[Snyk] Upgrade web3 from 1.6.1 to 1.8.1

[snyk-bot]

Snyk has created this PR to upgrade web3 from 1.6.1 to 1.8.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 19 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-11-10.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-SIMPLEGET-2361683	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	547/1000 Why? Proof of Concept exploit, CVSS 8.8	No Known Exploit
	Open Redirect SNYK-JS-GOT-2932019	547/1000 Why? Proof of Concept exploit, CVSS 8.8	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: web3

• 1.8.1 - 2022-11-10
  

  Fixed

  • Fixed types for getPastEvents (#4955) (#5260)
  • Fix Log type by adding missing removed property (#4877)

  Changed

  • Updated dependencies (#5529)
• 1.8.1-rc.0 - 2022-10-28
  

  Fixed

  • Fixed types for getPastEvents (#4955) (#5260)
  • Fix Log type by adding missing removed property (#4877)

  Changed

  • Updated dependencies (#5529)
• 1.8.0 - 2022-09-14
  

  Changed

  • Updated sha3 and sha3Raw type definition to accept Buffer (#5357)
  • Removing legacy field in lerna.json (#5403)
  • Correct eth_sendSignedTransaction code example (#5402)

  Fixed

  • Browser builds support polyfills (#5031) (#5053) (#4659) (#4767)
  • Update node version on actions to fix breaking mosaic test (#5354)
  • Start incrementing jsonrpc.id from random number (#5327)
  • web3-eth-contract's call and send methods no longer mutate options argument (#5394)
  • Improvement using provided gas options in web3-eth-accounts for eip-1559 transactions (#5012)

  Added

  • Add missing function type "receive" in AbiType (#5165)
  • Support of safe and finalized block tags added (#5410)
• 1.8.0-rc.0 - 2022-09-08
  

  Changed

  • Updated sha3 and sha3Raw type definition to accept Buffer (#5357)
  • Removing legacy field in lerna.json (#5403)
  • Correct eth_sendSignedTransaction code example (#5402)

  Fixed

  • Browser builds support polyfills (#5031) (#5053) (#4659) (#4767)
  • Update node version on actions to fix breaking mosaic test (#5354)
  • Start incrementing jsonrpc.id from random number (#5327)
  • web3-eth-contract's call and send methods no longer mutate options argument (#5394)
  • Improvement using provided gas options in web3-eth-accounts for eip-1559 transactions (#5012)

  Added

  • Add missing function type "receive" in AbiType (#5165)
  • Support of safe and finalized block tags added (#5410)
• 1.7.5 - 2022-08-01
  

  1.7.5

  Changed

  • Replace xhr2-cookies deps to cross-fetch for web3-providers-http (#5085)

  Added

  • Documentation details about maxFeePerGas and maxPriorityFeePerGas (#5121)
  • Added createAccessList types in web3.eth (#5146)

  Fixed

  • Improving AbstractProvider interface (#5150)
  • Fix typos in web3-eth-accounts.rst & TESTING.md (#5047)
  • Fix remove wallet using an index when an account address and address lowercase are equal (#5049)
  • Improve README.md & Fix typos (#4848)
  • Add optional hex formatting parameter for getTransactionrReceipt (#5153)
  • Fix transactionRoot -> transactionsRoot in BlockHeader (#5083)
  • Fix Promise in Accounts.signTransaction() throwing errors that cannot be caught (#4724)
  • Fixed unit tests & removed dead code for web3-providers-http (#5228)

  Security

  • Updated got lib version and fixed other libs using npm audit fix (#5178) (#5254)
• 1.7.5-rc.1 - 2022-07-19
  

  Fixed

  • Fixed unit tests & removed dead code for web3-providers-http (#5228) It fixed (#5235) and (#5236) Issues.
• 1.7.5-rc.0 - 2022-07-15
• 1.7.4 - 2022-06-21
• 1.7.4-rc.2 - 2022-06-16
• 1.7.4-rc.1 - 2022-06-08
• 1.7.4-rc.0 - 2022-05-17
• 1.7.3 - 2022-04-08
• 1.7.3-rc.0 - 2022-04-07
• 1.7.2 - 2022-04-07
• 1.7.2-rc.0 - 2022-03-24
• 1.7.1 - 2022-03-03
• 1.7.1-rc.0 - 2022-02-10
• 1.7.0 - 2022-01-17
• 1.7.0-rc.0 - 2021-12-09
• 1.6.1 - 2021-11-15

from web3 GitHub release notes

Commit messages

Package name: web3

• 65d27a5 Build for 1.8.1
• b3fd92e v1.8.1
• 751d85b Manual build commit for 1.8.1-rc.0
• b9b8a0c v1.8.1-rc.0
• 49dae94 npm i npm audit fix and changelog update
• 32b4c79 Add `removed` property to `Log` type (#4877) (#5576)
• b737d27 Update 1.x Dependencies (#5529)
• a7b5dea Update index.d.ts (#5260)
• c924148 Release 1.8.0 (#5421)
• f616e9f docs: Fix example of tx usage (#5402)
• 1052540 Adding Twitter button (#5415)
• 6311abe Merge block tags support 5199 (#5410)
• bd99127 4.x info messages in 1.x (#5412)
• a6ebb2a Nikos/5071/investigate signtransaction testcases (#5377)
• f07bae2 Update: using provided gas options for eip-1559 tx (#5012) (#5418)
• 67f7413 Fix: add missing function type "receive" (#5165) (#5417)
• edcd215 github actions update node version - changelog update (#5361)
• 97e604d update lerna.json (#5403)
• 0541faa Update contract class to not mutate options object (#5394)
• 0d38050 Start incrementing jsonrpc message id from random number (#5371)
• fce653d adding browser support polyfill (#5274)
• 4524ea0 Update `sha3` and `sha3Raw` type definitions to accept `Buffer` (#5357)
• 9f4e7c0 update node versions (#5354)
• d64a26a updating pull request template (#5310)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs