Bump openzeppelin-solidity from 2.5.0 to 3.2.0 in /testnet-contracts

[dependabot]

Bumps openzeppelin-solidity from 2.5.0 to 3.2.0.

Release notes

Sourced from openzeppelin-solidity's releases.

v3.2.0

Welcome to a new release of OpenZeppelin Contracts! 👯

The big feature in this release is that we’ve migrated our proxy contracts from OpenZeppelin SDK into the Contracts project. We hope this will make more people aware of upgrades in Ethereum, and we also think the contracts will benefit greatly from the continued scrutiny by all of you in the community. This was also a migration of the proxies from Solidity 0.5 to 0.6, which we know some users have been waiting for.

For Solidity 0.7 users, a reminder that we have support for the newer compiler version published on npm under the tag solc-0.7, the latest release being 3.2.0-solc-0.7. We’re considering officially switching to 0.7 for the release after this one.

There is additionally a small breaking change in ERC20Snapshot that may affect some of its users. If you’re one of them please take a look at the changelog.

v3.1.0

This is the first release since v3.0, our last major release. It includes the long-awaited ERC1155 token and helpers for safe calls and downcasts, as well as a number of minor improvements.

To install this release, run:

npm install --save-dev @openzeppelin/contracts

ERC1155

This is a new token standard developed by the gaming industry, focusing on gas efficiency. It's key difference is that it is a multi-token contract: a single ERC1155 can be used to represent an arbitrary number of tokens, which is very useful in applications that require many tokens by removing the high gas costs associated with deploying them. Check out our new documentation page to learn more!.

More Replacements for call

The low-level call primitive can be hard to use correctly and is often considered unsafe. With the addition of sendValue in Contracts and try-catch in Solidity, there's only a few scenarios in which call is still needed, the most troublesome one being forwarding calls.

The new functionCall helpers can forward call data to a recipient contract while imitating Solidity's function call semantics, such as bubbling up revert reasons and rejecting calls to EOAs. We expect the addition of these functions to greatly reduce the need to rely on call.

Using SafeMath on Small Signed Integers

We've expanded the scope of the SafeCast library to also include signed integer downcasting, which allows for users that need small types (such as int8 or int32) to perform checked arithmetic on them by using SafeMath, and then downcast the result to the intended size.

OpenZeppelin Contracts 3.0.1

This is a small bugfix release, addressing an issue that allowed for some internal functions in ERC777 to be called with the zero address as one of their arguments.

This was reported in OpenZeppelin/openzeppelin-contracts#2208, fixed in OpenZeppelin/openzeppelin-contracts#2212 for the v2.5 branch, and ported to the v3.0 branch in OpenZeppelin/openzeppelin-contracts#2213.

OpenZeppelin Contracts 3.0

We're thrilled to finally announce the release of OpenZeppelin Contracts v3.0 ✨

Among other things, this release features the migration to Solidity v0.6, as well as a revamped access control system, streamlined token contracts, and new libraries for enumerable mappings.

To install this latest release, run:

npm install --save-dev @openzeppelin/contracts

What's New

Changelog

Sourced from openzeppelin-solidity's changelog.

3.2.0 (2020-09-10)

New features

• Proxies: added the proxy contracts from OpenZeppelin SDK. (#2335)

Proxy changes with respect to OpenZeppelin SDK

Aside from upgrading them from Solidity 0.5 to 0.6, we've changed a few minor things from the proxy contracts as they were found in OpenZeppelin SDK.

• UpgradeabilityProxy was renamed to UpgradeableProxy.
• AdminUpgradeabilityProxy was renamed to TransparentUpgradeableProxy.
• Proxy._willFallback was renamed to Proxy._beforeFallback.
• UpgradeabilityProxy._setImplementation and AdminUpgradeabilityProxy._setAdmin were made private.

Improvements

• Address.isContract: switched from extcodehash to extcodesize for less gas usage. (#2311)

Breaking changes

• ERC20Snapshot: switched to using _beforeTokenTransfer hook instead of overriding ERC20 operations. (#2312)

This small change in the way we implemented ERC20Snapshot may affect users who are combining this contract with other ERC20 flavors, since it no longer overrides _transfer, _mint, and _burn. This can result in having to remove Solidity override(...) specifiers in derived contracts for these functions, and to instead have to add it for _beforeTokenTransfer. See Using Hooks in the documentation.

3.1.0 (2020-06-23)

New features

• SafeCast: added functions to downcast signed integers (e.g. toInt32), improving usability of SignedSafeMath. (#2243)
• functionCall: new helpers that replicate Solidity's function call semantics, reducing the need to rely on call. (#2264)
• ERC1155: added support for a base implementation, non-standard extensions and a preset contract. (#2014, #2230)

Improvements

• ReentrancyGuard: reduced overhead of using the nonReentrant modifier. (#2171)
• AccessControl: added a RoleAdminChanged event to _setAdminRole. (#2214)
• Made all public functions in the token preset contracts virtual. (#2257)

Deprecations

• SafeERC20: deprecated safeApprove. (#2268)

3.0.2 (2020-06-08)

Improvements

• Added SPX license identifier to all contracts. (#2235)

3.0.1 (2020-04-27)

Bugfixes

• ERC777: fixed the _approve internal function not validating some of their arguments for non-zero addresses. (#2213)

3.0.0 (2020-04-20)

Commits

• 1ada3b6 3.2.0
• 45b81c9 Add note about proxy changes in the changelog
• f2fb8cf 3.2.0-rc.0
• 9f900f6 Add changelog entries for proxies and ERC20Snapshot
• 91f16a7 Adapt proxies to Contracts conventions (#2345)
• 6bc2ae3 Add documentation for proxies (#2344)
• 885b76f Fix AsciiDoc missing attribute references
• ded2b0a Fix minor typos and grammar in docs (#2338)
• 0f08b1d Update dependency mocha to v8.1.3 (#2340)
• aaa5ef8 Fix typos (#2343)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)