[Snyk] Security upgrade patch-package from 8.0.0 to 8.0.1

[revan-zhang]

Snyk has created this PR to fix 3 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• packages/providers/onekey-alph-provider/package.json
• packages/providers/onekey-alph-provider/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Symlink Attack SNYK-JS-TMP-11501554	565
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	535
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	340

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-8d2bbf4b5a4e62556e5f193627c6ac45

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[revan-zhang]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​parcel/​watcher-android-arm64@​2.4.1
	@​parcel/​watcher-darwin-arm64@​2.4.1
	@​parcel/​watcher-darwin-x64@​2.4.1
	@​parcel/​watcher-freebsd-x64@​2.4.1
	@​parcel/​watcher-linux-arm-glibc@​2.4.1
	@​parcel/​watcher-linux-arm64-glibc@​2.4.1
	@​parcel/​watcher-linux-arm64-musl@​2.4.1
	@​parcel/​watcher-linux-x64-glibc@​2.4.1
	@​parcel/​watcher-linux-x64-musl@​2.4.1
	@​parcel/​watcher-win32-arm64@​2.4.1
	@​parcel/​watcher-win32-ia32@​2.4.1
	@​parcel/​watcher-win32-x64@​2.4.1
	json-stable-stringify@​1.2.1
	strict-uri-encode@​2.0.0
	@​walletconnect/​jsonrpc-provider@​1.0.14
	@​walletconnect/​jsonrpc-ws-connection@​1.0.14
	@​walletconnect/​jsonrpc-types@​1.0.4
	@​stablelib/​hash@​1.0.1
	@​walletconnect/​heartbeat@​1.2.2
	@​stablelib/​aead@​1.0.1
	@​stablelib/​wipe@​1.0.1
	@​stablelib/​bytes@​1.0.1
	@​stablelib/​keyagreement@​1.0.1
	@​stablelib/​int@​1.0.1
	@​walletconnect/​relay-api@​1.0.11
	@​walletconnect/​logger@​2.1.2
	@​stablelib/​constant-time@​1.0.1
	strip-final-newline@​3.0.0
	is-wsl@​3.1.0
	@​stablelib/​hkdf@​1.0.1
	@​stablelib/​chacha@​1.0.1
	is-binary-path@​2.1.0
	@​walletconnect/​relay-auth@​1.0.4
See 136 more rows in the dashboard

View full report