Bump the npm_and_yarn group across 1 directories with 4 updates by dependabot[bot] · Pull Request #35 · morph-l2/morph

dependabot · 2024-02-07T08:24:04Z

Bumps the npm_and_yarn group with 4 updates in the /gas-oracle directory: flat, eth-gas-reporter, solidity-coverage and undici.

Updates flat from 4.1.1 to 5.0.2

Commits

e5ffd66 Release 5.0.2
fdb79d5 Update dependencies, refresh lockfile, format with standard.
e52185d Test against node 14 in CI.
0189cb1 Avoid arrow function syntax.
f25d3a1 Release 5.0.1
54cc7ad use standard formatting
779816e drop dependencies
2eea6d3 Bump lodash from 4.17.15 to 4.17.19
a61a554 Bump acorn from 7.1.0 to 7.4.0
20ef0ef Fix prototype pollution on unflatten
Additional commits viewable in compare view

Updates eth-gas-reporter from 0.2.25 to 0.2.27

Release notes

Sourced from eth-gas-reporter's releases.

v0.2.27

What's Changed

Remove @ethersproject/abi, use ethers.utils by @cgewecke in cgewecke/eth-gas-reporter#301

Full Changelog: cgewecke/eth-gas-reporter@v0.2.26...v0.2.27

v0.2.26

What's Changed

Update Mocha to v10 by @frangio in cgewecke/eth-gas-reporter#295

Bump ethers version by @ChristopherDedominici in cgewecke/eth-gas-reporter#296

Remove unused request package by @ChristopherDedominici in cgewecke/eth-gas-reporter#297

Replace request-promise-native with axios by @cgewecke in cgewecke/eth-gas-reporter#299

New Contributors

@ChristopherDedominici made their first contribution in cgewecke/eth-gas-reporter#296

Full Changelog: cgewecke/eth-gas-reporter@v0.2.2...v0.2.26

Changelog

Sourced from eth-gas-reporter's changelog.

0.2.27 / 2023-09-30

Remove @ethersproject/abi, use ethers.utils instead (cgewecke/eth-gas-reporter#301)

0.2.26 / 2023-09-29

Replace request-promise-native with axios / avoid default price API calls (cgewecke/eth-gas-reporter#299)

Remove request package (cgewecke/eth-gas-reporter#297)

Bump ethers version (cgewecke/eth-gas-reporter#296)

Update Mocha to v10 (cgewecke/eth-gas-reporter#295)

0.2.23 / 2021-11-26

Add notes to README about missing price data & remote data fetching race condition

Add support for multiple gas price tokens (BNB, MATIC, AVAX, HR, MOVR) (cgewecke/eth-gas-reporter#251)

Make @codechecks/client peer dep optional (cgewecke/eth-gas-reporter#257)

Update @solidity-parser/parser to 0.14.0 (cgewecke/eth-gas-reporter#261)

0.2.22 / 2021-03-04

Update @solidity-parser/parser to ^0.12.0 (support Panic keyword in catch blocks) (cgewecke/eth-gas-reporter#243)

0.2.21 / 2021-02-16

Fix missing truffle migration deployments data (cgewecke/eth-gas-reporter#240)

Upgrade solidity-parser/parser to 0.11.1 (cgewecke/eth-gas-reporter#239)

0.2.20 / 2020-12-01

Add support for remote contracts data pre-loading (hardhat-gas-reporter feature)

0.2.19 / 2020-10-29

Delegate contract loading/parsing to artifactor & make optional (#227)

0.2.18 / 2020-10-13

Support multiple codechecks reports per CI run

Add CI error threshold options: maxMethodDiff, maxDeploymentDiff

Add async collection methods for BuidlerEVM

Update solidity-parser/parser to 0.8.0 (contribution: @vicnaum)

Update dev deps / use Node 12 in CI

0.2.17 / 2020-04-13

Use @solidity-parser/parser for better solc 0.6.x parsing

Upgrade Mocha to ^7.1.1 (to remove minimist vuln warning)

Stop crashing when parser or ABI Encoder fails

Update @ethersproject/abi to ^5.0.0-beta.146 (and unpin)

... (truncated)

Commits

See full diff in compare view

Updates solidity-coverage from 0.8.2 to 0.8.6

Release notes

Sourced from solidity-coverage's releases.

v0.8.6

What's Changed

Fixes

Perform ternary conditional injections before branch injections (#828) by @cgewecke in sc-forks/solidity-coverage#828

Fix chained ternary conditionals instrumentation by @cgewecke in sc-forks/solidity-coverage#830

Fix instrumentation error for virtual modifiers by @cgewecke in sc-forks/solidity-coverage#832

Throw error when mocha parallel is set to true by @cgewecke in sc-forks/solidity-coverage#833

Documentation

Update faq.md with another viaIR optimizer config workaround by @remedcu in sc-forks/solidity-coverage#822

Document Istanbul check-coverage cli command by @cgewecke in sc-forks/solidity-coverage#834

Dependencies

Use ^ in mocha dep by @cgewecke in sc-forks/solidity-coverage#814

Upgrade solidity-parser to 0.18.0 by @cgewecke in sc-forks/solidity-coverage#829

Misc

Add drips funding config by @cgewecke in sc-forks/solidity-coverage#827

New Contributors

@remedcu made their first contribution in sc-forks/solidity-coverage#822

Full Changelog: sc-forks/solidity-coverage@v0.8.5...v0.8.6

0.8.5

What's Changed

Update mocha version to fix deprecated debug package by @ChristopherDedominici in sc-forks/solidity-coverage#810

Remove all mentions to buidler by @fvictorio in sc-forks/solidity-coverage#778

change .solcoverjs occurencies to .solcover.js by @joaoh9 in sc-forks/solidity-coverage#777

Add a package description by @ilovehackathons in sc-forks/solidity-coverage#775

Add dependabot config by @jtakalai in sc-forks/solidity-coverage#759

New Contributors

@ChristopherDedominici made their first contribution in sc-forks/solidity-coverage#810

@joaoh9 made their first contribution in sc-forks/solidity-coverage#777

@ilovehackathons made their first contribution in sc-forks/solidity-coverage#775

@jtakalai made their first contribution in sc-forks/solidity-coverage#759

Full Changelog: sc-forks/solidity-coverage@v0.8.4...v0.8.5

v0.8.4

What's Changed

Prepare for next hardhat version by @fvictorio in sc-forks/solidity-coverage#796

Update solidity-parser to 0.16.0 by @cgewecke in sc-forks/solidity-coverage#802

New Contributors

@fvictorio made their first contribution in sc-forks/solidity-coverage#796

Full Changelog: sc-forks/solidity-coverage@v0.8.2...v0.8.4

Changelog

Sourced from solidity-coverage's changelog.

0.8.6 / 2024-01-28

Add test for multi-contract files with inheritance (sc-forks/solidity-coverage#836)

Add test for modifiers with post-conditions (sc-forks/solidity-coverage#835)

Document Istanbul check-coverage cli command (sc-forks/solidity-coverage#834)

Throw error when mocha parallel is set to true (sc-forks/solidity-coverage#833)

Fix instrumentation error for virtual modifiers (sc-forks/solidity-coverage#832)

Add test for file level using for statements (sc-forks/solidity-coverage#831)

Fix chained ternary conditionals instrumentation (sc-forks/solidity-coverage#830)

Update faq.md with an optimizer config workaround (sc-forks/solidity-coverage#822)

Upgrade solidity-parser to 0.18.0 (sc-forks/solidity-coverage#829)

Perform ternary conditional injections before branch injections (sc-forks/solidity-coverage#828)

Add drips funding config (sc-forks/solidity-coverage#827)

0.8.5 / 2023-09-21

Update contributor list (sc-forks/solidity-coverage#812)

Add dependabot config (sc-forks/solidity-coverage#759)

Add a package description to package.json (sc-forks/solidity-coverage#775)

change .solcoverjs occurencies to .solcover.js (sc-forks/solidity-coverage#777)

Remove all mentions to buidler (sc-forks/solidity-coverage#778)

Update HH dev dep & fix Zeppelin E2E test (sc-forks/solidity-coverage#811)

Update mocha version to 10.2.0, fix deprecated debug package (sc-forks/solidity-coverage#810)

0.8.4 / 2023-07-04

Update solidity-parser to 0.16.0 (sc-forks/solidity-coverage#802)

0.8.3 / 2023-06-22

Updates for Hardhat v2.15.0 (sc-forks/solidity-coverage#796)

0.8.1 / 2022-09-06

Restore web3-utils (sc-forks/solidity-coverage#743)

0.8.0 / 2022-09-05

See release notes at: https://github.com/sc-forks/solidity-coverage/releases/tag/v0.8.0

0.7.21 / 2022-04-24

... (truncated)

Commits

8da877e Update changelog: 0.8.6
c60e89d 0.8.6
16c2a04 Add test for multi-contract files with inheritance (#836)
ecd808c Add test for modifiers with post-conditions (#835)
54bfdbd Document Istanbul check-coverage cli command (#834)
abea00b Throw error when mocha parallel is set to true (#833)
658dc37 Fix instrumentation error for virtual modifiers (#832)
70de9d4 Add test for file level using for statements (#831)
a6674c6 Fix chained ternary conditionals instrumentation (#830)
9b64cba Update faq.md with an optimizer config workaround (#822)
Additional commits viewable in compare view

Updates undici from 5.22.0 to 5.28.3

Release notes

Sourced from undici's releases.

v5.28.3

⚠️ Security Release ⚠️

Details on the vulnerabilities fixed will be shared in the next couple of days.

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

v5.28.2

What's Changed

fix: remove optional chainning for compatible with Nodejs12 and below by @bugb in nodejs/undici#2470

fix: remove node: prefix by @tsctx in nodejs/undici#2471

perf: avoid Headers initialization by @tsctx in nodejs/undici#2468

fix: handle SharedArrayBuffer correctly by @tsctx in nodejs/undici#2466

fix: Add null type to signal in RequestInit by @gebsh in nodejs/undici#2455

fix: correctly handle data URL with hashes. by @tsctx in nodejs/undici#2475

fix: check response for timinginfo allow flag by @ToshB in nodejs/undici#2477

Make call to onBodySent conditional in RetryHandler by @MzUgM in nodejs/undici#2478

refactor: better integrity check by @tsctx in nodejs/undici#2462

fix: Added support for inline URL username:password proxy auth by @matt-way in nodejs/undici#2473

build(deps-dev): bump jsdom from 22.1.0 to 23.0.0 by @dependabot in nodejs/undici#2472

build(deps-dev): bump sinon from 16.1.3 to 17.0.1 by @dependabot in nodejs/undici#2405

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 by @dependabot in nodejs/undici#2396

build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 by @dependabot in nodejs/undici#2395

build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 by @dependabot in nodejs/undici#2392

build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 by @dependabot in nodejs/undici#2389

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in nodejs/undici#2302

New Contributors

@bugb made their first contribution in nodejs/undici#2470

@gebsh made their first contribution in nodejs/undici#2455

@ToshB made their first contribution in nodejs/undici#2477

@MzUgM made their first contribution in nodejs/undici#2478

@matt-way made their first contribution in nodejs/undici#2473

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

perf: Improve normalizeMethod by @tsctx in nodejs/undici#2456

fix: dispatch error handling by @ronag in nodejs/undici#2459

perf(request): optimize if headers are given by @tsctx in nodejs/undici#2454

Full Changelog: nodejs/undici@v5.28.0...v5.28.1

v5.28.0

What's Changed

fix(parseHeaders): util.parseHeaders handle correctly array of buffer… by @mdoria12 in nodejs/undici#2398

docs: add license to undici-types by @dancastillo in nodejs/undici#2401

perf: optimize Readable.dump by @ronag in nodejs/undici#2402

... (truncated)

Commits

e71cb4c Bumped v5.28.3
20c65b8 Fix tests for Node.js v20.11.0 (#2618)
8ec52cd Fix tests for Node.js v21 (#2609)
d3aa574 Merge pull request from GHSA-3787-6prv-h9w3
9a14e5f Bumped v5.28.2
fcdfe87 build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2302)
169c157 build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)
9788177 build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 (#2392)
1f6d159 build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 (#2395)
a393a86 build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 (#2396)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 4 updates in the /gas-oracle directory: [flat](https://github.com/hughsk/flat), [eth-gas-reporter](https://github.com/cgewecke/eth-gas-reporter), [solidity-coverage](https://github.com/sc-forks/solidity-coverage) and [undici](https://github.com/nodejs/undici). Updates `flat` from 4.1.1 to 5.0.2 - [Release notes](https://github.com/hughsk/flat/releases) - [Commits](hughsk/flat@4.1.1...5.0.2) Updates `eth-gas-reporter` from 0.2.25 to 0.2.27 - [Release notes](https://github.com/cgewecke/eth-gas-reporter/releases) - [Changelog](https://github.com/cgewecke/eth-gas-reporter/blob/master/CHANGELOG.md) - [Commits](https://github.com/cgewecke/eth-gas-reporter/commits/v0.2.27) Updates `solidity-coverage` from 0.8.2 to 0.8.6 - [Release notes](https://github.com/sc-forks/solidity-coverage/releases) - [Changelog](https://github.com/sc-forks/solidity-coverage/blob/master/CHANGELOG.md) - [Commits](sc-forks/solidity-coverage@v0.8.2...v0.8.6) Updates `undici` from 5.22.0 to 5.28.3 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.22.0...v5.28.3) --- updated-dependencies: - dependency-name: flat dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: eth-gas-reporter dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: solidity-coverage dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: undici dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-02-16T17:21:58Z

Superseded by #45.

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 7, 2024

dependabot Bot closed this Feb 16, 2024

dependabot Bot deleted the dependabot/npm_and_yarn/gas-oracle/npm_and_yarn-security-group-51df9527bd branch February 16, 2024 17:22

panos-xyz mentioned this pull request Apr 28, 2026

refactor: remove sequencer batch generation and BLS signing #939

Merged

7 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directories with 4 updates#35

Bump the npm_and_yarn group across 1 directories with 4 updates#35
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/gas-oracle/npm_and_yarn-security-group-51df9527bd

dependabot Bot commented on behalf of github Feb 7, 2024

Uh oh!

dependabot Bot commented on behalf of github Feb 16, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Feb 7, 2024

v0.2.27

What's Changed

v0.2.26

What's Changed

New Contributors

0.2.27 / 2023-09-30

0.2.26 / 2023-09-29

0.2.23 / 2021-11-26

0.2.22 / 2021-03-04

0.2.21 / 2021-02-16

0.2.20 / 2020-12-01

0.2.19 / 2020-10-29

0.2.18 / 2020-10-13

0.2.17 / 2020-04-13

v0.8.6

What's Changed

Fixes

Documentation

Dependencies

Misc

New Contributors

0.8.5

What's Changed

New Contributors

v0.8.4

What's Changed

New Contributors

0.8.6 / 2024-01-28

0.8.5 / 2023-09-21

0.8.4 / 2023-07-04

0.8.3 / 2023-06-22

0.8.1 / 2022-09-06

0.8.0 / 2022-09-05

v5.28.3

⚠️ Security Release ⚠️

v5.28.2

What's Changed

New Contributors

v5.28.1

What's Changed

v5.28.0

What's Changed

Uh oh!

dependabot Bot commented on behalf of github Feb 16, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants