Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(IT Wallet): [SIW-737] Update io-react-native-jwt library to 1.1.0 #5303

Merged
merged 5 commits into from
Dec 5, 2023
Merged

chore(IT Wallet): [SIW-737] Update io-react-native-jwt library to 1.1.0 #5303

merged 5 commits into from
Dec 5, 2023

Conversation

LazyAfternoons
Copy link
Contributor

Short description

This PR updates io-react-native-jwt to the 1.1.0 version which fixes an issue during the credential issuing on Android.
More on the issue in this PR.

List of changes proposed in this pull request

  • Updates the dependency.

How to test

Test the credential issuing flow on Android and it should work as expected.

@LazyAfternoons LazyAfternoons marked this pull request as ready for review December 5, 2023 16:08
@LazyAfternoons LazyAfternoons requested a review from a team as a code owner December 5, 2023 16:08
@pagopa-github-bot pagopa-github-bot changed the title [SIW-737] Update io-react-native-jwt library to 1.1.0 chore(IT Wallet): [SIW-737] Update io-react-native-jwt library to 1.1.0 Dec 5, 2023
@pagopa-github-bot
Copy link
Collaborator

pagopa-github-bot commented Dec 5, 2023
edited by jira bot
Loading

Affected stories

  • ⚙️ SIW-737: [APP] Aggiornamento libreria io-react-native-jwt alla versione 1.1.0

Generated by 🚫 dangerJS against 814af12

@codecov Codecov
Copy link

codecov bot commented Dec 5, 2023
edited
Loading

Codecov Report

Merging #5303 (978edb9) into bundle/it-wallet (a91af12) will increase coverage by 0.72%.
Report is 354 commits behind head on bundle/it-wallet.
The diff coverage is 41.85%.

❗ Current head 978edb9 differs from pull request most recent head 814af12. Consider uploading reports for the commit 814af12 to get more accurate results

Additional details and impacted files

Impacted file tree graph

@@                 Coverage Diff                  @@
##           bundle/it-wallet    #5303      +/-   ##
====================================================
+ Coverage             45.64%   46.36%   +0.72%     
====================================================
  Files                  1620     1637      +17     
  Lines                 33457    33976     +519     
  Branches               8245     8237       -8     
====================================================
+ Hits                  15270    15754     +484     
- Misses                18138    18171      +33     
- Partials                 49       51       +2
Files Coverage Δ
scripts/ts/danger/utils/changelog.ts 70.49% <ø> (ø)
ts/api/pagopa.ts 23.61% <ø> (ø)
ts/components/PinCreationForm.tsx 85.71% <ø> (ø)
ts/components/TouchableDefaultOpacity.tsx 100.00% <100.00%> (ø)
ts/components/bottomSheet/BottomSheetHeader.tsx 13.33% <ø> (ø)
ts/components/core/fonts.ts 95.00% <ø> (ø)
ts/components/core/selection/RadioButtonList.tsx 89.47% <ø> (ø)
ts/components/core/selection/RemoteSwitch.tsx 100.00% <ø> (ø)
ts/components/core/selection/checkbox/CheckBox.tsx 100.00% <ø> (ø)
ts/components/core/variables/IOStyles.ts 100.00% <ø> (ø)
... and 108 more

... and 294 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 67dee8f...814af12. Read the comment docs.

hevelius
hevelius approved these changes Dec 5, 2023
View reviewed changes
Copy link
Contributor

@hevelius hevelius left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I want to reiterate that as a workaround it is fine but it does not represent the expected solution. This fix was necessary to bypass the 20k character limit when parsing the JWS header on Android device. Limit added in reference this CVE

@LazyAfternoons LazyAfternoons merged commit 919c842 into bundle/it-wallet Dec 5, 2023
4 checks passed
@LazyAfternoons LazyAfternoons deleted the SIW-737-update-jwt-library branch December 5, 2023 17:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hevelius hevelius hevelius approved these changes

Assignees
No one assigned
Labels
IT Wallet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@LazyAfternoons @pagopa-github-bot @hevelius