Merge branch 'main' of github.com:lifinance/contracts into improve-ad…

…d-safe-owner-script
lifinance · Feb 26, 2025 · abece46 · abece46
2 parents d11b503 + 40480a1
commit abece46
Show file tree

Hide file tree

Showing 33 changed files with 4,446 additions and 413 deletions.
diff --git a/.env.example b/.env.example
@@ -18,6 +18,7 @@ ETH_NODE_URI_FUSE=https://rpc.fuse.io #[pre-commit-checker: not a secret]
 ETH_NODE_URI_GNOSIS=https://rpc.ankr.com/gnosis #[pre-commit-checker: not a secret]
 ETH_NODE_URI_GRAVITY=https://rpc.gravity.xyz	 #[pre-commit-checker: not a secret]
 ETH_NODE_URI_IMMUTABLEZKEVM=https://rpc.immutable.com #[pre-commit-checker: not a secret]
+ETH_NODE_URI_INK=https://rpc-gel.inkonchain.com #[pre-commit-checker: not a secret]
 ETH_NODE_URI_KAIA=https://klaytn.drpc.org #[pre-commit-checker: not a secret]
 ETH_NODE_URI_LINEA=https://rpc.linea.build #[pre-commit-checker: not a secret]
 ETH_NODE_URI_LISK=https://rpc.api.lisk.com #[pre-commit-checker: not a secret]
@@ -73,3 +74,6 @@ GOERLI_ETHERSCAN_API_KEY=
 LINEATEST_ETHERSCAN_API_KEY=
 MUMBAI_ETHERSCAN_API_KEY=
 SEPOLIA_ETHERSCAN_API_KEY=
+
+# Mongo DB for SAFE transactions
+MONGODB_URI=""
diff --git a/.github/workflows/diamondEmergencyPause.yml b/.github/workflows/diamondEmergencyPause.yml
@@ -66,6 +66,7 @@ jobs:
           ETH_NODE_URI_GNOSIS: ${{ secrets.ETH_NODE_URI_GNOSIS }}
           ETH_NODE_URI_GRAVITY: ${{ secrets.ETH_NODE_URI_GRAVITY }}
           ETH_NODE_URI_IMMUTABLEZKEVM: ${{ secrets.ETH_NODE_URI_IMMUTABLEZKEVM }}
+          ETH_NODE_URI_INK: ${{ secrets.ETH_NODE_URI_INK }}
           ETH_NODE_URI_KAIA: ${{ secrets.ETH_NODE_URI_KAIA }}
           ETH_NODE_URI_LINEA: ${{ secrets.ETH_NODE_URI_LINEA }}
           ETH_NODE_URI_LISK: ${{ secrets.ETH_NODE_URI_LISK }}

diff --git a/.github/workflows/olympixStaticAnalysis.yml b/.github/workflows/olympixStaticAnalysis.yml
@@ -37,7 +37,7 @@ jobs:
         env:
           ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
         run: |
-          args=$(echo $ALL_CHANGED_FILES | xargs -n 1 -I {} printf -- "-p %s " "{}")
+          args=$(echo "$ALL_CHANGED_FILES" | xargs -n 1 printf -- "-p %s ")
           echo "ARGS=$args" >> $GITHUB_ENV
 
       - name: Run Olympix Integrated Security

diff --git a/.github/workflows/securityAlertsReview.yml b/.github/workflows/securityAlertsReview.yml
@@ -26,7 +26,7 @@ jobs:
       - name: Check if Olympix Static Analysis has run at least once and was successful
         id: check-analysis
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
           BRANCH_NAME: ${{ github.head_ref }}
         run: |
           # Fallback in case BRANCH_NAME is empty.
@@ -58,7 +58,7 @@ jobs:
       - name: Validate and set PR Number
         id: fetch_pr
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
         run: |
           if [ -z "${{ steps.findPr.outputs.number }}" ]; then
             echo "Error: No pull request found for this push." >&2
@@ -71,7 +71,7 @@ jobs:
 
       - name: Fetch Security Alerts for PR
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
         run: |
           echo "Fetching security alerts for PR #${PR_NUMBER}..."
           
@@ -118,7 +118,7 @@ jobs:
       - name: Find Existing PR Comment
         id: find_comment
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
         run: |
           echo "Searching for existing PR comment..."
           
@@ -134,7 +134,7 @@ jobs:
 
       - name: Post or Update PR Comment
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
         run: |
           COMMENT_BODY="### 🤖 GitHub Action: Security Alerts Review 🔍\n\n"
 
@@ -235,7 +235,7 @@ jobs:
 
       - name: Check if Action Should Fail And Revert To Draft
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
           PR_NUMBER: ${{ env.PR_NUMBER }}
         run: |
           echo "🔍 Checking if the workflow should fail and revert PR to draft based on security alerts..."
@@ -268,4 +268,4 @@ jobs:
             exit 1
           fi
 
-          echo "✅ No blocking security issues found. The workflow will pass successfully."
+          echo "✅ No blocking security issues found. The workflow will pass successfully."
diff --git a/.github/workflows/versionControlAndAuditCheck.yml b/.github/workflows/versionControlAndAuditCheck.yml
@@ -393,8 +393,8 @@ jobs:
           echo "This step will make sure that an audit is logged for each contract modified/added by this PR."
           echo "It will also make sure that no information is missing in the audit log and that the information is meaningful."
 
-          # load list of protected contracts
-          PROTECTED_CONTRACTS=$(cat contracts_for_audit.txt)
+          # convert from comma-separated to newline-separated
+          PROTECTED_CONTRACTS=$(tr ',' '\n' < contracts_for_audit.txt)
           echo "PROTECTED_CONTRACTS: $PROTECTED_CONTRACTS"
 
           ##### make sure that there are any protected contracts