Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps-dev): bump @openzeppelin/contracts-upgradeable from 3.4.2 to 4.9.3 in /packages/token-distribution #951

Closed
wants to merge 1 commit into from
Closed

chore(deps-dev): bump @openzeppelin/contracts-upgradeable from 3.4.2 to 4.9.3 in /packages/token-distribution #951

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 22, 2024

Bumps @openzeppelin/contracts-upgradeable from 3.4.2 to 4.9.3.

Release notes

Sourced from @​openzeppelin/contracts-upgradeable's releases.

v4.9.3

Note This release contains a fix for GHSA-g4vp-m682-qqmp.

  • ERC2771Context: Return the forwarder address whenever the msg.data of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes), as specified by ERC-2771. (#4481)
  • ERC2771Context: Prevent revert in _msgData() when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes). Return the full calldata in that case. (#4484)

v4.9.2

Note This release contains a fix for GHSA-wprv-93r4-jj2p.

  • MerkleProof: Fix a bug in processMultiProof and processMultiProofCalldata that allows proving arbitrary leaves if the tree contains a node with value 0 at depth 1.

v4.9.1

Note This release contains a fix for GHSA-5h3x-9wvq-w4m2.

  • Governor: Add a mechanism to restrict the address of the proposer using a suffix in the description.

v4.9.0

  • ReentrancyGuard: Add a _reentrancyGuardEntered function to expose the guard status. (#3714)
  • ERC721Wrapper: add a new extension of the ERC721 token which wraps an underlying token. Deposit and withdraw guarantee that the ownership of each token is backed by a corresponding underlying token with the same identifier. (#3863)
  • EnumerableMap: add a keys() function that returns an array containing all the keys. (#3920)
  • Governor: add a public cancel(uint256) function. (#3983)
  • Governor: Enable timestamp operation for blockchains without a stable block time. This is achieved by connecting a Governor's internal clock to match a voting token's EIP-6372 interface. (#3934)
  • Strings: add equal method. (#3774)
  • IERC5313: Add an interface for EIP-5313 that is now final. (#4013)
  • IERC4906: Add an interface for ERC-4906 that is now Final. (#4012)
  • StorageSlot: Add support for string and bytes. (#4008)
  • Votes, ERC20Votes, ERC721Votes: support timestamp checkpointing using EIP-6372. (#3934)
  • ERC4626: Add mitigation to the inflation attack through virtual shares and assets. (#3979)
  • Strings: add toString method for signed integers. (#3773)
  • ERC20Wrapper: Make the underlying variable private and add a public accessor. (#4029)
  • EIP712: add EIP-5267 support for better domain discovery. (#3969)
  • AccessControlDefaultAdminRules: Add an extension of AccessControl with additional security rules for the DEFAULT_ADMIN_ROLE. (#4009)
  • SignatureChecker: Add isValidERC1271SignatureNow for checking a signature directly against a smart contract using ERC-1271. (#3932)
  • SafeERC20: Add a forceApprove function to improve compatibility with tokens behaving like USDT. (#4067)
  • ERC1967Upgrade: removed contract-wide oz-upgrades-unsafe-allow delegatecall annotation, replaced by granular annotation in UUPSUpgradeable. (#3971)
  • ERC20Wrapper: self wrapping and deposit by the wrapper itself are now explicitly forbidden. (#4100)
  • ECDSA: optimize bytes32 computation by using assembly instead of abi.encodePacked. (#3853)
  • ERC721URIStorage: Emit ERC-4906 MetadataUpdate in _setTokenURI. (#4012)
  • ShortStrings: Added a library for handling short strings in a gas efficient way, with fallback to storage for longer strings. (#4023)
  • SignatureChecker: Allow return data length greater than 32 from EIP-1271 signers. (#4038)
  • UUPSUpgradeable: added granular oz-upgrades-unsafe-allow-reachable annotation to improve upgrade safety checks on latest version of the Upgrades Plugins (starting with @openzeppelin/upgrades-core@1.21.0). (#3971)
  • Initializable: optimize _disableInitializers by using != instead of <. (#3787)
  • Ownable2Step: make acceptOwnership public virtual to enable usecases that require overriding it. (#3960)
  • UUPSUpgradeable.sol: Change visibility to the functions upgradeTo and upgradeToAndCall from external to public. (#3959)
  • TimelockController: Add the CallSalt event to emit on operation schedule. (#4001)

... (truncated)

Changelog

Sourced from @​openzeppelin/contracts-upgradeable's changelog.

4.9.3 (2023-07-28)

  • ERC2771Context: Return the forwarder address whenever the msg.data of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes), as specified by ERC-2771. (#4481)
  • ERC2771Context: Prevent revert in _msgData() when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes). Return the full calldata in that case. (#4484)

4.9.2 (2023-06-16)

  • MerkleProof: Fix a bug in processMultiProof and processMultiProofCalldata that allows proving arbitrary leaves if the tree contains a node with value 0 at depth 1.

4.9.1 (2023-06-07)

  • Governor: Add a mechanism to restrict the address of the proposer using a suffix in the description.

4.9.0 (2023-05-23)

  • ReentrancyGuard: Add a _reentrancyGuardEntered function to expose the guard status. (#3714)
  • ERC721Wrapper: add a new extension of the ERC721 token which wraps an underlying token. Deposit and withdraw guarantee that the ownership of each token is backed by a corresponding underlying token with the same identifier. (#3863)
  • EnumerableMap: add a keys() function that returns an array containing all the keys. (#3920)
  • Governor: add a public cancel(uint256) function. (#3983)
  • Governor: Enable timestamp operation for blockchains without a stable block time. This is achieved by connecting a Governor's internal clock to match a voting token's EIP-6372 interface. (#3934)
  • Strings: add equal method. (#3774)
  • IERC5313: Add an interface for EIP-5313 that is now final. (#4013)
  • IERC4906: Add an interface for ERC-4906 that is now Final. (#4012)
  • StorageSlot: Add support for string and bytes. (#4008)
  • Votes, ERC20Votes, ERC721Votes: support timestamp checkpointing using EIP-6372. (#3934)
  • ERC4626: Add mitigation to the inflation attack through virtual shares and assets. (#3979)
  • Strings: add toString method for signed integers. (#3773)
  • ERC20Wrapper: Make the underlying variable private and add a public accessor. (#4029)
  • EIP712: add EIP-5267 support for better domain discovery. (#3969)
  • AccessControlDefaultAdminRules: Add an extension of AccessControl with additional security rules for the DEFAULT_ADMIN_ROLE. (#4009)
  • SignatureChecker: Add isValidERC1271SignatureNow for checking a signature directly against a smart contract using ERC-1271. (#3932)
  • SafeERC20: Add a forceApprove function to improve compatibility with tokens behaving like USDT. (#4067)
  • ERC1967Upgrade: removed contract-wide oz-upgrades-unsafe-allow delegatecall annotation, replaced by granular annotation in UUPSUpgradeable. (#3971)
  • ERC20Wrapper: self wrapping and deposit by the wrapper itself are now explicitly forbidden. (#4100)
  • ECDSA: optimize bytes32 computation by using assembly instead of abi.encodePacked. (#3853)
  • ERC721URIStorage: Emit ERC-4906 MetadataUpdate in _setTokenURI. (#4012)
  • ShortStrings: Added a library for handling short strings in a gas efficient way, with fallback to storage for longer strings. (#4023)
  • SignatureChecker: Allow return data length greater than 32 from EIP-1271 signers. (#4038)
  • UUPSUpgradeable: added granular oz-upgrades-unsafe-allow-reachable annotation to improve upgrade safety checks on latest version of the Upgrades Plugins (starting with @openzeppelin/upgrades-core@1.21.0). (#3971)
  • Initializable: optimize _disableInitializers by using != instead of <. (#3787)
  • Ownable2Step: make acceptOwnership public virtual to enable usecases that require overriding it. (#3960)
  • UUPSUpgradeable.sol: Change visibility to the functions upgradeTo and upgradeToAndCall from external to public. (#3959)
  • TimelockController: Add the CallSalt event to emit on operation schedule. (#4001)
  • Reformatted codebase with latest version of Prettier Solidity. (#3898)
  • Math: optimize log256 rounding check. (#3745)
  • ERC20Votes: optimize by using unchecked arithmetic. (#3748)
  • Multicall: annotate multicall function as upgrade safe to not raise a flag for its delegatecall. (#3961)
  • ERC20Pausable, ERC721Pausable, ERC1155Pausable: Add note regarding missing public pausing functionality (#4007)
  • ECDSA: Add a function toDataWithIntendedValidatorHash that encodes data with version 0x00 following EIP-191. (#4063)
  • MerkleProof: optimize by using unchecked arithmetic. (#3745)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps-dev): bump @openzeppelin/contracts-upgradeable
49783a9 
Bumps [@openzeppelin/contracts-upgradeable](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable) from 3.4.2 to 4.9.3.
- [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/releases)
- [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/v4.9.3/CHANGELOG.md)
- [Commits](OpenZeppelin/openzeppelin-contracts-upgradeable@v3.4.2...v4.9.3)

---
updated-dependencies:
- dependency-name: "@openzeppelin/contracts-upgradeable"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 22, 2024
@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/common-tags@1.8.2 None 0 228 kB fatfisz
npm/component-emitter@1.3.1 None 0 6.3 kB sindresorhus
npm/concat-map@0.0.1 None 0 4.86 kB substack
npm/content-type@1.0.5 None 0 10.5 kB dougwilson
npm/convert-source-map@2.0.0 None 0 15.9 kB phated
npm/cookie-signature@1.0.6 None 0 3.94 kB natevw
npm/core-js@2.6.12 environment, eval, filesystem 0 2.26 MB zloirock
npm/cors@2.8.5 None +2 34.2 kB dougwilson
npm/crc-32@1.2.2 None 0 31 kB sheetjs
npm/create-ecdh@4.0.4 None +8 300 kB cwmma
npm/create-hash@1.2.0 None +6 97.8 kB cwmma
npm/create-hmac@1.1.7 None +7 104 kB cwmma
npm/create-require@1.1.1 filesystem, unsafe 0 6.25 kB pi0
npm/crypto-browserify@3.12.0 None +33 832 kB cwmma
npm/d@1.0.1 Transitive: eval +4 452 kB medikoo
npm/debug@4.3.4 environment +1 49.2 kB qix
npm/decamelize-keys@1.1.1 None +2 9.49 kB sindresorhus
npm/decamelize@1.2.0 None 0 2.94 kB sindresorhus
npm/decode-uri-component@0.2.2 None 0 6.09 kB samverschueren
npm/decompress-response@6.0.0 None +1 11.5 kB sindresorhus
npm/deep-is@0.1.4 None 0 8.11 kB thlorenz
npm/default-browser-id@3.0.0 filesystem +1 6.47 kB sindresorhus
npm/defaults@1.0.4 None +1 15 kB sindresorhus
npm/define-data-property@1.1.4 Transitive: eval +8 179 kB ljharb
npm/define-properties@1.2.1 Transitive: eval +11 230 kB ljharb
npm/delayed-stream@1.0.0 None 0 8.02 kB apechimp
npm/depd@2.0.0 environment, eval 0 27.1 kB dougwilson
npm/des.js@1.1.0 None +2 45.3 kB indutny
npm/detect-indent@6.1.0 None 0 9.68 kB sindresorhus
npm/diff@5.2.0 None 0 429 kB explodingcabbage
npm/diffie-hellman@5.0.3 None +4 66.1 kB cwmma
npm/dir-glob@3.0.1 Transitive: filesystem +1 10.8 kB sindresorhus
npm/doctrine@3.0.0 None +1 157 kB eslint
npm/dom-walk@0.1.2 None 0 2.66 kB raynos
npm/dot-case@3.0.4 None +3 137 kB blakeembrey
npm/dotenv@16.4.5 environment, filesystem 0 79.1 kB motdotla
npm/duplexer3@0.1.5 None 0 5.69 kB sindresorhus
npm/eastasianwidth@0.2.0 None 0 13.6 kB komagata
npm/ee-first@1.1.1 None 0 6.26 kB dougwilson
npm/electron-to-chromium@1.4.679 None 0 276 kB kilianvalkhof
npm/elliptic@6.5.4 None +7 295 kB indutny
npm/emoji-regex@8.0.0 None 0 48.3 kB mathias
npm/encodeurl@1.0.2 None 0 7.86 kB dougwilson
npm/end-of-stream@1.4.4 None +2 13.2 kB mafintosh
npm/env-paths@2.2.1 None 0 10.2 kB sindresorhus
npm/error-ex@1.3.2 None +1 13.1 kB qix
npm/es-abstract@1.22.4 Transitive: eval +57 3.27 MB ljharb
npm/es-array-method-boxes-properly@1.0.0 None 0 3.86 kB ljharb
npm/es-define-property@1.0.0 Transitive: eval +6 141 kB ljharb
npm/es-errors@1.3.0 None 0 12.3 kB ljharb
npm/es-set-tostringtag@2.0.3 Transitive: eval +7 161 kB ljharb
npm/es-shim-unscopables@1.0.2 None +2 53.6 kB ljharb
npm/es-to-primitive@1.2.1 None +5 150 kB ljharb
npm/es5-ext@0.10.62 eval +4 452 kB medikoo
npm/es6-iterator@2.0.3 Transitive: eval +4 452 kB medikoo
npm/es6-symbol@3.1.3 Transitive: eval +4 452 kB medikoo
npm/escalade@3.1.2 filesystem 0 11.6 kB lukeed
npm/escape-html@1.0.3 None 0 3.66 kB dougwilson
npm/escape-string-regexp@1.0.5 None 0 2.69 kB jbnicolai
npm/eslint-scope@7.2.2 None +2 197 kB eslintbot
npm/eslint-utils@2.1.0 None 0 342 kB mysticatea
npm/eslint-visitor-keys@3.4.3 None 0 32.3 kB eslintbot
npm/esprima@4.0.1 None 0 314 kB ariya
npm/esquery@1.5.0 None +1 1.04 MB michaelficarra
npm/esrecurse@4.3.0 None +1 50.6 kB michaelficarra
npm/estraverse@5.3.0 None 0 37.1 kB michaelficarra
npm/esutils@2.0.3 None 0 50.6 kB michaelficarra
npm/etag@1.8.1 filesystem 0 10.8 kB dougwilson
npm/eth-ens-namehash@2.0.8 None +3 567 kB danfinlay
npm/ethjs-unit@0.1.6 None +4 1.08 MB silentcicero
npm/ethjs-util@0.1.6 None +2 244 kB silentcicero
npm/event-target-shim@5.0.1 None 0 189 kB mysticatea
npm/evp_bytestokey@1.0.3 None +3 48.9 kB dcousens
npm/extend@3.0.2 None 0 23.5 kB ljharb
npm/fast-deep-equal@3.1.3 None 0 13 kB esp
npm/fast-glob@3.3.2 filesystem +14 459 kB mrmlnc
npm/fast-json-stable-stringify@2.1.0 None 0 17 kB esp
npm/fast-levenshtein@2.0.6 None 0 9.44 kB hiddentao
npm/fast-redact@3.3.0 eval 0 90.5 kB matteo.collina
npm/fast-url-parser@1.1.3 None 0 38.1 kB esailija
npm/fastq@1.17.1 None +1 51.4 kB matteo.collina
npm/file-entry-cache@6.0.1 filesystem 0 25.6 kB royriojas
npm/find-up@5.0.0 Transitive: filesystem +2 22.3 kB sindresorhus
npm/flat@5.0.2 None 0 26.6 kB timoxley
npm/flatted@3.3.1 None 0 40.3 kB webreflection
npm/follow-redirects@1.15.5 network 0 29.4 kB rubenverborgh
npm/for-each@0.3.3 None +1 42 kB ljharb
npm/form-data@4.0.0 filesystem, network +5 314 kB niftylettuce
npm/forwarded@0.2.0 None 0 5.88 kB dougwilson
npm/fresh@0.5.2 None 0 10.1 kB dougwilson
npm/fs.realpath@1.0.0 environment, filesystem 0 13.4 kB isaacs
npm/fsevents@2.3.3 None 0 173 kB pipobscure
npm/function-bind@1.1.2 None 0 31.4 kB ljharb
npm/function.prototype.name@1.1.6 Transitive: eval +57 3.27 MB ljharb
npm/functional-red-black-tree@1.0.1 None 0 43.5 kB mikolalysenko
npm/functions-have-names@1.2.3 None 0 16.7 kB ljharb
npm/gensync@1.0.0-beta.2 None 0 28.9 kB loganfsmyth
npm/get-caller-file@2.0.5 None 0 4.72 kB stefanpenner
npm/get-intrinsic@1.2.4 eval +5 129 kB ljharb
npm/get-stream@6.0.1 None 0 12.2 kB sindresorhus
npm/get-symbol-description@1.0.2 Transitive: eval +12 246 kB ljharb
npm/get-value@2.0.6 None 0 3.71 kB jonschlinkert
npm/glob-parent@5.1.2 None +2 32 kB phated
npm/global@4.4.0 None +3 76.3 kB raynos
npm/globals@11.12.0 None 0 39.8 kB sindresorhus
npm/globalthis@1.0.3 Transitive: eval +12 252 kB ljharb
npm/gopd@1.0.1 Transitive: eval +6 137 kB ljharb
npm/graceful-fs@4.2.11 environment, filesystem 0 32.5 kB isaacs
npm/grapheme-splitter@1.0.4 None 0 237 kB orling
npm/graphemer@1.4.0 None 0 812 kB mattpauldavies
npm/graphql-tag@2.12.6 None +1 256 kB apollo-bot
npm/hard-rejection@2.1.0 None 0 5.14 kB sindresorhus
npm/has-bigints@1.0.2 None 0 12.8 kB ljharb
npm/has-flag@3.0.0 None 0 3.13 kB sindresorhus
npm/has-property-descriptors@1.0.2 Transitive: eval +7 152 kB ljharb
npm/has-proto@1.0.3 None 0 12 kB ljharb
npm/has-symbols@1.0.3 None 0 20.6 kB ljharb
npm/has-tostringtag@1.0.2 None +1 38.2 kB ljharb
npm/has-value@1.0.0 None +2 18.3 kB jonschlinkert
npm/hash.js@1.1.7 None +2 47.2 kB indutny
npm/hasown@2.0.1 None +1 42.6 kB ljharb
npm/he@1.2.0 None 0 124 kB mathias
npm/hmac-drbg@1.0.1 None +4 76.9 kB indutny
npm/hosted-git-info@2.8.9 None 0 25.8 kB nlf
npm/http-cache-semantics@4.1.1 None 0 35.9 kB kornel
npm/http-errors@2.0.0 Transitive: environment, eval +5 70.7 kB dougwilson
npm/https-proxy-agent@5.0.1 network Transitive: environment +3 110 kB tootallnate
npm/human-signals@2.1.0 None 0 44.3 kB ehmicky
npm/husky@8.0.3 environment, filesystem, shell 0 6.44 kB typicode
npm/iconv-lite@0.4.24 None +1 378 kB ashtuchkin
npm/idna-uts46-hx@2.3.1 None +1 232 kB 1api
npm/ieee754@1.2.1 None 0 6.8 kB feross
npm/ignore@5.3.1 None 0 51.5 kB kael
npm/immediate@3.0.6 None 0 14.6 kB cwmma
npm/immutable@4.3.5 None 0 679 kB leebyron
npm/import-fresh@3.3.0 Transitive: filesystem, unsafe +3 19.8 kB sindresorhus
npm/imurmurhash@0.1.4 None 0 11.9 kB jensyt
npm/indent-string@4.0.0 None 0 4.4 kB sindresorhus
npm/inflight@1.0.6 None +2 10.8 kB isaacs
npm/inherits@2.0.4 None 0 3.96 kB isaacs
npm/ini@1.3.8 None 0 9.3 kB isaacs
npm/internal-slot@1.0.7 Transitive: eval +14 367 kB ljharb
npm/invariant@2.2.4 Transitive: environment +2 28.5 kB zertosh
npm/invert-kv@1.0.0 None 0 1.3 kB sindresorhus
npm/ipaddr.js@1.9.1 None 0 42.1 kB whitequark
npm/is-arguments@1.1.1 Transitive: eval +13 278 kB ljharb
npm/is-array-buffer@3.0.4 Transitive: eval +12 249 kB ljharb
npm/is-arrayish@0.2.1 None 0 4.05 kB qix
npm/is-bigint@1.0.4 None +1 27.6 kB ljharb
npm/is-boolean-object@1.1.2 Transitive: eval +13 271 kB ljharb
npm/is-buffer@2.0.5 None 0 4.59 kB feross
npm/is-callable@1.2.7 None 0 28.9 kB ljharb
npm/is-core-module@2.13.1 None +2 72.8 kB ljharb
npm/is-date-object@1.0.5 None +2 59 kB ljharb
npm/is-descriptor@0.1.7 None 0 22.9 kB ljharb
npm/is-docker@2.2.1 filesystem 0 3.01 kB sindresorhus
npm/is-extglob@2.1.1 None 0 6.22 kB jonschlinkert
npm/is-fullwidth-code-point@3.0.0 None 0 4.99 kB sindresorhus
npm/is-generator-function@1.0.10 eval +2 70.1 kB ljharb
npm/is-glob@4.0.3 None +1 19.8 kB phated
npm/is-hex-prefixed@1.0.0 None 0 9.44 kB silentcicero
npm/is-negative-zero@2.0.3 None 0 27.1 kB ljharb
npm/is-number-object@1.0.7 None +2 60.4 kB ljharb
npm/is-number@7.0.0 None 0 9.62 kB jonschlinkert
npm/is-path-inside@3.0.3 None 0 4.12 kB sindresorhus
npm/is-plain-obj@1.1.0 None 0 2.62 kB sindresorhus
npm/is-regex@1.1.4 Transitive: eval +13 279 kB ljharb
npm/is-relative@1.0.0 None +2 18 kB jonschlinkert
npm/is-shared-array-buffer@1.0.3 Transitive: eval +12 250 kB ljharb
npm/is-stream@2.0.1 None 0 5.93 kB sindresorhus
npm/is-string@1.0.7 None +2 57.3 kB ljharb
npm/is-symbol@1.0.4 None +1 42.6 kB ljharb
npm/is-typed-array@1.1.13 Transitive: eval +18 387 kB ljharb
npm/is-typedarray@1.0.0 None 0 4.41 kB hughsk
npm/is-unc-path@1.0.0 None +1 11.4 kB jonschlinkert
npm/is-unicode-supported@0.1.0 None 0 3.54 kB sindresorhus
npm/is-url@1.2.4 None 0 6.58 kB zeke
npm/is-utf8@0.2.1 None 0 4.34 kB wayfind
npm/is-weakref@1.0.2 Transitive: eval +12 244 kB ljharb
npm/is-windows@1.0.2 None 0 7.96 kB jonschlinkert
npm/is-wsl@2.2.0 environment, filesystem +1 6.77 kB sindresorhus
npm/isarray@2.0.5 None 0 3.43 kB juliangruber
npm/isexe@2.0.0 environment, filesystem 0 11 kB isaacs
npm/isobject@3.0.1 None 0 6.93 kB doowb
npm/jackspeak@2.3.6 environment +7 400 kB isaacs
npm/js-sdsl@4.4.2 None 0 1.1 MB yaozilong
npm/js-sha3@0.8.0 None 0 52.9 kB emn178
npm/js-tokens@4.0.0 None 0 15.1 kB lydell
npm/jsesc@2.5.2 None 0 32 kB mathias
npm/json-buffer@3.0.1 None 0 5.4 kB dominictarr
npm/json-parse-even-better-errors@2.3.1 None 0 10.4 kB isaacs
npm/json-schema-traverse@1.0.0 None 0 22.2 kB esp
npm/json-stable-stringify-without-jsonify@1.0.1 None 0 14.2 kB samn
npm/json-stringify-safe@5.0.1 None 0 12.7 kB isaacs
npm/json5@2.2.3 None 0 235 kB jordanbtucker
npm/jsonparse@1.3.1 None 0 36.8 kB creationix
npm/keyv@4.5.4 None +1 33.2 kB jaredwray
npm/kind-of@6.0.3 None 0 22.8 kB doowb
npm/kleur@4.1.5 None 0 20.3 kB lukeed
npm/lcid@1.0.0 None +1 7.74 kB sindresorhus
npm/levn@0.4.1 None +2 82.9 kB gkz
npm/lie@3.1.1 None +1 59.5 kB cwmma
npm/lines-and-columns@1.2.4 None 0 5.39 kB eventualbuddha
npm/load-json-file@1.1.0 Transitive: environment, filesystem +8 103 kB sindresorhus
npm/localforage@1.10.0 network +2 527 kB tofumatt
npm/locate-path@5.0.0 filesystem 0 6.58 kB sindresorhus
npm/lodash.assign@4.2.0 None 0 19.9 kB jdalton
npm/lodash.camelcase@4.3.0 None 0 21.9 kB jdalton
npm/lodash.get@4.4.2 None 0 26.5 kB jdalton
npm/lodash.isplainobject@4.0.6 None 0 6.89 kB jdalton
npm/lodash.merge@4.6.2 None 0 54.1 kB jdalton
npm/lodash.truncate@4.4.2 None 0 19.8 kB jdalton
npm/lodash@4.17.21 None 0 1.41 MB bnjmnt4n
npm/loose-envify@1.4.0 environment +1 20.9 kB zertosh
npm/lower-case@2.0.2 None +1 102 kB blakeembrey
npm/lru-cache@6.0.0 None +1 30.4 kB isaacs
npm/make-error@1.3.6 None 0 12.4 kB julien-f
npm/map-cache@0.2.2 None 0 7.6 kB jonschlinkert
npm/map-obj@4.3.0 None 0 9.49 kB sindresorhus
npm/map-visit@1.0.0 None 0 8.47 kB jonschlinkert
npm/md5.js@1.3.5 None +2 43.7 kB cwmma
npm/media-typer@0.3.0 None 0 11.1 kB dougwilson
npm/merge-descriptors@1.0.1 None 0 4.89 kB dougwilson
npm/merge-stream@2.0.0 None 0 4.31 kB stevemao
npm/merge2@1.4.1 None 0 8.9 kB zensh
npm/methods@1.1.2 network 0 5.29 kB dougwilson
npm/micro-ftch@0.3.1 network 0 12 kB paulmillr
npm/micromatch@4.0.5 None +2 195 kB jonschlinkert
npm/miller-rabin@4.0.1 None +1 10.4 kB indutny
npm/mime-db@1.52.0 None 0 206 kB dougwilson
npm/mime-types@2.1.35 None +1 224 kB dougwilson
npm/mime@1.6.0 environment, filesystem 0 51.7 kB broofa
npm/mimic-fn@2.1.0 None 0 4.46 kB sindresorhus
npm/mimic-response@1.0.1 None 0 3.58 kB sindresorhus
npm/min-document@2.19.0 None +1 57.5 kB raynos
npm/min-indent@1.0.1 None 0 2.97 kB thejameskyle
npm/minimalistic-assert@1.0.1 None 0 1.55 kB cwmma
npm/minimalistic-crypto-utils@1.0.1 None 0 4.76 kB indutny
npm/minimist@1.2.8 None 0 54.5 kB ljharb
npm/minipass@7.0.4 None 0 285 kB isaacs
npm/mkdirp@0.5.6 filesystem +1 62.2 kB isaacs
npm/ms@2.1.2 None 0 6.84 kB styfle
npm/natural-compare@1.4.0 None 0 5.65 kB megawac
npm/negotiator@0.6.3 None 0 27.4 kB dougwilson
npm/next-tick@1.1.0 None 0 7.65 kB medikoo
npm/no-case@3.0.4 None +2 127 kB blakeembrey
npm/node-addon-api@2.0.2 None 0 799 kB nicknaso
npm/node-gyp-build@4.8.0 environment, filesystem 0 13.4 kB mafintosh
npm/node-releases@2.0.14 None 0 34 kB chicoxyzzy
npm/normalize-path@3.0.0 None 0 9.22 kB jonschlinkert
npm/normalize-url@6.1.0 None 0 21.2 kB sindresorhus
npm/npm-run-path@4.0.1 environment +1 12.7 kB sindresorhus
npm/number-is-nan@1.0.1 None 0 2.35 kB sindresorhus
npm/number-to-bn@1.7.0 None +2 448 kB silentcicero
npm/object-assign@4.1.1 None 0 5.49 kB sindresorhus
npm/object-inspect@1.13.1 None 0 97.2 kB ljharb
npm/object-keys@1.1.1 None 0 26.5 kB ljharb
npm/object.assign@4.1.5 Transitive: eval +14 344 kB ljharb
npm/on-finished@2.3.0 None +1 18.6 kB dougwilson
npm/on-headers@1.0.2 None 0 7.54 kB dougwilson
npm/once@1.4.0 None +1 7.01 kB isaacs
npm/onetime@5.1.2 None +1 10.6 kB sindresorhus
npm/optionator@0.9.3 None +6 161 kB gkz
npm/os-homedir@1.0.2 environment 0 3.15 kB sindresorhus
npm/os-locale@1.4.0 environment, shell +2 13.2 kB sindresorhus
npm/os-tmpdir@1.0.2 None 0 3.06 kB sindresorhus
npm/p-limit@2.3.0 None +1 11.8 kB sindresorhus
npm/p-try@2.2.0 None 0 4.37 kB sindresorhus
npm/param-case@3.0.4 None +4 147 kB blakeembrey
npm/parent-module@1.0.1 None +1 10.3 kB sindresorhus
npm/parse-asn1@5.1.6 None +15 264 kB cwmma
npm/parse-filepath@1.0.2 None +3 25.7 kB phated
npm/parse-json@5.2.0 None +4 34.3 kB sindresorhus
npm/parseurl@1.3.3 None 0 10.3 kB dougwilson
npm/pascal-case@3.1.2 None +3 142 kB blakeembrey
npm/pascalcase@0.1.1 None 0 4.46 kB jonschlinkert
npm/path-browserify@1.0.1 None 0 54.3 kB goto-bus-stop
npm/path-exists@4.0.0 filesystem 0 3.92 kB sindresorhus
npm/path-is-absolute@1.0.1 None 0 3.62 kB sindresorhus
npm/path-key@3.1.1 None 0 4.55 kB sindresorhus
npm/path-parse@1.0.7 None 0 4.51 kB jbgutierrez
npm/path-root-regex@0.1.2 None 0 4.79 kB jonschlinkert
npm/path-root@0.1.1 None +1 10.2 kB jonschlinkert
npm/path-to-regexp@0.1.7 None 0 6.78 kB blakeembrey
npm/path-type@4.0.0 filesystem 0 5.41 kB sindresorhus
npm/pbkdf2@3.1.2 None +8 117 kB cwmma
npm/performance-now@2.1.0 None 0 11.3 kB meryn
npm/picocolors@1.0.0 environment 0 5.66 kB alexeyraspopov
npm/picomatch@2.3.1 None 0 90 kB mrmlnc
npm/pify@4.0.1 None 0 7.23 kB sindresorhus
npm/pinkie-promise@2.0.1 None +1 13.1 kB floatdrop
npm/pinkie@2.0.4 None 0 10.5 kB npm
npm/possible-typed-array-names@1.0.0 None 0 10.9 kB ljharb
npm/prelude-ls@1.2.1 None 0 36.7 kB gkz
npm/prettier@2.8.8 environment, filesystem, unsafe 0 11.2 MB prettier-bot
npm/process@0.11.10 None 0 15.3 kB cwmma
npm/progress@2.0.3 None 0 15.5 kB turbopope
npm/proxy-addr@2.0.7 None +2 63.4 kB dougwilson
npm/proxy-from-env@1.1.0 environment 0 29.5 kB rob-w
npm/pseudomap@1.0.2 environment 0 8.21 kB isaacs
npm/psl@1.9.0 None 0 461 kB lupomontero
npm/public-encrypt@4.0.3 None +19 401 kB cwmma
npm/pump@3.0.0 filesystem +3 21 kB mafintosh
npm/pumpify@2.0.1 Transitive: filesystem +5 35.2 kB mafintosh
npm/punycode@2.3.1 None 0 33.5 kB google-wombot
npm/queue-microtask@1.2.3 None 0 8.37 kB feross
npm/quick-format-unescaped@4.0.4 None 0 12.8 kB davidmarkclements
npm/quick-lru@4.0.1 None 0 7.47 kB sindresorhus
npm/randombytes@2.1.0 None +1 38.5 kB cwmma
npm/randomfill@1.0.4 None +2 45.3 kB cwmma
npm/range-parser@1.2.1 None 0 8.46 kB dougwilson
npm/readable-stream@3.6.2 environment +2 133 kB matteo.collina
npm/readdirp@3.6.0 filesystem +1 110 kB paulmillr
npm/regenerate@1.4.2 None 0 49.2 kB mathias
npm/regenerator-runtime@0.14.1 None 0 27.9 kB benjamn
npm/regexp.prototype.flags@1.5.2 Transitive: eval +16 345 kB ljharb
npm/regexpp@3.2.0 None 0 302 kB mysticatea
npm/remove-trailing-separator@1.1.0 None 0 4.25 kB darsain
npm/require-directory@2.1.1 filesystem 0 12.1 kB troygoode
npm/require-from-string@2.0.2 unsafe 0 3.42 kB floatdrop
npm/require-main-filename@2.0.0 None 0 3.93 kB bcoe
npm/resolve-alpn@1.2.1 network 0 4.64 kB szmarczak
npm/resolve-from@5.0.0 filesystem, unsafe 0 5.82 kB sindresorhus
npm/resolve@1.22.8 environment, filesystem +5 232 kB ljharb
npm/reusify@1.0.4 None 0 9.44 kB matteo.collina
npm/rfdc@1.3.1 None 0 25.2 kB matteo.collina
npm/ripemd160@2.0.2 None +1 13.7 kB dcousens
npm/rlp@2.2.7 None +1 162 kB ralxz
npm/run-parallel@1.2.0 None +1 14.9 kB feross
npm/rxjs@7.8.1 None +1 4.59 MB blesh
npm/safe-buffer@5.2.1 None 0 32.1 kB feross
npm/safe-regex-test@1.0.3 Transitive: eval +14 289 kB ljharb
npm/safe-stable-stringify@2.4.3 None 0 30.1 kB bridgear
npm/safer-buffer@2.1.2 None 0 42.3 kB chalker
npm/scrypt-js@3.0.1 None 0 226 kB ricmoo
npm/serialize-javascript@6.0.0 None +2 55.2 kB okuryu
npm/set-blocking@2.0.0 None 0 4.22 kB bcoe
npm/set-function-length@1.2.1 Transitive: eval +10 209 kB ljharb
npm/set-function-name@2.0.2 Transitive: eval +11 224 kB ljharb
npm/setimmediate@1.0.5 None 0 8.56 kB domenic
npm/setprototypeof@1.2.0 None 0 4.03 kB wesleytodd
npm/sha.js@2.4.11 None +2 67.1 kB dcousens
npm/shebang-regex@3.0.0 None 0 2.83 kB sindresorhus
npm/side-channel@1.0.5 Transitive: eval +13 347 kB ljharb
npm/signal-exit@3.0.7 None 0 9.96 kB isaacs
npm/simple-concat@1.0.1 None 0 4.62 kB feross
npm/slash@3.0.0 None 0 3.51 kB sindresorhus
npm/smart-buffer@4.2.0 None 0 138 kB joshglazebrook
npm/socks@2.8.0 network +1 294 kB joshglazebrook
npm/source-map@0.6.1 None 0 805 kB tromey
npm/spdx-correct@3.2.0 None +3 51.4 kB kemitchell
npm/spdx-exceptions@2.5.0 None 0 3.47 kB kemitchell
npm/spdx-expression-parse@3.0.1 None +2 27.9 kB kemitchell
npm/spdx-license-ids@3.0.17 None 0 12.6 kB kemitchell
npm/split2@4.2.0 None 0 17.4 kB matteo.collina
npm/sprintf-js@1.0.3 None 0 34.8 kB alexei
npm/stack-trace@0.0.10 None 0 8.85 kB felixge
npm/static-extend@0.1.2 None 0 4.69 kB jonschlinkert
npm/statuses@2.0.1 None 0 12.1 kB dougwilson
npm/stream-shift@1.0.3 None 0 4.46 kB mafintosh
npm/string.prototype.trim@1.2.8 Transitive: eval +57 3.27 MB ljharb
npm/string.prototype.trimend@1.0.7 Transitive: eval +57 3.27 MB ljharb
npm/string.prototype.trimstart@1.0.7 Transitive: eval +57 3.27 MB ljharb
npm/strip-ansi@6.0.1 None +1 9.64 kB sindresorhus
npm/strip-bom@3.0.0 None 0 3 kB sindresorhus
npm/strip-final-newline@2.0.0 None 0 3.05 kB sindresorhus
npm/strip-hex-prefix@1.0.0 None +1 19.1 kB silentcicero
npm/strip-indent@3.0.0 None +1 6.28 kB sindresorhus
npm/strip-json-comments@3.1.1 None 0 6.96 kB sindresorhus
npm/supports-preserve-symlinks-flag@1.0.0 None 0 9.18 kB ljharb
npm/text-table@0.2.0 None 0 11 kB substack
npm/through@2.3.8 None 0 12.5 kB dominictarr
npm/timed-out@4.0.1 None 0 4.08 kB floatdrop
npm/to-fast-properties@2.0.0 None 0 3.5 kB sindresorhus
npm/to-object-path@0.3.0 None +1 27.9 kB jonschlinkert
npm/toidentifier@1.0.1 None 0 4.68 kB dougwilson
npm/tr46@0.0.3 None 0 268 kB sebmaster
npm/trim-newlines@3.0.1 None 0 3.85 kB sindresorhus
npm/tsconfig-paths@4.2.0 environment, filesystem, unsafe +3 509 kB jonaskello
npm/tslib@2.6.2 None 0 84 kB typescript-bot
npm/tsutils@3.21.0 None +1 32.4 MB ajaff
npm/tweetnacl-util@0.15.1 None 0 8.14 kB dchest
npm/tweetnacl@1.0.3 None 0 175 kB dchest
npm/type-check@0.4.0 None +1 57.9 kB gkz
npm/type-fest@0.18.1 None 0 102 kB sindresorhus
npm/type-is@1.6.18 None +3 253 kB dougwilson
npm/typed-array-buffer@1.0.2 Transitive: eval +19 400 kB ljharb
npm/typed-array-byte-length@1.0.1 Transitive: eval +19 407 kB ljharb
npm/typed-array-byte-offset@1.0.2 Transitive: eval +19 408 kB ljharb
npm/typed-array-length@1.0.5 Transitive: eval +19 413 kB ljharb
npm/typedarray-to-buffer@3.1.5 None +1 13.2 kB feross
npm/typescript@5.3.3 None 0 32 MB typescript-bot
npm/unbox-primitive@1.0.2 Transitive: eval +20 392 kB ljharb
npm/unc-path-regex@0.1.2 None 0 4.93 kB tunnckocore
npm/undici@5.28.3 environment, network, unsafe +1 1.25 MB matteo.collina
npm/unpipe@1.0.0 None 0 4.31 kB dougwilson
npm/unset-value@1.0.0 None +3 26.8 kB jonschlinkert
npm/untildify@4.0.0 None 0 3.01 kB sindresorhus
npm/update-browserslist-db@1.0.13 filesystem, shell Transitive: environment +6 2.37 MB ai
npm/uri-js@4.4.1 None +1 503 kB garycourt
npm/utf8@3.0.0 None 0 11.2 kB mathias
npm/util-deprecate@1.0.2 None 0 5.48 kB tootallnate
npm/util@0.12.5 environment Transitive: eval +22 486 kB goto-bus-stop
npm/utils-merge@1.0.1 None 0 3.72 kB jaredhanson
npm/uuid@8.3.2 None 0 116 kB ctavan
npm/v8-compile-cache-lib@3.0.1 environment, filesystem, unsafe 0 18.2 kB cspotcode
npm/v8-compile-cache@2.4.0 environment, filesystem, unsafe 0 14.9 kB yungsters
npm/validate-npm-package-license@3.0.4 None +4 68 kB kemitchell
npm/varint@5.0.2 None 0 9.03 kB chrisdickinson
npm/vary@1.1.2 None 0 8.75 kB dougwilson
npm/wcwidth@1.0.1 None +2 29.2 kB timoxley
npm/webidl-conversions@3.0.1 None 0 12.4 kB sebmaster
npm/which-boxed-primitive@1.0.2 Transitive: eval +19 377 kB ljharb
npm/which-module@2.0.1 None 0 4.04 kB nexdrew
npm/which-typed-array@1.1.14 Transitive: eval +17 364 kB ljharb
npm/which@2.0.2 environment Transitive: filesystem +1 20.9 kB isaacs
npm/workerpool@6.2.1 None 0 330 kB josdejong
npm/wrappy@1.0.2 None 0 2.96 kB zkat
npm/ws@7.4.6 network 0 113 kB lpinca
npm/xtend@4.0.2 None 0 6.46 kB raynos
npm/y18n@4.0.3 filesystem 0 11 kB oss-bot
npm/yallist@4.0.0 None 0 14.8 kB isaacs
npm/yaml@1.10.2 environment 0 448 kB eemeli
npm/yargs-parser@20.2.9 environment, filesystem 0 124 kB oss-bot
npm/yargs-unparser@2.0.0 None +3 48.1 kB oss-bot
npm/yn@3.1.1 None 0 6.31 kB sindresorhus
npm/yocto-queue@0.1.0 None 0 6.03 kB sindresorhus

🚮 Removed packages: npm/@0no-co/graphql.web@1.0.4, npm/@arbitrum/sdk@3.1.13, npm/@ardatan/fast-json-stringify@0.0.6, npm/@ardatan/sync-fetch@0.0.1, npm/@aws-crypto/sha256-js@1.2.2, npm/@aws-crypto/util@1.2.2, npm/@aws-sdk/types@3.515.0, npm/@aws-sdk/util-utf8-browser@3.259.0, npm/@babel/code-frame@7.23.5, npm/@babel/helper-compilation-targets@7.23.6, npm/@babel/highlight@7.23.4, npm/@babel/plugin-proposal-object-rest-spread@7.20.7, npm/@chainsafe/ssz@0.10.2, npm/@changesets/apply-release-plan@7.0.0, npm/@changesets/assemble-release-plan@6.0.0, npm/@changesets/changelog-git@0.2.0, npm/@changesets/cli@2.27.1, npm/@changesets/config@3.0.0, npm/@changesets/errors@0.2.0, npm/@changesets/get-dependents-graph@2.0.0, npm/@changesets/get-release-plan@4.0.0, npm/@changesets/get-version-range-type@0.4.0, npm/@changesets/git@3.0.0, npm/@changesets/logger@0.1.0, npm/@changesets/parse@0.4.0, npm/@changesets/pre@2.0.0, npm/@changesets/read@0.6.0, npm/@changesets/types@6.0.0, npm/@changesets/write@0.3.0, npm/@commitlint/cli@18.6.1, npm/@commitlint/config-conventional@18.6.2, npm/@commitlint/config-validator@18.6.1, npm/@commitlint/ensure@18.6.1, npm/@commitlint/execute-rule@18.6.1, npm/@commitlint/format@18.6.1, npm/@commitlint/is-ignored@18.6.1, npm/@commitlint/lint@18.6.1, npm/@commitlint/load@18.6.1, npm/@commitlint/message@18.6.1, npm/@commitlint/parse@18.6.1, npm/@commitlint/read@18.6.1, npm/@commitlint/resolve-extends@18.6.1, npm/@commitlint/rules@18.6.1, npm/@commitlint/to-lines@18.6.1, npm/@commitlint/top-level@18.6.1, npm/@commitlint/types@18.6.1, npm/@dabh/diagnostics@2.0.3, npm/@defi-wonderland/smock@2.3.5, npm/@ensdomains/ens@0.4.5, npm/@ensdomains/resolver@0.2.4, npm/@envelop/core@3.0.6, npm/@envelop/extended-validation@2.0.6, npm/@envelop/types@3.0.2, npm/@envelop/validation-cache@5.1.3, npm/@eslint-community/eslint-utils@4.4.0, npm/@eslint/eslintrc@2.1.4, npm/@ethereum-waffle/chai@3.4.4, npm/@ethereum-waffle/compiler@3.4.4, npm/@ethereum-waffle/ens@3.4.4, npm/@ethereum-waffle/mock-contract@3.4.4, npm/@ethereum-waffle/provider@3.4.4, npm/@ethereumjs/common@2.5.0, npm/@ethereumjs/tx@3.3.2, npm/@ethereumjs/util@8.1.0, npm/@ethersproject/experimental@5.7.0, npm/@ethersproject/json-wallets@5.7.0, npm/@ethersproject/solidity@5.7.0, npm/@ethersproject/units@5.7.0, npm/@ethersproject/wallet@5.7.0, npm/@fastify/deepmerge@1.3.0, npm/@graphprotocol/client-add-source-name@1.0.20, npm/@graphprotocol/client-auto-pagination@1.1.18, npm/@graphprotocol/client-auto-type-merging@1.0.25, npm/@graphprotocol/client-block-tracking@1.0.14, npm/@graphprotocol/client-cli@2.2.22, npm/@graphprotocol/client-polling-live@1.1.1, npm/@graphprotocol/common-ts@1.8.7, npm/@graphprotocol/contracts@2.1.0, npm/@graphprotocol/pino-sentry-simple@0.7.1, npm/@graphql-codegen/core@3.1.0, npm/@graphql-codegen/plugin-helpers@4.2.0, npm/@graphql-codegen/schema-ast@3.0.1, npm/@graphql-codegen/typed-document-node@4.0.1, npm/@graphql-codegen/typescript-generic-sdk@3.1.0, npm/@graphql-codegen/typescript-operations@3.0.4, npm/@graphql-codegen/typescript-resolvers@3.2.1, npm/@graphql-codegen/typescript@3.0.4, npm/@graphql-codegen/visitor-plugin-common@3.1.1, npm/@graphql-inspector/core@3.3.0, npm/@graphql-mesh/cache-localforage@0.93.1, npm/@graphql-mesh/cli@0.82.35, npm/@graphql-mesh/config@0.93.1, npm/@graphql-mesh/cross-helpers@0.3.4, npm/@graphql-mesh/graphql@0.93.1, npm/@graphql-mesh/http@0.93.2, npm/@graphql-mesh/merger-bare@0.93.1, npm/@graphql-mesh/merger-stitching@0.93.1, npm/@graphql-mesh/runtime@0.93.2, npm/@graphql-mesh/store@0.93.1, npm/@graphql-mesh/string-interpolation@0.4.4, npm/@graphql-mesh/transform-type-merging@0.93.1, npm/@graphql-mesh/types@0.93.2, npm/@graphql-mesh/utils@0.93.2, npm/@graphql-tools/batch-delegate@8.4.27, npm/@graphql-tools/batch-execute@8.5.22, npm/@graphql-tools/code-file-loader@7.3.23, npm/@graphql-tools/delegate@9.0.35, npm/@graphql-tools/executor-graphql-ws@0.0.14, npm/@graphql-tools/executor-http@0.1.10, npm/@graphql-tools/executor-legacy-ws@0.0.11, npm/@graphql-tools/executor@0.0.20, npm/@graphql-tools/graphql-file-loader@7.5.17, npm/@graphql-tools/graphql-tag-pluck@7.5.2, npm/@graphql-tools/import@6.7.18, npm/@graphql-tools/load@7.8.14, npm/@graphql-tools/merge@8.4.2, npm/@graphql-tools/optimize@1.4.0, npm/@graphql-tools/relay-operation-optimizer@6.5.18, npm/@graphql-tools/schema@9.0.19, npm/@graphql-tools/stitch@8.7.50, npm/@graphql-tools/stitching-directives@2.3.34, npm/@graphql-tools/url-loader@7.17.18, npm/@graphql-tools/wrap@9.4.2, npm/@graphql-typed-document-node/core@3.2.0, npm/@graphql-yoga/logger@0.0.1, npm/@graphql-yoga/subscription@3.1.0, npm/@graphql-yoga/typed-event-target@1.0.0, npm/@humanwhocodes/config-array@0.11.14, npm/@ljharb/resumer@0.0.1, npm/@ljharb/through@2.3.12, npm/@manypkg/find-root@1.1.0, npm/@manypkg/get-packages@1.1.3, npm/@metamask/eth-sig-util@4.0.1, npm/@noble/curves@1.3.0, npm/@nomicfoundation/ethereumjs-block@4.2.2, npm/@nomicfoundation/ethereumjs-blockchain@6.2.2, npm/@nomicfoundation/ethereumjs-common@3.1.2, npm/@nomicfoundation/ethereumjs-ethash@2.0.5, npm/@nomicfoundation/ethereumjs-evm@1.3.2, npm/@nomicfoundation/ethereumjs-rlp@4.0.3, npm/@nomicfoundation/ethereumjs-statemanager@1.0.5, npm/@nomicfoundation/ethereumjs-trie@5.0.5, npm/@nomicfoundation/ethereumjs-tx@4.1.2, npm/@nomicfoundation/ethereumjs-util@8.0.6, npm/@nomicfoundation/ethereumjs-verkle@0.0.2, npm/@nomicfoundation/ethereumjs-vm@6.4.2, npm/@nomicfoundation/hardhat-network-helpers@1.0.9, npm/@nomicfoundation/solidity-analyzer-darwin-arm64@0.1.1, npm/@nomicfoundation/solidity-analyzer-darwin-x64@0.1.1, npm/@nomicfoundation/solidity-analyzer-freebsd-x64@0.1.1, npm/@nomicfoundation/solidity-analyzer-linux-arm64-gnu@0.1.1, npm/@nomicfoundation/solidity-analyzer-linux-arm64-musl@0.1.1, npm/@nomicfoundation/solidity-analyzer-linux-x64-gnu@0.1.1, npm/@nomicfoundation/solidity-analyzer-linux-x64-musl@0.1.1, npm/@nomicfoundation/solidity-analyzer-win32-arm64-msvc@0.1.1, npm/@nomicfoundation/solidity-analyzer-win32-ia32-msvc@0.1.1, npm/@nomicfoundation/solidity-analyzer-win32-x64-msvc@0.1.1, npm/@nomicfoundation/solidity-analyzer@0.1.1, npm/@nomiclabs/hardhat-ethers@2.2.3, npm/@nomiclabs/hardhat-etherscan@3.1.7, npm/@nomiclabs/hardhat-waffle@2.0.3, npm/@npmcli/agent@2.2.0, npm/@npmcli/fs@3.1.0, npm/@openzeppelin/contracts-upgradeable@3.4.2, npm/@openzeppelin/contracts@3.4.2, npm/@openzeppelin/defender-admin-client@1.52.0, npm/@openzeppelin/defender-base-client@1.52.0, npm/@openzeppelin/hardhat-defender@1.9.0, npm/@openzeppelin/hardhat-upgrades@1.28.0, npm/@openzeppelin/platform-deploy-client@0.8.0, npm/@openzeppelin/upgrades-core@1.32.5, npm/@peculiar/asn1-schema@2.3.8, npm/@peculiar/json-schema@1.1.12, npm/@peculiar/webcrypto@1.4.5, npm/@pkgr/utils@2.4.2, npm/@repeaterjs/repeater@3.0.5, npm/@resolver-engine/core@0.3.3, npm/@resolver-engine/fs@0.3.3, npm/@resolver-engine/imports-fs@0.3.3, npm/@resolver-engine/imports@0.3.3, npm/@scure/bip32@1.1.5, npm/@scure/bip39@1.1.1, npm/@sentry/core@5.30.0, npm/@sentry/hub@5.30.0, npm/@sentry/minimal@5.30.0, npm/@sentry/node@5.30.0, npm/@sentry/tracing@5.30.0, npm/@sentry/types@5.30.0, npm/@sentry/utils@5.30.0, npm/@sindresorhus/is@0.14.0, npm/@smithy/types@2.9.1, npm/@solidity-parser/parser@0.14.5, npm/@szmarczak/http-timer@1.1.2, npm/@tenderly/hardhat-tenderly@1.0.13, npm/@truffle/error@0.1.1, npm/@truffle/interface-adapter@0.5.37, npm/@truffle/provider@0.2.64, npm/@typechain/ethers-v5@2.0.0, npm/@typechain/hardhat@2.3.1, npm/@types/async-eventemitter@0.2.4, npm/@types/bs58@4.0.4, npm/@types/chai-as-promised@7.1.8, npm/@types/chai@4.3.11, npm/@types/concat-stream@1.6.1, npm/@types/dotenv@8.2.0, npm/@types/events@3.0.3, npm/@types/form-data@0.0.33, npm/@types/inquirer@7.3.3, npm/@types/lru-cache@5.1.1, npm/@types/minimatch@5.1.2, npm/@types/mkdirp@0.5.2, npm/@types/ms@0.7.34, npm/@types/node@12.20.55, npm/@types/qs@6.9.10, npm/@types/readable-stream@2.3.15, npm/@types/resolve@0.0.8, npm/@types/sinon-chai@3.2.12, npm/@types/sinon@17.0.3, npm/@types/through@0.0.33, npm/@types/triple-beam@1.3.5, npm/@types/underscore@1.11.15, npm/@types/validator@13.11.9, npm/@types/web3@1.0.19, npm/@types/winston@2.4.4, npm/@types/yargs@16.0.9, npm/@typescript-eslint/eslint-plugin@4.33.0, npm/@typescript-eslint/experimental-utils@4.33.0, npm/@typescript-eslint/parser@4.33.0, npm/@typescript-eslint/scope-manager@4.33.0, npm/@typescript-eslint/typescript-estree@4.33.0, npm/@typescript-eslint/utils@5.62.0, npm/@typescript-eslint/visitor-keys@4.33.0, npm/@urql/core@2.4.4, npm/@urql/exchange-execute@1.2.2, npm/@whatwg-node/cookie-store@0.0.1, npm/@whatwg-node/events@0.0.3, npm/@whatwg-node/fetch@0.8.8, npm/@whatwg-node/node-fetch@0.3.6, npm/@whatwg-node/server@0.7.7, npm/@yarnpkg/lockfile@1.1.0, npm/abortcontroller-polyfill@1.7.5, npm/abstract-level@1.0.4, npm/abstract-leveldown@3.0.0, npm/adm-zip@0.4.16, npm/aes-js@3.0.0, npm/ajv-formats@2.1.1, npm/amazon-cognito-identity-js@6.3.11, npm/amdefine@1.0.1, npm/ansi-align@3.0.1, npm/ansi-colors@4.1.3, npm/antlr4@4.13.1, npm/antlr4ts@0.5.0-dev, npm/any-signal@1.2.0, npm/arbos-precompiles@1.0.2, npm/array-back@2.0.0, npm/array-ify@1.0.0, npm/array.prototype.findlast@1.2.4, npm/array.prototype.reduce@1.0.6, npm/asn1@0.2.6, npm/asn1js@3.0.5, npm/assert-plus@1.0.0, npm/assertion-error@1.1.0, npm/ast-parents@0.0.1, npm/async-eventemitter@0.2.4, npm/async-mutex@0.4.1, npm/async-retry@1.3.3, npm/at-least-node@1.0.0, npm/auto-bind@4.0.0, npm/aws-sign2@0.7.0, npm/aws4@1.12.0, npm/babel-code-frame@6.26.0, npm/babel-core@6.26.3, npm/babel-generator@6.26.1, npm/babel-helper-builder-binary-assignment-operator-visitor@6.24.1, npm/babel-helper-call-delegate@6.24.1, npm/babel-helper-define-map@6.26.0, npm/babel-helper-explode-assignable-expression@6.24.1, npm/babel-helper-hoist-variables@6.24.1, npm/babel-helper-optimise-call-expression@6.24.1, npm/babel-helper-regex@6.26.0, npm/babel-helper-replace-supers@6.24.1, npm/babel-helpers@6.24.1, npm/babel-plugin-check-es2015-constants@6.22.0, npm/babel-plugin-syntax-async-functions@6.13.0, npm/babel-plugin-syntax-exponentiation-operator@6.13.0, npm/babel-plugin-syntax-trailing-function-commas@6.22.0, npm/babel-plugin-transform-async-to-generator@6.24.1, npm/babel-plugin-transform-es2015-arrow-functions@6.22.0, npm/babel-plugin-transform-es2015-block-scoped-functions@6.22.0, npm/babel-plugin-transform-es2015-block-scoping@6.26.0, npm/babel-plugin-transform-es2015-classes@6.24.1, npm/babel-plugin-transform-es2015-computed-properties@6.24.1, npm/babel-plugin-transform-es2015-destructuring@6.23.0, npm/babel-plugin-transform-es2015-duplicate-keys@6.24.1, npm/babel-plugin-transform-es2015-for-of@6.23.0, npm/babel-plugin-transform-es2015-function-name@6.24.1, npm/babel-plugin-transform-es2015-literals@6.22.0, npm/babel-plugin-transform-es2015-modules-amd@6.24.1, npm/babel-plugin-transform-es2015-modules-commonjs@6.26.2, npm/babel-plugin-transform-es2015-modules-systemjs@6.24.1, npm/babel-plugin-transform-es2015-modules-umd@6.24.1, npm/babel-plugin-transform-es2015-object-super@6.24.1, npm/babel-plugin-transform-es2015-parameters@6.24.1, npm/babel-plugin-transform-es2015-shorthand-properties@6.24.1, npm/babel-plugin-transform-es2015-spread@6.22.0, npm/babel-plugin-transform-es2015-sticky-regex@6.24.1, npm/babel-plugin-transform-es2015-template-literals@6.22.0, npm/babel-plugin-transform-es2015-typeof-symbol@6.23.0, npm/babel-plugin-transform-es2015-unicode-regex@6.24.1, npm/babel-plugin-transform-exponentiation-operator@6.24.1, npm/babel-plugin-transform-regenerator@6.26.0, npm/babel-plugin-transform-strict-mode@6.24.1, npm/babel-preset-env@1.7.0, npm/babel-preset-fbjs@3.4.0, npm/babel-register@6.26.0, npm/babel-runtime@6.26.0, npm/babel-traverse@6.26.0, npm/babel-types@6.26.0, npm/babelify@7.3.0, npm/backoff@2.5.0, npm/base-64@0.1.0, npm/base@0.11.2, npm/basic-auth@2.0.1, npm/bcrypt-pbkdf@1.0.2, npm/better-path-resolve@1.0.0, npm/bigint-crypto-utils@3.3.0, npm/bintrees@1.0.2, npm/bip39@2.5.0, npm/bl@4.1.0, npm/blob-to-it@0.0.2, npm/body-parser@1.19.1, npm/borc@2.1.2, npm/boxen@5.1.2, npm/bplist-parser@0.2.0, npm/breakword@1.0.6, npm/browser-level@1.0.1, npm/browser-readablestream-to-it@0.0.2, npm/browserify-sign@4.2.2, npm/bs58@4.0.1, npm/bs58check@2.1.2, npm/bser@2.1.1, npm/buffer-to-arraybuffer@0.0.5, npm/buffer-writer@2.0.0, npm/bufferutil@4.0.8, npm/bundle-name@3.0.0, npm/busboy@1.6.0, npm/bytewise-core@1.2.3, npm/bytewise@1.1.0, npm/cacache@18.0.1, npm/cacheable-request@7.0.4, npm/cachedown@1.0.0, npm/camelcase-keys@6.2.2, npm/capital-case@1.0.4, npm/case@1.6.3, npm/caseless@0.12.0, npm/cbor@8.1.0, npm/chai-as-promised@7.1.1, npm/chai@4.4.1, npm/chalk@2.4.2, npm/change-case-all@1.0.15, npm/change-case@4.1.2, npm/chardet@0.7.0, npm/charenc@0.0.2, npm/check-error@1.0.3, npm/checkpoint-store@1.1.0, npm/cids@0.7.5, npm/class-is@1.1.0, npm/classic-level@1.4.1, npm/cli-boxes@2.2.1, npm/cli-cursor@3.1.0, npm/cli-spinners@2.9.2, npm/cli-table3@0.5.1, npm/cli-table@0.3.11, npm/cli-truncate@2.1.0, npm/cli-width@3.0.0, npm/coingecko-api@1.0.10, npm/color-string@1.9.1, npm/color@3.2.1, npm/colorette@2.0.20, npm/colors@1.4.0, npm/colorspace@1.1.4, npm/command-exists@1.2.9, npm/command-line-args@4.0.7

View full report↗︎

@socket-security Socket Security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package Note
Install scripts npm/core-js@2.6.12
  • Install script: postinstall
  • Source: node -e "try{require('./postinstall')}catch(e){}"
Protestware/Troll package npm/es5-ext@0.10.62
  • Note: This package prints a protestware console message on install regarding Ukraine for users with Russian language locale
Install scripts npm/es5-ext@0.10.62
  • Install script: postinstall
  • Source: node -e "try{require('./_postinstall')}catch(e){}" || exit 0

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

What is protestware?

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Consider that consuming this package my come along with functionality unrelated to its primary purpose.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/core-js@2.6.12
  • @SocketSecurity ignore npm/es5-ext@0.10.62

@tmigone tmigone closed this Feb 26, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 26, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/packages/token-distribution/openzeppelin/contracts-upgradeable-4.9.3 branch February 26, 2024 14:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@tmigone