From 4c18f674d786bd1dc76ee9b3f84b1ad05be0c0f9 Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Mon, 9 Jun 2025 18:09:46 +0000
Subject: [PATCH] fix: advanced/dapps/react-dapp-v2/package.json &
 advanced/dapps/react-dapp-v2/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220
- https://snyk.io/vuln/SNYK-JS-WS-7266574
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8172694
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-BASEX-10118294
---
 advanced/dapps/react-dapp-v2/package.json |  4 ++--
 advanced/dapps/react-dapp-v2/yarn.lock    | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/advanced/dapps/react-dapp-v2/package.json b/advanced/dapps/react-dapp-v2/package.json
index a5b72b7a9..6fc42f113 100644
--- a/advanced/dapps/react-dapp-v2/package.json
+++ b/advanced/dapps/react-dapp-v2/package.json
@@ -22,7 +22,7 @@
     "@solana/web3.js": "^1.98.1",
     "@walletconnect/encoding": "^1.0.1",
 
-    "@walletconnect/sign-client": "2.18.0",
+    "@walletconnect/sign-client": "2.17.2",
 
     "@walletconnect/types": "2.17.1",
 
@@ -47,7 +47,7 @@
     "blockies-ts": "^1.0.0",
     "bs58": "^5.0.0",
     "cosmos-wallet": "^1.2.0",
-    "eth-sig-util": "^2.5.3",
+    "eth-sig-util": "^3.0.1",
     "ethereumjs-util": "^7.0.6",
     "ethers": "^6.0.0",
     "fp-ts": "^2.13.1",
diff --git a/advanced/dapps/react-dapp-v2/yarn.lock b/advanced/dapps/react-dapp-v2/yarn.lock
index 310d58ad1..5a290c0d5 100644
--- a/advanced/dapps/react-dapp-v2/yarn.lock
+++ b/advanced/dapps/react-dapp-v2/yarn.lock
@@ -8758,12 +8758,12 @@ eth-lib@^0.1.26:
     ws "^3.0.0"
     xhr-request-promise "^0.1.2"
 
-eth-sig-util@^2.5.3:
-  version "2.5.4"
-  resolved "https://registry.yarnpkg.com/eth-sig-util/-/eth-sig-util-2.5.4.tgz#577b01fe491b6bf59b0464be09633e20c1677bc5"
-  integrity sha512-aCMBwp8q/4wrW4QLsF/HYBOSA7TpLKmkVwP3pYQNkEEseW2Rr8Z5Uxc9/h6HX+OG3tuHo+2bINVSihIeBfym6A==
+eth-sig-util@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/eth-sig-util/-/eth-sig-util-3.0.1.tgz#8753297c83a3f58346bd13547b59c4b2cd110c96"
+  integrity sha512-0Us50HiGGvZgjtWTyAI/+qTzYPMLy5Q451D0Xy68bxq1QMWdoOddDwGvsqcFT27uohKgalM9z/yxplyt+mY2iQ==
   dependencies:
-    ethereumjs-abi "0.6.8"
+    ethereumjs-abi "^0.6.8"
     ethereumjs-util "^5.1.1"
     tweetnacl "^1.0.3"
     tweetnacl-util "^0.15.0"
@@ -8826,7 +8826,7 @@ ethereum-cryptography@^2.1.2:
     "@scure/bip32" "1.3.1"
     "@scure/bip39" "1.2.1"
 
-ethereumjs-abi@0.6.8:
+ethereumjs-abi@^0.6.8:
   version "0.6.8"
   resolved "https://registry.yarnpkg.com/ethereumjs-abi/-/ethereumjs-abi-0.6.8.tgz#71bc152db099f70e62f108b7cdfca1b362c6fcae"
   integrity sha512-Tx0r/iXI6r+lRsdvkFDlut0N08jWMnKRZ6Gkq+Nmw75lZe4e6o3EkSnkaBP5NF6+m5PTGAr9JP43N3LyeoglsA==