Skip to content

Comments

Fix merge branch 0xsequence/master#99

Closed
Dargon789 wants to merge 16 commits intov1from
fix-merge-branch-0xsequence/master
Closed

Fix merge branch 0xsequence/master#99
Dargon789 wants to merge 16 commits intov1from
fix-merge-branch-0xsequence/master

Conversation

@Dargon789
Copy link
Owner

@Dargon789 Dargon789 commented Dec 3, 2025

Summary by Sourcery

Update dependencies, improve security and issue management workflows, and adjust account address rendering.

New Features:

  • Add Fortify AST GitHub Actions workflow for automated security scanning.
  • Add CircleCI configuration with a basic custom executor and workflow.
  • Introduce GitHub issue templates for bug reports, feature requests, and custom issues.

Bug Fixes:

  • Resolve duplicate and outdated Express and Hardhat entries in the root package.json dependencies.
  • Render account addresses individually instead of as a JSON string in the wagmi project UI.

Enhancements:

  • Pin wagmi, viem, @wagmi/cli, and @tanstack/react-query to compatible version ranges in the wagmi project.
  • Clarify security vulnerability reporting instructions in SECURITY.md with a concrete contact method and response expectations.

CI:

  • Add Fortify AST scan GitHub Actions workflow for SAST scanning on pushes, PRs, and a weekly schedule.
  • Introduce a basic CircleCI pipeline configuration using a custom Docker-based executor.

Documentation:

  • Update SECURITY.md to specify how to report vulnerabilities and expected response times.

Dargon789 and others added 12 commits October 7, 2024 02:04
…yarn-security-group-e0cd778f82

Bump the npm_and_yarn group across 1 directory with 1 update
Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2.

See this package in npm:
@tanstack/react-query

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr
…9e16dcb9a2eda9

Snyk upgrade 03178c54d4c54014129e16dcb9a2eda9
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
@codesandbox
Copy link

codesandbox bot commented Dec 3, 2025

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@bolt-new-by-stackblitz
Copy link

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@vercel
Copy link

vercel bot commented Dec 3, 2025

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
sequence-js-docs Error Error Dec 13, 2025 3:19pm
sequence-js-web Error Error Dec 13, 2025 3:19pm
sequence.js Ready Ready Preview, Comment Dec 13, 2025 3:19pm

@sourcery-ai
Copy link

sourcery-ai bot commented Dec 3, 2025

Reviewer's Guide

This PR resolves merge-related inconsistencies while upgrading wagmi/viem-related dependencies, fixing a React rendering detail, clarifying security reporting instructions, and adding basic CI/issue-management configuration files (Fortify workflow, CircleCI stub, and GitHub issue templates).

File-Level Changes

Change Details Files
Align wagmi project dependencies on explicit compatible versions for wagmi, viem, and react-query.
  • Bump @tanstack/react-query from 5.45.1 to 5.64.2.
  • Replace loose 'latest' ranges for viem and wagmi with explicit compatible version ranges (^2.x and ^0.x.x).
  • Pin @wagmi/cli in devDependencies to ^0.x.x instead of latest.
wagmi-project/package.json
Resolve dependency duplication/merge artifact in root package.json.
  • Remove duplicate express entry and ensure a single express dependency at ^4.19.2.
  • Set hardhat to ^2.22.7 as the effective version.
package.json
Improve account addresses rendering in the wagmi demo app.
  • Change JSON.stringify rendering of account.addresses to mapping each address into its own keyed
    .
  • Add optional chaining on account.addresses to avoid runtime errors when addresses is undefined.
wagmi-project/src/App.tsx
Clarify and concretize the security vulnerability reporting process.
  • Replace placeholder instructions with a concrete security contact email and SLA-like expectations for initial response and updates.
SECURITY.md
Introduce Fortify AST scanning workflow for application security testing.
  • Add a GitHub Actions workflow that runs Fortify SAST scans on pushes, PRs to master, scheduled runs, and manual triggers.
  • Configure Java setup and Fortify action with environment variables sourced from repository secrets.
.github/workflows/fortify.yml
Add standard GitHub issue templates for bug reports, feature requests, and custom issues.
  • Create a structured bug report template capturing reproduction steps and environment details.
  • Create a feature request template including problem, solution, alternatives, and context sections.
  • Add a generic custom issue template scaffold.
.github/ISSUE_TEMPLATE/bug_report.md
.github/ISSUE_TEMPLATE/feature_request.md
.github/ISSUE_TEMPLATE/custom.md
Introduce initial CircleCI configuration with a custom executor and stub job.
  • Define a Docker-based executor using cimg/base:stable with Docker Hub auth placeholders.
  • Add a minimal job and workflow wiring using that executor, serving as a starting point for future CI steps.
.circleci/config.yml

Possibly linked issues


Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@snyk-io
Copy link

snyk-io bot commented Dec 3, 2025

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@gemini-code-assist
Copy link

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request integrates a series of updates and new configurations, likely stemming from a merge operation as indicated by the title. It focuses on enhancing development infrastructure by introducing CI/CD setup, standardizing issue reporting with new templates, and updating core project dependencies. Additionally, it includes a domain name change, refines the security vulnerability reporting process, and makes a minor but impactful improvement to how account addresses are rendered in the UI.

Highlights

  • CI/CD Configuration: A new CircleCI configuration file has been added, setting up a basic continuous integration pipeline with a custom executor and a job named 'web3-defi-game-project-'.
  • Issue Templates: Standard issue templates for bug reports and feature requests, along with a generic custom template, have been introduced to streamline issue management.
  • Dependency Updates: Several key dependencies have been updated, including 'hardhat' in the root 'package.json', and '@tanstack/react-query', 'viem', 'wagmi', and '@wagmi/cli' in the 'wagmi-project/package.json'.
  • Domain Name Change: The CNAME record has been updated from 'wagmi-project-two.vercel.app' to 'sequence.app', indicating a potential domain or branding change.
  • Security Policy Enhancement: The 'SECURITY.md' file has been updated to provide more specific instructions for reporting vulnerabilities, including an email address and expected response times.
  • UI Rendering Improvement: The 'wagmi-project/src/App.tsx' file has been modified to improve the display of multiple account addresses by mapping them to individual 'div' elements instead of using JSON stringification.
Ignored Files
  • Ignored by pattern: .github/workflows/** (1)
    • .github/workflows/fortify.yml
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

sourcery-ai[bot]
sourcery-ai bot previously approved these changes Dec 3, 2025
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey there - I've reviewed your changes - here's some feedback:

  • The updated wagmi-project/package.json uses invalid or overly loose semver ranges (e.g., "viem": "^2.x", "wagmi": "^0.x.x", "@wagmi/cli": "^0.x.x"); please replace these with valid, concrete version ranges (like "2.x" or "^2.10.0") so installs don’t fail or drift unexpectedly.
  • In the root package.json diff, eslint-plugin-prettier and ethers are removed from dependencies while only express and hardhat are re-added; double-check that these drops are intentional, as this change will remove them from the installed dependency graph.
Prompt for AI Agents
Please address the comments from this code review:

## Overall Comments
- The updated `wagmi-project/package.json` uses invalid or overly loose semver ranges (e.g., `"viem": "^2.x"`, `"wagmi": "^0.x.x"`, `"@wagmi/cli": "^0.x.x"`); please replace these with valid, concrete version ranges (like `"2.x"` or `"^2.10.0"`) so installs don’t fail or drift unexpectedly.
- In the root `package.json` diff, `eslint-plugin-prettier` and `ethers` are removed from `dependencies` while only `express` and `hardhat` are re-added; double-check that these drops are intentional, as this change will remove them from the installed dependency graph.

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces several valuable updates, including the setup of a basic CircleCI pipeline, the addition of GitHub issue templates for improved project management, and a clearer security vulnerability reporting process. Dependency management has been streamlined by removing duplicate entries in package.json and updating package versions in wagmi-project/package.json. The rendering of account addresses in the wagmi project UI has also been enhanced for better readability. Overall, these changes contribute positively to the project's maintainability, security, and development workflow.

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Repository owner deleted a comment from vercel bot Dec 3, 2025
Repository owner deleted a comment from vercel bot Dec 3, 2025
@Dargon789 Dargon789 enabled auto-merge (squash) December 3, 2025 20:31
@Dargon789 Dargon789 disabled auto-merge December 12, 2025 19:16
@Dargon789 Dargon789 enabled auto-merge December 13, 2025 15:09
Copy link
Owner Author

@Dargon789 Dargon789 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#99 fix merge master

Repository owner deleted a comment from vercel bot Dec 13, 2025
@Dargon789 Dargon789 disabled auto-merge December 13, 2025 15:21
@Dargon789 Dargon789 enabled auto-merge December 13, 2025 15:21
@Dargon789 Dargon789 closed this Dec 13, 2025
auto-merge was automatically disabled December 13, 2025 16:14

Pull request was closed

@github-project-automation github-project-automation bot moved this from Todo to Done in web3-Defi-Gamefi Feb 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

2 participants