-
Notifications
You must be signed in to change notification settings - Fork 278
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CI via github actions #3
Comments
For the most part you can copy https://github.com/cosmos/cosmos-sdk/tree/master/.github/workflows. If you have any questions let me know, I did the migration to github actions for the cosmos/tendermint repos. |
thanks! |
@marbar3778 There are quite a few tests/checks that rely on simapp. Should I cut those, or incorporate those tests to use lazyledger-app instead of simapp? Would that be redundant, since those checks are already done in the cosmos-sdk? |
you will want to have them use lazyledger-app. It is some duplication but we dont know if we will only use modules from the lazyledger-sdk |
To resolve govulncheck issues like: ``` Vulnerability #2: GO-2024-2610 Errors returned from JSON marshaling may break template escaping in html/template More info: https://pkg.go.dev/vuln/GO-2024-2610 Standard library Found in: html/template@go1.22 Fixed in: html/template@go1.22.1 Example traces found: Error: #1: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.Execute Error: #2: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.ExecuteTemplate Vulnerability #3: GO-2024-2600 Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http More info: https://pkg.go.dev/vuln/GO-2024-2600 Standard library Found in: net/http@go1.22 Fixed in: net/http@go1.22.1 Example traces found: Error: #1: x/blobstream/client/verify.go:224:39: client.VerifyShares calls http.baseRPCClient.ProveShares, which eventually calls http.Client.Do Error: #2: cmd/celestia-appd/cmd/download_genesis.go:103:[23](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:24): cmd.downloadFile calls http.Get Vulnerability #4: GO-20[24](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:25)-[25](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:26)99 Memory exhaustion in multipart form parsing in net/textproto and net/http More info: https://pkg.go.dev/vuln/GO-2024-2599 Standard library Found in: net/textproto@go1.22 Fixed in: net/textproto@go1.22.1 Example traces found: Error: #1: x/blobstream/client/verify.go:202:18: client.VerifyShares calls service.BaseService.Start, which eventually calls textproto.Reader.ReadLine Error: #2: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls textproto.Reader.ReadMIMEHeader Vulnerability #5: GO-2024-2598 Verify panics on certificates with an unknown public key algorithm in crypto/x509 More info: https://pkg.go.dev/vuln/GO-2024-2598 Standard library Found in: crypto/x509@go1.22 Fixed in: crypto/x509@go1.22.1 Example traces found: Error: #1: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls x[50](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:51)9.Certificate.Verify ```
To resolve govulncheck issues like: ``` Vulnerability celestiaorg#2: GO-2024-2610 Errors returned from JSON marshaling may break template escaping in html/template More info: https://pkg.go.dev/vuln/GO-2024-2610 Standard library Found in: html/template@go1.22 Fixed in: html/template@go1.22.1 Example traces found: Error: celestiaorg#1: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.Execute Error: celestiaorg#2: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.ExecuteTemplate Vulnerability celestiaorg#3: GO-2024-2600 Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http More info: https://pkg.go.dev/vuln/GO-2024-2600 Standard library Found in: net/http@go1.22 Fixed in: net/http@go1.22.1 Example traces found: Error: celestiaorg#1: x/blobstream/client/verify.go:224:39: client.VerifyShares calls http.baseRPCClient.ProveShares, which eventually calls http.Client.Do Error: celestiaorg#2: cmd/celestia-appd/cmd/download_genesis.go:103:[23](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:24): cmd.downloadFile calls http.Get Vulnerability celestiaorg#4: GO-20[24](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:25)-[25](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:26)99 Memory exhaustion in multipart form parsing in net/textproto and net/http More info: https://pkg.go.dev/vuln/GO-2024-2599 Standard library Found in: net/textproto@go1.22 Fixed in: net/textproto@go1.22.1 Example traces found: Error: celestiaorg#1: x/blobstream/client/verify.go:202:18: client.VerifyShares calls service.BaseService.Start, which eventually calls textproto.Reader.ReadLine Error: celestiaorg#2: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls textproto.Reader.ReadMIMEHeader Vulnerability celestiaorg#5: GO-2024-2598 Verify panics on certificates with an unknown public key algorithm in crypto/x509 More info: https://pkg.go.dev/vuln/GO-2024-2598 Standard library Found in: crypto/x509@go1.22 Fixed in: crypto/x509@go1.22.1 Example traces found: Error: celestiaorg#1: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls x[50](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:51)9.Certificate.Verify ```
Ideally via github actions:
at least:
ideally:
The text was updated successfully, but these errors were encountered: