ERC2771Context: Return the forwarder address whenever the msg.data of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes), as specified by ERC-2771. (#4481)
ERC2771Context: Prevent revert in _msgData() when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes). Return the full calldata in that case. (#4484)
MerkleProof: Fix a bug in processMultiProof and processMultiProofCalldata that allows proving arbitrary leaves if the tree contains a node with value 0 at depth 1.
Governor: Add a mechanism to restrict the address of the proposer using a suffix in the description.
v4.9.0
ReentrancyGuard: Add a _reentrancyGuardEntered function to expose the guard status. (#3714)
ERC721Wrapper: add a new extension of the ERC721 token which wraps an underlying token. Deposit and withdraw guarantee that the ownership of each token is backed by a corresponding underlying token with the same identifier. (#3863)
EnumerableMap: add a keys() function that returns an array containing all the keys. (#3920)
Governor: add a public cancel(uint256) function. (#3983)
Governor: Enable timestamp operation for blockchains without a stable block time. This is achieved by connecting a Governor's internal clock to match a voting token's EIP-6372 interface. (#3934)
IERC5313: Add an interface for EIP-5313 that is now final. (#4013)
IERC4906: Add an interface for ERC-4906 that is now Final. (#4012)
StorageSlot: Add support for string and bytes. (#4008)
Votes, ERC20Votes, ERC721Votes: support timestamp checkpointing using EIP-6372. (#3934)
ERC4626: Add mitigation to the inflation attack through virtual shares and assets. (#3979)
Strings: add toString method for signed integers. (#3773)
ERC20Wrapper: Make the underlying variable private and add a public accessor. (#4029)
EIP712: add EIP-5267 support for better domain discovery. (#3969)
AccessControlDefaultAdminRules: Add an extension of AccessControl with additional security rules for the DEFAULT_ADMIN_ROLE. (#4009)
SignatureChecker: Add isValidERC1271SignatureNow for checking a signature directly against a smart contract using ERC-1271. (#3932)
SafeERC20: Add a forceApprove function to improve compatibility with tokens behaving like USDT. (#4067)
ERC1967Upgrade: removed contract-wide oz-upgrades-unsafe-allow delegatecall annotation, replaced by granular annotation in UUPSUpgradeable. (#3971)
ERC20Wrapper: self wrapping and deposit by the wrapper itself are now explicitly forbidden. (#4100)
ECDSA: optimize bytes32 computation by using assembly instead of abi.encodePacked. (#3853)
ERC721URIStorage: Emit ERC-4906 MetadataUpdate in _setTokenURI. (#4012)
ShortStrings: Added a library for handling short strings in a gas efficient way, with fallback to storage for longer strings. (#4023)
SignatureChecker: Allow return data length greater than 32 from EIP-1271 signers. (#4038)
UUPSUpgradeable: added granular oz-upgrades-unsafe-allow-reachable annotation to improve upgrade safety checks on latest version of the Upgrades Plugins (starting with @openzeppelin/upgrades-core@1.21.0). (#3971)
Initializable: optimize _disableInitializers by using != instead of <. (#3787)
Ownable2Step: make acceptOwnership public virtual to enable usecases that require overriding it. (#3960)
UUPSUpgradeable.sol: Change visibility to the functions upgradeTo and upgradeToAndCall from external to public. (#3959)
TimelockController: Add the CallSalt event to emit on operation schedule. (#4001)
Reformatted codebase with latest version of Prettier Solidity. (#3898)
ERC2771Context: Return the forwarder address whenever the msg.data of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes), as specified by ERC-2771. (#4481)
ERC2771Context: Prevent revert in _msgData() when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes). Return the full calldata in that case. (#4484)
4.9.2 (2023-06-16)
MerkleProof: Fix a bug in processMultiProof and processMultiProofCalldata that allows proving arbitrary leaves if the tree contains a node with value 0 at depth 1.
4.9.1 (2023-06-07)
Governor: Add a mechanism to restrict the address of the proposer using a suffix in the description.
4.9.0 (2023-05-23)
ReentrancyGuard: Add a _reentrancyGuardEntered function to expose the guard status. (#3714)
ERC721Wrapper: add a new extension of the ERC721 token which wraps an underlying token. Deposit and withdraw guarantee that the ownership of each token is backed by a corresponding underlying token with the same identifier. (#3863)
EnumerableMap: add a keys() function that returns an array containing all the keys. (#3920)
Governor: add a public cancel(uint256) function. (#3983)
Governor: Enable timestamp operation for blockchains without a stable block time. This is achieved by connecting a Governor's internal clock to match a voting token's EIP-6372 interface. (#3934)
IERC5313: Add an interface for EIP-5313 that is now final. (#4013)
IERC4906: Add an interface for ERC-4906 that is now Final. (#4012)
StorageSlot: Add support for string and bytes. (#4008)
Votes, ERC20Votes, ERC721Votes: support timestamp checkpointing using EIP-6372. (#3934)
ERC4626: Add mitigation to the inflation attack through virtual shares and assets. (#3979)
Strings: add toString method for signed integers. (#3773)
ERC20Wrapper: Make the underlying variable private and add a public accessor. (#4029)
EIP712: add EIP-5267 support for better domain discovery. (#3969)
AccessControlDefaultAdminRules: Add an extension of AccessControl with additional security rules for the DEFAULT_ADMIN_ROLE. (#4009)
SignatureChecker: Add isValidERC1271SignatureNow for checking a signature directly against a smart contract using ERC-1271. (#3932)
SafeERC20: Add a forceApprove function to improve compatibility with tokens behaving like USDT. (#4067)
ERC1967Upgrade: removed contract-wide oz-upgrades-unsafe-allow delegatecall annotation, replaced by granular annotation in UUPSUpgradeable. (#3971)
ERC20Wrapper: self wrapping and deposit by the wrapper itself are now explicitly forbidden. (#4100)
ECDSA: optimize bytes32 computation by using assembly instead of abi.encodePacked. (#3853)
ERC721URIStorage: Emit ERC-4906 MetadataUpdate in _setTokenURI. (#4012)
ShortStrings: Added a library for handling short strings in a gas efficient way, with fallback to storage for longer strings. (#4023)
SignatureChecker: Allow return data length greater than 32 from EIP-1271 signers. (#4038)
UUPSUpgradeable: added granular oz-upgrades-unsafe-allow-reachable annotation to improve upgrade safety checks on latest version of the Upgrades Plugins (starting with @openzeppelin/upgrades-core@1.21.0). (#3971)
Initializable: optimize _disableInitializers by using != instead of <. (#3787)
Ownable2Step: make acceptOwnership public virtual to enable usecases that require overriding it. (#3960)
UUPSUpgradeable.sol: Change visibility to the functions upgradeTo and upgradeToAndCall from external to public. (#3959)
TimelockController: Add the CallSalt event to emit on operation schedule. (#4001)
Reformatted codebase with latest version of Prettier Solidity. (#3898)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps @openzeppelin/contracts from 4.8.3 to 4.9.3.
Release notes
Sourced from
@openzeppelin/contracts's releases.... (truncated)
Changelog
Sourced from
@openzeppelin/contracts's changelog.... (truncated)
Commits
fd81a96Release v4.9.3 (#4482)70dea74Add changeset PR numberse4435eeAdjust ERC2771Context._msgData for msg.data.length < 20 (#4484)7ec712bMake ERC2771Context return original sender address ifmsg.data.length <= 20...d26025bFix error when running hardhat test with parameters (#4265)a54f639Update docs forSafeERC20.forceApprove(#4231)e50c24fRelease v4.9.2 (#4364)4d2383eMerge pull request from GHSA-wprv-93r4-jj2pf03420bRemove automatic conflict resolution for merge from release branch (#4362)ded8c9eUpdate index.adoc (#4336)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)