[Snyk] Upgrade openzeppelin-solidity from 2.2.0 to 2.5.1 #37
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade openzeppelin-solidity from 2.2.0 to 2.5.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: openzeppelin-solidity
This is a small bugfix release, addressing an issue that allowed for some
internal
functions in ERC777 to be called with the zero address as one of their arguments.This was reported in #2208 and fixed in #2212.
We're very happy the announce the release of OpenZeppelin Contracts v2.5!
This new release features:
EnumerableSet
: similar to Solidity'smapping
, but that lets you retrieve all the keys! Useful for dapps that need to display a set of accounts with some property, and cannot rely on events alone.Create2
: a simple library for using the CREATE2 opcode, allowing for deployment and pre-computation of addresses when using it.To learn more about all the cool things you can do with it, head to Getting the Most out of CREATE2
ERC721Metadata.baseURI
: a neat extension for massive gas savings when the token URIs share a prefix, likehttps://my.cool.app/token/<id>
There are also some minor improvements, such as gas optimizations for
ReentrancyGuard
and additional extensibility ofERC777
, among others.For the complete list of changes, head to our changelog.
To install the new release, run:
New Documentation 📚
We've also recently done some some improvements to our documentation website, including new detailed guides and documentation for our other tools, such as the Test Helpers, our blazing-fast Test Environment and the OpenZeppelin Command Line Interface. Check them out for a radically better development experience!
Saying Goodbye to Solidity v0.5 👋
December 2019 saw the release of Solidity v0.6. This new version of the language has major improvements, and we're already underway to release the next version of OpenZeppelin Contracts with support for Solidity v0.6.
However, it also includes a lot of breaking changes, making it difficult to support both v0.5 and v0.6 code at the same time. For this reason, we've decided OpenZeppelin Contracts v2.5 will be the last version supporting Solidity v0.5.
The exciting good news it that the next OpenZeppelin Contracts release will be v3.0, where we'll get to redesign some quirky bits of the library, improving ease of use and flexibility. Stay tuned!
2.5.0-rc.0
In 2.4 we're releasing support for the Gas Station Network for user onboarding and metatransactions ⛽, new functions to safeguard your contracts against the Istanbul hard fork, and improvements to error messages.
Read the full announcement in the OpenZeppelin Forum, and make sure to check out the details in the changelog!
Enjoy!
2.4.0-beta.2
2.4.0-beta.1
Commit messages
Package name: openzeppelin-solidity
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs