[Snyk] Fix for 4 vulnerabilities

[filiptronicek]

Snyk has created this PR to fix 4 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json
• yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Information Exposure SNYK-JS-ELLIPTIC-8720086	843
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITPLUGINPAGINATEREST-8730855	738
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITREQUEST-8730853	738
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITREQUESTERROR-8730854	738

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[github-actions]

yarn.lock changes

Summary

Status	Count
	20
	47
	3
	187

Click to toggle table visibility

Name	Status	Previous	Current
@adraffy/ens-normalize		-	1.11.0
@ethereumjs/common		2.6.0	-
@ethereumjs/rlp		-	5.0.2
@ethereumjs/tx		3.4.0	-
@noble/curves		-	1.4.2
@noble/hashes		-	1.4.0
@octokit/app		12.0.5	15.1.4
@octokit/auth-app		3.6.1	7.1.5
@octokit/auth-oauth-app		4.3.0	8.1.3
@octokit/auth-oauth-device		3.1.2	7.1.3
@octokit/auth-oauth-user		1.3.0	5.1.3
@octokit/auth-token		2.5.0	5.1.2
@octokit/auth-unauthenticated		2.1.0	6.1.2
@octokit/core		3.5.1	6.1.4
@octokit/endpoint		6.0.12	10.1.3
@octokit/graphql		4.8.0	8.2.1
@octokit/oauth-app		3.6.0	7.1.6
@octokit/oauth-authorization-url		4.3.3	7.1.1
@octokit/oauth-methods		1.2.6	5.1.4
@octokit/openapi-types		12.1.0	23.0.1
@octokit/openapi-webhooks-types		-	9.1.0
@octokit/plugin-paginate-graphql		-	5.2.4
@octokit/plugin-paginate-rest		2.18.0	11.4.2
@octokit/plugin-rest-endpoint-methods		5.14.0	13.3.1
@octokit/plugin-retry		3.0.9	7.1.4
@octokit/plugin-throttling		3.5.2	9.4.0
@octokit/request		5.6.3	9.2.2
@octokit/request-error		2.1.0	6.1.7
@octokit/types		6.35.0	13.8.0
@octokit/webhooks		9.22.0	13.6.1
@octokit/webhooks-methods		2.0.0	5.1.1
@octokit/webhooks-types		5.2.0	-
@scure/base		-	1.1.9
@scure/bip32		-	1.4.0
@scure/bip39		-	1.3.0
@sindresorhus/is		0.14.0	-
@szmarczak/http-timer		1.1.2	-
@types/bn.js		5.1.0	4.11.6
@types/btoa-lite		1.0.0	-
@types/jsonwebtoken		8.5.8	-
@types/ws		-	8.5.3
abitype		-	0.7.1
accepts		1.3.7	-
aggregate-error		3.1.0	-
array-flatten		1.1.1	-
asn1		0.2.6	-
asn1.js		5.4.1	-
assert-plus		1.0.0	-
async-limiter		1.0.1	-
aws-sign2		0.7.0	-
aws4		1.11.0	-
bcrypt-pbkdf		1.0.2	-
before-after-hook		2.2.2	3.0.2
bignumber.js		9.0.2	-
bluebird		3.7.2	-
body-parser		1.19.1	-
browserify-cipher		1.0.1	-
browserify-des		1.0.2	-
browserify-rsa		4.1.0	-
browserify-sign		4.2.1	-
btoa-lite		1.0.0	-
buffer-equal-constant-time		1.0.1	-
buffer-to-arraybuffer		0.0.5	-
bytes		3.1.1	-
cacheable-request		6.1.0	-
caseless		0.12.0	-
cids		0.7.5	-
clean-stack		2.2.0	-
clone-response		1.0.2	-
content-disposition		0.5.4	-
content-hash		2.5.2	-
content-type		1.0.4	-
cookie-signature		1.0.6	-
cookiejar		2.1.3	-
core-util-is		1.0.2	1.0.3
cors		2.8.5	-
crc-32		1.2.0	1.2.2
create-ecdh		4.0.4	-
cross-fetch		3.1.5	4.1.0
crypto-browserify		3.12.0	-
d		1.0.1	-
dashdash		1.14.1	-
decode-uri-component		0.2.0	-
defer-to-connect		1.1.3	-
depd		1.1.2	-
deprecation		2.3.1	-
des.js		1.0.1	-
destroy		1.0.4	-
diffie-hellman		5.0.3	-
dom-walk		0.1.2	-
duplexer3		0.1.4	-
ecc-jsbn		0.1.2	-
ecdsa-sig-formatter		1.0.11	-
ee-first		1.1.1	-
encodeurl		1.0.2	-
es5-ext		0.10.53	-
es6-iterator		2.0.3	-
es6-symbol		3.1.3	-
etag		1.8.1	-
eth-ens-namehash		2.0.8	-
eth-lib		0.2.8	-
ethereum-bloom-filters		1.0.10	-
ethereum-cryptography		0.1.3	2.2.1
ethereumjs-util		7.1.3	6.2.1
ethjs-unit		0.1.6	-
eventemitter3		4.0.4	5.0.1
exit-on-epipe		1.0.1	-
express		4.17.2	-
ext		1.6.0	-
extend		3.0.2	-
extsprintf		1.3.0	-
fast-content-type-parse		-	2.0.1
finalhandler		1.1.2	-
forever-agent		0.6.1	-
forwarded		0.2.0	-
fresh		0.5.2	-
fromentries		1.3.2	-
fs-minipass		1.2.7	-
getpass		0.1.7	-
global		4.4.0	-
got		9.6.0	-
har-schema		2.0.0	-
har-validator		5.1.5	-
has-symbol-support-x		1.4.2	-
has-to-string-tag-x		1.4.1	-
http-cache-semantics		4.1.0	-
http-errors		1.8.1	-
http-https		1.0.0	-
http-signature		1.2.0	-
idna-uts46-hx		2.3.1	-
is-function		1.0.2	-
is-object		1.0.2	-
is-plain-object		5.0.0	-
is-retry-allowed		1.2.0	-
is-typedarray		1.0.0	-
isomorphic-ws		-	5.0.0
isstream		0.1.2	-
isurl		1.0.0	-
jsbn		0.1.1	-
json-buffer		3.0.0	-
json-stringify-safe		5.0.1	-
jsonwebtoken		8.5.1	-
jsprim		1.4.2	-
jwa		1.4.1	-
jws		3.2.2	-
keyv		3.1.0	-
lodash.includes		4.3.0	-
lodash.isboolean		3.0.3	-
lodash.isinteger		4.0.4	-
lodash.isnumber		3.0.3	-
lodash.isplainobject		4.0.6	-
lodash.isstring		4.0.1	-
lodash.once		4.1.1	-
lowercase-keys		2.0.0	-
media-typer		0.3.0	-
merge-descriptors		1.0.1	-
methods		1.1.2	-
miller-rabin		4.0.1	-
min-document		2.19.0	-
minipass		2.9.0	-
minizlib		1.3.3	-
mkdirp		0.5.5	-
mkdirp-promise		5.0.1	-
mock-fs		4.14.0	-
ms		2.1.3	2.1.2
multibase		0.7.0	-
multicodec		1.0.4	-
multihashes		0.4.21	-
nano-json-stream-parser		0.1.2	-
negotiator		0.6.2	-
next-tick		1.0.0	-
normalize-url		4.5.1	-
number-to-bn		1.7.0	-
oauth-sign		0.9.0	-
oboe		2.1.5	-
octokit		1.8.0	4.1.2
on-finished		2.3.0	-
p-cancelable		1.1.0	-
p-finally		1.0.0	-
p-timeout		1.2.1	-
parse-asn1		5.1.6	-
parse-headers		2.0.4	-
parseurl		1.3.3	-
path-to-regexp		0.1.7	-
performance-now		2.1.0	-
prepend-http		2.0.0	-
printj		1.1.2	-
process		0.11.10	-
proxy-addr		2.0.7	-
public-encrypt		4.0.3	-
qs		6.9.6	-
query-string		5.1.1	-
randomfill		1.0.4	-
raw-body		2.4.2	-
request		2.88.2	-
responselike		1.0.2	-
send		0.17.2	-
serve-static		1.14.2	-
servify		0.1.12	-
setprototypeof		1.2.0	-
sshpk		1.17.0	-
statuses		1.5.0	-
strict-uri-encode		1.1.0	-
swarm-js		0.1.40	-
tar		4.4.19	-
timed-out		4.0.1	-
to-readable-stream		1.0.0	-
toad-cache		-	3.7.0
toidentifier		1.0.1	-
type		2.5.0	-
type-is		1.6.18	-
typedarray-to-buffer		3.1.5	-
ultron		1.1.1	-
universal-github-app-jwt		1.1.0	2.2.0
universal-user-agent		6.0.0	7.0.2
unpipe		1.0.0	-
url-parse-lax		3.0.0	-
url-set-query		1.0.0	-
url-to-options		1.0.1	-
utf8		3.0.0	-
utils-merge		1.0.1	-
vary		1.1.2	-
verror		1.10.0	-
web3		1.7.3	4.16.0
web3-bzz		1.7.3	-
web3-core		1.7.3	4.7.1
web3-core-helpers		1.7.3	-
web3-core-method		1.7.3	-
web3-core-promievent		1.7.3	-
web3-core-requestmanager		1.7.3	-
web3-core-subscriptions		1.7.3	-
web3-errors		-	1.3.1
web3-eth		1.7.3	4.11.1
web3-eth-abi		1.7.3	4.4.1
web3-eth-accounts		1.7.3	4.3.1
web3-eth-contract		1.7.3	4.7.2
web3-eth-ens		1.7.3	4.4.0
web3-eth-iban		1.7.3	4.0.7
web3-eth-personal		1.7.3	4.1.0
web3-net		1.7.3	4.1.0
web3-providers-http		1.7.3	4.2.0
web3-providers-ipc		1.7.3	4.0.7
web3-providers-ws		1.7.3	4.0.8
web3-rpc-methods		-	1.3.0
web3-rpc-providers		-	1.0.0-rc.4
web3-shh		1.7.3	-
web3-types		-	1.10.0
web3-utils		1.7.3	4.3.3
web3-validator		-	2.0.6
websocket		1.0.34	-
ws		8.9.0	8.18.0
xhr		2.6.0	-
xhr-request		1.1.0	-
xhr-request-promise		0.1.3	-
xhr2-cookies		1.1.0	-
yaeti		0.0.6	-
zod		-	3.24.2