Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: apply dragonberry security patch #74

Merged
merged 4 commits into from
Oct 15, 2022
Merged

fix: apply dragonberry security patch #74

merged 4 commits into from
Oct 15, 2022

Conversation

queencre
Copy link
Contributor

@queencre queencre commented Oct 14, 2022
edited

Description

Apply dragonberry security patch

Tasks

  • Apply dragonberry security patch
  • Fix dead links
  • Bump github.com/gogo/protobuf to version 1.3.2

References

Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.

  • Appropriate labels applied
  • Targeted PR against correct branch
  • Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
  • Code follows the module structure standards.
  • Wrote unit and integration
  • Updated relevant documentation (docs/) or specification (x/<module>/spec/)
  • Added relevant godoc comments.
  • Re-reviewed Files changed in the Github PR explorer
  • Review Codecov Report in the comment section below once CI passes

@queencre queencre self-assigned this Oct 14, 2022
@queencre queencre marked this pull request as ready for review October 15, 2022 00:04
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 15, 2022
View reviewed changes
ics23/ics23.go
Comment on lines +68 to +73
for k, v := range items {
valid := VerifyMembership(spec, root, proof, []byte(k), v)
if !valid {
return false
}
}

Check warning

Code scanning / CodeQL

Iteration over map

Iteration over map may be a possible source of non-determinism
@queencre queencre merged commit 3be17bc into crescent-network:release/v2.1.x Oct 15, 2022
kingcre pushed a commit that referenced this pull request Oct 20, 2022
@queencre @kingcre
fix: apply dragonberry security patch (#74) (cherry-picked)
b7e5b0f 
* fix: apply dragonberry security patch

* fix: fix deadlink

* fix: broken links and bump gogo/protobuf dependency

* fix: fix missing deadlink

(cherry picked from commit 3be17bc)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crypin crypin Awaiting requested review from crypin crypin is a code owner

@kingcre kingcre Awaiting requested review from kingcre

Assignees

@queencre queencre

Labels
x/farming
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@queencre