From 7ad945390ccb8e828f98694991790a4be90194ca Mon Sep 17 00:00:00 2001 From: lance <37203010+lancelaii@users.noreply.github.com> Date: Wed, 27 Sep 2023 12:26:56 +0800 Subject: [PATCH 1/2] Create security.yml --- .github/workflows/security.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .github/workflows/security.yml diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..06bd6a3 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,32 @@ +name: Slither Analysis + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + analyze: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + security-events: write + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Run Slither + uses: crytic/slither-action@v0.3.0 + id: slither + with: + target: 'contracts/' + node-version: 16 + sarif: results.sarif + fail-on: none + + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: ${{ steps.slither.outputs.sarif }} From 843b5e54817eec16120f504befc41b70dbd4f6c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 27 Sep 2023 04:27:38 +0000 Subject: [PATCH 2/2] Bump @openzeppelin/contracts from 4.9.0 to 4.9.3 Bumps [@openzeppelin/contracts](https://github.com/OpenZeppelin/openzeppelin-contracts) from 4.9.0 to 4.9.3. - [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts/releases) - [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.3/CHANGELOG.md) - [Commits](https://github.com/OpenZeppelin/openzeppelin-contracts/compare/v4.9.0...v4.9.3) --- updated-dependencies: - dependency-name: "@openzeppelin/contracts" dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6ecca31..198d045 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@openzeppelin/contracts": "^4.9.0", + "@openzeppelin/contracts": "^4.9.3", "@openzeppelin/contracts-upgradeable": "^4.9.0", "@openzeppelin/hardhat-upgrades": "^1.27.0" }, @@ -1623,9 +1623,9 @@ } }, "node_modules/@openzeppelin/contracts": { - "version": "4.9.0", - "resolved": "https://registry.npmjs.org/@openzeppelin/contracts/-/contracts-4.9.0.tgz", - "integrity": "sha512-DUP74AFGKlic2sQb/CmgrN2aUPMFGxRrmCTUxLHsiU2RzwWqVuMPZBxiAyvlff6Pea77uylAX6B5x9W6evEbhA==" + "version": "4.9.3", + "resolved": "https://registry.npmjs.org/@openzeppelin/contracts/-/contracts-4.9.3.tgz", + "integrity": "sha512-He3LieZ1pP2TNt5JbkPA4PNT9WC3gOTOlDcFGJW4Le4QKqwmiNJCRt44APfxMxvq7OugU/cqYuPcSBzOw38DAg==" }, "node_modules/@openzeppelin/contracts-upgradeable": { "version": "4.9.0", @@ -10555,9 +10555,9 @@ } }, "@openzeppelin/contracts": { - "version": "4.9.0", - "resolved": "https://registry.npmjs.org/@openzeppelin/contracts/-/contracts-4.9.0.tgz", - "integrity": "sha512-DUP74AFGKlic2sQb/CmgrN2aUPMFGxRrmCTUxLHsiU2RzwWqVuMPZBxiAyvlff6Pea77uylAX6B5x9W6evEbhA==" + "version": "4.9.3", + "resolved": "https://registry.npmjs.org/@openzeppelin/contracts/-/contracts-4.9.3.tgz", + "integrity": "sha512-He3LieZ1pP2TNt5JbkPA4PNT9WC3gOTOlDcFGJW4Le4QKqwmiNJCRt44APfxMxvq7OugU/cqYuPcSBzOw38DAg==" }, "@openzeppelin/contracts-upgradeable": { "version": "4.9.0", diff --git a/package.json b/package.json index 9fc6cc5..9565dec 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "hardhat": "^2.14.0" }, "dependencies": { - "@openzeppelin/contracts": "^4.9.0", + "@openzeppelin/contracts": "^4.9.3", "@openzeppelin/contracts-upgradeable": "^4.9.0", "@openzeppelin/hardhat-upgrades": "^1.27.0" }