Closed legobeat closed 11 months ago
socket-security[bot]
commented
11 months ago New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
| Packages | Version | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|---|
| @cypress/request | 3.0.0 | environment | +9 |
743 kB | cypress-npm-publisher |
🚮 Removed packages: web3-provider-engine@16.0.5
socket-security[bot]
commented
11 months ago 👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎
This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.
Ignoring: querystringify@2.2.0, http-signature@1.3.6
Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.
If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all
legobeat
commented
11 months ago @SocketSecurity ignore querystringify@2.2.0
@SocketSecurity ignore http-signature@1.3.6Leftover from #441
legobeat
commented
11 months ago https://github.com/MetaMask/web3-provider-engine/releases/tag/v16.0.6
npm notice package: web3-provider-engine@16.0.6
npm notice === Tarball Contents ===
npm notice 1.1kB LICENSE
npm notice 291B .eslintrc.js
npm notice 144B dist/es5/util/assert.js
npm notice 138B util/assert.js
npm notice 1.8kB dist/es5/util/async.js
npm notice 1.7kB util/async.js
npm notice 4.4kB dist/es5/subproviders/cache.js
npm notice 376B subproviders/cache.js
npm notice 281B dist/es5/util/create-payload.js
npm notice 270B util/create-payload.js
npm notice 559B dist/es5/subproviders/default-fixture.js
npm notice 545B subproviders/default-fixture.js
npm notice 595B dist/es5/util/estimate-gas.js
npm notice 584B util/estimate-gas.js
npm notice 7.3kB dist/es5/subproviders/etherscan.js
npm notice 7.2kB subproviders/etherscan.js
npm notice 4.4kB dist/es5/subproviders/fetch.js
npm notice 356B subproviders/fetch.js
npm notice 4.4kB dist/es5/subproviders/filters.js
npm notice 363B subproviders/filters.js
npm notice 857B dist/es5/subproviders/fixture.js
npm notice 807B subproviders/fixture.js
npm notice 2.4kB dist/es5/subproviders/gasprice.js
npm notice 2.3kB subproviders/gasprice.js
npm notice 2.6kB dist/es5/subproviders/hooked-wallet-ethtx.js
npm notice 2.5kB subproviders/hooked-wallet-ethtx.js
npm notice 23.8kB dist/es5/subproviders/hooked-wallet.js
npm notice 22.8kB subproviders/hooked-wallet.js
npm notice 7.5kB dist/es5/index.js
npm notice 7.4kB index.js
npm notice 4.4kB dist/es5/subproviders/inflight-cache.js
npm notice 342B subproviders/inflight-cache.js
npm notice 4.4kB dist/es5/subproviders/infura.js
npm notice 324B subproviders/infura.js
npm notice 1.6kB dist/es5/subproviders/ipc.js
npm notice 1.6kB subproviders/ipc.js
npm notice 6.2kB dist/es5/subproviders/json-rpc-engine-middleware.js
npm notice 1.9kB subproviders/json-rpc-engine-middleware.js
npm notice 2.7kB dist/es5/subproviders/nonce-tracker.js
npm notice 2.6kB subproviders/nonce-tracker.js
npm notice 788B dist/es5/subproviders/provider.js
npm notice 765B subproviders/provider.js
npm notice 865.0kB dist/ProviderEngine.js
npm notice 154B dist/es5/util/random-id.js
npm notice 140B util/random-id.js
npm notice 4.0kB dist/es5/util/rpc-cache-utils.js
npm notice 3.9kB util/rpc-cache-utils.js
npm notice 1.4kB dist/es5/util/rpc-hex-encoding.js
npm notice 1.4kB util/rpc-hex-encoding.js
npm notice 2.4kB dist/es5/subproviders/rpc.js
npm notice 2.3kB subproviders/rpc.js
npm notice 1.9kB dist/es5/subproviders/sanitizer.js
npm notice 1.6kB subproviders/sanitizer.js
npm notice 637B dist/es5/util/stoplight.js
npm notice 612B util/stoplight.js
npm notice 1.7kB dist/es5/subproviders/stream.js
npm notice 1.6kB subproviders/stream.js
npm notice 908B dist/es5/subproviders/subprovider.js
npm notice 886B subproviders/subprovider.js
npm notice 4.9kB dist/es5/subproviders/subscriptions.js
npm notice 642B subproviders/subscriptions.js
npm notice 5.9kB dist/es5/subproviders/vm.js
npm notice 6.0kB subproviders/vm.js
npm notice 595B dist/es5/subproviders/wallet.js
npm notice 598B subproviders/wallet.js
npm notice 11.2kB dist/es5/subproviders/websocket.js
npm notice 4.4kB subproviders/websocket.js
npm notice 1.1kB dist/es5/subproviders/whitelist.js
npm notice 1.2kB subproviders/whitelist.js
npm notice 3.9kB dist/es5/zero.js
npm notice 3.6kB zero.js
npm notice 1.5MB dist/ZeroClientProvider.js
npm notice 2.2kB package.json
npm notice 4.1kB CHANGELOG.md
npm notice 3.9kB README.md
npm notice === Tarball Details ===
npm notice name: web3-provider-engine
npm notice version: 16.0.6
npm notice package size: 594.7 kB
npm notice unpacked size: 2.6 MB
npm notice shasum: 7c5c392c21f090e4a75cae7e57b1ea90769d5d08
npm notice integrity: sha512-tQ5w3USNZx2AC[...]wg6KEW3Qwn/9Q==
npm notice total files: 75
Fixed
requestwith patched@cypress/request(#441)wsfrom^5.1.1to^7.5.9(#446)