Sourced from @​openzeppelin/contracts's releases.

v4.2.0

Read the full announcement in the blog!

---

• ERC20Votes: add a new extension of the ERC20 token with support for voting snapshots and delegation. (#2632)
• ERC20VotesComp: Variant of ERC20Votes that is compatible with Compound's Comp token interface but restricts supply to uint96. (#2706)
• ERC20Wrapper: add a new extension of the ERC20 token which wraps an underlying token. Deposit and withdraw guarantee that the total supply is backed by a corresponding amount of underlying token. (#2633)
• Enumerables: Improve gas cost of removal in EnumerableSet and EnumerableMap.
• Enumerables: Improve gas cost of lookup in EnumerableSet and EnumerableMap.
• Counter: add a reset method. (#2678)
• Tokens: Wrap definitely safe subtractions in unchecked blocks.
• Math: Add a ceilDiv method for performing ceiling division.
• ERC1155Supply: add a new ERC1155 extension that keeps track of the totalSupply of each tokenId. (#2593)
• BitMaps: add a new BitMaps library that provides a storage efficient datastructure for uint256 to bool mapping with contiguous keys. (#2710)

Breaking Changes

• ERC20FlashMint is no longer a Draft ERC. (#2673))

How to update: Change your import paths by removing the draft- prefix from @openzeppelin/contracts/token/ERC20/extensions/draft-ERC20FlashMint.sol.

See Releases and Stability: Drafts.

v4.1.0

Read the full announcement in the blog or check out the changelog.

• IERC20Metadata: add a new extended interface that includes the optional name(), symbol() and decimals() functions. (#2561)
• ERC777: make reception acquirement optional in _mint. (#2552)
• ERC20Permit: add a _useNonce to enable further usage of ERC712 signatures. (#2565)
• ERC20FlashMint: add an implementation of the ERC3156 extension for flash-minting ERC20 tokens. (#2543)
• SignatureChecker: add a signature verification library that supports both EOA and ERC1271 compliant contracts as signers. (#2532)
• Multicall: add abstract contract with multicall(bytes[] calldata data) function to bundle multiple calls together (#2608)
• ECDSA: add support for ERC2098 short-signatures. (#2582)
• AccessControl: add a onlyRole modifier to restrict specific function to callers bearing a specific role. (#2609)
• StorageSlot: add a library for reading and writing primitive types to specific storage slots. (#2542)
• UUPS Proxies: add UUPSUpgradeable to implement the UUPS proxy pattern together with EIP1967Proxy. (#2542)

v4.0.0

Read the full announcement in the blog or check out the changelog.

Changelog

• Now targeting the 0.8.x line of Solidity compilers. For 0.6.x (resp 0.7.x) support, use version 3.4.0 (resp 3.4.0-solc-0.7) of OpenZeppelin.
• Context: making _msgData return bytes calldata instead of bytes memory (#2492)
• ERC20: removed the _setDecimals function and the storage slot associated to decimals. (#2502)
• Strings: addition of a toHexString function. (#2504)
• EnumerableMap: change implementation to optimize for key → value lookups instead of enumeration. (#2518)
• GSN: deprecate GSNv1 support in favor of upcoming support for GSNv2. (#2521)
• ERC165: remove uses of storage in the base ERC165 implementation. ERC165 based contracts now use storage-less virtual functions. Old behavior remains available in the ERC165Storage extension. (#2505)

... (truncated)

Sourced from @​openzeppelin/contracts's changelog.

4.2.0 (2021-06-30)

• ERC20Votes: add a new extension of the ERC20 token with support for voting snapshots and delegation. (#2632)
• ERC20VotesComp: Variant of ERC20Votes that is compatible with Compound's Comp token interface but restricts supply to uint96. (#2706)
• ERC20Wrapper: add a new extension of the ERC20 token which wraps an underlying token. Deposit and withdraw guarantee that the total supply is backed by a corresponding amount of underlying token. (#2633)
• Enumerables: Improve gas cost of removal in EnumerableSet and EnumerableMap.
• Enumerables: Improve gas cost of lookup in EnumerableSet and EnumerableMap.
• Counter: add a reset method. (#2678)
• Tokens: Wrap definitely safe subtractions in unchecked blocks.
• Math: Add a ceilDiv method for performing ceiling division.
• ERC1155Supply: add a new ERC1155 extension that keeps track of the totalSupply of each tokenId. (#2593)
• BitMaps: add a new BitMaps library that provides a storage efficient datastructure for uint256 to bool mapping with contiguous keys. (#2710)

Breaking Changes

• ERC20FlashMint is no longer a Draft ERC. (#2673))

How to update: Change your import paths by removing the draft- prefix from @openzeppelin/contracts/token/ERC20/extensions/draft-ERC20FlashMint.sol.

See Releases and Stability: Drafts.

4.1.0 (2021-04-29)

• IERC20Metadata: add a new extended interface that includes the optional name(), symbol() and decimals() functions. (#2561)
• ERC777: make reception acquirement optional in _mint. (#2552)
• ERC20Permit: add a _useNonce to enable further usage of ERC712 signatures. (#2565)
• ERC20FlashMint: add an implementation of the ERC3156 extension for flash-minting ERC20 tokens. (#2543)
• SignatureChecker: add a signature verification library that supports both EOA and ERC1271 compliant contracts as signers. (#2532)
• Multicall: add abstract contract with multicall(bytes[] calldata data) function to bundle multiple calls together (#2608)
• ECDSA: add support for ERC2098 short-signatures. (#2582)
• AccessControl: add a onlyRole modifier to restrict specific function to callers bearing a specific role. (#2609)
• StorageSlot: add a library for reading and writing primitive types to specific storage slots. (#2542)
• UUPS Proxies: add UUPSUpgradeable to implement the UUPS proxy pattern together with EIP1967Proxy. (#2542)

Breaking changes

This release includes two small breaking changes in TimelockController.

1. The onlyRole modifier in this contract was designed to let anyone through if the role was granted to address(0), allowing the possibility to to make a role "open", which can be used for EXECUTOR_ROLE. This modifier is now replaced by AccessControl.onlyRole, which does not have this ability. The previous behavior was moved to the modifier TimelockController.onlyRoleOrOpenRole.
2. It was possible to make PROPOSER_ROLE an open role (as described in the previous item) if it was granted to address(0). This would affect the schedule, scheduleBatch, and cancel operations in TimelockController. This ability was removed as it does not make sense to open up the PROPOSER_ROLE in the same way that it does for EXECUTOR_ROLE.

4.0.0 (2021-03-23)

• Now targeting the 0.8.x line of Solidity compilers. For 0.6.x (resp 0.7.x) support, use version 3.4.0 (resp 3.4.0-solc-0.7) of OpenZeppelin.

... (truncated)

• 9fbc1d7 4.2.0
• 556e366 4.2.0-rc.0
• 6842518 Wrapper extension for ERC20 token (#2633)
• 8a775cd Emit DelegateVotesChanged events after Transfer (#2733)
• 4d0f8c1 Check inheritance tree consistency (#2727)
• 27e0900 Reorder state changes and event emission for consistency (#2719)
• 00128bd Fix function ordering in ERC1967Upgrades (#2722)
• f710baf Fix typos (#2723)
• 788d338 Improve naming of internal variables (#2721)
• 6f50f6e Remove repeated code from ERC1967Upgrade (#2720)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from @​typescript-eslint/parser's releases.

v4.29.2

4.29.2 (2021-08-16)

Note: Version bump only for package @​typescript-eslint/typescript-eslint

v4.29.1

4.29.1 (2021-08-09)

Note: Version bump only for package @​typescript-eslint/typescript-eslint

Sourced from @​typescript-eslint/parser's changelog.

4.29.2 (2021-08-16)

Note: Version bump only for package @​typescript-eslint/parser

4.29.1 (2021-08-09)

Note: Version bump only for package @​typescript-eslint/parser

• bf402f4 chore: publish v4.29.2
• db78642 chore: publish v4.29.1
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from fs-extra's changelog.

10.0.0 / 2021-05-03

Breaking changes

• Require Node.js v12+ (#886, #893, #890, #894, #895)
• Allow copying broken symlinks (#779, #765, #638, #761)

The following changes, although technically semver-major, will not affect the vast majority of users:

• Ensure correct type when destination exists for ensureLink*()/ensureSymlink*() (#826, #786, #870)
• Error when attempting to copy*() unknown file type (#880)
• Remove undocumented options for remove*() (#882)

Improvements

• Allow changing case of filenames with move*(), even on technically case-insensitive filesystems (#759, #801)
• Use native fs.rm*() for remove*() in environments that support it (#882, #806)
• Improve emptyDir() performance (#885)

Bugfixes

• Ensure copy*()'s filter function is not called more than necessary (#883, #809)
• Fix move*() raising EPERM error when moving a file to the root of a drive on Windows (#897, #819)

Miscellaneous changes

• Do not use at-least-node as a dependency (#896)
• Improve documentation (#888, #830, #884, #843)

• fb6c0ca 10.0.0
• 289d9aa move: do not create parent directory if it is root (#897)
• e6f8cb4 Move at-least-node to devDependencies (#896)
• 21b01f4 Implement GH actions (#881)
• 588d770 BREAKING: Use bigint everywhere (#895)
• c551140 BREAKING: Use native fs.mkdir recursive everywhere (#894)
• 05d2e93 BREAKING: Remove special handling of fs.promises (#890)
• d8c93b8 BREAKING: Drop Node 10 support (#893)
• ce29957 Clarify move*() docs (#888)
• af35401 Ensure copy filter fn is not called more than needed (#883)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 3cb0f44 1.0.0-beta.25
• 2205498 - upgrade dependencies
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from @​ethersproject/address's releases.

ethers/v5.4.0 (2021-06-26 01:50)

• Added EIP-1559 support. (#1610; 319987e, 91fff14, c5bca77, 5456c35, 7a12216, e95708e)
• Added effectiveGasPrice to receipt. (ba6854b)
• Fixed ENS names for JsonRpcSigner. (1e31b34)
• Added EIP-2930 and EIP-1559 transaction tests. (7deb4c1)
• Added ConstructorFragment to exports. (7efc36d)
• Added error utilities to Interface. (720bde7, f053a7a)
• merged master including transaction type 0 legacy constant. (#1610; 2a7ce0e)
• Added type to TransactionResponse and TrnsactionReceipt. (#1687; d001901)
• Trap CALL_EXCEPTION errors when resolving ENS entries. (#1690; 91951dc)
• Fixed transaction serialization with explicit null type. (#1628; 8277f5a)
• Fix issue with loading JSON ABI with internalType property. (#728; e8a0144)

---

Embedding UMD with SRI:

<script type="text/javascript"
        integrity="sha384-dq8L5gpIcUoGAeHh/6setfxuuDI0ngshPvCvksSAcQMMWCr5cVFAaijT//nxVyjb"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.4.0.umd.min.js">
</script>

ethers/v5.3.1 (2021-06-10 18:28)

• Fixed replacement transaction detection for JsonRpcSigner. (#1658; ee82e86)
• Added Matic testnet info to networks. (#1546; 376cf3c)
• Match Solidity identifier regex. (#1657; a6e128f)

---

Embedding UMD with SRI:

<script type="text/javascript"
        integrity="sha384-zZgfFkD87zp6N2ULUE4Phk7nmfBkaBrAnxZIbpdF5OuNXLV60CdxzFbaSqkgNymK"
        crossorigin="anonymous"
        src="https://cdn-cors.ethers.io/lib/ethers-5.3.1.umd.min.js">
</script>

ethers/v5.3.0 (2021-05-31 18:41)

• Added MinInt256 and MaxInt256 constants. (#1576; bfcd05f)
• Version bumps for bn.js and hash.js to match elliptic and fix some build tools. (#1478; 819b1ac)
• Removed Hangul checks in shims which crashes Android. (#1519; 4b33114)
• Fixed ENS namehash with leading and trailing dots. (#1605; 7adcf3b)
• Fixed broken variable in template string. (#1624, #1626; 630656e)
• Fixed FixedNumber rounding for non-default formats. (#1629; 8681cd5)
• Update ws dependency version to fix security. (#1633, #1634; 470551e)

---

... (truncated)

Sourced from @​ethersproject/address's changelog.

ethers/v5.4.0 (2021-06-26 01:50)

• Added EIP-1559 support. (#1610; 319987e, 91fff14, c5bca77, 5456c35, 7a12216, e95708e)
• Added effectiveGasPrice to receipt. (ba6854b)
• Fixed ENS names for JsonRpcSigner. (1e31b34)
• Added EIP-2930 and EIP-1559 transaction tests. (7deb4c1)
• Added ConstructorFragment to exports. (7efc36d)
• Added error utilities to Interface. (720bde7, f053a7a)
• merged master including transaction type 0 legacy constant. (#1610; 2a7ce0e)
• Added type to TransactionResponse and TrnsactionReceipt. (#1687; d001901)
• Trap CALL_EXCEPTION errors when resolving ENS entries. (#1690; 91951dc)
• Fixed transaction serialization with explicit null type. (#1628; 8277f5a)
• Fix issue with loading JSON ABI with internalType property. (#728; e8a0144)

ethers/v5.3.1 (2021-06-10 18:28)

• Fixed replacement transaction detection for JsonRpcSigner. (#1658; ee82e86)
• Added Matic testnet info to networks. (#1546; 376cf3c)
• Match Solidity identifier regex. (#1657; a6e128f)

ethers/v5.3.0 (2021-05-31 18:41)

• Added MinInt256 and MaxInt256 constants. (#1576; bfcd05f)
• Version bumps for bn.js and hash.js to match elliptic and fix some build tools. (#1478; 819b1ac)
• Removed Hangul checks in shims which crashes Android. (#1519; 4b33114)
• Fixed ENS namehash with leading and trailing dots. (#1605; 7adcf3b)
• Fixed broken variable in template string. (#1624, #1626; 630656e)
• Fixed FixedNumber rounding for non-default formats. (#1629; 8681cd5)
• Update ws dependency version to fix security. (#1633, #1634; 470551e)

ethers/v5.2.0 (2021-05-17 16:18)

• More aggresively check for mempool transactions sent from JsonRpcSigner. (3316468)
• Added initial support for detecting replacement transactions. (#1477; 987bec8, 5144acf)
• Added convenience method for HD path derivation. (aadc5cd)
• Added mnemonicPath option to cli. (6e08809)
• Added some popular Ethereum-compatible chains to networks. (b6370f1)
• Added debug event to Web3Provider. (26464c5)
• Abstracted EtherscanProivder to more easily fascilitate other Etherscan-supported chains. (#1204, #1473; 37a9c77)
• Added Custom Contract Errors. (#1498; 6519609, 483d67f)
• More flexible FixedNumber input and output for strings with no decimals. (#1019, #1291, #1463; a9cdbe1)
• Added hex support for bigint. (#1472; 4e9abfd)
• Added support for null entries in EventFilter. (#1499; 3bb5fbf)
• Add bigint to allowed BigNumberish types. (#1472; cadccc3)
• Minor version bump. (8e22e02)

... (truncated)

• c2c0ce7 Updated dist files.
• 4e6d121 Updated dist files.
• dad3829 Updated dist files.
• 8e22e02 Minor version bump.
• 3b1d3fc Update dist files.
• 6c43e20 Updated dist files.
• 4f67ecd Updated dist files.
• 3396846 Added TypeScript declaration maps (#401).
• e0ccafb Updated dist files.
• 0e6cc9a Lock package versions for the ESM builds (#1009).
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from ethereum-waffle's releases.

[email protected]

Minor Changes

• 80d215b: - Fix vulnerabilities shown by yarn audit
  • Fix typings in closeTo matcher
  • Add flattenSingleFile function to compiler

Patch Changes

• Updated dependencies [80d215b]
  • @​ethereum-waffle/compiler@​3.4.0
  • @​ethereum-waffle/chai@​3.4.0
  • @​ethereum-waffle/mock-contract@​3.3.0
  • @​ethereum-waffle/provider@​3.4.0

@​ethereum-waffle/provider@​3.3.2

Patch Changes

• 7b85871: Updates ganache-core to 2.13.2 to take advantage of the recent removal of a few bundled dependencies, making waffle a lighter dependency itself :)
• Updated dependencies [7b85871]
  • @​ethereum-waffle/ens@​3.2.4

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/knadh/koanf's releases.

v1.4.4

What's Changed

• Fixup comments in providers by @​neelayu in knadh/koanf#172

New Contributors

• @​neelayu made their first contribution in knadh/koanf#172

Full Changelog: https://github.com/knadh/koanf/compare/v1.4.3...v1.4.4

v1.4.2

What's Changed

• Document another viper footgun by @​albertvaka in knadh/koanf#141
• Add missing types to FlagVal by @​muXxer in knadh/koanf#147
• Add github workflow status badge in Readme by @​amarlearning in knadh/koanf#148
• Make copyable go command by @​gozeloglu in knadh/koanf#149
• Add test for YAML parser by @​amarlearning in knadh/koanf#150
• Add test for HCL parser by @​amarlearning in knadh/koanf#151
• Add test for TOML parser by @​amarlearning in knadh/koanf#155
• Update gopkg.in/yaml.v2 to gopkg.in/yaml.v3 by @​1995parham in knadh/koanf#156

New Contributors

• @​albertvaka made their first contribution in knadh/koanf#141
• @​muXxer made their first contribution in knadh/koanf#147
• @​amarlearning made their first contribution in knadh/koanf#148

Full Changelog: https://github.com/knadh/koanf/compare/v1.4.1...v1.4.2

v1.4.1

What's Changed

• fix nil pointer dereference when no callback passed to provider by @​robinbraemer in knadh/koanf#129
• eliminate a type assertion by @​robinbraemer in knadh/koanf#130
• fix: highlight code in README by @​gozeloglu in knadh/koanf#131
• Add tests for env.go by @​gozeloglu in knadh/koanf#132
• Add tests for ProviderWithValue func in env.go by @​gozeloglu in knadh/koanf#133
• Tests added for Read() in env by @​gozeloglu in knadh/koanf#134
• Add tests for dotenv by @​gozeloglu in knadh/koanf#137
• Add tests for parsers/json by @​gozeloglu in knadh/koanf#136
• Fix StringMap and StringsMap by @​hoshsadiq in knadh/koanf#139

New Contributors

• @​robinbraemer made their first contribution in knadh/koanf#129
• @​gozeloglu made their first contribution in knadh/koanf#131
• @​hoshsadiq made their first contribution in knadh/koanf#139

Full Changelog: https://github.com/knadh/koanf/compare/v1.4.0...v1.4.1

• 7c73646 aws secrets manager and parameter store providers added to read me (#186)
• 35ff732 Document sub-package deps in README.
• d38d286 make dotenv.Parser behave like env.Provider (#179)
• 9d2379c Fix mock.yml path in docs. Closes #178.
• 654ca74 etcd watch + test (#168)
• d941f60 Upgrade go.yaml. Closes #177.
• d74a0d5 Fixup comments in providers (#172)
• 3e03354 Remove obsolete Watch() stubs. Closes #171.
• 0e9e5e9 Implement encoding.TextUnmarshaler in mapstructure unmarshal. Closes #163.
• ed3461c Add Consul provider (#159)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/ethersphere/bee's releases.

v1.10.0

The last release was one of the most substantial upgrades to the Swarm network since the mainnet launch. With the storage incentives, nodes could stake BZZ and take part in the schelling game. This was disabled by default as we were testing the entire system integration on the testnet.

To prepare the network for the storage incentives, we have been testing all of our changes in the public testnet and in private networks operated internally by the team. We found a number of issues with our local storage and syncing protocols, and have made major improvements to chunk syncing and localstore with the end goal that the individual reserves of the bee node matches the collective reserve of its neighborhood to be able to succesfully participate in the schelling game/storage incentives.

One protocol that went under major overhaul has been pullsync. The protocol is now overall more resiliant to errors which should improve the syncing of data and as a result the retrievability of data in the network.

Due to the changes in pullsync protocol, this release will be a breaking release for full nodes who take part in syncing as there will be a protocol version bump. This release also includes new contracts, so it will include a bump in the handshake protocol.

A myriad of bug fixes and simplifications have been made to the localstore, specificially to improve reserve evictions and garbage collection. As a side effect of these changes, disk usage has improved so fewer db nukes is expected. We've also found inconsistencies in the internal state of the bee's local data, and as part of deploying the new version, a migration will automatically run during bootup to address this.

We also bring the new EIP-1559 transaction type for all blockchain transactions from the Bee side to improve the rate of transactions going through reliably on time.

Couple of issues in the smart contracts have been fixed and we have updated the contract addresses used in the testnet and mainnet.

There are a bunch of other changes related to observability, so new metrics! There are some API changes and so please check the API docs for more information.

Breaking changes

• Rewrite of the puller and pullsync package. This was done to make syncing more resilient to errors and also conform with the new incentives workflow. (#3437, #3456, #3501, #3515, #3520, #3555, #3625)
• The localstore package was heavily refactored. This includes some changes to how the node stores indexes related to the reserve and cache storage of the node. We also identified few incorrect entries that the localstore maintains and the nodes will perform a migration to get rid of these. (#3447, #3566, #3579, #3584, #3585, #3591, #3595, #3614, #3627, #3629)
• For the wallet endpoint, fields now have better names, and features a new wallet address field. (#3571)
• The default value of the initial deposit changed to 0. (#3489)
• The staking API endpoints have changed a bit to be more consistent. (#3472)
• Handshake protocol version bump due to new contracts. (#3659)

Hardening

• Simplify parsing and validation of HTTP endpoints. (#3344)
• Added more metrics around the storage incentives features. (#3449, #3474, #3587, #3628)
• Enabled the parallel tests linter and fixed some of the tests to conform to it. The unit tests now run much faster. (#3432, 3436)
• Remove the hacky config usage in kademlia package. (#3360)
• API errors are now more meaningful. (#3450)
• Bootnodes will no longer participate in Pushsync protocol. (#3616)

New features

• Bee now uses the new EIP-1559 transactions. (#3504, #3502, #3559, #3562, #3617)
• All blockchain transactional APIs now include the transaction hash in the response. (#3573)
• A new API was added which allows nodes to withdraw their stakes if the contract is paused. (#3662)

Bugfixes

• An issue causing a redirect loop in the browser on the /bzz endpoint was fixed. (#3457)
• A bunch of issues were fixed in the smart contracts. This include a corresponding bee change to update the new addresses. (#3666)

For a full PR rundown please consult the v1.10.0 milestone.

v1.10.0-rc17

Changelog

• 935a316c chore: update storage-incentives to rc4 (#3653)

... (truncated)

• 904cbb0 ci: remove duplicate stake test (#3668)
• 284dc15 ci: make go workflow faster (#3664)
• 96358b1 chore: bump storage-incentives abi to v0.4.0 (#3666)
• 79045ee fix: stake test order and contracts ver (#3663)
• 94ff34d refactor: enable withdraw all stake endpoint (#3662)
• c4e7ac6 ci: disable deploy to staging (#3661)
• 79ad772 chore: enable storage incentives by default (#3658)
• 57d33a2 feat: bump handshake version for release (#3659)
• 409181d feat: add staking ci test (#3630)
• f27427b chore: update storage-incentives to rc5 (#3657)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from chai's releases.

v4.3.7

What's Changed

• fix: deep-eql bump package to support symbols comparison by @​snewcomer in chaijs/chai#1483

Full Changelog: https://github.com/chaijs/chai/compare/v4.3.6...v4.3.7

• 775f509 4.3.7
• 8e780b4 fix: deep-eql bump package to support symbols comparison (#1483)
• See full diff in compare view

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from @​openzeppelin/contracts's releases.

v4.8.0

Note Don't miss the section on Breaking changes at the end.

• TimelockController: Added a new admin constructor parameter that is assigned the admin role instead of the deployer account. (#3722)
• Initializable: add internal functions _getInitializedVersion and _isInitializing (#3598)
• ERC165Checker: add supportsERC165InterfaceUnchecked for consulting individual interfaces without the full ERC165 protocol. (#3339)
• Address: optimize functionCall by calling functionCallWithValue directly. (#3468)
• Address: optimize functionCall functions by checking contract size only if there is no returned data. (#3469)
• Governor: make the relay function payable, and add support for EOA payments. (#3730)
• GovernorCompatibilityBravo: remove unused using statements. (#3506)
• ERC20: optimize _transfer, _mint and _burn by using unchecked arithmetic when possible. (#3513)
• ERC20Votes, ERC721Votes: optimize getPastVotes for looking up recent checkpoints. (#3673)
• ERC20FlashMint: add an internal _flashFee function for overriding. (#3551)
• ERC4626: use the same decimals() as the underlying asset by default (if available). (#3639)
• ERC4626: add internal _initialConvertToShares and _initialConvertToAssets functions to customize empty vaults behavior. (#3639)
• ERC721: optimize transfers by making approval clearing implicit instead of emitting an event. (#3481)
• ERC721: optimize burn by making approval clearing implicit instead of emitting an event. (#3538)
• ERC721: Fix balance accounting when a custom _beforeTokenTransfer hook results in a transfer of the token under consideration. (#3611)
• ERC721: use unchecked arithmetic for balance updates. (#3524)
• ERC721Consecutive: Implementation of EIP-2309 that allows batch minting of ERC721 tokens during construction. (#3311)
• ReentrancyGuard: Reduce code size impact of the modifier by using internal functions. (#3515)
• SafeCast: optimize downcasting of signed integers. (#3565)
• ECDSA: Remove redundant check on the v value. (#3591)
• VestingWallet: add releasable getters. (#3580)
• VestingWallet: remove unused library Math.sol. (#3605)
• VestingWallet: make constructor payable. (#3665)
• Create2: optimize address computation by using assembly instead of abi.encodePacked. (#3600)
• Clones: optimized the assembly to use only the scratch space during deployments, and optimized predictDeterministicAddress to use fewer operations. (#3640)
• Checkpoints: Use procedural generation to support multiple key/value lengths. (#3589)
• Checkpoints: Add new lookup mechanisms. (#3589)
• Arrays: Add unsafeAccess functions that allow reading and writing to an element in a storage array bypassing Solidity's "out-of-bounds" check. (#3589)
• Strings: optimize toString. (#3573)
• Ownable2Step: extension of Ownable that makes the ownership transfers a two step process. (#3620)
• Math and SignedMath: optimize function max by using > instead of >=. (#3679)
• Math: Add log2, log10 and log256. (#3670)
• Arbitrum: Update the vendored arbitrum contracts to match the nitro upgrade. (#3692)

Breaking changes

• ERC721: In order to add support for batch minting via ERC721Consecutive it was necessary to make a minor breaking change in the internal interface of ERC721. Namely, the hooks _beforeTokenTransfer and _afterTokenTransfer have one additional argument that may need to be added to overrides:

 function _beforeTokenTransfer(
     address from,
     address to,
     uint256 tokenId,
+    uint256 batchSize
 ) internal virtual override

... (truncated)

Sourced from @​openzeppelin/contracts's changelog.

4.8.0 (2022-11-08)

• TimelockController: Added a new admin constructor parameter that is assigned the admin role instead of the deployer account. (#3722)
• Initializable: add internal functions _getInitializedVersion and _isInitializing (#3598)
• ERC165Checker: add supportsERC165InterfaceUnchecked for consulting individual interfaces without the full ERC165 protocol. (#3339)
• Address: optimize functionCall by calling functionCallWithValue directly. (#3468)
• Address: optimize functionCall functions by checking contract size only if there is no returned data. (#3469)
• Governor: make the relay function payable, and add support for EOA payments. (#3730)
• GovernorCompatibilityBravo: remove unused using statements. (#3506)
• ERC20: optimize _transfer, _mint and _burn by using unchecked arithmetic when possible. (#3513)
• ERC20Votes, ERC721Votes: optimize getPastVotes for looking up recent checkpoints. (#3673)
• ERC20FlashMint: add an internal _flashFee function for overriding. (#3551)
• ERC4626: use the same decimals() as the underlying asset by default (if available). (#3639)
• ERC4626: add internal _initialConvertToShares and _initialConvertToAssets functions to customize empty vaults behavior. (#3639)
• ERC721: optimize transfers by making approval clearing implicit instead of emitting an event. (#3481)
• ERC721: optimize burn by making approval clearing implicit instead of emitting an event. (#3538)
• ERC721: Fix balance accounting when a custom _beforeTokenTransfer hook results in a transfer of the token under consideration. (#3611)
• ERC721: use unchecked arithmetic for balance updates. (#3524)
• ERC721Consecutive: Implementation of EIP-2309 that allows batch minting of ERC721 tokens during construction. (#3311)
• ReentrancyGuard: Reduce code size impact of the modifier by using internal functions. (#3515)
• SafeCast: optimize downcasting of signed integers. (#3565)
• ECDSA: Remove redundant check on the v value. (#3591)
• VestingWallet: add releasable getters. (#3580)
• VestingWallet: remove unused library Math.sol. (#3605)
• VestingWallet: make constructor payable. (#3665)
• Create2: optimize address computation by using assembly instead of abi.encodePacked. (#3600)
• Clones: optimized the assembly to use only the scratch space during deployments, and optimized predictDeterministicAddress to use fewer operations. (#3640)
• Checkpoints: Use procedural generation to support multiple key/value lengths. (#3589)
• Checkpoints: Add new lookup mechanisms. (#3589)
• Arrays: Add unsafeAccess functions that allow reading and writing to an element in a storage array bypassing Solidity's "out-of-bounds" check. (#3589)
• Strings: optimize toString. (#3573)
• Ownable2Step: extension of Ownable that makes the ownership transfers a two step process. (#3620)
• Math and SignedMath: optimize function max by using > instead of >=. (#3679)
• Math: Add log2, log10 and log256. (#3670)
• Arbitrum: Update the vendored arbitrum contracts to match the nitro upgrade. (#3692)

Breaking changes

• ERC721: In order to add support for batch minting via ERC721Consecutive it was necessary to make a minor breaking change in the internal interface of ERC721. Namely, the hooks _beforeTokenTransfer and _afterTokenTransfer have one additional argument that may need to be added to overrides:

 function _beforeTokenTransfer(
     address from,
     address to,
     uint256 tokenId,
+    uint256 batchSize
 ) internal virtual override

• ERC4626: Conversion from shares to assets (and vice-versa) in an empty vault used to consider the possible mismatch between the underlying asset's and the vault's decimals. This initial conversion rate is now set to 1-to-1 irrespective of decimals, which are meant for usability purposes only. The vault now uses the assets decimals by default, so off-chain the numbers should appear the same. Developers overriding the vault decimals to a value that does not match the underlying asset may want to override the _initialConvertToShares and _initialConvertToAssets to replicate the previous behavior.

... (truncated)

• 49c0e43 4.8.0
• e0137d4 Fix outdated docs about timelock admin (#3806)
• e708b09 Remove outdated note about hooks from documentation (#3789)
• 16fa183 Fix MerkleProof natspec
• 8bfcb65 Update recommendation of JS library for merkle trees
• 014ce9c ERC721ConsecutiveEnumerable is no longer unreachable
• 1f18fea 4.8.0-rc.2
• 1a41a50 Skip deleted file when updating release version in comments
• 3742c16 Refactor consecutive transfer hooks (#3753)
• 4e18cdc Update merkle multiproof docs with a caution note
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)