Redact secrets from service logs#68
Conversation
|
Someone is attempting to deploy a commit to the karagoz's projects Team on Vercel. A member of the Team first needs to authorize it. |
|
@fredericklamar342-prog Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
|
Thanks for the log redaction PR. I ran checks across the packages this changes. What passes:
Blocking issue before merge:
This PR changes pnpm --filter @oversync/relayer test |
The endpoint was implemented in OrderService.getTransitions() and the repo layer but was never wired up in the Express router. This caused two CI test failures in order-transitions.test.ts with 404 responses. Route is placed before the generic GET /orders/:id handler to ensure Express matches the more-specific path first.
The endpoint was implemented in OrderService.getTransitions() and the repo layer but was never wired up in the Express router. This caused two CI test failures in order-transitions.test.ts with 404 responses. Route is placed before the generic GET /orders/:id handler to ensure Express matches the more-specific path first.
soroban-env-host 22.1.3 (pinned by soroban-sdk 22.0.11) uses ed25519-dalek 3.0.0 + rand_core 0.10.1. On Rust >= 1.82 the rand_core 0.10 CryptoRng trait bound changed, breaking the SigningKey::generate signature with: error[E0277]: the trait bound \&mut R: rand::CryptoRng\ is not satisfied Fixes: - Add soroban/rust-toolchain.toml pinned to 1.81.0 - Update CI to use dtolnay/rust-toolchain@master with explicit toolchain=1.81.0 so the pin takes effect on the runner - Revert workspace soroban-sdk back to 22.0.11 (no patch needed)
soroban-env-host 22.1.3 resolves ed25519-dalek to 3.0.0 by default, which pulls in rand_core 0.10.1. On stable Rust, this causes a trait bound mismatch (error[E0277]: the trait bound \&mut R: rand::CryptoRng\ is not satisfied). Downgrading ed25519-dalek to 2.2.0 entirely eliminates rand_core 0.10.1 from the tree. Since Cargo.lock was previously gitignored, CI was ignoring our downgrades and resolving dependencies fresh to the broken 3.0.0. Committing Cargo.lock fixes this and guarantees reproducible builds for the contracts.
Compiling stellar-cli from source via cargo install takes ~20 minutes, causing the CI to hang 'In progress' for a long time. Furthermore, recent Rust updates break the source compilation of older CLI versions, causing it to fail silently (due to || true) and crash the subsequent build steps. Using the pre-built Linux binary executes in ~2 seconds and guarantees stability.
Stellar contract builds require wasm32v1-none (Rust >= 1.84). The prior workflow removed that target and extracted the CLI tarball from a path that does not exist in the release archive.
Pinning to exactly 1.84.0 breaks compilation because several dependencies (like time-core 0.1.9) require edition2024, which is only stabilized in Rust 1.85.0. By using stable (which is >=1.85.0 on ubuntu-latest), we get both edition2024 support and the wasm32v1-none target required by stellar contract builds.
closes #52