Update deps

[goosewobbler]

Unable to update major version due to ESM requirement:

conf
node-fetch
query-string

It should be possible to upgrade these at some point if we switch to ESM, but Electron will require transpilation to CommonJS for the foreseeable future:

electron/forge#3129 (comment)

• Added @parcel/core and react-is as these were flagged (by pnpm) as missing peer deps for @parcel/* & styled-components.
• Removed node-hid override version pinning as ledger has now updated this to 2.1.2
• Issues in main unit tests with recent ledger updates - similar to this, errors in tests fixed by jest module mapping.

TODO:

• verify ledger functionality works for dev
• verify ledger functionality works for prod builds

[socket-security]

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script confusion	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

Ignoring: @lavamoat/allow-scripts@2.3.0, gridplus-sdk@2.4.3, core-js@3.27.2, msgpackr-extract@3.0.0, @parcel/watcher@2.1.0, classic-level@1.2.0, usb@2.5.1, electron@22.0.3, jest@29.4.0, jest-cli@29.4.1

Powered by socket.dev

[goosewobbler]

@SocketSecurity ignore @lavamoat/allow-scripts@2.3.0 gridplus-sdk@2.4.3 core-js@3.27.2 msgpackr-extract@3.0.0 @parcel/watcher@2.1.0

[goosewobbler]

@SocketSecurity ignore classic-level@1.2.0 usb@2.5.1 electron@22.0.3 jest@29.4.0 jest-cli@29.4.1