[Snyk] Upgrade @ethersproject/providers from 5.0.12 to 5.4.5

[snyk-bot]

Snyk has created this PR to upgrade @ethersproject/providers from 5.0.12 to 5.4.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 24 versions ahead of your current version.
• The recommended version was released 22 days ago, on 2021-08-27.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @ethersproject/providers

• 5.4.5 - 2021-08-27
  
  • Fxied getBlockWithTransactions results (1858). (78e4273)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-NvZDg6ALAelzcNNdjR3jfJwpEPg50zAPV5PB5BV1zx/+KF48DYHNKeUCllqDNjKj"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.4.5.umd.min.js">
  </script>

• 5.4.4 - 2021-08-18
  
  • Fixed Etherscan API key in default provider. (#1807; 1d27d95)
  • Adjust default masPriorityFeePerGas to account for MEV-heavy blocks. (#1817; 7175e2e)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-+zmUPvri3U8M4vN+Wf/Hp9TW5FZAEnEBnyiQ5/nJm/Bm5GjzrLGiDt36mx2uIVmr"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.4.4.umd.min.js">
  </script>

• 5.4.3 - 2021-07-30
  
  • Fixed JsonRpcProvider for pre-EIP-2930 chains. (#1766; 7274cd0)
  • Forward some missing EIP-1559 fields to call and estimateGas. (#1766; be3854e)
  • Fixed possible UnhandledPromiseException for bad ENS names. (63f8b28)
  • Prevent overriding value for non-payble constructors. (#1785; 593b488)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-vsz9YA+ULlESA0434y8k25Vio7Dzn/cFXLqZT+Dk4qv2IMESrfJqqlIws85A9n2g"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.4.3.umd.min.js">
  </script>

• 5.4.2 - 2021-07-23
  
  • Fix test case for new transactions responses. (0aafca7)
  • Added matic support to INFURA and Alchemy. (#1546; 576e9b5)
  • Added string change to coalesce errors on some clients. (bc5cc2e)
  • Added wait to transactions returned by getBlockWithTransactions. (#971; 660e69d)
  • Fixed floor, ceiling and round for FixedNumber for non-default Formats. (#1749; 551cfa0)
  • Fixed null confirmations in Wallet transaction. (#1706; 0f0d0c0)
  • Fixed Etherscan string change and enabled all tests. (a1f8d18)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-E3C8Sq6evrXkqc76OyCo0CoYAb/wRJnUekj79DC85Soudd4+MuAPY0VzpQYzhY68"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.4.2.umd.min.js">
  </script>

• 5.4.1 - 2021-07-03
  
  • Added Pocket back into Homestead defaultProvider and skip certain EtherscanProvider tests affected by outage. (6e8a39e)
  • Fixed EtherscanProvider NONCE_EXPIRED matching string update. (ecae793)
  • Fixed explicit EIP-1559 keys for JsonRpcSigner. (72feee8)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-xA6XksA+S81KMKVo5shbejvuHxb0UMBTEG1c2ifc8SsBJKISpURzwy2Y8dDo0fli"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.4.1.umd.min.js">
  </script>

• 5.4.0 - 2021-06-26
  
  • Added EIP-1559 support. (#1610; 319987e, 91fff14, c5bca77, 5456c35, 7a12216, e95708e)
  • Added effectiveGasPrice to receipt. (ba6854b)
  • Fixed ENS names for JsonRpcSigner. (1e31b34)
  • Added EIP-2930 and EIP-1559 transaction tests. (7deb4c1)
  • Added ConstructorFragment to exports. (7efc36d)
  • Added error utilities to Interface. (720bde7, f053a7a)
  • merged master including transaction type 0 legacy constant. (#1610; 2a7ce0e)
  • Added type to TransactionResponse and TrnsactionReceipt. (#1687; d001901)
  • Trap CALL_EXCEPTION errors when resolving ENS entries. (#1690; 91951dc)
  • Fixed transaction serialization with explicit null type. (#1628; 8277f5a)
  • Fix issue with loading JSON ABI with internalType property. (#728; e8a0144)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-dq8L5gpIcUoGAeHh/6setfxuuDI0ngshPvCvksSAcQMMWCr5cVFAaijT//nxVyjb"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.4.0.umd.min.js">
  </script>

• 5.3.1 - 2021-06-11
  
  • Fixed replacement transaction detection for JsonRpcSigner. (#1658; ee82e86)
  • Added Matic testnet info to networks. (#1546; 376cf3c)
  • Match Solidity identifier regex. (#1657; a6e128f)

  ---

  Embedding UMD with SRI:

  <script type="text/javascript"
          integrity="sha384-zZgfFkD87zp6N2ULUE4Phk7nmfBkaBrAnxZIbpdF5OuNXLV60CdxzFbaSqkgNymK"
          crossorigin="anonymous"
          src="https://cdn-cors.ethers.io/lib/ethers-5.3.1.umd.min.js">
  </script>

• 5.3.0 - 2021-06-01
• 5.2.0 - 2021-05-20
• 5.1.2 - 2021-04-20
• 5.1.1 - 2021-04-18
• 5.1.0 - 2021-03-30
• 5.0.24 - 2021-03-08
• 5.0.23 - 2021-02-13
• 5.0.22 - 2021-02-09
• 5.0.21 - 2021-02-03
• 5.0.20 - 2021-02-01
• 5.0.19 - 2021-01-14
• 5.0.18 - 2021-01-08
• 5.0.17 - 2020-11-26
• 5.0.16 - 2020-11-24
• 5.0.15 - 2020-11-18
• 5.0.14 - 2020-10-23
• 5.0.13 - 2020-10-19
• 5.0.12 - 2020-10-08

from @ethersproject/providers GitHub release notes

Commit messages

Package name: @ethersproject/providers

• c41b89a updated dist files.
• b6a061e More readable errors involving Uint8Arrays.
• a662490 Added Deferred Error support to Description objects to extent Interface parse methods (parseLog broken - repro available ethers-io/ethers.js#1894).
• bdb54ac docs: added cookbook entry to compute raw transaction (TransactionResponse no longer contains raw property ethers-io/ethers.js#1857).
• 32a90b6 docs: added Alchemy tutorial
• 95b87f6 docs: added BigNumber.toBigInt (BigNumber to BigInt documentation ethers-io/ethers.js#1799).
• 017b1fe Fix address coder to prepare non-hexdatastring addresses as hexdatastring (Verification of address is different from intent. ethers-io/ethers.js#1906).
• accb852 Removed temporary code for better errors needed until Alchemy added EIP-1559 support (AlchemyProvider does not support EIP-1559, But Alchemy node can support now. ethers-io/ethers.js#1893).
• f0b3bc3 Updated dist files.
• 78e4273 Fxied getBlockWithTransactions results (1858).
• dd09bf0 docs: dded code examples for Contract (Restore API Contract Documentation to v5 ethers-io/ethers.js#982).
• 4b163e9 docs: added dynamic localSigner
• aacb95c docs: added struct encoding example (Documentation is lacking for manually ABI-encoding structs ethers-io/ethers.js#1147, How to encode structs with a user defined type? ethers-io/ethers.js#1301, Docs: add examples for encoding ethers-io/ethers.js#1302).
• e6315a6 docs: remove need to restart dev node after each run.
• 3ac91a4 docs: added StaticJsonRpcProvider (StaticJsonRpcProvider to be mentioned in the docs ethers-io/ethers.js#1514, Add docs for StaticJsonRpcProvider ethers-io/ethers.js#1531).
• 2dd5c1a docs: Fixed topicset example (Update documentation to hex pad addresses in event topics ethers-io/ethers.js#1538).
• 2653449 docs: updated transactions for EIP-1559.
• cddb038 docs: added API for custom error coding.
• e80f8dd docs: updates for EIP-1559 (Error in the documentation with TransactionRequest. maxPiorityFeePerGas -> should be TransactionRequest. maxPriorityFeePerGas - missing r ethers-io/ethers.js#1777).
• 1b4bc7a docs: Fix listAccounts return type (listAccounts() returns a promise ethers-io/ethers.js#1851).
• 4e93945 Updated dist files.
• 1d27d95 Fixed Etherscan API key in default provider (lib/etherscan_provider.ts doesn't accept API key ethers-io/ethers.js#1807).
• 2e431a5 Temporarily remove Pocket fro provider tests.
• da4e107 Update dist files.

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs