[Snyk] Upgrade libp2p from 0.36.2 to 0.42.2

[snyk-bot]

Snyk has created this PR to upgrade libp2p from 0.36.2 to 0.42.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 136 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2023-01-18.

Release notes

Package name: libp2p

• 0.42.2 - 2023-01-18
  

  Bug Fixes

  • allow configuring circuit stream limits (#1542) (f82e6b8)
  • allow dialing multiaddrs without peer ids (#1548) (398e231)
  • allow exporting PeerIds from the keychain (#1546) (141e072)
  • allow reading PeerId from keychain (#1552) (0831cd9)
  • do not append peer id to path addresses (#1547) (bd2bdf7)
  • improve pubsub example (#1549) (ba8527c)
• 0.42.2-f6f73a21 - 2023-02-16
• 0.42.2-e12202e9 - 2023-02-08
• 0.42.2-deaa1488 - 2023-02-01
• 0.42.2-da3526c0 - 2023-03-17
• 0.42.2-d6c86015 - 2023-03-14
• 0.42.2-d605cbe3 - 2023-03-02
• 0.42.2-c02e1bd4 - 2023-02-06
• 0.42.2-b0855622 - 2023-03-14
• 0.42.2-75d5a36f - 2023-03-14
• 0.42.2-746e2eab - 2023-02-28
• 0.42.2-5e63ee2d - 2023-03-17
• 0.42.2-593deefe - 2023-03-02
• 0.42.2-45fc415b - 2023-02-21
• 0.42.2-064035eb - 2023-03-14
• 0.42.2-001af1f7 - 2023-03-14
• 0.42.1-f82e6b86 - 2023-01-17
• 0.42.1-c6718b2e - 2023-01-12
• 0.42.1-bd2bdf7c - 2023-01-16
• 0.42.1-9a6022b7 - 2023-01-12
• 0.42.1-79005f31 - 2023-01-17
• 0.42.1-5cf7f487 - 2023-01-16
• 0.42.1-3a022ff2 - 2023-01-12
• 0.42.1-2dac4be2 - 2023-01-13
• 0.42.1-141e0722 - 2023-01-16
• 0.42.1-54149530 - 2023-01-17
• 0.42.0 - 2023-01-11
  

  ⚠ BREAKING CHANGES

  • update multiformats (#1535)
  • the FaultTolerance enum should now be imported from @ libp2p/interface-transport
  • the connection manager and registrar are internal types and as such not part of the libp2p interface, instead use the methods exposed on the root libp2p type for obtaining connections and protocols (see the upgrade guide)

  Bug Fixes

  • add getProtocols method (#1523) (57a56aa)
  • add register and unregister methods to root node object (#1536) (bdf53ae)
  • close short-lived connections first when pruning by tag value (#1517) (40fe372), closes #1509
  • expose identify service properties (#1529) (43d0bc6)
  • forward connection manager events on and update types (#1524) (58cc480)
  • only configure the latency monitor if a limit is configured (#1527) (1147550)
  • remove transport manager from exports map (#1525) (d77405c)
  • revert config changes from #1520 (#1522) (2fa2893)
  • update docs (#1520) (3e53c19)
  • update multiformats (#1535) (ea8f279)
• 0.42.0-a61e4014 - 2023-01-11
• 0.41.0 - 2022-12-08
  

  ⚠ BREAKING CHANGES

  • libp2p.hangUp and libp2p.fetch require PeerId or Multiaddr objects the same as other methods
  • the libp2p opts have changed to accept a metrics object factory function instead of a config object

  Features

  • allow skipping upgrade steps for incoming connections (#1502) (987c738)
  • configure metrics implementation as a module instead of shipping a built-in version (#1471) (5e9dcf3)
  • start libp2p nodes by default (#1500) (61fcc0b), closes #1499

  Bug Fixes

  • allow listening on duplicate addresses (#1472) (030dbc8)
  • dialling duplicated addresses (#1489) (9fd58c8), closes #1409
  • pipe muxer/connection input/output streams in parallel (#1491) (fb5fa3d), closes #1342
  • registrar is not calling topology on peer reconnect (#1504) (5a62f4f), closes #1496
  • remove strings from fetch and hangUp (#1495) (bae32ba)
  • when passed a multiaddr, only dial that multiaddr (#1498) (d01c37e)
• 0.41.0-ea8f279 - 2023-01-07
• 0.41.0-d77405c - 2022-12-21
• 0.41.0-bdf53ae - 2023-01-07
• 0.41.0-a346e14 - 2023-01-10
• 0.41.0-58cc480 - 2022-12-21
• 0.41.0-57a56aa - 2022-12-21
• 0.41.0-43d0bc6 - 2022-12-22
• 0.41.0-40fe372 - 2023-01-04
• 0.41.0-3e8501d - 2023-01-10
• 0.41.0-3e53c19 - 2022-12-20
• 0.41.0-340e2dd - 2022-12-21
• 0.41.0-2fa2893 - 2022-12-21
• 0.41.0-1b30f81 - 2022-12-13
• 0.41.0-19e96cc - 2022-12-19
• 0.41.0-1147550 - 2022-12-21
• 0.40.0 - 2022-10-17
  

  Upgrading

  Please see the migration guide for upgrading to this release: doc/migrations/v0.37-v0.40.md

  ⚠ BREAKING CHANGES

  • libp2p no longer automatically dials every discovered peer
    • to replicate the old behaviour, listen for 'peer:discovery' events and dial peers manually
  • modules no longer implement Initializable instead switching to constructor injection
    • details in: remove @ libp2p/components (#1427) (a3847f2)

  Features

  • allow skipping encryption and custom muxer factory in upgrader (#1411) (6615efa)
  • deny incoming connections and add allow/deny lists (#1398) (c185ef5)

  Bug Fixes

  • add after upgrade inbound method (#1422) (487b942)
  • add pending connection limit (#1423) (b717beb)
  • close stream after sending identify (#1424) (a74d22a)
  • do not auto-dial peers (#1397) (ca30192)
  • enable identify service all the time (#1440) (931e042)
  • regenerate protobuf defs (#1439) (e10eea2)
  • remove @ libp2p/components (#1427) (a3847f2)
• 0.40.0-fed012d - 2022-11-17
• 0.40.0-fb5fa3d - 2022-11-24
• 0.40.0-f94a113 - 2022-10-27
• 0.40.0-d8b7311 - 2022-10-24
• 0.40.0-ce67083 - 2022-11-21
• 0.40.0-bae32ba - 2022-11-25
• 0.40.0-a98b377 - 2022-11-07
• 0.40.0-9fd58c8 - 2022-11-25
• 0.40.0-99446ff - 2022-12-06
• 0.40.0-8f4cfa1 - 2022-11-25
• 0.40.0-61fcc0b - 2022-11-30
• 0.40.0-5a62f4f - 2022-12-01
• 0.40.0-49b848b - 2022-11-22
• 0.40.0-2d984ed - 2022-12-06
• 0.40.0-030dbc8 - 2022-11-17
• 0.40.0-028f508 - 2022-11-15
• 0.40.0-9865052 - 2022-11-07
• 0.39.5 - 2022-10-05
  

  Bug Fixes

  • stub new connection manager accept incoming connection method (#1404) (5ad175c)
• 0.39.5-f4b1f54 - 2022-10-14
• 0.39.5-e10eea2 - 2022-10-14
• 0.39.5-ca30192 - 2022-10-06
• 0.39.5-c69e452 - 2022-10-17
• 0.39.5-c185ef5 - 2022-10-06
• 0.39.5-a74d22a - 2022-10-14
• 0.39.5-90d3528 - 2022-10-05
• 0.39.5-6a8aead - 2022-10-05
• 0.39.5-6615efa - 2022-10-07
• 0.39.5-487b942 - 2022-10-11
• 0.39.5-25d935e - 2022-10-11
• 0.39.5-14acff5 - 2022-10-11
• 0.39.4 - 2022-10-04
  

  Bug Fixes

  • update insecure connection encrypter (#1400) (12a2c75)
• 0.39.4-5ad175c - 2022-10-05
• 0.39.3 - 2022-10-04
  

  Bug Fixes

  • when creating dial targets, encapsulate PeerIds last (#1389) (ec02351)
  • yield only final peers from dht getClosestPeers (#1380) (3f57eda)
• 0.39.2 - 2022-09-21
  

  Bug Fixes

  • remove ipfs dependency and upgrade multiaddr (#1387) (633d4a9)
• 0.39.2-a11260c - 2022-09-22
• 0.39.2-806804a - 2022-09-28
• 0.39.2-0ecc02b - 2022-09-23
• 0.39.2-6219841 - 2022-09-23
• 0.39.1 - 2022-09-11
  

  Bug Fixes

  • add yamux interop tests (#1290) (b87632f)
  • overwrite stream fields after handshake (#1305) (43b0418)
  • report dialer metrics (#1377) (0218acf)
• 0.39.1-633d4a9 - 2022-09-21
• 0.39.0 - 2022-09-07
• 0.39.0-dd14f82 - 2022-09-08
• 0.39.0-b87632f - 2022-09-09
• 0.39.0-43eec91 - 2022-09-09
• 0.39.0-0218acf - 2022-09-09
• 0.38.0 - 2022-08-17
• 0.38.0-fc2224a - 2022-09-05
• 0.38.0-d281a60 - 2022-09-05
• 0.38.0-57ef754 - 2022-09-07
• 0.38.0-1f38ab7 - 2022-08-17
• 0.38.0-0e7096d - 2022-08-30
• 0.37.3 - 2022-06-10
• 0.37.3-f439d9b - 2022-08-11
• 0.37.3-e6f646e - 2022-07-05
• 0.37.3-de30c2c - 2022-06-17
• 0.37.3-d4dd664 - 2022-06-15
• 0.37.3-ceb44f9 - 2022-06-24
• 0.37.3-ba56c64 - 2022-07-15
• 0.37.3-b270527 - 2022-06-24
• 0.37.3-b1b9139 - 2022-07-14
• 0.37.3-b1b2b21 - 2022-06-27
• 0.37.3-a5077cb - 2022-06-24
• 0.37.3-8880eef - 2022-08-11
• 0.37.3-886759b - 2022-08-14
• 0.37.3-750ed9c - 2022-07-15
• 0.37.3-6eaab2e - 2022-07-15
• 0.37.3-676cee2 - 2022-06-24
• 0.37.3-6630cb1 - 2022-08-12
• 0.37.3-627b8bf - 2022-07-17
• 0.37.3-5af9388 - 2022-06-29
• 0.37.3-509e56a - 2022-08-15
• 0.37.3-3c0fb13 - 2022-07-22
• 0.37.3-2836acc - 2022-06-28
• 0.37.3-0bb1b80 - 2022-07-15
• 0.37.3-05e8e7e - 2022-07-25
• 0.37.3-5371729 - 2022-06-16
• 0.37.3-4199042 - 2022-08-17
• 0.37.2 - 2022-05-31
• 0.37.2-f9073ec - 2022-06-08
• 0.37.2-eee256d - 2022-06-08
• 0.37.2-b047268 - 2022-06-08
• 0.37.2-3babbbd - 2022-06-07
• 0.37.1 - 2022-05-26
• 0.37.1-824720f - 2022-05-31
• 0.37.0 - 2022-05-16
• 0.37.0-d5386df - 2022-05-18
• 0.37.0-b09eb8f - 2022-05-23
• 0.37.0-a1220d2 - 2022-05-25
• 0.37.0-5934b13 - 2022-05-24
• 0.37.0-35f9c0c - 2022-05-18
• 0.37.0-1f5d5c2 - 2022-05-16
• 0.36.2 - 2022-01-26

from libp2p GitHub release notes

Commit messages

Package name: libp2p

• 4084163 chore: release 0.42.2 (#1551)
• f82e6b8 fix: allow configuring circuit stream limits (#1542)
• 0831cd9 fix: allow reading PeerId from keychain (#1552)
• b6fde93 chore: remove unused rimraf dep (#1559)
• 79005f3 chore: update dependanbot config (#1558)
• 5414953 docs: update connection manager docs (#1555)
• bd2bdf7 fix: do not append peer id to path addresses (#1547)
• 398e231 fix: allow dialing multiaddrs without peer ids (#1548)
• 141e072 fix: allow exporting PeerIds from the keychain (#1546)
• 5cf7f48 docs: fix FaultTolerance import in configuration documentation (#1550)
• ba8527c fix: improve pubsub example (#1549)
• 2dac4be docs: update migration guide to use EventTarget API
• 9a6022b chore: only publish docs on release
• c6718b2 chore: skip publish on doc generation
• 3a022ff chore: pass gh token to docs publish step
• 80bf830 chore: release 0.42.1 (#1541)
• a61e401 fix: update ci files to publish docs
• c88e03d chore: release 0.42.0 (#1528)
• 3e8501d chore: update @ chainsafe/libp2p-noise dep in examples (#1539)
• a346e14 chore(deps-dev): bump @ chainsafe/libp2p-noise from 10.2.0 to 11.0.0 (#1537)
• bdf53ae fix: add register and unregister methods to root node object (#1536)
• ea8f279 fix!: update multiformats (#1535)
• 40fe372 fix: close short-lived connections first when pruning by tag value (#1517)
• 43d0bc6 fix: expose identify service properties (#1529)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs