Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Resolve audit issue #6781

Closed
wants to merge 1 commit into from
Closed

fix: Resolve audit issue #6781

wants to merge 1 commit into from

Conversation

Cal-L
Copy link
Contributor

@Cal-L Cal-L commented Jul 11, 2023
edited
Loading

Development & PR Process

  1. Follow MetaMask Mobile Coding Standards
  2. Add release-xx label to identify the PR slated for a upcoming release (will be used in release discussion)
  3. Add needs-dev-review label when work is completed
  4. Add needs-qa label when dev review is completed
  5. Add QA Passed label when QA has signed off

Description

This PR bumps tough-cookie package and resolves it to 4.1.3 to fix an audit issue

Screenshots/Recordings

tough-cookie a nested dependency of @metamask/network-controller. Here's an example vid of a dapp interaction still working after the audit fix.
https://github.com/MetaMask/metamask-mobile/assets/10508597/34ad06af-2112-402f-86ad-ac92ddc1e5d3

Issue

Progresses #???

Checklist

  • There is a related GitHub issue
  • Tests are included if applicable
  • Any added code is fully documented

@github-actions
Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@Cal-L Cal-L added needs-dev-review PR needs reviews from other engineers (in order to receive required approvals) No QA Needed Apply this label when your PR does not need any QA effort. team-mobile-client labels Jul 11, 2023
@sonarcloud
Copy link

sonarcloud bot commented Jul 11, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@Gudahtt
Copy link
Member

Gudahtt commented Jul 11, 2023

Looks like the same thing as this PR: #6772

deeeed
deeeed approved these changes Jul 11, 2023
View reviewed changes
Copy link

@deeeed deeeed left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Cal-L
Copy link
Contributor Author

Cal-L commented Jul 11, 2023

Looks like the same thing as this PR: #6772
Ah didn't see that. Will close this in favor of Tomas's fix

@Cal-L Cal-L closed this Jul 11, 2023
@github-actions github-actions bot locked and limited conversation to collaborators Jul 11, 2023
@github-actions github-actions bot removed the needs-dev-review PR needs reviews from other engineers (in order to receive required approvals) label Jul 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@deeeed deeeed deeeed approved these changes

Assignees
No one assigned
Labels
No QA Needed Apply this label when your PR does not need any QA effort. team-mobile-platform
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Cal-L @Gudahtt @deeeed @gauthierpetetin