Bump lodash from 4.17.21 to 4.18.1 in /hardhat in the npm_and_yarn group across 1 directory#5
Open
dependabot[bot] wants to merge 1 commit into
Conversation
e0bfb3f to
fa7b8b3
Compare
Bumps the npm_and_yarn group with 1 update in the /hardhat directory: [lodash](https://github.com/lodash/lodash). Updates `lodash` from 4.17.21 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
fa7b8b3 to
2c48744
Compare
Santiagocetran
added a commit
to Santiagocetran/DevNet
that referenced
this pull request
Jul 8, 2026
…teZeroFoundation#2, InfiniteZeroFoundation#3, InfiniteZeroFoundation#5 in connect-wallet Bugs InfiniteZeroFoundation#2/InfiniteZeroFoundation#3 both touch connect_wallet and InfiniteZeroFoundation#3/InfiniteZeroFoundation#5 share the _get_password signature + a new _UNSET sentinel, so they land together as one coherent, cherry-pickable unit rather than incoherent split commits. InfiniteZeroFoundation#2 — overwrite guard: connect-wallet now confirms before overwriting an existing named keystore, with --yes/-y to bypass (mirrors send-eth). `yes` is normalized to a real bool so direct callers that omit it (which receive a truthy OptionInfo) don't silently skip the guard. Keystore non-secret validation (exists/parse/_extract_keystore) is hoisted above the guard; the passphrase getpass + decrypt stay after it, so no secret is requested before the overwrite decision and a doomed --keystore fails fast without prompting. Guard keys on the exact target file; a legacy wallet.json for 'default' is a non-destructive migration and intentionally not guarded. Docstring corrected: demo mode is config-driven, not tied to --yes. InfiniteZeroFoundation#3 — new-wallet password: _get_password gains is_new_wallet; when creating or overwriting a wallet the in-memory cache is skipped so a fresh keystore is never silently encrypted with a stale cached password. DIN_WALLET_PASSWORD env is still honored (deliberate automation path); only the cache is ignored. InfiniteZeroFoundation#5 — single .env parse per unlock: load_account fetches DIN_WALLET_PASSWORD once and threads it into _get_password/_cache_password_in_memory via an _UNSET sentinel, instead of each self-parsing .env (get_env_key is not memoized). Callers that omit env_pass self-fetch as before. Adds 7 tests: overwrite guard (omitted-yes/decline/accept/--yes/doomed-input), stale-cache-not-reused on create, and single-env-parse on unlock.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 1 update in the /hardhat directory: lodash.
Updates
lodashfrom 4.17.21 to 4.18.1Release notes
Sourced from lodash's releases.
Commits
cb0b9b9release(patch): bump main to 4.18.1 (#6177)75535f5chore: prune stale advisory refs (#6170)62e91bcdocs: remove n_ Node.js < 6 REPL note from README (#6165)59be2derelease(minor): bump to 4.18.0 (#6161)af63457fix: broken tests for _.template 879aaa91073a76fix: linting issues879aaa9fix: validate imports keys in _.templatefe8d32efix: block prototype pollution in baseUnset via constructor/prototype traversal18ba0a3refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)b819080ci: add dist sync validation workflow (#6137)