Closed legobeat closed 1 year ago
New dependency changes detected. Learn more about Socket for GitHub ↗︎
👍 No new dependency issues detected in pull request
To ignore an alert, reply with a comment starting with @SocketSecurity ignore
followed by a space separated list of package-name@version
specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@*
or ignore all packages with @SocketSecurity ignore-all
Issue | Status |
---|---|
Install scripts | ✅ 0 issues |
Native code | ✅ 0 issues |
Bin script shell injection | ✅ 0 issues |
Unresolved require | ✅ 0 issues |
Invalid package.json | ✅ 0 issues |
HTTP dependency | ✅ 0 issues |
Git dependency | ✅ 0 issues |
Potential typo squat | ✅ 0 issues |
Known Malware | ✅ 0 issues |
Telemetry | ✅ 0 issues |
Protestware/Troll package | ✅ 0 issues |
📊 Modified Dependency Overview:
⬆️ Updated Package | Version Diff | Added Capability Access | +/- Transitive Count |
Publisher |
---|---|---|---|---|
human-standard-token-abi@2.0.0 | 1.0.2...2.0.0 | None | +0/-0 |
danfinlay |
I don't know the context for the decimals
type change from uint8
to uint256
, but the tests seem to indicate that this token tracker will still work correctly with tokens that have uint8
decimals. So I'm guessing this will add support for contracts that have decimals larger than uint8
can support, without breaking support for any that worked before.
This would effectively dedupe the dependency in
metamask-extension
.