snyk updates

[seeden]

updated deps
react 17 => 18
rollup 2 => 3
removed lingui plural package
fixed configuration files
updated eslint

[socket-security]

Updated and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
react-router-dom	6.2.1...6.15.0	network	+15/-21	24.2 MB	mjackson
@pmmmwh/react-refresh-webpack-plugin	0.5.4...0.5.11	None	+24/-32	8.32 MB	pmmmwh
@playwright/test	1.31.2...1.37.1	None	+1/-2	10.2 MB	aslushnikov
react-dom	17.0.2...18.2.0	None	+10/-10	6.55 MB	gnoff
webpack-dev-server	4.8.1...4.15.1	network	+23/-29	8.19 MB	evilebottnawi
@types/isomorphic-fetch	0.0.35...0.0.36	None	+0/-0	3.27 kB	types
webpack	5.77.0...5.88.2	None	+19/-23	7.39 MB	thelarkinn
is-electron	2.2.1...2.2.2	None	+0/-0	3.26 kB	cheton
typescript	4.5.4...5.1.6, 4.9.5...5.1.6	None	+0/-0	40.1 MB	typescript-bot
@types/react-router-dom	5.3.2...5.3.3	None	+4/-20	1.46 MB	types
@mui/material	5.13.5...5.14.5	None	+48/-72	58.1 MB	michaldudak
lerna	7.1.3...7.1.5	None	+19/-36	46.7 MB	jameshenry
@types/seedrandom	3.0.1...3.0.5	None	+0/-0	6.1 kB	types
@types/react-redux	7.1.22...7.1.25	None	+6/-8	1.68 MB	types
eslint-config-prettier	8.5.0...8.10.0	None	+5/-8	4.44 MB	lydell
css-loader	6.5.1...6.8.1	None	+21/-25	7.72 MB	evilebottnawi
husky	8.0.0...8.0.3	None	+0/-0	6.44 kB	typicode
history	5.2.0...5.3.0	None	+1/-2	403 kB	mjackson
@emotion/styled	11.10.4...11.11.0	None	+3/-7	1.36 MB	emotion-release-bot
@loadable/component	5.15.2...5.15.3	None	+4/-6	1.29 MB	kashey
@reduxjs/toolkit	1.7.1...1.9.5	None	+10/-8	19.1 MB	acemarke
@types/big.js	6.1.2...6.2.0	None	+0/-0	18.8 kB	types
@emotion/react	11.10.4...11.11.1	None	+2/-6	1.18 MB	emotion-release-bot
@loadable/babel-plugin	5.13.2...5.16.1	None	+3/-9	2.39 MB	kashey
@babel/plugin-transform-runtime	7.22.9...7.22.10	None	+5/-20	3.9 MB	nicolo-ribaudo
@types/react-dom	17.0.11...18.2.7	None	+4/-4	1.48 MB	types
@mui/utils	5.13.1...5.14.5	None	+3/-4	1.8 MB	michaldudak
@mui/styles	5.13.2...5.14.5	None	+15/-24	8.29 MB	michaldudak
html-webpack-plugin	5.5.0...5.5.3	None	+20/-25	7.51 MB	evilebottnawi
react-router	6.2.1...6.15.0	network	+6/-12	8.24 MB	mjackson
@types/jest	29.0.2...29.5.3	None	+30/-72	1.34 MB	types
@babel/core	7.22.9...7.22.10	None	+0/-12	771 kB	nicolo-ribaudo
react-use	17.3.2...17.4.0	None	+15/-21	16.6 MB	streamich
@babel/preset-env	7.22.9...7.22.10	None	+18/-48	6.69 MB	nicolo-ribaudo
react-teleporter	2.2.1...3.1.0	None	+6/-6	9.84 MB	neoziro
qs	6.10.3...6.11.2	None	+0/-0	241 kB	ljharb
babel-plugin-styled-components	2.0.2...2.1.4	eval	+76/-36	37.1 MB	probablyup
@lingui/react	4.2.1...4.4.0	None	+12/-15	1.94 MB	andrii.bodnar
@types/validator	13.7.17...13.11.1	None	+0/-0	70.7 kB	types
@lingui/core	4.2.1...4.4.0	None	+6/-9	901 kB	andrii.bodnar
@mui/lab	5.0.0-alpha.134...5.0.0-alpha.140	None	+26/-38	45.9 MB	michaldudak
@types/lodash	4.14.178...4.14.197	None	+0/-0	863 kB	types
@types/debug	4.1.7...4.1.8	None	+0/-0	7.67 kB	types
@types/react	17.0.38...18.2.20	None	+0/-0	363 kB	types
eslint-plugin-jsx-a11y	6.6.1...6.7.1	None	+10/-14	5.78 MB	ljharb
jest	29.0.3...29.6.3	None	+72/-312	9.23 MB	simenb
@babel/runtime	7.22.6...7.22.10	None	+0/-5	282 kB	nicolo-ribaudo
validator	13.9.0...13.11.0	None	+0/-0	751 kB	profnandaa
@lingui/cli	4.2.1...4.4.0	None	+33/-51	9.65 MB	andrii.bodnar
@mui/icons-material	5.11.16...5.14.3	None	+52/-76	108 MB	diegoandai
styled-components	5.3.3...6.0.7	eval	+76/-36	32.2 MB	probablyup
react-dropzone	11.5.1...14.2.3	None	+6/-9	1.94 MB	rolandjitsu
webpack-cli	4.10.0...5.1.4	None	+25/-29	7.55 MB	evilebottnawi
@lingui/macro	4.2.1...4.4.0	None	+30/-42	8.21 MB	andrii.bodnar
react	17.0.2...18.2.0	None	+0/-0	316 kB	gnoff
terser-webpack-plugin	5.3.0...5.3.9	None	+19/-23	7.39 MB	evilebottnawi
@walletconnect/utils	2.9.0...2.10.0	None	+1/-1	1.09 MB	gancho_walletconnect
eslint	8.30.0...8.47.0	None	+4/-7	4.42 MB	eslintbot
stacktrace-gps	3.0.4...3.1.2	None	+0/-0	166 kB	eriwen
@walletconnect/types	2.9.0...2.10.0	None	+0/-0	237 kB	gancho_walletconnect
@walletconnect/sign-client	2.9.0...2.10.0	None	+4/-4	4.84 MB	gancho_walletconnect
@electron/remote	2.0.1...2.0.10, 2.0.8...2.0.10	None	+2/-6	1.73 MB	electron-cfa
bignumber.js	9.0.2...9.1.1	None	+0/-0	350 kB	mikemcl
react-redux	7.2.6...8.1.2	None	+36/-28	23.6 MB	phryneas
@svgr/rollup	6.2.0...8.1.0	None	+28/-25	7.18 MB	neoziro
copy-webpack-plugin	10.2.0...11.0.0	None	+21/-26	7.5 MB	evilebottnawi
electron-winstaller	5.0.0...5.1.0	None	+0/-9	30 MB	electron-cfa
eslint-config-airbnb-typescript	17.0.0...17.1.0	None	+8/-20	5.7 MB	iamturns
source-map-loader	3.0.2...4.0.1	None	+20/-24	7.42 MB	evilebottnawi
@rollup/plugin-babel	5.3.0...6.0.3	None	+15/-35	4.23 MB	shellscape
style-loader	3.3.1...3.3.3	None	+20/-24	7.45 MB	evilebottnawi
redux	4.1.2...4.2.1	None	+1/-2	457 kB	acemarke
rollup-plugin-node-externals	3.1.2...6.1.1	None	+0/-0	19.3 kB	septh
@rollup/plugin-json	4.1.0...6.0.0	None	+4/-8	135 kB	shellscape
@fontsource/roboto	4.5.1...5.0.8	None	+0/-0	1.68 MB	lotusdevshack
electron	25.4.0...26.0.0	None	+0/-4	830 kB	electron-nightly
@rollup/plugin-alias	3.1.9...5.0.0	None	+0/-2	15.3 kB	shellscape
@svgr/webpack	6.2.0...8.1.0	None	+26/-23	7.12 MB	neoziro
eslint-plugin-unicorn	45.0.2...48.0.1	None	+6/-9	5.08 MB	sindresorhus
babel-loader	9.1.2...9.1.3	None	+23/-25	8.21 MB	nicolo-ribaudo
eslint-plugin-react	7.31.11...7.33.2	None	+18/-8	5.55 MB	ljharb
prettier	2.8.1...2.8.8	None	+0/-0	11.2 MB	prettier-bot
dotenv	14.2.0...16.3.1	None	+0/-0	71.6 kB	motdotla
react-hook-form	7.41.5...7.45.4	network	+3/-3	1.8 MB	bluebill1049
@rollup/plugin-commonjs	21.0.1...25.0.4	None	+15/-25	2.52 MB	shellscape
eslint-plugin-import	2.26.0...2.28.1	None	+7/-8	5.67 MB	ljharb
react-virtuoso	4.3.5...4.5.0	None	+3/-3	5.16 MB	petyosi
terser	5.14.2...5.19.2	None	+0/-0	2.1 MB	fabiosantoscode
playwright	1.31.2...1.37.1	None	+1/-1	7.34 MB	aslushnikov

🚮 Removed packages: @rollup/[email protected], @types/[email protected], @types/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @vitejs/[email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue	Package	Version	Note	Source
Protestware/Troll package	styled-components	6.0.7	Note: This package prints a protestware console message regarding Ukraine for users with Russian language locale	@chia-network/[email protected], @mui/[email protected], [email protected] via packages/core/package.json packages/core/package.json @chia-network/[email protected], @chia-network/[email protected], @chia-network/[email protected], @mui/[email protected], [email protected] via packages/gui/package.json packages/gui/package.json @mui/[email protected], [email protected] via packages/icons/package.json packages/icons/package.json @chia-network/[email protected], @chia-network/[email protected], @mui/[email protected], [email protected] via packages/wallets/package.json packages/wallets/package.json

Next steps

What is protestware and troll packages?

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Consider that consuming this package my come along with functionality unrelated to its primary purpose.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore [email protected]