From 4888d16d15714772c8214bb9e6136792a745fc22 Mon Sep 17 00:00:00 2001 From: Pascal Marco Caversaccio Date: Mon, 26 Feb 2024 19:37:32 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7=20Add=20CodeQL=20CI=20Pipeline?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pascal Marco Caversaccio --- .github/workflows/codeql.yml | 35 ++++++++++ package.json | 4 +- pnpm-lock.yaml | 130 +++++++++++++---------------------- 3 files changed, 84 insertions(+), 85 deletions(-) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..aabf8fd --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,35 @@ +name: 🔍️ CodeQL + +on: [push, pull_request, workflow_dispatch] + +jobs: + analyse: + runs-on: ${{ matrix.os }} + permissions: + actions: read + contents: read + security-events: write + strategy: + matrix: + os: + - ubuntu-latest + language: + - javascript-typescript + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Initialise CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + queries: +security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/package.json b/package.json index 2d06246..19e1c19 100644 --- a/package.json +++ b/package.json @@ -124,7 +124,7 @@ "@matterlabs/hardhat-zksync-deploy": "^1.2.0", "@matterlabs/hardhat-zksync-ethers": "1.0.0", "@matterlabs/hardhat-zksync-solc": "^1.1.4", - "@matterlabs/hardhat-zksync-verify": "^1.3.0", + "@matterlabs/hardhat-zksync-verify": "^1.4.0", "@nomicfoundation/hardhat-chai-matchers": "^2.0.6", "@nomicfoundation/hardhat-ethers": "^3.0.5", "@nomicfoundation/hardhat-foundry": "^1.1.1", @@ -155,7 +155,7 @@ "ts-node": "^10.9.2", "typechain": "^8.3.2", "typescript": "^5.3.3", - "typescript-eslint": "^7.0.2", + "typescript-eslint": "^7.1.0", "xdeployer": "^3.0.1", "zksync-ethers": "^6.3.0" } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ad8aa8f..55fa3a2 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -18,8 +18,8 @@ devDependencies: specifier: ^1.1.4 version: 1.1.4(hardhat@2.20.1) "@matterlabs/hardhat-zksync-verify": - specifier: ^1.3.0 - version: 1.3.0(@nomicfoundation/hardhat-verify@2.0.4)(ethers@6.11.1)(ts-node@10.9.2)(typescript@5.3.3) + specifier: ^1.4.0 + version: 1.4.0(@nomicfoundation/hardhat-verify@2.0.4)(ethers@6.11.1)(ts-node@10.9.2)(typescript@5.3.3) "@nomicfoundation/hardhat-chai-matchers": specifier: ^2.0.6 version: 2.0.6(@nomicfoundation/hardhat-ethers@3.0.5)(chai@4.4.1)(ethers@6.11.1)(hardhat@2.20.1) @@ -111,8 +111,8 @@ devDependencies: specifier: ^5.3.3 version: 5.3.3 typescript-eslint: - specifier: ^7.0.2 - version: 7.0.2(eslint@8.57.0)(typescript@5.3.3) + specifier: ^7.1.0 + version: 7.1.0(eslint@8.57.0)(typescript@5.3.3) xdeployer: specifier: ^3.0.1 version: 3.0.1(@nomicfoundation/hardhat-ethers@3.0.5)(ethers@6.11.1)(hardhat@2.20.1) @@ -1029,10 +1029,10 @@ packages: - supports-color dev: true - /@matterlabs/hardhat-zksync-verify@1.3.0(@nomicfoundation/hardhat-verify@2.0.4)(ethers@6.11.1)(ts-node@10.9.2)(typescript@5.3.3): + /@matterlabs/hardhat-zksync-verify@1.4.0(@nomicfoundation/hardhat-verify@2.0.4)(ethers@6.11.1)(ts-node@10.9.2)(typescript@5.3.3): resolution: { - integrity: sha512-v9oVonnhUnlqswLNjsowyFE/rLEXCfQr8iDuwT4Ln/M720LNF4ouVzq2fUvufBT99XVDSLrYwWFOUQRI7pp3hg==, + integrity: sha512-92mYB6AyZH0cT/rgegsvWx3N7wvbggcnEQBU7vdfSfEZ7ViTNr5SPtTJeWOVmnS4gvjZ42U42QMw5yX2P8ukbg==, } peerDependencies: "@nomicfoundation/hardhat-verify": ^2.0.0 @@ -1048,8 +1048,8 @@ packages: chalk: 4.1.2 debug: 4.3.4(supports-color@8.1.1) hardhat: 2.20.1(ts-node@10.9.2)(typescript@5.3.3) - sinon: 16.1.3 - sinon-chai: 3.7.0(chai@4.4.1)(sinon@16.1.3) + sinon: 17.0.1 + sinon-chai: 3.7.0(chai@4.4.1)(sinon@17.0.1) zksync-ethers: 6.3.0(ethers@6.11.1) transitivePeerDependencies: - bufferutil @@ -2017,15 +2017,6 @@ packages: type-detect: 4.0.8 dev: true - /@sinonjs/fake-timers@10.3.0: - resolution: - { - integrity: sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==, - } - dependencies: - "@sinonjs/commons": 3.0.1 - dev: true - /@sinonjs/fake-timers@11.2.2: resolution: { @@ -2718,10 +2709,10 @@ packages: } dev: true - /@typescript-eslint/eslint-plugin@7.0.2(@typescript-eslint/parser@7.0.2)(eslint@8.57.0)(typescript@5.3.3): + /@typescript-eslint/eslint-plugin@7.1.0(@typescript-eslint/parser@7.1.0)(eslint@8.57.0)(typescript@5.3.3): resolution: { - integrity: sha512-/XtVZJtbaphtdrWjr+CJclaCVGPtOdBpFEnvtNf/jRV0IiEemRrL0qABex/nEt8isYcnFacm3nPHYQwL+Wb7qg==, + integrity: sha512-j6vT/kCulhG5wBmGtstKeiVr1rdXE4nk+DT1k6trYkwlrvW9eOF5ZbgKnd/YR6PcM4uTEXa0h6Fcvf6X7Dxl0w==, } engines: { node: ^16.0.0 || >=18.0.0 } peerDependencies: @@ -2733,11 +2724,11 @@ packages: optional: true dependencies: "@eslint-community/regexpp": 4.10.0 - "@typescript-eslint/parser": 7.0.2(eslint@8.57.0)(typescript@5.3.3) - "@typescript-eslint/scope-manager": 7.0.2 - "@typescript-eslint/type-utils": 7.0.2(eslint@8.57.0)(typescript@5.3.3) - "@typescript-eslint/utils": 7.0.2(eslint@8.57.0)(typescript@5.3.3) - "@typescript-eslint/visitor-keys": 7.0.2 + "@typescript-eslint/parser": 7.1.0(eslint@8.57.0)(typescript@5.3.3) + "@typescript-eslint/scope-manager": 7.1.0 + "@typescript-eslint/type-utils": 7.1.0(eslint@8.57.0)(typescript@5.3.3) + "@typescript-eslint/utils": 7.1.0(eslint@8.57.0)(typescript@5.3.3) + "@typescript-eslint/visitor-keys": 7.1.0 debug: 4.3.4(supports-color@8.1.1) eslint: 8.57.0 graphemer: 1.4.0 @@ -2750,10 +2741,10 @@ packages: - supports-color dev: true - /@typescript-eslint/parser@7.0.2(eslint@8.57.0)(typescript@5.3.3): + /@typescript-eslint/parser@7.1.0(eslint@8.57.0)(typescript@5.3.3): resolution: { - integrity: sha512-GdwfDglCxSmU+QTS9vhz2Sop46ebNCXpPPvsByK7hu0rFGRHL+AusKQJ7SoN+LbLh6APFpQwHKmDSwN35Z700Q==, + integrity: sha512-V1EknKUubZ1gWFjiOZhDSNToOjs63/9O0puCgGS8aDOgpZY326fzFu15QAUjwaXzRZjf/qdsdBrckYdv9YxB8w==, } engines: { node: ^16.0.0 || >=18.0.0 } peerDependencies: @@ -2763,10 +2754,10 @@ packages: typescript: optional: true dependencies: - "@typescript-eslint/scope-manager": 7.0.2 - "@typescript-eslint/types": 7.0.2 - "@typescript-eslint/typescript-estree": 7.0.2(typescript@5.3.3) - "@typescript-eslint/visitor-keys": 7.0.2 + "@typescript-eslint/scope-manager": 7.1.0 + "@typescript-eslint/types": 7.1.0 + "@typescript-eslint/typescript-estree": 7.1.0(typescript@5.3.3) + "@typescript-eslint/visitor-keys": 7.1.0 debug: 4.3.4(supports-color@8.1.1) eslint: 8.57.0 typescript: 5.3.3 @@ -2774,21 +2765,21 @@ packages: - supports-color dev: true - /@typescript-eslint/scope-manager@7.0.2: + /@typescript-eslint/scope-manager@7.1.0: resolution: { - integrity: sha512-l6sa2jF3h+qgN2qUMjVR3uCNGjWw4ahGfzIYsCtFrQJCjhbrDPdiihYT8FnnqFwsWX+20hK592yX9I2rxKTP4g==, + integrity: sha512-6TmN4OJiohHfoOdGZ3huuLhpiUgOGTpgXNUPJgeZOZR3DnIpdSgtt83RS35OYNNXxM4TScVlpVKC9jyQSETR1A==, } engines: { node: ^16.0.0 || >=18.0.0 } dependencies: - "@typescript-eslint/types": 7.0.2 - "@typescript-eslint/visitor-keys": 7.0.2 + "@typescript-eslint/types": 7.1.0 + "@typescript-eslint/visitor-keys": 7.1.0 dev: true - /@typescript-eslint/type-utils@7.0.2(eslint@8.57.0)(typescript@5.3.3): + /@typescript-eslint/type-utils@7.1.0(eslint@8.57.0)(typescript@5.3.3): resolution: { - integrity: sha512-IKKDcFsKAYlk8Rs4wiFfEwJTQlHcdn8CLwLaxwd6zb8HNiMcQIFX9sWax2k4Cjj7l7mGS5N1zl7RCHOVwHq2VQ==, + integrity: sha512-UZIhv8G+5b5skkcuhgvxYWHjk7FW7/JP5lPASMEUoliAPwIH/rxoUSQPia2cuOj9AmDZmwUl1usKm85t5VUMew==, } engines: { node: ^16.0.0 || >=18.0.0 } peerDependencies: @@ -2798,8 +2789,8 @@ packages: typescript: optional: true dependencies: - "@typescript-eslint/typescript-estree": 7.0.2(typescript@5.3.3) - "@typescript-eslint/utils": 7.0.2(eslint@8.57.0)(typescript@5.3.3) + "@typescript-eslint/typescript-estree": 7.1.0(typescript@5.3.3) + "@typescript-eslint/utils": 7.1.0(eslint@8.57.0)(typescript@5.3.3) debug: 4.3.4(supports-color@8.1.1) eslint: 8.57.0 ts-api-utils: 1.2.1(typescript@5.3.3) @@ -2808,18 +2799,18 @@ packages: - supports-color dev: true - /@typescript-eslint/types@7.0.2: + /@typescript-eslint/types@7.1.0: resolution: { - integrity: sha512-ZzcCQHj4JaXFjdOql6adYV4B/oFOFjPOC9XYwCaZFRvqN8Llfvv4gSxrkQkd2u4Ci62i2c6W6gkDwQJDaRc4nA==, + integrity: sha512-qTWjWieJ1tRJkxgZYXx6WUYtWlBc48YRxgY2JN1aGeVpkhmnopq+SUC8UEVGNXIvWH7XyuTjwALfG6bFEgCkQA==, } engines: { node: ^16.0.0 || >=18.0.0 } dev: true - /@typescript-eslint/typescript-estree@7.0.2(typescript@5.3.3): + /@typescript-eslint/typescript-estree@7.1.0(typescript@5.3.3): resolution: { - integrity: sha512-3AMc8khTcELFWcKcPc0xiLviEvvfzATpdPj/DXuOGIdQIIFybf4DMT1vKRbuAEOFMwhWt7NFLXRkbjsvKZQyvw==, + integrity: sha512-k7MyrbD6E463CBbSpcOnwa8oXRdHzH1WiVzOipK3L5KSML92ZKgUBrTlehdi7PEIMT8k0bQixHUGXggPAlKnOQ==, } engines: { node: ^16.0.0 || >=18.0.0 } peerDependencies: @@ -2828,8 +2819,8 @@ packages: typescript: optional: true dependencies: - "@typescript-eslint/types": 7.0.2 - "@typescript-eslint/visitor-keys": 7.0.2 + "@typescript-eslint/types": 7.1.0 + "@typescript-eslint/visitor-keys": 7.1.0 debug: 4.3.4(supports-color@8.1.1) globby: 11.1.0 is-glob: 4.0.3 @@ -2841,10 +2832,10 @@ packages: - supports-color dev: true - /@typescript-eslint/utils@7.0.2(eslint@8.57.0)(typescript@5.3.3): + /@typescript-eslint/utils@7.1.0(eslint@8.57.0)(typescript@5.3.3): resolution: { - integrity: sha512-PZPIONBIB/X684bhT1XlrkjNZJIEevwkKDsdwfiu1WeqBxYEEdIgVDgm8/bbKHVu+6YOpeRqcfImTdImx/4Bsw==, + integrity: sha512-WUFba6PZC5OCGEmbweGpnNJytJiLG7ZvDBJJoUcX4qZYf1mGZ97mO2Mps6O2efxJcJdRNpqweCistDbZMwIVHw==, } engines: { node: ^16.0.0 || >=18.0.0 } peerDependencies: @@ -2853,9 +2844,9 @@ packages: "@eslint-community/eslint-utils": 4.4.0(eslint@8.57.0) "@types/json-schema": 7.0.15 "@types/semver": 7.5.8 - "@typescript-eslint/scope-manager": 7.0.2 - "@typescript-eslint/types": 7.0.2 - "@typescript-eslint/typescript-estree": 7.0.2(typescript@5.3.3) + "@typescript-eslint/scope-manager": 7.1.0 + "@typescript-eslint/types": 7.1.0 + "@typescript-eslint/typescript-estree": 7.1.0(typescript@5.3.3) eslint: 8.57.0 semver: 7.6.0 transitivePeerDependencies: @@ -2863,14 +2854,14 @@ packages: - typescript dev: true - /@typescript-eslint/visitor-keys@7.0.2: + /@typescript-eslint/visitor-keys@7.1.0: resolution: { - integrity: sha512-8Y+YiBmqPighbm5xA2k4wKTxRzx9EkBu7Rlw+WHqMvRJ3RPz/BMBO9b2ru0LUNmXg120PHUXD5+SWFy2R8DqlQ==, + integrity: sha512-FhUqNWluiGNzlvnDZiXad4mZRhtghdoKW6e98GoEOYSu5cND+E39rG5KwJMUzeENwm1ztYBRqof8wMLP+wNPIA==, } engines: { node: ^16.0.0 || >=18.0.0 } dependencies: - "@typescript-eslint/types": 7.0.2 + "@typescript-eslint/types": 7.1.0 eslint-visitor-keys: 3.4.3 dev: true @@ -10124,19 +10115,6 @@ packages: simple-concat: 1.0.1 dev: true - /sinon-chai@3.7.0(chai@4.4.1)(sinon@16.1.3): - resolution: - { - integrity: sha512-mf5NURdUaSdnatJx3uhoBOrY9dtL19fiOtAdT1Azxg3+lNJFiuN0uzaU3xX1LeAfL17kHQhTAJgpsfhbMJMY2g==, - } - peerDependencies: - chai: ^4.0.0 - sinon: ">=4.0.0" - dependencies: - chai: 4.4.1 - sinon: 16.1.3 - dev: true - /sinon-chai@3.7.0(chai@4.4.1)(sinon@17.0.1): resolution: { @@ -10150,20 +10128,6 @@ packages: sinon: 17.0.1 dev: true - /sinon@16.1.3: - resolution: - { - integrity: sha512-mjnWWeyxcAf9nC0bXcPmiDut+oE8HYridTNzBbF98AYVLmWwGRp2ISEpyhYflG1ifILT+eNn3BmKUJPxjXUPlA==, - } - dependencies: - "@sinonjs/commons": 3.0.1 - "@sinonjs/fake-timers": 10.3.0 - "@sinonjs/samsam": 8.0.0 - diff: 5.2.0 - nise: 5.1.9 - supports-color: 7.2.0 - dev: true - /sinon@17.0.1: resolution: { @@ -11233,10 +11197,10 @@ packages: } dev: true - /typescript-eslint@7.0.2(eslint@8.57.0)(typescript@5.3.3): + /typescript-eslint@7.1.0(eslint@8.57.0)(typescript@5.3.3): resolution: { - integrity: sha512-Nsb+Dfi897ErE3CtVJYBECBQWPGEpCXLqLCQarBhFtyJsHnhA7O39GmtAmN3dmZ6bIp8tP5T+AOUrEdE07SBVg==, + integrity: sha512-GfAALH4zoqae5mIfHr7WU3BsULHP73hjwF8vCmyTkH3IXHXjqg3JNWwUcd8CwOTLIr4tjRTZQWpToyESPnpOhg==, } engines: { node: ^16.0.0 || >=18.0.0 } peerDependencies: @@ -11246,8 +11210,8 @@ packages: typescript: optional: true dependencies: - "@typescript-eslint/eslint-plugin": 7.0.2(@typescript-eslint/parser@7.0.2)(eslint@8.57.0)(typescript@5.3.3) - "@typescript-eslint/parser": 7.0.2(eslint@8.57.0)(typescript@5.3.3) + "@typescript-eslint/eslint-plugin": 7.1.0(@typescript-eslint/parser@7.1.0)(eslint@8.57.0)(typescript@5.3.3) + "@typescript-eslint/parser": 7.1.0(eslint@8.57.0)(typescript@5.3.3) eslint: 8.57.0 typescript: 5.3.3 transitivePeerDependencies: