Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release v5.0.0 (rc) #4636

Merged
merged 1 commit into from
Sep 28, 2023
Merged

Release v5.0.0 (rc) #4636

merged 1 commit into from
Sep 28, 2023

Conversation

github-actions[bot]
Copy link
Contributor

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and publish to npm yourself or setup this action to publish automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to release-v5.0, this PR will be updated.

⚠️⚠️⚠️⚠️⚠️⚠️

release-v5.0 is currently in pre mode so this branch has prereleases rather than normal releases. If you want to exit prereleases, run changeset pre exit on release-v5.0.

⚠️⚠️⚠️⚠️⚠️⚠️

Releases

The changelog information of each package has been omitted from this message, as the content exceeds the size limit.

openzeppelin-solidity@5.0.0-rc.1

@github-actions github-actions bot force-pushed the changeset-release/release-v5.0 branch from 3b5b04f to df75984 Compare September 28, 2023 22:44
@frangio frangio merged commit bc96591 into release-v5.0 Sep 28, 2023
1 check passed
@frangio frangio deleted the changeset-release/release-v5.0 branch September 28, 2023 23:40
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Oct 29, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-10-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@openzeppelin/contracts</b></summary>
    <ul>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
      </li>
      <li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
      </li>
      <li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJjMDUxYjcyNi0zNzViLTRjODgtYmI2NS1iOTJjYTk5MjgxOWQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImMwNTFiNzI2LTM3NWItNGM4OC1iYjY1LWI5MmNhOTkyODE5ZCJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/ada51a90-dc7c-4239-82d9-c94c84ce1884?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/ada51a90-dc7c-4239-82d9-c94c84ce1884/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/ada51a90-dc7c-4239-82d9-c94c84ce1884/settings/integration?pkg&#x3D;@openzeppelin/contracts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"c051b726-375b-4c88-bb65-b92ca992819d","prPublicId":"c051b726-375b-4c88-bb65-b92ca992819d","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/ada51a90-dc7c-4239-82d9-c94c84ce1884?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"ada51a90-dc7c-4239-82d9-c94c84ce1884","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Oct 30, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **24 days ago**, on 2023-10-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@openzeppelin/contracts</b></summary>
    <ul>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
      </li>
      <li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
      </li>
      <li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NGQ0NjcxOS01ZDIzLTQ1MjYtYWJiOC00OGEwZmQ1N2QxZjgiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY0ZDQ2NzE5LTVkMjMtNDUyNi1hYmI4LTQ4YTBmZDU3ZDFmOCJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/f0dcf1c9-ecf1-445b-bc07-e8f73c595f54?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/f0dcf1c9-ecf1-445b-bc07-e8f73c595f54/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/f0dcf1c9-ecf1-445b-bc07-e8f73c595f54/settings/integration?pkg&#x3D;@openzeppelin/contracts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"64d46719-5d23-4526-abb8-48a0fd57d1f8","prPublicId":"64d46719-5d23-4526-abb8-48a0fd57d1f8","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/f0dcf1c9-ecf1-445b-bc07-e8f73c595f54?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"f0dcf1c9-ecf1-445b-bc07-e8f73c595f54","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Nov 2, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **25 days ago**, on 2023-10-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@openzeppelin/contracts</b></summary>
    <ul>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
      </li>
      <li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
      </li>
      <li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkM2Y0NDNhOS0xM2JkLTRhOWItOTNhYi0zZWE4NmM3MDYzNzEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQzZjQ0M2E5LTEzYmQtNGE5Yi05M2FiLTNlYTg2YzcwNjM3MSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3/settings/integration?pkg&#x3D;@openzeppelin/contracts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"d3f443a9-13bd-4a9b-93ab-3ea86c706371","prPublicId":"d3f443a9-13bd-4a9b-93ab-3ea86c706371","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"97d3c9a5-5005-4014-a95a-0055ab1eadd3","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Nov 4, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **a month ago**, on 2023-10-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@openzeppelin/contracts</b></summary>
    <ul>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
      </li>
      <li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
      </li>
      <li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIzMmE5YzZlMS03NWUxLTRmNjYtYWVkMS0xMTU5MzE1Y2IyNDgiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjMyYTljNmUxLTc1ZTEtNGY2Ni1hZWQxLTExNTkzMTVjYjI0OCJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14/settings/integration?pkg&#x3D;@openzeppelin/contracts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"32a9c6e1-75e1-4f66-aed1-1159315cb248","prPublicId":"32a9c6e1-75e1-4f66-aed1-1159315cb248","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"3a4e6031-90ad-4f6e-a8f2-e52f97555f14","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Nov 11, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **a month ago**, on 2023-10-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@openzeppelin/contracts</b></summary>
    <ul>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
      </li>
      <li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
      </li>
      <li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIzOTM3MmQwNi05NjU4LTQ1ZDMtYTdjYi02MzAyNzRjNGVjMmEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjM5MzcyZDA2LTk2NTgtNDVkMy1hN2NiLTYzMDI3NGM0ZWMyYSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/54f17531-02f0-4aa3-bc64-84e2a1c220af?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/54f17531-02f0-4aa3-bc64-84e2a1c220af/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/54f17531-02f0-4aa3-bc64-84e2a1c220af/settings/integration?pkg&#x3D;@openzeppelin/contracts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"39372d06-9658-45d3-a7cb-630274c4ec2a","prPublicId":"39372d06-9658-45d3-a7cb-630274c4ec2a","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/54f17531-02f0-4aa3-bc64-84e2a1c220af?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"54f17531-02f0-4aa3-bc64-84e2a1c220af","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Nov 14, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@openzeppelin/contracts from 4.9.3 to 5.0.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **a month ago**, on 2023-10-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@openzeppelin/contracts</b></summary>
    <ul>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">
Read more </a>
      </li>
      <li>
<b>5.0.0-rc.2</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul>
<li><code>AccessManager</code>: Make <code>schedule</code> and
<code>execute</code> more conservative when delay is 0.</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.1</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul>
<li>Upgradeable Contracts: No longer transpile interfaces, libraries,
and stateless contracts. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li>
<li><code>AccessManager</code>, <code>AccessManaged</code>,
<code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4
bytes is not padded to 4 bytes. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
<li><code>AccessManager</code>: Use named return parameters in functions
that return multiple values. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li>
</ul>
      </li>
      <li>
<b>5.0.0-rc.0</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">
Read more </a>
      </li>
      <li>
<b>4.9.3</b> - <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div
class="markdown-alert markdown-alert-note"><p><span
class="color-fg-accent text-semibold d-inline-flex flex-items-center
mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16"
version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8
8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0
0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75
0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8
6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br>
This release contains a fix for <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div>
<ul>
<li><code>ERC2771Context</code>: Return the forwarder address whenever
the <code>msg.data</code> of a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes), as specified by
ERC-2771. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li>
<li><code>ERC2771Context</code>: Prevent revert in
<code>_msgData()</code> when a call originating from a trusted forwarder
is not long enough to contain the request signer address (i.e.
<code>msg.data.length</code> is less than 20 bytes). Return the full
calldata in that case. (<a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484"
data-hovercard-type="pull_request"
data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI5MDk1ZDc2OC1lYWYwLTQyNDUtODdkNi04MDc4YjU1MWFhMmEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjkwOTVkNzY4LWVhZjAtNDI0NS04N2Q2LTgwNzhiNTUxYWEyYSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/f2f61b07-baad-4a52-ac95-10655506da42?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/f2f61b07-baad-4a52-ac95-10655506da42/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/f2f61b07-baad-4a52-ac95-10655506da42/settings/integration?pkg&#x3D;@openzeppelin/contracts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"9095d768-eaf0-4245-87d6-8078b551aa2a","prPublicId":"9095d768-eaf0-4245-87d6-8078b551aa2a","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/f2f61b07-baad-4a52-ac95-10655506da42?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"f2f61b07-baad-4a52-ac95-10655506da42","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant