Skip to content

chore(deps): bump @openzeppelin/contracts and eth-token-recover#17

Merged
vittominacori merged 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-00c09c834e
Aug 28, 2025
Merged

chore(deps): bump @openzeppelin/contracts and eth-token-recover#17
vittominacori merged 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-00c09c834e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Aug 25, 2025

Copy link
Copy Markdown
Contributor

Bumps @openzeppelin/contracts to 5.4.0 and updates ancestor dependency eth-token-recover. These dependencies need to be updated together.

Updates @openzeppelin/contracts from 5.2.0 to 5.4.0

Release notes

Sourced from @​openzeppelin/contracts's releases.

v5.4.0

Breaking changes

  • Update minimum pragma to 0.8.24 in SignatureChecker, Governor and Governor's extensions. (#5716).

Pragma changes

  • Reduced pragma requirement of interface files

Changes by category

Account

  • Account: Added a simple ERC-4337 account implementation with minimal logic to process user operations. (#5657)
  • AccountERC7579: Extension of Account that implements support for ERC-7579 modules of type executor, validator, and fallback handler. (#5657)
  • AccountERC7579Hooked: Extension of AccountERC7579 that implements support for ERC-7579 hook modules. (#5657)
  • EIP7702Utils: Add a library for checking if an address has an EIP-7702 delegation in place. (#5587)
  • IERC7821, ERC7821: Interface and logic for minimal batch execution. No support for additional opData is included. (#5657)

Governance

  • GovernorNoncesKeyed: Extension of Governor that adds support for keyed nonces when voting by sig. (#5574)

Tokens

  • ERC20Bridgeable: Implementation of ERC-7802 that makes an ERC-20 compatible with crosschain bridges. (#5739)

Cryptography

Signers
  • AbstractSigner, SignerECDSA, SignerP256, and SignerRSA: Add an abstract contract and various implementations for contracts that deal with signature verification. (#5657)
  • SignerERC7702: Implementation of AbstractSigner for Externally Owned Accounts (EOAs). Useful with ERC-7702. (#5657)
  • SignerERC7913: Abstract signer that verifies signatures using the ERC-7913 workflow. (#5659)
  • MultiSignerERC7913: Implementation of AbstractSigner that supports multiple ERC-7913 signers with a threshold-based signature verification system. (#5659)
  • MultiSignerERC7913Weighted: Extension of MultiSignerERC7913 that supports assigning different weights to each signer, enabling more flexible governance schemes. (#5741)
Verifiers
  • ERC7913P256Verifier and ERC7913RSAVerifier: Ready to use ERC-7913 verifiers that implement key verification for P256 (secp256r1) and RSA keys. (#5659)
Other
  • SignatureChecker: Add support for ERC-7913 signatures alongside existing ECDSA and ERC-1271 signature verification. (#5659)
  • ERC7739: An abstract contract to validate signatures following the rehashing scheme from ERC7739Utils. (#5664)
  • ERC7739Utils: Add a library that implements a defensive rehashing mechanism to prevent replayability of smart contract signatures based on the ERC-7739. (#5664)

Structures

  • EnumerableMap: Add support for BytesToBytesMap type. (#5658)

... (truncated)

Changelog

Sourced from @​openzeppelin/contracts's changelog.

5.4.0 (2025-07-17)

Breaking changes

  • Update minimum pragma to 0.8.24 in SignatureChecker, Governor and Governor's extensions. (#5716).

Pragma changes

  • Reduced pragma requirement of interface files

Changes by category

Account

  • Account: Added a simple ERC-4337 account implementation with minimal logic to process user operations. (#5657)
  • AccountERC7579: Extension of Account that implements support for ERC-7579 modules of type executor, validator, and fallback handler. (#5657)
  • AccountERC7579Hooked: Extension of AccountERC7579 that implements support for ERC-7579 hook modules. (#5657)
  • EIP7702Utils: Add a library for checking if an address has an EIP-7702 delegation in place. (#5587)
  • IERC7821, ERC7821: Interface and logic for minimal batch execution. No support for additional opData is included. (#5657)

Governance

  • GovernorNoncesKeyed: Extension of Governor that adds support for keyed nonces when voting by sig. (#5574)

Tokens

  • ERC20Bridgeable: Implementation of ERC-7802 that makes an ERC-20 compatible with crosschain bridges. (#5739)

Cryptography

Signers
  • AbstractSigner, SignerECDSA, SignerP256, and SignerRSA: Add an abstract contract and various implementations for contracts that deal with signature verification. (#5657)
  • SignerERC7702: Implementation of AbstractSigner for Externally Owned Accounts (EOAs). Useful with ERC-7702. (#5657)
  • SignerERC7913: Abstract signer that verifies signatures using the ERC-7913 workflow. (#5659)
  • MultiSignerERC7913: Implementation of AbstractSigner that supports multiple ERC-7913 signers with a threshold-based signature verification system. (#5659)
  • MultiSignerERC7913Weighted: Extension of MultiSignerERC7913 that supports assigning different weights to each signer, enabling more flexible governance schemes. (#5741)
Verifiers
  • ERC7913P256Verifier and ERC7913RSAVerifier: Ready to use ERC-7913 verifiers that implement key verification for P256 (secp256r1) and RSA keys. (#5659)
Other
  • SignatureChecker: Add support for ERC-7913 signatures alongside existing ECDSA and ERC-1271 signature verification. (#5659)
  • ERC7739: An abstract contract to validate signatures following the rehashing scheme from ERC7739Utils. (#5664)
  • ERC7739Utils: Add a library that implements a defensive rehashing mechanism to prevent replayability of smart contract signatures based on the ERC-7739. (#5664)

Structures

... (truncated)

Commits
  • c64a1ed Release v5.4.0 (#5801)
  • 6f9f523 Exit release candidate
  • f19bf29 Fix bug in Bytes.lastIndexOf when array is empty and position is not 2²⁵⁶-1 (...
  • fffade5 Add warning about Clones pointing to implementation with no code (#5798)
  • 54a8027 Clarify documentation for IAccessManager.canCall (#5795)
  • f12605a Add Account framework docs and guides (#5660)
  • 83b829e Address 5.4 audit documentation improvements (#5779)
  • 2e152ba Cause _addSigners to revert if it triggers a totalWeight overflow (#5790)
  • a341850 Minimize pragma for MultiSignerERC7913Weighted.sol (#5778)
  • ca1494a Improve naming consystency in EnumerableSet (#5776)
  • Additional commits viewable in compare view

Updates eth-token-recover from 6.5.0 to 6.9.0

Release notes

Sourced from eth-token-recover's releases.

v6.9.0

chore: update openzeppelin to v5.4.0 and other dependencies

Full Changelog: vittominacori/eth-token-recover@v6.8.0...v6.9.0

v6.8.0

What's Changed

Full Changelog: vittominacori/eth-token-recover@v6.7.0...v6.8.0

v6.7.0

What's Changed

Full Changelog: vittominacori/eth-token-recover@v6.6.0...v6.7.0

v6.6.0

What's Changed

Full Changelog: vittominacori/eth-token-recover@v6.5.0...v6.6.0

Commits
  • ca152ba chore: update openzeppelin to 5.4.0 and other dependencies
  • f554ed0 feat: update dependencies and solc version
  • 89ac78e chore(deps): bump pbkdf2 from 3.1.2 to 3.1.3
  • 6413433 chore(deps): bump pbkdf2 from 3.1.2 to 3.1.3
  • ab33fea chore: update dependencies
  • ed63fcd Merge pull request #45 from vittominacori/dependabot/npm_and_yarn/base-x-3.0.11
  • ed70b26 chore(deps): bump base-x from 3.0.10 to 3.0.11
  • 2349b2f chore: bump openzeppelin to 5.3.0
  • 98785db chore: update dependencies
  • e5b7eed Merge pull request #44 from vittominacori/dependabot/npm_and_yarn/axios-1.8.2
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [@openzeppelin/contracts](https://github.com/OpenZeppelin/openzeppelin-contracts) to 5.4.0 and updates ancestor dependency [eth-token-recover](https://github.com/vittominacori/eth-token-recover). These dependencies need to be updated together.


Updates `@openzeppelin/contracts` from 5.2.0 to 5.4.0
- [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts/releases)
- [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/CHANGELOG.md)
- [Commits](OpenZeppelin/openzeppelin-contracts@v5.2.0...v5.4.0)

Updates `eth-token-recover` from 6.5.0 to 6.9.0
- [Release notes](https://github.com/vittominacori/eth-token-recover/releases)
- [Commits](vittominacori/eth-token-recover@v6.5.0...v6.9.0)

---
updated-dependencies:
- dependency-name: "@openzeppelin/contracts"
  dependency-version: 5.4.0
  dependency-type: indirect
- dependency-name: eth-token-recover
  dependency-version: 6.9.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Aug 25, 2025
@vittominacori vittominacori merged commit 34bd2d5 into master Aug 28, 2025
5 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/multi-00c09c834e branch August 28, 2025 08:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant