update deps - Githubissues

goosewobbler commented 1 year ago

Notable Updates:

electron v25 (Chromium 114.0.5735.45, Node 18.14.0) - changelogs:
@parcel/* v2.9.1 - now correctly uses buffer v6 polyfill, fixes issue around installing buffer when running prod
typescript v5.1
- https://devblogs.microsoft.com/typescript/announcing-typescript-5-1/
- https://devblogs.microsoft.com/typescript/announcing-typescript-5-0/
rimraf v5.0.1 - works as before via npx
- https://github.com/isaacs/rimraf#v4-to-v5
styled-components v6
- https://styled-components.com/docs/faqs#what-do-i-need-to-do-to-migrate-to-v6
New usage of @ethereumjs/util in the renderer process requires additional polyfills:
- browserify-zlib
- https-browserify
- stream-http

No upgrade (ESM only)

node-fetch
ipfs-unixfs-importer
query-string
conf

No upgrade (significant code changes required)

ethers

socket-security[bot] commented 1 year ago

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Ignoring: @swc/core@1.3.62

Pull request alert summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

📊 Modified Dependency Overview:

➕ Added Package	Capability Access	`+/-` Transitive Count	Publisher
@ethereumjs/tx@4.1.2	network	`+10`	holgerd77
https-browserify@1.0.0	network	`+0`	feross
stream-http@3.2.0	network	`+2`	jhiesey
browserify-zlib@0.2.0	None	`+0`	dignifiedquire
@ethereumjs/common@3.1.2	network	`+9`	holgerd77

⬆️ Updated Package	Version Diff	Added Capability Access	`+/-` Transitive Count	Publisher
@trezor/connect@9.0.11	9.0.7...9.0.11	None	`+17/-13`	trezor-ci
@lavamoat/allow-scripts@2.3.1	2.3.0...2.3.1	None	`+7/-16`	lgbot
@sentry/electron@4.6.0	4.3.0...4.6.0	None	`+8/-7`	sentry-bot
@testing-library/dom@9.3.0	9.0.1...9.3.0	None	`+1/-1`	testing-library-bot
@parcel/core@2.9.1	2.8.3...2.9.1	None	`+25/-23`	devongovett
@types/node@20.2.5	18.14.6...20.2.5	None	`+0/-0`	types
hardhat@2.14.1	2.13.0...2.14.1	None	`+1/-25`	fvictorio
@metamask/eth-sig-util@5.1.0	5.0.2...5.1.0	network	`+9/-1`	metamaskbot
@sentry/types@7.54.0	7.42.0...7.54.0	None	`+0/-0`	sentry-bot
semver@7.5.1	7.3.8...7.5.1	None	`+0/-0`	npm-cli-ops
@types/node-fetch@2.6.4	2.6.2...2.6.4	None	`+1/-1`	types
gridplus-sdk@2.5.2	2.5.1...2.5.2	None	`+9/-1`	asmiller1989
ws@8.13.0	8.12.1...8.13.0	None	`+0/-0`	lpinca
@typescript-eslint/parser@5.59.8	5.54.1...5.59.8	None	`+13/-17`	jameshenry
lint-staged@13.2.2	13.1.2...13.2.2	None	`+7/-6`	okonet
hotkeys-js@3.10.2	3.10.1...3.10.2	None	`+0/-0`	wcjiang
auto-launch@5.0.6	5.0.5...5.0.6	None	`+0/-0`	4ver
ts-jest@29.1.0	29.0.5...29.1.0	None	`+16/-17`	kul
eslint-config-prettier@8.8.0	8.7.0...8.8.0	None	`+8/-11`	lydell
@parcel/transformer-stylus@2.9.1	2.8.3...2.9.1	None	`+26/-24`	devongovett
@eslint/js@8.42.0	8.38.0...8.42.0	None	`+0/-0`	eslintbot
@ethereumjs/util@8.0.6	8.0.3...8.0.6	network	`+8/-0`	holgerd77
@typescript-eslint/eslint-plugin@5.59.8	5.54.1...5.59.8	None	`+16/-20`	jameshenry
fs-extra@11.1.1	11.1.0...11.1.1	None	`+0/-0`	ryanzim
parcel@2.9.1	2.8.3...2.9.1	None	`+75/-63`	devongovett
deep-equal@2.2.1	2.2.0...2.2.1	None	`+0/-0`	ljharb
@parcel/transformer-typescript-tsc@2.9.1	2.8.3...2.9.1	None	`+27/-26`	devongovett
@babel/preset-typescript@7.21.5	7.21.0...7.21.5	None	`+18/-17`	nicolo-ribaudo
nock@13.3.1	13.3.0...13.3.1	None	`+0/-0`	nockbot
styled-components@6.0.0-rc.3	5.3.8...6.0.0-rc.3	eval, network	`+66/-14`	probablyup
eslint@8.42.0	8.35.0...8.42.0	None	`+7/-10`	eslintbot
@babel/preset-react@7.22.3	7.18.6...7.22.3	None	`+15/-15`	nicolo-ribaudo
@babel/node@7.22.1	7.20.7...7.22.1	None	`+14/-14`	nicolo-ribaudo
@parcel/config-default@2.9.1	2.8.3...2.9.1	None	`+72/-60`	devongovett
@ledgerhq/hw-transport-node-hid-singleton@6.28.12	6.28.9...6.28.12	None	`+6/-6`	sergii-shkolin
@babel/core@7.22.1	7.21.0...7.22.1	None	`+12/-12`	nicolo-ribaudo
eslint-plugin-testing-library@5.11.0	5.10.2...5.11.0	None	`+14/-18`	testing-library-bot
prettier@2.8.8	2.8.4...2.8.8	None	`+0/-0`	prettier-bot
@babel/preset-env@7.22.4	7.20.2...7.22.4	None	`+52/-45`	nicolo-ribaudo
electron@25.0.1	23.1.3...25.0.1	None	`+3/-3`	electron-nightly
@parcel/transformer-css@2.9.1	2.8.3...2.9.1	None	`+26/-24`	devongovett
@babel/plugin-proposal-decorators@7.22.3	7.21.0...7.22.3	None	`+18/-18`	nicolo-ribaudo
@ledgerhq/hw-transport-web-ble@6.27.15	6.27.12...6.27.15	None	`+4/-4`	sergii-shkolin
@types/jest@29.5.2	29.4.0...29.5.2	None	`+1/-1`	types
node-abi@3.43.0	3.33.0...3.43.0	None	`+1/-1`	electron-cfa
rimraf@5.0.1	4.4.0...5.0.1	None	`+12/-5`	isaacs
@ledgerhq/hw-transport-mocker@6.27.15	6.27.12...6.27.15	None	`+4/-4`	sergii-shkolin
@ledgerhq/hw-transport-node-hid-noevents@6.27.15	6.27.12...6.27.15	None	`+5/-5`	sergii-shkolin
@ledgerhq/hw-app-eth@6.33.4	6.32.0...6.33.4	None	`+14/-7`	sergii-shkolin

🚮 Removed packages: typescript@4.9.5

goosewobbler commented 1 year ago

@SocketSecurity ignore @swc/core@1.3.62

floating / frame

update deps #1571