Update Contract #8
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…-fix Formal verification: Fix unresolved setup call from the harness constructor
Fix typo in buildSignatureBytes comment
Add 1.5.0 changelog
Feature: migration to `hardhat-toolbox`, ethers v6
Formal verification: Remove rules overlapping with rules in OwnerReach.spec
…ization Use byte instead of and in the SignatureDecoderContract
Chore: Remove ewc and volta from the hardhat config
Formal verification: Add rules that check only modules can execute module transactions
Fix: Solidity linter errors
Prove that ownerCount matches the number of reachable elements.
* Add a 1.3.0 -> 1.4.1 migration contract * Add tests, migrate the fallback handler * fix linting errors
fix typo:
[Certora]: Add counter of owners to specification
- moved assembly code from checkNSignature to new function. - summarized functions. - Tweaked timeout settings
…sh` (#872) This commit adds a detailed warning in the `Safe.sol` contract regarding potential dirty bits in assembly code for types smaller than 256 bits. It emphasizes the importance of considering this for future changes while explaining the rationale behind using assembly for memory efficiency. No functional changes were made to the contract logic. This update aims to improve code clarity and maintainability. Originally reported by @jhoenicke
This PR focuses on correcting typos and improving clarity in documentation files. Signed-off-by: chloefeal <[email protected]>
Corrected `considely` to `concisely` Corrected `hhttps` to `https`
This PR focuses on correcting typos and improving clarity in comments. Thank you very much. Signed-off-by: oliveredget <[email protected]>
Hello, I fix some typos to improve clarity and correctness. Thank you very much. Signed-off-by: calciumbe <[email protected]>
This pull request contains changes to improve clarity and correctness. Description correction: typo fix. Thank you very much. Signed-off-by: dxsullivan <[email protected]>
…889) This pull request includes a change which allows 1 SLOAD to be saved by emitting an existing memory variable instead of reading from storage. * [`contracts/base/OwnerManager.sol`](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L113-R113): Modified the `emit` statement in the `setThreshold` function to use the `_threshold` parameter instead of `threshold`, ensuring the value from memory is emitted.
…ges for encodeData and payload lengths (#873) This pull request includes modifying the `SignatureVerifierMuxer` contract to correct the byte offsets for encoding and payload data. Changes to byte offsets: * [`contracts/handler/extensible/SignatureVerifierMuxer.sol`](diffhunk://#diff-62f21ce8850527f34ef2acdacd96d4a2a1150e3e2a7e16457e82236bbd4259d2L124-R127): Updated the byte offset ranges for `encodeData length`, `encodeData`, and `payload length` to correct values.
…backManager.sol` (#879) Updated the documentation for the fallback handler in both `Safe.sol` and `IFallbackManager.sol` to improve clarity and highlight security risks associated with setting the fallback handler. Added a warning about the potential for bypassing access control mechanisms when using untrusted addresses.
…ion details (#885) This PR adds a detailed comment in the TokenCallbackHandler contract, clarifying the requirement for accounts to register the implementer via the ERC-1820 interface registry to receive ERC777 tokens. This update aims to improve clarity and understanding of the token reception process. No functional changes were made to the contract logic.
…6` (#886) This pull request includes updates to comments in the Solidity smart contracts to clarify the usage of the `keccak256` function. The changes ensure that the comments accurately reflect the encoding process used in the contracts. Changes to comments for clarity: * [`contracts/common/SecuredTokenTransfer.sol`](diffhunk://#diff-7a34930a339acfe3b45e163bee3e08df2132c01826e6e03771827a4181c6f567L19-R19): Updated the comment to specify that `0xa9059cbb` is the `bytes4` encoding of `keccak256("transfer(address,uint256)")`. * [`contracts/proxies/SafeProxy.sol`](diffhunk://#diff-754f853ea53666aa85b2d27bbcc0623b7cfd83449e0b949eed39dde8f01ba1cdL41-R41): Updated the comment to specify that `0xa619486e` is the `bytes4` encoding of `keccak256("masterCopy()")`. Co-authored-by: Mikhail <[email protected]>
…ved in the normal path (#888) This pull request includes a small but important change to the `removeOwner` function in the `OwnerManager` contract. The change optimizes the decrement operation for the `ownerCount` variable. The previous code reads from storage twice with the `ownerCount` variable. By doing pre-decrement (which is cheaper than post-decrement), we can save on 1 SLOAD. Optimization: * [`contracts/base/OwnerManager.sol`](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L74-L80): Modified the `removeOwner` function to use pre-decrement for `ownerCount` to improve efficiency and ensure the threshold check is performed correctly.
…and storage access optimization (#890) This pull request includes an important update to the `ERC165Handler` contract to improve the handling of interface support and streamline the code. The most significant changes are as follows: ### The following optimizes the logic and minimizes storage accesses: * [`contracts/handler/extensible/ERC165Handler.sol`](diffhunk://#diff-aa0838f20fd3f37b00dc661645b4641500e68762b9b624addb99465fcc65a3e0L38-R48): Refactored the logic for checking and updating the support status of interfaces by introducing a local `mapping` reference. This change simplifies the code and ensures that the interface support status is updated correctly.
…ss optimization (#891) This pull request includes a refactor to the `_setSafeMethod` function in the `ExtensibleBase` contract to improve memory access. The following optimizes the logic and minimizes storage accesses: * [`contracts/handler/extensible/ExtensibleBase.sol`](diffhunk://#diff-e395e05c7e2951461c2e599137367a6a3304e849f3c522903d74f1a50f23b577L49-R57): Modified the `_setSafeMethod` function to use a local variable `safeMethod` for accessing the `safeMethods` mapping, which simplifies and clarifies the code.
This pull request includes a critical update to the `SafeProxyFactory` contract in the `contracts/proxies/SafeProxyFactory.sol` file. The change improves the gas cost of the assembly code by replacing the `eq` function with the `iszero` function. Key change: * [`contracts/proxies/SafeProxyFactory.sol`](diffhunk://#diff-53aac98a01e16743466b00bdcb233208f95e1113cc90b95181187d9862b4ad6eL43-R43): Replaced the `eq` function with the `iszero` function in the assembly block to improve code readability and reliability.
…`: save gas via short-circuit evaluation (#893) This pull request includes a change to the `ExtensibleFallbackHandler` contract in the `contracts/handler/ExtensibleFallbackHandler.sol` file. The change modifies the `_supportsInterface` function to reorder the interface checks for `ERC721TokenReceiver`, `ERC1155TokenReceiver`, and `IFallbackHandler`. This helps in taking advantage of the short-circuit evaluation. Changes to interface support order: * [`contracts/handler/ExtensibleFallbackHandler.sol`](diffhunk://#diff-aa345618c4d3f173b09e211d0bd0eec0747177aab345bf8b9f5bbc874a765fe3R21-R26): Reordered the interface checks in the `_supportsInterface` function to place `ERC721TokenReceiver` and `ERC1155TokenReceiver` before `IFallbackHandler`.
This pull request includes several optimizations to the `OwnerManager` and `ERC165Handler` contracts by reducing the number of times array lengths are accessed within loops. These changes aim to improve the efficiency of the code by storing the array lengths in variables before the loops. If not cached, the solidity compiler will always read the length of the array during each iteration. That is, if it is a storage array, this is an extra sload operation (100 additional extra gas for each iteration except for the first) and if it is a memory array, this is an extra mload operation (3 additional gas for each iteration except for the first). Optimizations in `OwnerManager` contract: * [`contracts/base/OwnerManager.sol`](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L38-R39): Stored `_owners.length` in a variable `ownersLength` before the loop to avoid repeatedly accessing the array length. * [`contracts/base/OwnerManager.sol`](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L49-R50): Updated `ownerCount` to use the `ownersLength` variable instead of accessing `_owners.length` again. Optimizations in `ERC165Handler` contract: * [`contracts/handler/extensible/ERC165Handler.sol`](diffhunk://#diff-aa0838f20fd3f37b00dc661645b4641500e68762b9b624addb99465fcc65a3e0L56-R57): Stored `handlerWithSelectors.length` in a variable `len` before the loop in `addSupportedInterfaceBatch` to avoid repeatedly accessing the array length. * [`contracts/handler/extensible/ERC165Handler.sol`](diffhunk://#diff-aa0838f20fd3f37b00dc661645b4641500e68762b9b624addb99465fcc65a3e0L78-R80): Stored `selectors.length` in a variable `len` before the loop in `removeSupportedInterfaceBatch` to avoid repeatedly accessing the array length.
…d `performCreate2` (#887) Commutativity makes the two additions equivalent but Certora recommend the fix below for readability and to follow the standard given that: - `deploymentData` gives a pointer to the start of the array (length position). - Adding `0x20` skips the first 32 bytes (length field) to point directly to the start of the payload. Change: * [`contracts/libraries/CreateCall.sol`](diffhunk://#diff-d5d801f238d69f94974c4f4628197fcc2df478f608c18c5f691f73dfd552e36eL25-R25): Changed the order of parameters in the `create2` function call to correctly add the offset to `deploymentData`. Co-authored-by: Mikhail <[email protected]>
Added a comment in the Safe contract to clarify that the `s` value of ECDSA signatures is not enforced to be in the lower half of the curve. This note explains the implications of ECDSA malleability and reassures that existing mechanisms are in place to prevent duplicate signatures and replay attacks. No functional changes were made to the contract logic.
This pull request includes several changes to increment and decrement operations in various Solidity contract files. The primary goal is to decrease gas usage. Pre-increments and pre-decrements are cheaper. For a uint256 i variable, the following is true with the Optimizer enabled at 10k: Increment: - i += 1 is the most expensive form - i++ costs 6 gas less than i += 1 - ++i costs 5 gas less than i++ (11 gas less than i += 1) Decrement: - i -= 1 is the most expensive form - i-- costs 11 gas less than i -= 1 - --i costs 5 gas less than i-- (16 gas less than i -= 1) Changes to increment and decrement operations: * [`contracts/Safe.sol`](diffhunk://#diff-587b494ea631bb6b7adf4fc3e1a2e6a277a385ff16e1163b26e39de24e9483deL296-R296): Updated the for loop to use the prefix increment operator in the `Safe` contract. * [`contracts/base/ModuleManager.sol`](diffhunk://#diff-82762908b9416ddadffb149ee4d25f328078fc27f938d454d8a207aad1ec3839L215-R215): Changed the increment operation to use the prefix increment operator in the `ModuleManager` contract. * [`contracts/base/OwnerManager.sol`](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L38-R38): Multiple updates to use prefix increment and decrement operators in the `OwnerManager` contract. [[1]](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L38-R38) [[2]](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L63-R63) [[3]](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L80-R80) [[4]](diffhunk://#diff-795fb06764b4c2d991707584a31509badf0b036c9401bfbcb82d6bc9fdebab82L142-R142) * [`contracts/common/StorageAccessible.sol`](diffhunk://#diff-a7dd65d90b0567bb9ba14ecd4ff414529a934cd3752ccf309800fad93fba354eL19-R19): Modified the for loop to use the prefix increment operator in the `StorageAccessible` contract. * [`contracts/handler/extensible/ERC165Handler.sol`](diffhunk://#diff-aa0838f20fd3f37b00dc661645b4641500e68762b9b624addb99465fcc65a3e0L56-R56): Updated for loops to use the prefix increment operator in the `ERC165Handler` contract. [[1]](diffhunk://#diff-aa0838f20fd3f37b00dc661645b4641500e68762b9b624addb99465fcc65a3e0L56-R56) [[2]](diffhunk://#diff-aa0838f20fd3f37b00dc661645b4641500e68762b9b624addb99465fcc65a3e0L78-R78) * [`contracts/libraries/SafeToL2Migration.sol`](diffhunk://#diff-925588b812f729cc164d14a48e571ce813e2f0ae6f5c5420fc0382c767287fd0L188-R188): Changed the increment operation to use the prefix increment operator in the `SafeToL2Migration` contract.
) This pull request includes changes to the `contracts/handler/extensible` directory, specifically in the `MarshalLib.sol` and `SignatureVerifierMuxer.sol` files. The changes focus on improving the handling of data and selectors within assembly code blocks to decrease gas usage. Improvements to data handling and selector extraction: * [`contracts/handler/extensible/MarshalLib.sol`](diffhunk://#diff-7122c44132b6fc89cd7c9f3c48519c88aaf7308705a1170d307d72465eb9e1c9L41-R41): Modified the way the `handler` is extracted from `data` by using a bitwise AND operation to ensure proper extraction of the handler address. [[1]](diffhunk://#diff-7122c44132b6fc89cd7c9f3c48519c88aaf7308705a1170d307d72465eb9e1c9L41-R41) [[2]](diffhunk://#diff-7122c44132b6fc89cd7c9f3c48519c88aaf7308705a1170d307d72465eb9e1c9L59-R59) * [`contracts/handler/extensible/SignatureVerifierMuxer.sol`](diffhunk://#diff-62f21ce8850527f34ef2acdacd96d4a2a1150e3e2a7e16457e82236bbd4259d2L113-R113): Changed the extraction of `sigSelector` from `calldataload` to use a bitwise AND operation for more accurate and secure selector extraction.
…lication if possible (#895) This pull request includes optimizations to the gas usage in the `Safe.sol` and `StorageAccessible.sol` contracts by replacing multiplication operations with bitwise shift operations. While the `DIV / MUL` opcode uses 5 gas, the `SHR / SHL` opcode only uses 3 gas. Gas optimization changes: * [`contracts/Safe.sol`](diffhunk://#diff-587b494ea631bb6b7adf4fc3e1a2e6a277a385ff16e1163b26e39de24e9483deL168-R169): Replaced the multiplication operation `* 64` with the bitwise shift operation `<< 6` to reduce gas costs in the `gasleft` check. * [`contracts/common/StorageAccessible.sol`](diffhunk://#diff-a7dd65d90b0567bb9ba14ecd4ff414529a934cd3752ccf309800fad93fba354eL18-R18): Replaced the multiplication operation `* 32` with the bitwise shift operation `<< 5` to reduce gas costs when creating a new bytes array.
- Upgraded several development dependencies related to Hardhat and zkSync: - `@matterlabs/hardhat-zksync-deploy` from `^1.5.0` to `^1.6.0` - `@matterlabs/hardhat-zksync-node` from `^1.1.1` to `^1.2.1` - `@matterlabs/hardhat-zksync-verify` from `^1.6.0` to `^1.7.1` - `zksync-ethers` from `6.12.1` to `6.15.3` - Refactored the test setup in `SafeToL2Setup.spec.ts` to retrieve the deployed contract instance using `getContractAt` instead of deploying a new instance, enhancing test reliability and efficiency.
Replace broken link with new one. Signed-off-by: piguagua <[email protected]>
This pull request corresponds to the formal verification aspect of the Safe v1.5 audit done by Certora. ## Summary of Changes ### Added Configuration and Specification files corresponding to new rules: * `execute.conf` and `Execute.spec` * `extensible.conf` and `Extensible.spec` * `fallback.conf` and `Fallback.spec` * `guards.conf` and `Guards.spec` * `hash.conf` and `Hash.spec` * `setup.conf` and `Setup.spec` Harness: * `ExtensibleFallbackHandlerHarness.sol` to reason about the fallback handler Mocks: * `DummyHandler.sol` for reasoning about the fallback handler * `TxnGuardMock.sol` and `TxnGuardMockDuplicate.sol` for reasoning about the transaction guard * `ModuleGuardMock.sol` and `ModuleGuardMockDuplicate.sol` for reasoning about the module guard ### Modified * `applyHarness.patch` - added some minor munging as explained in the audit report * `run.conf` - remove a deprecated configuration tag that was giving errors to the Prover * `Safe.spec` - moved a rule about guards to `Guard.spec` for logical continuity * `SafeHarness.sol` - added some view functionality to the Safe harness for some rules Co-authored-by: Derek Sorensen <[email protected]>
Hello, I found a typo error in `certora/specs/OwnerReach.spec`: `isOwnerNotSelfOrSentinal ` -> `isOwnerNotSelfOrSentinel` Thank you. Signed-off-by: ericlehong <[email protected]>
This PR adds the FV rules introduced in #901 to the workflow.
Bumps and [undici](https://github.com/nodejs/undici). These dependencies needed to be updated together. Updates `undici` from 5.28.4 to 6.21.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodejs/undici/releases">undici's releases</a>.</em></p> <blockquote> <h2>v6.21.1</h2> <h1>⚠️ Security Release⚠️ </h1> <p>Fixes CVE CVE-2025-22150 <a href="https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975">https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975</a> (embargoed until 22-01-2025).</p> <h2>What's Changed</h2> <ul> <li>fix(<a href="https://redirect.github.com/nodejs/undici/issues/3736">#3736</a>): back-port 183f8e9 to v6.x by <a href="https://github.com/ggoodman"><code>@ggoodman</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3855">nodejs/undici#3855</a></li> <li>fix(<a href="https://redirect.github.com/nodejs/undici/issues/3817">#3817</a>): send servername for SNI on TLS (<a href="https://redirect.github.com/nodejs/undici/issues/3821">#3821</a>) [backport] by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3864">nodejs/undici#3864</a></li> <li>fix: sending formdata bodies with http2 (<a href="https://redirect.github.com/nodejs/undici/issues/3863">#3863</a>) [backport] by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3866">nodejs/undici#3866</a></li> <li>[Backport v6.x] fix: Fixed the issue that there is no running request when http2 goaway by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3877">nodejs/undici#3877</a></li> <li>types: [backport] Update return type of RetryCallback (<a href="https://redirect.github.com/nodejs/undici/issues/3851">#3851</a>) by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3876">nodejs/undici#3876</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v6.21.0...v6.21.1">https://github.com/nodejs/undici/compare/v6.21.0...v6.21.1</a></p> <h2>v6.21.0</h2> <h2>What's Changed</h2> <ul> <li>[Backport v6.x] web: mark as uncloneable when possible (<a href="https://redirect.github.com/nodejs/undici/issues/3709">#3709</a>) by <a href="https://github.com/jazelly"><code>@jazelly</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3744">nodejs/undici#3744</a></li> <li>[Backport v6.x] fetch: fix content-encoding order by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3764">nodejs/undici#3764</a></li> <li>[Backport v6.x] fix: handle undefined deref() of WeakRef(socket) by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3822">nodejs/undici#3822</a></li> <li>[Backport v6.x] fix: range end is zero-indexed by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3827">nodejs/undici#3827</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v6.20.1...v6.21.0">https://github.com/nodejs/undici/compare/v6.20.1...v6.21.0</a></p> <h2>v6.20.1</h2> <h2>What's Changed</h2> <ul> <li>[Backport v6.x] jsdoc: add jsdoc to lib/web/fetch/constants.js by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3710">nodejs/undici#3710</a></li> <li>[Backport v6.x] feat: implement <code>BodyReadable.bytes</code> by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3711">nodejs/undici#3711</a></li> <li>fix: add more expectsPayload methods by <a href="https://github.com/ronag"><code>@ronag</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3715">nodejs/undici#3715</a></li> <li>[Backport v6.x] chore(H2): onboard H2 into Undici queueing system (<a href="https://redirect.github.com/nodejs/undici/issues/3707">#3707</a>) by <a href="https://github.com/Uzlopak"><code>@Uzlopak</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3724">nodejs/undici#3724</a></li> <li>[Backport v6.x] fix: PoolBase kClose and kDestroy should await and not return the Promise by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3723">nodejs/undici#3723</a></li> <li>[Backport v6.x] fix: extract noop everywhere by <a href="https://github.com/Uzlopak"><code>@Uzlopak</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3727">nodejs/undici#3727</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v6.20.0...v6.20.1">https://github.com/nodejs/undici/compare/v6.20.0...v6.20.1</a></p> <h2>v6.20.0</h2> <h2>What's Changed</h2> <ul> <li>Remove patched dom types (<code>v6.x</code> branch) by <a href="https://github.com/eXhumer"><code>@eXhumer</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3531">nodejs/undici#3531</a></li> <li>docs(Backport v6.x): Fix signature of RetryHandler by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3594">nodejs/undici#3594</a></li> <li>deps(dev): update <code>@types/node</code> by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3618">nodejs/undici#3618</a></li> <li>fix: throw on retry when payload is consume by downstream by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3596">nodejs/undici#3596</a></li> <li>feat(Backport v6.x): move throwOnError to interceptor by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3595">nodejs/undici#3595</a></li> <li>[Backport v6.x] fix: reduce memory usage in client-h1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3672">nodejs/undici#3672</a></li> <li>[Backport v6.x] fix: refactor fast timers, fix UND_ERR_CONNECT_TIMEOUT on event loop blocking by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3673">nodejs/undici#3673</a></li> <li>[Backport v6.x] fix: run asserts first if possible by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3674">nodejs/undici#3674</a></li> <li>[Backport v6.x] fix: use fasttimers for all connection timeouts by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3675">nodejs/undici#3675</a></li> <li>[Backport v6.x] ci: less flaky test/request-timeout.js test by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3678">nodejs/undici#3678</a></li> <li>[Backport v6.x] test: less flaky timers acceptance test, rework fast timer tests to pass them faster by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3679">nodejs/undici#3679</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodejs/undici/commit/e260e7bb173abe3399dabd61338ca4a71fcf8825"><code>e260e7b</code></a> Bumped v6.21.1</li> <li><a href="https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385"><code>c3acc60</code></a> Merge commit from fork</li> <li><a href="https://github.com/nodejs/undici/commit/2414bc9f7d651f830902af00238e1b11d9a389dc"><code>2414bc9</code></a> Update return type of RetryCallback (<a href="https://redirect.github.com/nodejs/undici/issues/3851">#3851</a>) (<a href="https://redirect.github.com/nodejs/undici/issues/3876">#3876</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/be8cd0afa0cf8207d8849026f2ee6fdc6dc9dcec"><code>be8cd0a</code></a> [Backport v6.x] fix: Fixed the issue that there is no running request when ht...</li> <li><a href="https://github.com/nodejs/undici/commit/ee6176cd2e09853c868bf5bc1a34bf0500963e4d"><code>ee6176c</code></a> fix: sending formdata bodies with http2 (<a href="https://redirect.github.com/nodejs/undici/issues/3863">#3863</a>) [backport] (<a href="https://redirect.github.com/nodejs/undici/issues/3866">#3866</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/a0220f14bfd2a404173eacc94aa1722829075283"><code>a0220f1</code></a> fix(<a href="https://redirect.github.com/nodejs/undici/issues/3817">#3817</a>): send servername for SNI on TLS (<a href="https://redirect.github.com/nodejs/undici/issues/3821">#3821</a>) [backport] (<a href="https://redirect.github.com/nodejs/undici/issues/3864">#3864</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/353ab63188af904a17030d96018d6193247d7d18"><code>353ab63</code></a> fix(<a href="https://redirect.github.com/nodejs/undici/issues/3736">#3736</a>): back-port 183f8e9 to v6.x (<a href="https://redirect.github.com/nodejs/undici/issues/3855">#3855</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/61ec3531a64ffeec953a990c11735ff09455de4e"><code>61ec353</code></a> Bumped v6.21.0</li> <li><a href="https://github.com/nodejs/undici/commit/11e31a4fdc92b09dc47f2cc5c30f5e975e6b6499"><code>11e31a4</code></a> fix: range end is zero-indexed (<a href="https://redirect.github.com/nodejs/undici/issues/3826">#3826</a>) (<a href="https://redirect.github.com/nodejs/undici/issues/3827">#3827</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/98d1b1b2bdbe6137d4b4156b5fbe33af44bdb293"><code>98d1b1b</code></a> fix: handle undefined deref() of WeakRef(socket) (<a href="https://redirect.github.com/nodejs/undici/issues/3751">#3751</a>) (<a href="https://redirect.github.com/nodejs/undici/issues/3822">#3822</a>)</li> <li>Additional commits viewable in <a href="https://github.com/nodejs/undici/compare/v5.28.4...v6.21.1">compare view</a></li> </ul> </details> <br /> Updates `undici` from 6.21.0 to 6.21.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodejs/undici/releases">undici's releases</a>.</em></p> <blockquote> <h2>v6.21.1</h2> <h1>⚠️ Security Release⚠️ </h1> <p>Fixes CVE CVE-2025-22150 <a href="https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975">https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975</a> (embargoed until 22-01-2025).</p> <h2>What's Changed</h2> <ul> <li>fix(<a href="https://redirect.github.com/nodejs/undici/issues/3736">#3736</a>): back-port 183f8e9 to v6.x by <a href="https://github.com/ggoodman"><code>@ggoodman</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3855">nodejs/undici#3855</a></li> <li>fix(<a href="https://redirect.github.com/nodejs/undici/issues/3817">#3817</a>): send servername for SNI on TLS (<a href="https://redirect.github.com/nodejs/undici/issues/3821">#3821</a>) [backport] by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3864">nodejs/undici#3864</a></li> <li>fix: sending formdata bodies with http2 (<a href="https://redirect.github.com/nodejs/undici/issues/3863">#3863</a>) [backport] by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3866">nodejs/undici#3866</a></li> <li>[Backport v6.x] fix: Fixed the issue that there is no running request when http2 goaway by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3877">nodejs/undici#3877</a></li> <li>types: [backport] Update return type of RetryCallback (<a href="https://redirect.github.com/nodejs/undici/issues/3851">#3851</a>) by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3876">nodejs/undici#3876</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v6.21.0...v6.21.1">https://github.com/nodejs/undici/compare/v6.21.0...v6.21.1</a></p> <h2>v6.21.0</h2> <h2>What's Changed</h2> <ul> <li>[Backport v6.x] web: mark as uncloneable when possible (<a href="https://redirect.github.com/nodejs/undici/issues/3709">#3709</a>) by <a href="https://github.com/jazelly"><code>@jazelly</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3744">nodejs/undici#3744</a></li> <li>[Backport v6.x] fetch: fix content-encoding order by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3764">nodejs/undici#3764</a></li> <li>[Backport v6.x] fix: handle undefined deref() of WeakRef(socket) by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3822">nodejs/undici#3822</a></li> <li>[Backport v6.x] fix: range end is zero-indexed by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3827">nodejs/undici#3827</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v6.20.1...v6.21.0">https://github.com/nodejs/undici/compare/v6.20.1...v6.21.0</a></p> <h2>v6.20.1</h2> <h2>What's Changed</h2> <ul> <li>[Backport v6.x] jsdoc: add jsdoc to lib/web/fetch/constants.js by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3710">nodejs/undici#3710</a></li> <li>[Backport v6.x] feat: implement <code>BodyReadable.bytes</code> by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3711">nodejs/undici#3711</a></li> <li>fix: add more expectsPayload methods by <a href="https://github.com/ronag"><code>@ronag</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3715">nodejs/undici#3715</a></li> <li>[Backport v6.x] chore(H2): onboard H2 into Undici queueing system (<a href="https://redirect.github.com/nodejs/undici/issues/3707">#3707</a>) by <a href="https://github.com/Uzlopak"><code>@Uzlopak</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3724">nodejs/undici#3724</a></li> <li>[Backport v6.x] fix: PoolBase kClose and kDestroy should await and not return the Promise by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3723">nodejs/undici#3723</a></li> <li>[Backport v6.x] fix: extract noop everywhere by <a href="https://github.com/Uzlopak"><code>@Uzlopak</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3727">nodejs/undici#3727</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v6.20.0...v6.20.1">https://github.com/nodejs/undici/compare/v6.20.0...v6.20.1</a></p> <h2>v6.20.0</h2> <h2>What's Changed</h2> <ul> <li>Remove patched dom types (<code>v6.x</code> branch) by <a href="https://github.com/eXhumer"><code>@eXhumer</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3531">nodejs/undici#3531</a></li> <li>docs(Backport v6.x): Fix signature of RetryHandler by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3594">nodejs/undici#3594</a></li> <li>deps(dev): update <code>@types/node</code> by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3618">nodejs/undici#3618</a></li> <li>fix: throw on retry when payload is consume by downstream by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3596">nodejs/undici#3596</a></li> <li>feat(Backport v6.x): move throwOnError to interceptor by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3595">nodejs/undici#3595</a></li> <li>[Backport v6.x] fix: reduce memory usage in client-h1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3672">nodejs/undici#3672</a></li> <li>[Backport v6.x] fix: refactor fast timers, fix UND_ERR_CONNECT_TIMEOUT on event loop blocking by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3673">nodejs/undici#3673</a></li> <li>[Backport v6.x] fix: run asserts first if possible by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3674">nodejs/undici#3674</a></li> <li>[Backport v6.x] fix: use fasttimers for all connection timeouts by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3675">nodejs/undici#3675</a></li> <li>[Backport v6.x] ci: less flaky test/request-timeout.js test by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3678">nodejs/undici#3678</a></li> <li>[Backport v6.x] test: less flaky timers acceptance test, rework fast timer tests to pass them faster by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/3679">nodejs/undici#3679</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodejs/undici/commit/e260e7bb173abe3399dabd61338ca4a71fcf8825"><code>e260e7b</code></a> Bumped v6.21.1</li> <li><a href="https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385"><code>c3acc60</code></a> Merge commit from fork</li> <li><a href="https://github.com/nodejs/undici/commit/2414bc9f7d651f830902af00238e1b11d9a389dc"><code>2414bc9</code></a> Update return type of RetryCallback (<a href="https://redirect.github.com/nodejs/undici/issues/3851">#3851</a>) (<a href="https://redirect.github.com/nodejs/undici/issues/3876">#3876</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/be8cd0afa0cf8207d8849026f2ee6fdc6dc9dcec"><code>be8cd0a</code></a> [Backport v6.x] fix: Fixed the issue that there is no running request when ht...</li> <li><a href="https://github.com/nodejs/undici/commit/ee6176cd2e09853c868bf5bc1a34bf0500963e4d"><code>ee6176c</code></a> fix: sending formdata bodies with http2 (<a href="https://redirect.github.com/nodejs/undici/issues/3863">#3863</a>) [backport] (<a href="https://redirect.github.com/nodejs/undici/issues/3866">#3866</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/a0220f14bfd2a404173eacc94aa1722829075283"><code>a0220f1</code></a> fix(<a href="https://redirect.github.com/nodejs/undici/issues/3817">#3817</a>): send servername for SNI on TLS (<a href="https://redirect.github.com/nodejs/undici/issues/3821">#3821</a>) [backport] (<a href="https://redirect.github.com/nodejs/undici/issues/3864">#3864</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/353ab63188af904a17030d96018d6193247d7d18"><code>353ab63</code></a> fix(<a href="https://redirect.github.com/nodejs/undici/issues/3736">#3736</a>): back-port 183f8e9 to v6.x (<a href="https://redirect.github.com/nodejs/undici/issues/3855">#3855</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/61ec3531a64ffeec953a990c11735ff09455de4e"><code>61ec353</code></a> Bumped v6.21.0</li> <li><a href="https://github.com/nodejs/undici/commit/11e31a4fdc92b09dc47f2cc5c30f5e975e6b6499"><code>11e31a4</code></a> fix: range end is zero-indexed (<a href="https://redirect.github.com/nodejs/undici/issues/3826">#3826</a>) (<a href="https://redirect.github.com/nodejs/undici/issues/3827">#3827</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/98d1b1b2bdbe6137d4b4156b5fbe33af44bdb293"><code>98d1b1b</code></a> fix: handle undefined deref() of WeakRef(socket) (<a href="https://redirect.github.com/nodejs/undici/issues/3751">#3751</a>) (<a href="https://redirect.github.com/nodejs/undici/issues/3822">#3822</a>)</li> <li>Additional commits viewable in <a href="https://github.com/nodejs/undici/compare/v5.28.4...v6.21.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/safe-global/safe-smart-account/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: fanqiaojun <[email protected]>
This pull request includes a small change to the `.github/CODEOWNERS` file. The change assigns ownership of all files to the specified team members.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.