[Snyk] Upgrade: ethereum-cryptography, ethers, hardhat-ignore-warnings, merkletreejs, node-fetch, solmate, workerpool

[X-oss-byte]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

ethereum-cryptography
from 1.1.2 to 1.2.0 | 1 version ahead of your current version | 2 years ago
on 2023-02-06
ethers
from 5.7.1 to 5.7.2 | 1 version ahead of your current version | 2 years ago
on 2022-10-19
hardhat-ignore-warnings
from 0.2.8 to 0.2.11 | 3 versions ahead of your current version | 6 months ago
on 2024-03-13
merkletreejs
from 0.2.32 to 0.4.0 | 13 versions ahead of your current version | 3 months ago
on 2024-07-02
node-fetch
from 2.6.7 to 2.7.0 | 7 versions ahead of your current version | a year ago
on 2023-08-23
solmate
from 6.6.1 to 6.7.0 | 1 version ahead of your current version | 2 years ago
on 2023-01-31
workerpool
from 6.2.1 to 6.5.1 | 7 versions ahead of your current version | a year ago
on 2023-10-11

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Use of Weak Hash SNYK-JS-CRYPTOJS-6028119	574	No Known Exploit

Release notes

Package name: ethereum-cryptography

• 1.2.0 - 2023-02-06
  
  • AES bugfixes
  • Expose scrypt onProgress callback
  • Bump dependencies

  New Contributors

  • @ 1997roylee made their first contribution in #53

  Full Changelog: 1.1.2...1.2.0

• 1.1.2 - 2022-07-14
  

  What's Changed

  • Bump noble-secp to 1.6.3, update all devDependencies by @ paulmillr in #50

  Full Changelog: 1.1.1...1.1.2

from ethereum-cryptography GitHub release notes

Package name: ethers

• 5.7.2 - 2022-10-19
• 5.7.1 - 2022-09-14

from ethers GitHub release notes

Package name: merkletreejs

• 0.4.0 - 2024-07-02
• 0.3.11 - 2023-10-30
• 0.3.10 - 2023-04-24
• 0.3.9 - 2022-12-01
• 0.3.8 - 2022-11-20
• 0.3.7 - 2022-11-18
• 0.3.6 - 2022-11-18
• 0.3.5 - 2022-11-17
• 0.3.4 - 2022-11-17
• 0.3.3 - 2022-11-14
• 0.3.2 - 2022-11-11
• 0.3.1 - 2022-11-10
• 0.3.0 - 2022-10-27
• 0.2.32 - 2022-06-18

from merkletreejs GitHub release notes

Package name: node-fetch

• 2.7.0 - 2023-08-23
  

  2.7.0 (2023-08-23)

  Features

  • AbortError (#1744) (9b9d458)
• 2.6.13 - 2023-08-18
  

  2.6.13 (2023-08-18)

  Bug Fixes

  • Remove the default connection close header (#1765) (65ae25a), closes #1735 #1473 #1736
• 2.6.12 - 2023-06-29
  

  2.6.12 (2023-06-29)

  Bug Fixes

  • socket variable testing for undefined (#1726) (8bc3a7c)
• 2.6.11 - 2023-05-09
  

  2.6.11 (2023-05-09)

  Reverts

  • Revert "fix: handle bom in text and json (#1739)" (#1741) (afb36f6), closes #1739 #1741
• 2.6.10 - 2023-05-08
  

  2.6.10 (2023-05-08)

  Bug Fixes

  • handle bom in text and json (#1739) (29909d7)
• 2.6.9 - 2023-01-30
  

  2.6.9 (2023-01-30)

  Bug Fixes

  • "global is not defined" (#1704) (70f592d)
• 2.6.8 - 2023-01-13
  

  2.6.8 (2023-01-13)

  Bug Fixes

  • headers: don't forward secure headers on protocol change (#1605) (fddad0e), closes #1599
  • premature close with chunked transfer encoding and for async iterators in Node 12 (#1172) (50536d1), closes #1064 /github.com/node-fetch/node-fetch/pull/1064#issuecomment-849167400
  • prevent hoisting of the undefined global variable in browser.js (#1534) (8bb6e31)
• 2.6.7 - 2022-01-16

from node-fetch GitHub release notes

Package name: solmate

• 6.7.0 - 2023-01-31
• 6.6.1 - 2022-09-08

from solmate GitHub release notes

Package name: workerpool

• 6.5.1 - 2023-10-11
  

  chore: publish v6.5.1

• 6.5.0 - 2023-09-13
  

  chore: publish v6.5.0

• 6.4.2 - 2023-08-21
  

  chore: publish v6.4.2

• 6.4.1 - 2023-08-17
  

  chore: publish v6.4.1

• 6.4.0 - 2023-02-24
  

  Merge remote-tracking branch 'origin/master'

• 6.3.1 - 2022-11-07
  

  Upgrade Github actions scripts to v3

• 6.3.0 - 2022-10-24
  

  Publish v6.3.0, and update devDependencies

• 6.2.1 - 2022-04-11
  

  Merge remote-tracking branch 'origin/master'

from workerpool GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 255470b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.