forked from ethereum/EIPs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit 69ed481
authored
[Snyk] Upgrade @openzeppelin/contracts from 4.9.3 to 5.0.0 (#162)
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>
*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **25 days ago**, on 2023-10-05.
<details>
<summary><b>Release notes</b></summary>
<br/>
<details>
<summary>Package name: <b>@openzeppelin/contracts</b></summary>
<ul>
<li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
</li>
<li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
</li>
<li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
</li>
<li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
</li>
<li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
</li>
</ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
</details>
</details>
<hr/>
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkM2Y0NDNhOS0xM2JkLTRhOWItOTNhYi0zZWE4NmM3MDYzNzEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQzZjQ0M2E5LTEzYmQtNGE5Yi05M2FiLTNlYTg2YzcwNjM3MSJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3/settings/integration?pkg=@openzeppelin/contracts&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
<!---
(snyk:metadata:{"prId":"d3f443a9-13bd-4a9b-93ab-3ea86c706371","prPublicId":"d3f443a9-13bd-4a9b-93ab-3ea86c706371","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"97d3c9a5-5005-4014-a95a-0055ab1eadd3","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->1 file changed
+1
-1
lines changedassets/eip-5007/package.json
Copy file name to clipboardExpand all lines: assets/eip-5007/package.json+1-1
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
| 4 | + | |
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| |||
0 commit comments