Skip to content

build(deps): bump bn.js and casper-js-sdk#1287

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/multi-23b8a43adb
Open

build(deps): bump bn.js and casper-js-sdk#1287
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/multi-23b8a43adb

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 22, 2026

Bumps bn.js to 5.2.3 and updates ancestor dependency casper-js-sdk. These dependencies need to be updated together.

Updates bn.js from 4.12.2 to 5.2.3

Release notes

Sourced from bn.js's releases.

v5.2.1

  • fix: serious issue in .toString(16) (#295)

v5.2.0

  • fix: Buffer not using global in browser (#260)
  • fix: LE constructor for HEX (#265)

v5.1.3

  • Add support for defined but not implemented Symbol.for (#252)

v5.1.2

  • Fix BN v5/v4 interoperability issue (#249)

v5.1.1

  • Temporary workaround for BN#_move (#236)
  • Add eslintrc instead config in package.json (#237)

v5.1.0

  • Benchmark for BigInt (#226)
  • Add documentation for max/min (#232)
  • Update BN#inspect for Symbols (#225)
  • Improve performance of toArrayLike (#222)
  • temporary disable jumboMulTo in BN#mulTo (#221)
  • optimize toBitArray function (#212)
  • fix iaddn sign issue (#216)

v5.0.0

  • travis: update node versions (#205)
  • Refactor buffer constructor (#200)
  • lib: fix for negative numbers: imuln, modrn, idivn (#185)
  • bn: fix Red#imod (#178)
  • check unexpected high bits for invalid characters (#173)
  • document support very large integers (#158)
  • only define toBuffer if Buffer is defined (#172)
  • lib: better validation of string input (#151)
  • tests: reject decimal input in constructor (#91)
  • bn: make .strip() an internal method (#105)
  • lib: deprecate .modn() introduce .modrn() (#112 #129 #130)
  • bn: don't accept invalid characters (#141)
  • package: use files insteadof .npmignore (#152)
  • bn: improve allocation speed for buffers (#167)
  • toJSON to default to interoperable hex (length % 2) (#164)
Changelog

Sourced from bn.js's changelog.

5.2.3 / 2026-02-19

  • fix: imaskn state (#317)

5.2.2 / 2025-04-25

  • fix: imuln/muln with zero (#313)

5.2.1 / 2022-02-23

  • fix: serious issue in .toString(16) (#295)

5.2.0 / 2021-02-23

  • fix: Buffer not using global in browser (#260)
  • Fix LE constructor for HEX (#265)

5.1.3 / 2020-08-14

  • Add support for defined but not implemented Symbol.for (#252)

5.1.2 / 2020-05-20

  • Fix BN v5/v4 interoperability issue (#249)

5.1.1 / 2019-12-24

  • Temporary workaround for BN#_move (#236)
  • Add eslintrc instead config in package.json (#237)

5.1.0 / 2019-12-23

  • Benchmark for BigInt (#226)
  • Add documentation for max/min (#232)
  • Update BN#inspect for Symbols (#225)
  • Improve performance of toArrayLike (#222)
  • temporary disable jumboMulTo in BN#mulTo (#221)
  • optimize toBitArray function (#212)
  • fix iaddn sign issue (#216)

5.0.0 / 2019-07-04

... (truncated)

Commits

Updates casper-js-sdk from 5.0.6 to 5.0.9

Release notes

Sourced from casper-js-sdk's releases.

Casper JS SDK v5.0.9

What's Changed

Full Changelog: casper-ecosystem/casper-js-sdk@5.0.8...5.0.9

Casper JS SDK v5.0.8

Fixed

Full Changelog: casper-ecosystem/casper-js-sdk@5.0.7...5.0.8

Casper JS SDK v5.0.7

Added

  • CEP-95 support for NFT transfers
  • Documentation for Transaction builder
  • Updated README.md
  • Add protocol_major_version as optional property in ByPackageHash and ByPackageName invocations

Fixed

  • Issue with speculative client response deserialization
  • Issue when gas_price not set to value indicated in payment
  • Optional data type in NFT transfer utils

Changed

  • Deprecate getStateItem in favor of queryLatestGlobalState

Full Changelog: casper-ecosystem/casper-js-sdk@5.0.6...5.0.7

Changelog

Sourced from casper-js-sdk's changelog.

[5.0.9] - 2026-01-19

Fixed

  • Issue with parsing list of U8

[5.0.8] - 2026-01-06

Fixed

  • Issue with parsing protocol_version_major when it's null for InvocationTarget's

[5.0.7] - 2025-12-04

Added

  • CEP-95 support for NFT transfers
  • Documentation for Transaction builder
  • Updated README.md
  • Add protocol_major_version as optional property in ByPackageHash and ByPackageName invocations

Fixed

  • Issue with speculative client response deserialization
  • Issue when gas_price not set to value indicated in payment
  • Optional data type in NFT transfer utils

Changed

  • Deprecate getStateItem in favor of queryLatestGlobalState
Commits
  • 829100a Release 5.0.9 version
  • 534ca0b Merge pull request #588 from casper-ecosystem/CSDK/update-dependencies
  • 3ab1ce6 Update dependecies to the latest version
  • 0f072a4 Merge pull request #587 from casper-ecosystem/CSDK/fix-parsing-list-u8
  • 8c81d73 Fix npm audit issue with elliptic
  • 0507215 Fix audit
  • 78b76d7 Fix an issue with parsing list of U8
  • 5a3fe3c Merge pull request #586 from casper-ecosystem/ops/update-npm-for-oidc
  • 37d1673 Update npm for OIDC
  • 4dbbf2e Merge pull request #585 from casper-ecosystem/ops/update-node-version-for-npm...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for casper-js-sdk since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump bn.js and casper-js-sdk
78d7f18 
Bumps [bn.js](https://github.com/indutny/bn.js) to 5.2.3 and updates ancestor dependency [casper-js-sdk](https://github.com/casper-ecosystem/casper-js-sdk). These dependencies need to be updated together.


Updates `bn.js` from 4.12.2 to 5.2.3
- [Release notes](https://github.com/indutny/bn.js/releases)
- [Changelog](https://github.com/indutny/bn.js/blob/master/CHANGELOG.md)
- [Commits](indutny/bn.js@v4.12.2...v5.2.3)

Updates `casper-js-sdk` from 5.0.6 to 5.0.9
- [Release notes](https://github.com/casper-ecosystem/casper-js-sdk/releases)
- [Changelog](https://github.com/casper-ecosystem/casper-js-sdk/blob/dev/CHANGELOG.md)
- [Commits](casper-ecosystem/casper-js-sdk@5.0.6...5.0.9)

---
updated-dependencies:
- dependency-name: bn.js
  dependency-version: 5.2.3
  dependency-type: indirect
- dependency-name: casper-js-sdk
  dependency-version: 5.0.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants