Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #9068

Closed
wants to merge 2 commits into from
Closed

[Snyk] Fix for 1 vulnerabilities #9068

wants to merge 2 commits into from

Conversation

snyk-bot
Copy link
Contributor

Description

This PR fixes one or more vulnerable packages in the rubygems dependencies of this project.
See the Snyk test report for more details.

Snyk Project: status-im/status-react:fastlane/Gemfile.lock

Snyk Organization: Status-im

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • fastlane/Gemfile
    • fastlane/Gemfile.lock

Vulnerabilities that will be fixed

With an upgrade:

You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

Check the changes in this PR to ensure they won't cause issues with your project.

Stay secure,
The Snyk team

Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix PRs. To review the settings for this Snyk project please go to the project settings page.

@status-github-bot
Copy link

status-github-bot bot commented Sep 30, 2019
edited by pedropombeiro
Loading

Pull Request Checklist

  • Docs: Updated the documentation, if affected
  • Docs: Added or updated inline comments explaining intention of the code
  • Tests: Ensured that all new UI elements have been assigned accessibility IDs
  • Tests: Signaled need for E2E tests with label, if applicable
  • Tests: Briefly described what was tested and what platforms were used
  • UI: In case of UI changes, ensured that UI matches Figma
  • UI: In case of UI changes, requested review from a Core UI designer
  • UI: In case of UI changes, included screenshots of implementation

@status-im-auto
Copy link
Member

status-im-auto commented Sep 30, 2019
edited
Loading

Jenkins Builds

Click to see older builds (6)
Commit #️⃣ Finished (UTC) Duration Platform Result
✔️ 579e9c5 #1 2019-09-30 05:51:46 ~10 min ios 📦ipa 📲
✔️ 579e9c5 #1 2019-09-30 05:53:00 ~11 min macos 📦dmg
579e9c5 #1 2019-09-30 05:54:17 ~13 min android-e2e 📄log
✔️ 579e9c5 #1 2019-09-30 05:54:25 ~13 min android 📦apk 📲
✔️ 579e9c5 #1 2019-09-30 05:55:07 ~13 min linux 📦App
✔️ 579e9c5 #1 2019-09-30 05:56:07 ~14 min windows 📦exe
Commit #️⃣ Finished (UTC) Duration Platform Result
✔️ ee44ee8 #2 2019-09-30 08:55:22 ~11 min ios 📦ipa 📲
✔️ ee44ee8 #2 2019-09-30 08:56:59 ~13 min android-e2e 📦apk 📲
✔️ ee44ee8 #2 2019-09-30 08:57:24 ~13 min macos 📦dmg
✔️ ee44ee8 #2 2019-09-30 08:57:48 ~14 min linux 📦App
✔️ ee44ee8 #2 2019-09-30 08:58:51 ~15 min android 📦apk 📲
✔️ ee44ee8 #2 2019-09-30 08:59:17 ~15 min windows 📦exe
✔️ d986d84 #3 2019-09-30 11:54:07 ~10 min ios 📦ipa 📲
✔️ d986d84 #3 2019-09-30 11:56:01 ~11 min android 📦apk 📲
✔️ d986d84 #3 2019-09-30 11:57:30 ~13 min macos 📦dmg
✔️ d986d84 #3 2019-09-30 11:58:16 ~14 min windows 📦exe
✔️ d986d84 #3 2019-09-30 12:00:44 ~16 min android-e2e 📦apk 📲
✔️ d986d84 #3 2019-09-30 12:00:58 ~16 min linux 📦App

@jakubgs jakubgs force-pushed the snyk-fix-3579c98e3269956f615818d201398be3 branch from 579e9c5 to ee44ee8 Compare September 30, 2019 08:43
snyk-bot and others added 2 commits September 30, 2019 13:42
@snyk-bot
fix: fastlane/Gemfile & fastlane/Gemfile.lock to reduce vulnerabilities
21472a9 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RUBYZIP-469156

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Add pod-install Makefile target
d986d84
@pedropombeiro pedropombeiro force-pushed the snyk-fix-3579c98e3269956f615818d201398be3 branch from ee44ee8 to d986d84 Compare September 30, 2019 11:43
@snyk-bot snyk-bot requested a review from a team as a code owner September 30, 2019 11:43
@pedropombeiro
Copy link
Contributor

@jakubgs can we merge this?

@jakubgs jakubgs closed this Sep 30, 2019
@statustestbot
Copy link

89% of end-end tests have passed

Total executed tests: 47
Failed tests: 5
Passed tests: 42

Failed tests (5)

Click to expand
1. test_send_transaction_from_daap

Device 1: Wait for OkButton
Device 1: Tap on OkButton

Balance is not changed during 360 seconds, funds were not received!

Device sessions

2. test_send_token_with_7_decimals

Device 1: Wait for OkButton
Device 1: Tap on OkButton

Transaction with amount 0.0248391 is not found in list of transactions, address is f184747445c3B85CEb147DfB136067CB93d95F1D

Device sessions

3. test_modify_transaction_fee_values

Device 1: Wait for OkButton
Device 1: Tap on OkButton

Transaction with amount 0.00301781 is not found in list of transactions, address is b92496fffd668c2de08694623303456aa98cdf33

Device sessions

4. test_send_eth_from_wallet_to_address

Device 1: Wait for OkButton
Device 1: Tap on OkButton

Transaction with amount 0.003017812 is not found in list of transactions, address is 9164f86170290ba3080e37d19d1953d3c5945913

Device sessions

5. test_send_stt_from_wallet

Device 1: Wait for OkButton
Device 1: Tap on OkButton

Transaction with amount 0.00301799 is not found in list of transactions, address is f184747445c3B85CEb147DfB136067CB93d95F1D

Device sessions

Passed tests (42)

Click to expand
1. test_block_user_from_public_chat
Device sessions

2. test_filters_from_daap
Device sessions

3. test_copy_and_paste_messages
Device sessions

4. test_deploy_contract_from_daap
Device sessions

5. test_open_transaction_on_etherscan
Device sessions

6. test_public_chat_messaging
Device sessions

7. test_long_press_to_delete_1_1_chat
Device sessions

8. test_password_in_logcat_sign_in
Device sessions

9. test_text_message_1_1_chat
Device sessions

10. test_add_to_contacts
Device sessions

11. test_sign_typed_message
Device sessions

12. test_unread_messages_counter_1_1_chat
Device sessions

13. test_ens_in_public_chat
Device sessions

14. test_logcat_send_transaction_from_daap
Device sessions

15. test_send_message_in_group_chat
Device sessions

16. test_logcat_send_transaction_from_wallet
Device sessions

17. test_offline_messaging_1_1_chat
Device sessions

18. test_add_account_to_multiaccount_instance
Device sessions

19. test_manage_assets
Device sessions

20. test_long_press_to_delete_public_chat
Device sessions

21. test_send_emoji
Device sessions

22. test_search_chat_on_home
Device sessions

23. test_logcat_recovering_account
Device sessions

24. test_can_add_existing_ens
Device sessions

25. test_messaging_in_different_networks
Device sessions

26. test_logcat_backup_recovery_phrase
Device sessions

27. test_logcat_sign_message_from_daap
Device sessions

28. test_switch_users_and_add_new_account
Device sessions

29. test_login_with_new_account
Device sessions

30. test_start_chat_with_ens
Device sessions

31. test_add_contact_from_public_chat
Device sessions

32. test_send_two_transactions_one_after_another_in_dapp
Device sessions

33. test_password_in_logcat_creating_account
Device sessions

34. test_backup_recovery_phrase
Device sessions

35. test_offline_status
Device sessions

36. test_open_google_com_via_open_dapp
Device sessions

37. test_unread_messages_counter_public_chat
Device sessions

38. test_sign_message_from_daap
Device sessions

39. test_user_can_remove_profile_picture
Device sessions

40. test_share_contact_code_and_wallet_address
Device sessions

41. test_refresh_button_browsing_app_webview
Device sessions

42. test_backup_recovery_phrase_warning_from_wallet
Device sessions

@weekly-digest weekly-digest bot mentioned this pull request Oct 6, 2019
Closed
@jakubgs jakubgs deleted the snyk-fix-3579c98e3269956f615818d201398be3 branch May 12, 2020 13:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pedropombeiro pedropombeiro pedropombeiro approved these changes

@jakubgs jakubgs jakubgs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
No open projects
Legacy QA Automation Project
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@snyk-bot @status-im-auto @pedropombeiro @statustestbot @jakubgs @flexsurfer