openzeppelin-contracts

openzeppelin-contracts copied to clipboard

PR Checklist

• [x] Tests

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script confusion	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] [email protected]

Powered by socket.dev

Inspected the above postinstall scripts and they're safe.

I would like us to review the "mock" name and switch to a new one. Maybe we can just rename everything to Test instead of Mock.

See https://github.com/OpenZeppelin/openzeppelin-contracts/issues/1320

FYI, just don't underestimate this breaking change - it will break many of my unit tests since I pull some of your (here deleted) mocks via submodules. So once you merge this PR to master and I update the submodules it will break (i.e. before you make a new release). Just wanted to quickly make you aware of this.

@pcaversaccio Thanks for the heads up. We don't guarantee stability of mocks at all. You should try to remove that dependency if possible.

LGTM

Congrats, your important contribution to this open-source project has earned you a GitPOAP!

GitPOAP: 2023 OpenZeppelin Contracts Contributor:

Head to gitpoap.io & connect your GitHub account to mint!

Learn more about GitPOAPs here.