js-stellar-sdk optional simulate & wallet, editable TransactionBuilder

Remove TimeoutInfinite, instead allowing people to set a timeoutInSeconds when they initialize an AssembledTransaction. Default: 10.
No more wallet parameter. Instead, you pass:
- publicKey – Will be used to construct the Account object that is used as the source of the transaction. Can be undefined, which means the null account will be used. Can be a string or, to ease operation with Freighter and other async-key-lookup in browser wallets, a promise of a string.
- signTransaction: matches the signTransaction signature from Freighter. Can be left blank when you initialize the ContractClient and only provided at the time that you call signAndSend({ signTransaction: (...) => { ... } })
- signAuthEntry: matches the signAuthEntry signature from Freighter. Can also be left initially blank, but is needed if/when you call signAuthEntries.
You can now pass simulate: false when first creating your transaction to skip simulation. You can then modify the transaction using the TransactionBuilder at tx.raw before manually calling simulate. Example:
```
const tx = await myContract.myMethod(
  { args: 'for', my: 'method', ... },
  { simulate: false }
);
tx.raw.addMemo(Memo.text('Nice memo, friend!'))
await tx.simulate();
```
Make .simulation getter public
Error types are now collected under AssembledTransaction.Errors and SentTransaction.Errors.
Move ContractClient, AssembledTransaction to separate entrypoints, so that they are not included in the global API or bundle size, but can still be packaged together with all the related stellar-sdk logic.
Export ExampleNodeWallet from its own entrypoint, rather than hiding this logic entirely in the tests. @kalepail found this useful enough that he thought it would be worth exporting so other people can use it in their Node apps.

Feb 07 '24 21:02 chadoh

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Non OSI license	npm/[email protected]	License: CC-BY-4.0	`package.json`

View full report↗︎

Next steps

What is a non OSI license?

(Experimental) Package has a non-OSI-approved license.

Consider the terms of the license for your given use case.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/[email protected]

Feb 22 '24 16:02 socket-security[bot]

@Shaptic I still don't have write access to this repository—could you merge if you approve? @kalepail you might also be able to merge?

Mar 05 '24 16:03 chadoh

I don't feel comfortable merging as I'm not reviewing code as much as functionality. I'll leave that for @Shaptic

Mar 05 '24 16:03 kalepail

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+85`	12.5 MB	nicolo-ribaudo
npm/@babel/[email protected]	environment, filesystem, unsafe Transitive: shell	`+52`	10.8 MB	nicolo-ribaudo
npm/@babel/[email protected]	unsafe Transitive: environment, eval, filesystem, shell	`+147`	21.7 MB	nicolo-ribaudo
npm/@babel/[email protected]	Transitive: environment, filesystem, shell, unsafe	`+58`	11.2 MB	nicolo-ribaudo
npm/@babel/[email protected]	None	`0`	1.88 MB	nicolo-ribaudo
npm/@babel/[email protected]	environment Transitive: filesystem, shell, unsafe	`+161`	15.3 MB	nicolo-ribaudo
npm/@babel/[email protected]	Transitive: environment	`+15`	4.59 MB	nicolo-ribaudo
npm/@babel/[email protected]	environment	`+3`	2.49 MB	nicolo-ribaudo
npm/@definitelytyped/[email protected]	environment, filesystem Transitive: eval, network, shell, unsafe	`+320`	449 MB	definitelytyped-publisher
npm/@jridgewell/[email protected]	None	`+2`	265 kB	jridgewell
npm/@stellar/[email protected]	Transitive: environment, filesystem	`+12`	9.3 MB	stellar-npm-ci
npm/@types/[email protected]	None	`+2`	243 kB	types
npm/@types/[email protected]	None	`+1`	4.07 MB	types
npm/@typescript-eslint/[email protected]	Transitive: environment, eval, filesystem, shell, unsafe	`+114`	13.7 MB	jameshenry
npm/@typescript-eslint/[email protected]	None	`0`	156 kB	jameshenry
npm/@typescript-eslint/[email protected]	Transitive: environment, filesystem	`+33`	2.67 MB	jameshenry
npm/@typescript-eslint/[email protected]	Transitive: environment, eval, filesystem, shell, unsafe	`+116`	14.1 MB	jameshenry
npm/[email protected]	Transitive: eval	`+12`	245 kB	ljharb
npm/[email protected]	None	`0`	20.4 kB	ljharb
npm/[email protected]	network Transitive: environment, filesystem	`+8`	2.21 MB	jasonsaayman
npm/[email protected]	environment, filesystem Transitive: shell	`+6`	2.37 MB	ai
npm/[email protected]	Transitive: eval	`+10`	214 kB	ljharb
npm/[email protected]	None	`+7`	923 kB	keithamus
npm/[email protected]	environment, filesystem	`+14`	531 kB	paulmillr
npm/[email protected]	Transitive: environment, filesystem, shell	`+7`	3.06 MB	zloirock
npm/[email protected]	Transitive: eval	`+8`	173 kB	ljharb
npm/[email protected]	None	`0`	12.3 kB	ljharb
npm/[email protected]	network	`0`	29.4 kB	rubenverborgh
npm/[email protected]	eval	`+5`	124 kB	ljharb
npm/[email protected]	None	`+1`	38.2 kB	ljharb
npm/[email protected]	None	`0`	51.5 kB	kael
npm/[email protected]	Transitive: eval	`+11`	232 kB	ljharb
npm/[email protected]	Transitive: eval	`+16`	359 kB	ljharb
npm/[email protected]	environment Transitive: eval, filesystem, network, unsafe	`+9`	4.44 MB	pateketrueke
npm/[email protected]	filesystem Transitive: environment, eval, network, shell, unsafe	`+90`	21.5 MB	evilebottnawi
npm/[email protected]	Transitive: environment, filesystem, shell	`+53`	2.47 MB	okonet
npm/[email protected]	environment, eval, filesystem	`+62`	4.29 MB	joshuakgoldberg
npm/[email protected]	environment, filesystem, unsafe	`0`	8.39 MB	prettier-bot
npm/[email protected]	environment, filesystem, network, unsafe Transitive: eval, shell	`+76`	19.5 MB	evilebottnawi
npm/[email protected]	Transitive: eval	`+15`	336 kB	ljharb

View full report↗︎

Mar 05 '24 19:03 socket-security[bot]

@chadoh lmk if you'd rather I merge this and you resolve feedback in a later PR! doesn't matter to me

Mar 06 '24 00:03 Shaptic

@Shaptic ok, I addressed all your feedback here. I think this is ready to merge to bindings. I'll then open a PR from bindings back to master—I think it's probably good enough to get it merged! I really want to remove the stale logic that's hard-coded into TS Bindings and rely on this instead.

Mar 06 '24 20:03 chadoh

Thanks, @Shaptic! You'll have to merge, as I do not have permission.

Mar 07 '24 01:03 chadoh

js-stellar-sdk js-stellar-sdk copied to clipboard

optional simulate & wallet, editable TransactionBuilder

Next steps

js-stellar-sdk
js-stellar-sdk copied to clipboard