-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: fix infura key displayed #8744
Conversation
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
This comment was marked as outdated.
This comment was marked as outdated.
f077f16
to
2d26655
Compare
2d26655
to
d17c35a
Compare
E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/966032bd-ffbc-4e7d-bd9e-ca97d3d98038 |
d17c35a
to
c25c73d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left a comment
E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/78ee69f9-ceb0-4d9e-aec3-3c2088655df0 |
Quality Gate passedIssues Measures |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #8744 +/- ##
==========================================
+ Coverage 41.41% 41.43% +0.01%
==========================================
Files 1270 1270
Lines 30826 30833 +7
Branches 3042 3043 +1
==========================================
+ Hits 12768 12775 +7
Misses 17295 17295
Partials 763 763 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Missing release label release-7.17.0 on PR. Adding release label release-7.17.0 on PR and removing other release labels(release-7.18.0), as PR was cherry-picked in branch 7.17.0. |
Description
We are exposing our network API keys in the network verification details. Exposing API keys should be avoided due to their significant security risks.
To reproduce:
Go to networks view
Proceed to add any infura supported network from the popular network list. Polygon is a good example.
Notice in the network approval modal the Infura API key is exposed in the Network URL field.
Related issues
Fixes: #1574
Manual testing steps
Screenshots/Recordings
Before
After
trim.88505A2C-3CE8-4514-B44E-EC105C1864C2.MOV
Pre-merge author checklist
Pre-merge reviewer checklist