Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Main -> develop #4119

Merged
merged 2 commits into from
Mar 29, 2024
Merged

Main -> develop #4119

merged 2 commits into from
Mar 29, 2024

Conversation

shoom3301
Copy link
Collaborator

No description provided.

@vercel Vercel
Copy link

vercel bot commented Mar 29, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
cosmos ✅ Ready (Inspect) Visit Preview Mar 29, 2024 10:35am
explorer-dev ✅ Ready (Inspect) Visit Preview Mar 29, 2024 10:35am
swap-dev ✅ Ready (Inspect) Visit Preview Mar 29, 2024 10:35am
widget-configurator ✅ Ready (Inspect) Visit Preview Mar 29, 2024 10:35am

@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@types/[email protected] None 0 15.2 kB types
npm/@types/[email protected] None 0 5.04 kB types
npm/@types/[email protected] None 0 79.3 kB types
npm/@types/[email protected] None 0 2.9 kB types
npm/@types/[email protected] None 0 2.88 kB types
npm/@types/[email protected] None 0 3.61 MB types
npm/@types/[email protected] None 0 3.75 kB types
npm/@types/[email protected] None 0 7 kB types
npm/@types/[email protected] None 0 30.2 kB types
npm/@types/[email protected] None 0 6.93 kB types
npm/@types/[email protected] None 0 6.07 kB types
npm/@types/[email protected] None 0 5.62 kB types
npm/@types/[email protected] None 0 195 kB types
npm/@types/[email protected] None 0 5.58 kB types
npm/@types/[email protected] None 0 363 kB types
npm/@types/[email protected] None 0 8.44 kB types
npm/@types/[email protected] None 0 23.5 kB types
npm/@types/[email protected] None 0 9.28 kB types
npm/@types/[email protected] None 0 3.96 kB types
npm/@typescript-eslint/[email protected] None 0 2.47 MB jameshenry
npm/@typescript-eslint/[email protected] None +1 169 kB jameshenry
npm/@uniswap/[email protected] environment 0 297 kB cbachmeier
npm/@uniswap/[email protected] environment 0 113 kB lynnshaoyu
npm/@use-gesture/[email protected] environment 0 37.7 kB dbismut
npm/@vitejs/[email protected] environment, filesystem, unsafe 0 31.5 kB vitebot
npm/@vitejs/[email protected] None 0 29.4 kB vitebot
npm/@vitest/[email protected] Transitive: environment +1 20.8 kB oreanno
npm/@vitest/[email protected] Transitive: environment +1 815 kB oreanno
npm/@walletconnect/[email protected] None 0 3.08 MB gancho_walletconnect
npm/@web3-react/[email protected] None 0 59.8 kB towering-elsie
npm/@web3-react/[email protected] None 0 67.6 kB towering-elsie
npm/@web3-react/[email protected] None 0 43.1 kB towering-elsie
npm/@web3-react/[email protected] None 0 37.1 kB towering-elsie
npm/@web3-react/[email protected] None 0 48.7 kB towering-elsie
npm/@web3-react/[email protected] None 0 60.1 kB towering-elsie
npm/@web3-react/[email protected] None 0 50.7 kB towering-elsie
npm/@web3-react/[email protected] None 0 41.5 kB towering-elsie
npm/@web3-react/[email protected] None 0 42.8 kB towering-elsie
npm/@web3-react/[email protected] None 0 65.1 kB towering-elsie
npm/@web3modal/[email protected] None 0 44.5 kB svenvoskamp
npm/[email protected] environment 0 13.5 kB simenb
npm/[email protected] filesystem +1 46.6 kB probablyup
npm/[email protected] None 0 12.6 kB javiertury
npm/[email protected] None 0 99 kB fanatid
npm/[email protected] None 0 659 kB cmeisl
npm/[email protected] environment, filesystem 0 62.5 kB ai
npm/[email protected] None 0 91.3 kB feross
npm/[email protected] environment 0 26.9 kB sindresorhus
npm/[email protected] None 0 40.8 kB achingbrain
npm/[email protected] None 0 8 kB jonschlinkert
npm/[email protected] None 0 5.67 kB lukeed
npm/[email protected] None 0 291 kB ricokahler
npm/[email protected] None 0 3.34 kB wesleytodd
npm/[email protected] None 0 248 kB samdd
npm/[email protected] None 0 15.1 kB sudodoki
npm/[email protected] environment 0 29.1 kB kentcdodds
npm/[email protected] environment, filesystem, shell, unsafe +1 5.08 MB cypress-npm-publisher
npm/[email protected] None 0 8.68 MB ivisatbilkent
npm/[email protected] None 0 77.8 kB maxkfranz
npm/[email protected] None 0 214 kB martinheon
npm/[email protected] None 0 35 kB maxkfranz
npm/[email protected] None 0 4.45 MB maxkfranz
npm/[email protected] None 0 873 kB mbostock
npm/[email protected] None 0 6.69 MB kossnocorp
npm/[email protected] environment 0 42.4 kB qix
npm/[email protected] None 0 18.1 kB lydell
npm/[email protected] None +1 38.3 kB iansu
npm/[email protected] None 0 45.5 kB cypress-npm-publisher
npm/[email protected] filesystem, unsafe Transitive: environment +1 1.25 MB ljharb
npm/[email protected] filesystem 0 317 kB simenb
npm/[email protected] None 0 707 kB ljharb
npm/[email protected] environment 0 118 kB gnoff
npm/[email protected] filesystem +1 896 kB ljharb
npm/[email protected] None 0 12.3 kB sweepline
npm/[email protected] filesystem Transitive: eval +1 3.65 MB eslintbot
npm/[email protected] None 0 51.6 kB rekmarks
npm/[email protected] None +1 977 kB holgerd77
npm/[email protected] None 0 10.7 MB ricmoo
npm/[email protected] None 0 225 kB silentcicero
npm/[email protected] None 0 38 kB lpinca
npm/[email protected] None 0 37.3 kB sssayegh
npm/[email protected] None 0 13 kB esp
npm/[email protected] None 0 39.7 kB matteo.collina
npm/[email protected] eval 0 720 kB nextapps
npm/[email protected] None 0 67.4 kB infusion
npm/[email protected] None 0 39.8 kB sindresorhus
npm/[email protected] network 0 165 kB jasonkuhrt
npm/[email protected] None 0 1.34 MB i1g
npm/[email protected] None 0 15.3 kB ryanzim
npm/[email protected] None 0 38.9 kB mridgway
npm/[email protected] environment, filesystem, shell 0 6.44 kB typicode
npm/[email protected] environment 0 620 kB mweststrate
npm/[email protected] None 0 16.1 MB philipbelesky
npm/[email protected] filesystem, network +1 104 kB hacdias
npm/[email protected] network 0 457 kB achingbrain
npm/[email protected] None 0 6.34 kB mattandrews
npm/[email protected] None 0 9.21 kB simenb
npm/[email protected] network 0 104 kB jefflau
npm/[email protected] None 0 32.3 kB probablyup
npm/[email protected] None 0 5.01 kB simenb
npm/[email protected] None 0 397 kB daishi
npm/[email protected] None 0 15.1 kB lydell
npm/[email protected] None 0 322 kB google-wombot
npm/[email protected] eval, filesystem, network, shell, unsafe Transitive: environment +1 3.09 MB domenic
npm/[email protected] None 0 47.4 kB rekmarks
npm/[email protected] None 0 235 kB jordanbtucker
npm/[email protected] None 0 779 kB fanatid
npm/[email protected] None 0 137 kB launchdarkly
npm/[email protected] environment 0 1.61 MB timocov
npm/[email protected] None 0 221 kB jhurliman
npm/[email protected] None 0 365 kB eemeli
npm/[email protected] None 0 11.1 kB kenpowers
npm/[email protected] None 0 6.72 kB styfle
npm/[email protected] None 0 40.1 kB viclafouch
npm/[email protected] None 0 243 kB achingbrain
npm/[email protected] None 0 70.6 kB achingbrain
npm/[email protected] None 0 56.6 kB erdii
npm/[email protected] None 0 332 kB niksy
npm/[email protected] environment, filesystem, shell, unsafe 0 364 kB altan-nrwl
npm/[email protected] environment, filesystem, network, shell, unsafe 0 2.4 MB nrwl-jason
npm/[email protected] environment, filesystem Transitive: shell +2 478 kB ds300
npm/[email protected] environment 0 2.8 MB bhough
npm/[email protected] None 0 4.53 kB qafir
npm/[email protected] None 0 5.74 kB atomiks
npm/[email protected] None 0 1.24 MB jdecroock
npm/[email protected] environment, filesystem, unsafe 0 11.2 MB prettier-bot
npm/[email protected] environment +1 118 kB ljharb
npm/[email protected] None 0 241 kB ljharb
npm/[email protected] None 0 11.8 kB pedrobini
npm/[email protected] None 0 224 kB alampros
npm/[email protected] None 0 40.6 kB nkbt
npm/[email protected] None 0 11.8 kB skidding
npm/[email protected] network 0 104 kB skidding
npm/[email protected] None 0 69.4 kB maxkfranz
npm/[email protected] None 0 55.6 kB duskload
npm/[email protected] environment 0 4.5 MB gnoff
npm/[email protected] None 0 1 MB carmelo
npm/[email protected] None 0 107 kB codler
npm/[email protected] environment 0 98.8 kB cwelch5
npm/[email protected] network 0 90.2 kB gilbarbara
npm/[email protected] environment 0 24 kB gnoff
npm/[email protected] None 0 45.4 kB wooorm
npm/[email protected] None 0 79.1 kB fezvrasta
npm/[email protected] environment 0 334 kB phryneas
npm/[email protected] environment 0 585 kB mjackson
npm/[email protected] environment 0 91.8 kB rafgraph
npm/[email protected] None 0 116 kB iansu
npm/[email protected] None 0 90.8 kB cahilfoley
npm/[email protected] None 0 2.52 MB simmerer
npm/[email protected] None 0 45.3 kB brianvaughn
npm/[email protected] environment 0 316 kB gnoff
npm/[email protected] None 0 16 kB jxnblk
npm/[email protected] None 0 118 kB kilkelly
npm/[email protected] environment 0 176 kB acemarke
npm/[email protected] None 0 27.8 kB benjamn
npm/[email protected] None 0 21.4 kB wooorm
npm/[email protected] filesystem 0 537 kB btd
npm/[email protected] None 0 5.13 MB blesh
npm/[email protected] None 0 68.3 kB lukekarrys
npm/[email protected] None 0 8.56 kB domenic
npm/[email protected] None 0 31.1 kB dcousens
npm/[email protected] None 0 8.71 kB tars0x9752
npm/[email protected] environment 0 3.17 MB probablyup
npm/[email protected] environment 0 1.03 MB vercel-release-bot
npm/[email protected] None 0 8.52 kB thejameskyle
npm/[email protected] None 0 263 kB vercel-release-bot
npm/[email protected] None 0 638 kB cwmma
npm/[email protected] None 0 262 kB atool
npm/[email protected] None 0 12.2 kB alexreardon
npm/[email protected] environment, filesystem, unsafe 0 307 kB kul
npm/[email protected] None 0 131 kB kuziu
npm/[email protected] environment, filesystem, unsafe 0 747 kB cspotcode
npm/[email protected] None 0 84 kB typescript-bot
npm/[email protected] filesystem Transitive: environment +1 140 kB ethereum-ts-bot
npm/[email protected] None 0 40.1 MB typescript-bot
npm/[email protected] None 0 110 kB faisalman
npm/[email protected] None 0 4.91 kB awmleer
npm/[email protected] None 0 82 kB vydimitrov
npm/[email protected] None 0 59.2 kB zeecoder
npm/[email protected] network 0 5.32 MB jmoxey
npm/[email protected] None 0 10.2 kB itsmapleleaf
npm/[email protected] filesystem, unsafe 0 97.8 kB qmhc
npm/[email protected] None 0 48.1 kB caoxie
npm/[email protected] None 0 193 kB voraciousdev
npm/[email protected] filesystem 0 130 kB userquin
npm/[email protected] filesystem 0 8.67 kB pd4d10
npm/[email protected] filesystem 0 95.5 kB aleclarson
npm/[email protected] environment, eval, filesystem, network, shell, unsafe 0 3.49 MB vitebot
npm/[email protected] environment, eval +1 1.33 MB oreanno
npm/[email protected] None 0 126 kB awkweb
npm/[email protected] None 0 145 kB philipwalton
npm/[email protected] None 0 167 kB jdevcs
npm/[email protected] None 0 5.18 MB jdevcs
npm/[email protected] None 0 1.28 MB pedrouid

🚮 Removed packages: npm/@adraffy/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.22.5, npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@cowprotocol/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@emotion/[email protected], npm/@emotion/[email protected], npm/@emotion/[email protected], npm/@eslint-community/[email protected], npm/@eslint-community/[email protected], npm/@eslint/[email protected], npm/@eslint/[email protected], npm/@ethereumjs/[email protected], npm/@ethereumjs/[email protected], npm/@ethereumjs/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@ethersproject/[email protected], npm/@humanwhocodes/[email protected], npm/@humanwhocodes/[email protected], npm/@istanbuljs/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@lit-labs/[email protected], npm/@lit/[email protected], npm/@mui/[email protected], npm/@noble/[email protected], npm/@noble/[email protected], npm/@noble/[email protected], npm/@nodelib/[email protected], npm/@nodelib/[email protected], npm/@protobufjs/[email protected], npm/@rollup/[email protected], npm/@rushstack/[email protected], npm/@safe-global/[email protected], npm/@safe-global/[email protected], npm/@scure/[email protected], npm/@scure/[email protected], npm/@sentry/[email protected], npm/@sindresorhus/[email protected], npm/@stablelib/[email protected], npm/@styled-system/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected]

View full report↗︎

@shoom3301 shoom3301 merged commit 31897da into develop Mar 29, 2024
21 of 22 checks passed
@socket-security Socket Security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSource
Protestware/Troll package npm/[email protected]
  • Note: This package prints a protestware console message regarding Ukraine for users with Russian language locale
Install scripts npm/[email protected]
  • Install script: postinstall
  • Source: node ./postinstall.js
Install scripts npm/[email protected]
Install scripts npm/[email protected]
  • Install script: postinstall
  • Source: node index.js --exec install
Install scripts npm/[email protected]
  • Install script: postinstall
  • Source: node ./bin/compute-project-graph
Install scripts npm/[email protected]
  • Install script: postinstall
  • Source: echo "Web3.js 4.x alpha has been released for early testing and feedback. Checkout doc at https://docs.web3js.org/ "
Git dependency npm/[email protected]

View full report↗︎

Next steps

What is protestware?

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Consider that consuming this package my come along with functionality unrelated to its primary purpose.

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

What are git dependencies?

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Publish the git dependency to npm or a private package repository and consume it from there.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@github-actions github-actions bot locked and limited conversation to collaborators Mar 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@shoom3301