Release v11.0.1

[Shaptic]

No description provided.

[github-actions]

Size Change: -198 B (0%)

Total Size: 3.2 MB

Filename	Size	Change
dist/stellar-base.js	2.35 MB	-131 B (0%)
dist/stellar-base.min.js	853 kB	-67 B (0%)

_{compressed-size-action}

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/[email protected]	Transitive: eval, filesystem, network, shell	+5	1.04 MB	nicolo-ribaudo
npm/@babel/[email protected]	environment	+4	114 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	0	64.6 kB	nicolo-ribaudo
npm/@babel/[email protected]	unsafe	+2	164 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	0	11.7 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	0	1.88 MB	nicolo-ribaudo
npm/@babel/[email protected]	None	0	68.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	environment	+3	2.5 MB	nicolo-ribaudo
npm/@jridgewell/[email protected]	None	0	53.2 kB	jridgewell
npm/@jridgewell/[email protected]	None	0	169 kB	jridgewell
npm/@types/[email protected]	None	0	192 kB	types
npm/@types/[email protected]	None	+1	2.09 MB	types
npm/@webassemblyjs/[email protected]	None	+5	431 kB	xtuc
npm/@webassemblyjs/[email protected]	None	+7	391 kB	xtuc
npm/[email protected]	environment, filesystem Transitive: shell	+6	2.4 MB	ai
npm/[email protected]	None	+4	87.8 kB	ljharb
npm/[email protected]	None	0	717 kB	zloirock
npm/[email protected]	None	+2	50.4 kB	ljharb
npm/[email protected]	None	+2	148 kB	indutny
npm/[email protected]	None	+34	2.72 MB	ljharb
npm/[email protected]	filesystem Transitive: environment, shell	+14	793 kB	evilebottnawi
npm/[email protected]	environment, filesystem Transitive: unsafe	+51	7.64 MB	eslintbot
npm/[email protected]	None	0	40.3 kB	webreflection
npm/[email protected]	None	+1	22.7 kB	ljharb
npm/[email protected]	None	0	12 kB	ljharb
npm/[email protected]	None	0	6.03 kB	dcousens
npm/[email protected]	None	+1	40.2 kB	ljharb
npm/[email protected]	None	0	18.7 kB	ljharb
npm/[email protected]	Transitive: filesystem	+5	374 kB	oss-bot
npm/[email protected]	environment, filesystem, shell	+4	52.9 kB	karmarunnerbot
npm/[email protected]	environment, filesystem, network, shell Transitive: eval, unsafe	+73	5.15 MB	karmarunnerbot
npm/[email protected]	Transitive: unsafe	+1	71.4 kB	ljharb
npm/[email protected]	None	+1	19.8 kB	ljharb
npm/[email protected]	None	+1	120 kB	ljharb
npm/[email protected]	Transitive: environment, filesystem	+1	4.49 MB	mafintosh
npm/[email protected]	None	+39	833 kB	ljharb
npm/[email protected]	None	+1	31.3 kB	ljharb
npm/[email protected]	None	0	32.4 MB	typescript-bot
npm/[email protected]	None	+4	92.7 kB	ljharb

🚮 Removed packages: npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@jridgewell/[email protected], npm/@jridgewell/[email protected], npm/@jridgewell/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@webassemblyjs/[email protected], npm/@webassemblyjs/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Debug access	npm/[email protected]	Module: vm Location: Package overview	Source
Debug access	npm/[email protected]	Module: module Location: Package overview	orphan: npm/[email protected]

View full report↗︎

Next steps

What is debug access?

Uses debug, reflection and dynamic code execution features.

Removing the use of debug will reduce the risk of any reflection and dynamic code execution.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]

[sreuland]

does this need to bump it's own version to 11.0.1 ?

[Shaptic]

I could've sworn I did that 🤦 thank you so much, fixed

[sreuland]

is there an approach to test/verify a base version pr branch against js-stellar-sdk locally first, i.e. @stellar/stellar-base: https://github.com/stellar/js-stellar-base.git#v11.0.1, just to confirm js-stellar-sdk builds, passes?

[sreuland]

lgtm!

[Shaptic]

@sreuland good idea! I just confirmed that it worked locally with a gitref to 00cf120.