Bump qs, react-scripts and web3

[dependabot]

Bumps qs to 6.14.1 and updates ancestor dependencies qs, react-scripts and web3. These dependencies need to be updated together.

Updates qs from 6.7.0 to 6.14.1

Changelog

Sourced from qs's changelog.

6.14.1

• [Fix] ensure arrayLength applies to [] notation as well
• [Fix] parse: when a custom decoder returns null for a key, ignore that key
• [Refactor] parse: extract key segment splitting helper
• [meta] add threat model
• [actions] add workflow permissions
• [Tests] stringify: increase coverage
• [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

• [New] parse: add throwOnParameterLimitExceeded option (#517)
• [Refactor] parse: use utils.combine more
• [patch] parse: add explicit throwOnLimitExceeded default
• [actions] use shared action; re-add finishers
• [meta] Fix changelog formatting bug
• [Deps] update side-channel
• [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
• [Tests] increase coverage

6.13.1

• [Fix] stringify: avoid a crash when a filter key is null
• [Fix] utils.merge: functions should not be stringified into keys
• [Fix] parse: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset
• [Fix] stringify: ensure a non-string filter does not crash
• [Refactor] use __proto__ syntax instead of Object.create for null objects
• [Refactor] misc cleanup
• [Tests] utils.merge: add some coverage
• [Tests] fix a test case
• [actions] split out node 10-20, and 20+
• [Dev Deps] update es-value-fixtures, mock-property, object-inspect, tape

6.13.0

• [New] parse: add strictDepth option (#511)
• [Tests] use npm audit instead of aud

6.12.3

• [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
• [meta] fix changelog indentation

6.12.2

• [Fix] parse: parse encoded square brackets (#506)
• [readme] add CII best practices badge

6.12.1

• [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)
• [Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)
• [Refactor] utils: use +=
• [Tests] increase coverage

6.12.0

... (truncated)

Commits

• 3fa11a5 v6.14.1
• a626704 [Dev Deps] update npmignore
• 3086902 [Fix] ensure arrayLength applies to [] notation as well
• fc7930e [Dev Deps] update eslint, @ljharb/eslint-config
• 0b06aac [Dev Deps] update @ljharb/eslint-config
• 64951f6 [Refactor] parse: extract key segment splitting helper
• e1bd259 [Dev Deps] update @ljharb/eslint-config
• f4b3d39 [eslint] add eslint 9 optional peer dep
• 6e94d95 [Dev Deps] update eslint, @ljharb/eslint-config, npmignore
• 973dc3c [actions] add workflow permissions
• Additional commits viewable in compare view

Updates react-scripts from 3.4.1 to 5.0.1

Changelog

Sourced from react-scripts's changelog.

3.4.4 (2020-10-20)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.3 to 3.4.4

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.4

or

yarn add --exact react-scripts@3.4.4

3.4.3 (2020-08-12)

v3.4.3 release bumps terser-webpack-plugin to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.2 to 3.4.3

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.3

or

yarn add --exact react-scripts@3.4.3

3.4.2 (2020-08-11)

v3.4.2 release bumps webpack-dev-server to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Commits

• 19fa58d Publish
• 9802941 fix: webpack noise printed only if error or warning (#12245)
• 2eef1d0 Update templates to use React 18 createRoot (#12220)
• 221e511 Publish
• 5614c87 Add support for Tailwind (#11717)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• c7627ce Update webpack and dev server (#11646)
• 544befe Update package.json (#11597)
• Additional commits viewable in compare view

Updates web3 from 1.2.6 to 4.16.0

Release notes

Sourced from web3's releases.

web3-eth@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-eth@4.0.0-alpha.0

web3-core-requestmanager@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-core-requestmanager@4.0.0-alpha.0

web3-providers-http@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-providers-http@4.0.0-alpha.0

web3-providers-base@1.0.0-alpha.1

Changed

• Update version to 1.0.0-alpha.1 for web3-providers-base
• Update version to 4.0.0-alpha.0 for web3-utils in web3-providers-base

web3-utils@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-utils@4.0.0-alpha.0

web3-packagetemplate@1.0.0-alpha.0

Initial alpha release

Install with yarn add web3-packagetemplate@1.0.0-alpha.0

Changelog

Sourced from web3's changelog.

[1.2.6]

Added

• Görli testnet ENS registry added to the known registries (#3338)

Changed

• ENS registry addresses updated (#3353, https://medium.com/the-ethereum-name-service/ens-registry-migration-bug-fix-new-features-64379193a5a)

[1.2.7]

Added

• Add revert reason support to sendSignedTransaction (#3345)
• ENS module extended with the possibility to add a custom registry (#3301)
• Missing ENS Registry methods and Resolver.supportsInterface method added (#3325)
• Add optional gas type to AbiItem typescript definitions (for ABIs generated by Vyper) (#3437)
• Add görli testnet ENS registry to the known registries (#3252)
• Add auto-reconnect option for Websockets (#3092, #1085, #1391, #1558, #1852, #1646)

Changed

• Ensure '0x' prefix is existing for Accounts.sign and Accounts.privateKeyToAccount (#3041)
• Repository cleanup (#3443)
  • Removed old docs/_build folder
  • Removed old bower and meteor artifacts
  • Moved logo assets to own folder
  • Moved github assets to own folder
  • Remove @​types/node from (non-dev) dependency tree (#3965, #3227)
• Please note: Geth v1.9.12 contains a breaking change for eth_call that will not default to your first account anymore if from is not set. If a sender is not explicitly defined, the eth_call will be executed from address(0). (#3467)
  • This was done to avoid the same input behaving differently in different environments. You should never do eth_call without explicitly setting a sender.
  • This means that if you're calling view methods that refer to a msg.sender without explicitly setting a from address in your request options, you may see unexpected behavior.
  • In web3.js, the from address can be specified on a per-call basis or by setting the defaultAccount property.

Fixed

• Add missing subscription.on('connected') TS type definition (#3319)
• Add missing bignumber.js dependency for TS types (#3386)
• Upgrade swarm-js to 0.1.40 to remove npm vulnerability warning (#3399)
• Upgrade devDeps to resolve security warnings (#3464)
  • dtslint 0.4.2 => 3.4.1
  • definitelytyped-header-parser 1.0.1 => 3.9.0
• Race-condition when subscribing to historical logs as first client request (#3389)
• Fix crash when using Web-Workers by removing any-promise dependency (#3377 #2211 #1774)
• MaxListenersExceededWarning event emitter warning mitigated (#1648)

[1.2.8]

Added

... (truncated)

Commits

• aa197b8 add typescript and version bump to changelogs
• 82ceab7 update web3-types
• 2b7cf1c v4.16.0 release
• 926044b chore(deps-dev): bump http-proxy-middleware from 2.0.6 to 2.0.7 (#7407)
• 7a8df69 update typescript version to 5 (#7272)
• 984cb7c chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 (#7404)
• 3b122a2 fix: upgrade @​cookbookdev/docsbot from 4.24.0 to 4.24.4 (#7403)
• 56d4aec Replaces #7390, #7391, & #7400 (#7401)
• 6379aa8 fix: remove force exit from blackbox tests (#7397)
• 5437fbc fix: upgrade @​mdx-js/react from 3.0.1 to 3.1.0 (#7395)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by luu-alex, a new releaser for web3 since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.