Conversation
…#86) * Add quickAuth example to MiniKit example app (coinbase#2429) * feat: Add Base Account connector support (coinbase#2435) * chore: version packages 🚀 (coinbase#2432) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Dan Cortes <3639170+dgca@users.noreply.github.com> * extended validation to max 8 chars (coinbase#2437) * chore: Use github changesets generator (coinbase#2438) * chore: Manifest validator changeset (coinbase#2440) * chore: Tweak changeset formatter order (coinbase#2442) * feat: Add useSwapToken util (coinbase#2444) * feat: useSendToken hook (coinbase#2445) * fix: Export useSendToken, add example (coinbase#2446) * chore: version packages 🚀 (coinbase#2441) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix: useFundCardSetupOnrampEventListeners unmount reset (coinbase#2182) * feat: use crypto api for nonce generation (coinbase#2303) * fix: useDebounce cleanup (coinbase#2305) * chore(deps): bump next from 14.2.26 to 14.2.32 (coinbase#2471) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump vite from 5.4.19 to 5.4.20 (coinbase#2483) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: OnchainKit@v1 (coinbase#2415) * chore: Remove deprecated schemaId prop (coinbase#2490) * fix: Remove deprecated cacheTime arg (coinbase#2493) * fix: Fix onchainkit and create-onchain versions (coinbase#2496) * Release create-onchain v1 (coinbase#2497) * chore: version packages 🚀 (coinbase#2498) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Dan Cortes <3639170+dgca@users.noreply.github.com> * chore: Release onchainkit and create-onchain at 1.0.2 (coinbase#2499) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix: Minikit template prepends process.env.VERCEL_URL with https:// (coinbase#2502) * fix: Add `baseBuilder.allowedAddresses` to template + call `setFrameReady()` automatically (coinbase#2503) * chore: Add changeset to create-onchain (coinbase#2504) * chore: version packages 🚀 (coinbase#2505) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Dan Cortes <3639170+dgca@users.noreply.github.com> * chore(ONRAMP-843): FundCard accept sessionToken param (coinbase#2501) * feat: Allow useOpenUrl to specify fallback behavior (coinbase#2500) * fix: Rename setFrameReady and isFrameReady (coinbase#2510) * fix: Update GetOnrampUrl type (coinbase#2511) * chore: version packages 🚀 (coinbase#2509) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix: Allow additional properties in `withValidManifest` (coinbase#2515) * chore: version packages 🚀 (coinbase#2516) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix: Deprecate useNotifications hook (coinbase#2527) * fix: Deprecate Checkout component (coinbase#2528) * fix: Rename allowedAddresses to ownerAddress (coinbase#2530) * chore: version packages 🚀 (coinbase#2529) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * chore: fix fund components to mandate session-token (coinbase#2542) * chore: bump react/next due to recent cve (coinbase#2554) e1b37c5 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Dan Cortes <3639170+dgca@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Sohey <soheimam@gmail.com> Co-authored-by: Teimur Gasanov <teymurgg321@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rustam Goygov <139204496+rustam-cb@users.noreply.github.com> Co-authored-by: suryatejamandadi-cb <suryateja.mandadi@coinbase.com> Co-authored-by: Dylan Steck <dylancsteck@gmail.com>
This comment was marked as resolved.
This comment was marked as resolved.
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Summary of ChangesHello @Dargon789, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request lays foundational infrastructure for the project by integrating a basic continuous integration pipeline using CircleCI and establishing a standard security policy document. These additions are crucial for setting up initial development workflows and communicating essential security guidelines. Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request adds a basic CircleCI configuration and a template for a security policy. The CircleCI configuration is a good starting point, but I've suggested pinning the Docker image version to ensure reproducible builds and adding a final newline to adhere to standard conventions. The SECURITY.md file is currently a placeholder and needs to be filled out with specific details about supported versions and, most importantly, the process for reporting vulnerabilities.
I am having trouble creating individual review comments. Click here to see my feedback.
.circleci/config.yml (14)
For reproducible builds, it's recommended to pin the Docker image to a specific version instead of using the current tag. The current tag can change unexpectedly, potentially breaking your build pipeline. You can find available versioned tags on the CircleCI Developer Hub.
- image: cimg/base:2024.01.circleci/config.yml (31)
This file is missing a final newline. It's a common convention and POSIX standard to end text files with a newline character. Many tools work better with files that end with a newline.
SECURITY.md (5-21)
This security policy file appears to be a template and contains placeholder content. Please update the following sections with project-specific information:
- Supported Versions: The version table should reflect the actual versions of your project that receive security updates.
- Reporting a Vulnerability: This section is critical and needs clear instructions on how to report a vulnerability, including contact details and the expected process.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This comment was marked as resolved.
This comment was marked as resolved.
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
|
@Mergifyio refresh |
|
@Mergifyio update |
❌ Base branch update has failedDetailsmerge conflict between base and head |
|
@Mergifyio refresh |
✅ Pull request refreshed |
|
@Mergifyio rebase |
✅ Pull request refreshed |
☑️ Nothing to do, the required conditions are not metDetails
|
1 participant
What changed? Why?
Notes to reviewers
How has it been tested?