socket-security[bot]
commented
4 months ago New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
| Package | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|
| npm/agent-base@6.0.2 | None | 0 |
34.6 kB | tootallnate |
| npm/axios@1.7.2 | network | 0 |
2.08 MB | jasonsaayman |
| npm/bl@4.1.0 | None | 0 |
64.4 kB | matteo.collina |
| npm/buffer@5.7.1 | None | 0 |
82.5 kB | feross |
| npm/cli-spinners@2.6.1 | None | 0 |
27.5 kB | sindresorhus |
| npm/dotenv@16.3.2 | environment, filesystem | 0 |
72.1 kB | motdotla |
| npm/follow-redirects@1.15.6 | network | 0 |
29.4 kB | rubenverborgh |
| npm/is-docker@2.2.1 | filesystem | 0 |
3.01 kB | sindresorhus |
| npm/minizlib@2.1.2 | None | 0 |
17.3 kB | isaacs |
| npm/node-gyp-build@4.8.1 | environment, filesystem | 0 |
13.4 kB | mafintosh |
| npm/node-machine-id@1.1.12 | environment, eval, shell | 0 |
35.8 kB | automation-stack |
| npm/open@8.4.2 | environment, filesystem, shell | +2 |
54.5 kB | sindresorhus |
🚮 Removed packages: npm/@aws-sdk/types@3.465.0, npm/@openzeppelin/defender-base-client@1.54.0-rc.0, npm/@openzeppelin/defender-relay-client@1.54.0-rc.0, npm/@sindresorhus/is@4.6.0, npm/@smithy/types@2.7.0, npm/@szmarczak/http-timer@4.0.6, npm/@types/cacheable-request@6.0.3, npm/amazon-cognito-identity-js@6.3.7, npm/available-typed-arrays@1.0.7, npm/axios@1.6.2, npm/cacheable-lookup@5.0.4, npm/call-bind@1.0.7, npm/core-util-is@1.0.3, npm/defer-to-connect@2.0.1, npm/end-of-stream@1.4.4, npm/follow-redirects@1.15.1, npm/get-intrinsic@1.2.4, npm/has-tostringtag@1.0.2, npm/object-assign@4.1.1, npm/punycode@2.3.1, npm/resolve-alpn@1.2.1, npm/undici-types@5.26.5, npm/util-deprecate@1.0.2, npm/which-typed-array@1.1.15, npm/xtend@4.0.2
This PR was automatically created by Snyk using the credentials of a real user.
 ### Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project. #### Snyk changed the following file(s): - `examples/web3-provider/package.json` #### Note for [zero-installs](https://yarnpkg.com/features/zero-installs) users If you are using the Yarn feature [zero-installs](https://yarnpkg.com/features/zero-installs) that was introduced in Yarn V2, note that this PR does not update the `.yarn/cache/` directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run `yarn` to update the contents of the `./yarn/cache` directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.
⚠️ Warning
``` Failed to update the yarn.lock, please update manually before merging. ```[SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) | **768** --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - Max score is 1000. Note that the real score may have changed since the PR was raised. > - This PR was automatically created by Snyk using the credentials of a real user. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: