Switch to monorepo

[saleel]

• Switch to monorepo pattern with yarn workspace
• Move twitter specific circuit/contracts to separate package
• Add tests for email verifier circuit
• Add tests for twitter circuit
• Add helpers library with reusable utils

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
browserstack-node-sdk	1.17.0	None	+4	8.45 MB	browserstack
circomlib	2.0.5	None	+0	3.18 MB	jbaylina
jest-environment-jsdom	29.5.0	None	+2	7.64 MB	simenb
ts-jest	29.1.0	filesystem, environment	+3	4.19 MB	kul
@openzeppelin/contracts	4.9.1	None	+0	2.05 MB	frangio
@openzeppelin/contracts-upgradeable	4.9.1	None	+0	2.1 MB	frangio
@openzeppelin/contracts-upgradeable	4.9.2	None	+0	2.11 MB	frangio
@vitejs/plugin-react	4.0.0	None	+6	13 MB	vitebot

🚮 Removed packages: @testing-library/user-event@13.5.0, @types/node@20.2.5, @vitejs/plugin-react@4.0.3, base64-sol@1.1.0, browserstack-node-sdk@1.23.2, cryo@0.0.6, ethereumjs-abi@0.6.8, forge-std@1.1.2, jest-environment-jsdom@29.6.1, next@12.3.4, nodemon@2.0.22, prettier@2.8.8, prettier-plugin-solidity@1.1.3, react-dropzone@12.1.0, react-error-overlay@6.0.9, react-json-view@1.21.3, readline@1.3.0, ts-node-dev@2.0.0, vite-plugin-svgr@2.4.0, web-vitals@2.1.4

[Divide-By-0]

typo on packages

[Divide-By-0]

wait so where did this file go? is there an updated readme for how to compile/run?

[saleel]

The scripts folder was moved to packages/twitter-verifier-circuits/scripts along with the circom files for twitter.
I have to update the paths in Readme. I will do it if the structure makes sense.

[Divide-By-0]

Cool -- some minor merge conflicts but other than that, code looks fine to me. Would be great to update the readme so its up to date with the new structure!

I don't have enough experience with npm package structures so willing to trust your experience here on that.

[saleel]

Yea, I will fix the conflicts and update the Readme. Some existing stuff in the Readme was also updated if I remember correctly.
Structure wise this is good IMO. The main change was splitting the Twitter circuit in to two - new tests work well but wanted to be sure I have not missed anything.

Another thing that could be improved is the helper package. There are many helper functions that could be cleaned/refactored for better consumption. We can work on that progressively to make this a proper SDK.

[gitguardian]

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request

GitGuardian id	Secret	Commit	Filename
7202475	Generic High Entropy Secret	58864c8	packages/twitter-verifier-app/index.jsx	View secret
7202475	Generic High Entropy Secret	bf7967c	packages/twitter-verifier-app/index.jsx	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secrets safely. Learn here the best practices.
3. Revoke and rotate these secrets.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

<sup>🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!</sup>