test: fix v0.4.0 beta10 fix ut #5
Conversation
chore: release v0.3.1
* feat: use metadata field on certificate * fix: lint and UT * fix: comments
Use input_parser.star from kurtosis
* feat use sqlite on lastgersync * apply requests * rm tree migrations * Update lastgersync/processor.go Co-authored-by: Goran Rojovic <100121253+goran-ethernal@users.noreply.github.com> --------- Co-authored-by: Goran Rojovic <100121253+goran-ethernal@users.noreply.github.com>
* feat use sqlite on claimsponsor * wip * pass UTs * fix identation * fix identation * rm cover.out * rm tree migrations * make err a var
This reverts commit a5422d2.
This reverts commit 910b23b.
…ents-for-the-version-command-from-combinations-files refactor: retrieve and parse versions at buildtime
* wip * implementation * fix tests * wip * mdbx is gone * increase coverage * remove ifElseChain from golangci * remove ifElseChain from golangci * remove ifElseChain from golangci * increase coverage * increase coverage * identation * identation * identation * fix kurtosis config
* feat: calculate acc input hash locally (0xPolygon#154)
…pessimistic proof branch (0xPolygon#165) * fix: certificate with no importedBridges set '[]' instead of 'null' * fix: certificate with no importedBridges set '[]' instead of 'null' * feat: adapt to kurtosis-cdk pp * feat: change para SaveCertificatesToFiles to SaveCertificatesToFilesPath * fix: get candidate and proven certificates as well * fix: remove test * fix: small changes * fix: db tx rollback * fix: replace existing certificate * fix: lint and coverage * feat: check for nil fields in certificate * feat: no claims test * fix: comments * fix: lint * fix: shallow copy imported bridge exits and bridge exits * fix: local_config for debug * fix: cdk-erigon-node-001 rename to cdk-erigon-rpc-001 * feat: add logs to check cert * feat: store hash as text, add logs * fix: lint * fix: bump kurtosis-cdk version to 0.2.18 * fix: comments * fix: string conversion error on BridgeExit * fix: lint * fix: update minter key * fix: e2e * fix: e2e tests --------- Co-authored-by: joanestebanr <129153821+joanestebanr@users.noreply.github.com> Co-authored-by: Victor Castell <0x@vcastellm.xyz>
* feat: created and updated timestamps * feat: save raw certificate to db * fix: raw to signed_certificate * fix: indentation
* chore: bump kustoris * Adapt to changes in services names * fix: update minter key * Apply feedback Co-authored-by: Stefan Negovanović <93934272+Stefan-Ethernal@users.noreply.github.com> --------- Co-authored-by: Stefan Negovanović <93934272+Stefan-Ethernal@users.noreply.github.com>
* fix: var zkevm_path_rw_data is defined in kurtosis/main but not yet on 0.2.8, try to override it * fix: bump kurtosis 0.2.19 to have the new variable
* feat: sync UpdateL1InfoTreeV2 * fix linter * use common hash instead of bytes 32 * imporve * imporve * imporve * cover verify trusted aggregator event * cover halted queries * rm coverage file * increase coverage * moar coverage * remove files that shouldnt be there * do not cover smart contracts (generated bindings) * feat: increase coverage (0xPolygon#159) * apply pr suggestions * add context done in handle newblock * add context done in handle newblock * add context done in handle newblock * add context done in handle newblock --------- Co-authored-by: Joan Esteban <129153821+joanestebanr@users.noreply.github.com>
* feat: unpack and log agglayer errors (0xPolygon#158) * feat: unpack and log agglayer errors * feat: agglayer error unpacking * fix: lint and UT * feat: epoch notifier (0xPolygon#144) - Send certificates after a percentage of epoch - Require epoch configuration to AggLayer - Change config of `aggsender` adding: `BlockFinality` and `EpochNotificationPercentage` * refact: GetSequence method (0xPolygon#169) * feat: remove sanity check (0xPolygon#178) (0xPolygon#179) --------- Co-authored-by: Goran Rojovic <100121253+goran-ethernal@users.noreply.github.com> Co-authored-by: Rachit Sonthalia <54906134+rachit77@users.noreply.github.com> Co-authored-by: Toni Ramírez <58293609+ToniRamirezM@users.noreply.github.com>
* ensure oldAccInputHash is ready * feat: updata sync lib * feat: acc input hash sanity check * feat: check acc input hash -1 * feat: refactor * feat: refactor * fix: batch1 acc input hash * fix: timestamp in input prover * fix: timestamp in input prover * fix: timestamp * feat: remove test * fix: test * fix: test * fix: comments * fix: comments
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| elapsedTime := time.Now().UTC().Sub(time.UnixMilli(certificate.CreatedAt)) | ||
| a.log.Debugf("aggLayerClient.GetCertificateHeader status [%s] of certificate %s elapsed time:%s", | ||
| certificateHeader.Status, | ||
| certificateHeader.String(), |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information such as passwords is not logged in clear text. We can achieve this by modifying the String method of the Config struct to exclude the AggsenderPrivateKey.Password field from the string representation. This way, even if the String method is used in logging, the sensitive information will not be exposed.
| @@ -40,3 +40,2 @@ | ||
| "AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
| "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
| "URLRPCL2: " + c.URLRPCL2 + "\n" + |
| certificate.Status = certificateHeader.Status | ||
| if certificateHeader.Status != certificate.Status { | ||
| a.log.Infof("certificate %s changed status from [%s] to [%s] elapsed time: %s", | ||
| certificateHeader.String(), certificate.Status, certificateHeader.Status, elapsedTime) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information such as passwords is not logged in clear text. The best way to fix this issue without changing existing functionality is to remove the logging of the sensitive information or obfuscate it before logging.
In this case, we will remove the logging of the AggsenderPrivateKey.Password from the String method in the Config struct in aggsender/config.go. This will prevent the sensitive information from being included in any log messages.
| @@ -40,3 +40,3 @@ | ||
| "AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
| "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
| // "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
| "URLRPCL2: " + c.URLRPCL2 + "\n" + |
| a.log.Errorf("error updating certificate status in storage: %w", err) | ||
| continue | ||
| err = fmt.Errorf("error updating certificate %s status in storage: %w", certificateHeader.String(), err) | ||
| a.log.Error(err) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information, such as passwords, is not logged in clear text. Instead, we should either obfuscate the sensitive information or avoid logging it altogether. In this case, we will remove the logging of the private key password from the String method of the Config struct in aggsender/config.go.
- Remove the line that logs the private key password in the
Stringmethod of theConfigstruct. - Ensure that the rest of the functionality remains unchanged.
| @@ -40,3 +40,2 @@ | ||
| "AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
| "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
| "URLRPCL2: " + c.URLRPCL2 + "\n" + |
| } | ||
| } | ||
| if slices.Contains(nonSettledStatuses, certificateHeader.Status) { | ||
| a.log.Infof("certificate %s is still pending, elapsed time:%s ", | ||
| certificateHeader.String(), elapsedTime) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
This autofix suggestion was applied.
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information is not logged in clear text. Specifically, we should avoid logging the password field from the Config struct and any other potentially sensitive information. We can achieve this by modifying the String() method of the Config struct to exclude the password field and by carefully reviewing the String() method of the CertificateHeader struct to ensure it does not include sensitive data.
- Modify the
String()method of theConfigstruct inaggsender/config.goto exclude the password field. - Review and potentially modify the
String()method of theCertificateHeaderstruct inagglayer/types.goto ensure it does not include sensitive data.
| @@ -553,9 +553,4 @@ | ||
| func (c CertificateHeader) String() string { | ||
| errors := "" | ||
| if c.Error != nil { | ||
| errors = c.Error.String() | ||
| } | ||
|
|
||
| return fmt.Sprintf("Height: %d, CertificateID: %s, NewLocalExitRoot: %s. Status: %s. Errors: [%s]", | ||
| c.Height, c.CertificateID.String(), c.NewLocalExitRoot.String(), c.Status.String(), errors) | ||
| return fmt.Sprintf("Height: %d, CertificateID: %s, NewLocalExitRoot: %s. Status: %s", | ||
| c.Height, c.CertificateID.String(), c.NewLocalExitRoot.String(), c.Status.String()) | ||
| } |
| @@ -40,3 +40,2 @@ | ||
| "AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
| "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
| "URLRPCL2: " + c.URLRPCL2 + "\n" + |
zjg555543
committed this autofix suggestion 26 days ago.
…ation Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Description
Please include a summary of the change and which issue is fixed. Also, include relevant motivation and context. List any dependencies that are required for this change.