Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Exclude ip package from audit #8563

Merged
merged 2 commits into from
Feb 10, 2024
Merged

ci: Exclude ip package from audit #8563

merged 2 commits into from
Feb 10, 2024

Conversation

Cal-L
Copy link
Contributor

@Cal-L Cal-L commented Feb 9, 2024

Description

This PR excludes the ip package from our ci audit. It is a dependency of cli-doctor, which is not used in production code.

Advisory - GHSA-78xj-cgh5-2h22

Related issues

Fixes:

Manual testing steps

  1. Go to this page...

Screenshots/Recordings

Before

After

Pre-merge author checklist

  • I’ve followed MetaMask Coding Standards.
  • I've clearly explained what problem this PR is solving and how it is solved.
  • I've linked related issues
  • I've included manual testing steps
  • I've included screenshots/recordings if applicable
  • I’ve included tests if applicable
  • I’ve documented my code using JSDoc format if applicable
  • I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.
  • I’ve properly set the pull request status:
    • In case it's not yet "ready for review", I've set it to "draft".
    • In case it's "ready for review", I've changed it from "draft" to "non-draft".

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@Cal-L Cal-L requested a review from a team as a code owner February 9, 2024 22:25
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 9, 2024

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@Cal-L Cal-L added No QA Needed/E2E Only Apply this label when your PR does not need any QA effort. team-mobile-platform labels Feb 9, 2024
@Cal-L Cal-L changed the title ci: Exclude IP from audit ci: Exclude ip package from audit Feb 9, 2024
@codecov-commenter
Copy link

codecov-commenter commented Feb 9, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (8519adc) 40.90% compared to head (eaa5114) 40.90%.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #8563   +/-   ##
=======================================
  Coverage   40.90%   40.90%           
=======================================
  Files        1245     1245           
  Lines       30150    30150           
  Branches     2895     2895           
=======================================
  Hits        12333    12333           
  Misses      17114    17114           
  Partials      703      703

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Feb 10, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

chrisleewilcox
chrisleewilcox approved these changes Feb 10, 2024
View reviewed changes
Copy link
Contributor

@chrisleewilcox chrisleewilcox left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

sethkfman
sethkfman approved these changes Feb 10, 2024
View reviewed changes
Copy link
Contributor

@sethkfman sethkfman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sethkfman sethkfman merged commit 7012f65 into main Feb 10, 2024
26 checks passed
@sethkfman sethkfman deleted the ci/exclude-ip-audit branch February 10, 2024 00:35
@github-actions github-actions bot locked and limited conversation to collaborators Feb 10, 2024
@metamaskbot metamaskbot added the release-7.17.0 Issue or pull request that will be included in release 7.17.0 label Feb 10, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@chrisleewilcox chrisleewilcox chrisleewilcox approved these changes

@sethkfman sethkfman sethkfman approved these changes

Assignees
No one assigned
Labels
No QA Needed/E2E Only Apply this label when your PR does not need any QA effort. release-7.17.0 Issue or pull request that will be included in release 7.17.0 team-mobile-platform
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@Cal-L @codecov-commenter @chrisleewilcox @sethkfman @metamaskbot