Release v5.0.0 (rc) (#4614)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.changeset/afraid-walls-smell.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC1155Receiver`: Removed in favor of `ERC1155Holder`.

.changeset/angry-ties-switch.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`TimelockController`: Changed the role architecture to use `DEFAULT_ADMIN_ROLE` as the admin for all roles, instead of the bespoke `TIMELOCK_ADMIN_ROLE` that was used previously. This aligns with the general recommendation for `AccessControl` and makes the addition of new roles easier. Accordingly, the `admin` parameter and timelock will now be granted `DEFAULT_ADMIN_ROLE` instead of `TIMELOCK_ADMIN_ROLE`. ([#3799](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3799))

.changeset/big-plums-cover.md

@@ -0,0 +1,4 @@
+---
+'openzeppelin-solidity': major
+---
+Use `abi.encodeCall` in place of `abi.encodeWithSelector` and `abi.encodeWithSignature` for improved type-checking of parameters

.changeset/blue-horses-do.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC2771Forwarder`: Added `deadline` for expiring transactions, batching, and more secure handling of `msg.value`.

.changeset/blue-scissors-design.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`Math`: Make `ceilDiv` to revert on 0 division even if the numerator is 0

.changeset/brave-lobsters-punch.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Governor`: Refactored internals to implement common queuing logic in the core module of the Governor. Added `queue` and `_queueOperations` functions that act at different levels. Modules that implement queuing via timelocks are expected to override `_queueOperations` to implement the timelock-specific logic. Added `_executeOperations` as the equivalent for execution.

.changeset/bright-tomatoes-sing.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC20`, `ERC721`, `ERC1155`: Deleted `_beforeTokenTransfer` and `_afterTokenTransfer` hooks, added a new internal `_update` function for customizations, and refactored all extensions using those hooks to use `_update` instead. ([#3838](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3838), [#3876](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3876), [#4377](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/4377))

.changeset/chilled-spiders-attack.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC1155Supply`: add a `totalSupply()` function that returns the total amount of token circulating, this change will restrict the total tokens minted across all ids to 2\*\*256-1 .

.changeset/clever-bats-kick.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`Ownable`: Prevent using address(0) as the initial owner.

.changeset/clever-pumas-beg.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Ownable`: Add an `initialOwner` parameter to the constructor, making the ownership initialization explicit.

.changeset/eight-peaches-guess.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`Proxy`: Removed redundant `receive` function.

.changeset/eighty-crabs-listen.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+Optimize `Strings.equal`

.changeset/eighty-hounds-promise.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`Strings`: Add `parseUint`, `parseInt`, `parseHexUint` and `parseAddress` to parse strings into numbers and addresses. Also provide variants of these functions that parse substrings, and `tryXxx` variants that do not revert on invalid input.

.changeset/eighty-lemons-shake.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC721`: `_approve` no longer allows approving the owner of the tokenId. `_setApprovalForAll` no longer allows setting address(0) as an operator.

.changeset/empty-cheetahs-hunt.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC721URIStorage`: Allow setting the token URI prior to minting.

.changeset/empty-taxis-kiss.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`UUPSUpgradeable`, `TransparentUpgradeableProxy` and `ProxyAdmin`: Removed `upgradeTo` and `upgrade` functions, and made `upgradeToAndCall` and `upgradeAndCall` ignore the data argument if it is empty. It is no longer possible to invoke the receive function (or send value with empty data) along with an upgrade.

.changeset/fair-humans-peel.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC721URIStorage`, `ERC721Royalty`: Stop resetting token-specific URI and royalties when burning.

.changeset/fifty-owls-retire.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Address`: Removed the ability to customize error messages. A common custom error is always used if the underlying revert reason cannot be bubbled up.

.changeset/flat-bottles-wonder.md

@@ -0,0 +1,7 @@
+---
+'openzeppelin-solidity': minor
+---
+
+Replace some uses of `abi.encodePacked` with clearer alternatives (e.g. `bytes.concat`, `string.concat`). (#4504)[https://github.com/OpenZeppelin/openzeppelin-contracts/pull/4504]
+
+pr: #4296

.changeset/fluffy-countries-buy.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`Arrays`: Optimize `findUpperBound` by removing redundant SLOAD.

.changeset/four-adults-knock.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`ECDSA`: Use unchecked arithmetic for the `tryRecover` function that receives the `r` and `vs` short-signature fields separately.

.changeset/four-chairs-help.md

@@ -1,5 +0,0 @@
----
-"openzeppelin-solidity": minor
----
-
-`Clones`: Add `cloneWithImmutableArgs` and `cloneDeterministicWithImmutableArgs` variants that create clones with per-instance immutable arguments. The immutable arguments can be retrieved using `fetchCloneArgs`. The corresponding `predictDeterministicWithImmutableArgs` function is also included.

.changeset/fresh-birds-kiss.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Checkpoints`: library moved from `utils` to `utils/structs`

.changeset/great-lions-hear.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': patch
----
-
-`VotesExtended`: Create an extension of `Votes` which checkpoints balances and delegates.

.changeset/green-pumpkins-end.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`SafeERC20`: Removed `safePermit` in favor of documentation-only `permit` recommendations.

.changeset/grumpy-bulldogs-call.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Governor`: Optimized use of storage for proposal data

.changeset/grumpy-worms-tease.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC1967Utils`: Refactor the `ERC1967Upgrade` abstract contract as a library.

.changeset/happy-falcons-walk.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`TransparentUpgradeableProxy`: Admin is now stored in an immutable variable (set during construction) to avoid unnecessary storage reads on every proxy call. This removed the ability to ever change the admin. Transfer of the upgrade capability is exclusively handled through the ownership of the `ProxyAdmin`.

.changeset/healthy-books-shout.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`CAIP2` and `CAIP10`: Add libraries for formatting and parsing CAIP-2 and CAIP-10 identifiers.

.changeset/healthy-gorillas-applaud.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`VestingWallet`: Use `Ownable` instead of an immutable `beneficiary`.

.changeset/heavy-drinks-fail.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC20`: Remove `Approval` event previously emitted in `transferFrom` to indicate that part of the allowance was consumed. With this change, allowances are no longer reconstructible from events. See the code for guidelines on how to re-enable this event if needed.

.changeset/hip-beds-provide.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+Move the logic to validate ERC-1822 during an upgrade from `ERC1967Utils` to `UUPSUpgradeable`.

.changeset/hip-goats-fail.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`VestingWallet`: Fix revert during 1 second time window when duration is 0.

.changeset/hot-coins-judge.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`Arrays`: Add `unsafeMemoryAccess` helpers to read from a memory array without checking the length.

.changeset/hot-dingos-kiss.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`MessageHashUtils`: Add a new library for creating message digest to be used along with signing or recovery such as  ECDSA or ERC-1271. These functions are moved from the `ECDSA` library.

.changeset/hot-plums-approve.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`GovernorTimelockControl`: Clean up timelock id on execution for gas refund.

.changeset/hot-shrimps-wait.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`Packing`: Add variants for packing `bytes10` and `bytes22`

.changeset/large-humans-remain.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`MerkleProof`: Use custom error to report invalid multiproof instead of reverting with overflow panic.

.changeset/lazy-rice-joke.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`Initializable`: Use intermediate variables to improve readability.

.changeset/little-falcons-build.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`EIP712`: Add internal getters for the name and version strings

.changeset/loud-shrimps-play.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`TimelockController`: Add a state getter that returns an `OperationState` enum.

.changeset/lovely-dodos-lay.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`NoncesKeyed`: Add a variant of `Nonces` that implements the ERC-4337 entrypoint nonce system.

.changeset/lovely-geckos-hide.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+Replace revert strings and require statements with custom errors.

.changeset/mean-walls-watch.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Nonces`: Added a new contract to keep track of user nonces. Used for signatures in `ERC20Permit`, `ERC20Votes`, and `ERC721Votes`. ([#3816](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3816))

.changeset/mighty-donuts-smile.md

@@ -0,0 +1,6 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`Governor`: Add validation in ERC1155 and ERC721 receiver hooks to ensure Governor is the executor.
+

.changeset/orange-apes-draw.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+Switched to using explicit Solidity import statements. Some previously available symbols may now have to be separately imported.

.changeset/pink-suns-mix.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`Math`: Optimized stack operations in `mulDiv`.

.changeset/pink-wasps-hammer.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': patch
----
-
-`GovernorCountingOverridable`: Add a governor counting module that enables token holders to override the vote of their delegate.

.changeset/popular-deers-raise.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Governor`: Add support for casting votes with ERC-1271 signatures by using a `bytes memory signature` instead of `r`, `s` and `v` arguments in the `castVoteBySig` and `castVoteWithReasonAndParamsBySig` functions.

.changeset/pre.json

@@ -0,0 +1,85 @@
+{
+  "mode": "pre",
+  "tag": "rc",
+  "initialVersions": {
+    "openzeppelin-solidity": "4.9.2"
+  },
+  "changesets": [
+    "afraid-walls-smell",
+    "angry-ties-switch",
+    "big-plums-cover",
+    "blue-horses-do",
+    "blue-scissors-design",
+    "brave-lobsters-punch",
+    "bright-tomatoes-sing",
+    "chilled-spiders-attack",
+    "clever-bats-kick",
+    "clever-pumas-beg",
+    "eight-peaches-guess",
+    "eighty-crabs-listen",
+    "eighty-lemons-shake",
+    "empty-cheetahs-hunt",
+    "empty-taxis-kiss",
+    "fair-humans-peel",
+    "fifty-owls-retire",
+    "flat-bottles-wonder",
+    "fluffy-countries-buy",
+    "four-adults-knock",
+    "fresh-birds-kiss",
+    "green-pumpkins-end",
+    "grumpy-bulldogs-call",
+    "grumpy-worms-tease",
+    "happy-falcons-walk",
+    "healthy-gorillas-applaud",
+    "heavy-drinks-fail",
+    "hip-beds-provide",
+    "hip-goats-fail",
+    "hot-coins-judge",
+    "hot-dingos-kiss",
+    "hot-plums-approve",
+    "large-humans-remain",
+    "lazy-rice-joke",
+    "little-falcons-build",
+    "loud-shrimps-play",
+    "lovely-geckos-hide",
+    "mean-walls-watch",
+    "mighty-donuts-smile",
+    "orange-apes-draw",
+    "pink-suns-mix",
+    "popular-deers-raise",
+    "proud-seals-complain",
+    "proud-spiders-attend",
+    "purple-cats-cheer",
+    "quiet-trainers-kick",
+    "red-dots-fold",
+    "rotten-insects-wash",
+    "serious-books-lie",
+    "short-eels-enjoy",
+    "silly-bees-beam",
+    "six-frogs-turn",
+    "sixty-numbers-reply",
+    "slimy-penguins-attack",
+    "smooth-books-wink",
+    "smooth-cougars-jump",
+    "spicy-sheep-eat",
+    "spotty-hotels-type",
+    "strong-poems-thank",
+    "swift-bags-divide",
+    "swift-numbers-cry",
+    "tasty-tomatoes-turn",
+    "tender-shirts-turn",
+    "thick-pumpkins-exercise",
+    "thin-camels-matter",
+    "tough-drinks-hammer",
+    "two-wasps-punch",
+    "unlucky-beans-obey",
+    "violet-dancers-cough",
+    "violet-melons-press",
+    "warm-guests-rule",
+    "wet-bears-heal",
+    "wild-beds-visit",
+    "wild-peas-remain",
+    "wild-rockets-rush",
+    "wild-windows-trade"
+  ]
+}

.changeset/proud-planes-arrive.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`Bytes`: Add a library of common operations that operate on `bytes` objects.

.changeset/proud-seals-complain.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`BeaconProxy`: Use an immutable variable to store the address of the beacon. It is no longer possible for a `BeaconProxy` to upgrade by changing to another beacon.

.changeset/proud-spiders-attend.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC721`: Renamed `_requireMinted` to `_requireOwned` and added a return value with the current owner. Implemented `ownerOf` in terms of `_requireOwned`.

.changeset/purple-cats-cheer.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`GovernorTimelockControl`: Add the Governor instance address as part of the TimelockController operation `salt` to avoid operation id collisions between governors using the same TimelockController.

.changeset/quiet-trainers-kick.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`AccessManager`: Added a new contract for managing access control of complex systems in a consolidated location.

.changeset/red-dots-fold.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+Overrides are now used internally for a number of functions that were previously hardcoded to their default implementation in certain locations: `ERC1155Supply.totalSupply`, `ERC721.ownerOf`, `ERC721.balanceOf` and `ERC721.totalSupply` in `ERC721Enumerable`, `ERC20.totalSupply` in `ERC20FlashMint`, and `ERC1967._getImplementation` in `ERC1967Proxy`.

.changeset/rotten-insects-wash.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ProxyAdmin`: Removed `getProxyAdmin` and `getProxyImplementation` getters. ([#3820](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3820))

.changeset/serious-books-lie.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`ERC1155`: Optimize array allocation.

.changeset/seven-donkeys-tap.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': patch
----
-
-Update some pragma directives to ensure that all file requirements match that of the files they import.

.changeset/short-eels-enjoy.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+Bump minimum compiler version required to 0.8.20

.changeset/silly-bees-beam.md

@@ -0,0 +1,7 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC20Votes`: Changed internal vote accounting to reusable `Votes` module previously used by `ERC721Votes`. Removed implicit `ERC20Permit` inheritance. Note that the `DOMAIN_SEPARATOR` getter was previously guaranteed to be available for `ERC20Votes` contracts, but is no longer available unless `ERC20Permit` is explicitly used; ERC-5267 support is included in `ERC20Votes` with `EIP712` and is recommended as an alternative.
+
+pr: #3816

.changeset/six-frogs-turn.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC20`: Remove the non-standard `increaseAllowance` and `decreaseAllowance` functions.

.changeset/sixty-numbers-reply.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Governor`: Add `voter` and `nonce` parameters in signed ballots, to avoid forging signatures for random addresses, prevent signature replay, and allow invalidating signatures. Add `voter` as a new parameter in the `castVoteBySig` and `castVoteWithReasonAndParamsBySig` functions.

.changeset/slimy-penguins-attack.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`TransparentUpgradeableProxy`: Removed `admin` and `implementation` getters, which were only callable by the proxy owner and thus not very useful. ([#3820](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3820))

.changeset/small-seahorses-bathe.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`ERC7579Utils`: Add a reusable library to interact with ERC-7579 modular accounts

.changeset/smooth-books-wink.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ERC1155`: Remove check for address zero in `balanceOf`.

.changeset/smooth-cougars-jump.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ReentrancyGuard`, `Pausable`: Moved to `utils` directory.

.changeset/spicy-sheep-eat.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`access`: Move `AccessControl` extensions to a dedicated directory.

.changeset/spotty-hotels-type.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`ERC721Consecutive`: Add a `_firstConsecutiveId` internal function that can be overridden to change the id of the first token minted through `_mintConsecutive`.

.changeset/strong-poems-thank.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`DoubleEndedQueue`: refactor internal structure to use `uint128` instead of `int128`. This has no effect on the library interface.

.changeset/swift-bags-divide.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`Governor`: Add a mechanism to restrict the address of the proposer using a suffix in the description.

.changeset/swift-numbers-cry.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`Governor`, `Initializable`, and `UUPSUpgradeable`: Use internal functions in modifiers to optimize bytecode size.

.changeset/tasty-tomatoes-turn.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Strings`: Rename `toString(int256)` to `toStringSigned(int256)`.

.changeset/tender-shirts-turn.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`BeaconProxy`: Reject value in initialization unless a payable function is explicitly invoked.

.changeset/thick-pumpkins-exercise.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Initializable`: Use the namespaced storage pattern to avoid putting critical variables in slot 0. Allow reinitializer versions greater than 256.

.changeset/thin-camels-matter.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`ERC1155`: Bubble errors triggered in the `onERC1155Received` and `onERC1155BatchReceived` hooks.

.changeset/tough-drinks-hammer.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`ERC1155`: Optimize array accesses by skipping bounds checking when unnecessary.

.changeset/tricky-bats-pretend.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`ERC1363Utils`: Add helper similar to the existing `ERC721Utils` and `ERC1155Utils`

.changeset/two-wasps-punch.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+`AccessControl`: Add a boolean return value to the internal `_grantRole` and `_revokeRole` functions indicating whether the role was granted or revoked.

.changeset/unlucky-beans-obey.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`ERC2771Context`: Return the forwarder address whenever the `msg.data` of a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. `msg.data.length` is less than 20 bytes), as specified by ERC-2771.

.changeset/violet-dancers-cough.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': minor
+---
+
+Remove the `override` specifier from functions that only override a single interface function.

.changeset/violet-melons-press.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`GovernorTimelockAccess`: Added a module to connect a governor with an instance of `AccessManager`, allowing the governor to make calls that are delay-restricted by the manager using the normal `queue` workflow.

.changeset/warm-guests-rule.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`ERC2771Context`: Prevent revert in `_msgData()` when a call originating from a trusted forwarder is not long enough to contain the request signer address (i.e. `msg.data.length` is less than 20 bytes). Return the full calldata in that case.

.changeset/weak-roses-bathe.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': minor
----
-
-`ERC4337Utils`: Add a reusable library to manipulate user operations and interact with ERC-4337 contracts

.changeset/wet-bears-heal.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+Upgradeable contracts now use namespaced storage (EIP-7201).

.changeset/wild-beds-visit.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`GovernorStorage`: Added a new governor extension that stores the proposal details in storage, with an interface that operates on `proposalId`, as well as proposal enumerability. This replaces the old `GovernorCompatibilityBravo` module.

.changeset/wild-peas-remain.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Votes`: Use Trace208 for checkpoints. This enables EIP-6372 clock support for keys but reduces the max supported voting power to uint208.

.changeset/wild-rockets-rush.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`Math`: Renamed members of `Rounding` enum, and added a new rounding mode for "away from zero".

.changeset/wild-windows-trade.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`SafeERC20`: Refactor `safeDecreaseAllowance` and `safeIncreaseAllowance` to support USDT-like tokens.

.codecov.yml

@@ -10,7 +10,3 @@ coverage:
     project:
       default:
         threshold: 1%
-ignore:
-  - "test"
-  - "contracts/mocks"
-  - "contracts/vendor"

.eslintrc

@@ -0,0 +1,20 @@
+{
+  "root": true,
+  "extends" : [
+    "eslint:recommended",
+    "prettier",
+  ],
+  "env": {
+    "es2022": true,
+    "browser": true,
+    "node": true,
+    "mocha": true,
+  },
+  "globals" : {
+    "artifacts": "readonly",
+    "contract": "readonly",
+    "web3": "readonly",
+    "extendEnvironment": "readonly",
+    "expect": "readonly",
+  }
+}

.githooks/pre-push

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-set -euo pipefail
-
-if [ "${CI:-"false"}" != "true" ]; then
-  npm run test:generation
-  npm run lint
-fi

.github/ISSUE_TEMPLATE/bug_report.md

@@ -10,7 +10,7 @@ about: Report a bug in OpenZeppelin Contracts
 
 **💻 Environment**
 
-<!-- Tell us what version of OpenZeppelin Contracts you're using, and how you're using it: Hardhat, Remix, etc. -->
+<!-- Tell us what version of OpenZeppelin Contracts you're using, and how you're using it: Truffle, Remix, etc. -->
 
 **📝 Details**
 

.github/actions/gas-compare/action.yml

@@ -1,5 +1,4 @@
 name: Compare gas costs
-description: Compare gas costs between branches
 inputs:
   token:
     description: github token

.github/actions/setup/action.yml

@@ -1,13 +1,12 @@
 name: Setup
-description: Common environment setup
 
 runs:
   using: composite
   steps:
-    - uses: actions/setup-node@v4
+    - uses: actions/setup-node@v3
       with:
-        node-version: 20.x
-    - uses: actions/cache@v4
+        node-version: 16.x
+    - uses: actions/cache@v3
       id: cache
       with:
         path: '**/node_modules'
@@ -16,7 +15,5 @@ runs:
       run: npm ci
       shell: bash
       if: steps.cache.outputs.cache-hit != 'true'
-    - name: Install Foundry
-      uses: foundry-rs/foundry-toolchain@v1
-      with:
-        version: nightly
+      env:
+        SKIP_COMPILE: true

.github/actions/storage-layout/action.yml

@@ -1,5 +1,4 @@
 name: Compare storage layouts
-description: Compare storage layouts between branches
 inputs:
   token:
     description: github token

.github/workflows/checks.yml

@@ -14,7 +14,7 @@ concurrency:
   cancel-in-progress: true
 
 env:
-  NODE_OPTIONS: --max_old_space_size=8192
+  NODE_OPTIONS: --max_old_space_size=5120
 
 jobs:
   lint:
@@ -29,9 +29,6 @@ jobs:
     runs-on: ubuntu-latest
     env:
       FORCE_COLOR: 1
-      # Needed for "eth-gas-reporter" to produce a "gasReporterOutput.json" as documented in
-      # https://github.com/cgewecke/eth-gas-reporter/blob/v0.2.27/docs/gasReporterOutput.md
-      CI: true
       GAS: true
     steps:
       - uses: actions/checkout@v4
@@ -41,12 +38,11 @@ jobs:
         run: npm run test
       - name: Check linearisation of the inheritance graph
         run: npm run test:inheritance
-      - name: Check pragma consistency between files
-        run: npm run test:pragma
       - name: Check proceduraly generated contracts are up-to-date
         run: npm run test:generation
       - name: Compare gas costs
         uses: ./.github/actions/gas-compare
+        if: github.base_ref == 'master'
         with:
           token: ${{ github.token }}
 
@@ -60,20 +56,15 @@ jobs:
           fetch-depth: 0 # Include history so patch conflicts are resolved automatically
       - name: Set up environment
         uses: ./.github/actions/setup
-      - name: Copy non-upgradeable contracts as dependency
-        run: |
-          mkdir -p lib/openzeppelin-contracts
-          cp -rnT contracts lib/openzeppelin-contracts/contracts
       - name: Transpile to upgradeable
         run: bash scripts/upgradeable/transpile.sh
       - name: Run tests
         run: npm run test
       - name: Check linearisation of the inheritance graph
         run: npm run test:inheritance
-      - name: Check pragma consistency between files
-        run: npm run test:pragma
       - name: Check storage layout
         uses: ./.github/actions/storage-layout
+        if: github.base_ref == 'master'
         continue-on-error: ${{ contains(github.event.pull_request.labels.*.name, 'breaking change') }}
         with:
           token: ${{ github.token }}
@@ -84,8 +75,10 @@ jobs:
       - uses: actions/checkout@v4
         with:
           submodules: recursive
-      - name: Set up environment
-        uses: ./.github/actions/setup
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: nightly
       - name: Run tests
         run: forge test -vv
 
@@ -95,22 +88,10 @@ jobs:
       - uses: actions/checkout@v4
       - name: Set up environment
         uses: ./.github/actions/setup
-      - name: Run coverage
-        run: npm run coverage
-      - uses: codecov/codecov-action@v4
-        env:
-          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
-
-  harnesses:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up environment
-        uses: ./.github/actions/setup
-      - name: Compile harnesses
-        run: |
-          make -C certora apply
-          npm run compile:harnesses
+      - run: npm run coverage
+      - uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
 
   slither:
     runs-on: ubuntu-latest
@@ -119,18 +100,17 @@ jobs:
       - name: Set up environment
         uses: ./.github/actions/setup
       - run: rm foundry.toml
-      - uses: crytic/slither-action@v0.4.0
+      - uses: crytic/slither-action@v0.3.0
         with:
           node-version: 18.15
-          slither-version: 0.10.1
 
   codespell:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - name: Run CodeSpell
-        uses: codespell-project/actions-codespell@v2.1
+        uses: codespell-project/actions-codespell@v2.0
         with:
           check_hidden: true
           check_filenames: true
-          skip: package-lock.json,*.pdf,vendor
+          skip: package-lock.json,*.pdf

.github/workflows/formal-verification.yml

@@ -10,7 +10,7 @@ on:
   workflow_dispatch: {}
 
 env:
-  PIP_VERSION: '3.11'
+  PIP_VERSION: '3.10'
   JAVA_VERSION: '11'
   SOLC_VERSION: '0.8.20'
 
@@ -44,13 +44,12 @@ jobs:
           fi
           echo "result=$RESULT" >> "$GITHUB_OUTPUT"
       - name: Install python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v4
         with:
           python-version: ${{ env.PIP_VERSION }}
           cache: 'pip'
-          cache-dependency-path: 'fv-requirements.txt'
       - name: Install python packages
-        run: pip install -r fv-requirements.txt
+        run: pip install -r requirements.txt
       - name: Install java
         uses: actions/setup-java@v3
         with:
@@ -67,20 +66,3 @@ jobs:
           node certora/run.js ${{ steps.arguments.outputs.result }} >> "$GITHUB_STEP_SUMMARY"
         env:
           CERTORAKEY: ${{ secrets.CERTORAKEY }}
-
-  halmos:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up environment
-        uses: ./.github/actions/setup
-      - name: Install python
-        uses: actions/setup-python@v5
-        with:
-          python-version: ${{ env.PIP_VERSION }}
-          cache: 'pip'
-          cache-dependency-path: 'fv-requirements.txt'
-      - name: Install python packages
-        run: pip install -r fv-requirements.txt
-      - name: Run Halmos
-        run: halmos --match-test '^symbolic|^testSymbolic' -vv

.github/workflows/release-cycle.yml

@@ -32,7 +32,7 @@ jobs:
         uses: ./.github/actions/setup
       - id: state
         name: Get state
-        uses: actions/github-script@v7
+        uses: actions/github-script@v6
         env:
           TRIGGERING_ACTOR: ${{ github.triggering_actor }}
         with:
@@ -66,7 +66,7 @@ jobs:
         name: Create branch with release candidate
         run: bash scripts/release/workflow/start.sh
       - name: Re-run workflow
-        uses: actions/github-script@v7
+        uses: actions/github-script@v6
         env:
           REF: ${{ steps.start.outputs.branch }}
         with:
@@ -89,7 +89,7 @@ jobs:
         if: needs.state.outputs.is_prerelease == 'true'
         run: bash scripts/release/workflow/exit-prerelease.sh
       - name: Re-run workflow
-        uses: actions/github-script@v7
+        uses: actions/github-script@v6
         with:
           script: await require('./scripts/release/workflow/rerun.js')({ github, context })
 
@@ -108,7 +108,7 @@ jobs:
       - name: Set up environment
         uses: ./.github/actions/setup
       - name: Set release title
-        uses: actions/github-script@v7
+        uses: actions/github-script@v6
         with:
           result-encoding: string
           script: await require('./scripts/release/workflow/set-changesets-pr-title.js')({ core })
@@ -143,18 +143,22 @@ jobs:
         env:
           PRERELEASE: ${{ needs.state.outputs.is_prerelease }}
       - name: Upload tarball artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v3
         with:
           name: ${{ github.ref_name }}
           path: ${{ steps.pack.outputs.tarball }}
+      - name: Tag
+        run: npx changeset tag
       - name: Publish
         run: bash scripts/release/workflow/publish.sh
         env:
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
           TARBALL: ${{ steps.pack.outputs.tarball }}
           TAG: ${{ steps.pack.outputs.tag }}
+      - name: Push tags
+        run: git push --tags
       - name: Create Github Release
-        uses: actions/github-script@v7
+        uses: actions/github-script@v6
         env:
           PRERELEASE: ${{ needs.state.outputs.is_prerelease }}
         with:
@@ -170,7 +174,9 @@ jobs:
       - uses: actions/checkout@v4
       - name: Download tarball artifact
         id: artifact
-        uses: actions/download-artifact@v4
+        # Replace with actions/upload-artifact@v3 when
+        # https://github.com/actions/download-artifact/pull/194 gets released
+        uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b
         with:
           name: ${{ github.ref_name }}
       - name: Check integrity
@@ -200,7 +206,7 @@ jobs:
           git checkout -B "$MERGE_BRANCH" "$GITHUB_REF_NAME"
           git push -f origin "$MERGE_BRANCH"
       - name: Create PR back to master
-        uses: actions/github-script@v7
+        uses: actions/github-script@v6
         with:
           script: |
             await github.rest.pulls.create({

.github/workflows/upgradeable.yml

@@ -18,17 +18,13 @@ jobs:
           token: ${{ secrets.GH_TOKEN_UPGRADEABLE }}
       - name: Fetch current non-upgradeable branch
         run: |
-          git fetch "$REMOTE" master # Fetch default branch first for patch to apply cleanly
-          git fetch "$REMOTE" "$REF"
+          git fetch "https://github.com/${{ github.repository }}.git" "$REF"
           git checkout FETCH_HEAD
         env:
           REF: ${{ github.ref }}
-          REMOTE: https://github.com/${{ github.repository }}.git
       - name: Set up environment
         uses: ./.github/actions/setup
       - run: bash scripts/git-user-config.sh
       - name: Transpile to upgradeable
         run: bash scripts/upgradeable/transpile-onto.sh ${{ github.ref_name }} origin/${{ github.ref_name }}
-        env:
-          SUBMODULE_REMOTE: https://github.com/${{ github.repository }}.git
       - run: git push origin ${{ github.ref_name }}