refactor: v1 v2 split - Githubissues

skosito commented 2 months ago

will add go and ts bindings in follow up PR (started here: https://github.com/zeta-chain/protocol-contracts/pull/270 Q: do we need to port address generation or just use v1 for now? what is the usage for those?)
this PR separates contracts into 2 subprojects with workflows, v1 old hardhat project and v2 new foundry project
all development should be in v2 folder now

Summary by CodeRabbit

New Features
- Introduced a new README.md file providing an overview of the ZetaChain Protocol Contracts, including links to official resources and details on legacy and new contract versions.
Chores
- Enhanced GitHub Actions workflows for better versioning and focused execution on specific directories, improving overall efficiency for tasks like linting, testing, and publishing to NPM.
- Updated Node.js version in workflows to ensure the use of the latest features and improvements.
- Added a .gitignore entry for broadcast to maintain a cleaner repository.
- Restructured submodule definitions in .gitmodules to reflect a more modular organization.

coderabbitai[bot] commented 2 months ago

Walkthrough

The recent changes enhance the GitHub Actions workflows for project management, emphasizing versioning and streamlining processes specific to the 'v1' and 'v2' directories. Key updates include revised workflow names, newly defined triggers based on directory paths, and centralized working directories. These improvements reflect a focus on better organization, efficiency in testing, linting, and publishing tasks, as well as a clearer setup for tools and dependencies.

Changes

Files	Change Summary
*.github/workflows/generated-files_.yaml**	Workflows renamed to "Generated Files are Updated (V1/V2)", restricted to `v1/` and `v2/`, added working directory defaults.
*.github/workflows/lint_.yaml**	Workflows renamed to "Lint TS/JS (V1)" and "Lint TS/JS/Sol (V2)", restricted to `v1/` and `v2/`, updated Node.js version, added Foundry installation, and adjusted steps accordingly.
.github/workflows/publish-npm_v1.yaml	Renamed to "Publish to NPM (V1)", added working directory defaults, removed submodule checkout.
.github/workflows/slither_v2.yaml	Renamed to "Slither (V2)", updated to `v2/**`, upgraded checkout and Node.js versions, changed build command to `forge build`.
*.github/workflows/test_.yaml**	Workflows renamed to "Test (V1)" and "Test (V2)", adjusted to `v1/` and `v2/`, removed Foundry installation, and introduced Hardhat testing.
.gitignore	New entry `broadcast` added to ignore files related to broadcasting.
.gitmodules	Submodule paths updated to `v2/`, indicating a reorganization of dependencies.
README.md	New file introduced outlining the ZetaChain Protocol Contracts, linking to relevant resources.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant GitHubActions as GHA
    participant Node as NodeJS
    participant Tools as Tools
    participant Repo as Repository

    User->>GHA: Push changes to v1 or v2
    GHA->>Repo: Check out code
    GHA->>Node: Set up Node environment
    GHA->>Tools: Run linting/tests
    Tools->>GHA: Return results
    GHA->>User: Notify completion

🐇
In the meadow, changes bloom,
New workflows rise, dispelling gloom.
With paths defined and tools in hand,
Our projects flourish, oh so grand!
Hopping forward, we'll take flight,
Celebrating code, our delight!
🌼

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

gitguardian[bot] commented 2 months ago

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request

| GitGuardian id | GitGuardian status | Secret | Commit | Filename | | | -------------- | ------------------ | ------------------------------ | ---------------- | --------------- | -------------------- | | [13159201](https://dashboard.gitguardian.com/workspace/353073/incidents/13159201?occurrence=161364859) | Triggered | Alchemy API Key | 72e1200b897a15b73f00b30d7e1a0ba6265a7311 | v2/lib/forge-std/src/StdChains.sol | [View secret](https://github.com/zeta-chain/protocol-contracts/commit/72e1200b897a15b73f00b30d7e1a0ba6265a7311#diff-a4c9aba16bc3e1c696addb587fb1e4ee100845fbc095388710ec6b5a2c18c092R200) | | [13159201](https://dashboard.gitguardian.com/workspace/353073/incidents/13159201?occurrence=161364864) | Triggered | Alchemy API Key | 8fafcbd3f8841472be558a9b250d94061f16e514 | v2/lib/forge-std/src/StdChains.sol | [View secret](https://github.com/zeta-chain/protocol-contracts/commit/8fafcbd3f8841472be558a9b250d94061f16e514#diff-a4c9aba16bc3e1c696addb587fb1e4ee100845fbc095388710ec6b5a2c18c092L200) |

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code. 2. Replace and store your secret safely. [Learn here](https://blog.gitguardian.com/secrets-api-management) the best practices. 3. Revoke and [rotate this secret](https://docs.gitguardian.com/secrets-detection/detectors/specifics/private_key_openssh#revoke-the-secret). 4. If possible, [rewrite git history](https://blog.gitguardian.com/rewriting-git-history-cheatsheet). Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data. To avoid such incidents in the future consider - following these [best practices](https://blog.gitguardian.com/secrets-api-management/) for managing and storing secrets including API keys and other credentials - install [secret detection on pre-commit](https://https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit) to catch secret before it leaves your machine and ease remediation.

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

github-advanced-security[bot] commented 2 months ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

codecov-commenter commented 2 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 51.35%. Comparing base (2ea8f56) to head (640e67d).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #268 +/- ## ========================================== - Coverage 58.10% 51.35% -6.76% ========================================== Files 16 17 +1 Lines 401 407 +6 Branches 28 28 ========================================== - Hits 233 209 -24 - Misses 165 195 +30 Partials 3 3 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.