Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ASI-614] Consume @audius/libs pkg v1.2.26 in dapp #1966

Merged
merged 7 commits into from
Nov 17, 2021
Merged

[ASI-614] Consume @audius/libs pkg v1.2.26 in dapp #1966

merged 7 commits into from
Nov 17, 2021

Conversation

csjiang
Copy link
Contributor

@csjiang csjiang commented Oct 15, 2021

No description provided.

@csjiang
Copy link
Contributor Author

csjiang commented Oct 21, 2021

closing because covered by #1986

@csjiang csjiang closed this Oct 21, 2021
@rickyrombo
Copy link
Contributor

@csjiang I don't think #1986 covers this - #1986 is bumping libs itself, not the version running on discprov/creator node.

@rickyrombo rickyrombo reopened this Oct 22, 2021
SidSethi
SidSethi reviewed Oct 26, 2021
View reviewed changes
Copy link
Contributor

@SidSethi SidSethi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

changes look good to me if you can update PR description to reflect

didn't approve only bc idk latest team thinking around bumping libs in services, historically we have only bumped libs version in services when there are specific changes we want consumed

might be fine now to just auto bump whenever

@gitguardian
Copy link

gitguardian bot commented Nov 15, 2021
edited

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Details of the secret
Secret Commit Filename Detected At
PostgreSQL Credentials c49f967 identity-service/docker-compose/development.env 21:48 October 26th, 2021 View secret
🛠 How to resolve this

  1. Understand the implications of revoking this secret by examining where it is used in your code.

  2. Replace and store your secret safely. Learn here the best practices

  3. Revoke and rotate this secret

  4. If possible, rewrite your git history to remove all evidence of the secret leak. Please beware this is not a trivial operation. You might completely break other contributing developers’ workflow and you risk accidentally deleting work in progress.

💡 To avoid such incidents in the future, consider following these best practices for managing and storing secrets including API keys and other credentials.

You are seeing this because you or someone else has authorized GitGuardian to scan pull requests

dmanjunath
dmanjunath approved these changes Nov 16, 2021
View reviewed changes
Copy link
Contributor

@dmanjunath dmanjunath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i noticed identity service has a package lock change but no package.json change. is that intentional?

@csjiang csjiang merged commit 814df70 into master Nov 17, 2021
@csjiang csjiang deleted the ASI-614_upgrade_libs_1.2.26 branch November 17, 2021 21:23
@AudiusProject AudiusProject deleted a comment from linear bot Sep 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SidSethi SidSethi SidSethi left review comments

@dmanjunath dmanjunath dmanjunath approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@csjiang @rickyrombo @dmanjunath @SidSethi