of@3.2.2 (t) upgrade to: >6.0.2
Medium	browserslist@4.12.1 (t) upgrade to: >4.16.4
High	elliptic@6.5.3 (t) - no patch available
Low	ini@1.3.5 (t) upgrade to: >=1.3.6
High	lodash@4.17.15 (t) upgrade to: >4.17.20
High	underscore@1.9.1 (t) - no patch available
High	web3@1.2.9 - no patch available
High	ethers@4.0.47 upgrade to: >=5.3.1
High	underscore@1.9.1 (t) - no patch available
High	web3@1.2.9 - no patch available
Medium	brace-expansion@1.1.11 (t) upgrade to: >1.1.6
High	npm-install-version@6.0.2 upgrade to: >=5.0.5
Low	deep-extend@unknown (t) upgrade to: >0.5.0
High	dot-prop@unknown (t) upgrade to: >=4.2.1 || >=5.1.1
Medium	extend@unknown (t) upgrade to: >=2.0.2 || >=3.0.2
High	lodash@4.17.15 (t) upgrade to: >4.17.20
High	sshpk@unknown (t) upgrade to: >1.13.1
Medium	stringstream@unknown (t) upgrade to: >0.0.5
High	tough-cookie@unknown (t) upgrade to: >=2.3.3
Medium	browserslist@4.12.1 (t) upgrade to: >4.16.4
High	elliptic@6.5.3 (t) upgrade to: >6.5.3
High	lodash@4.17.15 (t) upgrade to: >4.17.20
Low	mocha@5.2.0 upgrade to: >=9.0.0
High	normalize-url@4.5.0 (t) upgrade to: >4.5.0 || >5.3.0 || 6.0.0
High	underscore@1.9.1 (t) - no patch available
High	web3@1.2.9 - no patch available
Critical	handlebars@unknown (t) upgrade to: >4.7.6
Medium	hosted-git-info@unknown (t) upgrade to: >=2.8.9 || >=3.0.8
High	lodash@4.17.15 (t) upgrade to: >4.17.20
Low	minimist@1.2.5 (t) upgrade to: >=0.2.1 || >=1.2.3
High	tap-spec@5.0.0 upgrade to: >=2.2.2
High	y18n@unknown (t) upgrade to: >=5.0.5
Low	nyc@13.3.0 upgrade to: >=15.1.0
High	lerna@2.11.0 upgrade to: >=4.0.0
Critical	handlebars@4.7.6 (t) upgrade to: >=4.7.7
Medium	hosted-git-info@2.8.8 (t) upgrade to: >=2.8.9 || >=3.0.8
Low	ini@1.3.5 (t) upgrade to: >=1.3.6
High	lodash@4.17.15 (t) upgrade to: >4.17.20
Low	gulp@4.0.2 upgrade to: >=3.9.1
High	y18n@3.2.1 (t) upgrade to: >=5.0.5
High	lodash@4.17.15 (t) upgrade to: >4.17.20
High	lodash.defaultsdeep@4.3.2 (t) upgrade to: >=4.6.1
Low	marked@0.6.3 (t) upgrade to: >0.6.3
High	netmask@1.0.6 (t) upgrade to: >=2.0.1
High	parsejson@0.0.3 (t) - no patch available
Medium	socket.io@1.7.4 (t) - no patch available
High	tree-kill@1.2.1 (t) upgrade to: >=1.2.2
Critical	xmlhttprequest-ssl@1.5.3 (t) - no patch available
Medium	browserslist@4.12.1 (t) upgrade to: >4.16.4
High	lodash@4.17.15 (t) upgrade to: >4.17.20
Medium	@ethersproject/signing-key@5.0.1 (t) upgrade to: >5.0.9
Medium	browserslist@4.12.1 (t) upgrade to: >4.16.4
Medium	ethers@4.0.48 (t) upgrade to: >4.0.48
Medium	is-my-json-valid@2.20.0 (t) upgrade to: >2.20.5
Medium	jsprim@1.4.1 (t) upgrade to: >1.4.1 || >2.0.1
Medium	mocha@5.2.0 upgrade to: >=9.1.3
Medium	path-parse@1.0.6 (t) upgrade to: >=1.0.7
Medium	string-width@2.1.1 (t) upgrade to: >4.1.0
High	tar@4.4.13 (t) upgrade to: >4.4.17
High	web3@1.2.9 upgrade to: >1.5.2 || >3.0.0-rc.4
High	web3-core-requestmanager@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-eth-accounts@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-eth-contract@1.2.9 (t) upgrade to: >1.3.6-rc.2 || >3.0.0-rc.4
High	web3-eth-iban@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-eth-personal@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-providers-http@1.2.9 (t) upgrade to: >1.0.0 || >1.3.5 || >3.0.0-rc.4
High	web3-providers-ipc@1.2.9 (t) upgrade to: >1.3.6-rc.2 || >=1.7.0-rc.0
High	web3-providers-ws@1.2.9 (t) upgrade to: >1.3.6-rc.2 || >3.0.0-rc.4
High	web3-shh@1.2.9 (t) upgrade to: >1.3.5
Medium	@ethersproject/signing-key@5.0.1 (t) upgrade to: >5.0.9
Medium	browserslist@4.12.1 (t) upgrade to: >4.16.4
Medium	ethers@4.0.48 (t) upgrade to: >4.0.48
Medium	is-my-json-valid@2.20.0 (t) upgrade to: >2.20.5
Medium	jsprim@1.4.1 (t) upgrade to: >1.4.1 || >2.0.1
Medium	mocha@5.2.0 upgrade to: >=9.1.3
Medium	path-parse@1.0.6 (t) upgrade to: >=1.0.7
High	tar@4.4.13 (t) upgrade to: >4.4.17
High	web3@1.2.9 (t) upgrade to: >1.5.2 || >3.0.0-rc.4
High	web3-core-requestmanager@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-eth-accounts@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-eth-contract@1.2.9 (t) upgrade to: >1.3.6-rc.2 || >3.0.0-rc.4
High	web3-eth-iban@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-eth-personal@1.2.9 (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	web3-providers-http@1.2.9 (t) upgrade to: >1.0.0 || >1.3.5 || >3.0.0-rc.4
High	web3-providers-ipc@1.2.9 (t) upgrade to: >1.3.6-rc.2 || >=1.7.0-rc.0
High	web3-providers-ws@1.2.9 (t) upgrade to: >1.3.6-rc.2 || >3.0.0-rc.4
High	web3-shh@1.2.9 (t) upgrade to: >1.3.5
High	axios@0.20.0 upgrade to: >=0.24.0
Medium	hosted-git-info@2.8.8 (t) upgrade to: >=2.8.9
High	lodash@4.17.15 (t) upgrade to: >4.17.20
Medium	standard@12.0.1 upgrade to: >=16.0.4

More info on how to fix Vulnerable Libraries in JavaScript.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.