Skip to content

[Snyk] Upgrade ethers from 5.0.26 to 5.4.7 #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
snyk-bot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade ethers from 5.0.26 to 5.4.7 #178

snyk-bot wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented Oct 25, 2021

Snyk has created this PR to upgrade ethers from 5.0.26 to 5.4.7.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 22 versions ahead of your current version.
  • The recommended version was released a month ago, on 2021-09-16.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: ethers
  • 5.4.7 - 2021-09-16

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-sZE9Fv4ksabiit2R12RbENLCRop5vpbBt6dZPJwM6l+1L0fAm8Q45psc7tmp7mi/"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.7.umd.min.js">
</script>
  • 5.4.6 - 2021-08-27
    • Temporarily remove the block miner for clique-based networks from CI testing. (#1967; 8320d53)
    • More readable errors involving Uint8Arrays. (b6a061e)
    • Added Deferred Error support to Description objects to extent Interface parse methods. (#1894; a662490)
    • Fix address coder to prepare non-hexdatastring addresses as hexdatastring. (#1906; 017b1fe)
    • Removed temporary code for better errors needed until Alchemy added EIP-1559 support. (#1893; accb852)

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-jaqCQEyTaqkzVimN6ycsv5kLSWUSF2ONLspf9q2ETyrm6vav2RnRxhxik5dPc3zP"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.6.umd.min.js">
</script>
  • 5.4.5 - 2021-08-18
    • Fxied getBlockWithTransactions results (1858). (78e4273)

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-NvZDg6ALAelzcNNdjR3jfJwpEPg50zAPV5PB5BV1zx/+KF48DYHNKeUCllqDNjKj"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.5.umd.min.js">
</script>
  • 5.4.4 - 2021-08-05
    • Fixed Etherscan API key in default provider. (#1807; 1d27d95)
    • Adjust default masPriorityFeePerGas to account for MEV-heavy blocks. (#1817; 7175e2e)

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-+zmUPvri3U8M4vN+Wf/Hp9TW5FZAEnEBnyiQ5/nJm/Bm5GjzrLGiDt36mx2uIVmr"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.4.umd.min.js">
</script>
  • 5.4.3 - 2021-07-30
    • Fixed JsonRpcProvider for pre-EIP-2930 chains. (#1766; 7274cd0)
    • Forward some missing EIP-1559 fields to call and estimateGas. (#1766; be3854e)
    • Fixed possible UnhandledPromiseException for bad ENS names. (63f8b28)
    • Prevent overriding value for non-payble constructors. (#1785; 593b488)

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-vsz9YA+ULlESA0434y8k25Vio7Dzn/cFXLqZT+Dk4qv2IMESrfJqqlIws85A9n2g"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.3.umd.min.js">
</script>
  • 5.4.2 - 2021-07-23
    • Fix test case for new transactions responses. (0aafca7)
    • Added matic support to INFURA and Alchemy. (#1546; 576e9b5)
    • Added string change to coalesce errors on some clients. (bc5cc2e)
    • Added wait to transactions returned by getBlockWithTransactions. (#971; 660e69d)
    • Fixed floor, ceiling and round for FixedNumber for non-default Formats. (#1749; 551cfa0)
    • Fixed null confirmations in Wallet transaction. (#1706; 0f0d0c0)
    • Fixed Etherscan string change and enabled all tests. (a1f8d18)

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-E3C8Sq6evrXkqc76OyCo0CoYAb/wRJnUekj79DC85Soudd4+MuAPY0VzpQYzhY68"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.2.umd.min.js">
</script>
  • 5.4.1 - 2021-07-03
    • Added Pocket back into Homestead defaultProvider and skip certain EtherscanProvider tests affected by outage. (6e8a39e)
    • Fixed EtherscanProvider NONCE_EXPIRED matching string update. (ecae793)
    • Fixed explicit EIP-1559 keys for JsonRpcSigner. (72feee8)

    Embedding UMD with SRI:

    <script type="text/javascript"
        integrity="sha384-xA6XksA+S81KMKVo5shbejvuHxb0UMBTEG1c2ifc8SsBJKISpURzwy2Y8dDo0fli"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.1.umd.min.js">
</script>
  • 5.4.0 - 2021-06-26
  • 5.3.1 - 2021-06-11
  • 5.3.0 - 2021-06-01
  • 5.2.0 - 2021-05-20
  • 5.1.4 - 2021-04-26
  • 5.1.3 - 2021-04-20
  • 5.1.2 - 2021-04-19
  • 5.1.1 - 2021-04-18
  • 5.1.0 - 2021-03-30
  • 5.0.32 - 2021-03-08
  • 5.0.31 - 2021-02-13
  • 5.0.30 - 2021-02-09
  • 5.0.29 - 2021-02-03
  • 5.0.28 - 2021-02-03
  • 5.0.27 - 2021-02-01
  • 5.0.26 - 2021-01-14
from ethers GitHub release notes
Commit messages
Package name: ethers
  • 4166b27 Updated dist files.
  • 32a6b2a Fix parseUints with excess zeros and fix ReDoS issue (#2016, #1975, #1976).
  • f2a32d0 docs: added provider.FeeData
  • 5762a1f updated dist files.
  • 8320d53 Temporarily remove the block miner for clique-based networks from CI testing (#1967).
  • c41b89a updated dist files.
  • b6a061e More readable errors involving Uint8Arrays.
  • a662490 Added Deferred Error support to Description objects to extent Interface parse methods (#1894).
  • bdb54ac docs: added cookbook entry to compute raw transaction (#1857).
  • 32a90b6 docs: added Alchemy tutorial
  • 95b87f6 docs: added BigNumber.toBigInt (#1799).
  • 017b1fe Fix address coder to prepare non-hexdatastring addresses as hexdatastring (#1906).
  • accb852 Removed temporary code for better errors needed until Alchemy added EIP-1559 support (#1893).
  • f0b3bc3 Updated dist files.
  • 78e4273 Fxied getBlockWithTransactions results (1858).
  • dd09bf0 docs: dded code examples for Contract (#982).
  • 4b163e9 docs: added dynamic localSigner
  • aacb95c docs: added struct encoding example (#1147, #1301, #1302).
  • e6315a6 docs: remove need to restart dev node after each run.
  • 3ac91a4 docs: added StaticJsonRpcProvider (#1514, #1531).
  • 2dd5c1a docs: Fixed topicset example (#1538).
  • 2653449 docs: updated transactions for EIP-1559.
  • cddb038 docs: added API for custom error coding.
  • e80f8dd docs: updates for EIP-1559 (#1777).

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot snyk-bot requested a review from a team October 25, 2021 23:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snyk-bot