build(deps): bump node-forge from 1.3.1 to 1.3.2 in the npm_and_yarn group across 1 directory by dependabot[bot] · Pull Request #20 · Dargon789/Rabby

dependabot · 2025-11-27T06:45:53Z

Bumps the npm_and_yarn group with 1 update in the / directory: node-forge.

Updates node-forge from 1.3.1 to 1.3.2

Changelog

1.3.2 - 2025-11-25

Security

HIGH: ASN.1 Validator Desynchronization

An Interpretation Conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.

Reported by Hunter Wodzenski.

CVE ID: CVE-2025-12816

GHSA ID: GHSA-5gfm-wpxj-wjgq

HIGH: ASN.1 Unbounded Recursion

An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs.

Reported by Hunter Wodzenski.

CVE ID: CVE-2025-66031

GHSA ID: GHSA-554w-wpv2-vw27

MODERATE: ASN.1 OID Integer Truncation

An Integer Overflow (CWE-190) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions.

Reported by Hunter Wodzenski.

CVE ID: CVE-2025-66030

GHSA ID: GHSA-65ch-62r8-g69g

Fixed

[asn1] Fix for vulnerability identified by CVE-2025-12816 PKCS#12 MAC verification bypass due to missing macData enforcement and improper asn1.validate routine.

[asn1] Add fromDer() max recursion depth check.

Add a asn1.maxDepth global configurable maximum depth of 256.

Add a asn1.fromDer() per-call maxDepth option.

NOTE: The default maximum is assumed to be higher than needed for valid data. If this assumption is false then this could be a breaking change. Please file an issue if there are use cases that need a higher maximum.

NOTE: The per-call maxDepth parameter has not been exposed up through all of the API stack due to the complexities involved. Please file an issue if there are use cases that require this instead of changing the default maximum.

[asn1] Improve OID handling.

Error on parsed OID values larger than 2**32 - 1.

Error on DER OID values larger than 2**53 - 1 .

Commits

235ad3e Release 1.3.2.
2598244 Update changelog.
0032dd0 Fix typos.
d75e08d Run new security test.
a5ce91d Update changelog formatting.
4652de6 Cleanups.
eb932d9 Fix typo.
db6954b Fix style.
afbf7d8 Align error message style.
6607445 Revert minor changes.
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

snyk-io · 2025-11-27T06:46:04Z

⚠️ Snyk checks are incomplete.

Status	Scanner	Critical	High	Medium	Low	Total (0)
⚠️	Open Source Security	0	0	0	0	See details

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

commit edc2344 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Dec 23 08:33:10 2025 +0700 build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dev scripts to use cross-env around the webpack build, so memory limits actually get raised * feat: add Gnosis Safe batch transaction support * build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Squashed commit of the following: commit edc2344 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Dec 23 08:33:10 2025 +0700 build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#22) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * feat: update approve list action (RabbyHub#3379) * style: tuning (RabbyHub#3378) * style: tuning * fix: tailwind * style: tuning * feat: lp token manage v2 (RabbyHub#3374) * feat: lp token manage v2 * fix: bugs * fix: bugs * fix: bugs * feat: + imkey in new user import (RabbyHub#3368) * feat: + imkey in new user import * chore: make linter happy * fix: custom rpc enable (RabbyHub#3367) * chore: update approve list (RabbyHub#3384) * fix: pinnedChain array (RabbyHub#3385) * fix: ui style (RabbyHub#3369) * style: change chain icon position * style: fix gnosis chain alert * fix: asset btn * fix: low value text * feat: update i18n * fix: robust change (RabbyHub#3386) * 0.93.68 * [release] 0.93.68 * feat: no need translate defi (RabbyHub#3391) * chore: update approve list (RabbyHub#3390) * fix: shake desktop (RabbyHub#3389) * feat: support password guard on whitelist (RabbyHub#3388) * feat: support password guard on whitelist * ux: tuning * chore: adjust and fix * fix: tuning * style: tuning * style: tuning * chore: tuning * chore: code cleanup * fix: search logic * style: tuning * style: little fix * feat: implement address deletion functionality and update UI messages (RabbyHub#3382) * feat: implement address deletion functionality and update UI messages * fix: remove authentic before goToHDManager * fix: ui not update after deleted * chore: remove useless console * feat: update i18n --------- Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> * 0.93.69 * [release] 0.93.69 * chore: rm useless zip * fix: all token mode filter (RabbyHub#3397) * fix: all token mode filter * docs: comment * fix: remove is verified filter * fix: is_verified filter * fix: style * feat: search contact balance token * feat: asset list contact * fix: search holds tokens * feat: add transaction gas limit mapping and integrate into gas limit calculation (RabbyHub#3400) * feat: enhance empty state display for seed phrase addresses (RabbyHub#3401) * fix: update localization messages for unsupported address type in multiple languages (RabbyHub#3403) * chore: update approve list (RabbyHub#3404) * feat: update gnosis chain (RabbyHub#3399) * feat: update gnosis chain * feat: udpate safe-deployments * feat: update gnosis sdk * feat: update changelog & i18n (RabbyHub#3405) * feat: update changelog * feat: update i18n * chore * 0.93.70 * [release] 0.93.70 * fix: package.json to reduce vulnerabilities (#24) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * build(deps): bump the npm_and_yarn group across 0 directory with 2 updates (#23) Updates `base-x` from 1.1.0 to 3.0.8 - [Commits](cryptocoinjs/base-x@v1.1.0...v3.0.8) Updates `cross-spawn` from 6.0.5 to 6.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6) --- updated-dependencies: - dependency-name: base-x dependency-version: 3.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 6.0.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 7: Client-side cross-site scripting (#25) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * feat: prediction (RabbyHub#3383) * wip * feat: implement auto-connect and personal sign logic; update UI components for better navigation and layout * feat: enhance auto personal sign logic with message validation and update RPC flow to pass message parameters * feat: add new home hover and inactive icons, update DesktopNav component * fix: approval auto flex * feat: add isFromDesktopDapp flag to ProviderRequest and update request handling * style: change layout * style: change token list style * refactor: wrap setupDappIframeSyncRoute in domReadyCall for improved loading handling * fix: adjust approval condition to handle non-desktop DApp requests * style: change profile header * chore: fix style * feat: add prediction feature support and loading state for DApp iframe * fix: ip * feat: update nav * feat: update prediction feature messages and dependencies * chore: fix some style * chore: fix style * chore: fix style * feat: delay setup of DApp iframe sync route for improved loading * feat: enhance auto personal sign condition for desktop DApp requests * fix: nav * fix: style * fix: style * Update src/background/controller/provider/autoConnect.ts Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> * fix: remove unnecessary blank line in shouldAutoPersonalSign function * fix: comment out IframeLoadingBar component in DappIframeLoading * fix: logo * fix: update rabby-api version to 0.9.53 --------- Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> * fix: tokenItem type is_core be null (RabbyHub#3407) * feat: update changelog (RabbyHub#3408) * feat: update changelog * feat: update i18n * 0.93.71 * [release] 0.93.71 * chore: update approve list (RabbyHub#3416) * feat: add kava in open ocean (RabbyHub#3414) * feat: update home pnl (RabbyHub#3413) * fix: update data splitting logic in getCustomTxParamsData to use regex for separator (RabbyHub#3409) * feat: enhance Dapp iframe with error handling and network messages (RabbyHub#3410) * feat: enhance Dapp iframe with error handling and network messages * feat: improve error component layout and add clsx for conditional styling * feat: enhance iframe loading and error handling based on permission status * fix: hash (RabbyHub#3415) * fix: hash * feat: update i18n * fix: perps history empty when switch account (RabbyHub#3417) * 0.93.72 * [release] 0.93.72 * chore: introduce claude code for code review * _raw\images * Potential fix for code scanning alert no. 6: Client-side cross-site scripting (#35) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#34) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: package.json to reduce vulnerabilities (#33) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACES-6838727 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660 - https://snyk.io/vuln/SNYK-JS-WEBPACK-7840298 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300775 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300777 - https://snyk.io/vuln/SNYK-JS-IP-12704893 - https://snyk.io/vuln/SNYK-JS-IP-12761655 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-IP-7148531 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-SIRV-12558119 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * [Snyk] Security upgrade ethers from 5.4.2 to 6.0.0 (#32) * chore(deps): bump h3 from 1.11.1 to 1.15.5 Bumps [h3](https://github.com/h3js/h3) from 1.11.1 to 1.15.5. - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 * chore(deps): bump lodash from 4.17.21 to 4.17.23 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump h3 in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [h3](https://github.com/h3js/h3). Updates `h3` from 1.11.1 to 1.15.5 - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * swap 1inch --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Drew Fisher <drew@pods.media> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: hz002 <zs4733525@gmail.com> Co-authored-by: richardo2016x <104543757+richardo2016x@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: DMY <147dmy@gmail.com> Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: kim <180150277+jinming0618@users.noreply.github.com>

* fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-WS-7266574 * fix: package.json to reduce vulnerabilities (#4) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459 - https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137 - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Circleci project setup (#5) * Add .circleci/config.yml * Add .circleci/config.yml * Add .circleci/config.yml * Add .circleci/config.yml * Updated config.yml * Create SECURITY.md (#2) Signed-off-by: AU_019 <64915515+Dargon789@users.noreply.github.com> * build(deps): bump the npm_and_yarn group across 1 directory with 14 updates (#6) Bumps the npm_and_yarn group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `6.7.2` | `7.119.1` | | [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.8` | | [semver](https://github.com/npm/node-semver) | `7.5.2` | `7.5.3` | | [postcss](https://github.com/postcss/postcss) | `8.4.31` | `8.4.32` | | [webpack](https://github.com/webpack/webpack) | `5.76.0` | `5.94.0` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.13.10` | `7.26.10` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.9` | | [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.1` | `6.0.2` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.1` | `5.3.4` | Updates `@sentry/browser` from 6.7.2 to 7.119.1 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.1/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@6.7.2...7.119.1) Updates `nanoid` from 3.3.6 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.6...3.3.8) Updates `semver` from 7.5.2 to 7.5.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.5.2...v7.5.3) Updates `postcss` from 8.4.31 to 8.4.32 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.31...8.4.32) Updates `webpack` from 5.76.0 to 5.94.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.76.0...v5.94.0) Updates `@babel/runtime` from 7.13.10 to 7.26.10 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `express` from 4.18.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.2...4.21.2) Updates `follow-redirects` from 1.14.9 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.9) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serialize-javascript` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.1...v6.0.2) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `webpack-dev-middleware` from 5.3.1 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serialize-javascript dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#7) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-IP-6240864 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-IP-7148531 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * build(deps): bump the npm_and_yarn group across 1 directory with 3 updates (#8) Bumps the npm_and_yarn group with 3 updates in the / directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [semver](https://github.com/npm/node-semver) and [postcss](https://github.com/postcss/postcss). Updates `@sentry/browser` from 7.119.1 to 7.119.2 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.2/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.119.1...7.119.2) Updates `semver` from 7.5.3 to 7.5.4 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.5.3...v7.5.4) Updates `postcss` from 8.4.32 to 8.4.33 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.32...8.4.33) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#9) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-9403194 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#10) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: package.json to reduce vulnerabilities (#12) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: package.json to reduce vulnerabilities (#13) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * build(deps): bump the npm_and_yarn group across 1 directory with 3 updates (#11) Bumps the npm_and_yarn group with 3 updates in the / directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [semver](https://github.com/npm/node-semver) and [postcss](https://github.com/postcss/postcss). Updates `@sentry/browser` from 7.119.2 to 7.120.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.0/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.119.2...7.120.0) Updates `semver` from 7.5.4 to 7.6.0 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.5.4...v7.6.0) Updates `postcss` from 8.4.33 to 8.4.34 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.33...8.4.34) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump the npm_and_yarn group across 1 directory with 10 updates (#14) Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `7.120.0` | `7.120.1` | | [semver](https://github.com/npm/node-semver) | `7.6.0` | `7.6.1` | | [postcss](https://github.com/postcss/postcss) | `8.4.34` | `8.4.35` | | [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.7.4` | `5.2.1` | | [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` | | [parse-uri](https://github.com/kikobeats/parse-uri) | `1.0.7` | `1.0.16` | | [pbkdf2](https://github.com/crypto-browserify/pbkdf2) | `3.1.2` | `3.1.3` | | [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` | Updates `@sentry/browser` from 7.120.0 to 7.120.1 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.1/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.120.0...7.120.1) Updates `semver` from 7.6.0 to 7.6.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.0...v7.6.1) Updates `postcss` from 8.4.34 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.34...8.4.35) Updates `webpack-dev-server` from 4.7.4 to 5.2.1 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v4.7.4...v5.2.1) Updates `form-data` from 4.0.0 to 4.0.4 - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.0...v4.0.4) Updates `http-proxy-middleware` from 2.0.3 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.3...v2.0.9) Updates `ip` from 1.1.5 to 2.0.0 - [Commits](indutny/node-ip@v1.1.5...v2.0.0) Updates `parse-uri` from 1.0.7 to 1.0.16 - [Release notes](https://github.com/kikobeats/parse-uri/releases) - [Changelog](https://github.com/Kikobeats/parse-uri/blob/v1.0.16/CHANGELOG.md) - [Commits](Kikobeats/parse-uri@v1.0.7...v1.0.16) Updates `pbkdf2` from 3.1.2 to 3.1.3 - [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md) - [Commits](browserify/pbkdf2@v3.1.2...v3.1.3) Updates `tiny-secp256k1` from 1.1.6 to 1.1.7 - [Commits](bitcoinjs/tiny-secp256k1@v1.1.6...v1.1.7) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 7.120.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 7.6.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.4.35 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack-dev-server dependency-version: 5.2.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: form-data dependency-version: 4.0.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-version: 2.0.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: parse-uri dependency-version: 1.0.16 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: pbkdf2 dependency-version: 3.1.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tiny-secp256k1 dependency-version: 1.1.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#15) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-BRACES-6838727 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * build(deps): bump the npm_and_yarn group across 1 directory with 5 updates (#17) Bumps the npm_and_yarn group with 3 updates in the / directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [semver](https://github.com/npm/node-semver) and [postcss](https://github.com/postcss/postcss). Updates `@sentry/browser` from 7.120.1 to 7.120.2 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.2/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.120.1...7.120.2) Updates `semver` from 7.6.1 to 7.6.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.1...v7.6.2) Updates `postcss` from 8.4.35 to 8.5.6 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.35...8.5.6) Updates `braces` from 2.3.2 to 3.0.2 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/commits/3.0.2) Updates `micromatch` from 3.1.10 to 4.0.4 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@3.1.10...4.0.4) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 7.120.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 7.6.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.5.6 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.4 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#18) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * build(deps): bump the npm_and_yarn group across 1 directory with 6 updates (#19) Bumps the npm_and_yarn group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `7.120.2` | `7.120.3` | | [semver](https://github.com/npm/node-semver) | `7.6.2` | `7.6.3` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.6` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.4` | `4.0.8` | | [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` | Updates `@sentry/browser` from 7.120.2 to 7.120.3 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.3/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.120.2...7.120.3) Updates `semver` from 7.6.2 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.2...v7.6.3) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cipher-base` from 1.0.4 to 1.0.6 - [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md) - [Commits](browserify/cipher-base@v1.0.4...v1.0.6) Updates `micromatch` from 4.0.4 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.4...4.0.8) Updates `sha.js` from 2.4.11 to 2.4.12 - [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md) - [Commits](browserify/sha.js@v2.4.11...v2.4.12) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 7.120.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 7.6.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cipher-base dependency-version: 1.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: sha.js dependency-version: 2.4.12 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: + imkey in new user import * chore: make linter happy * [release] 0.93.72 (#37) * Update dev scripts to use cross-env around the webpack build, so memory limits actually get raised * feat: add Gnosis Safe batch transaction support * build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Squashed commit of the following: commit edc2344 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Dec 23 08:33:10 2025 +0700 build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#22) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * feat: update approve list action (RabbyHub#3379) * style: tuning (RabbyHub#3378) * style: tuning * fix: tailwind * style: tuning * feat: lp token manage v2 (RabbyHub#3374) * feat: lp token manage v2 * fix: bugs * fix: bugs * fix: bugs * feat: + imkey in new user import (RabbyHub#3368) * feat: + imkey in new user import * chore: make linter happy * fix: custom rpc enable (RabbyHub#3367) * chore: update approve list (RabbyHub#3384) * fix: pinnedChain array (RabbyHub#3385) * fix: ui style (RabbyHub#3369) * style: change chain icon position * style: fix gnosis chain alert * fix: asset btn * fix: low value text * feat: update i18n * fix: robust change (RabbyHub#3386) * 0.93.68 * [release] 0.93.68 * feat: no need translate defi (RabbyHub#3391) * chore: update approve list (RabbyHub#3390) * fix: shake desktop (RabbyHub#3389) * feat: support password guard on whitelist (RabbyHub#3388) * feat: support password guard on whitelist * ux: tuning * chore: adjust and fix * fix: tuning * style: tuning * style: tuning * chore: tuning * chore: code cleanup * fix: search logic * style: tuning * style: little fix * feat: implement address deletion functionality and update UI messages (RabbyHub#3382) * feat: implement address deletion functionality and update UI messages * fix: remove authentic before goToHDManager * fix: ui not update after deleted * chore: remove useless console * feat: update i18n --------- Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> * 0.93.69 * [release] 0.93.69 * chore: rm useless zip * fix: all token mode filter (RabbyHub#3397) * fix: all token mode filter * docs: comment * fix: remove is verified filter * fix: is_verified filter * fix: style * feat: search contact balance token * feat: asset list contact * fix: search holds tokens * feat: add transaction gas limit mapping and integrate into gas limit calculation (RabbyHub#3400) * feat: enhance empty state display for seed phrase addresses (RabbyHub#3401) * fix: update localization messages for unsupported address type in multiple languages (RabbyHub#3403) * chore: update approve list (RabbyHub#3404) * feat: update gnosis chain (RabbyHub#3399) * feat: update gnosis chain * feat: udpate safe-deployments * feat: update gnosis sdk * feat: update changelog & i18n (RabbyHub#3405) * feat: update changelog * feat: update i18n * chore * 0.93.70 * [release] 0.93.70 * fix: package.json to reduce vulnerabilities (#24) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * build(deps): bump the npm_and_yarn group across 0 directory with 2 updates (#23) Updates `base-x` from 1.1.0 to 3.0.8 - [Commits](cryptocoinjs/base-x@v1.1.0...v3.0.8) Updates `cross-spawn` from 6.0.5 to 6.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6) --- updated-dependencies: - dependency-name: base-x dependency-version: 3.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 6.0.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 7: Client-side cross-site scripting (#25) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * feat: prediction (RabbyHub#3383) * wip * feat: implement auto-connect and personal sign logic; update UI components for better navigation and layout * feat: enhance auto personal sign logic with message validation and update RPC flow to pass message parameters * feat: add new home hover and inactive icons, update DesktopNav component * fix: approval auto flex * feat: add isFromDesktopDapp flag to ProviderRequest and update request handling * style: change layout * style: change token list style * refactor: wrap setupDappIframeSyncRoute in domReadyCall for improved loading handling * fix: adjust approval condition to handle non-desktop DApp requests * style: change profile header * chore: fix style * feat: add prediction feature support and loading state for DApp iframe * fix: ip * feat: update nav * feat: update prediction feature messages and dependencies * chore: fix some style * chore: fix style * chore: fix style * feat: delay setup of DApp iframe sync route for improved loading * feat: enhance auto personal sign condition for desktop DApp requests * fix: nav * fix: style * fix: style * Update src/background/controller/provider/autoConnect.ts Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> * fix: remove unnecessary blank line in shouldAutoPersonalSign function * fix: comment out IframeLoadingBar component in DappIframeLoading * fix: logo * fix: update rabby-api version to 0.9.53 --------- Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> * fix: tokenItem type is_core be null (RabbyHub#3407) * feat: update changelog (RabbyHub#3408) * feat: update changelog * feat: update i18n * 0.93.71 * [release] 0.93.71 * chore: update approve list (RabbyHub#3416) * feat: add kava in open ocean (RabbyHub#3414) * feat: update home pnl (RabbyHub#3413) * fix: update data splitting logic in getCustomTxParamsData to use regex for separator (RabbyHub#3409) * feat: enhance Dapp iframe with error handling and network messages (RabbyHub#3410) * feat: enhance Dapp iframe with error handling and network messages * feat: improve error component layout and add clsx for conditional styling * feat: enhance iframe loading and error handling based on permission status * fix: hash (RabbyHub#3415) * fix: hash * feat: update i18n * fix: perps history empty when switch account (RabbyHub#3417) * 0.93.72 * [release] 0.93.72 * chore: introduce claude code for code review * _raw\images * Potential fix for code scanning alert no. 6: Client-side cross-site scripting (#35) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#34) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: package.json to reduce vulnerabilities (#33) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACES-6838727 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660 - https://snyk.io/vuln/SNYK-JS-WEBPACK-7840298 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300775 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300777 - https://snyk.io/vuln/SNYK-JS-IP-12704893 - https://snyk.io/vuln/SNYK-JS-IP-12761655 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-IP-7148531 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-SIRV-12558119 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * [Snyk] Security upgrade ethers from 5.4.2 to 6.0.0 (#32) * chore(deps): bump h3 from 1.11.1 to 1.15.5 Bumps [h3](https://github.com/h3js/h3) from 1.11.1 to 1.15.5. - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 * chore(deps): bump lodash from 4.17.21 to 4.17.23 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump h3 in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [h3](https://github.com/h3js/h3). Updates `h3` from 1.11.1 to 1.15.5 - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * swap 1inch --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Drew Fisher <drew@pods.media> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: hz002 <zs4733525@gmail.com> Co-authored-by: richardo2016x <104543757+richardo2016x@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: DMY <147dmy@gmail.com> Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: kim <180150277+jinming0618@users.noreply.github.com> * Update job name in CircleCI config (#41) 94da053 CI: Update the CircleCI workflow to run the rabby-wallet-hub job instead of the previous job name. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_019 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> Co-authored-by: Drew Fisher <drew@pods.media> Co-authored-by: hz002 <zs4733525@gmail.com> Co-authored-by: richardo2016x <104543757+richardo2016x@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: DMY <147dmy@gmail.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: kim <180150277+jinming0618@users.noreply.github.com>

* Update dev scripts to use cross-env around the webpack build, so memory limits actually get raised * feat: add Gnosis Safe batch transaction support * build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... * Squashed commit of the following: commit edc2344 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Dec 23 08:33:10 2025 +0700 build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#22) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 * feat: update approve list action (RabbyHub#3379) * style: tuning (RabbyHub#3378) * style: tuning * fix: tailwind * style: tuning * feat: lp token manage v2 (RabbyHub#3374) * feat: lp token manage v2 * fix: bugs * fix: bugs * fix: bugs * feat: + imkey in new user import (RabbyHub#3368) * feat: + imkey in new user import * chore: make linter happy * fix: custom rpc enable (RabbyHub#3367) * chore: update approve list (RabbyHub#3384) * fix: pinnedChain array (RabbyHub#3385) * fix: ui style (RabbyHub#3369) * style: change chain icon position * style: fix gnosis chain alert * fix: asset btn * fix: low value text * feat: update i18n * fix: robust change (RabbyHub#3386) * 0.93.68 * [release] 0.93.68 * feat: no need translate defi (RabbyHub#3391) * chore: update approve list (RabbyHub#3390) * fix: shake desktop (RabbyHub#3389) * feat: support password guard on whitelist (RabbyHub#3388) * feat: support password guard on whitelist * ux: tuning * chore: adjust and fix * fix: tuning * style: tuning * style: tuning * chore: tuning * chore: code cleanup * fix: search logic * style: tuning * style: little fix * feat: implement address deletion functionality and update UI messages (RabbyHub#3382) * feat: implement address deletion functionality and update UI messages * fix: remove authentic before goToHDManager * fix: ui not update after deleted * chore: remove useless console * feat: update i18n --------- * 0.93.69 * [release] 0.93.69 * chore: rm useless zip * fix: all token mode filter (RabbyHub#3397) * fix: all token mode filter * docs: comment * fix: remove is verified filter * fix: is_verified filter * fix: style * feat: search contact balance token * feat: asset list contact * fix: search holds tokens * feat: add transaction gas limit mapping and integrate into gas limit calculation (RabbyHub#3400) * feat: enhance empty state display for seed phrase addresses (RabbyHub#3401) * fix: update localization messages for unsupported address type in multiple languages (RabbyHub#3403) * chore: update approve list (RabbyHub#3404) * feat: update gnosis chain (RabbyHub#3399) * feat: update gnosis chain * feat: udpate safe-deployments * feat: update gnosis sdk * feat: update changelog & i18n (RabbyHub#3405) * feat: update changelog * feat: update i18n * chore * 0.93.70 * [release] 0.93.70 * fix: package.json to reduce vulnerabilities (#24) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 * build(deps): bump the npm_and_yarn group across 0 directory with 2 updates (#23) Updates `base-x` from 1.1.0 to 3.0.8 - [Commits](cryptocoinjs/base-x@v1.1.0...v3.0.8) Updates `cross-spawn` from 6.0.5 to 6.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6) --- updated-dependencies: - dependency-name: base-x dependency-version: 3.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 6.0.6 dependency-type: indirect dependency-group: npm_and_yarn ... * Potential fix for code scanning alert no. 7: Client-side cross-site scripting (#25) * feat: prediction (RabbyHub#3383) * wip * feat: implement auto-connect and personal sign logic; update UI components for better navigation and layout * feat: enhance auto personal sign logic with message validation and update RPC flow to pass message parameters * feat: add new home hover and inactive icons, update DesktopNav component * fix: approval auto flex * feat: add isFromDesktopDapp flag to ProviderRequest and update request handling * style: change layout * style: change token list style * refactor: wrap setupDappIframeSyncRoute in domReadyCall for improved loading handling * fix: adjust approval condition to handle non-desktop DApp requests * style: change profile header * chore: fix style * feat: add prediction feature support and loading state for DApp iframe * fix: ip * feat: update nav * feat: update prediction feature messages and dependencies * chore: fix some style * chore: fix style * chore: fix style * feat: delay setup of DApp iframe sync route for improved loading * feat: enhance auto personal sign condition for desktop DApp requests * fix: nav * fix: style * fix: style * Update src/background/controller/provider/autoConnect.ts * fix: remove unnecessary blank line in shouldAutoPersonalSign function * fix: comment out IframeLoadingBar component in DappIframeLoading * fix: logo * fix: update rabby-api version to 0.9.53 --------- * fix: tokenItem type is_core be null (RabbyHub#3407) * feat: update changelog (RabbyHub#3408) * feat: update changelog * feat: update i18n * 0.93.71 * [release] 0.93.71 * chore: update approve list (RabbyHub#3416) * feat: add kava in open ocean (RabbyHub#3414) * feat: update home pnl (RabbyHub#3413) * fix: update data splitting logic in getCustomTxParamsData to use regex for separator (RabbyHub#3409) * feat: enhance Dapp iframe with error handling and network messages (RabbyHub#3410) * feat: enhance Dapp iframe with error handling and network messages * feat: improve error component layout and add clsx for conditional styling * feat: enhance iframe loading and error handling based on permission status * fix: hash (RabbyHub#3415) * fix: hash * feat: update i18n * fix: perps history empty when switch account (RabbyHub#3417) * 0.93.72 * [release] 0.93.72 * chore: introduce claude code for code review * _raw\images * Potential fix for code scanning alert no. 6: Client-side cross-site scripting (#35) * fix: package.json to reduce vulnerabilities (#34) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 * fix: package.json to reduce vulnerabilities (#33) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACES-6838727 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660 - https://snyk.io/vuln/SNYK-JS-WEBPACK-7840298 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300775 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300777 - https://snyk.io/vuln/SNYK-JS-IP-12704893 - https://snyk.io/vuln/SNYK-JS-IP-12761655 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-IP-7148531 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-SIRV-12558119 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 * [Snyk] Security upgrade ethers from 5.4.2 to 6.0.0 (#32) * chore(deps): bump h3 from 1.11.1 to 1.15.5 Bumps [h3](https://github.com/h3js/h3) from 1.11.1 to 1.15.5. - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect ... * fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 * chore(deps): bump lodash from 4.17.21 to 4.17.23 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: direct:production ... * build(deps): bump h3 in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [h3](https://github.com/h3js/h3). Updates `h3` from 1.11.1 to 1.15.5 - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect dependency-group: npm_and_yarn ... * swap 1inch --------- --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Drew Fisher <drew@pods.media> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: hz002 <zs4733525@gmail.com> Co-authored-by: richardo2016x <104543757+richardo2016x@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: DMY <147dmy@gmail.com> Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: kim <180150277+jinming0618@users.noreply.github.com>

* fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-WS-7266574 * fix: package.json to reduce vulnerabilities (#4) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459 - https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137 - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 * Circleci project setup (#5) * Add .circleci/config.yml * Add .circleci/config.yml * Add .circleci/config.yml * Add .circleci/config.yml * Updated config.yml * Create SECURITY.md (#2) * build(deps): bump the npm_and_yarn group across 1 directory with 14 updates (#6) Bumps the npm_and_yarn group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `6.7.2` | `7.119.1` | | [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.8` | | [semver](https://github.com/npm/node-semver) | `7.5.2` | `7.5.3` | | [postcss](https://github.com/postcss/postcss) | `8.4.31` | `8.4.32` | | [webpack](https://github.com/webpack/webpack) | `5.76.0` | `5.94.0` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.13.10` | `7.26.10` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.9` | | [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.1` | `6.0.2` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.1` | `5.3.4` | Updates `@sentry/browser` from 6.7.2 to 7.119.1 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.1/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@6.7.2...7.119.1) Updates `nanoid` from 3.3.6 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.6...3.3.8) Updates `semver` from 7.5.2 to 7.5.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.5.2...v7.5.3) Updates `postcss` from 8.4.31 to 8.4.32 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.31...8.4.32) Updates `webpack` from 5.76.0 to 5.94.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.76.0...v5.94.0) Updates `@babel/runtime` from 7.13.10 to 7.26.10 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `express` from 4.18.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.2...4.21.2) Updates `follow-redirects` from 1.14.9 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.9) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serialize-javascript` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.1...v6.0.2) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `webpack-dev-middleware` from 5.3.1 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serialize-javascript dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn ... * fix: package.json to reduce vulnerabilities (#7) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-IP-6240864 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-IP-7148531 * build(deps): bump the npm_and_yarn group across 1 directory with 3 updates (#8) Bumps the npm_and_yarn group with 3 updates in the / directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [semver](https://github.com/npm/node-semver) and [postcss](https://github.com/postcss/postcss). Updates `@sentry/browser` from 7.119.1 to 7.119.2 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.2/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.119.1...7.119.2) Updates `semver` from 7.5.3 to 7.5.4 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.5.3...v7.5.4) Updates `postcss` from 8.4.32 to 8.4.33 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.32...8.4.33) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn ... * fix: package.json to reduce vulnerabilities (#9) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-9403194 * fix: package.json to reduce vulnerabilities (#10) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 * fix: package.json to reduce vulnerabilities (#12) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 * fix: package.json to reduce vulnerabilities (#13) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 * build(deps): bump the npm_and_yarn group across 1 directory with 3 updates (#11) Bumps the npm_and_yarn group with 3 updates in the / directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [semver](https://github.com/npm/node-semver) and [postcss](https://github.com/postcss/postcss). Updates `@sentry/browser` from 7.119.2 to 7.120.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.0/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.119.2...7.120.0) Updates `semver` from 7.5.4 to 7.6.0 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.5.4...v7.6.0) Updates `postcss` from 8.4.33 to 8.4.34 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.33...8.4.34) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn ... * build(deps): bump the npm_and_yarn group across 1 directory with 10 updates (#14) Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `7.120.0` | `7.120.1` | | [semver](https://github.com/npm/node-semver) | `7.6.0` | `7.6.1` | | [postcss](https://github.com/postcss/postcss) | `8.4.34` | `8.4.35` | | [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.7.4` | `5.2.1` | | [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` | | [parse-uri](https://github.com/kikobeats/parse-uri) | `1.0.7` | `1.0.16` | | [pbkdf2](https://github.com/crypto-browserify/pbkdf2) | `3.1.2` | `3.1.3` | | [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` | Updates `@sentry/browser` from 7.120.0 to 7.120.1 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.1/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.120.0...7.120.1) Updates `semver` from 7.6.0 to 7.6.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.0...v7.6.1) Updates `postcss` from 8.4.34 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.34...8.4.35) Updates `webpack-dev-server` from 4.7.4 to 5.2.1 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v4.7.4...v5.2.1) Updates `form-data` from 4.0.0 to 4.0.4 - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.0...v4.0.4) Updates `http-proxy-middleware` from 2.0.3 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.3...v2.0.9) Updates `ip` from 1.1.5 to 2.0.0 - [Commits](indutny/node-ip@v1.1.5...v2.0.0) Updates `parse-uri` from 1.0.7 to 1.0.16 - [Release notes](https://github.com/kikobeats/parse-uri/releases) - [Changelog](https://github.com/Kikobeats/parse-uri/blob/v1.0.16/CHANGELOG.md) - [Commits](Kikobeats/parse-uri@v1.0.7...v1.0.16) Updates `pbkdf2` from 3.1.2 to 3.1.3 - [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md) - [Commits](browserify/pbkdf2@v3.1.2...v3.1.3) Updates `tiny-secp256k1` from 1.1.6 to 1.1.7 - [Commits](bitcoinjs/tiny-secp256k1@v1.1.6...v1.1.7) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 7.120.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 7.6.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.4.35 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack-dev-server dependency-version: 5.2.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: form-data dependency-version: 4.0.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-version: 2.0.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: parse-uri dependency-version: 1.0.16 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: pbkdf2 dependency-version: 3.1.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tiny-secp256k1 dependency-version: 1.1.7 dependency-type: indirect dependency-group: npm_and_yarn ... * fix: package.json to reduce vulnerabilities (#15) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-BRACES-6838727 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 * build(deps): bump the npm_and_yarn group across 1 directory with 5 updates (#17) Bumps the npm_and_yarn group with 3 updates in the / directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [semver](https://github.com/npm/node-semver) and [postcss](https://github.com/postcss/postcss). Updates `@sentry/browser` from 7.120.1 to 7.120.2 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.2/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.120.1...7.120.2) Updates `semver` from 7.6.1 to 7.6.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.1...v7.6.2) Updates `postcss` from 8.4.35 to 8.5.6 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.35...8.5.6) Updates `braces` from 2.3.2 to 3.0.2 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/commits/3.0.2) Updates `micromatch` from 3.1.10 to 4.0.4 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@3.1.10...4.0.4) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 7.120.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 7.6.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.5.6 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.4 dependency-type: indirect dependency-group: npm_and_yarn ... * fix: package.json to reduce vulnerabilities (#18) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 * build(deps): bump the npm_and_yarn group across 1 directory with 6 updates (#19) Bumps the npm_and_yarn group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `7.120.2` | `7.120.3` | | [semver](https://github.com/npm/node-semver) | `7.6.2` | `7.6.3` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.6` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.4` | `4.0.8` | | [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` | Updates `@sentry/browser` from 7.120.2 to 7.120.3 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.120.3/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@7.120.2...7.120.3) Updates `semver` from 7.6.2 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.2...v7.6.3) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cipher-base` from 1.0.4 to 1.0.6 - [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md) - [Commits](browserify/cipher-base@v1.0.4...v1.0.6) Updates `micromatch` from 4.0.4 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.4...4.0.8) Updates `sha.js` from 2.4.11 to 2.4.12 - [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md) - [Commits](browserify/sha.js@v2.4.11...v2.4.12) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 7.120.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 7.6.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cipher-base dependency-version: 1.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: sha.js dependency-version: 2.4.12 dependency-type: indirect dependency-group: npm_and_yarn ... * feat: + imkey in new user import * chore: make linter happy * [release] 0.93.72 (#37) * Update dev scripts to use cross-env around the webpack build, so memory limits actually get raised * feat: add Gnosis Safe batch transaction support * build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... * Squashed commit of the following: commit edc2344 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Dec 23 08:33:10 2025 +0700 build(deps): bump node-forge (#20) Bumps the npm_and_yarn group with 1 update in the / directory: [node-forge](https://github.com/digitalbazaar/forge). Updates `node-forge` from 1.3.1 to 1.3.2 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: node-forge dependency-version: 1.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#22) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 * feat: update approve list action (RabbyHub#3379) * style: tuning (RabbyHub#3378) * style: tuning * fix: tailwind * style: tuning * feat: lp token manage v2 (RabbyHub#3374) * feat: lp token manage v2 * fix: bugs * fix: bugs * fix: bugs * feat: + imkey in new user import (RabbyHub#3368) * feat: + imkey in new user import * chore: make linter happy * fix: custom rpc enable (RabbyHub#3367) * chore: update approve list (RabbyHub#3384) * fix: pinnedChain array (RabbyHub#3385) * fix: ui style (RabbyHub#3369) * style: change chain icon position * style: fix gnosis chain alert * fix: asset btn * fix: low value text * feat: update i18n * fix: robust change (RabbyHub#3386) * 0.93.68 * [release] 0.93.68 * feat: no need translate defi (RabbyHub#3391) * chore: update approve list (RabbyHub#3390) * fix: shake desktop (RabbyHub#3389) * feat: support password guard on whitelist (RabbyHub#3388) * feat: support password guard on whitelist * ux: tuning * chore: adjust and fix * fix: tuning * style: tuning * style: tuning * chore: tuning * chore: code cleanup * fix: search logic * style: tuning * style: little fix * feat: implement address deletion functionality and update UI messages (RabbyHub#3382) * feat: implement address deletion functionality and update UI messages * fix: remove authentic before goToHDManager * fix: ui not update after deleted * chore: remove useless console * feat: update i18n --------- * 0.93.69 * [release] 0.93.69 * chore: rm useless zip * fix: all token mode filter (RabbyHub#3397) * fix: all token mode filter * docs: comment * fix: remove is verified filter * fix: is_verified filter * fix: style * feat: search contact balance token * feat: asset list contact * fix: search holds tokens * feat: add transaction gas limit mapping and integrate into gas limit calculation (RabbyHub#3400) * feat: enhance empty state display for seed phrase addresses (RabbyHub#3401) * fix: update localization messages for unsupported address type in multiple languages (RabbyHub#3403) * chore: update approve list (RabbyHub#3404) * feat: update gnosis chain (RabbyHub#3399) * feat: update gnosis chain * feat: udpate safe-deployments * feat: update gnosis sdk * feat: update changelog & i18n (RabbyHub#3405) * feat: update changelog * feat: update i18n * chore * 0.93.70 * [release] 0.93.70 * fix: package.json to reduce vulnerabilities (#24) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 * build(deps): bump the npm_and_yarn group across 0 directory with 2 updates (#23) Updates `base-x` from 1.1.0 to 3.0.8 - [Commits](cryptocoinjs/base-x@v1.1.0...v3.0.8) Updates `cross-spawn` from 6.0.5 to 6.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6) --- updated-dependencies: - dependency-name: base-x dependency-version: 3.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 6.0.6 dependency-type: indirect dependency-group: npm_and_yarn ... * Potential fix for code scanning alert no. 7: Client-side cross-site scripting (#25) * feat: prediction (RabbyHub#3383) * wip * feat: implement auto-connect and personal sign logic; update UI components for better navigation and layout * feat: enhance auto personal sign logic with message validation and update RPC flow to pass message parameters * feat: add new home hover and inactive icons, update DesktopNav component * fix: approval auto flex * feat: add isFromDesktopDapp flag to ProviderRequest and update request handling * style: change layout * style: change token list style * refactor: wrap setupDappIframeSyncRoute in domReadyCall for improved loading handling * fix: adjust approval condition to handle non-desktop DApp requests * style: change profile header * chore: fix style * feat: add prediction feature support and loading state for DApp iframe * fix: ip * feat: update nav * feat: update prediction feature messages and dependencies * chore: fix some style * chore: fix style * chore: fix style * feat: delay setup of DApp iframe sync route for improved loading * feat: enhance auto personal sign condition for desktop DApp requests * fix: nav * fix: style * fix: style * Update src/background/controller/provider/autoConnect.ts * fix: remove unnecessary blank line in shouldAutoPersonalSign function * fix: comment out IframeLoadingBar component in DappIframeLoading * fix: logo * fix: update rabby-api version to 0.9.53 --------- * fix: tokenItem type is_core be null (RabbyHub#3407) * feat: update changelog (RabbyHub#3408) * feat: update changelog * feat: update i18n * 0.93.71 * [release] 0.93.71 * chore: update approve list (RabbyHub#3416) * feat: add kava in open ocean (RabbyHub#3414) * feat: update home pnl (RabbyHub#3413) * fix: update data splitting logic in getCustomTxParamsData to use regex for separator (RabbyHub#3409) * feat: enhance Dapp iframe with error handling and network messages (RabbyHub#3410) * feat: enhance Dapp iframe with error handling and network messages * feat: improve error component layout and add clsx for conditional styling * feat: enhance iframe loading and error handling based on permission status * fix: hash (RabbyHub#3415) * fix: hash * feat: update i18n * fix: perps history empty when switch account (RabbyHub#3417) * 0.93.72 * [release] 0.93.72 * chore: introduce claude code for code review * _raw\images * Potential fix for code scanning alert no. 6: Client-side cross-site scripting (#35) * fix: package.json to reduce vulnerabilities (#34) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-TMP-11501554 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 * fix: package.json to reduce vulnerabilities (#33) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACES-6838727 - https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-QS-14724253 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 - https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660 - https://snyk.io/vuln/SNYK-JS-WEBPACK-7840298 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300775 - https://snyk.io/vuln/SNYK-JS-WEBPACKDEVSERVER-10300777 - https://snyk.io/vuln/SNYK-JS-IP-12704893 - https://snyk.io/vuln/SNYK-JS-IP-12761655 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694 - https://snyk.io/vuln/SNYK-JS-IP-7148531 - https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564 - https://snyk.io/vuln/SNYK-JS-BASEX-10118294 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-SIRV-12558119 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 * [Snyk] Security upgrade ethers from 5.4.2 to 6.0.0 (#32) * chore(deps): bump h3 from 1.11.1 to 1.15.5 Bumps [h3](https://github.com/h3js/h3) from 1.11.1 to 1.15.5. - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect ... * fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 * chore(deps): bump lodash from 4.17.21 to 4.17.23 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: direct:production ... * build(deps): bump h3 in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [h3](https://github.com/h3js/h3). Updates `h3` from 1.11.1 to 1.15.5 - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md) - [Commits](h3js/h3@v1.11.1...v1.15.5) --- updated-dependencies: - dependency-name: h3 dependency-version: 1.15.5 dependency-type: indirect dependency-group: npm_and_yarn ... * swap 1inch --------- --------- * Update job name in CircleCI config (#41) 94da053 CI: Update the CircleCI workflow to run the rabby-wallet-hub job instead of the previous job name. --------- Signed-off-by: AU_019 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <galennnnnnn@gmail.com> Co-authored-by: Drew Fisher <drew@pods.media> Co-authored-by: hz002 <zs4733525@gmail.com> Co-authored-by: richardo2016x <104543757+richardo2016x@users.noreply.github.com> Co-authored-by: vvvvvv1vvvvvv <86296331+vvvvvv1vvvvvv@users.noreply.github.com> Co-authored-by: Hodor <lost1q84@gmail.com> Co-authored-by: DMY <147dmy@gmail.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: kim <180150277+jinming0618@users.noreply.github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Nov 27, 2025

Dargon789 force-pushed the dependabot/npm_and_yarn/npm_and_yarn-c0657a3c3e branch from 8bd8a54 to bc9474b Compare December 23, 2025 01:29

Dargon789 merged commit edc2344 into develop Dec 23, 2025
19 of 23 checks passed

Dargon789 deleted the dependabot/npm_and_yarn/npm_and_yarn-c0657a3c3e branch December 23, 2025 01:33

Dargon789 mentioned this pull request Jan 23, 2026

Main (#40) #42

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump node-forge from 1.3.1 to 1.3.2 in the npm_and_yarn group across 1 directory#20

build(deps): bump node-forge from 1.3.1 to 1.3.2 in the npm_and_yarn group across 1 directory#20
Dargon789 merged 1 commit intodevelopfrom
dependabot/npm_and_yarn/npm_and_yarn-c0657a3c3e

dependabot bot commented on behalf of github Nov 27, 2025

Uh oh!

snyk-io bot commented Nov 27, 2025 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Nov 27, 2025

1.3.2 - 2025-11-25

Security

Fixed

Uh oh!

snyk-io bot commented Nov 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ Snyk checks are incomplete.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

snyk-io bot commented Nov 27, 2025 •

edited

Loading