Skip to content

Commit 00248ec

Browse files
aopoltorzhickyaopoltorzhicky
committed
Security alert
1 parent 59d2ecb commit 00248ec

File tree

4 files changed

+6
-10
lines changed

4 files changed

+6
-10
lines changed

config/config.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ import (
66

77
"github.com/go-playground/validator/v10"
88
"github.com/pkg/errors"
9-
"gopkg.in/yaml.v2"
9+
"gopkg.in/yaml.v3"
1010
)
1111

1212
// Config

go.mod

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ require (
2020
github.com/yhirose/go-peg v0.0.0-20210804202551-de25d6753cf1
2121
golang.org/x/crypto v0.0.0-20211202192323-5770296d904e
2222
golang.org/x/text v0.3.7
23-
gopkg.in/yaml.v2 v2.4.0
23+
gopkg.in/yaml.v3 v3.0.0
2424
gorm.io/driver/mysql v1.2.1
2525
gorm.io/driver/postgres v1.2.3
2626
gorm.io/driver/sqlite v1.2.6
@@ -64,6 +64,5 @@ require (
6464
github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
6565
golang.org/x/sys v0.0.0-20211205182925-97ca703d548d // indirect
6666
google.golang.org/protobuf v1.26.0-rc.1 // indirect
67-
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
6867
mellium.im/sasl v0.2.1 // indirect
6968
)

go.sum

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -431,12 +431,12 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
431431
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
432432
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
433433
gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
434+
gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
434435
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
435-
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
436-
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
437436
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
438-
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
439437
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
438+
gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA=
439+
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
440440
gorm.io/driver/mysql v1.2.1 h1:h+3f1l9Ng2C072Y2tIiLgPpWN78r1KXL7bHJ0nTjlhU=
441441
gorm.io/driver/mysql v1.2.1/go.mod h1:qsiz+XcAyMrS6QY+X3M9R6b/lKM1imKmcuK9kac5LTo=
442442
gorm.io/driver/postgres v1.2.3 h1:f4t0TmNMy9gh3TU2PX+EppoA6YsgFnyq8Ojtddb42To=

tzkt/api/api.go

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -151,14 +151,11 @@ func (tzkt *API) auth(request *http.Request) error {
151151
if tzkt.privateKey == "" || tzkt.user == "" {
152152
return errors.Errorf("you have to set auth data")
153153
}
154-
155-
nonce := time.Now().UnixMilli()
156154
key, err := crypto.NewKeyFromBase58(tzkt.privateKey)
157155
if err != nil {
158156
return err
159157
}
160-
161-
nonceString := fmt.Sprintf("%d", nonce)
158+
nonceString := fmt.Sprintf("%d", time.Now().UTC().UnixMilli())
162159

163160
sign, err := key.Sign([]byte(nonceString))
164161
if err != nil {

0 commit comments

Comments
 (0)