Update dependency @celo/identity to v4.1.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@celo/identity (source)	4.1.0 -> 4.1.1

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for mint-toast ready!

Name	Link
🔨 Latest commit	6841cd0
🔍 Latest deploy log	https://app.netlify.com/sites/mint-toast/deploys/67a939a8e4b6680008d0cf68
😎 Deploy Preview	https://deploy-preview-36--mint-toast.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 88 (no change from production) Accessibility: 90 (no change from production) Best Practices: 92 (no change from production) SEO: 84 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@celo/[email protected]	None	0	3.93 MB	app-tooling
npm/@celo/[email protected] 🔁 npm/@celo/[email protected]	Transitive: filesystem, network	+9	3.26 MB	alecps
npm/@celo/[email protected] 🔁 npm/@celo/[email protected]	network Transitive: filesystem	+7	1.21 MB	app-tooling
npm/@chainsafe/[email protected]	None	0	165 kB	dapplion
npm/@chainsafe/[email protected]	None	0	112 kB	dapplion
npm/@chainsafe/[email protected]	None	0	468 kB	dapplion
npm/@ethereumjs/[email protected]	None	0	224 kB	holgerd77
npm/@types/[email protected]	None	0	10.9 kB	types
npm/[email protected]	None	0	372 kB	lpinca
npm/[email protected] 🔁 npm/[email protected]	None	0	201 kB	trentm
npm/[email protected]	None	0	39.1 kB	nbubna
npm/[email protected]	None	0	3.02 kB	tarruda
npm/[email protected] 🔁 npm/[email protected]	None	0	4.35 MB	ichernev

🚮 Removed packages: npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Native code	npm/[email protected]	Location: Package overview	packages/firebase-functions/functions/yarn.lock	🚫
AI-detected potential code anomaly	npm/[email protected]	Notes: The code contains anomalies that raise security concerns, such as dynamic require statements, error handling that could be exploited, and potential information disclosure through console messages. Further review and hardening of the code are recommended to mitigate these risks. Confidence: 1.00 Severity: 0.60	packages/firebase-functions/functions/yarn.lock	🚫

View full report↗︎

Next steps

Why is native code a concern?

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Verify that the inclusion of native code is expected and necessary for this package's functionality. If it is unnecessary or unexpected, consider using alternative packages without native code to mitigate potential risks.

What is an AI-detected potential code anomaly?

AI has identified unusual behaviors that may pose a security risk.

An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]