Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(suite): update network symbol naming 5 #15746

Merged
merged 1 commit into from
Dec 4, 2024
Merged

chore(suite): update network symbol naming 5 #15746

merged 1 commit into from
Dec 4, 2024

Conversation

adderpositive
Copy link
Contributor

@adderpositive adderpositive commented Dec 3, 2024
edited by tomasklim
Loading

Description

  • update network symbol naming

Related

Follow up #15690

Related to #14725

@adderpositive adderpositive self-assigned this Dec 3, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 3, 2024
edited
Loading

🚀 Expo preview is ready!

  • Project → trezor-suite-preview
  • Platforms → android, ios
  • Scheme → trezorsuitelite
  • Runtime Version → 17
  • More info

Learn more about 𝝠 Expo Github Action

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 3, 2024
View reviewed changes
suite-common/token-definitions/src/tokenDefinitionsUtils.ts

if (networkTokenDefinitionType) {
networkTokenDefinitionType[action as TokenManagementAction] = definition.value;
networkTokenDefinitionType[action] = definition.value;

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.

Copilot Autofix AI 2 months ago

To fix the problem, we need to ensure that the type variable cannot be one of the special property names (__proto__, constructor, prototype). We can achieve this by adding a check to reject these values before using them as property names. This will prevent prototype pollution while maintaining the existing functionality.

Suggested changeset 1
suite-common/token-definitions/src/tokenDefinitionsUtils.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/suite-common/token-definitions/src/tokenDefinitionsUtils.ts b/suite-common/token-definitions/src/tokenDefinitionsUtils.ts
--- a/suite-common/token-definitions/src/tokenDefinitionsUtils.ts
+++ b/suite-common/token-definitions/src/tokenDefinitionsUtils.ts
@@ -68,2 +68,5 @@
 
+        if (type === '__proto__' || type === 'constructor' || type === 'prototype') {
+            continue;
+        }
         const networkTokenDefinitionType = tokenDefinitions[symbol]?.[type];
EOF
@@ -68,2 +68,5 @@

if (type === '__proto__' || type === 'constructor' || type === 'prototype') {
continue;
}
const networkTokenDefinitionType = tokenDefinitions[symbol]?.[type];
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@tomasklim tomasklim linked an issue Dec 3, 2024 that may be closed by this pull request
Introduce network symbol display name #14725
Closed
2 tasks
@adderpositive adderpositive force-pushed the chore/update-network-symbol-5 branch from 274891f to 80e51ed Compare December 3, 2024 22:26
@adderpositive adderpositive requested a review from a team as a code owner December 3, 2024 22:26
@adderpositive adderpositive changed the title chore(suite): update network symbol naming chore(suite): update network symbol naming 5 Dec 4, 2024
@tomasklim
Copy link
Member

/rebase

@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 4, 2024

Start rebasing: https://github.com/trezor/trezor-suite/actions/runs/12157937322

@tomasklim tomasklim enabled auto-merge (rebase) December 4, 2024 10:35
@trezor-ci trezor-ci force-pushed the chore/update-network-symbol-5 branch from dfd1284 to 8f67c1c Compare December 4, 2024 10:36
@tomasklim tomasklim merged commit b6003e8 into develop Dec 4, 2024
24 checks passed
@tomasklim tomasklim deleted the chore/update-network-symbol-5 branch December 4, 2024 10:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomasklim tomasklim tomasklim approved these changes

Assignees

@adderpositive adderpositive

Labels
chore
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Introduce network symbol display name
2 participants
@adderpositive @tomasklim