Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dev #24

Merged
merged 51 commits into from
Nov 29, 2024
Merged

Dev #24

merged 51 commits into from
Nov 29, 2024

Conversation

Lex-Ai
Copy link
Contributor

@Lex-Ai Lex-Ai commented Nov 29, 2024

No description provided.

@1aerostorm
HF 29 - Add delegate_vs, and sponsor counters to messenger
07fd581
@1aerostorm
Add notificounters for NFT
a0bb7ac
@1aerostorm
Referral notifications
6a7b4b5
@1aerostorm
Fix Formik
4e90fb0
@1aerostorm
Private groups
7615ffe
@1aerostorm
HF 30 - Add NFT notifications
2a1fd8b
@1aerostorm
HF 30 - Private message groups
d23818e
@1aerostorm
HF 30 - Private message groups
6d9fada
@1aerostorm
HF 30 - Private message groups
c01be70
@1aerostorm
HF 30 - Private message groups
946b851
@1aerostorm
HF 30 - Private message groups
50cbc0b
@1aerostorm
HF 30 - Private message groups
58e7238
@1aerostorm
HF 30 - Private message groups - members, etc.
8dfa1f4
@1aerostorm
HF 30 - Private group, some fixes
5d150a8
@1aerostorm
HF 30 - Private group, finish members
e3ac7e6
@1aerostorm
HF 30 - Private groups - ability to view group, refactor code
44992e0
@1aerostorm
HF 30 - Private groups - managing groups
3a704e9
@1aerostorm
Test deps
9fdf149
@1aerostorm
HF 30 - Private groups dropdown + Update react-foundation-components
edc6620
@1aerostorm
git-install
89f5baa
@1aerostorm
HF 30 - Private groups dropdown
e1b850c
@1aerostorm
HF 30 - Private groups
d7f1d58
@1aerostorm
HF 30 - Private groups - Small fixes in stubs
18e641d
@1aerostorm
HF 30 - Private groups
36853f2
@1aerostorm
HF 30 - Private messages - Block/Unblock
55eb524
@1aerostorm
HF 30 - Private messages - fix sendMessage
dd4cad4
@1aerostorm
HF 30 - Private groups - TOP
46c24eb
@1aerostorm
HF 30 - Private messages
0a1e39d
@1aerostorm
HF 30 - Private groups
be4e832
@1aerostorm
HF 30 - Profiling
e47e553
@1aerostorm
HF 30 - Improve private groups performance
67201a4
@1aerostorm
HF 30 - Private groups - Avatars
51a90de
@1aerostorm
HF 30 - getThrentacts
c5d6283
@1aerostorm
HF 30 - Acc cache
145c472
@1aerostorm
HF 30 - lib
67d4438
@1aerostorm
HF 30 - Fix quoting, moderation editing
bd590fe
@1aerostorm
HF 30 - Avatars in private groups
515b8a0
@1aerostorm
HF 30 - Lettered avatars
1e2ae41
@1aerostorm
HF 30 - Private groups notifications
75f41ca
@1aerostorm
HF 30 - Private groups - Account avatars, mini-accounts
abd8681
@1aerostorm
HF 30 - Private groups - WebSocket, memo key not required, fixes
8e98fff
@1aerostorm
HF 30 - Private groups - Do not decrypt own messages
04c4041
@1aerostorm
HF 30 - Private groups - Load avatars of new messages
ca9e4ac
@1aerostorm
HF 30 - Private groups - Clear/remove chat notification
78d0b01
@1aerostorm
HF 30 - Private groups - Lettered Avatar Color
63cf192
@1aerostorm
HF 30 - Private groups - Fix donates
168ee08
@1aerostorm
HF 30 - Private groups - Mentions, replies, fix mark messages
2682be6
@1aerostorm
HF 30 - Fix apps (desktop, Android)
eda61e6
@1aerostorm
Mobile app - Fix updates
f375ebd
@1aerostorm
Mobile app - New icons
37cbeeb
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 29, 2024
View reviewed changes
src/components/elements/messages/ConversationListItem/index.jsx
const { data } = this.props
const { contact } = data
const pattern = conversationLinkPattern(data)
return pattern.replace('*', contact)

Check failure

Code scanning / CodeQL

Incomplete string escaping or encoding High

This replaces only the first occurrence of '*'.

Copilot Autofix AI 27 days ago

To fix the problem, we need to ensure that all occurrences of the asterisk (*) in the pattern string are replaced with the contact value. This can be achieved by using a regular expression with the global flag (g). This change will ensure that every instance of * in the pattern is replaced, not just the first one.

Suggested changeset 1
src/components/elements/messages/ConversationListItem/index.jsx

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/components/elements/messages/ConversationListItem/index.jsx b/src/components/elements/messages/ConversationListItem/index.jsx
--- a/src/components/elements/messages/ConversationListItem/index.jsx
+++ b/src/components/elements/messages/ConversationListItem/index.jsx
@@ -40,3 +40,3 @@
             const pattern = conversationLinkPattern(data)
-            return pattern.replace('*', contact)
+            return pattern.replace(/\*/g, contact)
         }
EOF
@@ -40,3 +40,3 @@
const pattern = conversationLinkPattern(data)
return pattern.replace('*', contact)
return pattern.replace(/\*/g, contact)
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
src/components/modules/CreateGroup.jsx
const { closeMe } = this.props
if (closeMe) closeMe()
if (redirectAfter) {
window.location.href = '/' + data.name

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text
Loading
is reinterpreted as HTML without escaping meta-characters.

Copilot Autofix AI 27 days ago

To fix the problem, we need to ensure that the data.name value is properly sanitized or encoded before it is used in the URL assignment. This can be achieved by using a library that provides encoding functions to escape any potentially dangerous characters in the data.name value.

The best way to fix this issue without changing existing functionality is to use the encodeURIComponent function, which encodes a URI component by escaping special characters. This will ensure that any potentially dangerous characters in data.name are safely encoded before being used in the URL.

Suggested changeset 1
src/components/modules/CreateGroup.jsx

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/components/modules/CreateGroup.jsx b/src/components/modules/CreateGroup.jsx
--- a/src/components/modules/CreateGroup.jsx
+++ b/src/components/modules/CreateGroup.jsx
@@ -170,3 +170,3 @@
                     if (redirectAfter) {
-                        window.location.href = '/' + data.name
+                        window.location.href = '/' + encodeURIComponent(data.name)
                         return
EOF
@@ -170,3 +170,3 @@
if (redirectAfter) {
window.location.href = '/' + data.name
window.location.href = '/' + encodeURIComponent(data.name)
return
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@Lex-Ai Lex-Ai merged commit b071c4b into master Nov 29, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Lex-Ai @1aerostorm