From 676f097ebd66d81459c4bd3d8a77349b761d69d5 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 2 Oct 2025 17:24:43 +0700 Subject: [PATCH 1/7] Create cargo.yml (#31) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .circleci/cargo.yml | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .circleci/cargo.yml diff --git a/.circleci/cargo.yml b/.circleci/cargo.yml new file mode 100644 index 0000000000..8f97737097 --- /dev/null +++ b/.circleci/cargo.yml @@ -0,0 +1,37 @@ +version: 2.1 + +jobs: + build-and-test: + docker: + - image: cimg/rust:1.90.0 + steps: + - checkout + - restore_cache: + keys: + - v1-cargo-{{ checksum "Cargo.lock" }} + - v1-cargo- + - run: + name: "Check formatting" + command: cargo fmt -- --check + - run: + name: "Run tests" + command: cargo test + - save_cache: + key: v1-cargo-{{ checksum "Cargo.lock" }} + paths: + - "~/.cargo/bin" + - "~/.cargo/registry/index" + - "~/.cargo/registry/cache" + - "~/.cargo/git/db" + - "target" + - run: + name: "Check formatting" + command: cargo fmt -- --check + - run: + name: "Run tests" + command: cargo test + +workflows: + ci: + jobs: + - build-and-test From 0f3460472147ac199b9de182754bd2061b9f003d Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 2 Oct 2025 19:49:42 +0700 Subject: [PATCH 2/7] Create web3_defi_gamefi.yml (#33) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .circleci/web3_defi_gamefi.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 .circleci/web3_defi_gamefi.yml diff --git a/.circleci/web3_defi_gamefi.yml b/.circleci/web3_defi_gamefi.yml new file mode 100644 index 0000000000..edb6605e3f --- /dev/null +++ b/.circleci/web3_defi_gamefi.yml @@ -0,0 +1,26 @@ +# Use the latest 2.1 version of CircleCI pipeline process engine. +# See: https://circleci.com/docs/configuration-reference + +version: 2.1 +executors: + my-custom-executor: + docker: + - image: cimg/base:stable + auth: + # ensure you have first added these secrets + # visit app.circleci.com/settings/project/github/Dargon789/foundry/environment-variables + username: $DOCKER_HUB_USER + password: $DOCKER_HUB_PASSWORD +jobs: + web3-defi-game-project-: + + executor: my-custom-executor + steps: + - checkout + - run: | + # echo Hello, World! + +workflows: + my-custom-workflow: + jobs: + - web3-defi-game-project- From 670a7aebbe4a4fca85e4f15da3cab86f74a29fd3 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 2 Oct 2025 23:46:54 +0700 Subject: [PATCH 3/7] Create SECURITY.md (#34) * Create SECURITY.md Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --- SECURITY.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..36a9e38519 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,23 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +We take all security bugs in Mempool seriously. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions. + +To report a security vulnerability, please use the [GitHub Security Advisory "Report a Vulnerability"](https://github.com/mempool/mempool/security/advisories/new) feature. + +Alternatively, you can email us at security@mempool.space. + +You should receive a response within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity. From 3669d247679cc2cf1b8a71ad061250383a3160f3 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Fri, 3 Oct 2025 00:25:40 +0700 Subject: [PATCH 4/7] Create static.yml (#36) * Summary by Sourcery Add a new GitHub Actions workflow to build and deploy static content to GitHub Pages. CI: Create .github/workflows/static.yml to trigger deployments on pushes to main and manual dispatch Configure permissions for GITHUB_TOKEN and set concurrency to avoid canceling in-progress runs Define a deploy job that checks out the repo, configures Pages, uploads the site artifact, and deploys to GitHub Pages Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .github/workflows/static.yml | 43 ++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/static.yml diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml new file mode 100644 index 0000000000..f2c9e97c91 --- /dev/null +++ b/.github/workflows/static.yml @@ -0,0 +1,43 @@ +# Simple workflow for deploying static content to GitHub Pages +name: Deploy static content to Pages + +on: + # Runs on pushes targeting the default branch + push: + branches: ["main"] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +permissions: + contents: read + pages: write + id-token: write + +# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. +# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. +concurrency: + group: "pages" + cancel-in-progress: false + +jobs: + # Single deploy job since we're just deploying + deploy: + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Pages + uses: actions/configure-pages@v5 + - name: Upload artifact + uses: actions/upload-pages-artifact@v3 + with: + # Upload entire repository + path: '.' + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@v4 From ad92bade3f6ecd1b7646a76734f76c47f6c873a4 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Fri, 3 Oct 2025 00:49:54 +0700 Subject: [PATCH 5/7] Potential fix for code scanning alert no. 33: Client-side cross-site scripting (#39) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- frontend/src/app/shared/common.utils.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/src/app/shared/common.utils.ts b/frontend/src/app/shared/common.utils.ts index 9b53600c12..5111e34846 100644 --- a/frontend/src/app/shared/common.utils.ts +++ b/frontend/src/app/shared/common.utils.ts @@ -230,7 +230,7 @@ export function handleDemoRedirect(route: ActivatedRoute, router: Router) { const index = path.indexOf(params.next); if (index >= 0) { const nextPath = path[(index + 1) % path.length]; - setTimeout(() => { window.location.replace(`${params.next}?next=${nextPath}`) }, 15000); + setTimeout(() => { window.location.replace(`${path[index]}?next=${nextPath}`) }, 15000); } } } From 460fc59d8d8914f5b139e157ca5112a466457826 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Fri, 3 Oct 2025 05:48:48 +0700 Subject: [PATCH 6/7] Potential fix for code scanning alert no. 8: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .github/workflows/jekyll-docker.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/jekyll-docker.yml b/.github/workflows/jekyll-docker.yml index 60e57369de..20f49496f5 100644 --- a/.github/workflows/jekyll-docker.yml +++ b/.github/workflows/jekyll-docker.yml @@ -1,4 +1,6 @@ name: Jekyll site CI +permissions: + contents: read on: push: From 74432d9d3229ba3e975dcc847b4f5e0e94bbb24d Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Fri, 3 Oct 2025 05:50:33 +0700 Subject: [PATCH 7/7] Update .circleci/web3_defi_gamefi.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .circleci/web3_defi_gamefi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/web3_defi_gamefi.yml b/.circleci/web3_defi_gamefi.yml index edb6605e3f..08a4618245 100644 --- a/.circleci/web3_defi_gamefi.yml +++ b/.circleci/web3_defi_gamefi.yml @@ -18,7 +18,7 @@ jobs: steps: - checkout - run: | - # echo Hello, World! + echo "CircleCI job started in working directory: $(pwd)" workflows: my-custom-workflow: