search

ConsenSysMesh / Stow-Smart-Contracts

Formerly Linnia-Smart-Contracts
https://stow-protocol.com/
MIT License
56 stars 39 forks source link

Updating to 0.4.24 solc and fixing 0.4.24 solc warnings by using abi.encodePacked #29

Closed godfreyhobbs closed 6 years ago

godfreyhobbs commented 6 years ago

Fixing #28

codecov-io commented 6 years ago

Codecov Report

Merging #29 into master will not change coverage. The diff coverage is 100%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master      #29   +/-   ##
=======================================
  Coverage   96.49%   96.49%           
=======================================
  Files           4        4           
  Lines         114      114           
  Branches       24       24           
=======================================
  Hits          110      110           
  Misses          4        4
Impacted Files Coverage Δ
contracts/LinniaPermissions.sol 95.23% <ø> (ø) :arrow_up:
contracts/LinniaUsers.sol 94.73% <ø> (ø) :arrow_up:
contracts/LinniaHub.sol 94.11% <ø> (ø) :arrow_up:
contracts/LinniaRecords.sol 98.24% <100%> (ø) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 57e2cc3...d58a5b0. Read the comment docs.

libertylocked commented 6 years ago

cannot reproduce. the contracts should only build using solc 0.4.23

godfreyhobbs commented 6 years ago

This fixes the following:


# Run  npm install --save-dev truffle@4.1.11  to resolve 2 vulnerabilities
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ debug                                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ truffle [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ truffle > mocha > debug                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/534                       │
└───────────────┴──────────────────────────────────────────────────────────────┘

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical      │ Command Injection                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ growl                                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ truffle [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ truffle > mocha > growl                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/146                       │
└───────────────┴──────────────────────────────────────────────────────────────┘

found 2 vulnerabilities (1 low, 1 critical) in 21477 scanned packages
  run `npm audit fix` to fix 2 of them.```