omgnetwork / plasma-contracts

Root chain contracts for Plasma
Apache License 2.0
112 stars 66 forks source link

chore(deps): bump got, web3, openzeppelin-test-helpers and solidity-coverage in /plasma_framework #793

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps got to 12.1.0 and updates ancestor dependencies got, web3, openzeppelin-test-helpers and solidity-coverage. These dependencies need to be updated together.

Updates got from 7.1.0 to 12.1.0

Release notes

Sourced from got's releases.

v12.1.0

Improvements

Fixes

https://github.com/sindresorhus/got/compare/v12.0.4...v12.1.0

v12.0.4

  • Remove stream lock - unreliable since Node 17.3.0 bb8eca924c338ca12d5b90d6a26aa28dbddb42ee

v12.0.3

  • Allow more types in the json option (#2015) eb045bf

https://github.com/sindresorhus/got/compare/v12.0.2...v12.0.3

v12.0.2

  • Fix encoding option with {responseType: 'json'} (#1996) 0703318

https://github.com/sindresorhus/got/compare/v12.0.1...v12.0.2

v12.0.1

  • Fix nock compatibility (#1959) bf39d2c
  • Fix missing export of Request TypeScript type (#1940) 0f9f2b8

https://github.com/sindresorhus/got/compare/v12.0.0...v12.0.1

v12.0.0

Introducing Got v12.0.0 :tada:

Long time no see! The latest Got version (v11.8.2) was released just in February ❄️ We have been working hard on squashing bugs and improving overall experience.

If you find Got useful, you might want to sponsor the Got maintainers.

This package is now pure ESM

Please read this. Also see sindresorhus/got#1789.

  • Please don't open issues about [ERR_REQUIRE_ESM] and Must use import to load ES Module errors. This is a problem with your setup, not Got.
  • Please don't open issues about using Got with Jest. Jest does not fully support ESM.
  • Pretty much any problem with loading this package is a problem with your bundler, test framework, etc, not Got.
  • If you use TypeScript, you will want to stay on Got v11 until TypeScript 4.6 is out. Why.
  • If you use a bundler, make sure it supports ESM and that you have correctly configured it for ESM.

... (truncated)

Commits


Updates web3 from 1.2.1 to 1.9.0

Release notes

Sourced from web3's releases.

web3-eth@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-eth@4.0.0-alpha.0

web3-core-requestmanager@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-core-requestmanager@4.0.0-alpha.0

web3-providers-http@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-providers-http@4.0.0-alpha.0

web3-providers-base@1.0.0-alpha.1

Changed

  • Update version to 1.0.0-alpha.1 for web3-providers-base
  • Update version to 4.0.0-alpha.0 for web3-utils in web3-providers-base

web3-utils@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-utils@4.0.0-alpha.0

web3-packagetemplate@1.0.0-alpha.0

Initial alpha release

Install with yarn add web3-packagetemplate@1.0.0-alpha.0

Changelog

Sourced from web3's changelog.

[1.2.1]

Fixed

  • websocket dependency fixed (#2971, #2976)
  • requestOptions added to WebsocketProvider (#2979)
  • Node >= v8.0.0 support (#2938)

[1.2.2]

Added

  • localStorage support detection added (#3031)
  • getNetworkType method extended with Görli testnet (#3095)
  • supportsSubscriptions method added to providers (#3116)
  • Add eth.getChainId method (#3113)
  • Minified file added to web3 package (#3131)
  • The transaction confirmation workflow can now be configured (#3130)
  • Additional parameters for accounts.signTransaction added (docs) (#3141)
  • Emit connected event on subscription creation (#3028)
  • TypeScript type definitions added for all modules (#3132)
  • Bloom filters added to web3.utils (#3137)

Fixed

  • Fix allow 0 as a valid fromBlock or toBlock filter param (#1100)
  • Fix randomHex returning inconsistent string lengths (#1490)
  • Fix make isBN minification safe (#1777)
  • Fix incorrect references to BigNumber in utils.fromWei and utils.toWei error messages (#2468)
  • Fix error incorrectly thrown when receipt.status is null (#2183)
  • Fix incorrectly populating chainId param with net_version when signing txs (#2378)
  • regeneratorRuntime error fixed (#3058)
  • Fix accessing event.name where event is undefined (#3014)
  • fixed Web3Utils toHex() for Buffer input (#3021)
  • Fix bubbling up tx signing errors (#2063, #3105)
  • HttpProvider: CORS issue with Firefox and Safari (#2978)
  • Ensure the immutability of the tx object passed to function signTransaction (#2190)
  • Gas check fixed (#2381)
  • Signing issues #1998, #2033, and #1074 fixed (#3125)
  • Fix hexToNumber and hexToNumberString prefix validation (#3086)
  • The receipt will now returned on a EVM error (this got removed on beta.18) (#3129)
  • Fixes transaction confirmations with the HttpProvider (#3140)

[1.2.3]

Fixed

  • Fix perfect gas usage causes tx to error (#3175)
  • Fix regenerator runtime error in web3.min.js (#3155)
  • Fix TS types for eth.subscribe syncing, newBlockHeaders, pendingTransactions (#3159)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jdevcs, a new releaser for web3 since your current version.


Updates openzeppelin-test-helpers from 0.4.3 to 0.5.1

Changelog

Sourced from openzeppelin-test-helpers's changelog.

0.5.16 (2022-09-06)

  • Fix warning under Hardhat 2.11.

0.5.15 (2021-10-05)

  • Fix snapshot.restore when used multiple times.

0.5.14 (2021-10-04)

  • Add missing export of snapshot module.

0.5.13 (2021-08-12)

  • Changed send.ether so it no longer forces gasPrice: 0.

NOTE: This may break some tests but gas price 0 is no longer valid since the London hard fork.

  • Added tracker.deltaWithFees.

0.5.12 (2021-07-05)

  • Added new snapshot module to capture and revert blockchain state.

0.5.11 (2021-04-29)

  • Fixed expectRevert for latest versions of Hardhat.

0.5.10 (2020-12-22)

  • Updated @truffle/contract dependency.

0.5.9 (2020-10-27)

  • Updated @openzeppelin/contract-loader dependency.

0.5.8 (2020-10-27)

  • Fixed expectRevert for Hardhat. (#131)

0.5.7 (2020-10-13)

  • Made expectEvent return the event that was found. (#129)
  • Fix expectEvent.inTransaction when there are conflicting events. (#133)

Breaking change

The fix to expectEvent.inTransaction may break some tests that were not using the API as intended, or which were causing a false positive assertion. If the emitter argument was a contract instance, the event that the assertion found in the transaction was not guaranteed to have originated in that particular contract instance at that address, it could also have generated in a different instance of the same contract. This is no longer the case, and may be the cause of a test breaking after the update.

0.5.6 (2020-06-01)

  • Deprecated expectEvent.not in favor of expectEvent.notEmitted. (#121)
  • Added expectEvent.notEmitted() for asserting absence of events in Truffle or Web3 receipts. (#121)

How to upgrade from 0.5.5

These changes are only necessary to get rid of the new deprecation warning.

  • If you have a receipt: await expectEvent.not.inTransaction(receipt.tx, contract, event)

... (truncated)

Commits


Updates solidity-coverage from 0.7.12 to 0.8.2

Release notes

Sourced from solidity-coverage's releases.

0.8.2

What's Changed

New Contributors

Full Changelog: https://github.com/sc-forks/solidity-coverage/compare/v0.8.1...v0.8.2

0.8.1

What's Changed

Full Changelog: https://github.com/sc-forks/solidity-coverage/compare/v0.8.0...v0.8.1

0.8.0

Hi!

⚠️ This version requires Hardhat >= 2.11.0 (Ethereum Merge)

New Features

A central focus of the 0.8.0 release is improving the coverage tool's branch detection.

Beginning with this version the following syntax is measured as a branch:

OR conditions

When a logical expression is composed with the || operator, both sides can be considered branches. To test the entire expression

if (a == 1 || a == 2)

... a must equal 1, 2 and neither of those values. (Thanks to Gnosis engineer @​rmeissner for proposing this in #175)

Screen Shot 2021-01-12 at 9 41 09 PM

Ternary Conditionals

Long ago, when Solidity was 0.4, solidity-coverage treated ternary conditionals like regular if/else statements. Some language improvements v0.5 subsequently made this impossible. Now it's back...

Screen Shot 2021-01-12 at 9 47 43 PM

Modifier Invocations

Solidity-coverage already covers the code within modifier definitions. However, each modifier invocation at the function level should really be considered its own branch. Some of the most critical logic in Solidity contracts is handled this way (ex: onlyOwner). Testing the pass/fail cases for each occurrence of these gates protects you from accidentally removing them during a refactor.

Because it's possible to write a modifier which performs a preparatory task and never reverts, there's a new option (modifierWhitelist) which allows you to exclude specific modifiers from branch measurement.

... (truncated)

Changelog

Sourced from solidity-coverage's changelog.

Changelog

0.8.1 / 2022-09-06

0.8.0 / 2022-09-05

0.7.21 / 2022-04-24

0.7.20 / 2022-02-15

0.7.19 / 2022-02-09

0.7.18 2022-01-17

0.7.16 / 2021-03-04

0.7.15 / 2021-02-16

0.7.14 / 2021-01-14

  • Support file scoped function definitions for solc >= 0.7.4
  • Upgrade @​solidity-parser/parser to v0.11.0

0.7.13 / 2020-12-03

  • Use default artifact paths for hardhat >= 2.0.4 (Fixes hardhat-deploy bug)
Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/omgnetwork/plasma-contracts/network/alerts).