Skip to content

WIP Reset to 2.42.0 #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sonicWhale wants to merge 18 commits into
base: devel
Choose a base branch
from
Open

WIP Reset to 2.42.0 #13

sonicWhale wants to merge 18 commits into from

Conversation

@sonicWhale
Copy link

@sonicWhale sonicWhale commented May 11, 2023

No description provided.

Alexey Sharp and others added 18 commits March 6, 2023 12:58
Stable modification
38fb38a
Bump patch version
36b03c1
@SLoeuillet
graphql: add missing fields in block.transaction (erigontech#7034)
b66199b
@hexoscott
remove PeerUseless calls (erigontech#7032)
697ff09
@anshalshukla
use bor interface (erigontech#7045)
cc4521a
@0xKrishna
Update validator map when loading snapshot (erigontech#7046)
9a65dd1
@AskAlexSharov
nil ptr in checkPruneHistory (erigontech#7042)
c9513f5
@SLoeuillet
graphql: protect against nil pointer deref on cases like TX with nil … (
94b4cee 
erigontech#7047)

…To address (contract creation)
Bump version
5c54138
@yperbasis
Schedule mainnet Shapella. Fix BellatrixForkEpoch (erigontech#7145)
5d0f778 
See ethereum/execution-specs#727. Also,
`BellatrixForkEpoch` should be 144896, not 144869: refer to [the
spec](https://github.com/ethereum/consensus-specs/blob/dev/specs/bellatrix/fork.md).
@Giulio2002
Banning peers sending bad gossip (erigontech#7134)
8ad4870
@yperbasis
Release transaction in EngineGetPayloadBodiesByRangeV1 (and by hash) (e…
b8eaf78 
…rigontech#7199)

Should hopefully help with Issue erigontech#7172
@Giulio2002
Error handling to beacon chain gossip (erigontech#7132)
beb9778
@sonicWhale
add grpc-health-probe to Dockerfile
1cd02fa
@sonicWhale
luban fork support; light client features; upstream erigon main repo
4c0970c
@sonicWhale
starter with errortrack flag
eb45000
@avinashbo @sonicWhale
Fix chapel sync issues
2132de9
@sonicWhale
Filter method with changed sequence of arguments
f7912be
@guardrails
Copy link

guardrails bot commented May 11, 2023

⚠️ We detected 22 security issues in this pull request:

Hard-Coded Secrets (4)
Severity Details Docs
Medium Title: Hex High Entropy String

erigon/core/allocs/bsc.json

Line 45 in f7912be

"b005741528b86F5952469d80A8614591E3c5B632": {
📚
Medium Title: Hex High Entropy String

erigon/core/allocs/bsc.json

Line 48 in f7912be

"446AA6E0DC65690403dF3F127750da1322941F3e": {
📚
Medium Title: Hex High Entropy String

erigon/core/allocs/chapel.json

Line 45 in f7912be

"9fB29AAc15b9A4B7F17c3385939b007540f4d791": {
📚
Medium Title: Hex High Entropy String

erigon/core/allocs/chapel.json

Line 48 in f7912be

"37B8516a0F88E65D677229b402ec6C1e0E333004": {
📚

More info on how to fix Hard-Coded Secrets in General.

Vulnerable Libraries (17)
Severity Details
N/A pkg:golang/github.com/ledgerwatch/erigon-lib@v0.0.0-20230330024812-ae99e29d013b@v0.0.0-20230330024812-ae99e29d013b - no patch available
N/A pkg:golang/google.golang.org/grpc@v1.54.0@v1.54.0 - no patch available
N/A pkg:golang/modernc.org/sqlite@v1.21.1@v1.21.1 - no patch available
N/A pkg:golang/github.com/prometheus/client_golang@v1.14.0@v1.14.0 - no patch available
N/A pkg:golang/github.com/99designs/gqlgen@v0.17.27@v0.17.27 - no patch available
N/A pkg:golang/github.com/consensys/gnark-crypto@v0.10.0@v0.10.0 - no patch available
N/A pkg:golang/github.com/protolambda/ztyp@v0.2.2@v0.2.2 - no patch available
N/A pkg:golang/github.com/grpc-ecosystem/go-grpc-middleware@v1.4.0@v1.4.0 - no patch available
N/A pkg:golang/github.com/btcsuite/btcd/btcec/v2@v2.3.2@v2.3.2 - no patch available
N/A pkg:golang/github.com/dop251/goja@v0.0.0-20230122112309-96b1610dd4f7@v0.0.0-20230122112309-96b1610dd4f7 - no patch available
N/A pkg:golang/github.com/libp2p/go-libp2p@v0.26.2@v0.26.2 - no patch available
N/A pkg:golang/github.com/bnb-chain/ics23@v0.1.0@v0.1.0 - no patch available
N/A pkg:golang/github.com/cometbft/cometbft@v0.37.1@v0.37.1 - no patch available
N/A pkg:golang/github.com/libp2p/go-libp2p-pubsub@v0.9.3@v0.9.3 - no patch available
N/A pkg:golang/github.com/crate-crypto/go-kzg-4844@v0.0.0-20230405223534-4364e2f9d209@v0.0.0-20230405223534-4364e2f9d209 - no patch available
N/A pkg:golang/github.com/shirou/gopsutil/v3@v3.23.3@v3.23.3 - no patch available
N/A pkg:golang/github.com/prysmaticlabs/prysm/v4@v4.0.3@v4.0.3 - no patch available

More info on how to fix Vulnerable Libraries in Go.

Insecure Network Communication (1)
Severity Details Docs
Medium Title: Insecure SSL/TLS versions allowed

erigon/turbo/app/support.go

Line 76 in f7912be

InsecureSkipVerify: insecure, //nolint:gosec
📚

More info on how to fix Insecure Network Communication in Go.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@avinashbo avinashbo changed the title Reset to 2.42.0 WIP Reset to 2.42.0 May 12, 2023
@github-actions
Copy link

github-actions bot commented Jun 22, 2023

This PR is stale because it has been open for 40 days with no activity.

@github-actions github-actions bot added the Stale label Jun 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Stale

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@sonicWhale @SLoeuillet @hexoscott @anshalshukla @0xKrishna @AskAlexSharov @yperbasis @Giulio2002 @avinashbo