Skip to content

[Snyk] Upgrade eth-crypto from 2.3.0 to 2.6.0#46

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-1eb17210aeff222cdac3756ad218f67c
Open

[Snyk] Upgrade eth-crypto from 2.3.0 to 2.6.0#46
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-1eb17210aeff222cdac3756ad218f67c

Conversation

@snyk-bot
Copy link
Copy Markdown

@snyk-bot snyk-bot commented Apr 29, 2023

Snyk has created this PR to upgrade eth-crypto from 2.3.0 to 2.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 3 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2023-02-20.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Cross-site Scripting (XSS)
SNYK-JS-NUNJUCKS-5431309		 698/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: eth-crypto
  • 2.6.0 - 2023-02-20
  • 2.5.0 - 2022-12-03
  • 2.4.0 - 2022-10-27
  • 2.3.0 - 2022-04-20
from eth-crypto GitHub release notes
Commit messages
Package name: eth-crypto
  • 0bc0bf9 2.6.0
  • d4f5f70 Merge pull request #674 from pubkey/feature/replace-eccrypto
  • b52293c FIX config
  • 1991dc2 FIX deps
  • 58b73e9 FIX webpack build
  • 0175c3c UPDATE webpack
  • 55891a6 REFACTOR default imports/exports
  • 0bbb5df Update dependency solhint to v3.4.0
  • 3b63da3 Update README.md
  • d92db2c Update README.md
  • fee404c Update dependency webpack-bundle-analyzer to v4.8.0
  • d1a2f4b Update dependency typescript to v4.9.5
  • cccf122 Update dependency web3 to v1.8.2
  • 0708575 Update dependency @ babel/runtime to v7.20.13
  • 5173610 Update dependency solhint to v3.3.8
  • 02d6f50 Merge pull request #666 from omahs/master
  • 6eecc16 Fix: typos
  • 1c0e8c4 Fix: typos
  • 2d759a6 Fix: typos
  • 6bdcf8a Update dependency babel-loader to v9.1.2
  • d516a97 Update dependency @ babel/core to v7.20.12
  • e994ac7 Update dependency secp256k1 to v5
  • b7531e3 Update babel monorepo to v7.20.7
  • 3b05bb9 Update dependency typescript to v4.9.4

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot