chore: rn-ldk version bump #1815

Jasonvdb · 2024-05-10T08:05:56Z

Description

Includes a fix for failing incoming duplicate payments synonymdev/react-native-ldk#236

Linked Issues/Tasks

#1580
#1488

Type of change

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
Refactoring (improving code without creating new functionality)

Tests

Detox test
Unit test
No test

QA Notes

Create an invoice and try to pay the same one from 2 different nodes. The 2nd sender should get a failed payment.

socket-security · 2024-05-10T08:06:34Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/[email protected]	None	`0`	64.6 kB	nicolo-ribaudo
npm/@babel/[email protected]	environment, filesystem, unsafe	`+3`	902 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+4`	831 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	2.69 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	430 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+1`	80.8 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	21.4 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	55 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	54.4 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	158 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	11.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	14.1 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	49.1 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	650 kB	nicolo-ribaudo
npm/@babel/[email protected]	environment	`+1`	26.1 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	1.88 MB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	2.79 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	5.42 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	4.13 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	6.86 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	5.55 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+2`	75.8 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	88.1 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+1`	127 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	22.7 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	81.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	17.5 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	6.2 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	4.63 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	42.4 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+1`	58.7 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	9.15 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	38 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	64.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	4.69 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+1`	22.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	7.11 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	21.2 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	4.64 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	15.9 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	126 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+1`	57.7 kB	nicolo-ribaudo
npm/@babel/[email protected]	environment, filesystem Transitive: unsafe	`+60`	2.68 MB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	262 kB	nicolo-ribaudo
npm/@babel/[email protected]	None	`+1`	655 kB	nicolo-ribaudo
npm/@babel/[email protected]	environment	`+1`	2.42 MB	nicolo-ribaudo
npm/@commitlint/[email protected]	Transitive: environment, filesystem, shell, unsafe	`+67`	4.3 MB	escapedcat
npm/@commitlint/[email protected]	Transitive: filesystem	`+7`	97.7 kB	escapedcat
npm/@hyperswarm/[email protected]	None	`+6`	179 kB	mafintosh
npm/@jridgewell/[email protected]	None	`+2`	259 kB	jridgewell
npm/@noble/[email protected]	None	`0`	743 kB	paulmillr
npm/@ptsecurity/[email protected]	None	`0`	3.5 kB	ptsecurity
npm/@radar/[email protected]	environment, filesystem Transitive: network	`+23`	8.81 MB	cavan-radar
npm/@react-native/[email protected]	environment Transitive: unsafe	`+22`	2.44 MB	react-native-bot
npm/@react-native/[email protected]	Transitive: environment, filesystem, unsafe	`+30`	6.56 MB	react-native-bot
npm/@react-native/[email protected]	environment Transitive: filesystem	`+4`	1 MB	react-native-bot
npm/@react-native/[email protected]	None	`0`	2.08 kB	lunaleaps
npm/@synonymdev/[email protected]	None	`0`	0 B
npm/@synonymdev/[email protected]	None	`+11`	239 kB	nzh
npm/@synonymdev/[email protected]	None	`+1`	21.5 kB	nzh
npm/@types/[email protected]	None	`0`	8.93 kB	types
npm/@types/[email protected]	None	`0`	3.16 kB	types
npm/@types/[email protected]	None	`0`	862 kB	types
npm/@types/[email protected]	None	`0`	3.25 kB	types
npm/@types/[email protected]	None	`0`	3.79 MB	types
npm/@types/[email protected]	None	`0`	2.8 kB	types
npm/@types/[email protected]	None	`+2`	1.66 MB	types
npm/@types/[email protected]	None	`0`	6.89 kB	types
npm/@types/[email protected]	None	`+4`	1.65 MB	types
npm/@types/[email protected]	None	`0`	5.74 kB	types
npm/[email protected]	None	`0`	27.5 kB	kasperisager
npm/[email protected]	Transitive: unsafe	`+2`	297 kB	nicolo-ribaudo
npm/[email protected]	None	`0`	3.66 kB	boopathi
npm/[email protected]	Transitive: environment, network	`+2`	1.85 MB	abrkn
npm/[email protected]	None	`+1`	9.68 kB	junderw
npm/[email protected]	environment	`+3`	39.4 kB	sindresorhus
npm/[email protected]	None	`0`	12.5 kB	kasperisager
npm/[email protected]	None	`0`	47.8 kB	mafintosh
npm/[email protected]	None	`0`	686 kB	zloirock
npm/[email protected]	network	`+3`	406 kB	lquixada
npm/[email protected]	environment, eval, filesystem, network, shell, unsafe	`+14`	8.45 MB	wix.mobile
npm/[email protected]	None	`0`	59.4 kB	mafintosh
npm/[email protected]	None	`+1`	521 kB	brianzchen
npm/[email protected]	None	`+1`	91.9 kB	eslintbot
npm/[email protected]	environment, filesystem Transitive: eval, unsafe	`+43`	7.52 MB	eslintbot
npm/[email protected]	None	`0`	21.8 kB	endless
npm/[email protected]	filesystem Transitive: environment	`+8`	106 kB	isaacs
npm/[email protected]	None	`0`	38.9 kB	mridgway
npm/[email protected]	environment, filesystem, shell	`0`	3.61 kB	typicode
npm/[email protected]	None	`0`	83.4 kB	mafintosh
npm/[email protected]	None	`0`	9.87 kB	mafintosh
npm/[email protected]	None	`0`	21.6 kB	mafintosh
npm/[email protected]	filesystem, network	`0`	110 kB	chill1
npm/[email protected]	filesystem Transitive: environment	`+9`	794 kB	metro-bot
npm/[email protected]	None	`0`	73.3 kB	metro-bot
npm/[email protected]	Transitive: environment	`+1`	46.8 kB	usmanyunusov
npm/[email protected]	None	`0`	21.7 kB	ai
npm/[email protected]	network	`+3`	492 kB	node-fetch-bot
npm/[email protected]	None	`+1`	9.55 kB	chm-diederichs
npm/[email protected]	None	`+1`	40 kB	mafintosh
npm/[email protected]	None	`0`	60.2 kB	simenb
npm/[email protected]	environment	`0`	94.5 kB	ljharb
npm/[email protected]	None	`0`	30 kB	mafintosh
npm/[email protected]	None	`+2`	22.4 kB	ijzerenhein
npm/[email protected]	None	`0`	682 kB	schie
npm/[email protected]	environment, filesystem	`+1`	101 kB	goatandsheep
npm/[email protected]	None	`0`	523 kB	computerjazz
npm/[email protected]	None	`0`	40.3 kB	wumke
npm/[email protected]	None	`0`	40.9 kB	acostalima
npm/[email protected]	None	`0`	120 kB	flipper-bot
npm/[email protected]	None	`0`	570 kB	hagen
npm/[email protected]	None	`+1`	3.33 MB	jakub.piasecki
npm/[email protected]	None	`0`	696 kB	mkuczera
npm/[email protected]	None	`0`	178 kB	johandutoit
npm/[email protected]	None	`0`	30.1 kB	ardaogulcan
npm/[email protected]	None	`0`	205 kB	oblador
npm/[email protected]	None	`0`	125 kB	zoontek
npm/[email protected]	None	`0`	5.58 kB	krosf
npm/[email protected]	None	`0`	3.24 MB	mrousavy
npm/[email protected]	None	`0`	72.7 kB	mmazzarolo
npm/[email protected]	None	`0`	518 kB	zoontek
npm/[email protected]	network	`0`	19.9 kB	acostalima
npm/[email protected]	None	`0`	144 kB	awesomejerry
npm/[email protected]	None	`0`	532 kB	jordanbyron
npm/[email protected]	None	`0`	2.11 MB	craftzdog
npm/[email protected]	None	`0`	821 kB	mrousavy
npm/[email protected]	None	`0`	55.9 kB	tenaciousmv
npm/[email protected]	None	`0`	595 kB	zhaodonghao586
npm/[email protected]	environment, eval	`+2`	3.66 MB	piaskowyk
npm/[email protected]	None	`0`	691 kB	skapala
npm/[email protected]	None	`0`	599 kB	avishayil
npm/[email protected]	environment	`0`	236 kB	janicduplessis
npm/[email protected]	None	`+1`	1.28 MB	tboba
npm/[email protected]	None	`0`	317 kB	mateusandrade
npm/[email protected]	None	`0`	3.44 kB	limpbrains
npm/[email protected]	None	`0`	13.5 kB	kristerkari
npm/[email protected]	network	`+4`	3.17 MB	wolewicki
npm/[email protected]	None	`+1`	182 kB	rapsssito
npm/[email protected]	None	`0`	42 kB	calintamas
npm/[email protected]	None	`0`	114 kB	plrthink
npm/[email protected]	environment	`0`	739 kB	acemarke
npm/[email protected]	None	`0`	10.6 kB	plwai
npm/[email protected]	None	`0`	34.3 kB	evgenyrodionov
npm/[email protected]	environment	`0`	418 kB	rt2zz
npm/[email protected]	None	`0`	26.8 kB	acemarke
npm/[email protected]	None	`0`	290 kB	phryneas
npm/[email protected]	None	`0`	27.8 kB	benjamn
npm/[email protected]	environment, filesystem	`+2`	158 kB	ljharb
npm/[email protected]	None	`0`	29.3 kB	darleikroth
npm/[email protected]	None	`0`	111 kB	gevorg94
npm/[email protected]	None	`0`	2.77 kB	mafintosh
npm/[email protected]	None	`0`	1.89 MB	fanatid
npm/[email protected]	None	`0`	13.4 MB	pwltr
npm/[email protected]	None	`+9`	3.94 MB	mafintosh
npm/[email protected]	None	`0`	44.4 kB	mafintosh
npm/[email protected]	environment	`+2`	3.03 MB	probablyup
npm/[email protected]	None	`0`	7.9 kB	mafintosh
npm/[email protected]	None	`0`	60 kB	typescript-bot
npm/[email protected]	None	`0`	19.1 kB	dcousens
npm/[email protected]	filesystem, shell Transitive: environment	`+1`	19.5 kB	ai
npm/[email protected]	None	`+2`	17.7 kB	dcousens
npm/[email protected]	environment, filesystem	`+3`	360 kB	oss-bot

View full report↗︎

socket-security · 2024-05-10T08:06:36Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/[email protected]	Install script: postinstall Source: `node scripts/postinstall`	`package.json`
Install scripts	npm/[email protected]	Install script: postinstall Source: `node scripts/postinstall`	`package.json`
Install scripts	npm/[email protected]	Install script: install Source: `npm run build \|\| echo "secp256k1 bindings compilation fail. Pure JS implementation will be used."`	`package.json`
Install scripts	npm/[email protected]	Install script: postinstall Source: `node scripts/postinstall.js`	`package.json`
Install scripts	npm/[email protected]	Install script: postinstall Source: `tar -xzf libsodium/build.tgz --directory ./libsodium`	`package.json`

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]

Jasonvdb · 2024-05-13T08:37:44Z

Cannot see why so many dependencies changed. None were changed in react-native-ldk

chore: rn-ldk version bump

3635773

Jasonvdb requested review from pwltr and limpbrains May 13, 2024 08:36

limpbrains approved these changes May 13, 2024

View reviewed changes

Jasonvdb merged commit b4a73d2 into master May 13, 2024
5 of 6 checks passed

Jasonvdb deleted the ldk-bump branch May 13, 2024 09:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: rn-ldk version bump #1815

chore: rn-ldk version bump #1815

Jasonvdb commented May 10, 2024

socket-security bot commented May 10, 2024 •

edited

Loading

socket-security bot commented May 10, 2024 •

edited

Loading

Jasonvdb commented May 13, 2024

chore: rn-ldk version bump #1815

chore: rn-ldk version bump #1815

Conversation

Jasonvdb commented May 10, 2024

Description

Linked Issues/Tasks

Type of change

Tests

QA Notes

socket-security bot commented May 10, 2024 • edited Loading

socket-security bot commented May 10, 2024 • edited Loading

Next steps

Jasonvdb commented May 13, 2024

socket-security bot commented May 10, 2024 •

edited

Loading

socket-security bot commented May 10, 2024 •

edited

Loading