Bump @shazow/whatsabi from 0.15.4 to 0.16.0

[dependabot]

Bumps @shazow/whatsabi from 0.15.4 to 0.16.0.

Release notes

Sourced from @​shazow/whatsabi's releases.

v0.16.0

Summary

• Improved whatsabi's disassembly so that it's more precise about where the runnable code section is. This helps reduce false positives, and improves finding proxy slots pulled in from the data section using CODECOPY.
• Added AutoloadResult.isFactory when a CREATE or CREATE2 opcode is detected. This means that some of the results could be attributed to bytecode that is deployed by the factory, rather than the factory itself. That said, false positives like this should be further mitigated by the previous improvement!
• Deduplicated experimental event results.

What's Changed

• autoload: Add AutoloadResult.isFactory by @​shazow in shazow/whatsabi#144
• disasm: Detect code boundary and look for slots in aux data by @​shazow in shazow/whatsabi#129
• src/disasm.ts: Use Set for eventCandidates to avoid dupes by @​shazow in shazow/whatsabi#147

Full Changelog: shazow/whatsabi@v0.15.4...v0.16.0

Commits

• 15f5ac9 package.json: v0.16.0
• 44fbcf1 Merge pull request #147 from shazow/dupe-events
• 52fb43e src/tests/edges.test.ts: Add dupe events test
• bfa21d0 src/disasm.ts: Use Set for eventCandidates to avoid dupes
• 7cd4926 Merge pull request #129 from shazow/proxy-bug-126
• 12faeff src/disasm.ts: Skip aux check if less than slot size
• 35192af src/disasm.ts: Use maxJumpDest to catch EOP false positives
• f37cdd8 src/disasm.ts: Exclude CBOR segment in auxData for slot searching
• f99fb4a src/disasm.ts: Improve detecting of code boundary
• 02f8bb9 WIP: disasm: Try to detect program boundary where aux data lives
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

PR-Codex overview

This PR updates the version of the @shazow/whatsabi package from 0.15.4 to 0.16.0 in both package.json and pnpm-lock.yaml, ensuring the application uses the latest features and fixes from this dependency.

Detailed summary

• Updated @shazow/whatsabi version in package.json from ^0.15.4 to ^0.16.0.
• Updated @shazow/whatsabi version in pnpm-lock.yaml from 0.15.4 to 0.16.0.
• Updated integrity hash for @shazow/whatsabi in pnpm-lock.yaml.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

[changeset-bot]

⚠️ No Changeset found

Latest commit: d815d72

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[graphite-app]

Your org has enabled the Graphite merge queue for merging into main

Add the label “merge-queue” to the PR and Graphite will automatically add it to the merge queue when it’s ready to merge. Or use the label “hotfix” to add to the merge queue as a hot fix.

You must have a Graphite account and log in to Graphite in order to use the merge queue. Sign up using this link.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
docs-v2	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 4, 2024 9:19pm
thirdweb_playground	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 4, 2024 9:19pm
thirdweb-www	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 4, 2024 9:19pm
wallet-ui	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 4, 2024 9:19pm

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@shazow/[email protected]	eval, network	0	529 kB	shazow

🚮 Removed packages: npm/@shazow/[email protected]

View full report↗︎

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.