From 808f1601bfeb67b3ae1309fc658e88c4fd671ce5 Mon Sep 17 00:00:00 2001
From: Matthew To <matthew.to@crypto.com>
Date: Wed, 19 Jul 2023 11:30:29 +0800
Subject: [PATCH 1/4] Update packages

---
 README.md              |  3 +-
 entitlements.mac.plist |  2 +-
 package.json           | 11 ++++---
 tests/package.json     |  9 +++++-
 yarn.lock              | 66 ++++++++++++++++++++++--------------------
 5 files changed, 51 insertions(+), 40 deletions(-)

diff --git a/README.md b/README.md
index f9fe50a48..e48dd84d6 100644
--- a/README.md
+++ b/README.md
@@ -1,9 +1,8 @@
 # Crypto.com DeFi Desktop Wallet
 
 ## Warning
-Crypto.com DeFi Desktop Wallet is currently in the beta development phase and subjects to changes. Before proceeding, please be aware of the following:
+Crypto.com DeFi Desktop Wallet may subject to changes. Before proceeding, please be aware of the following:
 
-- Do not transfer any ERC20 tokens to addresses generated by this sample code as it can cause loss of funds.
 - Crypto.com is not liable for any potential damage, loss of data/files arising from the use of the wallet.
 
 ## Latest releases
diff --git a/entitlements.mac.plist b/entitlements.mac.plist
index 4f0f59421..0b6401560 100644
--- a/entitlements.mac.plist
+++ b/entitlements.mac.plist
@@ -5,7 +5,7 @@
 		<key>com.apple.security.cs.allow-jit</key>
 		<true/>
 		<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
-		<true/>
+		<false/>
 		<key>com.apple.security.cs.allow-dyld-environment-variables</key>
 		<false/>
 		<key>com.apple.security.network.client</key>
diff --git a/package.json b/package.json
index b608f8e98..2f493ca2f 100644
--- a/package.json
+++ b/package.json
@@ -156,7 +156,7 @@
     "css-loader": "4.3.0",
     "dotenv": "8.2.0",
     "dotenv-expand": "5.1.0",
-    "electron": "19.1.8",
+    "electron": "19.1.9",
     "electron-builder": "23.2.0",
     "electron-builder-notarize": "1.5.0",
     "eslint": "7.23.0",
@@ -208,13 +208,13 @@
     "resolve-url-loader": "3.1.2",
     "rimraf": "3.0.2",
     "sass-loader": "8.0.2",
-    "semver": "7.3.2",
+    "semver": "7.5.2",
     "style-loader": "1.3.0",
     "stylelint": "^14.9.1",
     "stylelint-config-recommended-less": "^1.0.4",
     "stylelint-config-standard": "^26.0.0",
     "terser-webpack-plugin": "4.2.3",
-    "vite": "2.9.7",
+    "vite": "2.9.16",
     "wait-on": "5.2.1",
     "webpack": "4.44.2",
     "webpack-dev-server": "3.11.2",
@@ -388,6 +388,9 @@
     "json5": "2.2.2",
     "flat": "5.0.1",
     "jszip": "3.8.0",
-    "http-cache-semantics": "4.1.1"
+    "http-cache-semantics": "4.1.1",
+    "@sideway/formula": "3.0.1",
+    "cookiejar": "2.1.4",
+    "decode-uri-component": "0.2.2"
   }
 }
diff --git a/tests/package.json b/tests/package.json
index f07bd915c..38efaa49c 100644
--- a/tests/package.json
+++ b/tests/package.json
@@ -43,6 +43,13 @@
     "eslint-plugin-prettier": "^3.1.3",
     "jest": "24",
     "jest-serial-runner": "^1.1.0 ",
-    "secp256k1": "^4.0.1"
+    "secp256k1": "^4.0.1"  
+  },
+    "resolutions": {
+      "json5": "1.0.2",
+      "qs": "6.7.3",
+      "decode-uri-component": "0.2.2",
+      "minimatch": "3.1.2",
+      "word-wrap": "1.2.4"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index b2d328c84..fdd754bac 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3701,10 +3701,10 @@
   dependencies:
     "@hapi/hoek" "^9.0.0"
 
-"@sideway/formula@^3.0.0":
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/@sideway/formula/-/formula-3.0.0.tgz"
-  integrity sha512-vHe7wZ4NOXVfkoRb8T5otiENVlT7a3IAiw7H5M2+GO+9CDgcVUUsX1zalAztCmwyOr2RUTGJdgB+ZvSVqmdHmg==
+"@sideway/formula@3.0.1", "@sideway/formula@^3.0.0":
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/@sideway/formula/-/formula-3.0.1.tgz#80fcbcbaf7ce031e0ef2dd29b1bfc7c3f583611f"
+  integrity sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg==
 
 "@sideway/pinpoint@^2.0.0":
   version "2.0.0"
@@ -7334,10 +7334,10 @@ cookie@0.4.2:
   resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.2.tgz#0e41f24de5ecf317947c82fc789e06a884824432"
   integrity sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==
 
-cookiejar@^2.1.1:
-  version "2.1.2"
-  resolved "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.2.tgz"
-  integrity sha512-Mw+adcfzPxcPeI+0WlvRrr/3lGVO0bD75SxX6811cxSh1Wbxx7xZBGK1eVtDf6si8rg2lhnUjsVLMFMfbRIuwA==
+cookiejar@2.1.4, cookiejar@^2.1.1:
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/cookiejar/-/cookiejar-2.1.4.tgz#ee669c1fea2cf42dc31585469d193fef0d65771b"
+  integrity sha512-LDx6oHrK+PhzLKJU9j5S7/Y3jM/mUHvD/DeI1WQmJn652iPC5Y4TBzC9l+5OMOXlyTTA+SmVUPm0HQUwpD5Jqw==
 
 copy-concurrently@^1.0.0:
   version "1.0.5"
@@ -8160,10 +8160,10 @@ decimal.js@^10.3.1:
   resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.3.1.tgz#d8c3a444a9c6774ba60ca6ad7261c3a94fd5e783"
   integrity sha512-V0pfhfr8suzyPGOx3nmq4aHqabehUZn6Ch9kyFpV79TGDTWFmHqUqXdabR7QHqxzrYolF4+tVmJhUG4OURg5dQ==
 
-decode-uri-component@^0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.0.tgz"
-  integrity sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=
+decode-uri-component@0.2.2, decode-uri-component@^0.2.0:
+  version "0.2.2"
+  resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.2.tgz#e69dbe25d37941171dd540e024c444cd5188e1e9"
+  integrity sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ==
 
 decompress-response@^3.2.0, decompress-response@^3.3.0:
   version "3.3.0"
@@ -8741,10 +8741,10 @@ electron@*:
     "@types/node" "^14.6.2"
     extract-zip "^1.0.3"
 
-electron@19.1.8:
-  version "19.1.8"
-  resolved "https://registry.yarnpkg.com/electron/-/electron-19.1.8.tgz#3ce19c270ca86d05bbf0df5ceeaea2d23edc7083"
-  integrity sha512-UfPQdFjgKI0xCm1V5sV3iAVOs0kCwAE91xWzV5tI7ij14yOkxTdXp9BqTzFaSbQYLYxn6q1BUUe1nlzjJjzAnw==
+electron@19.1.9:
+  version "19.1.9"
+  resolved "https://registry.yarnpkg.com/electron/-/electron-19.1.9.tgz#01995eea4014f7cdb2f616f5f3492d4ed6f5e4f0"
+  integrity sha512-XT5LkTzIHB+ZtD3dTmNnKjVBWrDWReCKt9G1uAFLz6uJMEVcIUiYO+fph5pLXETiBw/QZBx8egduMEfIccLx+g==
   dependencies:
     "@electron/get" "^1.14.1"
     "@types/node" "^16.11.26"
@@ -17168,6 +17168,13 @@ rollup-pluginutils@^2.8.1, rollup-pluginutils@^2.8.2:
   dependencies:
     estree-walker "^0.6.1"
 
+"rollup@>=2.59.0 <2.78.0":
+  version "2.77.3"
+  resolved "https://registry.yarnpkg.com/rollup/-/rollup-2.77.3.tgz#8f00418d3a2740036e15deb653bed1a90ee0cc12"
+  integrity sha512-/qxNTG7FbmefJWoeeYJFbHehJ2HNWnjkAFRKzWN/45eNBBF/r8lo992CwcJXEzyVxs5FmfId+vTSTQDb+bxA+g==
+  optionalDependencies:
+    fsevents "~2.3.2"
+
 rollup@^1.31.1:
   version "1.32.1"
   resolved "https://registry.yarnpkg.com/rollup/-/rollup-1.32.1.tgz"
@@ -17177,13 +17184,6 @@ rollup@^1.31.1:
     "@types/node" "*"
     acorn "^7.1.0"
 
-rollup@^2.59.0:
-  version "2.68.0"
-  resolved "https://registry.yarnpkg.com/rollup/-/rollup-2.68.0.tgz#6ccabfd649447f8f21d62bf41662e5caece3bd66"
-  integrity sha512-XrMKOYK7oQcTio4wyTz466mucnd8LzkiZLozZ4Rz0zQD+HeX4nUK4B8GrTX/2EvN2/vBF/i2WnaXboPxo0JylA==
-  optionalDependencies:
-    fsevents "~2.3.2"
-
 run-parallel@^1.1.9:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.2.0.tgz"
@@ -17369,10 +17369,12 @@ semver@7.0.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz"
   integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==
 
-semver@7.3.2:
-  version "7.3.2"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.2.tgz"
-  integrity sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==
+semver@7.5.2:
+  version "7.5.2"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.2.tgz#5b851e66d1be07c1cdaf37dfc856f543325a2beb"
+  integrity sha512-SoftuTROv/cRjCze/scjGyiDtcUyxw1rgYQSZY7XTmtR5hX+dm76iDbTH8TkLPHCQmlbQVSSbNZCPM2hb0knnQ==
+  dependencies:
+    lru-cache "^6.0.0"
 
 semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.2.0, semver@^6.3.0:
   version "6.3.0"
@@ -19434,15 +19436,15 @@ verror@1.10.0, verror@^1.10.0:
     core-util-is "1.0.2"
     extsprintf "^1.2.0"
 
-vite@2.9.7:
-  version "2.9.7"
-  resolved "https://registry.yarnpkg.com/vite/-/vite-2.9.7.tgz#210c328e08ed206ab0953eb1ca00860042cd0a77"
-  integrity sha512-5hH7aNQe8rJiTTqCtPNX/6mIKlGw+1wg8UXwAxDIIN8XaSR+Zx3GT2zSu7QKa1vIaBqfUODGh3vpwY8r0AW/jw==
+vite@2.9.16:
+  version "2.9.16"
+  resolved "https://registry.yarnpkg.com/vite/-/vite-2.9.16.tgz#daf7ba50f5cc37a7bf51b118ba06bc36e97898e9"
+  integrity sha512-X+6q8KPyeuBvTQV8AVSnKDvXoBMnTx8zxh54sOwmmuOdxkjMmEJXH2UEchA+vTMps1xw9vL64uwJOWryULg7nA==
   dependencies:
     esbuild "^0.14.27"
     postcss "^8.4.13"
     resolve "^1.22.0"
-    rollup "^2.59.0"
+    rollup ">=2.59.0 <2.78.0"
   optionalDependencies:
     fsevents "~2.3.2"
 

From 540705ee7f40375313a13e8bece78eb6429bfcf6 Mon Sep 17 00:00:00 2001
From: Matthew To <matthew.to@crypto.com>
Date: Wed, 19 Jul 2023 11:54:04 +0800
Subject: [PATCH 2/4] Fix potential crashes

---
 src/pages/assets/assets.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/pages/assets/assets.tsx b/src/pages/assets/assets.tsx
index 8b6f56a8a..cfc573d33 100644
--- a/src/pages/assets/assets.tsx
+++ b/src/pages/assets/assets.tsx
@@ -623,7 +623,7 @@ const AssetsPage = () => {
           dataIndex: 'msgTypeName',
           key: 'msgTypeName',
           render: (text) => {
-            return <TagMsgType msgTypeName={text} />;
+            return text ? <TagMsgType msgTypeName={text} /> : <></>;
           },
         },
       ]

From 2dc60ad7b81676cd03f722734f6b331e7a7e238a Mon Sep 17 00:00:00 2001
From: Matthew To <matthew.to@crypto.com>
Date: Wed, 19 Jul 2023 16:11:38 +0800
Subject: [PATCH 3/4] Update CHANGELOG

---
 CHANGELOG.md |  5 +++++
 package.json |  7 ++++---
 yarn.lock    | 16 ++++++++--------
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d35f7276e..612f9576d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 *Unreleased*
 
 *Released*
+## [v1.4.2] - 2023-07-19
+### Additions
+- Security enhancement & package dependencies bump
+### Bug Fixes
+- Potential app crash on Assets Page
 ## [v1.4.1] - 2023-03-03
 ### Additions
 - Revise on validator uptime calculation & list layout
diff --git a/package.json b/package.json
index 2f493ca2f..839776da0 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "chain-desktop-wallet",
-  "version": "1.4.1",
+  "version": "1.4.2",
   "description": "Crypto.com DeFi Desktop Wallet App",
   "repository": "github:crypto-com/chain-desktop-wallet",
   "author": "Crypto.com <contact@crypto.com>",
@@ -208,7 +208,7 @@
     "resolve-url-loader": "3.1.2",
     "rimraf": "3.0.2",
     "sass-loader": "8.0.2",
-    "semver": "7.5.2",
+    "semver": "7.5.3",
     "style-loader": "1.3.0",
     "stylelint": "^14.9.1",
     "stylelint-config-recommended-less": "^1.0.4",
@@ -391,6 +391,7 @@
     "http-cache-semantics": "4.1.1",
     "@sideway/formula": "3.0.1",
     "cookiejar": "2.1.4",
-    "decode-uri-component": "0.2.2"
+    "decode-uri-component": "0.2.2",
+    "word-wrap": "1.2.4"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index fdd754bac..150d3af04 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -17369,10 +17369,10 @@ semver@7.0.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz"
   integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==
 
-semver@7.5.2:
-  version "7.5.2"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.2.tgz#5b851e66d1be07c1cdaf37dfc856f543325a2beb"
-  integrity sha512-SoftuTROv/cRjCze/scjGyiDtcUyxw1rgYQSZY7XTmtR5hX+dm76iDbTH8TkLPHCQmlbQVSSbNZCPM2hb0knnQ==
+semver@7.5.3:
+  version "7.5.3"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.3.tgz#161ce8c2c6b4b3bdca6caadc9fa3317a4c4fe88e"
+  integrity sha512-QBlUtyVk/5EeHbi7X0fw6liDZc7BBmEaSYn01fMU1OUYbf6GPsbTtd8WmnqbI20SeycoHSeiybkE/q1Q+qlThQ==
   dependencies:
     lru-cache "^6.0.0"
 
@@ -20223,10 +20223,10 @@ wif@^2.0.6:
   dependencies:
     bs58check "<3.0.0"
 
-word-wrap@^1.2.3, word-wrap@~1.2.3:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz"
-  integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==
+word-wrap@1.2.4, word-wrap@^1.2.3, word-wrap@~1.2.3:
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.4.tgz#cb4b50ec9aca570abd1f52f33cd45b6c61739a9f"
+  integrity sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==
 
 wordwrapjs@^4.0.0:
   version "4.0.1"

From 440efb3a9053794ecafde521155085bfe51ba4c5 Mon Sep 17 00:00:00 2001
From: Matthew To <matthew.to@crypto.com>
Date: Wed, 19 Jul 2023 17:26:51 +0800
Subject: [PATCH 4/4] Fix audit

---
 package.json |  2 +-
 yarn.lock    | 18 +++++++++++-------
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/package.json b/package.json
index 839776da0..0e2932d2b 100644
--- a/package.json
+++ b/package.json
@@ -379,7 +379,7 @@
     "eventsource": "2.0.2",
     "nth-check": "2.0.1",
     "semver-regex": "3.1.3",
-    "protobufjs": "6.11.3",
+    "protobufjs": "7.2.4",
     "shell-quote": "1.7.3",
     "minimatch": "3.0.5",
     "loader-utils": "2.0.4",
diff --git a/yarn.lock b/yarn.lock
index 150d3af04..22879e1ab 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4336,7 +4336,7 @@
   resolved "https://registry.yarnpkg.com/@types/lodash/-/lodash-4.14.172.tgz#aad774c28e7bfd7a67de25408e03ee5a8c3d028a"
   integrity sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==
 
-"@types/long@4.0.1", "@types/long@^4.0.1":
+"@types/long@4.0.1":
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/@types/long/-/long-4.0.1.tgz"
   integrity sha512-5tXH6Bx/kNGd3MgffdmP4dy2Z+G4eaXw0SE81Tq3BNadtnMR5/ySMzX4SLEzHJzSmPNn4HIdpQsBvXMUykr58w==
@@ -13126,6 +13126,11 @@ long@4.0.0, long@^4.0.0:
   resolved "https://registry.yarnpkg.com/long/-/long-4.0.0.tgz"
   integrity sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==
 
+long@^5.0.0:
+  version "5.2.3"
+  resolved "https://registry.yarnpkg.com/long/-/long-5.2.3.tgz#a3ba97f3877cf1d778eccbcb048525ebb77499e1"
+  integrity sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==
+
 loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.2.0, loose-envify@^1.3.1, loose-envify@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz"
@@ -15736,10 +15741,10 @@ proto-list@~1.2.1:
   resolved "https://registry.yarnpkg.com/proto-list/-/proto-list-1.2.4.tgz"
   integrity sha1-IS1b/hMYMGpCD2QCuOJv85ZHqEk=
 
-protobufjs@6.11.3, protobufjs@^6.8.8, protobufjs@~6.10.2, protobufjs@~6.11.2, protobufjs@~6.11.3:
-  version "6.11.3"
-  resolved "https://registry.yarnpkg.com/protobufjs/-/protobufjs-6.11.3.tgz#637a527205a35caa4f3e2a9a4a13ddffe0e7af74"
-  integrity sha512-xL96WDdCZYdU7Slin569tFX712BxsxslWwAfAhCYjQKGTq7dAU91Lomy6nLLhh/dyGhk/YH4TwTSRxTzhuHyZg==
+protobufjs@6.11.3, protobufjs@7.2.4, protobufjs@^6.8.8, protobufjs@~6.10.2, protobufjs@~6.11.2, protobufjs@~6.11.3:
+  version "7.2.4"
+  resolved "https://registry.yarnpkg.com/protobufjs/-/protobufjs-7.2.4.tgz#3fc1ec0cdc89dd91aef9ba6037ba07408485c3ae"
+  integrity sha512-AT+RJgD2sH8phPmCf7OUZR8xGdcJRga4+1cOaXJ64hvcSkVhNcRHOwIxUatPH15+nj59WAGTDv3LSGZPEQbJaQ==
   dependencies:
     "@protobufjs/aspromise" "^1.1.2"
     "@protobufjs/base64" "^1.1.2"
@@ -15751,9 +15756,8 @@ protobufjs@6.11.3, protobufjs@^6.8.8, protobufjs@~6.10.2, protobufjs@~6.11.2, pr
     "@protobufjs/path" "^1.1.2"
     "@protobufjs/pool" "^1.1.0"
     "@protobufjs/utf8" "^1.1.0"
-    "@types/long" "^4.0.1"
     "@types/node" ">=13.7.0"
-    long "^4.0.0"
+    long "^5.0.0"
 
 proxy-addr@~2.0.7:
   version "2.0.7"