Skip to content
This repository has been archived by the owner on Aug 6, 2020. It is now read-only.

Bump @openzeppelin/upgrades from 2.6.0 to 2.7.1 #63

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps @openzeppelin/upgrades from 2.6.0 to 2.7.1.

Release notes

Sourced from @openzeppelin/upgrades's releases.

v2.7.1

This patch release add support for node 13.

Changelog

Fixed

  • Update gRPC dependency to support node 13. (#1450)

v2.7.0

This release includes many new features and bugfixes, including Solidity 0.6 support, generation of typechain artifacts, and improvements around the oz compile command.

Solidity 0.6 support

This release has full support for the Solidity 0.6 version, which includes compiling, deploying, and interacting with contracts written with this version. Furthermore, the Initializable base contract has been tuned so it can be used with the 0.4, 0.5, and 0.6 compilers.

Typechain

The CLI can now generate typechain artifacts for your contracts, making it easier to use your projects in a typescript project. To enable it, just ensure you have a tsconfig.json at the root of your project, and both oz init and oz compile will ask you whether you want to enable typechain support.

Compiler

We made a few changes to how we handle imports in our compiler. The result is that we now have faster CLI response times, especially in large projects when we need to check whether there is anything to compile or not. We have also fixed issues that occurred when there were duplicate contract names, and removed support for ambiguous import paths. We are now also using our CLI to compile the contracts that are part of the SDK itself!

Changelog

Added

  • Support for processing ABIs in contract artifacts compiled with Solidity 0.6. (#1362)
  • Initializable contract can now be compiled in both Solidity 0.5 and 0.6. (#1413)
  • Generate typechain contract wrappers in a typescript project. (#1285)
  • Add path property to network.js config file, to be used together with protocol, host, and port. Add url shorthand property as well. (#1386)
  • Support for tuple parameters when calling methods in interactive commands such as send-tx, create, or upgrade. (#1333)
  • Solidity libraries in a project can now recursively link to other Solidity libraries. (#1252) (thanks @asselstine!)
  • Add new blockTimeout command-line option that sets web3#transactionBlockTimeout. (#1402)
  • Warn when importing @openzeppelin/contracts instead of @openzeppelin/contracts-ethereum-package. (#1335)

Fixed

  • Check for parameterless constructors in ancestor contracts when validating an upgradeable contract. (#1385)
  • Abort interactive create or upgrade processes on contract validation errors, such as having a constructor. (#1382)
  • Load gas and gasPrice from network configuration file. (#1345)
  • Command-line option timeout now properly sets web3#transactionPollingTimeout. (#1402)
  • Sort commands in alphabetical order for --help. (#1321)
  • Prevent corruption of compiled artifacts if there are multiple contracts with the same name. (#1296)
  • Ensure relative paths are stored in project configuration file. (#1384)
  • Improve error message if no networks are set in network.js configuration file. (#1394)

Changed

  • Trimmed the API of the ZWeb3 object to remove methods duplicated from web3.js. (#1369)
  • [breaking] Remove support for ambiguous Solidity imports relative to the current file not starting with a dot, to prevent corrupted artifacts. Warn when duplicate contract names are found. (#1411)
  • Use solidity fuzzy-import parser, to speed up nothing-to-compile checks by a 40%, and lazy-load truffle-flattener to decrease CLI startup time. (#1291)
  • Disable interactivity if stdin is not a terminal. (#1299)
... (truncated)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Mar 1, 2020
@dependabot-preview
Copy link
Contributor Author

Superseded by #66.

@dependabot-preview dependabot-preview bot deleted the dependabot/npm_and_yarn/openzeppelin/upgrades-2.7.1 branch April 1, 2020 08:51
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants