Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release/5.18.0 #1222

Merged
merged 31 commits into from
Apr 23, 2024
Merged

Release/5.18.0 #1222

merged 31 commits into from
Apr 23, 2024

Conversation

piyalbasu
Copy link
Contributor

No description provided.

piyalbasu and others added 12 commits March 22, 2024 17:28
@piyalbasu
before we close the sign transaction window, complete metrics upload (#…
776bfdf 
…1209)
@aristidesstaffieri
Better UX for contract IDs (#1122)
9d94f17 
* adds new component TruncateMiddle, handles dynamic truncation based on parent width

* adds font prop and tweaks operation pair to allow for width measuring

* tweaks container styles, adds use in keyval list

* adds copy to all contract IDs and keys from outside sources

* removes unused ref from previosu tries

* adds tests for truncateString helper

* fixes tests after dom changes on contract IDs

* adds copy value component, replaces inline copy instances. Uses boolean namign pattern. Only hides generic domain icon when domain is not present in asset detail

* fixes lint warnings

* uses truncated display value in KeyVal CopyValues
@piyalbasu
Feature/multiple allow list (#1210)
e8c8cf4 
* add migration for assetslist; create UI for displaying assets lists

* add translations
@aristidesstaffieri
adds internal getTokenDetails call, moves server and tx builder helpe…
80569f7 
…rs to shared namespace
@aristidesstaffieri
replaces all inline calls to get token details with internal helper call
bd1b0fd
@aristidesstaffieri
replaces some instances of sorobanClient from context
8d97ce0
@aristidesstaffieri
removes remaining uses of soroban client from context, remove soroban…
a3db1de 
… context
@aristidesstaffieri
adds soroban rpc not supported error
04c68f4
@aristidesstaffieri
adds sizes to error and loading asset icons to fix layout shift and a…
4541a36 
…lign these states
@aristidesstaffieri
renames getIndexerTokenDetails to getTokenDetails, tweaks loading sta…
3be7d3f 
…te in review auth and tweaks height setter in SlideUpModal
@aristidesstaffieri
Merge remote-tracking branch 'origin' into release/5.18.0
d00cd85
@piyalbasu
Feature/check multiple tokenlist (#1221)
8df22b1 
* first pass at adding multiple asset lists

* add verification badge

* add asset notifcation tooltip

* Added translations

* rm consoles

* update yarn

* reset debounce param

* use getTokenDetails

* fix tests
@socket-security Socket Security
Copy link

socket-security bot commented Mar 30, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@babel/plugin-bugfix-firefox-class-in-computed-class-key@7.24.4 None 0 12 kB nicolo-ribaudo
npm/@svgr/webpack@8.1.0 Transitive: environment, filesystem, unsafe +101 11.4 MB neoziro
npm/jsonschema@1.4.1 None 0 81.8 kB acubed

🚮 Removed packages: npm/@stellar-asset-lists/sdk@1.0.0

View full report↗︎

aristidesstaffieri and others added 10 commits April 3, 2024 09:23
@aristidesstaffieri
fixes keyboard navigation for onboarding - create new wallet flow
169d388
@aristidesstaffieri
adds key handling for recover account form in onboarding
9c37511
@aristidesstaffieri
adds native-like-outline mixin
7d804af
@piyalbasu
Feature/modify asset list (#1224)
a710d8e 
* add ability to edit/delete asset lists

* Added translations

* break if unable to load schema

* add comments
@piyalbasu
make sure to check for isEnabled when verifying (#1225)
576de26 
* make sure to check for isEnabled when verifying

* don't assign the func outside of the conditional
@piyalbasu
Feature/delete asset list modal (#1226)
feedccf 
* add delete asset list modal

* Added translations

* add view padding offset
@piyalbasu
Bugfix/copy fix token list (#1227)
05c21a3 
* copy fix for asset select token list verification

* Added translations
@piyalbasu
fix submit error (#1228)
66d5779
@piyalbasu
default to selected network if network is verifiable (#1229)
e8e3897 
* default to selected network if network is verifiable

* remove extraneous check
@piyalbasu
Feature/redesign settings (#1232)
22d8cef 
* add settings icons using svgr

* Added translations

* fix jest tests

* rollback ledger testing

* rm extra spaces
@socket-security Socket Security
Copy link

socket-security bot commented Apr 11, 2024
edited
Loading

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSource
Filesystem access npm/cosmiconfig@8.3.6
Debug access npm/css-tree@2.2.1
Debug access npm/css-tree@2.3.1
Debug access npm/csso@5.0.5
Filesystem access npm/@babel/preset-env@7.24.4

View full report↗︎

Next steps

What is filesystem access?

Accesses the file system, and could potentially read sensitive data.

If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead.

What is debug access?

Uses debug, reflection and dynamic code execution features.

Removing the use of debug will reduce the risk of any reflection and dynamic code execution.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/cosmiconfig@8.3.6
  • @SocketSecurity ignore npm/css-tree@2.2.1
  • @SocketSecurity ignore npm/css-tree@2.3.1
  • @SocketSecurity ignore npm/csso@5.0.5
  • @SocketSecurity ignore npm/@babel/preset-env@7.24.4

@piyalbasu
Bugfix/product qa 5.18.0 (#1239)
9ac0c21 
* don't reset isEnabled state; better error messaging

* add shadows to scrollable area
@piyalbasu
Bugfix/design fixes 5.18.0 (#1240)
0683e0c 
* add enabled/disabled sections and fix submit error

* Added translations
@piyalbasu
Merge branch 'master' into release/5.18.0
eb9385c
@piyalbasu piyalbasu merged commit a733a59 into master Apr 23, 2024
2 of 7 checks passed
@piyalbasu piyalbasu deleted the release/5.18.0 branch April 23, 2024 22:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@piyalbasu @aristidesstaffieri