From 4f2c6af70973f618aa26d1a313948c54d636e1a6 Mon Sep 17 00:00:00 2001 From: Peter Somogyvari Date: Fri, 29 Mar 2024 12:11:00 -0700 Subject: [PATCH] docs(examples/cbdc): upgrade web3 from v1.5.2 to v1.10.1 1. This had to be done because of security vulnerabilities in the old version. 2. Originally the robots have attempted to send a pull request with the same change but it somehow went haywire and upgraded dozens of other versions in dozens of other packcages not the intended one... 3. So this was manually created to address that bug in GitHub's dependabot. 4. The original commit message did not mention which vulnerabilities are being fixed by it and I also cannot remember the specific ones but the older versions of web3 were definitely being affected and therefore it is known to be a good idea what the bot has proposed even though it couldn't explain itself. Signed-off-by: Peter Somogyvari --- .../package.json | 4 +- yarn.lock | 141 +----------------- 2 files changed, 4 insertions(+), 141 deletions(-) diff --git a/examples/cactus-example-cbdc-bridging-backend/package.json b/examples/cactus-example-cbdc-bridging-backend/package.json index 092d7bb785..dc4d9b1eb1 100644 --- a/examples/cactus-example-cbdc-bridging-backend/package.json +++ b/examples/cactus-example-cbdc-bridging-backend/package.json @@ -82,8 +82,8 @@ "sqlite3": "5.1.5", "typescript-optional": "2.0.1", "uuid": "9.0.1", - "web3-core": "1.5.2", - "web3-utils": "1.5.2" + "web3-core": "1.10.1", + "web3-utils": "1.10.1" }, "devDependencies": { "@types/crypto-js": "4.1.1", diff --git a/yarn.lock b/yarn.lock index 7077ddec6b..9184dcbec3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6040,16 +6040,6 @@ __metadata: languageName: node linkType: hard -"@ethereumjs/common@npm:^2.4.0": - version: 2.6.2 - resolution: "@ethereumjs/common@npm:2.6.2" - dependencies: - crc-32: "npm:^1.2.0" - ethereumjs-util: "npm:^7.1.4" - checksum: 10/9bbdb9b7919480a59f3e6e0d6f0d6329912cf6fd64121666526d06de42730c5b0049871cc2c1085a5f8a8bd2c2d1219f500e616bbe65f6c3556180e533e530be - languageName: node - linkType: hard - "@ethereumjs/common@npm:^2.5.0": version: 2.6.4 resolution: "@ethereumjs/common@npm:2.6.4" @@ -7864,8 +7854,8 @@ __metadata: ts-node: "npm:7.0.1" typescript-optional: "npm:2.0.1" uuid: "npm:9.0.1" - web3-core: "npm:1.5.2" - web3-utils: "npm:1.5.2" + web3-core: "npm:1.10.1" + web3-utils: "npm:1.10.1" languageName: unknown linkType: soft @@ -50585,16 +50575,6 @@ __metadata: languageName: node linkType: hard -"web3-core-helpers@npm:1.5.2": - version: 1.5.2 - resolution: "web3-core-helpers@npm:1.5.2" - dependencies: - web3-eth-iban: "npm:1.5.2" - web3-utils: "npm:1.5.2" - checksum: 10/9071e23ff7b7aebef4dbdfe4d4a686bc82fc98470b3a9335d5d1550935e8d0183bff45891ca6bc0dec2334dbdfdbb74932347bae8beb984f2699d32ee7ac1ae0 - languageName: node - linkType: hard - "web3-core-helpers@npm:1.6.1": version: 1.6.1 resolution: "web3-core-helpers@npm:1.6.1" @@ -50661,20 +50641,6 @@ __metadata: languageName: node linkType: hard -"web3-core-method@npm:1.5.2": - version: 1.5.2 - resolution: "web3-core-method@npm:1.5.2" - dependencies: - "@ethereumjs/common": "npm:^2.4.0" - "@ethersproject/transactions": "npm:^5.0.0-beta.135" - web3-core-helpers: "npm:1.5.2" - web3-core-promievent: "npm:1.5.2" - web3-core-subscriptions: "npm:1.5.2" - web3-utils: "npm:1.5.2" - checksum: 10/df38f4f96dc3daec63bd0ca6767b5ad7bb6520dc20e97b256a1796f392192070164f7dce5be25e6fe72dd2dd65ae27e74d63e598841eaae197af9c68eb1f4a60 - languageName: node - linkType: hard - "web3-core-method@npm:1.6.1": version: 1.6.1 resolution: "web3-core-method@npm:1.6.1" @@ -50745,15 +50711,6 @@ __metadata: languageName: node linkType: hard -"web3-core-promievent@npm:1.5.2": - version: 1.5.2 - resolution: "web3-core-promievent@npm:1.5.2" - dependencies: - eventemitter3: "npm:4.0.4" - checksum: 10/b19f1546e9ae4620c65a335cee2dac881684c0f0ab7d29384a950b384b42d9b156d85ed77a1fc3191d73bc8b1879507626525cf98c3bf17c5c973416ed4a64b4 - languageName: node - linkType: hard - "web3-core-promievent@npm:1.6.1": version: 1.6.1 resolution: "web3-core-promievent@npm:1.6.1" @@ -50816,19 +50773,6 @@ __metadata: languageName: node linkType: hard -"web3-core-requestmanager@npm:1.5.2": - version: 1.5.2 - resolution: "web3-core-requestmanager@npm:1.5.2" - dependencies: - util: "npm:^0.12.0" - web3-core-helpers: "npm:1.5.2" - web3-providers-http: "npm:1.5.2" - web3-providers-ipc: "npm:1.5.2" - web3-providers-ws: "npm:1.5.2" - checksum: 10/135719627a7934462b94806728751ff798ffb97d7b3e67bef229bc5e3423b57c23f2c48322f17cba05588e67b866d5908cd74d4b8a897c99c5d38f4a6f18ce70 - languageName: node - linkType: hard - "web3-core-requestmanager@npm:1.6.1": version: 1.6.1 resolution: "web3-core-requestmanager@npm:1.6.1" @@ -50901,16 +50845,6 @@ __metadata: languageName: node linkType: hard -"web3-core-subscriptions@npm:1.5.2": - version: 1.5.2 - resolution: "web3-core-subscriptions@npm:1.5.2" - dependencies: - eventemitter3: "npm:4.0.4" - web3-core-helpers: "npm:1.5.2" - checksum: 10/98343a06d237dfb8d540ce7d8a66cdf05b2cb50e53063854a6d37ba1df2d86c3430f9b010074233c76b1ff2aa35b186bb017441ed136953d66aecdfdd2f8fe97 - languageName: node - linkType: hard - "web3-core-subscriptions@npm:1.6.1": version: 1.6.1 resolution: "web3-core-subscriptions@npm:1.6.1" @@ -50981,21 +50915,6 @@ __metadata: languageName: node linkType: hard -"web3-core@npm:1.5.2": - version: 1.5.2 - resolution: "web3-core@npm:1.5.2" - dependencies: - "@types/bn.js": "npm:^4.11.5" - "@types/node": "npm:^12.12.6" - bignumber.js: "npm:^9.0.0" - web3-core-helpers: "npm:1.5.2" - web3-core-method: "npm:1.5.2" - web3-core-requestmanager: "npm:1.5.2" - web3-utils: "npm:1.5.2" - checksum: 10/16bc49bb9247a2a8c53b3996bdb4562c20473db719436507b83e05c599c5d93d8120211b06d10492249f2370a461af661cbaaaad187259cb69d3fd8290217a5e - languageName: node - linkType: hard - "web3-core@npm:1.6.1": version: 1.6.1 resolution: "web3-core@npm:1.6.1" @@ -51798,16 +51717,6 @@ __metadata: languageName: node linkType: hard -"web3-eth-iban@npm:1.5.2": - version: 1.5.2 - resolution: "web3-eth-iban@npm:1.5.2" - dependencies: - bn.js: "npm:^4.11.9" - web3-utils: "npm:1.5.2" - checksum: 10/73f749684ae65a4ae8f1125aa240c020b382025944dbb9ed67c7b14cb1b9f9143ab46e74c7a61a639ebc9892dcc2da61eff60a131d2779acfb47740ac4a81446 - languageName: node - linkType: hard - "web3-eth-iban@npm:1.6.1": version: 1.6.1 resolution: "web3-eth-iban@npm:1.6.1" @@ -52289,16 +52198,6 @@ __metadata: languageName: node linkType: hard -"web3-providers-http@npm:1.5.2": - version: 1.5.2 - resolution: "web3-providers-http@npm:1.5.2" - dependencies: - web3-core-helpers: "npm:1.5.2" - xhr2-cookies: "npm:1.1.0" - checksum: 10/abbef0d729b497d04300aea291ce635ac879bb0b88c226a60da0b5c1cb289067204dfbc25038c8fe779d8729ab7c21fa11acd0f93697fc8db612d968c1e4fe72 - languageName: node - linkType: hard - "web3-providers-http@npm:1.6.1": version: 1.6.1 resolution: "web3-providers-http@npm:1.6.1" @@ -52385,16 +52284,6 @@ __metadata: languageName: node linkType: hard -"web3-providers-ipc@npm:1.5.2": - version: 1.5.2 - resolution: "web3-providers-ipc@npm:1.5.2" - dependencies: - oboe: "npm:2.1.5" - web3-core-helpers: "npm:1.5.2" - checksum: 10/1b8f4b375d111b77ba4742d3337c3aa9f9ae59ef5f34348d4b956c721c7b49d8dad5adaea0e211cf0e00bdee5f727c0d8a55a077ec92124bcae1bdf0cd13fd92 - languageName: node - linkType: hard - "web3-providers-ipc@npm:1.6.1": version: 1.6.1 resolution: "web3-providers-ipc@npm:1.6.1" @@ -52479,17 +52368,6 @@ __metadata: languageName: node linkType: hard -"web3-providers-ws@npm:1.5.2": - version: 1.5.2 - resolution: "web3-providers-ws@npm:1.5.2" - dependencies: - eventemitter3: "npm:4.0.4" - web3-core-helpers: "npm:1.5.2" - websocket: "npm:^1.0.32" - checksum: 10/be424724f9c38ba5fbe1567fca981a5a36d3c208a4457616ccb49339a5dd8bfcb64e26248307149f3a664cd7efdb84533d6e45d1ee4ce895cc7f049766d4cfc8 - languageName: node - linkType: hard - "web3-providers-ws@npm:1.6.1": version: 1.6.1 resolution: "web3-providers-ws@npm:1.6.1" @@ -52740,21 +52618,6 @@ __metadata: languageName: node linkType: hard -"web3-utils@npm:1.5.2": - version: 1.5.2 - resolution: "web3-utils@npm:1.5.2" - dependencies: - bn.js: "npm:^4.11.9" - eth-lib: "npm:0.2.8" - ethereum-bloom-filters: "npm:^1.0.6" - ethjs-unit: "npm:0.1.6" - number-to-bn: "npm:1.7.0" - randombytes: "npm:^2.1.0" - utf8: "npm:3.0.0" - checksum: 10/4532674e9c70702438e2b714de0a56c214298db2972fbdc851706075fd0d184ad8e04fe20e89c276f04d892655c7c2f0c2fe696a7d3aa8ae6654c513a0139b0f - languageName: node - linkType: hard - "web3-utils@npm:1.6.1": version: 1.6.1 resolution: "web3-utils@npm:1.6.1"