UPDATE - Metamask sdk to latest

[Adamj1232]

Description

Update the Metamask SDK dep version to the latest

Checklist

• Increment the version field in package.json of the package you have made changes in following semantic versioning and using alpha release tagging
• Check the box that allows repo maintainers to update this PR
• Test locally to make sure this feature/fix works
• Run yarn check-all to confirm there are not any associated errors
• Confirm this PR passes Circle CI checks
• Add or update relevant information in the documentation

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/[email protected]	None	0	65.2 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	0	11.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	0	31.7 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	+1	248 kB	nicolo-ribaudo
npm/@babel/[email protected]	environment	0	2.41 MB	nicolo-ribaudo
npm/@cosmjs/[email protected]	None	+1	92.9 kB	webmaster128
npm/@cosmjs/[email protected]	Transitive: filesystem, network	+8	18.5 MB	webmaster128
npm/@cosmjs/[email protected]	network Transitive: environment, filesystem	+11	2.45 MB	webmaster128
npm/@ethersproject/[email protected]	None	0	21.7 kB	ricmoo
npm/@lit-labs/[email protected]	None	0	32.5 kB	lit-robot
npm/@noble/[email protected]	None	0	276 kB	paulmillr
npm/@shapeshiftoss/[email protected]	None	+4	1.03 MB	shapeshift-ci-bot
npm/@types/[email protected]	None	0	3.56 MB	types
npm/@types/[email protected]	None	0	28.8 kB	types
npm/@types/[email protected]	None	+3	1.38 MB	types
npm/@types/[email protected]	None	0	18.9 kB	types
npm/@web3-onboard/[email protected]	Transitive: environment, filesystem, network, shell	+43	31.6 MB	cmeisl
npm/@web3-onboard/[email protected]	network Transitive: environment	+24	13 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+16	10.9 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+18	11 MB	cmeisl
npm/@web3-onboard/[email protected]	network	+17	13.5 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+11	1.56 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: environment, eval, filesystem, network, shell	+73	40 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: environment	+37	19.7 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+16	10.8 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: environment, network	+22	12.7 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+16	10.9 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: environment, network	+27	13.2 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: network	+43	28.9 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: environment, network	+33	13.9 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+17	11 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: filesystem, network	+28	16.6 MB	cmeisl
npm/@web3-onboard/[email protected]	None	+15	10.8 MB	cmeisl
npm/@web3-onboard/[email protected]	Transitive: environment, eval, filesystem, network, unsafe	+123	33.7 MB	cmeisl
npm/[email protected]	None	0	9.62 kB	feross
npm/[email protected]	None	0	9.98 kB	junderw
npm/[email protected]	None	0	164 kB	peterolson
npm/[email protected]	None	0	350 kB	mikemcl
npm/[email protected]	environment, filesystem	+1	19.3 kB	tootallnate
npm/[email protected]	None	+1	599 kB	junderw
npm/[email protected]	None	0	7.79 kB	dcousens
npm/[email protected]	None	0	4.38 kB	dcousens
npm/[email protected]	None	0	156 kB	dcposch
npm/[email protected]	None	0	99 kB	fanatid
npm/[email protected]	None	0	217 kB	lancedikson
npm/[email protected]	None	0	3.52 kB	indutny
npm/[email protected]	None	+1	34.6 kB	cwmma
npm/[email protected]	None	0	3.68 kB	cwmma
npm/[email protected]	environment, filesystem	0	62.8 kB	ai
npm/[email protected]	None	+1	13.9 kB	dcousens
npm/[email protected]	None	0	4.79 kB	dcousens
npm/[email protected]	None	0	91.3 kB	feross
npm/[email protected]	None	+1	1.18 MB	dcode
npm/[email protected]	None	+1	39.9 kB	ljharb
npm/[email protected]	None	0	7.45 kB	sindresorhus
npm/[email protected]	None	0	1.88 MB	caniuse-lite
npm/[email protected]	None	0	7.95 kB	cwmma
npm/[email protected]	None	0	15.9 kB	pvorb
npm/[email protected]	None	+1	19.5 kB	alexindigo
npm/[email protected]	None	+2	19 kB	cwmma
npm/[email protected]	None	0	5.81 kB	cwmma
npm/[email protected]	network	0	73.8 kB	lquixada
npm/[email protected]	None	0	22.8 kB	medikoo
npm/[email protected]	environment	+1	49.2 kB	qix
npm/[email protected]	None	0	6.09 kB	samverschueren
npm/[email protected]	None	+1	22.2 kB	mafintosh
npm/[email protected]	None	0	195 kB	kilianvalkhof
npm/[email protected]	None	+2	148 kB	indutny
npm/[email protected]	None	0	6.23 kB	mafintosh
npm/[email protected]	eval	+1	402 kB	medikoo
npm/[email protected]	None	0	315 kB	stefanpenner
npm/[email protected]	None	+2	131 kB	medikoo
npm/[email protected]	Transitive: environment, filesystem, unsafe	+48	7.38 MB	kumavis
npm/[email protected]	None	+15	1.32 MB	gudahtt
npm/[email protected]	None	0	7.29 kB	kumavis
npm/[email protected]	None	0	795 kB	evertonfraga
npm/[email protected]	None	+5	1.65 MB	holgerd77
npm/[email protected]	Transitive: network	+28	17.1 MB	ricmoo
npm/[email protected]	None	+2	244 kB	silentcicero
npm/[email protected]	None	0	82.8 kB	goto-bus-stop
npm/[email protected]	None	+2	18.9 kB	dcousens
npm/[email protected]	None	0	22.8 kB	dap
npm/[email protected]	None	0	39.7 kB	matteo.collina
npm/[email protected]	network	0	28.3 kB	rubenverborgh
npm/[email protected]	eval	+2	65.1 kB	ljharb
npm/[email protected]	None	0	820 kB	dibenede
npm/[email protected]	None	0	20.6 kB	ljharb
npm/[email protected]	None	0	41.7 kB	indutny
npm/[email protected]	None	0	6.8 kB	feross
npm/[email protected]	None	0	3.96 kB	isaacs
npm/[email protected]	None	+5	93.1 kB	ljharb
npm/[email protected]	None	0	4.41 kB	hughsk
npm/[email protected]	None	0	52.9 kB	emn178
npm/[email protected]	None	0	15.1 kB	lydell
npm/[email protected]	None	0	47.4 kB	rekmarks
npm/[email protected]	None	0	2.12 kB	kumavis
npm/[email protected]	None	+1	43.1 kB	ljharb
npm/[email protected]	None	0	12.7 kB	isaacs
npm/[email protected]	None	+1	1.57 MB	fanatid
npm/[email protected]	None	+2	34.4 kB	ralphtheninja
npm/[email protected]	None	0	1.41 MB	bnjmnt4n
npm/[email protected]	environment	0	5.81 kB	zertosh
npm/[email protected]	Transitive: environment	+30	2.94 MB	holgerd77
npm/[email protected]	None	+1	224 kB	dougwilson
npm/[email protected]	None	0	1.55 kB	cwmma
npm/[email protected]	None	0	50.7 kB	ljharb
npm/[email protected]	None	0	424 kB	kkoopa
npm/[email protected]	None	0	7.65 kB	medikoo
npm/[email protected]	environment, filesystem, network, shell, unsafe	+20	1.19 GB	vercel-release-bot
npm/[email protected]	network	0	152 kB	endless
npm/[email protected]	environment, filesystem	0	12.9 kB	vweevers
npm/[email protected]	None	0	34 kB	chicoxyzzy
npm/[email protected]	None	0	5.49 kB	sindresorhus
npm/[email protected]	None	0	4.05 kB	isaacs
npm/[email protected]	None	+1	11.8 kB	sindresorhus
npm/[email protected]	None	+1	62.9 kB	cwmma
npm/[email protected]	None	0	13.8 kB	cwmma
npm/[email protected]	environment	+1	118 kB	ljharb
npm/[email protected]	filesystem, network	+11	15 MB	google-wombot
npm/[email protected]	None	0	6.36 kB	cwmma
npm/[email protected]	environment	+1	4.6 MB	gnoff
npm/[email protected]	environment	0	316 kB	gnoff
npm/[email protected]	environment	+1	137 kB	matteo.collina
npm/[email protected]	None	+1	15.9 kB	dcousens
npm/[email protected]	None	0	49.2 kB	jst5000
npm/[email protected]	None	0	62.9 kB	ralxz
npm/[email protected]	None	0	5.13 MB	blesh
npm/[email protected]	None	0	32.1 kB	feross
npm/[email protected]	None	0	42.3 kB	chalker
npm/[email protected]	None	0	226 kB	ricmoo
npm/[email protected]	None	0	98.8 kB	fippo
npm/[email protected]	None	+1	2.69 MB	fanatid
npm/[email protected]	None	0	8.13 kB	addaleax
npm/[email protected]	None	0	67.1 kB	isaacs
npm/[email protected]	None	0	31.1 kB	dcousens
npm/[email protected]	None	+2	58.4 kB	sindresorhus
npm/[email protected]	None	+1	9.64 kB	sindresorhus
npm/[email protected]	None	+2	17.8 kB	rvagg

🚮 Removed packages: npm/@algolia/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@chakra-ui/[email protected], npm/@chakra-ui/[email protected], npm/@chakra-ui/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@cosmjs/[email protected], npm/@docsearch/[email protected], npm/@docsearch/[email protected], npm/@ethereumjs/[email protected], npm/@ethereumjs/[email protected], npm/@ethereumjs/[email protected], npm/@iconify-json/[email protected], npm/@iconify/[email protected], npm/@jridgewell/[email protected], npm/@jridgewell/[email protected], npm/@lit-labs/[email protected], npm/@metamask/[email protected], npm/@motionone/[email protected], npm/@motionone/[email protected], npm/@motionone/[email protected], npm/@motionone/[email protected], npm/@motionone/[email protected], npm/@noble/[email protected], npm/@noble/[email protected], npm/@nodelib/[email protected], npm/@safe-global/[email protected], npm/@safe-global/[email protected], npm/@shapeshiftoss/[email protected], npm/@solana/[email protected], npm/@sveltejs/[email protected], npm/@sveltejs/[email protected], npm/@svelteness/[email protected], npm/@tailwindcss/[email protected], npm/@toruslabs/[email protected], npm/@toruslabs/[email protected], npm/@toruslabs/[email protected], npm/@toruslabs/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@vitejs/[email protected], npm/@wagmi/[email protected], npm/@walletconnect/[email protected], npm/@walletconnect/[email protected], npm/@walletconnect/[email protected], npm/@walletconnect/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3-onboard/[email protected], npm/@web3auth/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/[email protected]	Install script: postinstall Source: node -e "try{require('./_postinstall')}catch(e){}" || exit 0	Source
Protestware/Troll package	npm/[email protected]	Note: This package prints a protestware console message on install regarding Ukraine for users with Russian language locale	Source
Install scripts	npm/[email protected]	Install script: install Source: npm run rebuild || echo "Secp256k1 bindings compilation fail. Pure JS implementation will be used."	examples/with-nextjs-13/package.json
Install scripts	npm/[email protected]	Install script: install Source: npm run rebuild || echo "Couldn't build bindings. Non-native version used."	examples/with-nextjs-13/package.json
Install scripts	npm/[email protected]	Install script: install Source: npm run rebuild || echo "Secp256k1 bindings compilation fail. Pure JS implementation will be used."	examples/with-nextjs-13/package.json
Git dependency	npm/[email protected]	Dependency: ethereumjs-abi@git+https://github.com/ethereumjs/ethereumjs-abi.git Location: Package overview	Source
Telemetry	npm/[email protected]	Note: Can be disabled by setting the environment variable NEXT_TELEMETRY_DISABLED=1 . See https://nextjs.org/telemetry for more information	examples/with-nextjs-13/package.json

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

What is protestware?

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Consider that consuming this package my come along with functionality unrelated to its primary purpose.

What are git dependencies?

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Publish the git dependency to npm or a private package repository and consume it from there.

What is telemetry?

This package contains telemetry which tracks how it is used.

Most telemetry comes with settings to disable it. Consider disabling telemetry if you do not want to be tracked.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]