Skip to content

Update @openzeppelin/community-contracts digest to 269f9b5 #659

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update @openzeppelin/community-contracts digest to 269f9b5 #659

wants to merge 2 commits into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 9, 2025
edited
Loading

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package Type Update Change
@openzeppelin/community-contracts devDependencies digest 2d607bd -> 269f9b5

🔡 If you wish to disable git hash updates, add ":disableDigestUpdates" to the extends array in your config.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested review from a team as code owners September 9, 2025 10:58
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 9, 2025
edited
Loading

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@socket-security Socket Security
Copy link

socket-security bot commented Sep 9, 2025
edited
Loading

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Block Low
[email protected] is a AI-detected potential code anomaly.

Notes: No definitive malware detected in this fragment. The main security concern is supply-chain risk from dynamically loading plugins from potentially untrusted sources. To mitigate, enforce strict plugin provenance, disable remote plugin loading, verify plugin integrity, and apply least-privilege execution for plugins.

Confidence: 1.00

Severity: 0.60

From: package.jsonnpm/[email protected]

ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@renovate renovate bot force-pushed the renovate/openzeppelin-community-contracts-digest branch 3 times, most recently from 635326b to 0b4f22d Compare September 13, 2025 11:35
@ericglau
Copy link
Member

This needs a changeset and snapshot updates

@renovate renovate bot force-pushed the renovate/openzeppelin-community-contracts-digest branch 3 times, most recently from 542d704 to 2bfec22 Compare September 16, 2025 21:45
@renovate renovate bot changed the title Update @openzeppelin/community-contracts digest to 2b02534 Update @openzeppelin/community-contracts digest to 269f9b5 Sep 17, 2025
@renovate renovate bot force-pushed the renovate/openzeppelin-community-contracts-digest branch from 2bfec22 to df12d4f Compare September 17, 2025 14:39
@renovate renovate bot force-pushed the renovate/openzeppelin-community-contracts-digest branch from df12d4f to 021ef07 Compare September 19, 2025 01:30
@socket-security Socket Security
Copy link

socket-security bot commented Sep 19, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addednode-releases@​2.0.191001004488100
Addedindent-string@​5.0.0671009052100
Added@​changesets/​should-skip-package@​0.1.21001006283100
Added@​changesets/​changelog-git@​0.2.11001006384100
Added@​pkgr/​core@​0.2.91001006487100
Added@​changesets/​get-version-range-type@​0.4.01001006583100
Added@​changesets/​changelog-github@​0.5.11001006583100
Addedtr46@​0.0.31001006591100
Added@​changesets/​errors@​0.2.01001006783100
Added@​typescript-eslint/​visitor-keys@​8.39.11001006897100
Addedstrip-bom@​3.0.01001006977100
Addedbetter-path-resolve@​1.0.01001006977100
Added@​typescript-eslint/​parser@​8.39.11001006997100
Addedmin-indent@​1.0.11001006979100
Added@​typescript-eslint/​project-service@​8.39.11001006997100
Addedis-builtin-module@​5.0.01001007178100
Addedtypescript-eslint@​8.39.11001007197100
Addedprettier-linter-helpers@​1.0.01001007277100
Addedread-yaml-file@​1.1.01001007277100
Addedis-subdir@​1.2.01001007377100
Added@​changesets/​read@​0.6.5991007385100
Added@​changesets/​git@​3.0.41001007485100
Added@​changesets/​get-dependents-graph@​2.1.31001007484100
Addedjson-buffer@​3.0.11001007477100
Addedcaniuse-lite@​1.0.300017351001007497100
Added@​typescript-eslint/​type-utils@​8.39.11001007497100
Added@​changesets/​types@​6.1.01001007484100
Added@​changesets/​get-release-plan@​4.0.131001007487100
Added@​typescript-eslint/​types@​8.39.11001007497100
Added@​types/​json-schema@​7.0.151001007578100
Added@​types/​estree@​1.0.81001007579100
Added@​typescript-eslint/​utils@​8.39.11001007597100
See 112 more rows in the dashboard

View full report

@CoveMB CoveMB enabled auto-merge (squash) September 19, 2025 01:42
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Sep 19, 2025

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CoveMB CoveMB CoveMB approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ericglau @CoveMB