From 13a948016558dafdc9b3a17279c983d2bbebf355 Mon Sep 17 00:00:00 2001 From: Jake C-T Date: Thu, 12 Dec 2024 01:53:17 -0700 Subject: [PATCH] fix(core): bump ethers to v6.13.4 (#921) Update ethers version to resolve ws security issue (CVE-2024-37890). Move contract address check outside of branch statement so Typescript can see. Add build instructions to setup to resolve 'Cannot find module '@semaphore-protocol/...' when running tests for the first time. re #920 --- README.md | 8 +- .../package.json | 2 +- .../apps/contracts/package.json | 2 +- .../apps/web-app/package.json | 2 +- .../apps/contracts/package.json | 2 +- .../apps/web-app/package.json | 2 +- packages/contracts/package.json | 2 +- packages/data/package.json | 2 +- packages/data/src/ethers.ts | 8 +- packages/hardhat/package.json | 2 +- packages/proof/package.json | 2 +- packages/utils/package.json | 2 +- yarn.lock | 105 +++++++----------- 13 files changed, 63 insertions(+), 78 deletions(-) diff --git a/README.md b/README.md index 718ff71b7..b5bbe2bbf 100644 --- a/README.md +++ b/README.md @@ -275,12 +275,18 @@ Clone this repository: git clone https://github.com/semaphore-protocol/semaphore.git ``` -And install the dependencies: +Install the dependencies: ```bash cd semaphore && yarn ``` +And build the repositiory: + +```bash +yarn build +``` + ## 📜 Usage Copy the `.env.example` file as `.env`: diff --git a/packages/cli-template-contracts-hardhat/package.json b/packages/cli-template-contracts-hardhat/package.json index ca5cdf7b5..3d12f7d44 100644 --- a/packages/cli-template-contracts-hardhat/package.json +++ b/packages/cli-template-contracts-hardhat/package.json @@ -59,7 +59,7 @@ "eslint-config-airbnb-typescript": "^17.1.0", "eslint-config-prettier": "^9.1.0", "eslint-plugin-import": "^2.29.1", - "ethers": "^6.4.0", + "ethers": "^6.13.4", "hardhat": "^2.20.1", "hardhat-gas-reporter": "^1.0.8", "prettier": "^3.2.5", diff --git a/packages/cli-template-monorepo-ethers/apps/contracts/package.json b/packages/cli-template-monorepo-ethers/apps/contracts/package.json index 647b1a4cc..c8c0d1dd4 100644 --- a/packages/cli-template-monorepo-ethers/apps/contracts/package.json +++ b/packages/cli-template-monorepo-ethers/apps/contracts/package.json @@ -38,7 +38,7 @@ "eslint-config-airbnb-typescript": "^17.1.0", "eslint-config-prettier": "^9.1.0", "eslint-plugin-import": "^2.29.1", - "ethers": "^6.4.0", + "ethers": "^6.13.4", "hardhat": "^2.20.1", "hardhat-gas-reporter": "^1.0.8", "prettier": "^3.2.5", diff --git a/packages/cli-template-monorepo-ethers/apps/web-app/package.json b/packages/cli-template-monorepo-ethers/apps/web-app/package.json index 11147bb77..8edbdcbc0 100644 --- a/packages/cli-template-monorepo-ethers/apps/web-app/package.json +++ b/packages/cli-template-monorepo-ethers/apps/web-app/package.json @@ -12,7 +12,7 @@ "@semaphore-protocol/core": "4.7.2", "@semaphore-protocol/data": "4.7.2", "@semaphore-protocol/utils": "4.7.2", - "ethers": "^6.11.1", + "ethers": "^6.13.4", "next": "14.1.0", "next-pwa": "^5.6.0", "react": "^18", diff --git a/packages/cli-template-monorepo-subgraph/apps/contracts/package.json b/packages/cli-template-monorepo-subgraph/apps/contracts/package.json index e9455b669..d340fee0d 100644 --- a/packages/cli-template-monorepo-subgraph/apps/contracts/package.json +++ b/packages/cli-template-monorepo-subgraph/apps/contracts/package.json @@ -38,7 +38,7 @@ "eslint-config-airbnb-typescript": "^17.1.0", "eslint-config-prettier": "^9.1.0", "eslint-plugin-import": "^2.29.1", - "ethers": "^6.4.0", + "ethers": "^6.13.4", "hardhat": "^2.20.1", "hardhat-gas-reporter": "^1.0.8", "prettier": "^3.2.5", diff --git a/packages/cli-template-monorepo-subgraph/apps/web-app/package.json b/packages/cli-template-monorepo-subgraph/apps/web-app/package.json index 23e1bb3b7..c49be9a7f 100644 --- a/packages/cli-template-monorepo-subgraph/apps/web-app/package.json +++ b/packages/cli-template-monorepo-subgraph/apps/web-app/package.json @@ -12,7 +12,7 @@ "@semaphore-protocol/core": "4.7.2", "@semaphore-protocol/data": "4.7.2", "@semaphore-protocol/utils": "4.7.2", - "ethers": "^6.11.1", + "ethers": "^6.13.4", "next": "14.1.0", "next-pwa": "^5.6.0", "react": "^18", diff --git a/packages/contracts/package.json b/packages/contracts/package.json index 165fdbf19..bc67c982c 100644 --- a/packages/contracts/package.json +++ b/packages/contracts/package.json @@ -29,7 +29,7 @@ "@types/ncp": "^2", "@types/node": "^20.10.7", "chai": "^4.2.0", - "ethers": "^6.4.0", + "ethers": "^6.13.4", "hardhat": "^2.19.4", "hardhat-gas-reporter": "^1.0.8", "ncp": "^2.0.0", diff --git a/packages/data/package.json b/packages/data/package.json index e6b5f1964..9e969070c 100644 --- a/packages/data/package.json +++ b/packages/data/package.json @@ -39,6 +39,6 @@ "dependencies": { "@semaphore-protocol/utils": "4.7.2", "axios": "1.6.6", - "ethers": "6.11.0" + "ethers": "6.13.4" } } diff --git a/packages/data/src/ethers.ts b/packages/data/src/ethers.ts index 431b81014..7a2f81a67 100644 --- a/packages/data/src/ethers.ts +++ b/packages/data/src/ethers.ts @@ -58,13 +58,13 @@ export default class SemaphoreEthers { options.address ??= address options.startBlock ??= startBlock } else { - if (options.address === undefined) { - throw new Error(`Network '${networkOrEthereumURL}' needs a Semaphore contract address`) - } - options.startBlock ??= 0 } + if (options.address === undefined) { + throw new Error(`Network '${networkOrEthereumURL}' needs a Semaphore contract address`) + } + let provider: Provider switch (options.provider) { diff --git a/packages/hardhat/package.json b/packages/hardhat/package.json index 9cab78c9c..dfdffa969 100644 --- a/packages/hardhat/package.json +++ b/packages/hardhat/package.json @@ -42,7 +42,7 @@ "dependencies": { "@nomicfoundation/hardhat-ethers": "^3.0.0", "@semaphore-protocol/contracts": "4.7.2", - "ethers": "^6.4.0", + "ethers": "^6.13.4", "hardhat-dependency-compiler": "^1.1.3" } } diff --git a/packages/proof/package.json b/packages/proof/package.json index 909e5a7fc..e86da7792 100644 --- a/packages/proof/package.json +++ b/packages/proof/package.json @@ -54,7 +54,7 @@ "@semaphore-protocol/utils": "4.7.2", "@zk-kit/artifacts": "1.8.0", "@zk-kit/utils": "1.2.1", - "ethers": "6.10.0", + "ethers": "6.13.4", "snarkjs": "0.7.4" } } diff --git a/packages/utils/package.json b/packages/utils/package.json index 0855ba8c2..18c3e5b1c 100644 --- a/packages/utils/package.json +++ b/packages/utils/package.json @@ -54,6 +54,6 @@ "rollup-plugin-cleanup": "^3.2.1" }, "dependencies": { - "ethers": "^6.11.1" + "ethers": "^6.13.4" } } diff --git a/yarn.lock b/yarn.lock index a12a3f0bb..7aaad1075 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5,13 +5,6 @@ __metadata: version: 8 cacheKey: 10 -"@adraffy/ens-normalize@npm:1.10.0": - version: 1.10.0 - resolution: "@adraffy/ens-normalize@npm:1.10.0" - checksum: 10/5cdb5d2a9c9f8c0a71a7bb830967da0069cae1f1235cd41ae11147e4000f368f6958386e622cd4d52bf45c1ed3f8275056b387cba28902b83354e40ff323ecde - languageName: node - linkType: hard - "@adraffy/ens-normalize@npm:1.10.1": version: 1.10.1 resolution: "@adraffy/ens-normalize@npm:1.10.1" @@ -7354,7 +7347,7 @@ __metadata: eslint-config-airbnb-typescript: "npm:^17.1.0" eslint-config-prettier: "npm:^9.1.0" eslint-plugin-import: "npm:^2.29.1" - ethers: "npm:^6.4.0" + ethers: "npm:^6.13.4" hardhat: "npm:^2.20.1" hardhat-gas-reporter: "npm:^1.0.8" prettier: "npm:^3.2.5" @@ -7439,7 +7432,7 @@ __metadata: "@rollup/plugin-typescript": "npm:^11.1.6" "@semaphore-protocol/utils": "npm:4.7.2" axios: "npm:1.6.6" - ethers: "npm:6.11.0" + ethers: "npm:6.13.4" rimraf: "npm:^5.0.5" rollup: "npm:^4.12.0" rollup-plugin-cleanup: "npm:^3.2.1" @@ -7467,7 +7460,7 @@ __metadata: "@nomicfoundation/hardhat-ethers": "npm:^3.0.0" "@rollup/plugin-typescript": "npm:^11.1.6" "@semaphore-protocol/contracts": "npm:4.7.2" - ethers: "npm:^6.4.0" + ethers: "npm:^6.13.4" hardhat: "npm:^2.19.4" hardhat-dependency-compiler: "npm:^1.1.3" rimraf: "npm:^5.0.5" @@ -7505,7 +7498,7 @@ __metadata: "@types/snarkjs": "npm:^0" "@zk-kit/artifacts": "npm:1.8.0" "@zk-kit/utils": "npm:1.2.1" - ethers: "npm:6.10.0" + ethers: "npm:6.13.4" rimraf: "npm:^5.0.5" rollup: "npm:^4.12.0" rollup-plugin-cleanup: "npm:^3.2.1" @@ -7522,7 +7515,7 @@ __metadata: dependencies: "@rollup/plugin-json": "npm:^6.1.0" "@rollup/plugin-typescript": "npm:^11.1.6" - ethers: "npm:^6.11.1" + ethers: "npm:^6.13.4" rimraf: "npm:^5.0.5" rollup: "npm:^4.12.0" rollup-plugin-cleanup: "npm:^3.2.1" @@ -8690,10 +8683,12 @@ __metadata: languageName: node linkType: hard -"@types/node@npm:18.15.13": - version: 18.15.13 - resolution: "@types/node@npm:18.15.13" - checksum: 10/b9bbe923573797ef7c5fd2641a6793489e25d9369c32aeadcaa5c7c175c85b42eb12d6fe173f6781ab6f42eaa1ebd9576a419eeaa2a1ec810094adb8adaa9a54 +"@types/node@npm:22.7.5": + version: 22.7.5 + resolution: "@types/node@npm:22.7.5" + dependencies: + undici-types: "npm:~6.19.2" + checksum: 10/e8ba102f8c1aa7623787d625389be68d64e54fcbb76d41f6c2c64e8cf4c9f4a2370e7ef5e5f1732f3c57529d3d26afdcb2edc0101c5e413a79081449825c57ac languageName: node linkType: hard @@ -14852,33 +14847,18 @@ __metadata: languageName: node linkType: hard -"ethers@npm:6.10.0": - version: 6.10.0 - resolution: "ethers@npm:6.10.0" - dependencies: - "@adraffy/ens-normalize": "npm:1.10.0" - "@noble/curves": "npm:1.2.0" - "@noble/hashes": "npm:1.3.2" - "@types/node": "npm:18.15.13" - aes-js: "npm:4.0.0-beta.5" - tslib: "npm:2.4.0" - ws: "npm:8.5.0" - checksum: 10/04fdd3f76ea93a8b45b2fe4d9c8e2bd0d688823faba672897dd19cc3303c202a166902fe6058004562f13aaecf9f77a9f70ff113f995e94107efef2457b016dd - languageName: node - linkType: hard - -"ethers@npm:6.11.0": - version: 6.11.0 - resolution: "ethers@npm:6.11.0" +"ethers@npm:6.13.4, ethers@npm:^6.13.4": + version: 6.13.4 + resolution: "ethers@npm:6.13.4" dependencies: "@adraffy/ens-normalize": "npm:1.10.1" "@noble/curves": "npm:1.2.0" "@noble/hashes": "npm:1.3.2" - "@types/node": "npm:18.15.13" + "@types/node": "npm:22.7.5" aes-js: "npm:4.0.0-beta.5" - tslib: "npm:2.4.0" - ws: "npm:8.5.0" - checksum: 10/c6e5964ceabf2d289f8ae5b16e634995375457a8c5b814ea54799b5a3c951668465adb9b6dda3aea559d9c4fe3faa8297a38651853b54a53de9448663a908f12 + tslib: "npm:2.7.0" + ws: "npm:8.17.1" + checksum: 10/221192fed93f6b0553f3e5e72bfd667d676220577d34ff854f677e955d6f608e60636a9c08b5d54039c532a9b9b7056384f0d7019eb6e111d53175806f896ac6 languageName: node linkType: hard @@ -14920,21 +14900,6 @@ __metadata: languageName: node linkType: hard -"ethers@npm:^6.11.1, ethers@npm:^6.4.0": - version: 6.12.1 - resolution: "ethers@npm:6.12.1" - dependencies: - "@adraffy/ens-normalize": "npm:1.10.1" - "@noble/curves": "npm:1.2.0" - "@noble/hashes": "npm:1.3.2" - "@types/node": "npm:18.15.13" - aes-js: "npm:4.0.0-beta.5" - tslib: "npm:2.4.0" - ws: "npm:8.5.0" - checksum: 10/2995766164292b531499764d319d753b1f4e1cd7ddb4f26c6557a26e42947d5642a4b3bbeace0b8bb398b909dc22fafa4f52d5190a9bb8180bebf2dd3d4d48a9 - languageName: node - linkType: hard - "ethjs-unit@npm:0.1.6": version: 0.1.6 resolution: "ethjs-unit@npm:0.1.6" @@ -21305,7 +21270,7 @@ __metadata: eslint-config-airbnb-typescript: "npm:^17.1.0" eslint-config-prettier: "npm:^9.1.0" eslint-plugin-import: "npm:^2.29.1" - ethers: "npm:^6.4.0" + ethers: "npm:^6.13.4" hardhat: "npm:^2.20.1" hardhat-gas-reporter: "npm:^1.0.8" prettier: "npm:^3.2.5" @@ -21331,7 +21296,7 @@ __metadata: dotenv: "npm:^16.4.5" eslint: "npm:^8" eslint-config-next: "npm:14.1.0" - ethers: "npm:^6.11.1" + ethers: "npm:^6.13.4" next: "npm:14.1.0" next-pwa: "npm:^5.6.0" react: "npm:^18" @@ -21368,7 +21333,7 @@ __metadata: eslint-config-airbnb-typescript: "npm:^17.1.0" eslint-config-prettier: "npm:^9.1.0" eslint-plugin-import: "npm:^2.29.1" - ethers: "npm:^6.4.0" + ethers: "npm:^6.13.4" hardhat: "npm:^2.20.1" hardhat-gas-reporter: "npm:^1.0.8" prettier: "npm:^3.2.5" @@ -21394,7 +21359,7 @@ __metadata: dotenv: "npm:^16.4.5" eslint: "npm:^8" eslint-config-next: "npm:14.1.0" - ethers: "npm:^6.11.1" + ethers: "npm:^6.13.4" next: "npm:14.1.0" next-pwa: "npm:^5.6.0" react: "npm:^18" @@ -25857,7 +25822,7 @@ __metadata: "@types/node": "npm:^20.10.7" "@zk-kit/lean-imt.sol": "npm:2.0.0" chai: "npm:^4.2.0" - ethers: "npm:^6.4.0" + ethers: "npm:^6.13.4" hardhat: "npm:^2.19.4" hardhat-gas-reporter: "npm:^1.0.8" ncp: "npm:^2.0.0" @@ -27935,6 +27900,13 @@ __metadata: languageName: node linkType: hard +"tslib@npm:2.7.0": + version: 2.7.0 + resolution: "tslib@npm:2.7.0" + checksum: 10/9a5b47ddac65874fa011c20ff76db69f97cf90c78cff5934799ab8894a5342db2d17b4e7613a087046bc1d133d21547ddff87ac558abeec31ffa929c88b7fce6 + languageName: node + linkType: hard + "tslib@npm:^1.8.1, tslib@npm:^1.9.3": version: 1.14.1 resolution: "tslib@npm:1.14.1" @@ -28325,6 +28297,13 @@ __metadata: languageName: node linkType: hard +"undici-types@npm:~6.19.2": + version: 6.19.8 + resolution: "undici-types@npm:6.19.8" + checksum: 10/cf0b48ed4fc99baf56584afa91aaffa5010c268b8842f62e02f752df209e3dea138b372a60a963b3b2576ed932f32329ce7ddb9cb5f27a6c83040d8cd74b7a70 + languageName: node + linkType: hard + "undici@npm:^5.12.0, undici@npm:^5.14.0": version: 5.28.4 resolution: "undici@npm:5.28.4" @@ -29762,18 +29741,18 @@ __metadata: languageName: node linkType: hard -"ws@npm:8.5.0": - version: 8.5.0 - resolution: "ws@npm:8.5.0" +"ws@npm:8.17.1": + version: 8.17.1 + resolution: "ws@npm:8.17.1" peerDependencies: bufferutil: ^4.0.1 - utf-8-validate: ^5.0.2 + utf-8-validate: ">=5.0.2" peerDependenciesMeta: bufferutil: optional: true utf-8-validate: optional: true - checksum: 10/f0ee700970a0bf925b1ec213ca3691e84fb8b435a91461fe3caf52f58c6cec57c99ed5890fbf6978824c932641932019aafc55d864cad38ac32577496efd5d3a + checksum: 10/4264ae92c0b3e59c7e309001e93079b26937aab181835fb7af79f906b22cd33b6196d96556dafb4e985742dd401e99139572242e9847661fdbc96556b9e6902d languageName: node linkType: hard