Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Frontend dk #91

Open
wants to merge 90 commits into
base: main
Choose a base branch
from
Open

Frontend dk #91

wants to merge 90 commits into from

Conversation

Ronexlemon
Copy link

No description provided.

anthonykimani and others added 30 commits September 28, 2022 08:18
@anthonykimani
Updates the ReadMe
d41983a
@Ronexlemon
initial commit
745ed77
@Ronexlemon
initialise hardhat
6dda53c
@Ronexlemon
added the rehemaTokens Mint contract
d35b5af
@Ronexlemon
added the joincommunity contract
b53f4f2
@Ronexlemon
Merge pull request #1 from Ronexlemon/Backend
3cd6a43 
Backend
@Ronexlemon
Merge pull request #1 from anthonykimani/main
fc9705d 
backendharhat
@Ronexlemon
combine RehemaMint Ang Join Community contracts
943be4c
@Ronexlemon
Merge pull request #2 from Ronexlemon/Backend
3fafe8a 
combine RehemaMint Ang Join Community contracts
@Ronexlemon
added the donate cUSD contract
5e13b50
@Ronexlemon
Merge pull request #3 from Ronexlemon/Backend
786bde0 
added the donate cUSD contract
@Ronexlemon
Merge pull request #4 from Ronexlemon/main
0eff10b 
Merge pull request #1 from anthonykimani/main
@Ronexlemon
Merge pull request #2 from anthonykimani/main
878c44d 
add the donate cUSD
@anthonykimani
Add a navbar
0153aa8
@anthonykimani
Merge branch 'main' of github.com:anthonykimani/build-with-celo-hacka…
5f733b7 
…thon into main
@anthonykimani
completes landing page
6745fe5
@Ronexlemon
Merge branch 'anthonykimani:main' into main
21f377a
@Ronexlemon
modify the contracts
b8287e5
@Ronexlemon
added the tumaini Dao
ddc1429
@Ronexlemon
include new dependecies
8a850d5
@Ronexlemon
Merge pull request #5 from Ronexlemon/contracts
feb800d 
Contracts
@Ronexlemon
Merge pull request #3 from anthonykimani/main
d22ed47 
modify the contracts
@Ronexlemon
deployed the contracts
e2d525f
@Ronexlemon
Merge pull request #6 from Ronexlemon/contracts
63729d0 
deployed the contracts
@Ronexlemon
Merge pull request #7 from Ronexlemon/main
46b57a0 
Merge pull request #3 from anthonykimani/main
@Ronexlemon
Merge pull request #4 from anthonykimani/main
4e9bff2 
pull request
@anthonykimani
Adds Proposal section and more styling
169c01d
@anthonykimani
Adds Proposal section and more styling
61520b5
@anthonykimani
Adds new proposal modal,proposal components and an individual proposa…
c9788c8 
…l component
@Ronexlemon
Merge pull request #5 from anthonykimani/main
4aafe3f 
pull request
Ronexlemon and others added 29 commits October 21, 2022 10:07
@Ronexlemon
implement write to the dao
5d2fd5c
@Ronexlemon
implement the add proposal functionality
c0a4f50
@Ronexlemon
Merge pull request #16 from Ronexlemon/daoimplementation
16b6e26 
Daoimplementation
@Ronexlemon
Merge pull request #11 from anthonykimani/main
99a188c 
Implement the read and write to dao
@Ronexlemon
implement voting
76ae4f5
@Ronexlemon
modify the dao contract
1304e8c
@Ronexlemon
change the dao contract
1dcfdc3
@Ronexlemon
modify the piechart options
730f37c
@Ronexlemon
implement voting functionality
e47d041
@Ronexlemon
Merge pull request #17 from Ronexlemon/DaoVoteimpelementation
694433d 
Dao voteimpelementation
@Ronexlemon
Merge pull request #12 from anthonykimani/main
d397d42 
voting implementation pull request
@Ronexlemon
modify the reject functionality
9dd4e73
@Ronexlemon
Merge pull request #18 from Ronexlemon/main
f85fb45 
pull request to update
@anthonykimani
Adds a community page
1dd3f40
@Ronexlemon
modification
3b3e758
@Ronexlemon
Merge branch 'main' into passdatatoproposalcard
3eca11b
@Ronexlemon
Merge pull request #19 from Ronexlemon/passdatatoproposalcard
76d5fd6 
modification
@Ronexlemon
Merge pull request #13 from anthonykimani/main
23b6172 
pull request
@Ronexlemon
implement comunity page
ad31f96
@Ronexlemon
implement community
9b488f3
@Ronexlemon
Merge pull request #20 from Ronexlemon/community
7455d14 
Community
fix: set user address to navbar
5fed6d0
style: style address button
d087ccc
style: style proposal page
ce4e696
style: style voting buttons
6e70142
style: style proposal cards
858dfb5
style: reduce navbar links size
d03257d
feat: style new proposl modal
d396e51
style: style community page
70a15f4
@socket-security
Copy link

Socket Security Pull Request Report

Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package Script field Source
bufferutil@4.0.6 (added) binding.gyp TUMAINI-DAO/client/package.json via ethers@5.7.2, @ethersproject/providers@5.7.2, ws@7.4.6
classic-level@1.2.0 (added) binding.gyp BACKENDHARDHAT/package.json via hardhat@2.12.0, @nomicfoundation/ethereumjs-blockchain@6.0.0, level@8.0.0
keccak@3.0.2 (added) binding.gyp BACKENDHARDHAT/package.json via hardhat@2.12.0,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1, ethereum-cryptography@0.1.3
secp256k1@4.0.3 (added) binding.gyp BACKENDHARDHAT/package.json via hardhat@2.12.0, @nomicfoundation/ethereumjs-block@4.0.0, ethereum-cryptography@0.1.3,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1, ethereum-cryptography@0.1.3
utf-8-validate@5.0.9 (added) binding.gyp TUMAINI-DAO/client/package.json via ethers@5.7.2, @ethersproject/providers@5.7.2, ws@7.4.6
web3-bzz@1.3.6 (added) postinstall TUMAINI-DAO/client/package.json via web3@1.3.6
keccak@3.0.2 (added) install BACKENDHARDHAT/package.json via hardhat@2.12.0,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1, ethereum-cryptography@0.1.3
secp256k1@4.0.3 (added) install BACKENDHARDHAT/package.json via hardhat@2.12.0, @nomicfoundation/ethereumjs-block@4.0.0, ethereum-cryptography@0.1.3,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1, ethereum-cryptography@0.1.3
web3@1.3.6 (added) postinstall TUMAINI-DAO/client/package.json
web3-shh@1.3.6 (added) postinstall TUMAINI-DAO/client/package.json via web3@1.3.6
core-js@3.25.3 (added) postinstall TUMAINI-DAO/client/package.json via react-scripts@5.0.1, react-app-polyfill@3.0.0
core-js-pure@3.25.3 (added) postinstall TUMAINI-DAO/client/package.json via react-scripts@5.0.1, @pmmmwh/react-refresh-webpack-plugin@0.5.7
bufferutil@4.0.6 (added) install TUMAINI-DAO/client/package.json via ethers@5.7.2, @ethersproject/providers@5.7.2, ws@7.4.6
classic-level@1.2.0 (added) install BACKENDHARDHAT/package.json via hardhat@2.12.0, @nomicfoundation/ethereumjs-blockchain@6.0.0, level@8.0.0
utf-8-validate@5.0.9 (added) install TUMAINI-DAO/client/package.json via ethers@5.7.2, @ethersproject/providers@5.7.2, ws@7.4.6
es5-ext@0.10.62 (added) postinstall TUMAINI-DAO/client/package.json via web3@1.3.6, web3-core@1.3.6, web3-core-requestmanager@1.3.6, web3-providers-ws@1.3.6, websocket@1.0.34
🫣 Native code

Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.

Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.

Package Location Source
bufferutil@4.0.6 (added) binding.gyp TUMAINI-DAO/client/package.json via ethers@5.7.2, @ethersproject/providers@5.7.2, ws@7.4.6
classic-level@1.2.0 (added) binding.gyp BACKENDHARDHAT/package.json via hardhat@2.12.0, @nomicfoundation/ethereumjs-blockchain@6.0.0, level@8.0.0
keccak@3.0.2 (added) binding.gyp BACKENDHARDHAT/package.json via hardhat@2.12.0,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1, ethereum-cryptography@0.1.3
secp256k1@4.0.3 (added) binding.gyp BACKENDHARDHAT/package.json via hardhat@2.12.0, @nomicfoundation/ethereumjs-block@4.0.0, ethereum-cryptography@0.1.3,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1, ethereum-cryptography@0.1.3
utf-8-validate@5.0.9 (added) binding.gyp TUMAINI-DAO/client/package.json via ethers@5.7.2, @ethersproject/providers@5.7.2, ws@7.4.6
😵‍💫 Bin script confusion

This package has multiple bin scripts with the same name. This can cause non-deterministic behavior when installing or could be a sign of a supply chain attack

Consider removing one of the conflicting packages. Packages should only export bin scripts with their name

Package Bin script Source
@nomicfoundation/ethereumjs-rlp@4.0.0 (added) rlp BACKENDHARDHAT/package.json via hardhat@2.12.0
rlp@2.2.7 (added) rlp BACKENDHARDHAT/package.json via @nomicfoundation/hardhat-toolbox@2.0.0, @nomicfoundation/hardhat-network-helpers@1.0.6, ethereumjs-util@7.1.5,TUMAINI-DAO/client/package.json via @celo/contractkit@2.2.0, @celo/utils@2.2.0, ethereumjs-util@5.2.1
jest@27.5.1 (added) jest TUMAINI-DAO/client/package.json via react-scripts@5.0.1
jest-cli@27.5.1 (added) jest TUMAINI-DAO/client/package.json via react-scripts@5.0.1, jest@27.5.1
🧌 Protestware/Troll package

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Package Note Source
es5-ext@0.10.62 (added) This package prints a protestware console message on install regarding Ukraine for users with Russian language locale TUMAINI-DAO/client/package.json via web3@1.3.6, web3-core@1.3.6, web3-core-requestmanager@1.3.6, web3-providers-ws@1.3.6, websocket@1.0.34
Pull request report summary
Issue Status
Install scripts ⚠️ 16 issues
Native code ⚠️ 5 issues
Bin script confusion ⚠️ 4 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ⚠️ 1 issue
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

  • @SocketSecurity ignore bufferutil@4.0.6
  • @SocketSecurity ignore classic-level@1.2.0
  • @SocketSecurity ignore keccak@3.0.2
  • @SocketSecurity ignore secp256k1@4.0.3
  • @SocketSecurity ignore utf-8-validate@5.0.9

Powered by socket.dev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Ronexlemon @anthonykimani