Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: review and fix or suppress eslint-security warnings #163

Closed
varunsrin opened this issue Oct 11, 2022 · 6 comments · Fixed by #416
Closed

chore: review and fix or suppress eslint-security warnings #163

varunsrin opened this issue Oct 11, 2022 · 6 comments · Fixed by #416
Labels
help wanted Well specified and ready to be worked on

Comments

@varunsrin
Copy link
Member

What is the feature you would like to implement?

Review and fix all eslint security warnings or suppress them if they are false positives.

➜  hub git:(varunsrin/eslint-security) yarn lint:fix

/Users/varun/src/farcaster/hub/src/network/sync/merkleTrie.ts
  60:18  warning  Variable Assigned to Object Injection Sink  security/detect-object-injection

/Users/varun/src/farcaster/hub/src/storage/db/rocksdb.ts
  90:11  warning  Found fs.open with non literal argument at index 0  security/detect-non-literal-fs-filename

/Users/varun/src/farcaster/hub/src/urls/chainAccountUrl.ts
  35:30  warning  Found non-literal argument to RegExp Constructor  security/detect-non-literal-regexp

/Users/varun/src/farcaster/hub/src/urls/chainUrl.ts
  28:30  warning  Found non-literal argument to RegExp Constructor  security/detect-non-literal-regexp

/Users/varun/src/farcaster/hub/src/urls/utils.ts
  14:12  warning  Generic Object Injection Sink                     security/detect-object-injection
  28:8   warning  Found non-literal argument to RegExp Constructor  security/detect-non-literal-regexp
  32:28  warning  Found non-literal argument to RegExp Constructor  security/detect-non-literal-regexp
  32:39  warning  Generic Object Injection Sink                     security/detect-object-injection

/Users/varun/src/farcaster/hub/src/utils/crypto.ts
  57:16  warning  Generic Object Injection Sink        security/detect-object-injection
  59:21  warning  Function Call Object Injection Sink  security/detect-object-injection
@varunsrin varunsrin self-assigned this Oct 11, 2022
@varunsrin varunsrin added good first issue help wanted Well specified and ready to be worked on labels Oct 11, 2022
TimDaub added a commit to TimDaub/farcaster-hub that referenced this issue Dec 5, 2022
@TimDaub
Fix and suppress eslint security warnings
e3c525e 
- Fixes farcasterxyz#163
@TimDaub TimDaub mentioned this issue Dec 5, 2022
Closed
@varunsrin varunsrin linked a pull request Dec 6, 2022 that will close this issue
chore: enable noUncheckedIndexedAccess #261
Merged
3 tasks
@varunsrin varunsrin removed a link to a pull request Dec 6, 2022
chore: enable noUncheckedIndexedAccess #261
Merged
3 tasks
TimDaub added a commit to TimDaub/farcaster-hub that referenced this issue Dec 7, 2022
@TimDaub
Fix and supress eslint warnings
b2bd324 
- Fixes farcasterxyz#163
TimDaub added a commit to TimDaub/farcaster-hub that referenced this issue Dec 7, 2022
@TimDaub
Fix and suppress eslint warnings
f94e949 
- Fixes farcasterxyz#163
TimDaub added a commit to TimDaub/farcaster-hub that referenced this issue Dec 7, 2022
@TimDaub
Fix and suppress eslint warnings
1a793fa 
- Fixes farcasterxyz#163
TimDaub added a commit to TimDaub/farcaster-hub that referenced this issue Dec 7, 2022
@TimDaub
Fix and suppress eslint warnings
64aec3c 
- Fixes farcasterxyz#163
@avichalp
Copy link

Hey @varunsrin,

If no one has already started working on it, I would like to take a stab. I see that is it a good opportunity to familiarize myself with the codebase.

@varunsrin
Copy link
Member Author

tim had a WIP PR here a few days ago: #262

i would ping him there and see if he is still working on it, if not its all yours

@djma djma mentioned this issue Dec 12, 2022
Closed
3 tasks
@avichalp
Copy link

Ah sorry! I saw that PR earlier. I thought these were a new set of warnings that had come up. I will follow that PR there.

@varunsrin varunsrin removed their assignment Dec 21, 2022
@varunsrin
Copy link
Member Author

@avichalp and @djma i'm not sure if tim is working on it anymore, so this is up for grabs

@TimDaub
Copy link
Contributor

TimDaub commented Jan 11, 2023

I think it should be merged asap to reduce potential merge conflicts

@TimDaub
Copy link
Contributor

TimDaub commented Jan 11, 2023

actually whatever, there are too many now. I will close

kcchu added a commit to kcchu/hub that referenced this issue Jan 12, 2023
@kcchu
Fix and suppress eslint warnings
13db799 
Fix farcasterxyz#163

Based on PR by @TimDaub
kcchu added a commit to kcchu/hub that referenced this issue Jan 12, 2023
@kcchu
chore: fix and suppress eslint warnings
2514b2a 
Fix farcasterxyz#163

Based on PR by @TimDaub
@kcchu kcchu mentioned this issue Jan 12, 2023
Merged
2 tasks
kcchu pushed a commit to kcchu/hub that referenced this issue Jan 12, 2023
@TimDaub @kcchu
Fix and suppress eslint warnings
bc299a0 
- Fixes farcasterxyz#163
kcchu added a commit to kcchu/hub that referenced this issue Jan 12, 2023
@kcchu
chore: fix and suppress eslint warnings
730c4db 
Fix farcasterxyz#163
kcchu pushed a commit to kcchu/hub that referenced this issue Jan 14, 2023
@TimDaub @kcchu
Fix and suppress eslint warnings
118d121 
- Fixes farcasterxyz#163
kcchu added a commit to kcchu/hub that referenced this issue Jan 14, 2023
@kcchu
chore: fix and suppress eslint warnings
42deba4 
Fix farcasterxyz#163
varunsrin pushed a commit that referenced this issue Jan 15, 2023
@kcchu @TimDaub
chore: fix and suppress eslint warnings (#416)
6f8c75e 
* Fix and suppress eslint warnings

- Fixes #163

* chore: fix and suppress eslint warnings

Fix #163

Co-authored-by: Tim Daubenschütz <tim@daubenschuetz.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Well specified and ready to be worked on
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: fix and suppress eslint warnings kcchu/hub
3 participants
@varunsrin @TimDaub @avichalp