From 68089c587b7cd6bbe2d792de1ad19de2d0829ba0 Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Wed, 18 Jan 2023 22:07:40 +0100 Subject: [PATCH 1/7] Use oz-upgrades-unsafe-allow-reachable in ERC1967Upgrade --- contracts/proxy/ERC1967/ERC1967Upgrade.sol | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/contracts/proxy/ERC1967/ERC1967Upgrade.sol b/contracts/proxy/ERC1967/ERC1967Upgrade.sol index 0f32d4d2307..6bbd2ba1191 100644 --- a/contracts/proxy/ERC1967/ERC1967Upgrade.sol +++ b/contracts/proxy/ERC1967/ERC1967Upgrade.sol @@ -13,8 +13,6 @@ import "../../utils/StorageSlot.sol"; * https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots. * * _Available since v4.1._ - * - * @custom:oz-upgrades-unsafe-allow delegatecall */ abstract contract ERC1967Upgrade { // This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1 @@ -61,6 +59,8 @@ abstract contract ERC1967Upgrade { * @dev Perform implementation upgrade with additional setup call. * * Emits an {Upgraded} event. + * + * @custom:oz-upgrades-unsafe-allow-reachable delegatecall */ function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal { _upgradeTo(newImplementation); @@ -162,6 +162,8 @@ abstract contract ERC1967Upgrade { * not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that). * * Emits a {BeaconUpgraded} event. + * + * @custom:oz-upgrades-unsafe-allow-reachable delegatecall */ function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal { _setBeacon(newBeacon); From 5774fc06dd5182d0d734df14b00e2339baf50ffd Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Wed, 18 Jan 2023 22:19:32 +0100 Subject: [PATCH 2/7] move natspec allow-reachable in UUPSUpgradeable.sol --- contracts/proxy/ERC1967/ERC1967Upgrade.sol | 4 ---- contracts/proxy/utils/UUPSUpgradeable.sol | 4 ++++ 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/contracts/proxy/ERC1967/ERC1967Upgrade.sol b/contracts/proxy/ERC1967/ERC1967Upgrade.sol index 6bbd2ba1191..0680f35499b 100644 --- a/contracts/proxy/ERC1967/ERC1967Upgrade.sol +++ b/contracts/proxy/ERC1967/ERC1967Upgrade.sol @@ -59,8 +59,6 @@ abstract contract ERC1967Upgrade { * @dev Perform implementation upgrade with additional setup call. * * Emits an {Upgraded} event. - * - * @custom:oz-upgrades-unsafe-allow-reachable delegatecall */ function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal { _upgradeTo(newImplementation); @@ -162,8 +160,6 @@ abstract contract ERC1967Upgrade { * not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that). * * Emits a {BeaconUpgraded} event. - * - * @custom:oz-upgrades-unsafe-allow-reachable delegatecall */ function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal { _setBeacon(newBeacon); diff --git a/contracts/proxy/utils/UUPSUpgradeable.sol b/contracts/proxy/utils/UUPSUpgradeable.sol index 8b736632851..bb696f6fa38 100644 --- a/contracts/proxy/utils/UUPSUpgradeable.sol +++ b/contracts/proxy/utils/UUPSUpgradeable.sol @@ -62,6 +62,8 @@ abstract contract UUPSUpgradeable is IERC1822Proxiable, ERC1967Upgrade { * Calls {_authorizeUpgrade}. * * Emits an {Upgraded} event. + * + * @custom:oz-upgrades-unsafe-allow-reachable delegatecall */ function upgradeTo(address newImplementation) external virtual onlyProxy { _authorizeUpgrade(newImplementation); @@ -75,6 +77,8 @@ abstract contract UUPSUpgradeable is IERC1822Proxiable, ERC1967Upgrade { * Calls {_authorizeUpgrade}. * * Emits an {Upgraded} event. + * + * @custom:oz-upgrades-unsafe-allow-reachable delegatecall */ function upgradeToAndCall(address newImplementation, bytes memory data) external payable virtual onlyProxy { _authorizeUpgrade(newImplementation); From 2ee335a0d60fdfff016ab25755c4a8a1dae94601 Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Thu, 19 Jan 2023 14:48:01 +0100 Subject: [PATCH 3/7] add changeset --- .changeset/strong-bulldogs-buy.md | 5 +++++ .changeset/yellow-swans-cover.md | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 .changeset/strong-bulldogs-buy.md create mode 100644 .changeset/yellow-swans-cover.md diff --git a/.changeset/strong-bulldogs-buy.md b/.changeset/strong-bulldogs-buy.md new file mode 100644 index 00000000000..0803c5d7a10 --- /dev/null +++ b/.changeset/strong-bulldogs-buy.md @@ -0,0 +1,5 @@ +--- +'openzeppelin-solidity': minor +--- + +`ERC1967Upgrade`: remove the existing, contract-wide, oz-upgrades-unsafe-allow natspec. ([#3971](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3971)) diff --git a/.changeset/yellow-swans-cover.md b/.changeset/yellow-swans-cover.md new file mode 100644 index 00000000000..1af06f55af4 --- /dev/null +++ b/.changeset/yellow-swans-cover.md @@ -0,0 +1,5 @@ +--- +'openzeppelin-solidity': minor +--- + +`UUPSUpgradeable`: add function specific oz-upgrades-unsafe-allow-reachable to improve check by latest version of the upgrades plugin (starting with `@openzeppelin/upgrades-core@1.21.0`). ([#3971](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3971)) From 0f707243eb2a72a5af50e60cde44e5dc63cc38c9 Mon Sep 17 00:00:00 2001 From: Francisco Date: Thu, 19 Jan 2023 18:36:17 -0300 Subject: [PATCH 4/7] Update strong-bulldogs-buy.md --- .changeset/strong-bulldogs-buy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changeset/strong-bulldogs-buy.md b/.changeset/strong-bulldogs-buy.md index 0803c5d7a10..940bd5f7113 100644 --- a/.changeset/strong-bulldogs-buy.md +++ b/.changeset/strong-bulldogs-buy.md @@ -2,4 +2,4 @@ 'openzeppelin-solidity': minor --- -`ERC1967Upgrade`: remove the existing, contract-wide, oz-upgrades-unsafe-allow natspec. ([#3971](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3971)) +`ERC1967Upgrade`: use more granular upgrade safety annotation. (Requires `@openzeppelin/upgrades-core@1.21.0`.) From 7d843e5f7c074e7673ff8c8a7b3cdd829864ce0a Mon Sep 17 00:00:00 2001 From: Francisco Giordano Date: Thu, 19 Jan 2023 18:37:42 -0300 Subject: [PATCH 5/7] Revert "Update strong-bulldogs-buy.md" This reverts commit 0f707243eb2a72a5af50e60cde44e5dc63cc38c9. --- .changeset/strong-bulldogs-buy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changeset/strong-bulldogs-buy.md b/.changeset/strong-bulldogs-buy.md index 940bd5f7113..0803c5d7a10 100644 --- a/.changeset/strong-bulldogs-buy.md +++ b/.changeset/strong-bulldogs-buy.md @@ -2,4 +2,4 @@ 'openzeppelin-solidity': minor --- -`ERC1967Upgrade`: use more granular upgrade safety annotation. (Requires `@openzeppelin/upgrades-core@1.21.0`.) +`ERC1967Upgrade`: remove the existing, contract-wide, oz-upgrades-unsafe-allow natspec. ([#3971](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3971)) From 2e5c32b21389e9eb8269806b8b0292c5f840f428 Mon Sep 17 00:00:00 2001 From: Francisco Giordano Date: Thu, 19 Jan 2023 18:42:40 -0300 Subject: [PATCH 6/7] remove PR links from changesets --- .changeset/strong-bulldogs-buy.md | 2 +- .changeset/yellow-swans-cover.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.changeset/strong-bulldogs-buy.md b/.changeset/strong-bulldogs-buy.md index 0803c5d7a10..7880f53e789 100644 --- a/.changeset/strong-bulldogs-buy.md +++ b/.changeset/strong-bulldogs-buy.md @@ -2,4 +2,4 @@ 'openzeppelin-solidity': minor --- -`ERC1967Upgrade`: remove the existing, contract-wide, oz-upgrades-unsafe-allow natspec. ([#3971](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3971)) +`ERC1967Upgrade`: remove the existing, contract-wide, oz-upgrades-unsafe-allow natspec. diff --git a/.changeset/yellow-swans-cover.md b/.changeset/yellow-swans-cover.md index 1af06f55af4..545c26c36ce 100644 --- a/.changeset/yellow-swans-cover.md +++ b/.changeset/yellow-swans-cover.md @@ -2,4 +2,4 @@ 'openzeppelin-solidity': minor --- -`UUPSUpgradeable`: add function specific oz-upgrades-unsafe-allow-reachable to improve check by latest version of the upgrades plugin (starting with `@openzeppelin/upgrades-core@1.21.0`). ([#3971](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3971)) +`UUPSUpgradeable`: add function specific oz-upgrades-unsafe-allow-reachable to improve check by latest version of the upgrades plugin (starting with `@openzeppelin/upgrades-core@1.21.0`). From 654ef386be3630b31607493a0cbca6803d93c36f Mon Sep 17 00:00:00 2001 From: Francisco Giordano Date: Thu, 19 Jan 2023 18:49:21 -0300 Subject: [PATCH 7/7] reword changesets --- .changeset/strong-bulldogs-buy.md | 2 +- .changeset/yellow-swans-cover.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.changeset/strong-bulldogs-buy.md b/.changeset/strong-bulldogs-buy.md index 7880f53e789..001b0f88fb9 100644 --- a/.changeset/strong-bulldogs-buy.md +++ b/.changeset/strong-bulldogs-buy.md @@ -2,4 +2,4 @@ 'openzeppelin-solidity': minor --- -`ERC1967Upgrade`: remove the existing, contract-wide, oz-upgrades-unsafe-allow natspec. +`ERC1967Upgrade`: removed contract-wide `oz-upgrades-unsafe-allow delegatecall` annotation, replaced by granular annotation in `UUPSUpgradeable`. diff --git a/.changeset/yellow-swans-cover.md b/.changeset/yellow-swans-cover.md index 545c26c36ce..ee168017898 100644 --- a/.changeset/yellow-swans-cover.md +++ b/.changeset/yellow-swans-cover.md @@ -2,4 +2,4 @@ 'openzeppelin-solidity': minor --- -`UUPSUpgradeable`: add function specific oz-upgrades-unsafe-allow-reachable to improve check by latest version of the upgrades plugin (starting with `@openzeppelin/upgrades-core@1.21.0`). +`UUPSUpgradeable`: added granular `oz-upgrades-unsafe-allow-reachable` annotation to improve upgrade safety checks on latest version of the Upgrades Plugins (starting with `@openzeppelin/upgrades-core@1.21.0`).