Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trezor upgrades #904

Merged
merged 22 commits into from
Jun 24, 2022
Merged

Trezor upgrades #904

merged 22 commits into from
Jun 24, 2022

Conversation

mholtzman
Copy link
Collaborator

No description provided.

@socket-security
Copy link

socket-security bot commented Jun 20, 2022
edited
Loading

Socket Security Report

📜 New install scripts detected

A dependency change in this PR is introducing new install scripts to your install step.

Package Script field Location
blake-hash@2.0.0 (added) binding.gyp package.json via trezor-connect@8.2.9-extended, @trezor/utxo-lib@1.0.0
tiny-secp256k1@1.1.6 (added) binding.gyp package.json via trezor-connect@8.2.9-extended, @trezor/utxo-lib@1.0.0
blake-hash@2.0.0 (added) install package.json via trezor-connect@8.2.9-extended, @trezor/utxo-lib@1.0.0
tiny-secp256k1@1.1.6 (added) install package.json via trezor-connect@8.2.9-extended, @trezor/utxo-lib@1.0.0
🫣 Native code

Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.

Package Location
blake-hash@2.0.0 (added) package.json via trezor-connect@8.2.9-extended, @trezor/utxo-lib@1.0.0
tiny-secp256k1@1.1.6 (added) package.json via trezor-connect@8.2.9-extended, @trezor/utxo-lib@1.0.0
Socket.dev scan summary
Issue Status
Did you mean? ✅ no new possible package typos
Install scripts ⚠️ 4 new install scripts detected
Telemetry ✅ no new telemetry
Troll package ✅ no new troll packages
Malware ✅ no new malware
Native code ⚠️ 2 new native modules detected

Powered by socket.dev

goosewobbler
goosewobbler suggested changes Jun 23, 2022
View reviewed changes
dash/App/Signer/index.js Outdated Show resolved Hide resolved
dash/App/Signer/index.js Show resolved Hide resolved
main/signers/trezor/Trezor/index.ts Outdated Show resolved Hide resolved
main/signers/trezor/Trezor/index.ts Show resolved Hide resolved
main/signers/trezor/Trezor/index.ts Show resolved Hide resolved
main/signers/trezor/bridge.ts Outdated Show resolved Hide resolved
test/main/signers/trezor/bridge.test.js Outdated Show resolved Hide resolved
test/main/signers/trezor/bridge.test.js Show resolved Hide resolved
test/main/signers/trezor/bridge.test.js Show resolved Hide resolved
test/main/signers/trezor/bridge.test.js Show resolved Hide resolved
@mholtzman mholtzman merged commit d970cf4 into beta.20 Jun 24, 2022
@mholtzman mholtzman deleted the trezor-upgrades branch June 24, 2022 16:12
mholtzman added a commit that referenced this pull request Jun 24, 2022
@mholtzman @floating
beta.20 (#909)
f946832 
* update test deps, scripts and config

* separate electron-builder conf

* remove space

* update workflows

* dont show zero balances on error (#897)

* dont show zero balances on error

* remove test code

* address comments

* better ux for verify address on device (#907)

* better ux for verify address on device

* left click only

* clean up text logic

* minor cleanup

* make message to sign content more obvious to prevent forgery (#908)

* make message to sign content more obvious to prevent forgery

* Scroll notification

* Cleanup

Co-authored-by: Jordan Muir <jordan@frame.sh>

* Trezor upgrades (#904)

* update Trezor to use node packages

* add temp scratch file

* update temp file

* update event flow

* update event type

* add comment, remove console log

* add message and passphrase event handling

* finish startup flow for trezor T

* cleanup

* add feedback on passphrase entry

* update tests, UI

* updates

* remove comment

* update flow for refresh and error handling

* add ability to choose where to enter passphrase

* fix tests

* cleanup

* revert verify button changes

* revert changes

* address comments

* Style Trezor submit buttons

* change any to unknown for errors

Co-authored-by: Jordan Muir <jordan@frame.sh>

* dont restart when frame is already running (#888)

* use proxy connection for nebula (#836)

* use proxy connection for nebula

* fix connections

* remove error catch

* update startup sequence

* use providers for nebula

* fixes

* remove console log

* wait for nebula to be ready

* update tests

* update package lock

Co-authored-by: goosewobbler <goosewobbler@pm.me>
Co-authored-by: Jordan Muir <jordan@frame.sh>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@goosewobbler goosewobbler goosewobbler requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mholtzman @goosewobbler @floating