✨ feat(wallet): update wallet structure to JSONB with optional tags#4226
✨ feat(wallet): update wallet structure to JSONB with optional tags#4226SebasianDev wants to merge 13 commits into
Conversation
|
@SebasianDev is attempting to deploy a commit to the Ava Labs Team on Vercel. A member of the Team first needs to authorize it. |
Signed-off-by: Anotherdev <joseluismanco37@gmail.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
| EIP712_STATEMENT, | ||
| } from "@/lib/profile/walletEip712"; | ||
|
|
||
| const projectId = process.env.NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID ?? ""; |
There was a problem hiding this comment.
for variables that we need to add please highlight them in the description as well so we dont forget when merging
|
![semgrep-ava-labs[bot]](https://avatars.githubusercontent.com/u/44277073?s=60&v=4){kind=small}
| pathe "^2.0.3" | ||
| picomatch "^4.0.3" | ||
| std-env "^4.0.0-rc.1" | ||
| vitest@^2.1.9: |
There was a problem hiding this comment.
Risk: Affected versions of vitest are vulnerable to Missing Authorization. When the Vitest UI server is listening, the deprecated isFileServingAllowed check is applied without normalizing the URL before filesystem operations, allowing path traversal that lets an attacker read, write, and execute arbitrary files outside the project directory.
Manual Review Advice: A vulnerability from this advisory is reachable if you run the Vitest UI on Windows, or you expose the Vitest UI server to the network with the --api.host flag or api.host config option
Fix: Upgrade this library to at least version 3.2.6 at builders-hub/yarn.lock:13101.
Reference(s): GHSA-5xrq-8626-4rwp
🧁 Fixed in commit 57af813 🧁
6 participants
✨ feat(wallet): update wallet structure to JSONB with optional tags