compound-finance · Dargon789 · Feb 1, 2025 · Feb 2, 2025 · Feb 27, 2025 · Mar 3, 2025
diff --git a/.circleci/config_own.yml b/.circleci/config_own.yml
@@ -0,0 +1,26 @@
+# Use the latest 2.1 version of CircleCI pipeline process engine.
+# See: https://circleci.com/docs/configuration-reference
+
+version: 2.1
+executors:
+  my-custom-executor:
+    docker:
+      - image: cimg/base:stable
+        auth:
+          # ensure you have first added these secrets
+          # visit app.circleci.com/settings/project/github/Dargon789/hardhat-project/environment-variables
+          username: $DOCKER_HUB_USER
+          password: $DOCKER_HUB_PASSWORD
+jobs:
+  web3-defi-game-project-:
+
+    executor: my-custom-executor
+    steps:
+      - checkout
+      - run: |
+          # echo Hello, World!
+
+workflows:
+  my-custom-workflow:
+    jobs:
+      - web3-defi-game-project-
diff --git a/.github/workflows/octopusdeploy.yml b/.github/workflows/octopusdeploy.yml
@@ -0,0 +1,112 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by separate terms of service,
+# privacy policy, and support documentation.
+#
+# This workflow will build and publish a Docker container which is then deployed through Octopus Deploy.
+#
+# The build job in this workflow currently assumes that there is a Dockerfile that generates the relevant application image.
+# If required, this job can be modified to generate whatever alternative build artifact is required for your deployment.
+#
+# This workflow assumes you have already created a Project in Octopus Deploy.
+# For instructions see https://octopus.com/docs/projects/setting-up-projects
+#
+# To configure this workflow:
+#
+# 1. Decide where you are going to host your image.
+#    This template uses the GitHub Registry for simplicity but if required you can update the relevant DOCKER_REGISTRY variables below.
+#
+# 2. Create and configure an OIDC credential for a service account in Octopus.
+#    This allows for passwordless authentication to your Octopus instance through a trust relationship configured between Octopus, GitHub and your GitHub Repository.
+#    https://octopus.com/docs/octopus-rest-api/openid-connect/github-actions
+#
+# 3. Configure your Octopus project details below:
+#      OCTOPUS_URL: update to your Octopus Instance Url
+#      OCTOPUS_SERVICE_ACCOUNT: update to your service account Id
+#      OCTOPUS_SPACE: update to the name of the space your project is configured in
+#      OCTOPUS_PROJECT: update to the name of your Octopus project
+#      OCTOPUS_ENVIRONMENT: update to the name of the environment to recieve the first deployment
+
+
+name: 'Build and Deploy to Octopus Deploy'
+
+on:
+  push:
+    branches:
+      - '"master"'
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    env:
+      DOCKER_REGISTRY: ghcr.io                                # TODO: Update to your docker registry uri
+      DOCKER_REGISTRY_USERNAME: ${{ github.actor }}           # TODO: Update to your docker registry username
+      DOCKER_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}   # TODO: Update to your docker registry password
+    outputs:
+      image_tag: ${{ steps.meta.outputs.version }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        with:
+          registry: ${{ env.DOCKER_REGISTRY }}
+          username: ${{ env.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ env.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}
+          tags: type=semver,pattern={{version}},value=v1.0.0-{{sha}}
+
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+  deploy:
+    name: Deploy
+    permissions:
+      id-token: write
+    runs-on: ubuntu-latest
+    needs: [ build ]
+    env:
+      OCTOPUS_URL: 'https://your-octopus-url'             # TODO: update to your Octopus Instance url
+      OCTOPUS_SERVICE_ACCOUNT: 'your-service-account-id'  # TODO: update to your service account Id
+      OCTOPUS_SPACE: 'your-space'                         # TODO: update to the name of the space your project is configured in
+      OCTOPUS_PROJECT: 'your-project'                     # TODO: update to the name of your Octopus project
+      OCTOPUS_ENVIRONMENT: 'your-environment'             # TODO: update to the name of the environment to recieve the first deployment
+
+    steps:
+      - name: Log in to Octopus Deploy
+        uses: OctopusDeploy/login@34b6dcc1e86fa373c14e6a28c5507d221e4de629  #v1.0.2
+        with:
+          server: '${{ env.OCTOPUS_URL }}'
+          service_account_id: '${{ env.OCTOPUS_SERVICE_ACCOUNT }}'
+
+      - name: Create Release
+        id: create_release
+        uses: OctopusDeploy/create-release-action@fea7e7b45c38c021b6bc5a14bd7eaa2ed5269214 #v3.2.2
+        with:
+          project: '${{ env.OCTOPUS_PROJECT }}'
+          space: '${{ env.OCTOPUS_SPACE }}'
+          packages: '*:${{ needs.build.outputs.image_tag }}'
+
+      - name: Deploy Release
+        uses: OctopusDeploy/deploy-release-action@b10a606c903b0a5bce24102af9d066638ab429ac #v3.2.1
+        with:
+          project: '${{ env.OCTOPUS_PROJECT }}'
+          space: '${{ env.OCTOPUS_SPACE }}'
+          release_number: '${{ steps.create_release.outputs.release_number  }}'
+          environments: ${{ env.OCTOPUS_ENVIRONMENT }}
diff --git a/.snyk b/.snyk
@@ -0,0 +1,196 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - eth-saddle > @0x/subproviders > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > lodash
+    - eth-saddle > @compound-finance/sol-coverage > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @compound-finance/sol-coverage > lodash
+    - eth-saddle > @0x/subproviders > @0x/assert > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > @0x/assert > lodash
+    - eth-saddle > @0x/subproviders > @0x/utils > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > @0x/utils > lodash
+    - eth-saddle > @0x/subproviders > @0x/web3-wrapper > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > @0x/web3-wrapper > lodash
+    - eth-saddle > @0x/subproviders > @ledgerhq/hw-transport-node-hid > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > @ledgerhq/hw-transport-node-hid >
+          lodash
+    - eth-saddle > @compound-finance/sol-coverage > @0x/subproviders > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage > @0x/subproviders >
+          lodash
+    - eth-saddle > @compound-finance/sol-coverage > @compound-finance/sol-tracing-utils > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage >
+          @compound-finance/sol-tracing-utils > lodash
+    - eth-saddle > @0x/subproviders > @0x/assert > @0x/utils > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > @0x/assert > @0x/utils > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > async > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > ganache-core > async > lodash
+    - eth-saddle > @compound-finance/sol-coverage > @0x/subproviders > @0x/assert > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage > @0x/subproviders >
+          @0x/assert > lodash
+    - eth-saddle > @compound-finance/sol-coverage > @0x/subproviders > @0x/web3-wrapper > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage > @0x/subproviders >
+          @0x/web3-wrapper > lodash
+    - eth-saddle > @compound-finance/sol-coverage > @compound-finance/sol-tracing-utils > @0x/dev-utils > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage >
+          @compound-finance/sol-tracing-utils > @0x/dev-utils > lodash
+    - eth-saddle > @compound-finance/sol-coverage > @compound-finance/sol-tracing-utils > @0x/sol-compiler > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage >
+          @compound-finance/sol-tracing-utils > @0x/sol-compiler > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > ethereumjs-block > async > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > ethereumjs-block >
+          async > lodash
+    - eth-saddle > @compound-finance/sol-coverage > @0x/subproviders > @0x/assert > @0x/utils > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage > @0x/subproviders >
+          @0x/assert > @0x/utils > lodash
+    - eth-saddle > @compound-finance/sol-coverage > @compound-finance/sol-tracing-utils > @0x/sol-compiler > @0x/sol-resolver > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @compound-finance/sol-coverage >
+          @compound-finance/sol-tracing-utils > @0x/sol-compiler >
+          @0x/sol-resolver > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babel-preset-env >
+          babel-plugin-transform-es2015-block-scoping > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babelify > babel-core > lodash
+    - eth-saddle > jest > jest-cli > @jest/core > @jest/reporters > @jest/environment > @jest/transform > @babel/core > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > jest > jest-cli > @jest/core > @jest/reporters >
+          @jest/environment > @jest/transform > @babel/core > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-classes > babel-helper-define-map > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babel-preset-env >
+          babel-plugin-transform-es2015-classes > babel-helper-define-map >
+          lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-sticky-regex > babel-helper-regex > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babel-preset-env >
+          babel-plugin-transform-es2015-sticky-regex > babel-helper-regex >
+          lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-generator > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babelify > babel-core >
+          babel-generator > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-register > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babelify > babel-core >
+          babel-register > lodash
+    - eth-saddle > jest > jest-cli > @jest/core > @jest/reporters > @jest/environment > @jest/transform > @babel/core > @babel/generator > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > jest > jest-cli > @jest/core > @jest/reporters >
+          @jest/environment > @jest/transform > @babel/core > @babel/generator >
+          lodash
+    - eth-saddle > jest > jest-cli > @jest/core > @jest/reporters > @jest/environment > @jest/transform > @babel/core > @babel/generator > @babel/types > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > jest > jest-cli > @jest/core > @jest/reporters >
+          @jest/environment > @jest/transform > @babel/core > @babel/generator >
+          @babel/types > lodash
+    - eth-saddle > jest > jest-cli > @jest/core > @jest/reporters > @jest/environment > @jest/transform > @babel/core > @babel/helpers > @babel/traverse > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > jest > jest-cli > @jest/core > @jest/reporters >
+          @jest/environment > @jest/transform > @babel/core > @babel/helpers >
+          @babel/traverse > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-async-to-generator > babel-helper-remap-async-to-generator > babel-helper-function-name > babel-template > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babel-preset-env >
+          babel-plugin-transform-async-to-generator >
+          babel-helper-remap-async-to-generator > babel-helper-function-name >
+          babel-template > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-async-to-generator > babel-helper-remap-async-to-generator > babel-helper-function-name > babel-helper-get-function-arity > babel-types > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babel-preset-env >
+          babel-plugin-transform-async-to-generator >
+          babel-helper-remap-async-to-generator > babel-helper-function-name >
+          babel-helper-get-function-arity > babel-types > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-async-to-generator > babel-helper-remap-async-to-generator > babel-helper-function-name > babel-template > babel-traverse > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: >-
+          eth-saddle > @0x/subproviders > ganache-core > web3-provider-engine >
+          eth-block-tracker > json-rpc-engine > babel-preset-env >
+          babel-plugin-transform-async-to-generator >
+          babel-helper-remap-async-to-generator > babel-helper-function-name >
+          babel-template > babel-traverse > lodash
+    - eth-saddle > @0x/subproviders > ganache-core > lodash:
+        patched: '2025-03-08T23:32:45.853Z'
+        id: SNYK-JS-LODASH-567746
+        path: eth-saddle > @0x/subproviders > ganache-core > lodash
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.
diff --git a/package.json b/package.json
@@ -14,7 +14,9 @@
     "report": "npx run ./script/saddle/gasReport.js",
     "test": "./script/test",
     "test:prepare": "NO_RUN=true ./script/test",
-    "checksize": "npx run ./script/saddle/comptrollerSize.js"
+    "checksize": "npx run ./script/saddle/comptrollerSize.js",
+    "prepare": "yarn run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "repository": "git@github.com:compound-finance/compound-protocol.git",
   "author": "Compound Finance",
@@ -29,10 +31,13 @@
   },
   "dependencies": {
     "@solidity-parser/parser": "^0.13.2",
-    "eth-saddle": "^0.1.25"
+    "eth-saddle": "^0.1.25",
+    "lodash": "^4.17.21",
+    "@snyk/protect": "latest"
   },
   "resolutions": {
     "scrypt.js": "https://registry.npmjs.org/@compound-finance/ethereumjs-wallet/-/ethereumjs-wallet-0.6.3.tgz",
     "**/ganache-core": "github:compound-finance/ganache-core.git#jflatow/unbreak-fork"
-  }
+  },
+  "snyk": true
 }