[Snyk] Fix for 1 vulnerabilities

[YoungTally]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	828/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.7	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-8187303	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: ethereum-input-data-decoder

The new version differs by 26 commits.

• a38601c Bump minor version
• 4769555 Bug fixes and use ethers AbiCoder to decode function data where possible
• c727af7 Bump version
• 587d7a0 Merge branch 'plutalov-master'
• 77249fa Remove the redundant dependency
• eb5bc44 Add real TypeScript definitions
• 1a2484b Bump version
• 863273a Merge branch 'roderik-master'
• 9469a28 fix: upgrade meow to fix CVE issues
• a19603a Bump version
• 0c012ff Merge branch 'alexcampbelling-fix/nested-tuple-array'
• 1613760 Merge branch 'fix/nested-tuple-array' of https://github.com/alexcampbelling/ethereum-input-data-decoder into alexcampbelling-fix/nested-tuple-array
• 3b89e05 Update package.json
• bfbd0c1 Merge branch 'NunoAlexandre-master'
• e4e4cf4 Make lib importable on typescript projects
• 2940c6e Typuple type to null
• 736e176 Comments
• b170a4a removed comments
• d54eea8 builds
• ff9b3e9 Cleaned up recursive base cases in which types were being indexed where they shouldn't be
• a9dd15c Semver match original style
• ed05ad0 Builds
• 4009c02 Recursive tuple strip and 2 new tests
• 47e5756 handle tuple array of arrays

See the full diff

Package name: solidity-bytes-utils

The new version differs by 41 commits.

• e93b867 Add deleted set of memory variables accidentally deleted with the last PR to master
• fa2792e Revert version constraints back to `^0.5.0` in order to enhance compatibility
• 425edac Merge branch 'master' into develop
• 7727420 Change truffle config file to always use the right compielr version
• 87e1c28 Add eth lint (R4R: add parameters to bind event to facilitate reconciliation bnb-chain/bsc-genesis-contract#30)
• 1b55da7 Revert "Publish to GitHub package manager"
• 0cfd42f Publish to GitHub package manager
• 8f91f5d Merge branch 'master' into develop
• e3d1f68 Fix for new truffle version breaking Codeship CI
• 8183d09 Merge branch 'master' into develop
• 5f91a80 Hotfix for correct EPM deployment
• cd17878 Bump version to 0.0.8
• 541c524 Update dependencies
• de03428 Merge branch 'master' into develop
• db88c30 Fix README with correct example of import from NPM
• 658e88b Implement toUintXX for 64, 96 and 128 bits (R4R: mark some methods as read only bnb-chain/bsc-genesis-contract#25)
• 3222bc1 Fix typo in package-lock.json
• 40adf99 Merge branch 'master' into develop
• 5741a27 Update dependency versions
• e177b3b Bump version in package-lock.json
• 5670587 Bump version to v0.0.7
• 9df9e9b Update package-lock.json
• d942a00 (WIP) Upgrade to Solidity v0.5.0 ([Snyk] Security upgrade elliptic from 6.5.3 to 6.6.0 #21)
• 4f5a1a9 Merge branch 'develop' of github.com:GNSPS/solidity-bytes-utils into develop

See the full diff

Package name: web3

The new version differs by 250 commits.

• c8799b0 changelog bumps
• 50a2469 version bumps
• 09f4c8b Fix validation uint int sizes (#6434)
• 226b3ba 6508 fix (#6509)
• 70d1957 Add functionality to extend tx types (#6493)
• 10d1f12 socket provider fix 6416 (#6496)
• 42502b6 Avoid using `**` with `BigInt` (#6506)
• e760667 update tests (#6474)
• 6e43d1b Fix typos (#6494)
• b38f00d getRevertReason update for signed Txs (#6497)
• 9a5fd87 fix: web3.min.js cdn 404 (#6489)
• 4879326 Implement `EventEmitter` compatible with browsers (#6398)
• ae98628 Bump postcss from 8.4.24 to 8.4.31 in /docs (#6476)
• 6d99cd0 waitForTransactionReceipt fix (#6464)
• 0e78235 Bump zod from 3.21.4 to 3.22.3 (#6477)
• 80986bb fix stale (#6473)
• 9b03f9d Fixed withdrawals property type bytes to address (#6471)
• 90d78c1 add privateKeyToPublicKey function to accounts (#6466)
• bfcbea8 Bump cross-fetch to version 4 (#6463)
• 4b445ae Fixup base fee type (#6456)
• 3060994 6344 - normalize v on recover (#6462)
• c490c18 feat: replace ethers abi coder with ours (#6385)
• b8fa712 fix: timer types to be context dependent (#6460)
• 80adabe make default transaction 0x2 (#6426)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.