Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RN upgrade: yarn.lock from main #6690

Closed
wants to merge 14 commits into from
Closed

RN upgrade: yarn.lock from main #6690

wants to merge 14 commits into from

Conversation

jpcloureiro
Copy link
Contributor

@jpcloureiro jpcloureiro commented Jun 23, 2023
edited
Loading

Development & PR Process

  1. Follow MetaMask Mobile Coding Standards
  2. Add release-xx label to identify the PR slated for a upcoming release (will be used in release discussion)
  3. Add needs-dev-review label when work is completed
  4. Add needs-qa label when dev review is completed
  5. Add QA Passed label when QA has signed off

Description

The goal is to maintain all functionalities with the minimal dependency changes.

yarn.lock change stats

on upgrade/react-native/0.71.6-hermes
Screenshot 2023-06-26 at 16 27 55

on this branch rn-upgrade-new-yarnlock
Screenshot 2023-06-26 at 16 27 41

Other changes

  • main merge brings newer file changes
  • removal of hexToBN catchall function since we are on the same version of ethereumjs-util as in main

Screenshots/Recordings

If applicable, add screenshots and/or recordings to visualize the before and after of your change

Issue

Progresses #???

Checklist

  • There is a related GitHub issue
  • Tests are included if applicable
  • Any added code is fully documented

joaoloureirop and others added 12 commits June 22, 2023 12:29
@joaoloureirop
test yarn lock generation from main
5071c50
@joaoloureirop
update snapshots
f1155cd
@joaoloureirop
update number util
80c738e
@joaoloureirop
fix wdio tests
2100025
@Gudahtt
Move test/dev tools to devDependencies (#6685)
e090191 
Packages used solely for development tools and testing have been moved
from `dependencies` to `devDependencies`.
@OGPoyraz @vinistevam
feat: trigger qrsigning modal using approval controller (#6212)
96473d3 
* feat: trigger qrsigning modal using approval controller

* fix: use approval request to control QR modal

* remove QRState usage

* use approval request to control QR modal for tx

* fix lint

* add early return on qr signing modal

---------

Co-authored-by: Vinicius Stevam <vinicius.stevam@consensys.net>
Co-authored-by: Vinicius Stevam <45455812+vinistevam@users.noreply.github.com>
@tommasini @SamuelSalas
feat: New Ui for permissions dapp screen (#6576)
0a7830e 
Co-authored-by: SamuelSalas <samuel.salas.reyes@gmail.com>
@gauthierpetetin
fix(action): add required permissions to remove labels (#6683)
749d9ef 
* fix(action): add required permissions to remove labels

* fix(action name): adopt kebab case
@joaoloureirop
bitrise ruby setup: use a preinstalled version
4630d25
@Gudahtt @joaoloureirop
Resolve yarn audit failure (#6681)
9f82021 
The Yarn audit failure has been addressed by ignoring the flagged
security advisory. It is a ReDoS advisory, which doesn't present a risk
for us (it's not used for a server, so there is no way for an attacker
to impact our availability).

The audit file has been slightly reorganized to remove an obsolete
comment, and to place the explanations above each entry rather than
below.
@joaoloureirop
Merge branch 'main' into rn-upgrade-new-yarnlock
84238cb
@joaoloureirop
Merge branch 'upgrade/react-native/0.71.6-hermes' into rn-upgrade-new…
eeb982a 
…-yarnlock
@github-actions
Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@socket-security
Copy link

socket-security bot commented Jun 23, 2023
edited
Loading

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue Package Version Note Source
Filesystem access localforage 1.9.0
Filesystem access pem 1.14.6
Network access pem 1.14.6
Shell access pem 1.14.6
Non-existent author jsonify 0.0.0
No bug tracker jsonify 0.0.0
Network access htmlparser2 6.1.0
New author @react-native-community/eslint-plugin 1.1.0
New author react-native-branch 5.6.2
New author fbjs 3.0.0
New author @metamask/etherscan-link 2.1.0
New author lighthouse-logger 1.3.0
New author array.prototype.filter 1.0.0
New author fast-diff 1.2.0
New author is-glob 4.0.1
New author unicode-match-property-value-ecmascript 2.0.0
New author unicode-property-aliases-ecmascript 2.0.0
New author @walletconnect/jsonrpc-utils 1.0.7
New author semver 7.3.8
New author asn1 0.2.4
New author web3-provider-engine 16.0.3
No contributors or author data @sentry/cli 1.75.0
No contributors or author data buffer-alloc 1.2.0
Unmaintained buffer-alloc 1.2.0
  • Last Publish: 5/29/2018, 11:41:06 PM
No contributors or author data buffer-alloc-unsafe 1.1.0
Unmaintained buffer-alloc-unsafe 1.1.0
  • Last Publish: 5/29/2018, 11:18:40 PM
No contributors or author data buffer-fill 1.0.0
Unmaintained buffer-fill 1.0.0
  • Last Publish: 5/29/2018, 11:35:52 PM
No contributors or author data react-native-windows 1.0.0
No bug tracker react-native-windows 1.0.0
No README react-native-windows 1.0.0
No bug tracker @jimp/plugin-circle 0.16.2
No bug tracker @jimp/plugin-fisheye 0.16.2
No bug tracker @jimp/plugin-shadow 0.16.2
No bug tracker @jimp/plugin-threshold 0.16.2
No bug tracker camelize 1.0.0
No bug tracker json-stable-stringify 1.0.1
No bug tracker react-native-default-preference 1.4.3
No bug tracker traverse 0.6.6
No bug tracker use-sidecar 1.0.5
Unmaintained @sentry/minimal 6.12.0
  • Last Publish: 4/26/2022, 1:11:15 PM
Unmaintained exit-on-epipe 1.0.1
  • Last Publish: 7/23/2017, 6:19:31 PM
Unmaintained es6-mapify 1.2.0
  • Last Publish: 12/16/2019, 7:51:07 PM
Unmaintained printj 1.1.2
  • Last Publish: 1/24/2022, 5:03:02 AM

Next steps

What is filesystem access?

Accesses the file system, and could potentially read sensitive data.

If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead.

What is network access?

This module accesses the network.

Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.

What is shell access?

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced.

What is a non-existent author?

The package was published by an npm account that no longer exists.

Packages should have active and identified authors.

Why are bug trackers important?

Package does not have a linked bug tracker in package.json.

Add a bugs field to package.json. https://docs.npmjs.com/cli/v8/configuring-npm/packa

@socket-security
Copy link

socket-security bot commented Jun 23, 2023
edited
Loading

New and updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages Version New capabilities Transitives Size Publisher
eciesjs 0.3.15 None +1 28 kB kigawas
@ethereumjs/tx 3.3.0 None +13 4.57 MB holgerd77
@ethereumjs/common 2.4.0 None +12 4.17 MB holgerd77
@metamask/etherscan-link 2.2.0...2.1.0 None +0/-0 23 kB brad.decker
ganache 7.8.0...7.7.7 None +3/-4 192 MB truffle-cicd
metro-config 0.71.3...0.71.1 None +129/-121 20.5 MB metro-bot
@metamask/contract-metadata 2.3.1...2.2.0 None +0/-0 7.92 MB metamaskbot
@keystonehq/metamask-airgapped-keyring 0.3.1...0.3.0 None +48/-25 7.96 MB soralit
react-native-skeleton-placeholder 5.2.4...5.0.0 None +203/-161 26 MB chramos
@types/enzyme 3.10.13...3.10.9 None +2/-2 1.22 MB types
eslint-import-resolver-typescript 2.7.1...2.4.0 None +48/-36 5.34 MB jounqin
@storybook/addon-ondevice-knobs 5.3.26...5.3.25 None +228/-185 34 MB dannyhw
react-native-default-preference 1.4.4...1.4.3 None +202/-160 26 MB marcelkalveram
@babel/core 7.21.8...7.22.5 None +30/-27 11.7 MB nicolo-ribaudo
react-native-webrtc 106.0.7...106.0.0-beta.7 None +203/-161 26.9 MB saghul
@babel/preset-env 7.21.5...7.22.5 None +104/-91 14.9 MB nicolo-ribaudo
react-native-get-random-values 1.9.0...1.8.0 None +202/-160 25.9 MB linusu
@types/lodash 4.14.194...4.14.186 None +0/-0 861 kB types
@react-navigation/native 5.9.8...5.9.4 None +205/-163 27.6 MB satya164
browserstack-local 1.5.2...1.5.1 None +1/-0 86.1 kB browserstack
@react-navigation/bottom-tabs 5.11.15...5.11.11 None +209/-167 28.2 MB satya164
@testing-library/react 14.0.0...13.4.0 None +11/-34 8.49 MB testing-library-bot
@babel/runtime 7.21.5...7.22.5 None +0/-0 282 kB nicolo-ribaudo
react-native-branch 5.8.0...5.6.2 None +202/-160 27.8 MB nsingh-branch
patch-package 6.5.1...6.4.7 None +3/-2 548 kB ds300
@testing-library/react-native 12.1.2...11.5.0 None +219/-173 91.9 MB mdjastrzebski
humanize-duration 3.28.0...3.27.3 None +0/-0 65.9 kB evanhahn
bignumber.js 9.1.1...9.0.1 None +0/-0 402 kB mikemcl
@react-native-picker/picker 2.4.10...2.2.1 None +202/-160 26.3 MB naturalclar
react-native-in-app-review 3.3.3...3.2.3 None +0/-0 45.1 kB minasamir
react-native-fs 2.20.0...2.18.0 None +203/-160 26.5 MB hagen
@react-native-masked-view/masked-view 0.2.9...0.2.6 None +202/-160 26 MB naturalclar
punycode 2.3.0...2.1.1 None +0/-0 32.4 kB mathias
eventemitter2 6.4.9...6.4.5 None +0/-0 84.8 kB rangermauve
babel-loader 8.3.0...8.2.3 None +38/-34 14.2 MB nicolo-ribaudo
react-native-view-shot 3.6.0...3.1.2 None +202/-160 26.1 MB gre
eslint-plugin-import 2.27.5...2.26.0 None +46/-35 5.21 MB ljharb
prettier 2.8.8...2.8.1 None +0/-0 11.6 MB prettier-bot
@storybook/react-native 5.3.27...5.3.25 None +212/-169 30.3 MB dannyhw
reselect 4.1.8...4.0.0 None +0/-0 171 kB ellbee
@react-native-community/checkbox 0.5.15...0.5.12 None +203/-160 26.2 MB nicholaslee119
@sentry/react-native 5.1.1...3.0.3 None +214/-171 37.8 MB sentry-bot
@walletconnect/client 1.8.0...1.7.1 None +11/-10 2.25 MB pedrouid
ethers 5.7.2...5.7.0 None +4/-3 12.1 MB ricmoo
react-native-safe-area-context 3.4.1...3.2.0 None +202/-160 26.1 MB janicduplessis
@typescript-eslint/parser 4.33.0...4.30.0 None +24/-18 66.8 MB jameshenry
@typescript-eslint/eslint-plugin 4.33.0...4.30.0 None +27/-20 69.5 MB jameshenry
typescript 4.9.5...4.6.2 None +0/-0 64.7 MB typescript-bot

@jpcloureiro jpcloureiro force-pushed the rn-upgrade-new-yarnlock branch 2 times, most recently from 5b20128 to 0b8059c Compare June 28, 2023 16:46
@sonarcloud
Copy link

sonarcloud bot commented Jun 28, 2023

SonarCloud Quality Gate failed.    Quality Gate failed

Bug C 3 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 5 Code Smells

9.6% 9.6% Coverage
7.7% 7.7% Duplication

idea Catch issues before they fail your Quality Gate with our IDE extension sonarlint SonarLint

@jpcloureiro
Copy link
Contributor Author

Testing complete.

Code changes will be addressed directly on #6220

@github-actions github-actions bot locked and limited conversation to collaborators Jun 29, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@jpcloureiro @joaoloureirop @Gudahtt @OGPoyraz @tommasini @gauthierpetetin