[Snyk] Security upgrade web3 from 1.10.4 to 4.13.0

[tirumerla]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • examples/relayer-web3-provider/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	776/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.1	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577916	Yes	Proof of Concept
	776/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.1	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577917	Yes	Proof of Concept
	776/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.1	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577918	Yes	Proof of Concept
	701/1000 Why? Recently disclosed, Has a fix available, CVSS 8.3	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-8172694	Yes	No Known Exploit
	828/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.7	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-8187303	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-WEB3UTILS-6229337	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-WS-7266574	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: web3

The new version differs by 250 commits.

• 0799331 bump web3-types version
• 8c0bbc1 address feedback
• e63c7c3 bump versions
• a21078b feat: add custom transaction schema to formatTransaction (#7227)
• b3cb1b7 Document Formatting (#7222)
• b86d8ca Format repo, add new rules (#7226)
• 27155ea fix(onNewProviderDiscovered): callback-parameter (#7242)
• 973ee80 feat(docs): extend (#7233)
• 2f24244 feat(requestEIP6963Providers): return-type (#7239)
• 75df267 feat(docs): upgrade-bn (#7232)
• 7a6e492 Handle common cases for smart contract errors according to EIP 838 (#7155)
• 9b32205 unit tests update (#7221)
• f351e00 hotfix to 4.12.1 (#7217)
• 0b75589 Fix nextjs problem (#7216)
• e746566 Release/4.12.0 (#7207)
• 60fc197 Refactor some parts of contract and accounts packages (#7197)
• 4f8e8cc Bump axios from 1.6.2 to 1.7.4 (#7204)
• 2ef694c Web3 RPC Providers support of configuration of selected transport (#7205)
• d9d0391 Quicknode provider update (#7195)
• 0db2b18 Fix 7055 one of with scalar value and string (#7173)
• 8b435c1 feat(docs): Expand web3 config guide (#7131)
• 5080e80 4x tests updates (#7162)
• 2706805 Zk sync plugin related changes (#7174)
• 61e9e06 fix infura tests and secrets (#7163)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)
🦉 Uncontrolled Resource Consumption ('Resource Exhaustion')
🦉 Prototype Pollution

[changeset-bot]

⚠️ No Changeset found

Latest commit: f81dbf1

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[shahnami]

This seems like it could be a breaking change. We should smoke test relayer signer with this change

[MCarlomagno]

@tirumerla we can close this one, web3 was already bumped to v4