Merge Develop into Main #132
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…sion flow (#108) * fix: pnpm filter fix Signed-off-by: Alexander Mangel <[email protected]> * chore: ENV bypass for desktop development Signed-off-by: Alexander Mangel <[email protected]> * wip: convert to TW 4 CSS - exclode contracts/lib - remove postcss/autoprefixer - use tailwindcss/vite - convert existing tv defs -> tailwind utilities - convert existing typo -> typography.css - appbar style conform figma - remove customized tv export, remove customized cn export -> tailwind CSS classes now first class - remove padding from root + add to appView Signed-off-by: Alexander Mangel <[email protected]> * wip: retooling base Signed-off-by: Alexander Mangel <[email protected]> * feat(client): initial components, profile + garden screen Custom based off radix/shadcn, lowlevel components with tv variants: - accordion - avatar - badge - card - profile - tabs Signed-off-by: Alexander Mangel <[email protected]> * style: profile, faq, cards, accordion, typography Signed-off-by: Alexander Mangel <[email protected]> * wip: carousel, badges, actioncard, gardencard Signed-off-by: Alexander Mangel <[email protected]> * wip: broke all the colors after receiving Marcus export Signed-off-by: Alexander Mangel <[email protected]> * style: carousel, garden card, workcard, actioncard Signed-off-by: Alexander Mangel <[email protected]> * fix: typography error Signed-off-by: Alexander Mangel <[email protected]> * feat: garden (work) full flow Signed-off-by: Alexander Mangel <[email protected]> * chore: remove debug flag Signed-off-by: Alexander Mangel <[email protected]> * fix: strokee -> stroke Signed-off-by: Alexander Mangel <[email protected]> * chore(media): put preview modal back in (but doesn’t work) Signed-off-by: Alexander Mangel <[email protected]> * fix: ts errors Signed-off-by: Alexander Mangel <[email protected]> * exclude test in build * updated vite config --------- Signed-off-by: Alexander Mangel <[email protected]> Co-authored-by: Afo <[email protected]>
* fix: pnpm filter fix Signed-off-by: Alexander Mangel <[email protected]> * chore: ENV bypass for desktop development Signed-off-by: Alexander Mangel <[email protected]> * wip: convert to TW 4 CSS - exclode contracts/lib - remove postcss/autoprefixer - use tailwindcss/vite - convert existing tv defs -> tailwind utilities - convert existing typo -> typography.css - appbar style conform figma - remove customized tv export, remove customized cn export -> tailwind CSS classes now first class - remove padding from root + add to appView Signed-off-by: Alexander Mangel <[email protected]> * wip: retooling base Signed-off-by: Alexander Mangel <[email protected]> * feat(client): initial components, profile + garden screen Custom based off radix/shadcn, lowlevel components with tv variants: - accordion - avatar - badge - card - profile - tabs Signed-off-by: Alexander Mangel <[email protected]> * style: profile, faq, cards, accordion, typography Signed-off-by: Alexander Mangel <[email protected]> * wip: carousel, badges, actioncard, gardencard Signed-off-by: Alexander Mangel <[email protected]> * wip: broke all the colors after receiving Marcus export Signed-off-by: Alexander Mangel <[email protected]> * style: carousel, garden card, workcard, actioncard Signed-off-by: Alexander Mangel <[email protected]> * fix: typography error Signed-off-by: Alexander Mangel <[email protected]> * feat: garden (work) full flow Signed-off-by: Alexander Mangel <[email protected]> * chore: remove debug flag Signed-off-by: Alexander Mangel <[email protected]> * fix: strokee -> stroke Signed-off-by: Alexander Mangel <[email protected]> * chore(media): put preview modal back in (but doesn’t work) Signed-off-by: Alexander Mangel <[email protected]> * fix: ts errors Signed-off-by: Alexander Mangel <[email protected]> * feat: workcard Signed-off-by: Alexander Mangel <[email protected]> * feat: work approval Signed-off-by: Alexander Mangel <[email protected]> * feat: topnav, assesment, work approval, notification center, notifications Signed-off-by: Alexander Mangel <[email protected]> * feat: navToTop fix Signed-off-by: Alexander Mangel <[email protected]> * style: home mb Signed-off-by: Alexander Mangel <[email protected]> * fix: push buttons to bottom Signed-off-by: Alexander Mangel <[email protected]> * fix: gardencard, garden input fixed, topnav fix Signed-off-by: Alexander Mangel <[email protected]> * fix: fix for routes (/home) and appbar highlighting correct route Signed-off-by: Alexander Mangel <[email protected]> * fix: last touches Signed-off-by: Alexander Mangel <[email protected]> * fixed schema parsing typo fixed attester prop issue in parsing work approval data made feedback optional updated work approval component and woork approval mutation. * updated import names to match routes removed null as option for garden tab view * updated to use image stored onchain for garden * added a work metadata type created function for fetching and parsing work metadata * fixed type errors in test * update * optimized code spplitting of app * updated lockfile * wip: req changes Signed-off-by: Alexander Mangel <[email protected]> * feat: final changes Signed-off-by: Alexander Mangel <[email protected]> * fix: clean out tsc errors Signed-off-by: Alexander Mangel <[email protected]> * chore: ENV bypass for desktop development Signed-off-by: Alexander Mangel <[email protected]> * wip: convert to TW 4 CSS - exclode contracts/lib - remove postcss/autoprefixer - use tailwindcss/vite - convert existing tv defs -> tailwind utilities - convert existing typo -> typography.css - appbar style conform figma - remove customized tv export, remove customized cn export -> tailwind CSS classes now first class - remove padding from root + add to appView Signed-off-by: Alexander Mangel <[email protected]> * wip: retooling base Signed-off-by: Alexander Mangel <[email protected]> * feat(client): initial components, profile + garden screen Custom based off radix/shadcn, lowlevel components with tv variants: - accordion - avatar - badge - card - profile - tabs Signed-off-by: Alexander Mangel <[email protected]> * style: profile, faq, cards, accordion, typography Signed-off-by: Alexander Mangel <[email protected]> * wip: carousel, badges, actioncard, gardencard Signed-off-by: Alexander Mangel <[email protected]> * wip: broke all the colors after receiving Marcus export Signed-off-by: Alexander Mangel <[email protected]> * style: carousel, garden card, workcard, actioncard Signed-off-by: Alexander Mangel <[email protected]> * fix: typography error Signed-off-by: Alexander Mangel <[email protected]> * feat: work approval flow (squashed) Signed-off-by: Alexander Mangel <[email protected]> --------- Signed-off-by: Alexander Mangel <[email protected]> Co-authored-by: Alexander Mangel <[email protected]>
* updated landing page mock image made garden view fullscreen with fixed top and bottom nav added appbar animation * updated profile view with fixed user profile and tab list * made garden top view fixed
* updated landing page mock image made garden view fullscreen with fixed top and bottom nav added appbar animation * updated profile view with fixed user profile and tab list * made garden top view fixed * removed uneeded environment vars added react spinners for new beat loader updated animation for appbar fixed scroll issue when changing tabs updated login with react-intl
* updated landing page mock image made garden view fullscreen with fixed top and bottom nav added appbar animation * updated profile view with fixed user profile and tab list * made garden top view fixed * removed uneeded environment vars added react spinners for new beat loader updated animation for appbar fixed scroll issue when changing tabs updated login with react-intl * Updated dialog for installing app * updated social preview * updated social image to webp * added contract error parsing for publishing and approving work * added environment var for indexer * added init for repo setup
* updated landing page mock image made garden view fullscreen with fixed top and bottom nav added appbar animation * updated profile view with fixed user profile and tab list * made garden top view fixed * removed uneeded environment vars added react spinners for new beat loader updated animation for appbar fixed scroll issue when changing tabs updated login with react-intl * Updated dialog for installing app * updated social preview * updated social image to webp * added contract error parsing for publishing and approving work * added environment var for indexer * added posthog for product analytics, sesion recordings, feature flags & more * added .env to gitignore * updated lockfile
* updated landing page mock image made garden view fullscreen with fixed top and bottom nav added appbar animation * updated profile view with fixed user profile and tab list * made garden top view fixed * removed uneeded environment vars added react spinners for new beat loader updated animation for appbar fixed scroll issue when changing tabs updated login with react-intl * Updated dialog for installing app * updated social preview * updated social image to webp * added contract error parsing for publishing and approving work * added environment var for indexer * feat: i18n translation, first pass Signed-off-by: Alexander Mangel <[email protected]> * feat: updated translations, store lang pref in localStorage Signed-off-by: Alexander Mangel <[email protected]> * feat: rudimentary tag support Signed-off-by: Alexander Mangel <[email protected]> * feat: better tag handling Signed-off-by: Alexander Mangel <[email protected]> * fixed node version issue updated lockfile with new pnpm version * updated pnpm engine reqiurement to 9 or above --------- Signed-off-by: Alexander Mangel <[email protected]> Co-authored-by: Afo <[email protected]>
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.4.2 to 5.4.19. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.19/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 5.4.19 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 2.1.8 to 2.1.9. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v2.1.9/packages/vitest) --- updated-dependencies: - dependency-name: vitest dependency-version: 2.1.9 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* updated landing page mock image made garden view fullscreen with fixed top and bottom nav added appbar animation * updated profile view with fixed user profile and tab list * made garden top view fixed * removed uneeded environment vars added react spinners for new beat loader updated animation for appbar fixed scroll issue when changing tabs updated login with react-intl * Updated dialog for installing app * updated social preview * updated social image to webp * added contract error parsing for publishing and approving work * added environment var for indexer * feat: Add README.md for client package This commit introduces a new README.md file specifically for the `packages/client` directory. The new README includes the following sections: - A brief overview of the client application. - "Getting Started": Instructions for prerequisites, environment variable setup. - "Development": How to run the local development server. - "Building for Production": How to build the client for deployment. - "Testing": Commands for running tests and generating coverage. - "Linting": Command for running the linter. - "Key Technologies": A list of major frameworks and libraries used. - "Project Structure Highlights": An overview of important directories and files within the client package. - "Contributing": A note referring to the main project's contribution guidelines. This README aims to provide you with focused information relevant to the client-side development of the Green Goods PWA. * removed duplicate locales * Update README with improved project documentation Enhance project documentation with a more structured format, including repository architecture, detailed component descriptions, and clearer installation instructions. Add placeholder for new docs directory. --------- Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
* created onboarding script that takes csv and create garden smart accounts * feat: add garden configuration and deployment setup Add garden-config.json and update deployment scripts with Privy, Pinata integration. Configure file system permissions in foundry.toml and add required environment variables for authentication services. Organize dependencies for improved garden onboarding process. * fix: update phone number format and improve garden onboarding script Update phone number format in CSV with country code and enhance the onboarding script with better error handling, retry logic for IPFS uploads, and improved environment validation. * chore: upgrade viem and @privy-io/react-auth dependencies Update viem to v2.30.5 and @privy-io/react-auth to v2.13.6. Simplify transaction request code in work provider and approval components by removing unnecessary type casting. * updated lockfile * fix: Clean up imports in WorkApproval component Optimize imports by removing unused Chain and TransactionRequest types while properly importing decodeErrorResult from viem directly.
Bumps [ws](https://github.com/websockets/ws) from 8.5.0 to 8.17.1. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.5.0...8.17.1) --- updated-dependencies: - dependency-name: ws dependency-version: 8.17.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
* feat: add Husky pre-commit and pre-push hooks for automated code quality checks * feat: add Biome configuration for code formatting and linting across all packages * chore: update pnpm-lock.yaml and clean up code formatting across various components - Updated pnpm-lock.yaml to include new dependencies and versions. - Refactored code in multiple components for improved readability and consistency, including adjustments to JSX syntax and formatting. - Cleaned up imports and removed unnecessary line breaks in several files. - Enhanced the structure of various components to follow best practices. * fix: update TypeScript types and lint configuration Update lint command to use --write and --unsafe flags, fix TypeScript type declarations across the client codebase, and standardize interface/type usage. Improves code consistency and type safety. * chore: update Biome configuration and linting rules - Disabled recommended linting rules in biome.json for the client package. - Adjusted includes in biome.json to focus on specific file types across packages. - Updated lint command in package.json to target specific directories and file types. - Enhanced formatter settings to allow formatting with errors in the client package. * fix: add non-null assertions for required environment variables in constants.ts - Added non-null assertions for ALCHEMY_API_KEY and PRIVATE_KEY to ensure they are defined, as these environment variables are essential for the package's functionality. - Included comments to ignore linting rules related to non-null assertions for clarity. * refactor: enhance FormSelect component with generic type support - Updated FormSelectProps to use a generic type parameter for improved type safety. - Refactored the FormSelect component to accommodate the new type structure, ensuring better integration with react-hook-form. - Maintained the display name for the component while adjusting the export to support generics. * feat: integrate Oxlint for enhanced linting performance and remove ESLint - Added Oxlint for ultra-fast linting, significantly improving linting speed and efficiency. - Updated linting commands in package.json to utilize Oxlint instead of ESLint. - Removed ESLint configuration and related dependencies to streamline the linting process. - Enhanced README documentation to reflect the new linting setup and performance benefits. - Introduced dual build systems in the client package for optimized production and experimental builds. - Implemented dynamic imports in the App component and views for better code splitting and loading performance.
…cution\n\n- Introduce inline processing for work and approval jobs, allowing immediate execution with the smart account client.\n- Remove legacy job processing methods and periodic sync, relying on event-driven triggers instead.\n- Update job queue to create fresh object URLs for images and improve logging under VITE_QUEUE_DEBUG.\n- Adjust query client settings for better cache management and reduce churn on base lists.
…guration\n\n- Integrate dotenv to load environment variables from a .env file for test accessibility.\n- Update Playwright configuration to include a more descriptive comment for the Desktop Chrome project.\n- Add new dependencies in pnpm-lock.yaml for improved testing and coverage functionalities.\n- Enhance Splash component with a data-testid for better test targeting.\n- Introduce new utility methods in test-utils for improved frame handling and modal interactions during tests.
…ntroduce a popover dialog for selected gardener details, allowing users to copy contact information.\n- Improve the display of gardener names and registration dates.\n- Add click functionality to gardener items for better user interaction.\n- Refactor the GardenerItem component to utilize Avatar for profile images and enhance styling.
…ove JobQueueProvider and WorkProvider imports to the correct position in AppShell.\n- Adjust import order in RequireAuth for consistency.\n- Change interface declarations to export in smart-account.d.ts for better accessibility.\n- Update various components to utilize WorkView for improved structure and readability.\n- Clean up unused imports and enhance loader functionality in Garden components.
- Added new scripts for managing garden members, including adding and removing members, updating garden information, and monitoring events. - Introduced batch operations for efficient member management. - Updated `pnpm-lock.yaml` to include the `ethers` dependency at version 6.15.0. - Created a comprehensive documentation file for garden management scripts, detailing usage and examples. - Refactored existing scripts for improved structure and consistency.
…into feat/offline-support
…\n\n- Commented out unused job queue imports in multiple files to reduce clutter.\n- Simplified navigation callback in WorkList component by removing unnecessary state parameter.
…linter in biome.json for a simplified setup.\n- Updated package.json scripts for linting and testing, streamlining commands across packages.\n- Removed outdated environment setup scripts and documentation to reduce clutter.\n- Adjusted API server code for improved type handling and error management.\n- Cleaned up client package scripts for consistency and efficiency.
…int script in package.json to directly call oxlint with the specified directories, removing the redundant lint:oxlint command for improved clarity and efficiency.
…d` and `useDebouncedValue` hooks from the codebase to streamline the hooks directory and reduce clutter.
- Updated various package versions in pnpm-lock.yaml for improved stability and performance, including @privy-io/react-auth, @tanstack/react-query, and others. - Refactored the client package to utilize React Query for data fetching and state management, enhancing offline capabilities and user experience. - Introduced Zustand for global state management, streamlining UI state handling. - Removed outdated loader functions and integrated data fetching directly within components for better performance. - Enhanced the Vite configuration to support background sync for critical API calls. - Cleaned up unused imports and improved component structure for better readability and maintainability.
…andling - Changed the `createOnLogin` property for embedded wallets from "users-without-wallets" to "all-users" to broaden wallet creation eligibility. - Integrated `getClientForChain` in the `UserProvider` to fetch the client based on the default chain ID, improving user context management and error handling during client retrieval.
…iltering - Changed the return type of `submitWorkToQueue` to include both transaction hash and job ID for better data handling. - Optimized job filtering in the JobQueueDatabase by using a composite index for kind and synced status, improving query performance. - Removed commented-out periodic sync logic in JobQueueProvider for cleaner code.
…rnings flag from the lint command in the pre-push hook to allow for smoother linting without failing on warnings.
… Updated job queue filtering logic to directly use boolean values for the synced status, aligning with the index schema.\n- Removed unnecessary console log from UserProvider for cleaner code.
…curacy\n\n- Revised service start commands from `npm run dev` to `pnpm dev` across multiple documentation files.\n- Updated health check endpoint in API documentation from `/api/health` to `/health` for consistency.\n- Enhanced descriptions in architecture and environment setup documents to reflect recent changes in the project structure and dependencies.
- Added support for offline work submissions and approvals using IndexedDB. - Introduced `OfflineIndicator` component to notify users of offline status and pending actions. - Enhanced `WorkProvider` and `GardenWorkApproval` components to save work and approvals offline when the user is not connected. - Implemented periodic synchronization of offline work with the server when the user comes back online. - Updated internationalization files to include new messages related to offline functionality. - Refactored various components to integrate offline capabilities and improve user experience.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| console.log("\nExecuting deployment..."); | ||
| const displayArgs = args.map((arg, idx) => (idx > 0 && args[idx - 1] === "--private-key" ? "[REDACTED]" : arg)); | ||
| console.log("forge", displayArgs.join(" ")); |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 1 month ago
To fix the problem, we need to ensure that any sensitive information, such as the Etherscan API key, is not logged in clear text. The best way to do this is to update the logic that builds the displayArgs array so that it also redacts the value of the --etherscan-api-key argument, replacing it with [REDACTED] just as is done for the private key. This change should be made in the executeForgeScript method, specifically in the mapping function that creates displayArgs (lines 959–960). No new imports or method definitions are required.
Suggested changeset
1
packages/contracts/script/deploy.js
| @@ -956,7 +956,12 @@ | ||
| } | ||
|
|
||
| console.log("\nExecuting deployment..."); | ||
| const displayArgs = args.map((arg, idx) => (idx > 0 && args[idx - 1] === "--private-key" ? "[REDACTED]" : arg)); | ||
| const displayArgs = args.map((arg, idx) => { | ||
| if (idx > 0 && (args[idx - 1] === "--private-key" || args[idx - 1] === "--etherscan-api-key")) { | ||
| return "[REDACTED]"; | ||
| } | ||
| return arg; | ||
| }); | ||
| console.log("forge", displayArgs.join(" ")); | ||
|
|
||
| execFileSync("forge", args, { |
Copilot is powered by AI and may make mistakes. Always verify output.
Bumps [@openzeppelin/contracts-upgradeable](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable) from 4.9.3 to 4.9.6. - [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/releases) - [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/master/CHANGELOG.md) - [Commits](OpenZeppelin/openzeppelin-contracts-upgradeable@v4.9.3...v4.9.6) --- updated-dependencies: - dependency-name: "@openzeppelin/contracts-upgradeable" dependency-version: 4.9.6 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
….9.6 (#158) Bumps [@openzeppelin/contracts-upgradeable](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable) from 4.9.3 to 4.9.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/releases"><code>@openzeppelin/contracts-upgradeable</code>'s releases</a>.</em></p> <blockquote> <h2>v4.9.6</h2> <ul> <li><code>Base64</code>: Fix issue where dirty memory located just after the input buffer is affecting the result. (<a href="https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/4926">#4926</a>)</li> </ul> <h2>v4.9.5</h2> <ul> <li><code>Multicall</code>: Patch duplicated <code>Address.functionDelegateCall</code>.</li> </ul> <h2>v4.9.4</h2> <ul> <li><code>ERC2771Context</code> and <code>Context</code>: Introduce a <code>_contextPrefixLength()</code> getter, used to trim extra information appended to <code>msg.data</code>.</li> <li><code>Multicall</code>: Make aware of non-canonical context (i.e. <code>msg.sender</code> is not <code>_msgSender()</code>), allowing compatibility with <code>ERC2771Context</code>.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/master/CHANGELOG.md"><code>@openzeppelin/contracts-upgradeable</code>'s changelog</a>.</em></p> <blockquote> <h2>4.9.6 (2024-02-29)</h2> <ul> <li><code>Base64</code>: Fix issue where dirty memory located just after the input buffer is affecting the result. (<a href="https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/4929">#4929</a>)</li> </ul> <h2>4.9.5 (2023-12-08)</h2> <ul> <li><code>Multicall</code>: Make aware of non-canonical context (i.e. <code>msg.sender</code> is not <code>_msgSender()</code>), allowing compatibility with <code>ERC2771Context</code>. Patch duplicated <code>Address.functionDelegateCall</code> in v4.9.4 (removed).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/2d081f24cac1a867f6f73d512f2022e1fa987854"><code>2d081f2</code></a> Transpile dc44c9f1</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/2492017bf2727ea6bbfb100b6a53959b08ed7243"><code>2492017</code></a> Transpile a6286d0f</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/a40cb0bda838c2ef3dfc252c179f5c37c32e80c4"><code>a40cb0b</code></a> Transpile bd325d56</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/4c73bfa29bced89fc96f440e6424b69424690459"><code>4c73bfa</code></a> Transpile ad6a5b68</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/31f9fb9d171f60b2271b2b9c6f62d43302bf9489"><code>31f9fb9</code></a> Transpile 88ac712e</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/f55babcbeef1d1c42c8e0f8884abcd6663a7909f"><code>f55babc</code></a> Transpile a83918df</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/5bc59992591b84bba18dc1ac46942f1886b30ccd"><code>5bc5999</code></a> Transpile 98c7a4cf</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/152b82019370360578ee273630567bf67b977a40"><code>152b820</code></a> Transpile 0ed435b7</li> <li><a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/f34a3a7e5a1d698d87d517fda698d48286310bee"><code>f34a3a7</code></a> Transpile 17c1a3a4</li> <li>See full diff in <a href="https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/compare/v4.9.3...v4.9.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/greenpill-dev-guild/green-goods/network/alerts). </details>
- Add packages/admin with complete React TypeScript setup - Implement role-based authentication (admin allowlist + operator detection) - Add garden management (create, view, member management) - Include contract management interface for admins - Setup Zustand state management and XState workflows - Integrate Urql GraphQL client with indexer - Add comprehensive toast notifications for all blockchain actions - Include responsive UI with Tailwind CSS and Radix components - Add role-based route protection and navigation - Fix accessibility and linting issues
Co-authored-by: contact <[email protected]>
…nfigurations - Added comprehensive testing setup for the admin dashboard, including unit and integration tests. - Introduced new environment variables for WalletConnect and updated existing ones in .env.example and package.json. - Implemented GitHub Actions workflow for automated testing. - Refactored components to improve testability and added mock implementations for external dependencies. - Updated README and documentation to reflect new testing practices and environment configurations.
- Added comprehensive testing setup for the admin dashboard, including unit and integration tests. - Introduced new environment variables for WalletConnect and updated existing ones in .env.example and package.json. - Implemented GitHub Actions workflow for automated testing. - Refactored components to improve testability and added mock implementations for external dependencies. - Updated README and documentation to reflect new testing practices and environment configurations.
Comment on lines
+15
to
+53
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Setup Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: '20' | ||
|
|
||
| - name: Setup pnpm | ||
| uses: pnpm/action-setup@v4 | ||
| with: | ||
| version: 8 | ||
|
|
||
| - name: Install dependencies | ||
| run: pnpm install --frozen-lockfile | ||
|
|
||
| - name: Run unit tests | ||
| run: | | ||
| cd packages/admin | ||
| pnpm test:unit | ||
| env: | ||
| CI: true | ||
|
|
||
| - name: Generate coverage report | ||
| run: | | ||
| cd packages/admin | ||
| pnpm test:coverage | ||
| env: | ||
| CI: true | ||
|
|
||
| - name: Upload coverage reports | ||
| uses: codecov/codecov-action@v4 | ||
| with: | ||
| directory: packages/admin/coverage | ||
| flags: admin-dashboard | ||
|
|
||
| integration-tests: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 16 days ago
To resolve this issue, add an explicit permissions block to the workflow YAML. This can be added at the root of the workflow (above or below the name: and on: keys, but before jobs:) to serve as the default for all jobs. Since the workflow only needs to check out code and upload coverage reports, the minimal permission needed is typically contents: read. If the codecov/codecov-action@v4 step or any other step requires additional permissions, these can be expanded appropriately. However, in almost all CI testing/coverage/linting jobs, contents: read suffices.
Change needed: Insert at the root of .github/workflows/admin-tests.yml (after name: and before or after on:), the following:
permissions:
contents: readNo new methods, imports, or definitions are necessary—just this addition to the workflow file.
Suggested changeset
1
.github/workflows/admin-tests.yml
| @@ -1,5 +1,8 @@ | ||
| name: Admin Dashboard Tests | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ main, develop, 'cursor/implement-admin-dashboard-package-*' ] |
Copilot is powered by AI and may make mistakes. Always verify output.
Comment on lines
+54
to
+86
| runs-on: ubuntu-latest | ||
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Setup Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: '20' | ||
|
|
||
| - name: Setup pnpm | ||
| uses: pnpm/action-setup@v4 | ||
| with: | ||
| version: 8 | ||
|
|
||
| - name: Install Foundry | ||
| uses: foundry-rs/foundry-toolchain@v1 | ||
|
|
||
| - name: Install dependencies | ||
| run: pnpm install --frozen-lockfile | ||
|
|
||
| - name: Run integration tests | ||
| run: | | ||
| cd packages/admin | ||
| pnpm test:integration | ||
| env: | ||
| CI: true | ||
| VITEST_INTEGRATION: true | ||
| VITE_BASE_SEPOLIA_RPC: ${{ secrets.BASE_SEPOLIA_RPC }} | ||
| TEST_PRIVATE_KEY: ${{ secrets.TEST_PRIVATE_KEY }} | ||
|
|
||
| lint-and-format: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 16 days ago
To fix the problem, you should add a permissions block at the top level of the workflow file, immediately following the workflow name and before the on: trigger section, to set minimal required permissions for all jobs. Based on the observed steps, none of the jobs require write access—they only check out code, run tests, generate and upload reports. The minimal necessary permission for public repositories (and most CI workflows) is usually contents: read. Unless there is a known need in these jobs for additional scopes, you can confidently start with this restrictive setting. If you later need specific write access (for example, uploading artifacts to releases), expand only as needed.
Where to change:
Edit .github/workflows/admin-tests.yml by inserting the following block after name: Admin Dashboard Tests:
permissions:
contents: readAdditional info:
No other code, imports, or definitions are required.
Suggested changeset
1
.github/workflows/admin-tests.yml
| @@ -1,4 +1,6 @@ | ||
| name: Admin Dashboard Tests | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: |
Copilot is powered by AI and may make mistakes. Always verify output.
Comment on lines
+87
to
+113
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Setup Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: '20' | ||
|
|
||
| - name: Setup pnpm | ||
| uses: pnpm/action-setup@v4 | ||
| with: | ||
| version: 8 | ||
|
|
||
| - name: Install dependencies | ||
| run: pnpm install --frozen-lockfile | ||
|
|
||
| - name: Run linting | ||
| run: | | ||
| cd packages/admin | ||
| pnpm lint | ||
|
|
||
| - name: Check formatting | ||
| run: | | ||
| cd packages/admin | ||
| pnpm format --check |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 16 days ago
The best way to fix this problem is to explicitly add a permissions block at the root of the workflow file, setting the default required permission for all jobs to contents: read. This is the minimal permission required for the code checkout step (actions/checkout), and is a safe minimal base since none of the jobs appear to require write permissions (e.g., releasing, pushing code, or making pull requests). If uploading coverage needed write access to pull requests, additional permissions could be granted accordingly, but the best starting point is the recommended contents: read.
Change required:
- Insert the following under the first line (
name: Admin Dashboard Tests) as a new second line:permissions: contents: read
Suggested changeset
1
.github/workflows/admin-tests.yml
| @@ -1,4 +1,6 @@ | ||
| name: Admin Dashboard Tests | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: |
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.