[Snyk] Upgrade: , , hardhat

[EijuArai]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@nomicfoundation/hardhat-foundry
from 1.1.1 to 1.1.2 | 1 version ahead of your current version | 4 months ago
on 2024-05-14
@openzeppelin/contracts
from 4.9.3 to 4.9.6 | 3 versions ahead of your current version | 7 months ago
on 2024-02-29
hardhat
from 2.22.5 to 2.22.9 | 4 versions ahead of your current version | a month ago
on 2024-08-21

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Out-of-bounds Read SNYK-JS-OPENZEPPELINCONTRACTS-6346765	65	No Known Exploit

Release notes

Package name: @nomicfoundation/hardhat-foundry

• 1.1.2 - 2024-05-14
• 1.1.1 - 2023-08-28

from @nomicfoundation/hardhat-foundry GitHub release notes

Package name: @openzeppelin/contracts

• 4.9.6 - 2024-02-29
  
  • Base64: Fix issue where dirty memory located just after the input buffer is affecting the result. (#4929)
• 4.9.5 - 2023-12-08
  
  • Multicall: Make aware of non-canonical context (i.e. msg.sender is not _msgSender()), allowing compatibility with ERC2771Context. Patch duplicated Address.functionDelegateCall in v4.9.4 (removed).
• 4.9.4 - 2023-12-07
  
  • ERC2771Context and Context: Introduce a _contextPrefixLength() getter, used to trim extra information appended to msg.data.
  • Multicall: Make aware of non-canonical context (i.e. msg.sender is not _msgSender()), allowing compatibility with ERC2771Context.
• 4.9.3 - 2023-07-28
  

  Note
  This release contains a fix for GHSA-g4vp-m682-qqmp.

  • ERC2771Context: Return the forwarder address whenever the msg.data of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes), as specified by ERC-2771. (#4481)
  • ERC2771Context: Prevent revert in _msgData() when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. msg.data.length is less than 20 bytes). Return the full calldata in that case. (#4484)

from @openzeppelin/contracts GitHub release notes

Package name: hardhat

• 2.22.9 - 2024-08-21
  

  This is a small bug fix release remove a warning message against the local Hardhat node when deploying with Hardhat Ignition.

  Changes

  • 6771f00: Do not send http_setLedgerOutputEnabled messages beyond the HTTP Provider to prevent unwanted warnings in the logs of the local hardhat node

  ---

  💡 The Nomic Foundation is hiring! Check our open positions.

  ---

• 2.22.8 - 2024-08-07
  

  This is a small bug fix release to resolve a bug with large responses from debug_traceTransaction.

  Changes

  • f5d5d15: Fixed an issue with debug_traceTransaction when large responses were generated
  • 31d9d77: Upgraded EDR to v0.5.2

  ---

  💡 The Nomic Foundation is hiring! Check our open positions.

  ---

• 2.22.7 - 2024-07-30
• 2.22.6 - 2024-07-01
• 2.22.5 - 2024-06-03

from hardhat GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs