Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Snyk] Upgrade @openzeppelin/contracts from 4.9.3 to 5.0.0 (#162)
<p>This PR was automatically created by Snyk using the credentials of a real user.</p><br /><h3>Snyk has created this PR to upgrade @openzeppelin/contracts from 4.9.3 to 5.0.0.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> *Warning:* This is a major version upgrade, and may be a breaking change. - The recommended version is **4 versions** ahead of your current version. - The recommended version was released **25 days ago**, on 2023-10-05. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>@openzeppelin/contracts</b></summary> <ul> <li> <b>5.0.0</b> - <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0">2023-10-05</a></br><a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0"> Read more </a> </li> <li> <b>5.0.0-rc.2</b> - <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.2">2023-10-02</a></br><ul> <li><code>AccessManager</code>: Make <code>schedule</code> and <code>execute</code> more conservative when delay is 0.</li> </ul> </li> <li> <b>5.0.0-rc.1</b> - <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.1">2023-09-28</a></br><ul> <li>Upgradeable Contracts: No longer transpile interfaces, libraries, and stateless contracts. (<a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4636" data-hovercard-type="pull_request" data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4636/hovercard">ethereum#4636</a>)</li> <li><code>AccessManager</code>, <code>AccessManaged</code>, <code>GovernorTimelockAccess</code>: Ensure that calldata shorter than 4 bytes is not padded to 4 bytes. (<a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624" data-hovercard-type="pull_request" data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li> <li><code>AccessManager</code>: Use named return parameters in functions that return multiple values. (<a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4624" data-hovercard-type="pull_request" data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4624/hovercard">ethereum#4624</a>)</li> </ul> </li> <li> <b>5.0.0-rc.0</b> - <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0">2023-09-19</a></br><a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v5.0.0-rc.0"> Read more </a> </li> <li> <b>4.9.3</b> - <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3">2023-07-28</a></br><div class="markdown-alert markdown-alert-note"><p><span class="color-fg-accent text-semibold d-inline-flex flex-items-center mb-1"><svg class="octicon octicon-info mr-2" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 8a8 8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0 0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75 0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8 6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path></svg>Note</span><br> This release contains a fix for <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp">GHSA-g4vp-m682-qqmp</a>.</p></div> <ul> <li><code>ERC2771Context</code>: Return the forwarder address whenever the <code>msg.data</code> of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. <code>msg.data.length</code> is less than 20 bytes), as specified by ERC-2771. (<a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4481" data-hovercard-type="pull_request" data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4481/hovercard">ethereum#4481</a>)</li> <li><code>ERC2771Context</code>: Prevent revert in <code>_msgData()</code> when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. <code>msg.data.length</code> is less than 20 bytes). Return the full calldata in that case. (<a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/pull/4484" data-hovercard-type="pull_request" data-hovercard-url="/OpenZeppelin/openzeppelin-contracts/pull/4484/hovercard">ethereum#4484</a>)</li> </ul> </li> </ul> from <a href="https://snyk.io/redirect/github/OpenZeppelin/openzeppelin-contracts/releases">@openzeppelin/contracts GitHub release notes</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkM2Y0NDNhOS0xM2JkLTRhOWItOTNhYi0zZWE4NmM3MDYzNzEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQzZjQ0M2E5LTEzYmQtNGE5Yi05M2FiLTNlYTg2YzcwNjM3MSJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3/settings/integration?pkg=@openzeppelin/contracts&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"d3f443a9-13bd-4a9b-93ab-3ea86c706371","prPublicId":"d3f443a9-13bd-4a9b-93ab-3ea86c706371","dependencies":[{"name":"@openzeppelin/contracts","from":"4.9.3","to":"5.0.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/97d3c9a5-5005-4014-a95a-0055ab1eadd3?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"97d3c9a5-5005-4014-a95a-0055ab1eadd3","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-10-05T18:00:56.344Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]}) --->
- Loading branch information