[Snyk] Upgrade: , hardhat, neverthrow, typescript #55

BitcoinOutput · 2024-09-07T22:36:51Z

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@types/mocha
from 9.1.0 to 9.1.1 | 1 version ahead of your current version | 2 years ago
on 2022-04-21
hardhat
from 2.9.3 to 2.22.8 | 76 versions ahead of your current version | a month ago
on 2024-08-07
neverthrow
from 4.3.1 to 4.4.2 | 1 version ahead of your current version | 2 years ago
on 2022-07-10
typescript
from 4.6.3 to 4.9.5 | 260 versions ahead of your current version | 2 years ago
on 2023-01-30

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-UNDICI-3323845	337	Proof of Concept
Denial of Service (DoS) SNYK-JS-WS-7266574	337	Proof of Concept
Prototype Pollution SNYK-JS-ASYNC-2441827	337	Proof of Concept
Uncontrolled resource consumption SNYK-JS-BRACES-6838727	337	Proof of Concept
Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	337	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	337	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	337	Proof of Concept
CRLF Injection SNYK-JS-UNDICI-3323844	337	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	337	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	337	Proof of Concept
Improper Certificate Validation SNYK-JS-UNDICI-2928996	337	Proof of Concept
CRLF Injection SNYK-JS-UNDICI-2953389	337	Proof of Concept
CRLF Injection SNYK-JS-UNDICI-2980276	337	No Known Exploit
Server-side Request Forgery (SSRF) SNYK-JS-UNDICI-2980286	337	No Known Exploit
Information Exposure SNYK-JS-UNDICI-5962466	337	No Known Exploit
Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	337	No Known Exploit
Improper Access Control SNYK-JS-UNDICI-6564963	337	No Known Exploit
Improper Authorization SNYK-JS-UNDICI-6564964	337	No Known Exploit
Information Exposure SNYK-JS-UNDICI-2957529	337	Proof of Concept

Release notes

Package name: @types/mocha

9.1.1 - 2022-04-21
9.1.0 - 2022-01-19

from @types/mocha GitHub release notes

Package name: hardhat

2.22.8 - 2024-08-07
This is a small bug fix release to resolve a bug with large responses from debug_traceTransaction.

Changes
- f5d5d15: Fixed an issue with debug_traceTransaction when large responses were generated
- 31d9d77: Upgraded EDR to v0.5.2
💡 The Nomic Foundation is hiring! Check our open positions.
2.22.7 - 2024-07-30
2.22.6 - 2024-07-01
2.22.5 - 2024-06-03
2.22.4 - 2024-05-14
2.22.3 - 2024-04-17
2.22.2 - 2024-03-21
2.22.1 - 2024-03-14
2.22.0 - 2024-03-13
2.21.0 - 2024-03-04
2.21.0-dev.1 - 2024-03-02
2.21.0-dev.0 - 2024-02-21
2.20.1 - 2024-02-15
2.20.0 - 2024-02-14
2.19.5 - 2024-01-30
2.19.4 - 2023-12-26
2.19.3 - 2023-12-19
2.19.2 - 2023-12-05
2.19.1 - 2023-11-15
2.19.0 - 2023-11-02
2.18.3 - 2023-10-24
2.18.2 - 2023-10-19
2.18.1 - 2023-10-11
2.18.0 - 2023-10-05
2.17.4 - 2023-09-27
2.17.3 - 2023-09-11
2.17.2 - 2023-08-28
2.17.1 - 2023-08-01
2.17.0 - 2023-07-14
2.16.1 - 2023-06-27
2.16.1-dev.0 - 2023-06-27
2.16.0 - 2023-06-22
2.16.0-dev.0 - 2023-06-21
2.15.0 - 2023-06-08
2.14.1 - 2023-05-31
2.14.0 - 2023-04-15
2.13.1 - 2023-04-10
2.13.0 - 2023-03-02
2.13.0-dev.4 - 2023-03-02
2.13.0-dev.3 - 2023-02-27
2.13.0-dev.2 - 2022-12-30
2.13.0-dev.1 - 2022-11-24
2.13.0-dev.0 - 2022-10-21
2.12.8-viair.0 - 2023-02-14
2.12.7 - 2023-02-09
2.12.6 - 2023-01-11
2.12.5 - 2022-12-29
2.12.4 - 2022-12-08
2.12.3 - 2022-11-30
2.12.2 - 2022-11-01
2.12.1 - 2022-10-27
2.12.1-unknown-txs.0 - 2022-10-24
2.12.1-ir.0 - 2022-10-12
2.12.0 - 2022-10-10
2.12.0-esm.1 - 2022-09-27
2.12.0-esm.0 - 2022-09-23
2.11.3-dev.0 - 2022-09-16
2.11.2 - 2022-09-14
2.11.1 - 2022-09-06
2.11.0 - 2022-09-02
2.11.0-rc.1 - 2022-09-02
2.11.0-rc.0 - 2022-08-31
2.11.0-dev.0 - 2022-08-23
2.10.2 - 2022-08-16
2.10.2-dev.0 - 2022-07-20
2.10.1 - 2022-07-13
2.10.0 - 2022-07-07
2.9.9 - 2022-06-08
2.9.8 - 2022-06-08
2.9.8-dev.0 - 2022-06-03
2.9.7 - 2022-05-30
2.9.6 - 2022-05-19
2.9.6-dev.1 - 2022-05-18
2.9.6-dev.0 - 2022-05-18
2.9.5 - 2022-05-12
2.9.4 - 2022-05-11
2.9.3 - 2022-04-05

from hardhat GitHub release notes

Package name: neverthrow

4.4.2 - 2022-07-10
Thanks to @ bhvngt for this submission.

ResultAsync.fromPromise and ResultAsync.fromSafePromise are now able to accept anything that implements the PromiseLike interface - in other words; anything that is "thenable". This includes objects such as Bluebird Promises and any other non-native promise-like object!
4.3.1 - 2021-11-19
User kieran-osgood submitted a fix for a long standing issue whereby proxies were suddenly disappearing within calls to combine:

#228

This issue is now resolved!

Additionally, the docs have been updated to reference eslint-plugin-neverthrow.

from neverthrow GitHub release notes

Package name: typescript

4.9.5 - 2023-01-30
4.9.4 - 2022-12-07
4.9.3 - 2022-11-15
4.9.2-rc - 2022-11-01
4.9.1-beta - 2022-09-23
4.9.0-dev.20221031 - 2022-10-31
4.9.0-dev.20221030 - 2022-10-30
4.9.0-dev.20221029 - 2022-10-29
4.9.0-dev.20221028 - 2022-10-28
4.9.0-dev.20221027 - 2022-10-27
4.9.0-dev.20221026 - 2022-10-26
4.9.0-dev.20221025 - 2022-10-25
4.9.0-dev.20221024 - 2022-10-24
4.9.0-dev.20221023 - 2022-10-23
4.9.0-dev.20221022 - 2022-10-22
4.9.0-dev.20221021 - 2022-10-21
4.9.0-dev.20221020 - 2022-10-20
4.9.0-dev.20221019 - 2022-10-19
4.9.0-dev.20221018 - 2022-10-18
4.9.0-dev.20221017 - 2022-10-17
4.9.0-dev.20221016 - 2022-10-16
4.9.0-dev.20221015 - 2022-10-15
4.9.0-dev.20221014 - 2022-10-14
4.9.0-dev.20221013 - 2022-10-13
4.9.0-dev.20221012 - 2022-10-12
4.9.0-dev.20221011 - 2022-10-11
4.9.0-dev.20221007 - 2022-10-07
4.9.0-dev.20221006 - 2022-10-06
4.9.0-dev.20221005 - 2022-10-05
4.9.0-dev.20221004 - 2022-10-04
4.9.0-dev.20221003 - 2022-10-03
4.9.0-dev.20221002 - 2022-10-02
4.9.0-dev.20221001 - 2022-10-01
4.9.0-dev.20220930 - 2022-09-30
4.9.0-dev.20220929 - 2022-09-29
4.9.0-dev.20220928 - 2022-09-28
4.9.0-dev.20220927 - 2022-09-27
4.9.0-dev.20220926 - 2022-09-26
4.9.0-dev.20220925 - 2022-09-25
4.9.0-dev.20220924 - 2022-09-24
4.9.0-dev.20220923 - 2022-09-23
4.9.0-dev.20220922 - 2022-09-22
4.9.0-dev.20220921 - 2022-09-21
4.9.0-dev.20220920 - 2022-09-20
4.9.0-dev.20220919 - 2022-09-19
4.9.0-dev.20220918 - 2022-09-18
4.9.0-dev.20220917 - 2022-09-17
4.9.0-dev.20220916 - 2022-09-16
4.9.0-dev.20220915 - 2022-09-15
4.9.0-dev.20220914 - 2022-09-14
4.9.0-dev.20220913 - 2022-09-13
4.9.0-dev.20220912 - 2022-09-12
4.9.0-dev.20220911 - 2022-09-11
4.9.0-dev.20220910 - 2022-09-10
4.9.0-dev.20220909 - 2022-09-09
4.9.0-dev.20220908 - 2022-09-08
4.9.0-dev.20220907 - 2022-09-07
4.9.0-dev.20220905 - 2022-09-05
4.9.0-dev.20220904 - 2022-09-04
4.9.0-dev.20220903 - 2022-09-03
4.9.0-dev.20220902 - 2022-09-02
4.9.0-dev.20220901 - 2022-09-01
4.9.0-dev.20220831 - 2022-08-31
4.9.0-dev.20220830 - 2022-08-30
4.9.0-dev.20220829 - 2022-08-29
4.9.0-dev.20220828 - 2022-08-28
4.9.0-dev.20220827 - 2022-08-27
4.9.0-dev.20220825 - 2022-08-25
4.9.0-dev.20220824 - 2022-08-24
4.9.0-dev.20220823 - 2022-08-23
4.9.0-dev.20220822 - 2022-08-22
4.9.0-dev.20220821 - 2022-08-21
4.9.0-dev.20220820 - 2022-08-20
4.9.0-dev.20220819 - 2022-08-19
4.9.0-dev.20220818 - 2022-08-18
4.9.0-dev.20220817 - 2022-08-17
4.9.0-dev.20220816 - 2022-08-16
4.9.0-dev.20220815 - 2022-08-15
4.9.0-dev.20220814 - 2022-08-14
4.9.0-dev.20220813 - 2022-08-13
4.9.0-dev.20220812 - 2022-08-12
4.9.0-dev.20220811 - 2022-08-11
4.9.0-beta - 2022-09-23
4.8.4 - 2022-09-27
4.8.3 - 2022-09-08
4.8.2 - 2022-08-25
4.8.1-rc - 2022-08-11
4.8.0-dev.20220809 - 2022-08-09
4.8.0-dev.20220808 - 2022-08-08
4.8.0-dev.20220807 - 2022-08-07
4.8.0-dev.20220806 - 2022-08-06
4.8.0-dev.20220805 - 2022-08-05
4.8.0-dev.20220804 - 2022-08-04
4.8.0-dev.20220803 - 2022-08-03
4.8.0-dev.20220802 - 2022-08-02
4.8.0-dev.20220801 - 2022-08-01
4.8.0-dev.20220731 - 2022-07-31
4.8.0-dev.20220730 - 2022-07-30
4.8.0-dev.20220729 - 2022-07-29
4.8.0-dev.20220728 - 2022-07-28
4.8.0-dev.20220727 - 2022-07-27
4.8.0-dev.20220726 - 2022-07-26
4.8.0-dev.20220725 - 2022-07-25
4.8.0-dev.20220724 - 2022-07-24
4.8.0-dev.20220723 - 2022-07-23
4.8.0-dev.20220722 - 2022-07-22
4.8.0-dev.20220721 - 2022-07-21
4.8.0-dev.20220720 - 2022-07-20
4.8.0-dev.20220719 - 2022-07-19
4.8.0-dev.20220718 - 2022-07-18
4.8.0-dev.20220717 - 2022-07-17
4.8.0-dev.20220716 - 2022-07-16
4.8.0-dev.20220715 - 2022-07-15
4.8.0-dev.20220714 - 2022-07-14
4.8.0-dev.20220713 - 2022-07-13
4.8.0-dev.20220712 - 2022-07-12
4.8.0-dev.20220711 - 2022-07-11
4.8.0-dev.20220710 - 2022-07-10
4.8.0-dev.20220709 - 2022-07-09
4.8.0-dev.20220708 - 2022-07-08
4.8.0-dev.20220707 - 2022-07-07
4.8.0-dev.20220706 - 2022-07-06
4.8.0-dev.20220705 - 2022-07-05
4.8.0-dev.20220704 - 2022-07-04
4.8.0-dev.20220703 - 2022-07-03
4.8.0-dev.20220701 - 2022-07-01
4.8.0-dev.20220630 - 2022-06-30
4.8.0-dev.20220629 - 2022-06-29
4.8.0-dev.20220628 - 2022-06-28
4.8.0-dev.20220627 - 2022-06-27
4.8.0-dev.20220626 - 2022-06-26
4.8.0-dev.20220625 - 2022-06-25
4.8.0-dev.20220624 - 2022-06-24
4.8.0-dev.20220623 - 2022-06-23
4.8.0-dev.20220622 - 2022-06-22
4.8.0-dev.20220621 - 2022-06-21
4.8.0-dev.20220620 - 2022-06-20
4.8.0-dev.20220619 - 2022-06-19
4.8.0-dev.20220618 - 2022-06-18
4.8.0-dev.20220617 - 2022-06-17
4.8.0-dev.20220616 - 2022-06-16
4.8.0-dev.20220615 - 2022-06-15
4.8.0-dev.20220614 - 2022-06-14
4.8.0-dev.20220613 - 2022-06-13
4.8.0-dev.20220612 - 2022-06-12
4.8.0-dev.20220611 - 2022-06-11
4.8.0-dev.20220610 - 2022-06-10
4.8.0-dev.20220609 - 2022-06-09
4.8.0-dev.20220608 - 2022-06-08
4.8.0-dev.20220606 - 2022-06-06
4.8.0-dev.20220605 - 2022-06-05
4.8.0-dev.20220604 - 2022-06-04
4.8.0-dev.20220603 - 2022-06-03
4.8.0-dev.20220602 - 2022-06-02
4.8.0-dev.20220601 - 2022-06-01
4.8.0-dev.20220531 - 2022-05-31
4.8.0-dev.20220530 - 2022-05-30
4.8.0-dev.20220529 - 2022-05-29
4.8.0-dev.20220528 - 2022-05-28
4.8.0-dev.20220527 - 2022-05-27
4.8.0-dev.20220526 - 2022-05-26
4.8.0-dev.20220525 - 2022-05-25
4.8.0-dev.20220524 - 2022-05-24
4.8.0-dev.20220523 - 2022-05-23
4.8.0-dev.20220522 - 2022-05-22
4.8.0-dev.20220521 - 2022-05-21
4.8.0-dev.20220520 - 2022-05-20
4.8.0-dev.20220519 - 2022-05-19
4.8.0-dev.20220518 - 2022-05-18
4.8.0-dev.20220517 - 2022-05-17
4.8.0-dev.20220516 - 2022-05-16
4.8.0-dev.20220515 - 2022-05-15
4.8.0-dev.20220514 - 2022-05-14
4.8.0-dev.20220513 - 2022-05-13
4.8.0-dev.20220512 - 2022-05-12
4.8.0-dev.20220511 - 2022-05-11
4.8.0-dev.20220510 - 2022-05-10
4.8.0-dev.20220509 - 2022-05-09
4.8.0-dev.20220508 - 2022-05-08
4.8.0-dev.20220507 - 2022-05-07
4.8.0-beta - 2022-06-21
4.7.4 - 2022-06-17
4.7.3 - 2022-06-03
4.7.2 - 2022-05-24
4.7.1-rc - 2022-05-11
4.7.0-dev.20220506 - 2022-05-06
4.7.0-dev.20220505 - 2022-05-05
4.7.0-dev.20220504 - 2022-05-04
4.7.0-dev.20220503 - 2022-05-03
4.7.0-dev.20220502 - 2022-05-02
4.7.0-dev.20220501 - 2022-05-01
4.7.0-dev.20220430 - 2022-04-30
4.7.0-dev.20220429 - 2022-04-29
4.7.0-dev.20220428 - 2022-04-28
4.7.0-dev.20220427 - 2022-04-27
4.7.0-dev.20220426 - 2022-04-26
4.7.0-dev.20220425 - 2022-04-25
4.7.0-dev.20220424 - 2022-04-24
4.7.0-dev.20220423 - 2022-04-23
4.7.0-dev.20220422 - 2022-04-22
4.7.0-dev.20220421 - 2022-04-21
4.7.0-dev.20220420 - 2022-04-20
4.7.0-dev.20220419 - 2022-04-19
4.7.0-dev.20220418 - 2022-04-18
4.7.0-dev.20220417 - 2022-04-17
4.7.0-dev.20220416 - 2022-04-16
4.7.0-dev.20220415 - 2022-04-15
4.7.0-dev.20220408 - 2022-04-08
4.7.0-dev.20220406 - 2022-04-06
4.7.0-dev.20220405 - 2022-04-05
4.7.0-dev.20220404 - 2022-04-04
4.7.0-dev.20220403 - 2022-04-03
4.7.0-dev.20220402 - 2022-04-02
4.7.0-dev.20220401 - 2022-04-01
4.7.0-dev.20220331 - 2022-03-31
4.7.0-dev.20220330 - 2022-03-30
4.7.0-dev.20220329 - 2022-03-29
4.7.0-dev.20220328 - 2022-03-28
4.7.0-dev.20220327 - 2022-03-27
4.7.0-dev.20220326 - 2022-03-26
4.7.0-dev.20220325 - 2022-03-25
4.7.0-dev.20220323 - 2022-03-23
4.7.0-dev.20220322 - 2022-03-22
4.7.0-dev.20220321 - 2022-03-21
4.7.0-dev.20220320 - 2022-03-20
4.7.0-dev.20220319 - 2022-03-19
4.7.0-dev.20220318 - 2022-03-18
4.7.0-dev.20220317 - 2022-03-17
4.7.0-dev.20220316 - 2022-03-16
4.7.0-dev.20220315 - 2022-03-15
4.7.0-dev.20220314 - 2022-03-14
4.7.0-dev.20220313 - 2022-03-13
4.7.0-dev.20220312 - 2022-03-12
4.7.0-dev.20220311 - 2022-03-11
4.7.0-dev.20220310 - 2022-03-10
4.7.0-dev.20220309 - 2022-03-09
4.7.0-dev.20220308 - 2022-03-08
4.7.0-dev.20220307 - 2022-03-07
4.7.0-dev.20220306 - 2022-03-06
4.7.0-dev.20220305 - 2022-03-05
4.7.0-dev.20220304 - 2022-03-04
4.7.0-dev.20220303 - 2022-03-03
4.7.0-dev.20220302 - 2022-03-02
4.7.0-dev.20220301 - 2022-03-01
4.7.0-dev.20220228 - 2022-02-28
4.7.0-dev.20220227 - 2022-02-27
4.7.0-dev.20220226 - 2022-02-26
4.7.0-dev.20220225 - 2022-02-25
4.7.0-dev.20220224 - 2022-02-24
4.7.0-dev.20220223 - 2022-02-23
4.7.0-dev.20220222 - 2022-02-22
4.7.0-dev.20220221 - 2022-02-21
4.7.0-dev.20220220 - 2022-02-20
4.7.0-dev.20220219 - 2022-02-19
4.7.0-dev.20220218 - 2022-02-18
4.7.0-dev.20220217 - 2022-02-17
4.7.0-dev.20220216 - 2022-02-16
4.7.0-dev.20220215 - 2022-02-15
4.7.0-beta - 2022-04-08
4.6.4 - 2022-04-28
4.6.3 - 2022-03-24

from typescript GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade: - @types/mocha from 9.1.0 to 9.1.1. See this package in npm: https://www.npmjs.com/package/@types/mocha - hardhat from 2.9.3 to 2.22.8. See this package in npm: https://www.npmjs.com/package/hardhat - neverthrow from 4.3.1 to 4.4.2. See this package in npm: https://www.npmjs.com/package/neverthrow - typescript from 4.6.3 to 4.9.5. See this package in npm: https://www.npmjs.com/package/typescript See this project in Snyk: https://app.snyk.io/org/debuggineffect/project/ffd3535a-9263-481d-bf9e-3c7c79661215?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade: , hardhat, neverthrow, typescript #55

[Snyk] Upgrade: , hardhat, neverthrow, typescript #55

BitcoinOutput commented Sep 7, 2024

Changes

[Snyk] Upgrade: , hardhat, neverthrow, typescript #55

Are you sure you want to change the base?

[Snyk] Upgrade: , hardhat, neverthrow, typescript #55

Conversation

BitcoinOutput commented Sep 7, 2024

Snyk has created this PR to upgrade multiple dependencies.

Issues fixed by the recommended upgrade:

Changes