Restyle [Snyk] Security upgrade axios from 0.18.1 to 0.20.0

[restyled-io]

Automated style fixes for #83, created by Restyled.

The following restylers made fixes:

• jq

To incorporate these changes, merge this Pull Request into the original. We
recommend using the Squash or Rebase strategies.

NOTE: As work continues on the original Pull Request, this process will
re-run and update (force-push) this Pull Request with updated style fixes as
necessary. If the style is fixed manually at any point (i.e. this process finds
no fixes to make), this Pull Request will be closed automatically.

Sorry if this was unexpected. To disable it, see our documentation.

[guardrails]

⚠️ We detected 119 security issues in this pull request:

Mode: paranoid | Total findings: 119 | Considered vulnerability: 119

Insecure Use of Regular Expressions (14)

Docs	Details
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 235 in 286857e if (!isExternalDirectCall(extDirectCall)) throw new Error('staticAnalysisCommon.js: not an external direct call Node')
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 250 in 286857e if (!isThisLocalCall(thisLocalCall.expression)) throw new Error('staticAnalysisCommon.js: not a this local call Node')
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 399 in 286857e if (!isLibraryCall(node.expression)) throw new Error('staticAnalysisCommon.js: not a library call Node')
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 587 in 286857e function isStorageVariableDeclaration (node: VariableDeclarationAstNode): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1002 in 286857e function expressionTypeDescription (node: any, typeRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1006 in 286857e function typeDescription (node: any, typeRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1010 in 286857e function nodeType (node: any, typeRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1018 in 286857e function memName (node: any, memNameRegex: any): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1022 in 286857e function operator (node: any, opRegex: string): boolean {
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-url-resolver/src/resolve.ts Line 87 in 286857e type: 'github',
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1007 in 286857e return new RegExp(typeRegex).test(node.typeDescriptions.typeString)
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1011 in 286857e return new RegExp(typeRegex).test(node.nodeType)
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1019 in 286857e return (node && !memNameRegex) || new RegExp(memNameRegex).test(node.name) || new RegExp(memNameRegex).test(node.memberName)
💡	Title: Regex DOS (ReDOS), Severity: Medium remix/remix-analyzer/src/solidity-analyzer/modules/staticAnalysisCommon.ts Line 1023 in 286857e return new RegExp(opRegex).test(node.operator)

More info on how to fix Insecure Use of Regular Expressions in TypeScript and JavaScript.

---

Insecure File Management (12)

Docs	Details
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 28 in 286857e const latestChangelog = fs.readFileSync(__dirname + '/changes.md', 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 29 in 286857e const oldChangelog = fs.readFileSync(__dirname + '/CHANGELOG.md', 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 33 in 286857e fs.unlinkSync(__dirname + '/CHANGELOG.md');
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 35 in 286857e fs.unlinkSync(__dirname + '/changes.md');
💡	Title: Use of non-literal fs filename, Severity: High remix/gulpfile.js Line 37 in 286857e fs.writeFileSync(__dirname + '/CHANGELOG.md', data);
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test.js Line 29 in 286857e inputJson.sources[shortFilename] = {content: fs.readFileSync(filename).toString()}
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test/init.js Line 16 in 286857e fs.readFile(filename, 'utf8', callback)
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test/init.js Line 18 in 286857e return fs.readFileSync(filename, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-debug/test/resources/testWeb3.js Line 6 in 286857e var data = init.readFile(require('path').resolve(__dirname, 'testWeb3.json'))
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-lib/test/init.js Line 16 in 286857e fs.readFile(filename, 'utf8', callback)
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-lib/test/init.js Line 18 in 286857e return fs.readFileSync(filename, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High remix/remix-lib/test/resources/testWeb3.js Line 6 in 286857e let data = init.readFile(require('path').resolve(__dirname, 'testWeb3.json'))

More info on how to fix Insecure File Management in JavaScript.

---

Vulnerable Libraries (93)

Severity	Details
Medium	[email protected] (t) upgrade to: >5.7.3 || >6.4.0 || >7.1.0
High	[email protected] (t) upgrade to: >1.2.2 || >2.2.0 || 3.0.0 || >4.0.2
Low	[email protected] upgrade to: >=7.1.0
Low	[email protected] (t) - no patch available
High	[email protected] (t) upgrade to: >=3.5.0
High	[email protected] upgrade to: >=0.12.3
High	[email protected] upgrade to: >=0.0.1
Critical	[email protected] (t) upgrade to: >=1.10.2
Medium	[email protected] (t) upgrade to: >=2.8.9 || >=3.0.8
High	[email protected] (t) upgrade to: >=1.18.1
High	[email protected] (t) upgrade to: >2.0.0
High	[email protected] (t) upgrade to: >2.2.2
Low	[email protected] (t) upgrade to: >=1.3.6
Low	[email protected] (t) upgrade to: >6.0.2
Medium	[email protected] (t) upgrade to: >4.16.4
High	[email protected] (t) - no patch available
Low	[email protected] (t) upgrade to: >=1.3.6
High	[email protected] (t) upgrade to: >4.17.20
High	[email protected] (t) - no patch available
High	[email protected] - no patch available
High	[email protected] upgrade to: >=5.3.1
High	[email protected] (t) - no patch available
High	[email protected] - no patch available
Medium	[email protected] (t) upgrade to: >1.1.6
High	[email protected] upgrade to: >=5.0.5
Low	deep-extend@unknown (t) upgrade to: >0.5.0
High	dot-prop@unknown (t) upgrade to: >=4.2.1 || >=5.1.1
Medium	extend@unknown (t) upgrade to: >=2.0.2 || >=3.0.2
High	[email protected] (t) upgrade to: >4.17.20
High	sshpk@unknown (t) upgrade to: >1.13.1
Medium	stringstream@unknown (t) upgrade to: >0.0.5
High	tough-cookie@unknown (t) upgrade to: >=2.3.3
Medium	[email protected] (t) upgrade to: >4.16.4
High	[email protected] (t) upgrade to: >6.5.3
High	[email protected] (t) upgrade to: >4.17.20
Low	[email protected] upgrade to: >=9.0.0
High	[email protected] (t) upgrade to: >4.5.0 || >5.3.0 || 6.0.0
High	[email protected] (t) - no patch available
High	[email protected] - no patch available
Critical	handlebars@unknown (t) upgrade to: >4.7.6
Medium	hosted-git-info@unknown (t) upgrade to: >=2.8.9 || >=3.0.8
High	[email protected] (t) upgrade to: >4.17.20
Low	[email protected] (t) upgrade to: >=0.2.1 || >=1.2.3
High	[email protected] upgrade to: >=2.2.2
High	y18n@unknown (t) upgrade to: >=5.0.5
Low	[email protected] upgrade to: >=15.1.0
High	[email protected] upgrade to: >=4.0.0
Critical	[email protected] (t) upgrade to: >=4.7.7
Medium	[email protected] (t) upgrade to: >=2.8.9 || >=3.0.8
Low	[email protected] (t) upgrade to: >=1.3.6
High	[email protected] (t) upgrade to: >4.17.20
Low	[email protected] upgrade to: >=3.9.1
High	[email protected] (t) upgrade to: >=5.0.5
High	[email protected] (t) upgrade to: >4.17.20
High	[email protected] (t) upgrade to: >=4.6.1
Low	[email protected] (t) upgrade to: >0.6.3
High	[email protected] (t) upgrade to: >=2.0.1
High	[email protected] (t) - no patch available
Medium	[email protected] (t) - no patch available
High	[email protected] (t) upgrade to: >=1.2.2
Critical	[email protected] (t) - no patch available
Medium	[email protected] (t) upgrade to: >4.16.4
High	[email protected] (t) upgrade to: >4.17.20
High	[email protected] upgrade to: >=0.25.0
Medium	[email protected] (t) upgrade to: >=2.8.9
High	[email protected] (t) upgrade to: >4.17.20
Medium	[email protected] upgrade to: >=9.2.0
Medium	[email protected] (t) upgrade to: >=1.0.7
Medium	[email protected] upgrade to: >=16.0.4
High	[email protected] (t) upgrade to: >=0.25.0
Medium	[email protected] (t) upgrade to: >=2.8.9
High	[email protected] (t) upgrade to: >4.17.20
Medium	[email protected] upgrade to: >=9.2.0
Medium	[email protected] (t) upgrade to: >=1.0.7
Medium	[email protected] upgrade to: >=16.0.4
Medium	[email protected] (t) upgrade to: >4.1.0
Medium	@ethersproject/[email protected] (t) upgrade to: >5.0.9
Medium	[email protected] (t) upgrade to: >4.16.4
Medium	[email protected] (t) upgrade to: >4.0.48
Medium	[email protected] (t) upgrade to: >2.20.5
Medium	[email protected] (t) upgrade to: >1.4.1 || >2.0.1
High	[email protected] (t) upgrade to: >=2.8.2
High	[email protected] (t) upgrade to: >4.4.17
High	[email protected] upgrade to: >1.5.2 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.6-rc.2 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.5 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.0.0 || >1.3.5 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.6-rc.2 || >=3.0.0-rc.0
High	[email protected] (t) upgrade to: >1.3.6-rc.2 || >3.0.0-rc.4
High	[email protected] (t) upgrade to: >1.3.5

More info on how to fix Vulnerable Libraries in JavaScript.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.