Upgrade swarm-js to ^0.1.40

[cgewecke]

Description

Silences npm audit warning reported in #3399. One of swarm-js's dependencies was flagged as high vuln. Resolved by swarm-js 36

NB: floating this dep now because that's been recommended in #3186 and @evertonfraga is a maintainer.

Fixes #3399

Type of change

• Dependency update

Checklist:

• I have selected the correct base branch.
• I have performed a self-review of my own code.
• I have commented my code, particularly in hard-to-understand areas.
• I have made corresponding changes to the documentation.
• My changes generate no new warnings.
• Any dependent changes have been merged and published in downstream modules.
• I ran npm run dtslint with success and extended the tests and types if necessary.
• I ran npm run test:unit with success.
• I have executed npm run test:cov and my test cases do cover all lines and branches of the added code.
• I ran npm run build-all and tested the resulting file/'s from dist folder in a browser.
• I have updated the CHANGELOG.md file in the root folder.
• I have tested my code on the live network.

[coveralls]

Coverage remained the same at 86.047% when pulling 8dcb24d on issue/3399 into a25ba79 on 1.x.

[rraina]

Hey Team -- do we know that is blocking this PR from getting merged?

[cgewecke]

@rraina There's no blocker - this will go in the next release.

Fwiw the security vuln at issue here does not actually impact this project - decompress is never loaded in Web3's code. The change is cosmetic.

[rraina]

@cgewecke -- Thanks for the prompt response!

Completely understand that this is just a cosmetic change; it's just a little annoying since it causes errors on our CI process :)

[cgewecke]

@rraina Yes, understood - it's annoying. Just mentioning it in case there's real concern about whether the dep is safe.

[rraina]

Yup - thank you for clarifying, and your efforts on this project!

Hope you are keeping safe!

[evertonfraga]

Thanks for merging it!