[Snyk] Fix for 9 vulnerabilities#1
Open
kevinho1180 wants to merge 6324 commits intoMemoryLoadResolverfrom
Open
[Snyk] Fix for 9 vulnerabilities#1kevinho1180 wants to merge 6324 commits intoMemoryLoadResolverfrom
kevinho1180 wants to merge 6324 commits intoMemoryLoadResolverfrom
Conversation
Switch from c++17 to c++20 and reactivate fully static builds
…tests eof: Update `yulSyntaxTests` tests for EOF
…-workaround Fix Foundry version for PRB-Math external test
…eral-in-parser-base ParserBase: avoid copying around currentLiteral
- The ones in `functionCall` were testing multiple applications of `.value()`, which is no longer possible with the `{value: ...}` syntax.
- The ones in `various` became identical when the `.value()` syntax was deprecated.
…th EOF and legacy
…-to-work-on-eof-too Adjust semantic tests to work on both EOF and legacy
Update versions flyout menu location.
… experimental flag being set.
eof: Test that EOF sets the `experimental` flag in metadata
Update nightly CI to work with c++20 and restrict some tests to >= constantinople
eof: Syntax tests update
Fix wrong comment about blobhash behavior
…source_class Bump resource class for t_ems_ext_edr from small to medium
We overapproximate the behaviour here in the same way as for `block.basefee` and `blockhash`. For the first we only add the basic domain constraints and the second is modelled as an uninterpreted function. We also model the fact that the number of blobs in transaction is limited by returning 0 from blobhash() if the argument is greater or equal to the limit. The current limit is 6, but it will soon be increased to 9 in pectra update. Since we overapproximate the behaviour anyway, we can use the pectra limit immediately.
Remove cxx20 header containing reference implementation of erase_if
style: SETTINGS_PRESETS is not declared using const.
…ction SMTChecker: Fix analysis for selected contracts
…eck_for_builtin Yul Disambiguator: Don't check for builtins when translating identifiers
…from_inline_asm_mangling IRGeneratorForStatements: Remove outdated check against usr$ prefixing of builtins
…e-opt-friendly Make the peephole optimizer more optimizer-friendly
…struction-in-assembly-item AssemblyItem gets an optional instruction
…es-conversion-with-custom-types SMTChecker: Fix string literal to fixed bytes conversion with user-defined type
Update metadata docs for "libraries" and "compilationSettings" fields
AsmAnalysis: Stronger use of fmt, refactor function call analysis
…block ossfuzz and Yul interpreter use ast over block
…benchmarks Adds repeats to external benchmarks
fix: Remove unnecessary Expression temporary in CHCSmtLib2Interface Update CHCSmtLib2Interface.cpp Update CHCSmtLib2Interface.cpp add repeats to external.sh
fix: Remove unnecessary Expression temporary in CHCSmtLib2Interface
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix 9 vulnerabilities in the pip dependencies of this project.
Snyk changed the following file(s):
docs/requirements.txtImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Uncontrolled Resource Consumption ('Resource Exhaustion')
🦉 Eval Injection