Skip to content

[Snyk] Upgrade @truffle/hdwallet-provider from 1.1.0 to 1.4.1 #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: interactive
Choose a base branch
from
Open

[Snyk] Upgrade @truffle/hdwallet-provider from 1.1.0 to 1.4.1 #4

wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link

Snyk has created this PR to upgrade @truffle/hdwallet-provider from 1.1.0 to 1.4.1.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 13 versions ahead of your current version.
  • The recommended version was released a month ago, on 2021-06-18.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-NORMALIZEURL-1296539		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insecure Credential Storage
SNYK-JS-WEB3-174533		 375/1000
Why? CVSS 7.5		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @truffle/hdwallet-provider
  • 1.4.1 - 2021-06-18
  • 1.4.0 - 2021-05-11
  • 1.3.1 - 2021-05-07
  • 1.3.0 - 2021-04-23
  • 1.2.6 - 2021-03-31
  • 1.2.5 - 2021-03-25
  • 1.2.4 - 2021-03-19
  • 1.2.3 - 2021-03-12
  • 1.2.3-preserves.0 - 2021-03-24
  • 1.2.2 - 2021-02-11
  • 1.2.1 - 2020-12-27
  • 1.2.0 - 2020-11-06
  • 1.1.1 - 2020-10-15
  • 1.1.0 - 2020-09-17
from @truffle/hdwallet-provider GitHub release notes
Commit messages
Package name: @truffle/hdwallet-provider
  • bd53ee4 Publish
  • 1d21792 Merge pull request #4118 from trufflesuite/fix/testy-rejections
  • f8cd8d6 Fix test and fix broken promise
  • 8431090 Merge pull request #4116 from trufflesuite/doc/help-compile
  • af49909 Handle unhandledRejectedPromise
  • f33f9fe Prettier
  • 47dac00 Merge pull request #4088 from trufflesuite/fix/unbox-1676
  • 68b88df Remove network option from compile command
  • 122549a Merge pull request #4110 from trufflesuite/import-type-initial
  • 9e99682 expnd var
  • 582f88d remove interpolation and ternary
  • 0b9667c convert tests to async/await
  • 6c3e45b apply prettier to test/box.js
  • 1fb60a0 update and comment regex
  • 5a1a802 apply prettier to box.ts
  • 0e03780 add, correct and format tests
  • dfcbabe guard spinner for integration test
  • 7de71be fix @ truffle/box imports across monorepo
  • 5f057d1 fix box imports in packages/box tests
  • bb7fa56 refactor normalizeSourcePath
  • 012c9f2 outline refactor with tests
  • 0f137ef Revert "Reclassify @ truffle/preserve as devDependency of @ truffle/preserve-fs"
  • 46b90c1 Merge pull request #4112 from trufflesuite/codec/upgrade-typedoc
  • a0df3a5 Upgrade codec's typedoc to v0.20.36

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snyk-bot