-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
batcher: add batchSubmitter.checkExpectedProgress #12430
Conversation
Semgrep found 1 TODO in error handling code Ignore this finding from err-todo. |
Semgrep found 3
require() must include a reason string Ignore this finding from sol-style-require-reason.Semgrep found 6
Inputs to functions must be prepended with an underscore ( Semgrep found 4
No Semgrep found 1 Do not use Semgrep found 1 MarshalJSON with a pointer receiver has surprising results: golang/go#22967 Ignore this finding from marshal-json-pointer-receiver.Semgrep found 1 superfluous nil err check before return Ignore this finding from err-nil-check. |
fbbf8e4
to
d526e42
Compare
Semgrep found 7
require() must include a reason string Ignore this finding from sol-style-require-reason.Semgrep found 2
Prefer Semgrep found 11
Inputs to functions must be prepended with an underscore ( Semgrep found 19
No Semgrep found 1 Modifiers that don't do something before and after execution are banned. Ignore this finding from ban_non_wraparound_modifiers.Semgrep found 1 Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. Ignore this finding from no-direct-write-to-responsewriter.Semgrep found 1 Do not use Semgrep found 1 Untrusted input could be used to tamper with a web page rendering, which can lead to a Cross-site scripting (XSS) vulnerability. XSS vulnerabilities occur when untrusted input executes malicious JavaScript code, leading to issues such as account compromise and sensitive information leakage. To prevent this vulnerability, validate the user input, perform contextual output encoding or sanitize the input. For more information, see: Go XSS prevention. View Dataflow Graphflowchart LR
classDef invis fill:white, stroke: none
classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none
subgraph File0["<b>op-challenger/game/fault/trace/prestates/multi_test.go</b>"]
direction LR
%% Source
subgraph Source
direction LR
v0["<a href=https://github.com/ethereum-optimism/optimism/blob/3df8d166daaea9e96139c050c390244192766239/op-challenger/game/fault/trace/prestates/multi_test.go#L172 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 172] r.URL</a>"]
end
%% Intermediate
%% Sink
subgraph Sink
direction LR
v1["<a href=https://github.com/ethereum-optimism/optimism/blob/3df8d166daaea9e96139c050c390244192766239/op-challenger/game/fault/trace/prestates/multi_test.go#L172 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 172] w.Write([]byte(r.URL.Path))</a>"]
end
end
%% Class Assignment
Source:::invis
Sink:::invis
File0:::invis
%% Connections
Source --> Sink
Semgrep found 5
use net.JoinHostPort instead of fmt.Sprintf(localhost, c.consensusPort) Ignore this finding from sprintf-host-port. |
3df8d16
to
055e96e
Compare
make parameters "tighter" / more realistic and check an extra case
b2ccead
to
a2ff417
Compare
towards #12124