Bindings and metadata overwrite warning

[Spacesai1or]

This PR adds a check for an existing bindings and metadata output files before overwriting them with newly generated files. The rationale for this mitigation: if the bindings for a contract already exist, compare them against newly generated outputs. If they differ, return an error to be handled manually

[Spacesai1or]

Current dependencies on/for this PR:

• develop
  • PR BindGen - local contracts refactor #8279
    • PR Init etherscan client #8280
      • PR Init remote contract generation #8281
        • PR Add deployed bytecode retrieval mitigation #8282
          • PR Bindings and metadata overwrite warning #8283 👈
            • PR Init new bindings #8284
              • PR L2 genesis generation updates #8285
                • PR Init BindGen unit tests #8650
                  • PR Init BindGen E2E tests #8651

This stack of pull requests is managed by Graphite.

[semgrep-app]

Semgrep found 2 import-text-template findings:

• op-bindings/bindgen/remote_handlers.go: L11
• op-bindings/bindgen/generator_local.go: L12

When working with web applications that involve rendering user-generated content, it's important to properly escape any HTML content to prevent Cross-Site Scripting (XSS) attacks. In Go, the text/template package does not automatically escape HTML content, which can leave your application vulnerable to these types of attacks. To mitigate this risk, it's recommended to use the html/template package instead, which provides built-in functionality for HTML escaping. By using html/template to render your HTML content, you can help to ensure that your web application is more secure and less susceptible to XSS vulnerabilities.

_{Ignore this finding from import-text-template.}

[coderabbitai]

Important

Auto Review Skipped

Auto reviews are disabled on base/target branches other than the default branch. Please add the base/target branch pattern to the list of additional branches to be reviewed in the settings.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository.

To trigger a single review, invoke the @coderabbitai review command.

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• If you reply to a review comment from CodeRabbit, the bot will automatically respond.
• To engage with CodeRabbit bot directly around the specific lines of code in the PR, mention @coderabbitai in your review comment
• Note: Review comments are made on code diffs or files, not on the PR overview.
• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Note: For conversation with the bot, please use the review comments on code diffs or files.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

[semgrep-app]

Semgrep found 6 sol-style-return-arg-fmt findings:

• packages/contracts-bedrock/scripts/Deployer.sol: L432, L422, L412, L402, L392, L373

Named return arguments to functions must be appended with an underscore (_)

_{Ignore this finding from sol-style-return-arg-fmt.}

Semgrep found 1 sol-style-input-arg-fmt finding:

• packages/contracts-bedrock/scripts/Deployer.sol: L373

Inputs to functions must be prepended with an underscore (_)

_{Ignore this finding from sol-style-input-arg-fmt.}