Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release 2.26.0 (develop) #2213

Merged
merged 12 commits into from
May 31, 2024
Merged

Release 2.26.0 (develop) #2213

merged 12 commits into from
May 31, 2024

Conversation

Adamj1232
Copy link
Member

@Adamj1232 Adamj1232 commented May 30, 2024

✨ Highlights

📦 Changes per package

All @web3-onboard packages have been updated

@Adamj1232 Adamj1232 requested a review from lnbc1QWFyb24 May 30, 2024 21:18
Adamj1232 added 4 commits May 31, 2024 11:18
* Update WC versions

* Feature - Replace internal Ethers functionality with Viem - Add WAGMI support module (#2203)

* Replaced isAddress check from ethers

* Replace Ethers BigNumber usage with browser native BigInt

* Remove ethers from common

* Testing package size

* Working as expected!

* Disable ums

* Cleanup chain usage

* More cleanup

* Ens avatar testing

* Some ethers swapped out for viem in Trezor and import map expanded

* Alittle cleanup in Trezor

* revert Trezor changes

* All is working from old commit

* Fix conflict

* Remove logs

* Return Address type to official check

* Update versions and handle type issues

* Bump Viem to latest

* Add node version check and min set to 16.15.1

* Add npmrc files with engine-strict set to true to core, react and vue to ensure the node engine check is enforced

* Added function for converting wei in both hex and string to eth, updated chain usage for ens and l2s, added function for handling decimel resolution with bigints

* Return bignumber to core for now

* cleanup and testing, removing unused code, refactor and rename to properly reflect functionality

* Remove bignumber from core again

* Fix merge issue with unstoppable resolution

* Return getText function for ens and update to viem

* Refine ci changes scope to core and related packages

* Final pass of PR for cleanup and refactor

* Remove ethers from tp

* Update to latest viem

* Update cede and WC docs

* resolve conflict

* Update config to publish viem test branches

* Update tsconfig and types

* Update node version in core

* Bump versions for release and Remove console.log

* ENS working again

* Progress within hw wallets

* Progress on chain imports

* Further refinement on viem usage of public client

* refine ledger, deprecate v1

* Update TS, revert viem changes to HW-wallets

* Handle ts errors

* Update packages for test release

* Handle all ts errors!

* Cleanup

* Making progress

* Wagmi core

* Refine imports and test a whole bunch

* Fix build errors

* Try later version of node in CI

* Add sass types to common

* Update tsconfig

* Update imports from common

* Refine types

* Update core imports

* Update svelte preprocess

* Bump common version

* More refinements to core

* Remove log

* Update tsconfig for hw-common to resolve build error

* Ensure new utils file is part of commit

* Remove unnecessary commonjs as the issue was fixed by viem team

* Use viem utils in common

* Changes to versioning and ready for testing

* Bump version

* Merge in changes from viem branch

* More updates from viem branch

* Refine package intialization and wagmi init

* testing signing

* Update wagmi disconnect

* Update viem versions

* Yarn it

* Update publish workflow to publish all packages

* Fix issue and redeploy

* Update solid node build version

* Handle build errors

* Update configs for build

* Update ci build config

* Bump arcana  node version in CI

* Fix arcana

* Fix venly

* Update gnosis pakcage.json

* Get all of the changes from viem merged and stablelized

* Use toHex function, switch chain now working

* Handle multiple wallets correctly

* Still working thru MM sdk issues

* Working through issues

* Still working through MM issues

* Connect working for sdks

* wagmi support stabilized

* Cleanup logs

* More updates to wagmi on disconnect

* Refine disconnect

* Create and test wagmi module

* Create wagmi module

* Add wagmi docs

* Update examples

* Update disconnect to handle wagmi

* Handle ts errors in wagmi package

* Refine examples and more ts fixes

* Handle more errors

* Update tags to be named as wagmi

* Update CI for deployment

* Fix CI build for wagmi

* Update tsconfig

* Update tsconfig again

* Update docs examples

* Fix build error

* cleanup exports and hook within react and document

* Refine docs

* Capsule is working!

* Add note about init object to docs and readme

* Export all wagmi functions from wagmi package

* Update docs

* Fix examples

* Bump to latest versions of wagmi and viem

* bump common version

* Bump versions for latest deps

* Bump versions for pub

* Version from wagmi to alpha flag

* Revert testing ci changes

* update CI to remove testing flow

* Remove log

* Remove capsule for failing build from demo

* Fix wagmi versioning (#2206)

* Add sunset warnings to tx preview (#2205)

* Add sunset warnings to tx preview

* Update versioning and merge in develop

* Update wagmi usage docs (#2207)

* Update wagmi usage docs

* Refine example imports

* Refine wagmi API

* Refine docs, examples and use of wallet state to pass wagmiConnector

* Merge in develop

* Update wagmi docs

* Fix - Core import of wagmi module version  (#2210)

* Update versions to publish with exact version of core

* Yarn it

* Update hw-wallet packages for type alignment (#2211)

* Update packages for type alignment

* Docs building again!

* Update .github/workflows/docs.yml

* Revert unnecessary change

* Remove alpha.1 flags

* Update versions for release

* Update docs versions

* Remove log
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@types/animejs@3.1.12 None 0 8.55 kB types
npm/@types/bn.js@5.1.1 None 0 14.1 kB types
npm/@types/node@20.12.13 None 0 2.09 MB types
npm/@types/react@18.3.2 None +2 1.69 MB types
npm/@types/secp256k1@4.0.6 None 0 8.05 kB types
npm/@types/ws@7.4.7 None 0 18.9 kB types
npm/@vitejs/plugin-react@4.2.1 Transitive: environment, filesystem, unsafe +20 3.22 MB vitebot
npm/@walletconnect/jsonrpc-http-connection@1.0.8 Transitive: network +1 244 kB gancho_walletconnect
npm/@walletconnect/jsonrpc-provider@1.0.14 None 0 113 kB gancho_walletconnect
npm/@walletconnect/jsonrpc-types@1.0.4 None 0 49.7 kB gancho_walletconnect
npm/@walletconnect/keyvaluestorage@1.1.1 filesystem 0 84.2 kB gancho_walletconnect
npm/@walletconnect/logger@2.1.2 None 0 123 kB devceline
npm/@walletconnect/relay-api@1.0.10 None 0 89.2 kB gancho_walletconnect
npm/@web3-onboard/bitget@2.1.0-wagmi.2 None +2 528 kB cmeisl
npm/@web3-onboard/blocto@2.1.0-wagmi.2 Transitive: network +6 1.12 MB cmeisl
npm/@web3-onboard/cede-store@2.3.0-wagmi.2 None +8 1.16 MB cmeisl
npm/@web3-onboard/coinbase@2.3.0-wagmi.2 Transitive: network +1 376 kB cmeisl
npm/@web3-onboard/common@2.4.0-wagmi.2 None +8 4.91 MB cmeisl
npm/@web3-onboard/core@2.22.0-wagmi.4 network +7 7.78 MB cmeisl
npm/@web3-onboard/dcent@2.2.8 network +10 13.8 MB cmeisl
npm/@web3-onboard/enkrypt@2.1.0-wagmi.2 None 0 6.66 kB cmeisl
npm/@web3-onboard/fortmatic@2.1.0-wagmi.2 None 0 7.68 kB cmeisl
npm/@web3-onboard/frame@2.21.2-alpha.1 None +4 354 kB cmeisl
npm/@web3-onboard/frontier@2.1.0-wagmi.2 None 0 6.27 kB cmeisl
npm/@web3-onboard/gas@2.2.0-wagmi.2 None 0 9.01 kB cmeisl
npm/@web3-onboard/gnosis@2.3.0-wagmi.2 None 0 8.01 kB cmeisl
npm/@web3-onboard/infinity-wallet@2.1.0-wagmi.2 Transitive: environment +3 136 kB cmeisl
npm/@web3-onboard/injected-wallets@2.11.0-wagmi.2 None 0 570 kB cmeisl
npm/@web3-onboard/keepkey@2.3.8 Transitive: environment, network +27 19.8 MB cmeisl
npm/@web3-onboard/keystone@2.3.8 Transitive: environment, network +22 79.6 MB cmeisl
npm/@web3-onboard/ledger@2.7.0-wagmi.2 Transitive: environment, eval, network +44 20.4 MB cmeisl
npm/@web3-onboard/magic@2.2.0-wagmi.2 None 0 66.7 kB cmeisl
npm/@web3-onboard/metamask@2.1.0-wagmi.2 Transitive: environment, network +18 45.9 MB cmeisl
npm/@web3-onboard/mew-wallet@2.1.0-wagmi.2 None 0 18 kB cmeisl
npm/@web3-onboard/particle-network@2.1.0-wagmi.2 Transitive: network +7 3.7 MB cmeisl
npm/@web3-onboard/phantom@2.1.0-wagmi.2 None 0 6.24 kB cmeisl
npm/@web3-onboard/portis@2.2.0-wagmi.2 Transitive: environment +3 911 kB cmeisl
npm/@web3-onboard/sequence@2.1.0-wagmi.2 Transitive: environment, network +17 3.29 MB cmeisl
npm/@web3-onboard/taho@2.1.0-wagmi.2 None 0 21.6 kB cmeisl
npm/@web3-onboard/torus@2.3.0-wagmi.2 Transitive: network +7 2.44 MB cmeisl
npm/@web3-onboard/transaction-preview@2.1.0-wagmi.2 None 0 95.5 kB cmeisl
npm/@web3-onboard/trezor@2.4.4 Transitive: environment, eval, filesystem, network, unsafe +97 31.2 MB cmeisl
npm/@web3-onboard/trust@2.1.0-wagmi.2 None 0 9.48 kB cmeisl
npm/@web3-onboard/uauth@2.2.0-wagmi.2 Transitive: environment, eval, filesystem, network +57 20 MB cmeisl
npm/@web3-onboard/venly@2.1.0-wagmi.2 Transitive: network +13 3.2 MB cmeisl
npm/@web3-onboard/walletconnect@2.6.0-wagmi.2 Transitive: environment, eval, network +26 20.5 MB cmeisl
npm/@web3-onboard/web3auth@2.3.0-wagmi.2 Transitive: eval, network +62 77.8 MB cmeisl
npm/@web3-onboard/xdefi@2.1.0-wagmi.2 None 0 10 kB cmeisl
npm/@web3-onboard/zeal@2.1.0-wagmi.2 None 0 4.06 kB cmeisl
npm/@web3auth/base@5.2.0 None +4 5.27 MB chaitanyapotti
npm/agent-base@6.0.2 None 0 34.6 kB tootallnate
npm/animejs@3.2.2 None 0 109 kB juliangarnier
npm/ansi-styles@3.2.1 None +2 45.7 kB sindresorhus
npm/anymatch@3.1.3 None 0 9.65 kB phated
npm/assert-plus@1.0.0 environment 0 11.4 kB pfmooney
npm/assert@2.1.0 None 0 82.1 kB ljharb
npm/async@2.6.4 None 0 541 kB hargasinski
npm/autoprefixer@10.4.19 environment 0 199 kB ai
npm/axios@0.21.4 environment, network 0 375 kB jasonsaayman
npm/big-integer@1.6.52 None 0 175 kB peterolson
npm/bignumber.js@9.1.2 None 0 351 kB mikemcl
npm/bindings@1.5.0 environment, filesystem 0 11.2 kB tootallnate
npm/bip32@2.0.6 None +1 599 kB junderw
npm/bip66@1.1.5 None 0 7.79 kB dcousens
npm/bitcoin-ops@1.4.1 None 0 4.38 kB dcousens
npm/blakejs@1.2.1 None 0 156 kB dcposch
npm/bnc-sdk@4.6.9 None +2 883 kB cmeisl
npm/braces@3.0.3 None 0 44.6 kB jonschlinkert
npm/browserify-aes@1.2.0 None +1 34.6 kB cwmma
npm/browserify-rsa@4.1.0 None 0 3.68 kB cwmma
npm/browserify-zlib@0.2.0 None 0 192 kB dignifiedquire
npm/browserslist@4.23.0 environment, filesystem +1 353 kB ai
npm/bs58@4.0.1 None +1 13.9 kB dcousens
npm/bs58check@2.1.2 None 0 4.79 kB dcousens
npm/bufferutil@4.0.8 None 0 414 kB lpinca
npm/call-bind@1.0.7 None +2 46.2 kB ljharb
npm/caniuse-lite@1.0.30001620 None 0 2.05 MB caniuse-lite
npm/chokidar@3.6.0 environment, filesystem 0 90.2 kB paulmillr
npm/cipher-base@1.0.4 None 0 7.95 kB cwmma
npm/citty@0.1.6 Transitive: environment +1 273 kB pi0
npm/clone@2.1.2 None 0 15.9 kB pvorb
npm/clsx@1.2.1 None 0 5.67 kB lukeed
npm/combined-stream@1.0.8 None +1 19.5 kB alexindigo
npm/copy-to-clipboard@3.3.3 None 0 15.1 kB sudodoki
npm/cosmjs-types@0.5.2 None 0 16.4 MB webmaster128
npm/create-hash@1.2.0 None 0 5.21 kB cwmma
npm/create-hmac@1.1.7 None 0 5.81 kB cwmma
npm/crossws@0.2.4 None 0 356 kB pi0
npm/crypto-browserify@3.12.0 None +7 263 kB cwmma
npm/crypto-js@4.2.0 None 0 487 kB evanvosberg
npm/d@1.0.2 None 0 14.2 kB medikoo
npm/deepmerge@4.3.1 None 0 31.2 kB tehshrike
npm/define-data-property@1.1.4 None +2 55 kB ljharb
npm/define-properties@1.2.1 None 0 12.9 kB ljharb
npm/defu@6.1.4 None 0 19.6 kB pi0
npm/duplexify@4.1.3 None 0 18.3 kB mafintosh
npm/es5-ext@0.10.64 eval +2 465 kB medikoo
npm/es6-promise@4.2.8 None 0 315 kB stefanpenner
npm/es6-symbol@3.1.4 None 0 16.5 kB medikoo
npm/escalade@3.1.2 filesystem 0 11.6 kB lukeed

🚮 Removed packages: npm/@babel/runtime@7.18.9, npm/@ethersproject/abstract-provider@5.6.1, npm/@ethersproject/abstract-signer@5.6.2, npm/@ethersproject/address@5.6.1, npm/@ethersproject/base64@5.6.1, npm/@ethersproject/basex@5.6.1, npm/@ethersproject/bignumber@5.6.2, npm/@ethersproject/bytes@5.6.1, npm/@ethersproject/constants@5.6.1, npm/@ethersproject/hash@5.6.1, npm/@ethersproject/keccak256@5.6.1, npm/@ethersproject/logger@5.6.0, npm/@ethersproject/networks@5.6.4, npm/@ethersproject/properties@5.6.0, npm/@ethersproject/random@5.6.1, npm/@ethersproject/rlp@5.6.1, npm/@ethersproject/sha2@5.6.1, npm/@ethersproject/signing-key@5.6.2, npm/@ethersproject/strings@5.6.1, npm/@ethersproject/transactions@5.6.2, npm/@ethersproject/web@5.6.1, npm/@ledgerhq/connect-kit-loader@1.1.0, npm/@lit-labs/ssr-dom-shim@1.1.1, npm/@lit/reactive-element@1.6.2, npm/@web3-onboard/core@2.21.6, npm/@web3-onboard/ledger@2.6.0, npm/@web3-onboard/react@2.8.17, npm/ansi-styles@4.3.0, npm/array-includes@3.1.5, npm/bignumber.js@9.1.1, npm/call-bind@1.0.2, npm/define-properties@1.1.4, npm/es-abstract@1.20.1, npm/eslint-config-next@12.2.3, npm/eslint@8.20.0, npm/estraverse@5.3.0, npm/estree-walker@2.0.2, npm/get-intrinsic@1.1.2, npm/glob@7.1.7, npm/has-bigints@1.0.2, npm/has-symbols@1.0.3, npm/hash.js@1.1.7, npm/import-fresh@3.3.0, npm/inherits@2.0.4, npm/is-callable@1.2.4, npm/is-core-module@2.9.0, npm/is-glob@4.0.3, npm/is-string@1.0.7, npm/is-symbol@1.0.4, npm/is-typedarray@1.0.0, npm/jsx-ast-utils@3.3.2, npm/lit@2.7.6, npm/loose-envify@1.4.0, npm/merge2@1.4.1, npm/minimalistic-assert@1.0.1, npm/minimatch@3.1.2, npm/minimist@1.2.7, npm/ms@2.1.2, npm/next@12.2.4, npm/object-inspect@1.12.2, npm/once@1.4.0, npm/react-dom@18.2.0, npm/react@18.2.0, npm/regexp.prototype.flags@1.4.3, npm/resolve@1.22.1, npm/rxjs@7.5.6, npm/safe-buffer@5.2.1, npm/string-width@4.2.3, npm/strip-ansi@6.0.1, npm/strip-json-comments@3.1.1, npm/type-check@0.4.0, npm/uint8arrays@3.1.1, npm/valtio@1.11.0

View full report↗︎

Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSource
Install scripts npm/bigint-buffer@1.1.5
  • Install script: install
  • Source: npm run rebuild || echo "Couldn't build bindings. Non-native version used."
Install scripts npm/secp256k1@3.7.1
  • Install script: install
  • Source: npm run rebuild || echo "Secp256k1 bindings compilation fail. Pure JS implementation will be used."
  • orphan: npm/secp256k1@3.7.1
Install scripts npm/protobufjs@7.2.6
  • Install script: postinstall
  • Source: node scripts/postinstall
Install scripts npm/esbuild@0.19.12
  • orphan: npm/esbuild@0.19.12
Protestware/Troll package npm/es5-ext@0.10.64
  • Note: This package prints a protestware console message on install regarding Ukraine for users with Russian language locale
Install scripts npm/es5-ext@0.10.64
  • Install script: postinstall
  • Source: node -e "try{require('./_postinstall')}catch(e){}" || exit 0

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

What is protestware?

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Consider that consuming this package my come along with functionality unrelated to its primary purpose.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/bigint-buffer@1.1.5
  • @SocketSecurity ignore npm/secp256k1@3.7.1
  • @SocketSecurity ignore npm/protobufjs@7.2.6
  • @SocketSecurity ignore npm/esbuild@0.19.12
  • @SocketSecurity ignore npm/es5-ext@0.10.64

@Adamj1232 Adamj1232 merged commit 1b409a8 into develop May 31, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants