Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sync with upstream release/v0.47.x #418

Merged
merged 12 commits into from
May 16, 2024
Merged

sync with upstream release/v0.47.x #418

merged 12 commits into from
May 16, 2024

Conversation

yihuang
Copy link
Collaborator

@yihuang yihuang commented May 13, 2024

Description

Closes: #XXXX

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title
  • confirmed ! in the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • reviewed "Files changed" and left comments if necessary
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • updated the relevant documentation or specification, including comments for documenting Go code
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic, API design and naming, documentation is accurate, tests and test coverage

@yihuang yihuang requested a review from mmsqe May 13, 2024 05:02
mmsqe
mmsqe reviewed May 13, 2024
View reviewed changes
go.mod Show resolved Hide resolved
mmsqe
mmsqe approved these changes May 13, 2024
View reviewed changes
Copy link
Collaborator

@mmsqe mmsqe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

diff

@yihuang yihuang enabled auto-merge (squash) May 13, 2024 07:42
github-advanced-security[bot]
github-advanced-security bot found potential problems May 13, 2024
View reviewed changes
x/group/keeper/keeper.go Fixed Show fixed Hide fixed
crypto/keyring/keyring.go Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems May 13, 2024
View reviewed changes
x/group/keeper/keeper.go
@@ -379,7 +379,7 @@
&group.EventProposalPruned{
ProposalId: proposal.Id,
Status: proposal.Status,
TallyResult: &proposal.FinalTallyResult,
TallyResult: &proposal.FinalTallyResult, //nolint: gosec

Check failure

Code scanning / Golang security checks by gosec

Implicit memory aliasing in for loop. Error

Implicit memory aliasing in for loop.
crypto/keyring/keyring.go
@@ -774,7 +782,7 @@
continue
}

if err := os.WriteFile(dir+"/keyhash", passwordHash, 0o555); err != nil {
if err := os.WriteFile(dir+"/keyhash", passwordHash, 0o555); err != nil { //nolint: gosec

Check failure

Code scanning / Golang security checks by gosec

Expect WriteFile permissions to be 0600 or less Error

Expect WriteFile permissions to be 0600 or less
mmsqe
mmsqe reviewed May 14, 2024
View reviewed changes
.golangci.yml Show resolved Hide resolved
yihuang and others added 3 commits May 14, 2024 15:04
@yihuang @mmsqe
Update .golangci.yml
6e0cd18 
Co-authored-by: mmsqe <mavis@crypto.com>
Signed-off-by: yihuang <huang@crypto.com>
@yihuang
fix unsafe
28c1695
@yihuang
fix linter
02dd650
github-advanced-security[bot]
github-advanced-security bot found potential problems May 16, 2024
View reviewed changes
internal/conv/string.go
bufHdr.Cap = sHdr.Len
bufHdr.Len = sHdr.Len
return buf
return unsafe.Slice(unsafe.StringData(s), len(s)) // ref https://github.com/golang/go/issues/53003#issuecomment-1140276077

Check warning

Code scanning / Golang security checks by gosec

Use of unsafe calls should be audited Warning

Use of unsafe calls should be audited
internal/conv/string.go
bufHdr.Cap = sHdr.Len
bufHdr.Len = sHdr.Len
return buf
return unsafe.Slice(unsafe.StringData(s), len(s)) // ref https://github.com/golang/go/issues/53003#issuecomment-1140276077

Check warning

Code scanning / Golang security checks by gosec

Use of unsafe calls should be audited Warning

Use of unsafe calls should be audited
@yihuang yihuang merged commit d00edcb into crypto-org-chain:release/v0.47.x May 16, 2024
18 of 25 checks passed
@yihuang yihuang deleted the release/v0.47.x branch May 16, 2024 03:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mmsqe mmsqe mmsqe approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yihuang @mmsqe