Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update eslint; types/lint fixes #307

Merged
merged 22 commits into from
Apr 28, 2023
Merged

update eslint; types/lint fixes #307

merged 22 commits into from
Apr 28, 2023

Conversation

legobeat
Copy link
Contributor

@legobeat legobeat commented Apr 25, 2023
edited
Loading

@socket-security
Copy link

socket-security bot commented Apr 25, 2023
edited
Loading

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Ignoring: acorn@8.8.2, eslint-plugin-jest@27.2.1, typedoc@0.24.6, minimatch@9.0.0, shiki@0.14.2, typescript@4.8.4, @metamask/eslint-config-jest@11.1.0

Pull request alert summary
Issue Status
Critical CVE ✅ 0 issues
CVE ✅ 0 issues
Mild CVE ✅ 0 issues
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Filesystem access ✅ 0 issues
Network access ✅ 0 issues
Shell access ✅ 0 issues
Debug access ✅ 0 issues
Long strings ✅ 0 issues
High entropy strings ✅ 0 issues
URL strings ✅ 0 issues
Uses eval ✅ 0 issues
Dynamic require ✅ 0 issues
Environment variable access ✅ 0 issues
Missing dependency ✅ 0 issues
Unused dependency ✅ 0 issues
Peer dependency ✅ 0 issues
Uncaught optional dependency ✅ 0 issues
Unresolved require ✅ 0 issues
Extraneous dependency ✅ 0 issues
Obfuscated require ✅ 0 issues
Obfuscated code ✅ 0 issues
Minified code ✅ 0 issues
Bidirectional unicode control characters ✅ 0 issues
Zero width unicode chars ✅ 0 issues
Bad text encoding ✅ 0 issues
Unicode homoglyphs ✅ 0 issues
Invisible chars ✅ 0 issues
Suspicious strings ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
GitHub dependency ✅ 0 issues
File dependency ✅ 0 issues
No tests ✅ 0 issues
No repository ✅ 0 issues
Bad semver ✅ 0 issues
Bad dependency semver ✅ 0 issues
No v1 ✅ 0 issues
No website ✅ 0 issues
No bug tracker ✅ 0 issues
No contributors or author data ✅ 0 issues
CommonJS depending on ESModule ✅ 0 issues
Empty package ✅ 0 issues
Trivial Package ✅ 0 issues
No README ✅ 0 issues
Deprecated ✅ 0 issues
Chronological version anomaly ✅ 0 issues
Semver anomaly ✅ 0 issues
New author ✅ 0 issues
Unstable ownership ✅ 0 issues
Non-existent author ✅ 0 issues
Unmaintained ✅ 0 issues
Unpublished package ✅ 0 issues
Major refactor ✅ 0 issues
Missing package tarball ✅ 0 issues
Unsafe copyright ✅ 0 issues
License change ✅ 0 issues
Non OSI license ✅ 0 issues
Deprecated license ✅ 0 issues
Missing license ✅ 0 issues
Non SPDX license ✅ 0 issues
Unclear license ✅ 0 issues
Mixed license ✅ 0 issues
Legal notice ✅ 0 issues
Modified license ✅ 0 issues
Modified license exception ✅ 0 issues
License exception ✅ 0 issues
Deprecated SPDX exception ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
AI detected security risk ✅ 0 issues
AI warning ✅ 0 issues

📊 Modified Dependency Overview:

➕ Added Package Capability Access +/- Transitive Count Publisher
@types/bn.js@4.11.6 None +0 types
⬆️ Updated Package Version Diff Added Capability Access +/- Transitive Count Publisher
@metamask/eslint-config-jest@11.1.0 9.0.0...11.1.0 None +4/-83 metamaskbot
@metamask/eslint-config-typescript@11.1.0 9.0.1...11.1.0 None +4/-82 metamaskbot
typescript@4.8.4 4.9.5...4.8.4 None +0/-0 typescript-bot
@metamask/eslint-config-nodejs@11.1.0 9.0.0...11.1.0 None +3/-56 metamaskbot
@metamask/eslint-config@11.1.0 9.0.0...11.1.0 None +2/-55 metamaskbot
eslint-plugin-prettier@4.2.1 3.4.1...4.2.1 None +0/-48 jounqin
@types/jest@27.5.2 26.0.24...27.5.2 None +0/-6 types
eslint-plugin-jest@27.2.1 24.7.0...27.2.1 filesystem +0/-74 simenb
typedoc@0.24.6 0.22.18...0.24.6 None +5/-3 typedoc-bot

🚮 Removed packages: @typescript-eslint/eslint-plugin@4.33.0, @typescript-eslint/parser@4.33.0, eslint@7.32.0

legobeat
legobeat commented Apr 25, 2023
View reviewed changes
.eslintrc.js Show resolved Hide resolved
@legobeat legobeat marked this pull request as ready for review April 25, 2023 05:53
@legobeat legobeat requested a review from a team as a code owner April 25, 2023 05:53
@legobeat
Copy link
Contributor Author

@Mrtenz Hopefully the extra types added here would make it more comfortable to proceed with #273

This was referenced Apr 25, 2023
Closed
Closed
Closed
Closed
kumavis
kumavis reviewed Apr 26, 2023
View reviewed changes
src/encryption.ts Outdated Show resolved Hide resolved
Mrtenz
Mrtenz previously approved these changes Apr 27, 2023
View reviewed changes
Gudahtt
Gudahtt reviewed Apr 27, 2023
View reviewed changes
.npmignore Outdated Show resolved Hide resolved
Gudahtt
Gudahtt reviewed Apr 27, 2023
View reviewed changes
package.json Show resolved Hide resolved
Gudahtt
Gudahtt reviewed Apr 27, 2023
View reviewed changes
tsconfig.json Outdated Show resolved Hide resolved
Gudahtt
Gudahtt reviewed Apr 27, 2023
View reviewed changes
src/utils.ts Show resolved Hide resolved
Gudahtt
Gudahtt reviewed Apr 27, 2023
View reviewed changes
src/encryption.test.ts
@@ -154,7 +154,7 @@ describe('encryption', function () {
it('should throw if passed null public key', function () {
expect(() =>
encrypt({
publicKey: null,
publicKey: null as any,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: We could use // @ts-expect-error in each of these places rather than casting to any. It's a bit safer in that we get notified if the type error goes away.

It also prevents the any type "leaking" onto other lines where the type checking would still be valuable (not applicable here because null is a literal, but it might apply if this was done to a variable).

@legobeat

This comment was marked as resolved.

Sign in to view
@legobeat legobeat requested review from Gudahtt and Mrtenz April 27, 2023 22:23
@legobeat
Copy link
Contributor Author 

@SocketSecurity ignore acorn@8.8.2
@SocketSecurity ignore eslint-plugin-jest@27.2.1
@SocketSecurity ignore typedoc@0.24.6
@SocketSecurity ignore minimatch@9.0.0
@SocketSecurity ignore shiki@0.14.1
@SocketSecurity ignore typescript@4.8.4
@SocketSecurity ignore @metamask/eslint-config-jest@11.1.0

@Gudahtt
Copy link
Member

Gudahtt commented Apr 28, 2023

Mostly looks good! I can approve once the issue with tests being published has been fixed.

@legobeat
Copy link
Contributor Author

@SocketSecurity ignore shiki@0.14.2

@legobeat legobeat merged commit df8bfc4 into MetaMask:main Apr 28, 2023
@legobeat legobeat mentioned this pull request May 16, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gudahtt Gudahtt Gudahtt approved these changes

@adonesky1 adonesky1 Awaiting requested review from adonesky1

@kumavis kumavis Awaiting requested review from kumavis

@Mrtenz Mrtenz Awaiting requested review from Mrtenz

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@legobeat @Gudahtt @kumavis @Mrtenz