X-oss-byte · 2024-09-22T21:53:24Z

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

regenerator-runtime
from 0.13.7 to 0.14.0 | 5 versions ahead of your current version | a year ago
on 2023-08-04
@ethereumjs/util
from 8.0.6 to 8.1.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
@ethereumjs/common
from 3.1.2 to 3.2.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
@ethereumjs/tx
from 4.1.2 to 4.2.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
@ethereumjs/block
from 4.2.2 to 4.3.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
@ethereumjs/evm
from 1.3.2 to 1.4.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
@ethereumjs/statemanager
from 1.0.5 to 1.1.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
@ethereumjs/vm
from 6.4.2 to 6.5.0 | 1 version ahead of your current version | a year ago
on 2023-06-20
ws
from 7.5.5 to 7.5.10 | 5 versions ahead of your current version | 3 months ago
on 2024-06-16
@ethersphere/bee-js
from 3.2.0 to 3.3.4 | 8 versions ahead of your current version | 2 years ago
on 2022-04-12
@isomorphic-git/lightning-fs
from 4.4.1 to 4.6.0 | 2 versions ahead of your current version | 2 years ago
on 2022-03-30
@openzeppelin/contracts
from 4.8.3 to 4.9.6 | 9 versions ahead of your current version | 7 months ago
on 2024-02-29
bn.js
from 5.2.0 to 5.2.1 | 1 version ahead of your current version | 2 years ago
on 2022-05-24
@openzeppelin/upgrades-core
from 1.22.0 to 1.37.0 | 38 versions ahead of your current version | 25 days ago
on 2024-08-28
@openzeppelin/wizard
from 0.2.0 to 0.4.3 | 8 versions ahead of your current version | 5 months ago
on 2024-04-08
@remixproject/plugin-utils
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@remixproject/plugin-api
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@remixproject/engine
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@remixproject/engine-web
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@remixproject/plugin
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@remixproject/plugin-webview
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@remixproject/plugin-ws
from 0.3.33 to 0.3.208 | 11 versions ahead of your current version | 3 years ago
on 2021-09-14
@types/nightwatch
from 2.3.1 to 2.3.31 | 30 versions ahead of your current version | 7 months ago
on 2024-02-21
@walletconnect/ethereum-provider
from 2.6.2 to 2.15.2 | 225 versions ahead of your current version | 23 days ago
on 2024-08-30
@walletconnect/sign-client
from 2.6.0 to 2.15.2 | 233 versions ahead of your current version | 23 days ago
on 2024-08-30
@web3modal/ethereum
from 2.2.2 to 2.7.1 | 43 versions ahead of your current version | a year ago
on 2023-07-26
@web3modal/standalone
from 2.2.2 to 2.4.3 | 21 versions ahead of your current version | a year ago
on 2023-06-05
@web3modal/react
from 2.2.2 to 2.7.1 | 43 versions ahead of your current version | a year ago
on 2023-07-26
axios
from 1.1.2 to 1.7.7 | 39 versions ahead of your current version | 22 days ago
on 2024-08-31
bootstrap
from 5.2.2 to 5.3.3 | 8 versions ahead of your current version | 7 months ago
on 2024-02-20
brace
from 0.8.0 to 0.11.1 | 5 versions ahead of your current version | 7 years ago
on 2018-02-14
tslib
from 2.3.1 to 2.7.0 | 11 versions ahead of your current version | a month ago
on 2024-08-23
commander
from 9.4.1 to 9.5.0 | 1 version ahead of your current version | 2 years ago
on 2023-01-07
core-js
from 3.18.2 to 3.38.1 | 63 versions ahead of your current version | a month ago
on 2024-08-20
deep-equal
from 1.1.1 to 1.1.2 | 1 version ahead of your current version | 10 months ago
on 2023-11-09
document-register-element
from 1.13.1 to 1.14.10 | 13 versions ahead of your current version | 4 years ago
on 2020-10-07
eslint-config-prettier
from 8.5.0 to 8.10.0 | 5 versions ahead of your current version | a year ago
on 2023-08-03
express
from 4.18.2 to 4.19.2 | 4 versions ahead of your current version | 6 months ago
on 2024-03-25
formik
from 2.2.9 to 2.4.6 | 11 versions ahead of your current version | 5 months ago
on 2024-04-24
html-react-parser
from 3.0.4 to 3.0.16 | 12 versions ahead of your current version | a year ago
on 2023-04-21
isomorphic-git
from 1.10.1 to 1.27.1 | 57 versions ahead of your current version | 2 months ago
on 2024-07-09
jquery
from 3.6.0 to 3.7.1 | 6 versions ahead of your current version | a year ago
on 2023-08-28
jszip
from 3.8.0 to 3.10.1 | 4 versions ahead of your current version | 2 years ago
on 2022-08-02
prettier
from 2.8.4 to 2.8.8 | 4 versions ahead of your current version | a year ago
on 2023-04-23
prettier-plugin-solidity
from 1.0.0-beta.24 to 1.4.1 | 16 versions ahead of your current version | a month ago
on 2024-08-18
react-bootstrap
from 1.6.4 to 1.6.8 | 4 versions ahead of your current version | 9 months ago
on 2023-12-22
react-draggable
from 4.4.5 to 4.4.6 | 1 version ahead of your current version | a year ago
on 2023-09-27
react-intl
from 6.0.4 to 6.6.8 | 42 versions ahead of your current version | 4 months ago
on 2024-05-19
react-markdown
from 8.0.5 to 8.0.7 | 2 versions ahead of your current version | a year ago
on 2023-04-12
react-multi-carousel
from 2.8.2 to 2.8.5 | 3 versions ahead of your current version | 6 months ago
on 2024-03-30
react-router-dom
from 6.3.0 to 6.26.1 | 148 versions ahead of your current version | a month ago
on 2024-08-15
react-zoom-pan-pinch
from 3.0.2 to 3.6.1 | 19 versions ahead of your current version | 3 months ago
on 2024-07-01
rss-parser
from 3.12.0 to 3.13.0 | 1 version ahead of your current version | a year ago
on 2023-04-11
sol2uml
from 2.4.3 to 2.5.20 | 21 versions ahead of your current version | 10 months ago
on 2023-11-27
svg2pdf.js
from 2.2.1 to 2.2.4 | 3 versions ahead of your current version | 3 months ago
on 2024-06-17
ts-loader
from 9.2.6 to 9.5.1 | 12 versions ahead of your current version | 10 months ago
on 2023-11-15
wagmi
from 0.12.7 to 0.12.19 | 18 versions ahead of your current version | a year ago
on 2023-07-12
web3
from 1.8.2 to 1.10.4 | 11 versions ahead of your current version | 8 months ago
on 2024-02-05
winston
from 3.3.3 to 3.14.2 | 20 versions ahead of your current version | a month ago
on 2024-08-14

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Prototype Pollution SNYK-JS-AXIOS-6144788	375	No Known Exploit
Prototype Pollution SNYK-JS-AXIOS-6144788	375	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-GETFUNCNAME-5923417	375	Proof of Concept
Improper Restriction of Operations within the Bounds of a Memory Buffer SNYK-JS-SOLANAWEB3JS-6647564	375	No Known Exploit
Out-of-bounds Read SNYK-JS-OPENZEPPELINCONTRACTS-6346765	375	No Known Exploit
Improper Input Validation SNYK-JS-OPENZEPPELINCONTRACTS-5711902	375	No Known Exploit
Improper Encoding or Escaping of Output SNYK-JS-OPENZEPPELINCONTRACTS-5838352	375	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	375	Proof of Concept
Prototype Pollution SNYK-JS-XML2JS-5414874	375	Proof of Concept
Missing Authorization SNYK-JS-OPENZEPPELINCONTRACTS-5672116	375	No Known Exploit

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade: - regenerator-runtime from 0.13.7 to 0.14.0. See this package in yarn: - @ethereumjs/util from 8.0.6 to 8.1.0. See this package in yarn: - @ethereumjs/common from 3.1.2 to 3.2.0. See this package in yarn: - @ethereumjs/tx from 4.1.2 to 4.2.0. See this package in yarn: - @ethereumjs/block from 4.2.2 to 4.3.0. See this package in yarn: - @ethereumjs/evm from 1.3.2 to 1.4.0. See this package in yarn: - @ethereumjs/statemanager from 1.0.5 to 1.1.0. See this package in yarn: - @ethereumjs/vm from 6.4.2 to 6.5.0. See this package in yarn: - ws from 7.5.5 to 7.5.10. See this package in yarn: - @ethersphere/bee-js from 3.2.0 to 3.3.4. See this package in yarn: - @isomorphic-git/lightning-fs from 4.4.1 to 4.6.0. See this package in yarn: - @openzeppelin/contracts from 4.8.3 to 4.9.6. See this package in yarn: - bn.js from 5.2.0 to 5.2.1. See this package in yarn: - @openzeppelin/upgrades-core from 1.22.0 to 1.37.0. See this package in yarn: - @openzeppelin/wizard from 0.2.0 to 0.4.3. See this package in yarn: - @remixproject/plugin-utils from 0.3.33 to 0.3.208. See this package in yarn: - @remixproject/plugin-api from 0.3.33 to 0.3.208. See this package in yarn: - @remixproject/engine from 0.3.33 to 0.3.208. See this package in yarn: - @remixproject/engine-web from 0.3.33 to 0.3.208. See this package in yarn: - @remixproject/plugin from 0.3.33 to 0.3.208. See this package in yarn: - @remixproject/plugin-webview from 0.3.33 to 0.3.208. See this package in yarn: - @remixproject/plugin-ws from 0.3.33 to 0.3.208. See this package in yarn: - @types/nightwatch from 2.3.1 to 2.3.31. See this package in yarn: - @walletconnect/ethereum-provider from 2.6.2 to 2.15.2. See this package in yarn: - @walletconnect/sign-client from 2.6.0 to 2.15.2. See this package in yarn: - @web3modal/ethereum from 2.2.2 to 2.7.1. See this package in yarn: - @web3modal/standalone from 2.2.2 to 2.4.3. See this package in yarn: - @web3modal/react from 2.2.2 to 2.7.1. See this package in yarn: - axios from 1.1.2 to 1.7.7. See this package in yarn: - bootstrap from 5.2.2 to 5.3.3. See this package in yarn: - brace from 0.8.0 to 0.11.1. See this package in yarn: - tslib from 2.3.1 to 2.7.0. See this package in yarn: - commander from 9.4.1 to 9.5.0. See this package in yarn: - core-js from 3.18.2 to 3.38.1. See this package in yarn: - deep-equal from 1.1.1 to 1.1.2. See this package in yarn: - document-register-element from 1.13.1 to 1.14.10. See this package in yarn: - eslint-config-prettier from 8.5.0 to 8.10.0. See this package in yarn: - express from 4.18.2 to 4.19.2. See this package in yarn: - formik from 2.2.9 to 2.4.6. See this package in yarn: - html-react-parser from 3.0.4 to 3.0.16. See this package in yarn: - isomorphic-git from 1.10.1 to 1.27.1. See this package in yarn: - jquery from 3.6.0 to 3.7.1. See this package in yarn: - jszip from 3.8.0 to 3.10.1. See this package in yarn: - prettier from 2.8.4 to 2.8.8. See this package in yarn: - prettier-plugin-solidity from 1.0.0-beta.24 to 1.4.1. See this package in yarn: - react-bootstrap from 1.6.4 to 1.6.8. See this package in yarn: - react-draggable from 4.4.5 to 4.4.6. See this package in yarn: - react-intl from 6.0.4 to 6.6.8. See this package in yarn: - react-markdown from 8.0.5 to 8.0.7. See this package in yarn: - react-multi-carousel from 2.8.2 to 2.8.5. See this package in yarn: - react-router-dom from 6.3.0 to 6.26.1. See this package in yarn: - react-zoom-pan-pinch from 3.0.2 to 3.6.1. See this package in yarn: - rss-parser from 3.12.0 to 3.13.0. See this package in yarn: - sol2uml from 2.4.3 to 2.5.20. See this package in yarn: - svg2pdf.js from 2.2.1 to 2.2.4. See this package in yarn: - ts-loader from 9.2.6 to 9.5.1. See this package in yarn: - wagmi from 0.12.7 to 0.12.19. See this package in yarn: - web3 from 1.8.2 to 1.10.4. See this package in yarn: - winston from 3.3.3 to 3.14.2. See this package in yarn: See this project in Snyk: https://app.snyk.io/org/sammyfilly/project/ddd5bfcf-a909-4183-85cd-0e76e9e36279?utm_source=github&utm_medium=referral&page=upgrade-pr

stackblitz · 2024-09-22T21:53:27Z

Run & review this pull request in StackBlitz Codeflow.

changeset-bot · 2024-09-22T21:53:27Z

⚠️ No Changeset found

Latest commit: ce46f7e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

sourcery-ai

We have skipped reviewing this pull request. It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!

sourcery-ai bot reviewed Sep 22, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

X-oss-byte commented Sep 22, 2024

stackblitz bot commented Sep 22, 2024

changeset-bot bot commented Sep 22, 2024

sourcery-ai bot left a comment

Are you sure you want to change the base?

Conversation