omni / tokenbridge-contracts

Smart contracts for TokenBridge
http://docs.tokenbridge.net
GNU General Public License v3.0
230 stars 227 forks source link

Bump flat and truffle #676

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps flat to 5.0.2 and updates ancestor dependency truffle. These dependencies need to be updated together.

Updates flat from 4.1.1 to 5.0.2

Commits
  • e5ffd66 Release 5.0.2
  • fdb79d5 Update dependencies, refresh lockfile, format with standard.
  • e52185d Test against node 14 in CI.
  • 0189cb1 Avoid arrow function syntax.
  • f25d3a1 Release 5.0.1
  • 54cc7ad use standard formatting
  • 779816e drop dependencies
  • 2eea6d3 Bump lodash from 4.17.15 to 4.17.19
  • a61a554 Bump acorn from 7.1.0 to 7.4.0
  • 20ef0ef Fix prototype pollution on unflatten
  • Additional commits viewable in compare view


Updates truffle from 5.3.4 to 5.7.1

Release notes

Sourced from truffle's releases.

v5.7.1 β€” Chocolate 🍫 Pavlova with Spiced Pears 🍐

Hello all! πŸ‘‹

We want to bring a delicious chocolate 🍫 pavlova with spiced pears 🍐 to celebrate πŸŽ‰ this holiday season. Sit down πŸͺ‘, relax πŸ€—, and enjoy πŸ₯³!!!

While Truffle dropped support for Node 12 a while back, we hadn't been enforcing this in our Node version check at startup. We now check this; Truffle will now refuse to run on Node 12 to prevent any problems.

One more thing! Please take a moment to complete The Solidity Development Survey 2022. This helps our community πŸ§‘πŸ½β€πŸ€β€πŸ§‘πŸ½ to improve. Thanks! πŸ™πŸ½

How to upgrade

We recommend upgrading to the latest version of Truffle by running:

npm uninstall -g truffle
npm install -g truffle

Changelog

Internal improvements

Dependency updates

v5.7.0 β€” Some treats!

Hey ho, we have a release! Let's go, enjoy it with some treats! 🍫

It's Thursday yet again and we have a Truffle release coming your way! ↔️ This one is pretty exciting because we are finally releasing a console.log for Solidity in Truffle's testing and console environment. Simply use the following import at the top of your contract:

import "truffle/console.sol";

Then you can call console.log() similar to how you would in JavaScript.

console.log("this is logging and here is an address - %o", msg.sender);

Now when you run this code during a Truffle test run or in Truffle's console environment, you will receive logging! Super cool! πŸͺ΅

Another change we have this week is an update to the ENS infrastructure. When deploying an ENS dev registry, Truffle will also deploy a reverse registrar to allow for reverse resolution. So happy resolving!

@​truffle/provider received a spruce up as well! Remember EIP 1193? This is the one that specifies a request method on providers (in addition to some other things). Now @​truffle/provider is 1193 compliant!

Lastly we have a couple improvements that are a bit more internal to Truffle. A bit of code was cleaned up and fixed πŸ› οΈ, and an improvement which makes the encoding of contract creations easier was added.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by dongming.hwang, a new releaser for truffle since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/omni/tokenbridge-contracts/network/alerts).