Skip to content

fix: add direct dependency on bigint-buffer #453

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix: add direct dependency on bigint-buffer #453

wants to merge 3 commits into from
+782 −31

Conversation

jazz-cb
Copy link
Contributor

@jazz-cb jazz-cb commented Sep 23, 2025

Description

Tests

Checklist

A couple of things to include in your PR for completeness:

  • Updated the typescript README if relevant
  • Updated the python README if relevant
  • Added a changelog entry
  • Added e2e tests if introducing new functionality

@cb-heimdall
Copy link

cb-heimdall commented Sep 23, 2025
edited
Loading

🟡 Heimdall Review Status

Requirement Status More Info
Reviews 🟡 0/1
Denominator calculation
Show calculation
1 if user is bot 0
1 if user is external 0
2 if repo is sensitive 0
From .codeflow.yml 1
Additional review requirements
Show calculation
Max 0
0
From CODEOWNERS 0
Global minimum 0
Max 1
1
1 if commit is unverified 0
Sum 1

@jazz-cb jazz-cb requested a review from 0xRAG September 23, 2025 23:04
0xRAG
0xRAG reviewed Sep 24, 2025
View reviewed changes
typescript/.changeset/short-taxes-eat.md
"@coinbase/cdp-sdk": patch
---

Create direct dependency for a vulnerable package
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might sound a bit better to say something like

Suggested change
Create direct dependency for a vulnerable package
Create direct dependency to patch a vulnerable package

0xRAG
0xRAG reviewed Sep 24, 2025
View reviewed changes
typescript/src/package.json
"viem": "^2.21.26",
"zod": "^3.24.4"
"zod": "^3.24.4",
"bigint-buffer": "npm:bigint-buffer-fixed@^1.1.6"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: can we alphabetize (pnpm will do it automatically if you run pnpm add bigint-buffer@npm:bigint-buffer-fixed@^1.1.6 from typescript/src

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0xRAG 0xRAG 0xRAG left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jazz-cb @cb-heimdall @0xRAG