search

celo-org / celo-composer

celo-composer is a starter project with all code needed to build, deploy, and upgrade a dapps on Celo.
MIT License
117 stars 110 forks source link

Bug fix: hardhat package dependency conflict with react app #179

Closed 0xzoz closed 1 year ago

0xzoz commented 1 year ago
netlify[bot] commented 1 year ago

Deploy Preview for celo-composer failed.

Name Link
Latest commit ae9827612f779d033c0f04fefefa940ae9c1fcc0
Latest deploy log https://app.netlify.com/sites/celo-composer/deploys/640d87f5f23a5a000865c902
socket-security[bot] commented 1 year ago

Socket Security Pull Request Report

Dependency issues detected: If you merge this pull request, you will not be alerted to the instances of these issues again.

😵‍💫 Bin script confusion

This package has multiple bin scripts with the same name. This can cause non-deterministic behavior when installing or could be a sign of a supply chain attack

Consider removing one of the conflicting packages. Packages should only export bin scripts with their name

Package Bin script Source
ganache@7.7.5 (upgraded) node-gyp-build-test packages/hardhat/package.json via ganache@7.7.5
ganache@7.7.5 (upgraded) node-gyp-build-test packages/hardhat/package.json via ganache@7.7.5
node-gyp-build@4.4.0 (upgraded) node-gyp-build-test
node-gyp-build@4.6.0 (upgraded) node-gyp-build-test packages/angular-app/package.json via @angular-devkit/build-angular@13.3.10, @walletconnect/web3-provider@1.8.0, karma@6.3.20, karma-jasmine@4.0.2, karma-jasmine-html-reporter@1.7.0, web3@1.8.2, packages/hardhat/package.json via @ethersproject/providers@5.7.2, @nomicfoundation/hardhat-chai-matchers@1.0.6, @nomicfoundation/hardhat-network-helpers@1.0.8, @nomiclabs/hardhat-ethers@2.2.2, @nomiclabs/hardhat-etherscan@3.1.6, @redstone-finance/evm-connector@0.0.15, @terminal-fi/celo-devchain@4.0.1, @typechain/ethers-v5@10.2.0, @typechain/hardhat@6.1.5, @typechain/web3-v1@6.0.2, ethereumjs-util@7.1.5, ethereumjs-wallet@1.0.2, ethers@5.7.2, ganache@7.7.5, hardhat@2.12.7, hardhat-celo@0.0.3, hardhat-deploy@0.11.23, hardhat-gas-reporter@1.0.9, solidity-coverage@0.7.22, web3@1.8.2, web3-core@1.8.2, web3-eth-contract@1.8.2, packages/react-app/package.json via @celo/contractkit@3.1.0, @celo/rainbowkit-celo@0.8.1, @celo/react-celo@4.3.0, @rainbow-me/rainbowkit@0.8.1, ethers@5.7.2, wagmi@0.11.2, packages/react-native-app/package.json via @celo/contractkit@3.2.0, @react-native-async-storage/async-storage@1.17.11, @react-navigation/bottom-tabs@6.5.5, @react-navigation/native@6.1.4, @react-navigation/native-stack@6.9.10, @walletconnect/react-native-dapp@1.8.0, jest@26.6.3, jest-expo@44.0.1, react-native@0.70.5, react-native-get-random-values@1.8.0, react-native-safe-area-context@4.4.1, react-native-screens@3.18.2, web3@1.8.2
rlp@2.2.7 (upgraded) rlp packages/angular-app/package.json via @walletconnect/web3-provider@1.8.0, web3@1.8.2, packages/hardhat/package.json via @nomicfoundation/hardhat-chai-matchers@1.0.6, @nomicfoundation/hardhat-network-helpers@1.0.8, @nomiclabs/hardhat-ethers@2.2.2, @nomiclabs/hardhat-etherscan@3.1.6, @terminal-fi/celo-devchain@4.0.1, @typechain/hardhat@6.1.5, @typechain/web3-v1@6.0.2, ethereumjs-util@7.1.5, ethereumjs-wallet@1.0.2, hardhat@2.12.7, hardhat-celo@0.0.3, hardhat-gas-reporter@1.0.9, solidity-coverage@0.7.22, web3@1.8.2, web3-core@1.8.2, web3-eth-contract@1.8.2, packages/react-app/package.json via @celo/contractkit@3.1.0, @celo/react-celo@4.3.0, packages/react-native-app/package.json via @celo/contractkit@3.2.0, web3@1.8.2, packages/react-native-app-without-expo/package.json via web3@1.7.5, packages/truffle/package.json via redstone-evm-connector@2.1.26, truffle-privatekey-provider@1.5.0
ganache@7.7.5 (upgraded) node-gyp-build packages/hardhat/package.json via ganache@7.7.5
ganache@7.7.5 (upgraded) node-gyp-build packages/hardhat/package.json via ganache@7.7.5
node-gyp-build@4.4.0 (upgraded) node-gyp-build
node-gyp-build@4.6.0 (upgraded) node-gyp-build packages/angular-app/package.json via @angular-devkit/build-angular@13.3.10, @walletconnect/web3-provider@1.8.0, karma@6.3.20, karma-jasmine@4.0.2, karma-jasmine-html-reporter@1.7.0, web3@1.8.2, packages/hardhat/package.json via @ethersproject/providers@5.7.2, @nomicfoundation/hardhat-chai-matchers@1.0.6, @nomicfoundation/hardhat-network-helpers@1.0.8, @nomiclabs/hardhat-ethers@2.2.2, @nomiclabs/hardhat-etherscan@3.1.6, @redstone-finance/evm-connector@0.0.15, @terminal-fi/celo-devchain@4.0.1, @typechain/ethers-v5@10.2.0, @typechain/hardhat@6.1.5, @typechain/web3-v1@6.0.2, ethereumjs-util@7.1.5, ethereumjs-wallet@1.0.2, ethers@5.7.2, ganache@7.7.5, hardhat@2.12.7, hardhat-celo@0.0.3, hardhat-deploy@0.11.23, hardhat-gas-reporter@1.0.9, solidity-coverage@0.7.22, web3@1.8.2, web3-core@1.8.2, web3-eth-contract@1.8.2, packages/react-app/package.json via @celo/contractkit@3.1.0, @celo/rainbowkit-celo@0.8.1, @celo/react-celo@4.3.0, @rainbow-me/rainbowkit@0.8.1, ethers@5.7.2, wagmi@0.11.2, packages/react-native-app/package.json via @celo/contractkit@3.2.0, @react-native-async-storage/async-storage@1.17.11, @react-navigation/bottom-tabs@6.5.5, @react-navigation/native@6.1.4, @react-navigation/native-stack@6.9.10, @walletconnect/react-native-dapp@1.8.0, jest@26.6.3, jest-expo@44.0.1, react-native@0.70.5, react-native-get-random-values@1.8.0, react-native-safe-area-context@4.4.1, react-native-screens@3.18.2, web3@1.8.2
ganache@7.7.5 (upgraded) node-gyp-build-optional packages/hardhat/package.json via ganache@7.7.5
ganache@7.7.5 (upgraded) node-gyp-build-optional packages/hardhat/package.json via ganache@7.7.5
node-gyp-build@4.4.0 (upgraded) node-gyp-build-optional
node-gyp-build@4.6.0 (upgraded) node-gyp-build-optional packages/angular-app/package.json via @angular-devkit/build-angular@13.3.10, @walletconnect/web3-provider@1.8.0, karma@6.3.20, karma-jasmine@4.0.2, karma-jasmine-html-reporter@1.7.0, web3@1.8.2, packages/hardhat/package.json via @ethersproject/providers@5.7.2, @nomicfoundation/hardhat-chai-matchers@1.0.6, @nomicfoundation/hardhat-network-helpers@1.0.8, @nomiclabs/hardhat-ethers@2.2.2, @nomiclabs/hardhat-etherscan@3.1.6, @redstone-finance/evm-connector@0.0.15, @terminal-fi/celo-devchain@4.0.1, @typechain/ethers-v5@10.2.0, @typechain/hardhat@6.1.5, @typechain/web3-v1@6.0.2, ethereumjs-util@7.1.5, ethereumjs-wallet@1.0.2, ethers@5.7.2, ganache@7.7.5, hardhat@2.12.7, hardhat-celo@0.0.3, hardhat-deploy@0.11.23, hardhat-gas-reporter@1.0.9, solidity-coverage@0.7.22, web3@1.8.2, web3-core@1.8.2, web3-eth-contract@1.8.2, packages/react-app/package.json via @celo/contractkit@3.1.0, @celo/rainbowkit-celo@0.8.1, @celo/react-celo@4.3.0, @rainbow-me/rainbowkit@0.8.1, ethers@5.7.2, wagmi@0.11.2, packages/react-native-app/package.json via @celo/contractkit@3.2.0, @react-native-async-storage/async-storage@1.17.11, @react-navigation/bottom-tabs@6.5.5, @react-navigation/native@6.1.4, @react-navigation/native-stack@6.9.10, @walletconnect/react-native-dapp@1.8.0, jest@26.6.3, jest-expo@44.0.1, react-native@0.70.5, react-native-get-random-values@1.8.0, react-native-safe-area-context@4.4.1, react-native-screens@3.18.2, web3@1.8.2
Pull request report summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ⚠️ 13 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

  • @SocketSecurity ignore ganache@7.7.5
  • @SocketSecurity ignore node-gyp-build@4.4.0
  • @SocketSecurity ignore node-gyp-build@4.6.0
  • @SocketSecurity ignore rlp@2.2.7

Powered by socket.dev