fix: npm advisory/1603, prototype pollution immer

app/api/watch-tx-to-appear-in-api.ts

@@ -10,7 +10,6 @@ export function watchForNewTxToAppear({ txId, nodeUrl }: WatchForNewTxAppearArgs
   let retryCount = 0;
   return new Promise((resolve, reject) => {
     const fetchTx = async (): Promise<void> => {
-      console.log('retrying');
       if (retryCount > 5) {
         // In this instance, the API has failed to find the tx, but it could still
         // be pending this absolute delay provides a last ditch effort for it to update

app/components/home/stacking-card.tsx

@@ -53,7 +53,7 @@ export const StackingCard: FC<StackingCardProps> = () => {
                 </Text>
                 <ExplainerTooltip mt="1px">
                   This is the address your BTC reward will be paid to. If delegated, this is the
-                  address of your delegator.
+                  address of your delegation service
                 </ExplainerTooltip>
               </Flex>
               <Text fontSize="13px" mt="tight" color="ink">

app/components/home/transaction-list/transaction-list-item.tsx

@@ -83,7 +83,7 @@ export const TransactionListItem: FC<TransactionListItemProps> = props => {
       return 'Stacking initiated successfully';
     }
     if (isDelegatedStackingTx(tx, poxInfo?.contract_id)) {
-      return 'Delegator Stacked STX';
+      return 'Delegatee Stacked STX';
     }
     if (isDelegateStxTx(tx, poxInfo?.contract_id)) {
       if (tx.tx_status === 'pending') return 'Initiating delegation';

app/modals/delegated-stacking/delegated-stacking-modal.tsx

@@ -47,13 +47,13 @@ enum StackingModalStep {
 type StackingModalComponents = () => Record<'header' | 'body' | 'footer', JSX.Element>;
 
 interface StackingModalProps {
-  delegatorStxAddress: string;
+  delegateeStxAddress: string;
   amountToStack: BigNumber;
   onClose(): void;
 }
 
 export const DelegatedStackingModal: FC<StackingModalProps> = props => {
-  const { onClose, delegatorStxAddress, amountToStack } = props;
+  const { onClose, delegateeStxAddress, amountToStack } = props;
 
   const dispatch = useDispatch();
   const history = useHistory();
@@ -92,9 +92,9 @@ export const DelegatedStackingModal: FC<StackingModalProps> = props => {
     return stackingClient.getDelegateOptions({
       amountMicroStx: new BN(amountToStack.toString()),
       contract: poxInfo.contract_id,
-      delegateTo: delegatorStxAddress,
+      delegateTo: delegateeStxAddress,
     });
-  }, [amountToStack, delegatorStxAddress, poxInfo, stackingClient]);
+  }, [amountToStack, delegateeStxAddress, poxInfo, stackingClient]);
 
   const createSoftwareWalletTx = useCallback(async () => {
     if (!password) throw new Error('`password` missing');

app/modals/stacking/stacking-modal.tsx

@@ -137,7 +137,7 @@ export const StackingModal: FC<StackingModalProps> = props => {
     const broadcastActions: Omit<BroadcastTransactionArgs, 'transaction'> = {
       onBroadcastSuccess: async txId => {
         dispatch(activeStackingTx({ txId }));
-        const tx = await watchForNewTxToAppear({ txId, nodeUrl: api.baseUrl });
+        const [, tx] = await safeAwait(watchForNewTxToAppear({ txId, nodeUrl: api.baseUrl }));
         if (tx) {
           dispatch(pendingTransactionSlice.actions.addPendingTransaction(tx as MempoolTransaction));
         }

app/pages/home/home.tsx

@@ -137,7 +137,8 @@ export const Home: FC = () => {
             />
           ))}
         {pendingTxs
-          // .filter(pendingTx => !txs.map(tx => tx.tx_id).includes(pendingTx.tx_id))
+          .filter(pendingTx => !txs.map(tx => tx.tx_id).includes(pendingTx.tx_id))
+          .filter(pendingTx => !mempoolTxs.map(tx => tx.tx_id).includes(pendingTx.tx_id))
           .map(pendingTx => (
             <TransactionListItemMempool
               address={address}

app/pages/stacking/delegated-stacking/components/choose-delegator-stx-address.tsx → app/pages/stacking/delegated-stacking/components/choose-delegatee-stx-address.tsx

@@ -15,14 +15,14 @@ import {
 } from '../../components/stacking-form-step';
 import { CryptoAddressForm } from '../../components/crypto-address-form';
 
-interface ChooseDelegatorStxAddressStepProps extends StackingStepBaseProps {
+interface ChooseDelegateeStxAddressStepProps extends StackingStepBaseProps {
   description: string;
   value?: string;
   onEdit(): void;
   onComplete(address: string): void;
 }
 
-export const ChooseDelegatorStxAddressStep: FC<ChooseDelegatorStxAddressStepProps> = props => {
+export const ChooseDelegateeStxAddressStep: FC<ChooseDelegateeStxAddressStepProps> = props => {
   const { isComplete, description, state, step, title, value, onEdit, onComplete } = props;
 
   const address = useSelector(selectAddress);

app/pages/stacking/delegated-stacking/components/delegated-stacking-info-card.tsx

@@ -11,11 +11,11 @@ import { truncateMiddle } from '../../../../utils/tx-utils';
 
 interface StackingInfoCardProps extends FlexProps {
   balance: BigNumber | null;
-  delegatorAddress: string | null;
+  delegateeAddress: string | null;
 }
 
 export const DelegatedStackingInfoCard: FC<StackingInfoCardProps> = props => {
-  const { balance, delegatorAddress } = props;
+  const { balance, delegateeAddress } = props;
 
   const amountToBeStacked = balance === null ? new BigNumber(0) : balance;
 
@@ -46,10 +46,10 @@ export const DelegatedStackingInfoCard: FC<StackingInfoCardProps> = props => {
               Delegatee address
             </Text>
             <ExplainerTooltip>
-              This will be provided to you by your chosen delegator
+              This will be provided to you by your chosen delegation service
             </ExplainerTooltip>
           </Flex>
-          <Text textAlign="right">{delegatorAddress ? truncateMiddle(delegatorAddress) : '—'}</Text>
+          <Text textAlign="right">{delegateeAddress ? truncateMiddle(delegateeAddress) : '—'}</Text>
         </Flex>
       </Flex>
     </Flex>

app/pages/stacking/delegated-stacking/delegated-stacking.tsx

@@ -13,10 +13,10 @@ import { StackingDelegationIntro } from './components/stacking-delegated-intro';
 import { DelegatedStackingInfoCard } from './components/delegated-stacking-info-card';
 import { ConfirmAndDelegateStep } from './components/confirm-and-delegate';
 import { ChooseDelegatedStackingAmountStep } from './components/choose-delegated-stacking-amount';
-import { ChooseDelegatorStxAddressStep } from './components/choose-delegator-stx-address';
+import { ChooseDelegateeStxAddressStep } from './components/choose-delegatee-stx-address';
 
 enum DelegateStep {
-  ChooseDelegatorAddress = 'ChooseDelegatorAddress',
+  ChooseDelegateeAddress = 'ChooseDelegateeAddress',
   ChooseAmount = 'ChooseAmount',
 }
 
@@ -25,29 +25,29 @@ export const StackingDelegation: FC = () => {
 
   const [amount, setAmount] = useState<BigNumber | null>(null);
   const [modalOpen, setModalOpen] = useState(false);
-  const [delegatorStxAddress, setDelegatorStxAddress] = useState<string | null>(null);
+  const [delegateeAddress, setDelegateeAddress] = useState<string | null>(null);
 
   const steps = useStackingFormStep<DelegateStep>({
-    [DelegateStep.ChooseDelegatorAddress]: delegatorStxAddress !== null,
+    [DelegateStep.ChooseDelegateeAddress]: delegateeAddress !== null,
     [DelegateStep.ChooseAmount]: amount !== null,
   });
 
   const stackingForm = (
     <StackingFormContainer>
-      <ChooseDelegatorStxAddressStep
+      <ChooseDelegateeStxAddressStep
         title="Choose delegatee's address"
         description="Enter the STX address shared with you by your chosen delegatee"
-        isComplete={steps.getIsComplete(DelegateStep.ChooseDelegatorAddress)}
-        value={delegatorStxAddress ?? undefined}
-        state={steps.getView(DelegateStep.ChooseDelegatorAddress)}
-        onEdit={() => steps.open(DelegateStep.ChooseDelegatorAddress)}
+        isComplete={steps.getIsComplete(DelegateStep.ChooseDelegateeAddress)}
+        value={delegateeAddress ?? undefined}
+        state={steps.getView(DelegateStep.ChooseDelegateeAddress)}
+        onEdit={() => steps.open(DelegateStep.ChooseDelegateeAddress)}
         onComplete={address => (
-          setDelegatorStxAddress(address), steps.close(DelegateStep.ChooseDelegatorAddress)
+          setDelegateeAddress(address), steps.close(DelegateStep.ChooseDelegateeAddress)
         )}
       />
       <ChooseDelegatedStackingAmountStep
         title="Choose an amount"
-        description="Choose how much of your STX you’d like to delegate. This can be more than your current balance. Your delegator may require you to delegate a minimum amount."
+        description="Choose how much of your STX you’d like to delegate. This can be more than your current balance. Your delegatee may require you to delegate a minimum amount."
         isComplete={steps.getIsComplete(DelegateStep.ChooseAmount)}
         state={steps.getView(DelegateStep.ChooseAmount)}
         value={amount}
@@ -64,17 +64,17 @@ export const StackingDelegation: FC = () => {
 
   return (
     <>
-      {modalOpen && amount && delegatorStxAddress && (
+      {modalOpen && amount && delegateeAddress && (
         <DelegatedStackingModal
-          delegatorStxAddress={delegatorStxAddress}
+          delegateeStxAddress={delegateeAddress}
           amountToStack={amount}
           onClose={() => setModalOpen(false)}
         />
       )}
       <StackingLayout
         intro={<StackingDelegationIntro />}
         stackingInfoCard={
-          <DelegatedStackingInfoCard delegatorAddress={delegatorStxAddress} balance={amount} />
+          <DelegatedStackingInfoCard delegateeAddress={delegateeAddress} balance={amount} />
         }
         stackingForm={stackingForm}
       />

package.json

@@ -252,6 +252,9 @@
     "yup": "0.32.8",
     "zxcvbn": "4.4.2"
   },
+  "resolutions": {
+    "immer": "8.0.1"
+  },
   "devEngines": {
     "node": ">=7.x",
     "npm": ">=4.x",

yarn.lock

@@ -7142,10 +7142,10 @@ immediate@~3.0.5:
   resolved "https://registry.yarnpkg.com/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b"
   integrity sha1-nbHb0Pr43m++D13V5Wu2BigN5ps=
 
-immer@^8.0.0:
-  version "8.0.0"
-  resolved "https://registry.yarnpkg.com/immer/-/immer-8.0.0.tgz#08763549ba9dd7d5e2eb4bec504a8315bd9440c2"
-  integrity sha512-jm87NNBAIG4fHwouilCHIecFXp5rMGkiFrAuhVO685UnMAlOneEAnOyzPt8OnP47TC11q/E7vpzZe0WvwepFTg==
+immer@8.0.1, immer@^8.0.0:
+  version "8.0.1"
+  resolved "https://registry.yarnpkg.com/immer/-/immer-8.0.1.tgz#9c73db683e2b3975c424fb0572af5889877ae656"
+  integrity sha512-aqXhGP7//Gui2+UrEtvxZxSquQVXTpZ7KDxfCcKAF3Vysvw0CViVaW9RZ1j1xlIYqaaaipBoqdqeibkc18PNvA==
 
 import-fresh@^3.0.0, import-fresh@^3.2.1:
   version "3.3.0"