Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chore/ts coverage #1195

Merged
merged 13 commits into from
Oct 23, 2023
Merged

Chore/ts coverage #1195

merged 13 commits into from
Oct 23, 2023

Conversation

pavjacko
Copy link
Member

@pavjacko pavjacko commented Oct 21, 2023
edited
Loading

Description

  • Type coverage upgrades and bug fixes

Breaking Changes

I have tested my changes on:

ReNative project directly:

  • ios simulator
  • ios device
  • android simulator
  • android device
  • web browser
  • tvos simulator
  • tvos device
  • androidtv simulator
  • androidtv device
  • androidwear simulator
  • androidwear device
  • tizen simulator
  • tizen device
  • tizenmobile simulator
  • tizenwatch device
  • webos simulator
  • webos device
  • macos
  • windows
  • chromecast device

New project:

  • ios simulator
  • ios device
  • android simulator
  • android device
  • web browser
  • tvos simulator
  • tvos device
  • androidtv simulator
  • androidtv device
  • androidwear simulator
  • androidwear device
  • tizen simulator
  • tizen device
  • tizenmobile simulator
  • tizenwatch device
  • webos simulator
  • webos device
  • macos
  • windows
  • chromecast device

Existing Project created with previous version of renative:

  • ios simulator
  • ios device
  • android simulator
  • android device
  • web browser
  • tvos simulator
  • tvos device
  • androidtv simulator
  • androidtv device
  • androidwear simulator
  • androidwear device
  • tizen simulator
  • tizen device
  • tizenmobile simulator
  • tizenwatch device
  • webos simulator
  • webos device
  • macos
  • windows
  • chromecast device

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 23, 2023
View reviewed changes
packages/core/src/system/fs.ts
if (val) {
if (typeof val === 'string') {
if (val.startsWith('$REF$:')) {
obj[key as keyof T] = _refToValue(c, val, key);

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
packages/core/src/system/fs.ts
const newKey = resolvePackage(key);
delete obj[key];
const newKey = resolvePackage(key) as keyof T;
delete obj[key as keyof T];

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
packages/core/src/system/fs.ts
obj[newKey] = resolvePackage(nVal);

const nVal = lGet(propConfig.files, key);
obj[newKey] = resolvePackage(nVal) as T[K];

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
packages/core/src/system/fs.ts
} else if (val.includes(BIND_PROPS)) {
Object.keys(props).forEach((pk) => {
val = val.replace(`${BIND_PROPS}${pk}}}`, props?.[pk]);
obj[newKey] = resolvePackage(val);
obj[newKey] = resolvePackage(val) as T[K];

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
packages/core/src/system/fs.ts
});
} else if (val.includes(BIND_CONFIG_PROPS)) {
Object.keys(configProps).forEach((pk2) => {
val = val.replace(`${BIND_CONFIG_PROPS}${pk2}}}`, configProps[pk2]);
obj[newKey] = resolvePackage(val);
obj[newKey] = resolvePackage(val) as T[K];

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
packages/core/src/system/fs.ts
});
} else if (val.includes(BIND_RUNTIME_PROPS)) {
Object.keys(runtimeProps).forEach((pk3) => {
val = val.replace(`${BIND_RUNTIME_PROPS}${pk3}}}`, runtimeProps[pk3]);
obj[newKey] = resolvePackage(val);
obj[newKey] = resolvePackage(val) as T[K];

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
packages/core/src/system/fs.ts
});
} else if (val.includes(BIND_ENV)) {
const key = val.replace(BIND_ENV, '').replace('}}', '');
obj[newKey] = process.env[key];
obj[newKey] = process.env[key] as T[K];

Check warning

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
library input
Loading
.
@pavjacko
Merge branch 'main' into chore/ts-coverage
5b83918 
* main:
  fix/androidwear and androidtv gradle settings
  Bump @babel/traverse from 7.22.20 to 7.23.2
@pavjacko pavjacko merged commit 2daeade into main Oct 23, 2023
1 check passed
@pavjacko pavjacko deleted the chore/ts-coverage branch October 23, 2023 06:03
@pavjacko pavjacko added this to the 1.0 milestone Dec 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.0
Development

Successfully merging this pull request may close these issues.
1 participant
@pavjacko