[Snyk] Upgrade web3 from 0.19.1 to 4.8.0 #1
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade web3 from 0.19.1 to 4.8.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 383 versions ahead of your current version.
The recommended version was released on a month ago.
Issues fixed by the recommended upgrade:
SNYK-JS-CRYPTOJS-6028119
Release notes
Package name: web3
[4.8.0]
Changed
web3-eth-abi
web3-eth-accounts
Fixed
web3-eth-contract
web3-utils
Added
web3-eth-contract
web3-eth
getBlock
now includes properties of eip 4844, 4895, 4788 when returning block (#6933)withdrawalsSchema
,blockSchema
andblockHeaderSchema
schemas to include properties of eip 4844, 4895, 4788 (#6933)web3-types
signature
to typeAbiFunctionFragment
(#6922)Withdrawals
,block
andBlockHeaderOutput
to include properties of eip 4844, 4895, 4788 (#6933)New Contributors
[4.7.0]
added
web3-eth-contract
ContractDeploySend
,ContractMethodSend
,Web3PromiEvent
was exported (#6883)web3-eth-ens
fixed
web3-validator
web3-utils
toNumber(...)
function (#6880)Contributors
Thank you to the community who have contributed to this release 😄:
@ sgerodes #6882
@ EtlesL #6836
@ Jouzep #6853
@ sarthak1dev #6867
@ edison1105 #6885
@ gucovip #6886
@ testwill #6889
@ pengqiseven #6878
[4.6.0]
Added
web3
requestEIP6963Providers
for multi provider discoveryweb3-eth
eth.getMaxPriorityFeePerGas
method (#6748)web3-eth-ens
setAddress
in ENS and Resolver classes (#5956)web3-rpc-methods
getMaxPriorityFeePerGas
method (#6748)web3-types
FeeData
to be filled byawait web3.eth.calculateFeeData()
to be used with EIP-1559 transactions (#6795)Fixed
web3-utils
New Contributors
Thanks for contributions in web3.js lib:
[4.5.0]
Added
web3-utils
AbiItem
from 1.x to v4 for compatabiltiy (#6678)web3-types
AbiItem
from 1.x to v4 for compatabiltiy (#6678)Changed
web3
New Contributors
Thanks for contributions in web3.js lib:
[4.4.0]
Added
web3-eth
TransactionPollingTimeoutError
was added to send transaction events (#6623)Changed
web3-eth-abi
AbiError
instead ofError
for errors at web3-eth-abi (#6641).web3-eth-contract
deploy
function to accept parameters, even when no ABI was provided to theContract
(#6635)web3
Fixed
web3-eth-abi
web3-eth-accounts
common
did not have acopy()
and thechainId
was not provided (#6663)web3-eth-contract
contract.getPastEvents
orcontract.events.allEvents()
, if there is no matching events. (#6647)web3-utils
web3-validator
[4.3.0]
Changed
web3-core
contractDataInputFill
has been defaulted todata
, istead ofinput
. (#6622)web3-eth-contracts
data
instead ofinput
within method calls (#6622)Added
web3-utils
SocketProvider
now contains public functiongetPendingRequestQueueSize
,getSentRequestsQueueSize
andclearQueues
(#6479)safeDisconnect
as aSocketProvider
method to disconnect only when request queue size and send request queue size is 0 (#6479)isContractInitOptions
method (#6555)web3
Fixed
web3-rpc-methods
web3-utils
Added
web3-core
isMetaMaskProvider
function to check if provider is metamask (#6534)web3-types
MetaMaskProvider
added and is part ofSupportedProviders
(#6534)gasPrice
was added toTransaction1559UnsignedAPI
type. (#6539)Changed
web3
Fixed
web3-errors
transactionTimeoutHint
(#6559)web3-eth-contract
data
for transactions in contract for metamask provider instead ofinput
(#6534)Security
Maintenance Countdown:
Commencing from January 1, 2024, a 90-day countdown has been initiated, signaling the transition of Web3.js version 1.x into an end-of-maintenance phase.
Timeline of Changes:
90-Day Countdown (1/1/24 - 3/31/24): During this period, we strongly encourage users to plan accordingly and initiate the upgrade to Web3.js version 4.x
No New Bug Fixes (4/1/24 onwards):
Starting April 1, 2024, new bug fixes for Web3.js version 1.x will no longer be provided. To benefit from continued support and access to new features, we recommend upgrading to Web3.js version 4.x
End of Security Fixes (7/1/24):
Security fixes for Web3.js version 1.x will be discontinued from July 1, 2024. Upgrading to Web3.js version 4.x is crucial to ensure the security of your applications.
Security
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: