Bump undici, @nomiclabs/hardhat-etherscan and hardhat in /packages/staking

[dependabot[bot]]

Bumps undici, @nomiclabs/hardhat-etherscan and hardhat. These dependencies needed to be updated together. Updates undici from 4.16.0 to 5.9.1

Release notes

Sourced from undici's releases.

v5.9.1

What's Changed

• fix: don't timeout while waiting for client to send request (#1604)
• Fix array headers by @​mateonunez in nodejs/undici#1598
• fix(fetch): implement fully read body algorithm by @​KhafraDev in nodejs/undici#1597
• fix: add support for integrity option to Fetch by @​jelmervdl in nodejs/undici#1596
• fix(File): respect typed array byteOffset and byteLength by @​mrbbot in nodejs/undici#1601

New Contributors

• @​mateonunez made their first contribution in nodejs/undici#1598
• @​jelmervdl made their first contribution in nodejs/undici#1596
• @​mrbbot made their first contribution in nodejs/undici#1601

Full Changelog: https://github.com/nodejs/undici/compare/v5.8.2...v5.9.1

v5.8.2

⚠️ Security Release ⚠️

• CRLF Injection in Nodejs ‘undici’ via Content-Type GHSA-f772-66g8-q5h3 CVE-2022-35948
• undici.request vulnerable to SSRF using absolute URL on pathname GHSA-8qr4-xgw6-wmr3 CVE-2022-35949

What's Changed

• docs: mock different endpoints in a single file by @​ritvik130 in nodejs/undici#1589
• feat(webidl): better error message for ByteString converter by @​KhafraDev in nodejs/undici#1591

New Contributors

• @​ritvik130 made their first contribution in nodejs/undici#1589

Full Changelog: https://github.com/nodejs/undici/compare/v5.8.1...v5.8.2

v5.8.1

What's Changed

• Do not decode the body while we are following a redirect by @​mcollina in nodejs/undici#1554
• docs: Fix spelling/grammar in "Mocking Request" by @​meyfa in nodejs/undici#1555
• fix(MockInterceptor): callback options.headers w/ fetch by @​KhafraDev in nodejs/undici#1559
• fix(fetch): ByteString checks & conversion in Headers by @​KhafraDev in nodejs/undici#1560
• test: update client certificates with ones that expires in 100 years by @​jodevsa in nodejs/undici#1566
• fix: x-www-form-urlencoded parser keep the BOM by @​cola119 in nodejs/undici#1563
• fix: prioritise error events over timeouts by @​jodevsa in nodejs/undici#1551
• fix: add isErrorLike by @​KhafraDev in nodejs/undici#1570
• fix(types): add missing pool stats by @​SkeLLLa in nodejs/undici#1573
• fix: fetch a long base64 url will crash and nothing happens (close: #1574) by @​ahaoboy in nodejs/undici#1575
• fix: follow signal.reason in Request by @​LiviaMedeiros in nodejs/undici#1580
• docs: Fix DiagnosticsChannel sidebar link by @​trentm in nodejs/undici#1582
• fix: make mock headers case-insensitive by @​cola119 in nodejs/undici#1585

New Contributors

• @​meyfa made their first contribution in nodejs/undici#1555
• @​cola119 made their first contribution in nodejs/undici#1563
• @​SkeLLLa made their first contribution in nodejs/undici#1573

... (truncated)

Commits

• 5890e16 5.9.1
• ecae314 fix: don't timeout while waiting for client to send request (#1604)
• fa9fd90 fix(File): respect typed array byteOffset and byteLength (#1601)
• ae6f554 fix: add support for integrity option to Fetch (#1596)
• deed628 fix(fetch): implement fully read body algorithm (#1597)
• 0d1419c Fix array headers (#1598)
• 52d1ce5 Bumped v5.8.2
• 66165d6 Merge pull request from GHSA-f772-66g8-q5h3
• 124f7eb Merge pull request from GHSA-8qr4-xgw6-wmr3
• aef314c feat(webidl): better error message for ByteString converter (#1591)
• Additional commits viewable in compare view

Updates @nomiclabs/hardhat-etherscan from 3.0.4 to 3.1.0

Release notes

Sourced from @​nomiclabs/hardhat-etherscan's releases.

@​nomiclabs/hardhat-etherscan v3.1.0

This release adds support for verifying contracts in chains that are not included by default in hardhat-etherscan.

To do this, you add the network you want to verify in the customChains entry of the Etherscan configuration:

etherscan: {
  apiKey: {
    customNetwork: "<custom-network-api-key>"
  },
  customChains: [
    {
      network: "customNetwork",
      chainId: 12345,
      urls: {
        apiURL: "https://api-custom-network.etherscan.io/api",
        browserURL: "https://custom-network.etherscan.io"
      }
    }
  ]
}

You can read more about this here.

Thanks to @​no2chem for the initial implementation and to @​calvinaco who helped test this.

Commits

• ebde426 Version Packages
• fb33e8b Merge pull request #2805 from NomicFoundation/export-missing-artifacts-method
• 3770a5b Expose missing method in the artifacts interface
• 64456a0 Merge pull request #2661 from NomicFoundation/hardhat-etherscan-custom-explorer
• 990b1f7 Merge pull request #2763 from NomicFoundation/francovictorio/hh-697/test-util...
• 50e29e4 Add warnings about beta version
• bbe43b1 Add installation instructions
• 575239c Merge pull request #2793 from NomicFoundation/gene/hh-696
• 980f3a4 Use multiple lines in example snippets
• 8dcddeb ran lint:fix
• Additional commits viewable in compare view

Updates hardhat from 2.9.7 to 2.10.2

Release notes

Sourced from hardhat's releases.

Hardhat v2.10.2

This version adds support for Solidity versions up through 0.8.16. Besides that:

• Now console.log() prints an empty line instead of printing undefined.
• The "Unrecognized custom error" message includes the selector of the custom error.

Hardhat v2.10.1

This version improves how propagated Solidity errors are processed by Hardhat (issue #2546).

Hardhat 2.10.0: A refreshed experience

Hardhat 2.10.0 is out, and it marks a change in the product direction that Hardhat has historically taken.

Hardhat’s core values have always been optionality, flexibility and extensibility, enabling it to be used in whatever ways were needed and found to be useful. However, as we described in this thread, the Ethereum and Hardhat development ecosystems grew too large for easy navigation among the many different paths and viable options.

While retaining those core values, Hardhat 2.10.0 now offers a complete and opinionated setup that is ready to start building Ethereum software out-of-the-box. No decisions on plugins, libraries, or dependencies. Just get going.

We’re calling this the Hardhat Toolbox, which is a bundle of plugins and functionality that the Nomic Foundation team considers to be the best way to get started with a new Ethereum project. Read on to learn more about it.

Hardhat Toolbox

You can get our recommended setup by installing the @nomicfoundation/hardhat-toolbox plugin.

When you use this plugin, you'll be able to:

• Deploy and interact with your contracts using ethers.js and the hardhat-ethers plugin.
• Test your contracts with Mocha, Chai and our own Hardhat Chai Matchers plugin.
• Interact with Hardhat Network with our Hardhat Network Helpers.
• Verify the source code of your contracts with the hardhat-etherscan plugin.
• Get metrics on the gas used by your contracts with the hardhat-gas-reporter plugin.
• Measure your tests coverage with solidity-coverage.
• And, if you are using TypeScript, get type bindings for your contracts with Typechain.

You can learn how to migrate to it here.

Hardhat Chai Matchers

@nomicfoundation/hardhat-chai-matchers is a drop-in replacement of @nomiclabs/hardhat-waffle that integrates more tightly with Hardhat, adds new functionality and improves its error messages. We recommend migrating to it.

Since the very beginning, we’ve recommended that people use Waffle, via hardhat-waffle, and we thank the team at TrueFi for their great work. However, for such a core component of the setup, there were too many recurring issues related to not being integrated deeply enough with Hardhat. For this reason, we decided to fork Waffle and release our own Chai matchers.

Some of its functionality and improvements:

• All of hardhat-waffle’s matchers are supported
• Great support for BigNumber and native bigint
  • No need to think about them anymore
  • Our matchers can compare any combination of
    • number
    • Native bigint
    • ethers.BigNumber
    • BN.js

... (truncated)

Commits

• 3e55c74 Version Packages
• 68cc513 Merge pull request #3044 from NomicFoundation/changeset-sol-v0.8.16
• 4b20a74 Update tricky-horses-talk.md
• 3e3fe7b Add changeset for support of Solidity 0.8.16
• 5beaf0b Merge pull request #3026 from NomicFoundation/gene/hh-434
• 85bd04e Merge pull request #2973 from NomicFoundation/gene/hh-973
• 3644e3a Merge pull request #3010 from wchargin/wchargin-hardhat-common-peer-dep
• 36ca875 Create popular-fishes-doubt.md
• e4ed14f Merge pull request #3032 from NomicFoundation/gene/hh-1043
• 3be1ded allow manual triggering of tracing CI test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Loopring/protocols/network/alerts).

[dependabot[bot]]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.