From 690b30dcd154a4b740750b91d0c156ad0beacdff Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 29 Dec 2024 05:25:16 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WEB3UTILS-6229337
---
 package.json | 2 +-
 yarn.lock    | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index cfcd20fa..ea29d097 100644
--- a/package.json
+++ b/package.json
@@ -56,7 +56,7 @@
     "jest-extended": "^4.0.2",
     "lodash": "^4.17.21",
     "long": "^5.2.1",
-    "merkletreejs": "^0.3.9",
+    "merkletreejs": "^0.4.1",
     "sinon": "^18.0.0",
     "yesno": "^0.4.0"
   },
diff --git a/yarn.lock b/yarn.lock
index 0c07889a..1e55bb3c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3546,6 +3546,15 @@ merkletreejs@^0.3.9:
     treeify "^1.1.0"
     web3-utils "^1.3.4"
 
+merkletreejs@^0.4.1:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/merkletreejs/-/merkletreejs-0.4.1.tgz#a77a0c3d16adec71a09ef7e5b7e055dde29d30e1"
+  integrity sha512-W2VSHeGTdAnWtedee+pgGn7SHvncMdINnMeHAaXrfarSaMNLff/pm7RCr/QXYxN6XzJFgJZY+28ejO0lAosW4A==
+  dependencies:
+    buffer-reverse "^1.0.1"
+    crypto-js "^4.2.0"
+    treeify "^1.1.0"
+
 methods@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee"