semgrep-code-mystenlabs[bot] comments

Results 7 comments of


                                            semgrep-code-mystenlabs[bot]

sui cli: upstream sui-client-gen

Semgrep found **3** [`ssc-efa14576-9601-4ae6-939c-3da58aa25013`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-efa14576-9601-4ae6-939c-3da58aa25013&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) findings: * examples/trading/frontend/pnpm-lock.yaml * [L4700](https://github.com/MystenLabs/sui/blob/5e7f45499967492b4db45bfbd7bce7854eef239c/examples/trading/frontend/pnpm-lock.yaml#L4700) - [Triage](https://semgrep.dev/orgs/mysten-labs/supply-chain/findings/71083128) * pnpm-lock.yaml * [L25759](https://github.com/MystenLabs/sui/blob/5e7f45499967492b4db45bfbd7bce7854eef239c/pnpm-lock.yaml#L25759) - [Triage](https://semgrep.dev/orgs/mysten-labs/supply-chain/findings/71083130) * [L25796](https://github.com/MystenLabs/sui/blob/5e7f45499967492b4db45bfbd7bce7854eef239c/pnpm-lock.yaml#L25796) - [Triage](https://semgrep.dev/orgs/mysten-labs/supply-chain/findings/71083129) **Risk**: Affected versions of vite are vulnerable to Improper...

[WIP][DRAFT] Helm charts for deploying RPC2 infra

Semgrep found **1** [`ssc-5a557c33-4191-4714-a574-8efb44cf209b`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-5a557c33-4191-4714-a574-8efb44cf209b&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) finding: * pnpm-lock.yaml * [L16885](https://github.com/MystenLabs/sui/blob/a167808997a597c9c1d41eff48a7ad7bb386e8e7/pnpm-lock.yaml#L16885) **Risk**: Affected version of get-func-name is vulnerable to Uncontrolled Resource Consumption / Inefficient Regular Expression Complexity. The current regex implementation for...

Bridge Indexer Eth Idempotency

Semgrep found **1** [`ssc-efa14576-9601-4ae6-939c-3da58aa25013`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-efa14576-9601-4ae6-939c-3da58aa25013&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) finding: * examples/trading/frontend/pnpm-lock.yaml * [L4700](https://github.com/MystenLabs/sui/blob/d19d4fb22c6c8f522ec6a80ee10a55d6ce4af92c/examples/trading/frontend/pnpm-lock.yaml#L4700) **Risk**: Affected versions of vite are vulnerable to Improper Handling Of Case Sensitivity / Exposure Of Sensitive Information To An Unauthorized...

Adds multi-commit checkpoint batching in Sui.

Semgrep found **1** [`ssc-efa14576-9601-4ae6-939c-3da58aa25013`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-efa14576-9601-4ae6-939c-3da58aa25013&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) finding: * examples/trading/frontend/pnpm-lock.yaml * [L4700](https://github.com/MystenLabs/sui/blob/51b146f76410ff2ae9ae41f98df3bc6080abb2aa/examples/trading/frontend/pnpm-lock.yaml#L4700) **Risk**: Affected versions of vite are vulnerable to Improper Handling Of Case Sensitivity / Exposure Of Sensitive Information To An Unauthorized...

Update keypairs.mdx

Semgrep found **1** [`ssc-5a557c33-4191-4714-a574-8efb44cf209b`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-5a557c33-4191-4714-a574-8efb44cf209b&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) finding: * pnpm-lock.yaml * [L16887](https://github.com/MystenLabs/sui/blob/f611bdf1beb43ea95507d9c04241bc8c6c177809/pnpm-lock.yaml#L16887) **Risk**: Affected version of get-func-name is vulnerable to Uncontrolled Resource Consumption / Inefficient Regular Expression Complexity. The current regex implementation for...

[indexer] use in memory buffer to store obj changes and update snapsh…

Semgrep found **1** [`ssc-efa14576-9601-4ae6-939c-3da58aa25013`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-efa14576-9601-4ae6-939c-3da58aa25013&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) finding: * examples/trading/frontend/pnpm-lock.yaml * [L4700](https://github.com/MystenLabs/sui/blob/d7e071004f62a57be8463d397a7bb22539506c25/examples/trading/frontend/pnpm-lock.yaml#L4700) **Risk**: Affected versions of vite are vulnerable to Improper Handling Of Case Sensitivity / Exposure Of Sensitive Information To An Unauthorized...

Update Trustless Swap guide

Semgrep found **1** [`ssc-efa14576-9601-4ae6-939c-3da58aa25013`](https://semgrep.dev/orgs/-/supply-chain/advisories?q=ssc-efa14576-9601-4ae6-939c-3da58aa25013&utm_campaign=finding_notification&utm_medium=review_comment&utm_source=github&utm_content=rule) finding: * examples/trading/frontend/pnpm-lock.yaml * [L4700](https://github.com/MystenLabs/sui/blob/016a9aea6cab7c90e082df3c13a9fe29ff816bd5/examples/trading/frontend/pnpm-lock.yaml#L4700) - [Triage](https://semgrep.dev/orgs/mysten-labs/supply-chain/findings/70588081) **Risk**: Affected versions of vite are vulnerable to Improper Handling Of Case Sensitivity / Exposure Of Sensitive Information To...