Skip to content
This repository was archived by the owner on Mar 5, 2025. It is now read-only.

chore: update deps to fix vulnerabilities #7389

Merged
merged 1 commit into from
Nov 19, 2024
Merged

chore: update deps to fix vulnerabilities #7389

merged 1 commit into from
Nov 19, 2024

Conversation

krzysu
Copy link
Contributor

@krzysu krzysu commented Nov 14, 2024

I used https://www.npmjs.com/package/yarn-audit-fix to automatically update dependencies to fix as many vulnerabilities as possible. See the results below:

before:

144 vulnerabilities found - Packages audited: 1644
Severity: 7 Low | 29 Moderate | 108 High

after:

60 vulnerabilities found - Packages audited: 1659
Severity: 6 Low | 5 Moderate | 49 High

Checklist:

  • I have selected the correct base branch.
  • I have performed a self-review of my own code.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have made corresponding changes to the documentation.
  • My changes generate no new warnings.
  • Any dependent changes have been merged and published in downstream modules.
  • I ran npm run lint with success and extended the tests and types if necessary.
  • I ran npm run test:unit with success.
  • I ran npm run test:coverage and my test cases cover all the lines and branches of the added code.
  • I ran npm run build and tested dist/web3.min.js in a browser.
  • I have tested my code on the live network.
  • I have checked the Deploy Preview and it looks correct.
  • I have updated the CHANGELOG.md file in the root folder.
  • I have linked Issue(s) with this PR in "Linked Issues" menu.

@github-actions GitHub Actions
Copy link

Bundle Stats

Hey there, this message comes from a GitHub action that helps you and reviewers to understand how these changes affect the size of this project's bundle.

As this PR is updated, I'll keep you updated on how the bundle size is impacted.

Total

Files count Total bundle size % Changed
10 649.08 kB → 648.94 kB (-140 B) -0.02%

Changeset

No files were changed

View detailed bundle breakdown

Added

No assets were added

Removed

No assets were removed

Bigger

No assets were bigger

Smaller

Asset File Size % Changed
web3.min.js 630.33 kB → 630.19 kB (-140 B) -0.02%

Unchanged

Asset File Size % Changed
../lib/commonjs/index.d.ts 8.72 kB 0%
../lib/commonjs/accounts.d.ts 3.06 kB 0%
../lib/commonjs/types.d.ts 2.73 kB 0%
../lib/commonjs/web3.d.ts 1.38 kB 0%
../lib/commonjs/web3_eip6963.d.ts 1.28 kB 0%
../lib/commonjs/abi.d.ts 1.06 kB 0%
../lib/commonjs/eth.exports.d.ts 280 B 0%
../lib/commonjs/providers.exports.d.ts 183 B 0%
../lib/commonjs/version.d.ts 60 B 0%

@krzysu krzysu added the dependencies Updates dependency label Nov 14, 2024
github-actions[bot]
github-actions bot reviewed Nov 14, 2024
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Benchmark

Benchmark suite Current: e23abe2 Previous: 1b367e6 Ratio
processingTx 22092 ops/sec (±6.79%) 22803 ops/sec (±7.61%) 1.03
processingContractDeploy 38688 ops/sec (±8.15%) 39134 ops/sec (±6.74%) 1.01
processingContractMethodSend 15833 ops/sec (±8.50%) 15697 ops/sec (±6.86%) 0.99
processingContractMethodCall 27057 ops/sec (±8.49%) 28086 ops/sec (±6.28%) 1.04
abiEncode 43449 ops/sec (±7.48%) 44672 ops/sec (±6.81%) 1.03
abiDecode 29859 ops/sec (±8.03%) 30809 ops/sec (±8.27%) 1.03
sign 1558 ops/sec (±0.61%) 1511 ops/sec (±3.64%) 0.97
verify 361 ops/sec (±2.85%) 366 ops/sec (±0.54%) 1.01

This comment was automatically generated by workflow using github-action-benchmark.

@codecov Codecov
Copy link

codecov bot commented Nov 14, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.51%. Comparing base (1b367e6) to head (e23abe2).
Report is 1 commits behind head on 4.x.

Additional details and impacted files 
@@           Coverage Diff           @@
##              4.x    #7389   +/-   ##
=======================================
  Coverage   94.51%   94.51%           
=======================================
  Files         218      218           
  Lines        8557     8557           
  Branches     2363     2363           
=======================================
  Hits         8088     8088           
  Misses        469      469
Flag Coverage Δ
UnitTests 94.51% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---- 🚨 Try these New Features:

@krzysu krzysu marked this pull request as ready for review November 14, 2024 13:02
@krzysu krzysu mentioned this pull request Nov 14, 2024
Closed
@krzysu krzysu merged commit 6229f4d into 4.x Nov 19, 2024
54 checks passed
@krzysu krzysu deleted the krzysu/fix-yarn-audit branch November 19, 2024 09:48
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@danforbes danforbes danforbes approved these changes

@avkos avkos Awaiting requested review from avkos

@jdevcs jdevcs Awaiting requested review from jdevcs jdevcs is a code owner

@luu-alex luu-alex Awaiting requested review from luu-alex

@Muhammad-Altabba Muhammad-Altabba Awaiting requested review from Muhammad-Altabba

Assignees
No one assigned
Labels
dependencies Updates dependency
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@krzysu @danforbes