Refactor dependencies to use latest versions and update CI workflows for safe-modules-allowance. #490
Conversation
…for safe-modules-allowance.
mmv08
requested review from
nlordell,
akshay-ap and
remedcu
and removed request for
a team
…acts version 1.4.1.
modules/allowances/package.json
Outdated
| "author": "[email protected]", | ||
| "license": "ISC", | ||
| "author": "safe-global", | ||
| "license": "GPL-3.0", |
There was a problem hiding this comment.
FYI: GPL-3.0 is deprecated. https://spdx.org/licenses/GPL-3.0.html
There was a problem hiding this comment.
This is the one we use in the other files, I'd raise this with legal. It says the identifier has been deprecated but not the license. We need a translation from legalese
There was a problem hiding this comment.
I changed it to GPL because this is the one we use in other files. I see it's deprecated and asked in Slack which one we should use.
Let's address this later in a different PR (I can also revert the change until we get more clarity)
There was a problem hiding this comment.
This is the one we use in the other files, I'd raise this with legal. It says the identifier has been deprecated but not the license. We need a translation from legalese
The non-deprecated identifier is GPL-3.0-only.
There was a problem hiding this comment.
Basically, the GPL-3.0 identifier was ambiguous because GPL has a "license update clause" (meaning that if they come up with a GPL-4, then all GPL-3 code will also be licensed under v4). In SPDX, this was represented by GPL-3.0-or-later. GPL-3.0 changed to GPL-3.0-only to avoid confusion (as it is the GPL license opting out of the "license update clause").
There was a problem hiding this comment.
Looking at the contract code, this should be LGPL-3.0-only (see the SPDX identifier used in the Solidity code).
…ctories. * Remove unnecessary directory references in Safe4337Module.conf * Update package paths in SignatureLengthCheck.conf, TransactionExecutionMethods.conf and ValidationDataLastBitOne.conf * Refactor checkSignatures function in Account.sol to be viewless
| @@ -15,9 +15,10 @@ | |||
| ], | |||
| "rule_sanity": "basic", | |||
| "solc": "solc8.23", | |||
| "solc_allow_path":"../../node_modules", | |||
There was a problem hiding this comment.
Previously there was a bug with solc's allow path option and certora-cli, now it's fixed we can use it and get rid of the crazy direct links
| "@account-abstraction=../../node_modules/.pnpm/@[email protected]/node_modules/@account-abstraction", | ||
| "@safe-global=../../node_modules/.pnpm/@[email protected][email protected][email protected][email protected]_/node_modules/@safe-global" | ||
| "@account-abstraction=node_modules/@account-abstraction", | ||
| "@safe-global=node_modules/@safe-global" |
Pull Request Test Coverage Report for Build 11324077193Details
💛 - Coveralls |
|
I updated the licenses everywhere to be LGPL-3.0 only, except the recovery module, because I wasn't sure if we could change the license since it's a distribution of another project. |
mmv08
force-pushed
the
deps/bump
branch
6 times, most recently
from
a71cbef
to
fbc6511
Compare
This PR:
ISafeused in tests and in the production codepnpmin the Safe Allowance module