Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump jsonwebtoken and tronweb #18

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump jsonwebtoken and tronweb #18

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 22, 2022

Removes jsonwebtoken. It's no longer used after updating ancestor dependency tronweb. These dependencies need to be updated together.

Removes jsonwebtoken

Updates tronweb from 3.2.6 to 5.0.0

Release notes

Sourced from tronweb's releases.

v5.0.0

  • Add tronWeb.utils.transaction lib to serialize and deserialize transaction
  • Add tronWeb.utils.transaction.txJsonToPb function to convert transaction json to protobuf
  • Add tronWeb.utils.transaction.txPbToTxID function to get txID from transaction protobuf
  • Support new transaction builder createAccount

v4.4.0

  • Support createRandom and fromMnemonic function
  • Add tronWeb.utils.message lib, which includes hashMessage, signMessage and verifyMessage
  • Add signMessageV2 and verifyMessageV2 in tronWeb.trx lib which can support plain text signature and verification
  • Add size filter for event watch

v4.3.0

  • Support _signTypedData and verifyTypedData

v4.2.0

  • Add the name key when the call() and send() methods has only one return value
  • Optimize the TriggerConstantContract() method
  • Update axios to version 0.26.1
  • Update karma to version 6.3.17
  • Update puppeteer to version 13.5.1

v4.1.0

  • add encodeParamsV2ByABI and decodeParamsV2ByABI functions in tronWeb.utils.abi lib
  • support abi v2 for triggerSmartContract, createSmartContract, call and send method
  • update validator to version 13.7.0
  • update axios to version 0.24.0
  • update discord group link

v4.0.1

  • set _isConstant as true for call method
  • ignore max feeLimit check
  • change git repository url

v4.0.0

  • support broadcastHex method
  • ignore fullnode version check when calling createToken method
  • update dependencies version
  • add strict mode for pkToAddress method
  • note that bignumber.js is updated to v9.0.1, which is a breaking change. If you get a result after triggerConstantContract or call method, do not use tronWeb.BigNumber(result) which will get null. You can use tronWeb.toBigNumber(result) or tronWeb.BigNumber(result._hex)

v3.2.7

  • Add options rawParameter that format of the parameters method and args when creating or triggering a contract
  • Update elliptic to the latest version 6.5.4
  • Update validator to the latest version 13.6.0
Commits
  • b1c2e92 Merge pull request #328 from tronprotocol/release/v5.0.0
  • 124fdca v5.0.0 transaction
  • 2f4b001 Merge pull request #293 from tronprotocol/release_v4.4.0
  • 4aca621 Merge pull request #292 from tronprotocol/feature/v4.4.0
  • 711a466 update feature list in readme
  • 63c1570 Merge pull request #290 from tronprotocol/feature/v4.4.0
  • 53a52d8 revert callstatic
  • 9738d6a Merge pull request #285 from tronprotocol/feature/v4.4.0
  • 72f87cb set options as default empty object for verifyMessage2 and format code
  • 32d03b8 Merge pull request #284 from tronprotocol/feature/v4.4.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump jsonwebtoken and tronweb
7f20604 
Removes [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken). It's no longer used after updating ancestor dependency [tronweb](https://github.com/tronprotocol/tronweb). These dependencies need to be updated together.


Removes `jsonwebtoken`

Updates `tronweb` from 3.2.6 to 5.0.0
- [Release notes](https://github.com/tronprotocol/tronweb/releases)
- [Commits](tronprotocol/tronweb@v3.2.6...v5.0.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: indirect
- dependency-name: tronweb
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants