search

rsksmart / rif-marketplace-storage

Pinning contracts
4 stars 5 forks source link

build(deps): bump @openzeppelin/contracts from 3.4.1 to 4.6.0 #380

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps @openzeppelin/contracts from 3.4.1 to 4.6.0.

Release notes

Sourced from @​openzeppelin/contracts's releases.

v4.6.0

  • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
  • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
  • EnumerableMap: add new AddressToUintMap map type. (#3150)
  • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
  • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)
  • ERC20Wrapper: the decimals() function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. (#3259)
  • draft-ERC20Permit: replace immutable with constant for _PERMIT_TYPEHASH since the keccak256 of string literals is treated specially and the hash is evaluated at compile time. (#3196)
  • ERC1155: Add a _afterTokenTransfer hook for improved extensibility. (#3166)
  • ERC1155URIStorage: add a new extension that implements a _setURI behavior similar to ERC721's _setTokenURI. (#3210)
  • DoubleEndedQueue: a new data structure that supports efficient push and pop to both front and back, useful for FIFO and LIFO queues. (#3153)
  • Governor: improved security of onlyGovernance modifier when using an external executor contract (e.g. a timelock) that can operate without necessarily going through the governance protocol. (#3147)
  • Governor: Add a way to parameterize votes. This can be used to implement voting systems such as fractionalized voting, ERC721 based voting, or any number of other systems. The params argument added to _countVote method, and included in the newly added _getVotes method, can be used by counting and voting modules respectively for such purposes. (#3043)
  • Governor: rewording of revert reason for consistency. (#3275)
  • Governor: fix an inconsistency in data locations that could lead to invalid bytecode being produced. (#3295)
  • Governor: Implement IERC721Receiver and IERC1155Receiver to improve token custody by governors. (#3230)
  • TimelockController: Implement IERC721Receiver and IERC1155Receiver to improve token custody by timelocks. (#3230)
  • TimelockController: Add a separate canceller role for the ability to cancel. (#3165)
  • Initializable: add a reinitializer modifier that enables the initialization of new modules, added to already initialized contracts through upgradeability. (#3232)
  • Initializable: add an Initialized event that tracks initialized version numbers. (#3294)
  • ERC2981: make royaltiInfo public to allow super call in overrides. (#3305)

Breaking changes

  • Governor: Adds internal virtual _getVotes method that must be implemented; this is a breaking change for existing concrete extensions to Governor. To fix this on an existing voting module extension, rename getVotes to _getVotes and add a bytes memory argument. (#3043)
  • Governor: Adds params parameter to internal virtual _countVote method; this is a breaking change for existing concrete extensions to Governor. To fix this on an existing counting module extension, add a bytes memory argument to _countVote. (#3043)
  • Governor: Does not emit VoteCast event when params data is non-empty; instead emits VoteCastWithParams event. To fix this on an integration that consumes the VoteCast event, also fetch/monitor VoteCastWithParams events. (#3043)
  • Votes: The internal virtual function _getVotingUnits was made view (which was accidentally missing). Any overrides should now be updated so they are view as well.

v4.6.0-rc.0

This prerelease is now available for open review! Let us know your feedback and if you find any security issues.

We have a bug bounty with rewards of up to USD $25,000 and a special POAP for submitting a valid issue.

See the announcement for some more details.

v4.5.0

  • ERC2981: add implementation of the royalty standard, and the respective extensions for ERC721 and ERC1155. (#3012)
  • GovernorTimelockControl: improve the state() function to have it reflect cases where a proposal has been canceled directly on the timelock. (#2977)
  • Preset contracts are now deprecated in favor of Contracts Wizard. (#2986)
  • Governor: add a relay function to help recover assets sent to a governor that is not its own executor (e.g. when using a timelock). (#2926)
  • GovernorPreventLateQuorum: add new module to ensure a minimum voting duration is available after the quorum is reached. (#2973)
  • ERC721: improved revert reason when transferring from wrong owner. (#2975)
  • Votes: Added a base contract for vote tracking with delegation. (#2944)
  • ERC721Votes: Added an extension of ERC721 enabled with vote tracking and delegation. (#2944)
  • ERC2771Context: use immutable storage to store the forwarder address, no longer an issue since Solidity >=0.8.8 allows reading immutable variables in the constructor. (#2917)
  • Base64: add a library to parse bytes into base64 strings using encode(bytes memory) function, and provide examples to show how to use to build URL-safe tokenURIs. (#2884)
  • ERC20: reduce allowance before triggering transfer. (#3056)

... (truncated)

Changelog

Sourced from @​openzeppelin/contracts's changelog.

4.6.0 (2022-04-26)

  • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
  • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
  • EnumerableMap: add new AddressToUintMap map type. (#3150)
  • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
  • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)
  • ERC20Wrapper: the decimals() function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. (#3259)
  • draft-ERC20Permit: replace immutable with constant for _PERMIT_TYPEHASH since the keccak256 of string literals is treated specially and the hash is evaluated at compile time. (#3196)
  • ERC1155: Add a _afterTokenTransfer hook for improved extensibility. (#3166)
  • ERC1155URIStorage: add a new extension that implements a _setURI behavior similar to ERC721's _setTokenURI. (#3210)
  • DoubleEndedQueue: a new data structure that supports efficient push and pop to both front and back, useful for FIFO and LIFO queues. (#3153)
  • Governor: improved security of onlyGovernance modifier when using an external executor contract (e.g. a timelock) that can operate without necessarily going through the governance protocol. (#3147)
  • Governor: Add a way to parameterize votes. This can be used to implement voting systems such as fractionalized voting, ERC721 based voting, or any number of other systems. The params argument added to _countVote method, and included in the newly added _getVotes method, can be used by counting and voting modules respectively for such purposes. (#3043)
  • Governor: rewording of revert reason for consistency. (#3275)
  • Governor: fix an inconsistency in data locations that could lead to invalid bytecode being produced. (#3295)
  • Governor: Implement IERC721Receiver and IERC1155Receiver to improve token custody by governors. (#3230)
  • TimelockController: Implement IERC721Receiver and IERC1155Receiver to improve token custody by timelocks. (#3230)
  • TimelockController: Add a separate canceller role for the ability to cancel. (#3165)
  • Initializable: add a reinitializer modifier that enables the initialization of new modules, added to already initialized contracts through upgradeability. (#3232)
  • Initializable: add an Initialized event that tracks initialized version numbers. (#3294)
  • ERC2981: make royaltyInfo public to allow super call in overrides. (#3305)

Breaking changes

  • Governor: Adds internal virtual _getVotes method that must be implemented; this is a breaking change for existing concrete extensions to Governor. To fix this on an existing voting module extension, rename getVotes to _getVotes and add a bytes memory argument. (#3043)
  • Governor: Adds params parameter to internal virtual _countVote method; this is a breaking change for existing concrete extensions to Governor. To fix this on an existing counting module extension, add a bytes memory argument to _countVote. (#3043)
  • Governor: Does not emit VoteCast event when params data is non-empty; instead emits VoteCastWithParams event. To fix this on an integration that consumes the VoteCast event, also fetch/monitor VoteCastWithParams events. (#3043)
  • Votes: The internal virtual function _getVotingUnits was made view (which was accidentally missing). Any overrides should now be updated so they are view as well.

4.5.0 (2022-02-09)

  • ERC2981: add implementation of the royalty standard, and the respective extensions for ERC721 and ERC1155. (#3012)
  • GovernorTimelockControl: improve the state() function to have it reflect cases where a proposal has been canceled directly on the timelock. (#2977)
  • Preset contracts are now deprecated in favor of Contracts Wizard. (#2986)
  • Governor: add a relay function to help recover assets sent to a governor that is not its own executor (e.g. when using a timelock). (#2926)
  • GovernorPreventLateQuorum: add new module to ensure a minimum voting duration is available after the quorum is reached. (#2973)
  • ERC721: improved revert reason when transferring from wrong owner. (#2975)
  • Votes: Added a base contract for vote tracking with delegation. (#2944)
  • ERC721Votes: Added an extension of ERC721 enabled with vote tracking and delegation. (#2944)
  • ERC2771Context: use immutable storage to store the forwarder address, no longer an issue since Solidity >=0.8.8 allows reading immutable variables in the constructor. (#2917)
  • Base64: add a library to parse bytes into base64 strings using encode(bytes memory) function, and provide examples to show how to use to build URL-safe tokenURIs. (#2884)
  • ERC20: reduce allowance before triggering transfer. (#3056)
  • ERC20: do not update allowance on transferFrom when allowance is type(uint256).max. (#3085)
  • ERC20: add a _spendAllowance internal function. (#3170)
  • ERC20Burnable: do not update allowance on burnFrom when allowance is type(uint256).max. (#3170)
  • ERC777: do not update allowance on transferFrom when allowance is type(uint256).max. (#3085)
  • ERC777: add a _spendAllowance internal function. (#3170)
  • SignedMath: a new signed version of the Math library with max, min, and average. (#2686)
  • SignedMath: add a abs(int256) method that returns the unsigned absolute value of a signed value. (#2984)

... (truncated)

Commits
  • d4fb3a8 4.6.0
  • 1d9902f Fix update-comment script to ignore invalid tags
  • 2cf3ac4 Bump minimum Solidity version for Initializable.sol to 0.8.2 (#3328)
  • 24953fb Remove unused constructor argument
  • a57bd14 Fix tests on upgradeable contracts after transpilation
  • 6096b53 add transpilation guards to the crosschain mocks (#3306)
  • ab54fcb make ERC2981:royaltyInfo public (#3305)
  • 050180e Fix release script to only release @​openzeppelin/contracts
  • 3a2534d 4.6.0-rc.0
  • 2a4ca65 Update release script to stop publishing old openzeppelin-solidity package
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by amxx, a new releaser for @​openzeppelin/contracts since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Dependabot tried to add @artem-brazhnikov as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/rsksmart/rif-marketplace-storage/pulls/380/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the rsksmart/rif-marketplace-storage repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request
dependabot[bot] commented 2 years ago

Superseded by #395.