-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AnchorStateRegistry Implementation to OPSM #11955
Conversation
This stack of pull requests is managed by Graphite. Learn more about stacking. Join @maurelian and the rest of your teammates on Graphite |
e899c3c
to
ef6b6dd
Compare
41b99d6
to
f2f83a7
Compare
f2f83a7
to
733b7b8
Compare
The op-deployer tooling does not support structs, therefore we need to return a more generic type for compatibility.
0bd2f4c
to
b187867
Compare
Semgrep found 1 Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. Ignore this finding from no-direct-write-to-responsewriter.Semgrep found 1 Untrusted input could be used to tamper with a web page rendering, which can lead to a Cross-site scripting (XSS) vulnerability. XSS vulnerabilities occur when untrusted input executes malicious JavaScript code, leading to issues such as account compromise and sensitive information leakage. To prevent this vulnerability, validate the user input, perform contextual output encoding or sanitize the input. For more information, see: Go XSS prevention. View Dataflow Graphflowchart LR
classDef invis fill:white, stroke: none
classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none
subgraph File0["<b>op-challenger/game/fault/trace/prestates/multi_test.go</b>"]
direction LR
%% Source
subgraph Source
direction LR
v0["<a href=https://github.com/ethereum-optimism/optimism/blob/98c5c10c332b7776bde230d992e8fea449a6dcb1/op-challenger/game/fault/trace/prestates/multi_test.go#L42 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 42] r.URL</a>"]
end
%% Intermediate
%% Sink
subgraph Sink
direction LR
v1["<a href=https://github.com/ethereum-optimism/optimism/blob/98c5c10c332b7776bde230d992e8fea449a6dcb1/op-challenger/game/fault/trace/prestates/multi_test.go#L42 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 42] w.Write([]byte(r.URL.Path))</a>"]
end
end
%% Class Assignment
Source:::invis
Sink:::invis
File0:::invis
%% Connections
Source --> Sink
|
ca7586d
to
b40bb4a
Compare
59d9337
to
524a0e4
Compare
Semgrep found 13
Prefer |
Co-authored-by: Maurelian <[email protected]>
TL;DR
Added support for starting anchor roots in the OPStackManager deployment process.
What changed?
DeployOPChainInput
to includestartingAnchorRoots
fieldOPStackManager
to accept and usestartingAnchorRoots
in the deployment processDeployOPChain
script to passstartingAnchorRoots
to theOPStackManager
AnchorStateRegistry
in the deployment processstartingAnchorRoots
in their setup and assertions