Merge develop into main branch (B2CA-2522)#69
Merged
tdejoigny-ledger merged 28 commits intomainfrom Feb 4, 2026
Merged
Conversation
Audit improvements
Addresses whitespace inconsistencies in the chain configuration array for improved code readability.
Improves the hex escape sequence handling in text translation for better resource management. Specifically, it defines constants for the escape sequence length and the required buffer size for `snprintf` to prevent buffer overflows.
Improves app stability and adds Core chain support
Updates app version and chain configurations
* Validates address response length. Ensures address response contains sufficient data to prevent potential errors. It performs address validation before parsing, enhancing application stability and security. * Increments patch version and updates snapshots Increments the patch version in Makefile.version. Updates Zemu test snapshots to reflect UI changes. The snapshot `00010.png` has been renamed to `00004.png` in several test suites.
…s#184) * Fixes out-of-bounds access in JSON parser Corrects boundary checks in array and object access functions to prevent potential out-of-bounds reads when accessing JSON tokens. The condition `token_index > json->numberOfTokens` is replaced with `token_index >= json->numberOfTokens` to ensure that the last valid token can be accessed. * Fixes bounds check in translation function Corrects a bounds check in the translation function to prevent potential out-of-bounds access. The previous implementation was using the destination length incorrectly, leading to a faulty check. It now uses the current count, ensuring accurate validation. * Grants write permissions for release creation Adds write permissions to the workflow for `contents`. This enables the workflow to create releases, which is required for automatically publishing new versions of the application.
Improve Security Checks
Wiz Scan Summary
To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.