docs: describe potential length extension attack when using MiMC in-c… #428
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- 'master' | |
name: push_master | |
jobs: | |
staticcheck: | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21.x | |
- name: install deps | |
run: go install golang.org/x/tools/cmd/goimports@latest && go install github.com/klauspost/asmfmt/cmd/asmfmt@latest | |
- name: gofmt | |
run: if [[ -n $(gofmt -l .) ]]; then echo "please run gofmt"; exit 1; fi | |
- name: generated files should not be modified | |
run: | | |
go generate ./... | |
git update-index --assume-unchanged go.mod | |
git update-index --assume-unchanged go.sum | |
if [[ -n $(git status --porcelain) ]]; then echo "git repo is dirty after running go generate -- please don't modify generated files"; echo $(git diff);echo $(git status --porcelain); exit 1; fi | |
# hack to ensure golanglint process generated files | |
- name: remove "generated by" comments from generated files | |
run: | | |
find . -type f -name '*.go' -exec sed -i 's/Code generated by .* DO NOT EDIT/FOO/g' {} \; | |
# on macos: find . -type f -name '*.go' -exec sed -i '' -E 's/Code generated by .* DO NOT EDIT/FOO/g' {} \; | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
version: v1.54 | |
args: -v --timeout=5m | |
skip-pkg-cache: true | |
test: | |
strategy: | |
matrix: | |
go-version: [1.21.x] | |
os: [ubuntu-22.04-16core, windows-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
needs: | |
- staticcheck | |
steps: | |
- name: checkout code | |
uses: actions/checkout@v4 | |
- name: install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ matrix.go-version }} | |
- name: install deps | |
run: | | |
go install golang.org/x/tools/cmd/goimports@latest && go install github.com/klauspost/asmfmt/cmd/asmfmt@latest | |
go install github.com/ethereum/go-ethereum/cmd/[email protected] | |
- name: install solc deps | |
if: startsWith(matrix.os, 'ubuntu') == true | |
run: | | |
go install github.com/consensys/gnark-solidity-checker@latest | |
sudo add-apt-repository ppa:ethereum/ethereum | |
sudo apt-get update | |
sudo apt-get install solc | |
- name: Test (windows / mac) | |
# on macOS CI / Windows CI we avoid running the std/ tests (they are run on ubuntu CI) | |
if: startsWith(matrix.os, 'ubuntu') == false | |
run: | | |
go test -tags=release_checks -v -timeout=60m . | |
- name: Test (ubuntu - race and solc) | |
if: startsWith(matrix.os, 'ubuntu') == true | |
run: | | |
go test -v -p 4 -short -timeout=30m ./... | |
go test -v -p 4 -timeout=120m -tags=release_checks ./std/math/emulated/... | |
go test -v -p 4 -timeout=120m -tags=release_checks ./std/lookup/... | |
go test -v -p 4 -tags=release_checks,solccheck . | |
go test -v -p 4 -timeout=50m -tags=release_checks -race ./examples/cubic/... | |
go test -v -p 4 -timeout=50m -tags=release_checks -short -race ./test/... | |
go test -v -run=NONE -fuzz=FuzzIntcomp -fuzztime=30s ./internal/backend/ioutils | |
slack-workflow-status-failed: | |
if: failure() | |
name: post workflow status to slack | |
needs: | |
- staticcheck | |
- test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Notify slack -- workflow failed | |
id: slack | |
uses: slackapi/[email protected] | |
with: | |
payload: | | |
{ | |
"actor": "${{ github.actor }}", | |
"repo": "${{ github.repository }}", | |
"status": "FAIL", | |
"title": "push to master ⚠", | |
"pr": "", | |
"failed_step_url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}/", | |
"message": "" | |
} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
slack-workflow-status-success: | |
if: success() | |
name: post workflow status to slack | |
needs: | |
- staticcheck | |
- test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Notify slack -- workflow succeeded | |
id: slack | |
uses: slackapi/[email protected] | |
with: | |
payload: | | |
{ | |
"actor": "${{ github.actor }}", | |
"repo": "${{ github.repository }}", | |
"status": "SUCCESS", | |
"title": "push to master ✅", | |
"pr": "" | |
} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_SUCCESS }} |