Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
@dao-dao/utils
Advanced tools
A collection of simple utility functions used across packages.
This package contains Cosmos SDK protobuf definitions generated by Cosmology's Telescope.
To generate protobufs:
yarn protobuf
Sometimes definitions need to be manually fixed due to bugs and other
discrepancies. There is a patch file that records these modifications in
protobuf/patches.diff
.
To update the patch file when new changes are made:
Commit the changes so that the current branch is up-to-date with the desired changes.
Run:
yarn protobuf:patch:update
This will regenerate the protobufs, undoing all patches. Then, it records
the reverse diff between the committed changes and the regenerated protobufs
(since we want to undo the current changes). Lastly, it reapplies the latest
patches, and all changes should be made. If this works, only the
patches.diff
file should have changes.
Update the previous commit with the new patches.
git add protobuf/patches.diff
git commit --amend
To log the Code IDs from their config object in
constants/chains.ts
in a format to put into a
dao-contracts tagged
release:
let output = (obj) =>
console.log(Object.entries(obj).map(([key, value]) => {
const convertedKey = [...Array(key.length)].map((_, idx) => {
const c = key.charAt(idx)
// Convert capital letter to lowercase with a hyphen before.
if (/[A-Z]/.test(c)) {
return `${idx > 0 ? '-' : ''}${c.toLowerCase()}`
}
return c
}).join('')
return `${convertedKey}: ${value}`
}).join('\n'))
output({
...
DaoCore: 1,
...
})
To retrieve the Hermes packet filter entries for a given chain pair connected via Polytone:
import { SUPPORTED_CHAINS } from '@dao-dao/utils/constants/chains'
let output = (chainIdA: string, chainIdB: string) => {
const chainA = SUPPORTED_CHAINS.find((chain) => chain.chainId === chainIdA)
?.polytone?.[chainIdB]
const chainB = SUPPORTED_CHAINS.find((chain) => chain.chainId === chainIdB)
?.polytone?.[chainIdA]
if (!chainA && !chainB) {
throw new Error('Invalid chain pair')
}
console.log(chainIdA + ':')
if (chainA) {
console.log(`
# polytone to ${chainIdB} (note)
["wasm.${chainA.note}", "${chainA.localChannel}"],`)
}
if (chainB) {
console.log(`
# polytone from ${chainIdB} (voice)
["wasm.${chainB.voice}", "${chainB.remoteChannel}"],`)
}
console.log('\n\n' + chainIdB + ':')
if (chainB) {
console.log(`
# polytone to ${chainIdA} (note)
["wasm.${chainB.note}", "${chainB.localChannel}"],`)
}
if (chainA) {
console.log(`
# polytone from ${chainIdA} (voice)
["wasm.${chainA.voice}", "${chainA.remoteChannel}"],`)
}
}
output('chain-id-A', 'chain-id-B')
To retrieve the Hermes packet filter entries for a single chain's Polytone connections:
import { SUPPORTED_CHAINS } from '@dao-dao/utils/constants/chains'
let output = (chainId: string) => {
const chainPolytonesTo = Object.entries(
SUPPORTED_CHAINS.find((chain) => chain.chainId === chainId)?.polytone || {}
)
const chainPolytonesFrom = SUPPORTED_CHAINS.flatMap((chain) =>
chain.polytone?.[chainId]
? {
chainId: chain.chainId,
polytone: chain.polytone[chainId],
}
: []
)
const isolatedFroms = chainPolytonesFrom.filter(
({ chainId }) =>
!chainPolytonesTo.some((polytoneTo) => polytoneTo[0] === chainId)
)
const lines = [
...chainPolytonesTo.flatMap(([chainId, to]) => {
const toLine = ` # polytone to ${chainId} (note)\n ["wasm.${to.note}", "${to.localChannel}"]`
const from = chainPolytonesFrom.find(
(from) => from.chainId === chainId
)?.polytone
const fromLine =
from &&
` # polytone from ${chainId} (voice)\n ["wasm.${from.voice}", "${from.remoteChannel}"]`
return [toLine, ...(fromLine ? [fromLine] : [])]
}),
...isolatedFroms.map(
({ chainId, polytone }) =>
` # polytone from ${chainId} (voice)\n ["wasm.${polytone.voice}", "${polytone.remoteChannel}"]`
),
]
console.log(lines.join(',\n'))
}
output('chain-id')
FAQs
A collection of simple utility functions used across packages.
We found that @dao-dao/utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.