Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

prepare mobile app for release candidate #3260

Merged
merged 15 commits into from
Mar 13, 2023
Merged

prepare mobile app for release candidate #3260

merged 15 commits into from
Mar 13, 2023

Conversation

peterpme
Copy link
Contributor

@peterpme peterpme commented Mar 9, 2023

  • updates
  • add sqllite shims

@vercel
Copy link

vercel bot commented Mar 9, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated
backpack ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Mar 13, 2023 at 2:11AM (UTC)

@github-actions
Copy link
Contributor

github-actions bot commented Mar 9, 2023
edited
Loading

yarn.lock changes

Summary

Status Count
ADDED 38
UPDATED 7
DOWNGRADED 2
Click to toggle table visibility
Name Status Previous Current
@expo/websql ADDED - 1.0.1
@mapbox/node-pre-gyp ADDED - 1.0.10
@solana/web3.js DOWNGRADED 1.73.3 1.63.1
abbrev ADDED - 1.1.1
aproba ADDED - 2.0.0
are-we-there-yet ADDED - 3.0.1
argsarray ADDED - 0.0.1
base64-arraybuffer-es6 ADDED - 1.0.0
canvas ADDED - 2.11.0
color-support ADDED - 1.1.3
console-control-strings ADDED - 1.1.0
detect-libc UPDATED 1.0.3 2.0.1
encoding ADDED - 0.1.13
env-paths ADDED - 2.2.1
eventtargeter ADDED - 0.8.0
expo-sqlite ADDED - 11.1.1
gauge ADDED - 4.0.4
has-unicode ADDED - 2.0.1
iconv-lite UPDATED 0.4.24 0.6.3
immediate UPDATED 3.0.6 3.3.0
indexeddbshim ADDED - 11.0.0-beta.0
ip UPDATED 1.1.8 2.0.0
is-lambda ADDED - 1.0.1
make-fetch-happen ADDED - 9.1.0
minipass-fetch ADDED - 1.4.1
minipass-sized ADDED - 1.0.3
node-gyp ADDED - 8.4.1
noop-fn ADDED - 1.0.0
nopt ADDED - 5.0.0
npmlog ADDED - 6.0.2
pouchdb-collections ADDED - 1.0.1
react-refresh DOWNGRADED 0.14.0 0.11.0
simple-concat ADDED - 1.0.1
simple-get ADDED - 3.1.1
smart-buffer ADDED - 4.2.0
socks-proxy-agent ADDED - 6.2.1
socks ADDED - 2.7.1
sqlite3 ADDED - 5.1.4
sync-promise ADDED - 1.0.1
tiny-queue ADDED - 0.2.1
tr46 UPDATED 2.1.0 3.0.0
typeson-registry ADDED - 4.0.0
typeson ADDED - 8.0.1
webidl-conversions UPDATED 6.1.0 7.0.0
websql ADDED - 2.0.1
whatwg-url UPDATED 8.7.0 11.0.0
wide-align ADDED - 1.1.5

@github-actions github-actions bot added the mobile Related to expo mobile app label Mar 9, 2023
@socket-security
Copy link

Socket Security Pull Request Report

Dependency issues detected: If you merge this pull request, you will not be alerted to the instances of these issues again.

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package Script field Source
[email protected] (added) install package.json via [email protected], [email protected], [email protected], [email protected], packages/app-mobile/package.json via [email protected], [email protected], packages/eslint-config-custom/package.json via [email protected], packages/message-sdk/package.json via [email protected]
🫣 Native code

Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.

Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.

Package Location Source
[email protected] (added) binding.gyp package.json via [email protected], [email protected], [email protected], [email protected], packages/app-mobile/package.json via [email protected], [email protected], packages/eslint-config-custom/package.json via [email protected], packages/message-sdk/package.json via [email protected]
Pull request report summary
Issue Status
Install scripts ⚠️ 1 issue
Native code ⚠️ 1 issue
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

⚠️ Please accept the latest app permissions to ensure bot commands work properly. Accept the new permissions here.

Powered by socket.dev

@peterpme peterpme marked this pull request as ready for review March 12, 2023 16:21
@peterpme peterpme changed the title rc changes prepare mobile app for release candidate Mar 12, 2023
@peterpme peterpme merged commit bafbc4f into master Mar 13, 2023
@peterpme peterpme deleted the peter/get-ready-for-rc branch March 13, 2023 03:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
extension mobile Related to expo mobile app
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@peterpme