Skip to content

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 29, 2022

Bumps @openzeppelin/contracts from 4.6.0 to 4.7.0.

Release notes

Sourced from @​openzeppelin/contracts's releases.

v4.7.0-rc.0

This prerelease is now available for open review! Let us know your feedback and if you find any security issues.

We have a bug bounty with rewards of up to USD $25,000 and a special POAP for submitting a valid issue.

See the announcement for more details.

Changelog

Sourced from @​openzeppelin/contracts's changelog.

4.7.0 (2022-06-29)

  • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
  • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
  • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
  • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
  • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
  • Math: add a mulDiv function that can round the result either up or down. (#3171)
  • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
  • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
  • EnumerableMap: add new UintToUintMap map type. (#3338)
  • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
  • SafeCast: add support for many more types, using procedural code generation. (#3245)
  • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
  • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
  • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
  • ERC721: removed redundant require statement. (#3434)
  • PaymentSplitter: add releasable getters. (#3350)
  • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
  • Proxies: remove runtime check of ERC1967 storage slots. (#3455)
  • ERC165Checker: add supportsERC165InterfaceUnchecked for consulting individual interfaces without the full ERC165 protocol. (#3339)
  • Address: optimize functionCall functions by checking contract size only if there is no returned data. (#3469)

Breaking changes

  • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.
Commits
  • 8c49ad7 4.7.0
  • 0b238a5 Minor wording fixes ERC4626 contract (#3510)
  • e4748fb Support memory arrays in MerkleTree multiproof (#3493)
  • b971092 Make ERC4626 _deposit and _withdraw internal virtual (#3504)
  • 4307d74 Add a caution note to ERC4626 about EOA access (#3503)
  • 1e7d735 Clarify PaymentSplitter shares are static
  • 029706d Fix check for generated code when last updated is a release candidate
  • 97c46a7 Output diff when test:generation fails
  • 80c7a3e Rename ERC20TokenizedVault to ERC4626 (#3467)
  • e30ea41 Disable test for updated generated code on upgradeable contracts
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file Type: Security Patch🛡️ labels Jun 29, 2022
@netlify
Copy link

netlify bot commented Jun 29, 2022

Deploy Preview for kleros-v2 ready!

Name Link
🔨 Latest commit 678bf33
🔍 Latest deploy log https://app.netlify.com/sites/kleros-v2/deploys/62bcd2d06b65b800088a2679
😎 Deploy Preview https://deploy-preview-132--kleros-v2.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@jaybuidl jaybuidl force-pushed the dependabot/npm_and_yarn/openzeppelin/contracts-4.7.0 branch from 09230c1 to 5569a19 Compare June 29, 2022 22:29
jaybuidl
jaybuidl previously approved these changes Jun 29, 2022
Bumps [@openzeppelin/contracts](https://github.com/OpenZeppelin/openzeppelin-contracts) from 4.6.0 to 4.7.0.
- [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts/releases)
- [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/CHANGELOG.md)
- [Commits](OpenZeppelin/openzeppelin-contracts@v4.6.0...v4.7.0)

---
updated-dependencies:
- dependency-name: "@openzeppelin/contracts"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@jaybuidl jaybuidl force-pushed the dependabot/npm_and_yarn/openzeppelin/contracts-4.7.0 branch from 5569a19 to 678bf33 Compare June 29, 2022 22:31
@jaybuidl jaybuidl merged commit 678bf33 into master Jun 29, 2022
@qlty-cloud-legacy
Copy link

Code Climate has analyzed commit 678bf33 and detected 19 issues on this pull request.

Here's the issue category breakdown:

Category Count
Complexity 2
Duplication 14
Style 3

View more on Code Climate.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/openzeppelin/contracts-4.7.0 branch June 29, 2022 22:32
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@jaybuidl jaybuidl added this to the prealpha-3 milestone Jun 29, 2022
@jaybuidl jaybuidl restored the dependabot/npm_and_yarn/openzeppelin/contracts-4.7.0 branch November 24, 2022 02:59
@jaybuidl jaybuidl deleted the dependabot/npm_and_yarn/openzeppelin/contracts-4.7.0 branch November 24, 2022 03:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file Type: Security Patch🛡️

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants