Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gateway sync / gateway development -> staging for release version 1.19.0 #189

Merged
merged 95 commits into from
Aug 24, 2023
Merged

gateway sync / gateway development -> staging for release version 1.19.0 #189

merged 95 commits into from
Aug 24, 2023

Conversation

rapcmia
Copy link
Contributor

@rapcmia rapcmia commented Aug 22, 2023

Before submitting this PR, please make sure:

  • Your code builds clean without any errors or warnings
  • You are using approved title ("feat/", "fix/", "docs/", "refactor/")

A description of the changes proposed in the pull request:
Staging to development

Tests performed by the developer:
na

Tips for QA testing:
na

dependabot bot and others added 30 commits July 20, 2023 05:37
@dependabot
Bump word-wrap from 1.2.3 to 1.2.4
8cbe5d5 
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@vic-en
fix issue with unrecognised tokens
e42e42f
@vic-en
refactor evm connectors to use checksumed address
bfe5d42
@vic-en
Merge branch 'development' of https://github.com/vic-en/gateway into …
6cfee79 
…fix/uniswap_token_address
@nikspz
fix/ Update package.json version
d253e02
@nikspz
Merge pull request #170 from hummingbot/fix/-Update-package.json
8ffb349 
fix/ Update package.json version
@nikspz
Merge pull request #166 from hummingbot/staging
6286857 
sync gateway / gateway staging -> main
@fengtality
Merge branch 'development' into fix/uniswap_token_address
0ea5f8c
@fengtality
Merge pull request #169 from vic-en/fix/uniswap_token_address
d272192 
Fix/uniswap token address
@fengtality
Merge branch 'main' into dependabot/npm_and_yarn/word-wrap-1.2.4
6df1fe6
@fengtality
Merge branch 'development' into dependabot/npm_and_yarn/word-wrap-1.2.4
f11afd0
@fengtality
Merge pull request #165 from hummingbot/dependabot/npm_and_yarn/word-…
195573b 
…wrap-1.2.4

Bump word-wrap from 1.2.3 to 1.2.4
@david-hummingbot
add docker workflow
a336752 
- added workflows to build both the latest and version tags for gateway
@david-hummingbot
add docker_build_tags
00c1e3f
Uniswap unhandled error and duplicate values for USDC.e on ui
045c8f5
@isreallee82
Uniswap unhandled error and duplicate values for USDC.e on ui
643eb53
update gateway collection api
a0a34f9
@isreallee82
Name chenges Bridsed to Bridged
33760b0
(feat) add UI for gateway version)
7b4b992
@rapcmia
Merge pull request #178 from hummingbot/update-postman
248cf3c 
fix / update test-helper/postman using chain
@nikspz
Merge branch 'development' into add_gateway_version
8338655
@isreallee82
Merge branch 'development' into development
087e36f
@rapcmia
Merge pull request #181 from hummingbot/add_gateway_version
b89018d 
feat / add gateway version
@nikspz
Merge branch 'development' into development
515b408
@isreallee82
Refactor arbitrum_one to arbitrum
54c7bc8
@isreallee82
Merge branch 'development' into feat/arbitrum_refactor
47b7990
@OjusWiZard
(feat) add tezos chain support
1cc4a6e 
Signed-off-by: OjusWiZard <ojuswimail@gmail.com>
@OjusWiZard
(feat) add sign from tezos wallet
3e9efa5 
Signed-off-by: OjusWiZard <ojuswimail@gmail.com>
@OjusWiZard
(fix) chainId type in Tezos TokenInfo
1da6dba 
Signed-off-by: OjusWiZard <ojuswimail@gmail.com>
@OjusWiZard
(fix): add missing gasLimitTransaction in Tezosish
1966d7e 
Signed-off-by: OjusWiZard <ojuswimail@gmail.com>
OjusWiZard and others added 24 commits August 7, 2023 02:56
@OjusWiZard
(fix) failing build from controller
464c203 
Signed-off-by: OjusWiZard <ojuswimail@gmail.com>
@OjusWiZard
(fix) failing testcase after rebase
765b702
@nikspz
Merge pull request #182 from isreallee82/feat/arbitrum_refactor
6adbffa 
Refactor arbitrum_one to arbitrum
@isreallee82
arbitrum_one_coingecko to arbitrum_coingecko
65bbe02
@isreallee82
Merge branch 'development' into development
8795cc3
@nikspz
Merge pull request #177 from isreallee82/development
3afcafc 
Fix/ unhandled error when using USDC.e
@nikspz
Merge branch 'development' into feat/plenty
3e1b3e6
@dependabot
Bump protobufjs from 6.11.3 to 6.11.4
b661636 
Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 6.11.3 to 6.11.4.
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/protobufjs/protobuf.js/commits)

---
updated-dependencies:
- dependency-name: protobufjs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@OjusWiZard
(fix) add tezos validation message for private key
6e05e42 
Signed-off-by: OjusWiZard <ojuswimail@gmail.com>
@fengtality
Merge branch 'development' into fix/gateway-workflow
6de1997
@fengtality
Merge pull request #176 from hummingbot/fix/gateway-workflow
5b489d3 
add docker workflow
@fengtality
Merge branch 'development' into feat/plenty
9504cba
@fengtality
Merge pull request #156 from OjusWiZard/feat/plenty
3ebf3c7 
Feat/ Tezos and Plenty
@fengtality
move bronze tests to own dir
7d019b1
@fengtality
change ethereum tests from /network to /chain
7e4fa28
@fengtality
fix swagger docs
0433c92
@fengtality
fix tests for AVAX and BSC
0322050
@fengtality
update routes for bronze connector tests
369b617
@fengtality
fixed eth controller tests
88c364a
@fengtality
(fixed clob tests
5e61d1f
@fengtality
fixed network test
6bcfb9b
@fengtality
move clob tests to test-bronze
5424ce5
@fengtality
update github workflow
f2e86ae
@rapcmia
Merge pull request #188 from hummingbot/fix/gateway-tests
285a9d5 
Fix/gateway tests
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 22, 2023
View reviewed changes
src/chains/tezos/tezos.base.ts
rawData.push(fileData);
}
} else {
rawData.push(await fse.readFile(`${path}/${address}.json`, 'utf8'));

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression

This path depends on a [user-provided value](1). This path depends on a [user-provided value](2). This path depends on a [user-provided value](3).
src/chains/tezos/tezos.base.ts
const iv = crypto.randomBytes(16);
const key = crypto
.createHash('sha256')
.update(String(password))

Check failure

Code scanning / CodeQL

Use of password hash with insufficient computational effort

Password from [an access to password](1) is hashed insecurely. Password from [a call to readPassphrase](2) is hashed insecurely. Password from [an access to passphrase](3) is hashed insecurely.
src/chains/tezos/tezos.base.ts
): string {
const key = crypto
.createHash('sha256')
.update(String(password))

Check failure

Code scanning / CodeQL

Use of password hash with insufficient computational effort

Password from [a call to readPassphrase](1) is hashed insecurely. Password from [an access to passphrase](2) is hashed insecurely. Password from [an access to password](3) is hashed insecurely. Password from [an access to password](4) is hashed insecurely.
src/chains/tezos/tzkt.api.client.ts
}

async getTransaction(txHash: string): Promise<TransactionResponse[]> {
const res = await axios.get(`${this._tzktURL}/v1/operations/transactions/${txHash}`);

Check failure

Code scanning / CodeQL

Server-side request forgery

The [URL](1) of this request depends on a [user-provided value](2).
src/chains/tezos/tezos.controllers.ts
): Record<string, TokenInfo> => {
const tokens: Record<string, TokenInfo> = {};

for (let i = 0; i < tokenSymbols.length; i++) {

Check failure

Code scanning / CodeQL

Loop bound injection

Iteration over a user-controlled object with a potentially unbounded .length property from a [user-provided value](1). Iteration over a user-controlled object with a potentially unbounded .length property from a [user-provided value](2).
@nikspz nikspz changed the title sync / development -> staging for release version 1.19.0 gateway sync / gateway development -> staging for release version 1.19.0 Aug 22, 2023
@rapcmia rapcmia merged commit 3d78167 into staging Aug 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fengtality fengtality fengtality approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@rapcmia @fengtality @vic-en @nikspz @david-hummingbot @isreallee82 @OjusWiZard