From b0140bb3c03c84b2301754e3c7b08ddfc9790ee6 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 17 Feb 2026 06:16:17 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504
- https://snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597
- https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
- https://snyk.io/vuln/SNYK-JS-NANOID-8492085
- https://snyk.io/vuln/SNYK-JS-SHAJS-12089400
- https://snyk.io/vuln/SNYK-JS-SOLANAWEB3JS-6647564
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086
- https://snyk.io/vuln/SNYK-JS-QS-14724253
- https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220
- https://snyk.io/vuln/SNYK-JS-QS-15268416
- https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337
- https://snyk.io/vuln/SNYK-JS-WS-7266574
- https://snyk.io/vuln/SNYK-JS-TMP-11501554
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694
- https://snyk.io/vuln/SNYK-JS-BASEX-10118294
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
---
 package.json | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/package.json b/package.json
index c6f43e711d5..1cf132f4596 100644
--- a/package.json
+++ b/package.json
@@ -30,13 +30,13 @@
     "@aave/contract-helpers": "1.36.1",
     "@aave/math-utils": "1.36.1",
     "@bgd-labs/aave-address-book": "4.36.0",
-    "@coinbase/wallet-sdk": "3.8.0-beta.3",
+    "@coinbase/wallet-sdk": "3.9.0",
     "@debank/common": "0.3.60",
     "@debank/festats": "1.0.1",
     "@dnd-kit/core": "5.0.1",
     "@dnd-kit/sortable": "6.0.0",
     "@dnd-kit/utilities": "3.0.2",
-    "@eth-optimism/contracts": "0.5.32",
+    "@eth-optimism/contracts": "0.5.34",
     "@eth-optimism/contracts-ts": "0.17.2",
     "@ethereumjs/common": "4.4.0",
     "@ethereumjs/rlp": "5.0.2",
@@ -44,9 +44,9 @@
     "@ethereumjs/util": "9.1.0",
     "@ethereumjs/wallet": "2.0.4",
     "@imkey/web3-provider": "1.3.10",
-    "@keystonehq/hw-app-eth": "0.4.4",
+    "@keystonehq/hw-app-eth": "0.5.0",
     "@keystonehq/hw-transport-webusb": "0.3.2",
-    "@keystonehq/metamask-airgapped-keyring": "0.15.1",
+    "@keystonehq/metamask-airgapped-keyring": "0.15.2",
     "@ledgerhq/devices": "8.4.4",
     "@ledgerhq/hw-app-eth": "6.42.8",
     "@ledgerhq/hw-transport-webhid": "6.30.0",
@@ -107,7 +107,7 @@
     "crypto-browserify": "3.12.0",
     "dayjs": "1.10.7",
     "eth-rpc-errors": "4.0.3",
-    "ethers": "5.8.0",
+    "ethers": "6.0.0",
     "events": "3.3.0",
     "fflate": "0.8.2",
     "hdkey": "0.8.0",
@@ -117,16 +117,16 @@
     "interval-promise": "1.4.0",
     "koa-compose": "4.1.0",
     "lightweight-charts": "5.0.8",
-    "lodash": "4.17.21",
+    "lodash": "4.17.23",
     "loglevel": "1.7.1",
     "lottie-react": "2.4.0",
     "lru-cache": "6.0.0",
     "multiformats": "13.3.2",
-    "nanoid": "3.3.6",
+    "nanoid": "3.3.8",
     "obs-store": "4.0.3",
     "p-queue": "7.3.0",
     "p-retry": "5.1.2",
-    "patch-package": "6.4.7",
+    "patch-package": "8.0.1",
     "postinstall-postinstall": "2.1.0",
     "process": "0.11.10",
     "qrcode.react": "3.1.0",
@@ -155,7 +155,7 @@
     "url": "0.11.3",
     "uuid": "9.0.0",
     "viem": "2.23.15",
-    "web3-eth-abi": "1.7.0",
+    "web3-eth-abi": "4.1.3",
     "webextension-polyfill": "0.7.0"
   },
   "devDependencies": {