Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changes for v0.9.0 #164

Merged
merged 11 commits into from
Sep 18, 2024
Merged

Changes for v0.9.0 #164

merged 11 commits into from
Sep 18, 2024

Conversation

claudioantonio
Copy link
Contributor

No description provided.

guidanoli and others added 11 commits September 5, 2024 10:49
@guidanoli
Run CI on PRs (#146)
56d8026
@endersonmaia @guidanoli
Make build reproducible (#148)
24daede 
* chore: bump go version to 1.23.0

* chore: bump cartesi/sdk to 0.9.0

* chore: bump Ubuntu to 24.04

* feat: attempt to make resulting image reproducible

- lock baseimage to ubuntu:noble-20240801
- avoid using apt upgrade -y
- lock version of all packages installed via apt

It's not guaranteed since apt update will bring the current state of the
remote mirror used and because of that the dependecies for the installed
packages can change between runs.

* fixup! feat: attempt to make resulting image reproducible

* fix: enhance determinism of binaries

Co-authored-by: Guilherme Dantas <[email protected]>

---------

Co-authored-by: Guilherme Dantas <[email protected]>
@claudioantonio
Create bounty for solidity 0.8.27 (#147)
1665181 
* Create bounty for solidity 0.8.27

* Removing unused var and duplicated value definition
@guidanoli
Add line length limit in Solidity bounty (#150)
0fae649
@guidanoli
Fix populate script (bump latest Lua version) (#149)
314ee3a
@guidanoli
Make archive metadata deterministic (#151)
24b5048
@guidanoli
Specify package manager for root package (#153)
0adeee1
@endersonmaia
feat: use apt update --snapshot for reproducibility (#154)
d518c9d
@endersonmaia
Add grype vulnerability scanner to CI (#155)
8674ef1 
* ci: add grype vulnerability scanner

* chore: bump go version to 1.23.1

* fix: go-ethereum CVE-2024-32972 (#158)
@guidanoli
Give security-events: write permission to CI (#161)
5247d90
@endersonmaia
feat: remove curl dependency from final image (#160)
a0f62f3
@claudioantonio claudioantonio self-assigned this Sep 18, 2024
@vercel Vercel
Copy link

vercel bot commented Sep 18, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
bug-buster ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 18, 2024 1:24pm

@claudioantonio claudioantonio changed the title Changes for v0.8.5 Changes for v0.9.0-alpha.1 Sep 18, 2024
@claudioantonio
Copy link
Contributor Author

@endersonmaia we got an error on CI related to the issue: Add grype vulnerability scanner to CI
Can you help us taking a look?

@endersonmaia
Copy link
Contributor

endersonmaia commented Sep 18, 2024
edited
Loading

@endersonmaia we got an error on CI related to the issue: Add grype vulnerability scanner to CI Can you help us taking a look?

We got this previously, and was supposedly solved by adding the security-events: write under permissions:

https://github.com/crypto-bug-hunters/bug-buster/pull/164/files#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R22

But I think that was not the case 🤔

I'll investigate it

@endersonmaia
Copy link
Contributor

@endersonmaia we got an error on CI related to the issue: Add grype vulnerability scanner to CI Can you help us taking a look?

We got this previously, and was supposedly solved by adding the security-events: write under permissions:

https://github.com/crypto-bug-hunters/bug-buster/pull/164/files#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R22

But I think that was not the case 🤔

I'll investigate it

That was it, the CI passes after 5247d90 commit.

@guidanoli guidanoli changed the title Changes for v0.9.0-alpha.1 Changes for v0.9.0 Sep 18, 2024
@guidanoli guidanoli merged commit 0cb34b4 into main Sep 18, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guidanoli guidanoli guidanoli approved these changes

Assignees

@claudioantonio claudioantonio

Labels
None yet
Projects
None yet
Milestone
0.9.0 - Solidity compiler bounty for ...
Development

Successfully merging this pull request may close these issues.
3 participants
@claudioantonio @endersonmaia @guidanoli