Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delete short config used by starport serve #5

Merged
merged 1 commit into from
Jan 25, 2021
Merged

Delete short config used by starport serve #5

merged 1 commit into from
Jan 25, 2021

Conversation

evan-forbes
Copy link
Member

@evan-forbes evan-forbes commented Jan 25, 2021
edited
Loading

We don't need this config file anymore, as the starport serve command is not used.

ref: #2

liamsi
liamsi approved these changes Jan 25, 2021
View reviewed changes
Copy link
Member

@liamsi liamsi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍🏼

@evan-forbes evan-forbes merged commit 9b2bbba into master Jan 25, 2021
@evan-forbes evan-forbes deleted the evan/delete-config branch January 25, 2021 13:31
@liamsi liamsi mentioned this pull request Mar 16, 2021
Closed
@evan-forbes evan-forbes mentioned this pull request Mar 16, 2021
Merged
rootulp added a commit that referenced this pull request Mar 7, 2024
@rootulp
chore: upgrade to Go 1.22.1 (#3163)
fffabd1 
To resolve govulncheck issues like:

```
Vulnerability #2: GO-2024-2610
    Errors returned from JSON marshaling may break template escaping in
    html/template
  More info: https://pkg.go.dev/vuln/GO-2024-2610
  Standard library
    Found in: html/template@go1.22
    Fixed in: html/template@go1.22.1
    Example traces found:
Error:       #1: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.Execute
Error:       #2: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.ExecuteTemplate

Vulnerability #3: GO-2024-2600
    Incorrect forwarding of sensitive headers and cookies on HTTP redirect in
    net/http
  More info: https://pkg.go.dev/vuln/GO-2024-2600
  Standard library
    Found in: net/http@go1.22
    Fixed in: net/http@go1.22.1
    Example traces found:
Error:       #1: x/blobstream/client/verify.go:224:39: client.VerifyShares calls http.baseRPCClient.ProveShares, which eventually calls http.Client.Do
Error:       #2: cmd/celestia-appd/cmd/download_genesis.go:103:[23](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:24): cmd.downloadFile calls http.Get

Vulnerability #4: GO-20[24](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:25)-[25](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:26)99
    Memory exhaustion in multipart form parsing in net/textproto and net/http
  More info: https://pkg.go.dev/vuln/GO-2024-2599
  Standard library
    Found in: net/textproto@go1.22
    Fixed in: net/textproto@go1.22.1
    Example traces found:
Error:       #1: x/blobstream/client/verify.go:202:18: client.VerifyShares calls service.BaseService.Start, which eventually calls textproto.Reader.ReadLine
Error:       #2: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls textproto.Reader.ReadMIMEHeader

Vulnerability #5: GO-2024-2598
    Verify panics on certificates with an unknown public key algorithm in
    crypto/x509
  More info: https://pkg.go.dev/vuln/GO-2024-2598
  Standard library
    Found in: crypto/x509@go1.22
    Fixed in: crypto/x509@go1.22.1
    Example traces found:
Error:       #1: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls x[50](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:51)9.Certificate.Verify
```
ninabarbakadze pushed a commit to ninabarbakadze/celestia-app that referenced this pull request Apr 2, 2024
@rootulp @ninabarbakadze
chore: upgrade to Go 1.22.1 (celestiaorg#3163)
38fd79e 
To resolve govulncheck issues like:

```
Vulnerability celestiaorg#2: GO-2024-2610
    Errors returned from JSON marshaling may break template escaping in
    html/template
  More info: https://pkg.go.dev/vuln/GO-2024-2610
  Standard library
    Found in: html/template@go1.22
    Fixed in: html/template@go1.22.1
    Example traces found:
Error:       celestiaorg#1: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.Execute
Error:       celestiaorg#2: test/util/testnode/rpc_client.go:126:25: testnode.StartAPIServer calls api.Server.Start, which eventually calls template.Template.ExecuteTemplate

Vulnerability celestiaorg#3: GO-2024-2600
    Incorrect forwarding of sensitive headers and cookies on HTTP redirect in
    net/http
  More info: https://pkg.go.dev/vuln/GO-2024-2600
  Standard library
    Found in: net/http@go1.22
    Fixed in: net/http@go1.22.1
    Example traces found:
Error:       celestiaorg#1: x/blobstream/client/verify.go:224:39: client.VerifyShares calls http.baseRPCClient.ProveShares, which eventually calls http.Client.Do
Error:       celestiaorg#2: cmd/celestia-appd/cmd/download_genesis.go:103:[23](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:24): cmd.downloadFile calls http.Get

Vulnerability celestiaorg#4: GO-20[24](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:25)-[25](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:26)99
    Memory exhaustion in multipart form parsing in net/textproto and net/http
  More info: https://pkg.go.dev/vuln/GO-2024-2599
  Standard library
    Found in: net/textproto@go1.22
    Fixed in: net/textproto@go1.22.1
    Example traces found:
Error:       celestiaorg#1: x/blobstream/client/verify.go:202:18: client.VerifyShares calls service.BaseService.Start, which eventually calls textproto.Reader.ReadLine
Error:       celestiaorg#2: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls textproto.Reader.ReadMIMEHeader

Vulnerability celestiaorg#5: GO-2024-2598
    Verify panics on certificates with an unknown public key algorithm in
    crypto/x509
  More info: https://pkg.go.dev/vuln/GO-2024-2598
  Standard library
    Found in: crypto/x509@go1.22
    Fixed in: crypto/x509@go1.22.1
    Example traces found:
Error:       celestiaorg#1: test/e2e/util.go:25:23: e2e.keyGenerator.Generate calls io.ReadFull, which eventually calls x[50](https://github.com/celestiaorg/celestia-app/actions/runs/8169780335/job/22334531542?pr=3157#step:4:51)9.Certificate.Verify
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liamsi liamsi liamsi approved these changes

@adlerjohn adlerjohn Awaiting requested review from adlerjohn

@tac0turtle tac0turtle Awaiting requested review from tac0turtle

@musalbas musalbas Awaiting requested review from musalbas

@tzdybal tzdybal Awaiting requested review from tzdybal

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@evan-forbes @liamsi