Merge branch 'main' into plat-5507-enable-use-of-relayer-signer-packa…

…ge-without-specifying
OpenZeppelin · Oct 28, 2024 · c3d8132 · c3d8132
2 parents 5c77c63 + 1a78fad
commit c3d8132
Show file tree

Hide file tree

Showing 40 changed files with 890 additions and 2,225 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -24,7 +24,7 @@ jobs:
         egress-policy: audit
 
     - name: Checkout
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
 
     - name: Prepare pre-requisites
       uses: ./.github/actions/prepare

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -54,7 +54,7 @@ jobs:
         egress-policy: audit
 
     - name: Checkout repository
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -22,6 +22,6 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
     - name: Checkout
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
 
     - name: Prepare pre-requisites
       uses: ./.github/actions/prepare

diff --git a/.github/workflows/publish-snapshot.yml b/.github/workflows/publish-snapshot.yml
@@ -14,7 +14,7 @@ permissions:
 
 jobs:
   provenance:
-    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml@v1.10.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml@v2.0.0
     with:
       run-scripts: "install-pnpm, install-deps, style, nx-build-skip-cache, nx-test-skip-cache, skip-lib-ignore"
       node-version: "20.11.1"
@@ -33,7 +33,7 @@ jobs:
         uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16  # v4.1.8
 
       - name: Checkout Repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
         with:
           token: ${{ secrets.SAI_PAT }}
 
@@ -59,14 +59,14 @@ jobs:
           echo "path=${temp_dir}" >>"${GITHUB_OUTPUT}"
 
       - name: Download tarball
-        uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@934435652996c02a6317092984312602dfaf2a21 # main
+        uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@3bcecb4ade4f265cff30488059a9dca39e26b360 # main
         with:
           name: ${{ needs.provenance.outputs.package-download-name }}
           path: "${{ steps.temp-dir.outputs.path }}/${{ needs.provenance.outputs.package-name }}"
           sha256: ${{ needs.provenance.outputs.package-download-sha256 }}
 
       - name: Download provenance
-        uses: slsa-framework/slsa-github-generator/actions/nodejs/secure-attestations-download@0779f7bec68e2bf54a7b0a32bf4763f25ab29702 # v1.6.0
+        uses: slsa-framework/slsa-github-generator/actions/nodejs/secure-attestations-download@3bcecb4ade4f265cff30488059a9dca39e26b360 # v1.6.0
         with:
           name: ${{ needs.provenance.outputs.provenance-download-name }}
           path: "${{ steps.temp-dir.outputs.path }}"

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -19,7 +19,7 @@ permissions:
 
 jobs:
   provenance:
-    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml@v1.10.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml@v2.0.0
     with:
       run-scripts: "install-pnpm, install-deps, style, nx-build-skip-cache, nx-test-skip-cache, skip-lib-ignore"
       node-version: "20.11.1"
@@ -38,7 +38,7 @@ jobs:
         uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16  # v4.1.8
 
       - name: Checkout Repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
         with:
           token: ${{ secrets.SAI_PAT }}
 
@@ -64,14 +64,14 @@ jobs:
           echo "path=${temp_dir}" >>"${GITHUB_OUTPUT}"
 
       - name: Download tarball
-        uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@934435652996c02a6317092984312602dfaf2a21 # main
+        uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@3bcecb4ade4f265cff30488059a9dca39e26b360 # main
         with:
           name: ${{ needs.provenance.outputs.package-download-name }}
           path: "${{ steps.temp-dir.outputs.path }}/${{ needs.provenance.outputs.package-name }}"
           sha256: ${{ needs.provenance.outputs.package-download-sha256 }}
 
       - name: Download provenance
-        uses: slsa-framework/slsa-github-generator/actions/nodejs/secure-attestations-download@0779f7bec68e2bf54a7b0a32bf4763f25ab29702 # v1.6.0
+        uses: slsa-framework/slsa-github-generator/actions/nodejs/secure-attestations-download@3bcecb4ade4f265cff30488059a9dca39e26b360 # v1.6.0
         with:
           name: ${{ needs.provenance.outputs.provenance-download-name }}
           path: "${{ steps.temp-dir.outputs.path }}"
@@ -86,9 +86,6 @@ jobs:
           pnpm run install-deps
           pnpm nx-test-skip-cache
 
-      - name: Enable NPM PROVENANCE
-        run: echo "NPM_CONFIG_PROVENANCE=true" >> $GITHUB_ENV
-
       - name: Publish to NPM
         id: changesets
         uses: changesets/action@3de3850952bec538fde60aac71731376e57b9b57 # v1.4.8
@@ -100,6 +97,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_CONFIG_PROVENANCE: true
 
       - name: Generate SBOM
         uses: anchore/sbom-action@d94f46e13c6c62f59525ac9a1e147a99dc0b9bf5
@@ -110,7 +108,7 @@ jobs:
           upload-release-assets: false
 
       - name: Download Artifacts
-        uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
 
       - name: Upload attestations SLSA
         uses: actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -37,7 +37,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
         with:
           persist-credentials: false
 

diff --git a/.github/workflows/version-snapshot.yml b/.github/workflows/version-snapshot.yml
@@ -18,7 +18,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout Repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
         with:
           token: ${{ secrets.SAI_PAT }}
 

diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml
@@ -18,7 +18,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout Repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.5.4
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.5.4
         with:
           token: ${{ secrets.SAI_PAT }}
 

diff --git a/e2e/src/address-book.test.ts b/e2e/src/address-book.test.ts
@@ -0,0 +1,30 @@
+require('dotenv').config();
+import { Defender } from '@openzeppelin/defender-sdk';
+
+// Default timeout is not enough, using 15s timeout instead.
+jest.setTimeout(15 * 1000);
+
+describe('address-book', () => {
+  const addressBookClient = new Defender({
+    apiKey: process.env.API_KEY,
+    apiSecret: process.env.API_SECRET,
+  }).addressBook;
+
+  it('should list addresses', async () => {
+    const result = await addressBookClient.list();
+    expect(result).toBeDefined();
+  });
+
+  it('should create and delete an address', async () => {
+    const result = await addressBookClient.create({
+      address: '0x1234567890123456789012345678901234567890',
+      network: 'mainnet',
+      type: 'EOA',
+      alias: 'My Address',
+    });
+    expect(result.addressBookId).toBe('mainnet|0x1234567890123456789012345678901234567890');
+
+    const deleteResult = await addressBookClient.delete(result.addressBookId);
+    expect(deleteResult.message).toBe('mainnet|0x1234567890123456789012345678901234567890 deleted');
+  });
+});
diff --git a/e2e/src/approval-process.test.ts b/e2e/src/approval-process.test.ts
@@ -0,0 +1,17 @@
+require('dotenv').config();
+import { Defender } from '@openzeppelin/defender-sdk';
+
+// Default timeout is not enough, using 15s timeout instead.
+jest.setTimeout(15 * 1000);
+
+describe('Approval process', () => {
+  const approvalProcessClient = new Defender({
+    apiKey: process.env.API_KEY,
+    apiSecret: process.env.API_SECRET,
+  }).approvalProcess;
+
+  it('should list approval processes', async () => {
+    const result = await approvalProcessClient.list();
+    expect(result).toBeDefined();
+  });
+});
diff --git a/examples/address-book-actions/index.js b/examples/address-book-actions/index.js
@@ -0,0 +1,29 @@
+require('dotenv').config();
+
+const { Defender } = require('@openzeppelin/defender-sdk');
+
+async function main() {
+  const client = new Defender({
+    apiKey: process.env.API_KEY,
+    apiSecret: process.env.API_SECRET,
+  });
+
+  const addresses = await client.addressBook.list();
+  console.log('addresses:', addresses);
+
+  const created = await client.addressBook.create({
+    address: '0x1A8943463a20f55B8BC7a318dB77C4AEDBC3fae6',
+    name: 'My EOA Address',
+    network: 'sepolia',
+    type: 'EOA',
+    alias: 'Deployer EOA address',
+  });
+  console.log('created address:', created);
+
+  const deleteRes = await client.addressBook.delete(created.addressBookId);
+  console.log(deleteRes);
+}
+
+if (require.main === module) {
+  main().catch(console.error);
+}
diff --git a/examples/address-book-actions/package.json b/examples/address-book-actions/package.json
@@ -0,0 +1,15 @@
+{
+  "name": "@openzeppelin/defender-sdk-example-address-book-actions",
+  "version": "1.14.4",
+  "private": true,
+  "main": "index.js",
+  "author": "OpenZeppelin Defender <[email protected]>",
+  "license": "MIT",
+  "scripts": {
+    "start": "node index.js"
+  },
+  "dependencies": {
+    "@openzeppelin/defender-sdk": "1.15.0",
+    "dotenv": "^16.3.1"
+  }
+}
diff --git a/examples/create-approval-process/index.js b/examples/create-approval-process/index.js
@@ -0,0 +1,29 @@
+require('dotenv').config();
+
+const { Defender } = require('@openzeppelin/defender-sdk');
+
+async function main() {
+  const creds = { apiKey: process.env.API_KEY, apiSecret: process.env.API_SECRET };
+  const client = new Defender(creds);
+
+  const relayers = await client.relay.list();
+  let relayer = relayers.items.find((relayer) => relayer.network === 'sepolia');
+  if (!relayer) {
+    console.log('Relayer not found, creating one');
+    relayer = await client.relay.create({ name: 'My Testnet Relayer', network: 'sepolia', minBalance: 0 });
+  }
+
+  const approvalProcess = await client.approvalProcess.create({
+    name: 'My Approval Process 2',
+    network: 'sepolia',
+    via: relayer.address,
+    viaType: 'Relayer',
+    relayerId: relayer.relayerId,
+  });
+
+  console.log(approvalProcess);
+}
+
+if (require.main === module) {
+  main().catch(console.error);
+}
diff --git a/examples/create-approval-process/package.json b/examples/create-approval-process/package.json
@@ -0,0 +1,15 @@
+{
+  "name": "@openzeppelin/defender-sdk-example-create-approval-process",
+  "version": "1.15.0",
+  "private": true,
+  "main": "index.js",
+  "author": "OpenZeppelin Defender <[email protected]>",
+  "license": "MIT",
+  "scripts": {
+    "start": "node index.js"
+  },
+  "dependencies": {
+    "@openzeppelin/defender-sdk": "1.15.0",
+    "dotenv": "^16.3.1"
+  }
+}
diff --git a/examples/relayer-web3-provider/package.json b/examples/relayer-web3-provider/package.json
@@ -11,6 +11,6 @@
   "dependencies": {
     "@openzeppelin/defender-sdk-relay-signer-client": "1.15.0",
     "dotenv": "^16.3.1",
-    "web3": "^1.10.0"
+    "web3": "^4.14.0"
   }
 }
diff --git a/packages/action/src/models/action.ts b/packages/action/src/models/action.ts
@@ -5,6 +5,7 @@ export interface CreateActionRequest {
   trigger: {
     type: 'schedule' | 'webhook' | 'sentinel' | 'monitor-filter';
     frequencyMinutes?: number;
+    frequencySeconds?: number;
     cron?: string;
   };
   paused: boolean;
@@ -21,6 +22,7 @@ export interface UpdateActionRequest extends Omit<CreateActionRequest, 'encodedZ
 export interface ScheduleTrigger {
   type: 'schedule';
   frequencyMinutes?: number;
+  frequencySeconds?: number;
   cron?: string;
 }
 

diff --git a/packages/address-book/README.md b/packages/address-book/README.md
@@ -0,0 +1,5 @@
+# Defender SDK Address Book Client
+
+The OpenZeppelin Defender provides a security operations (SecOps) platform for Ethereum with built-in best practices. Development teams implement Defender to ship faster and minimize security risks.
+
+This library provides methods related to address book. See Examples for usage.
diff --git a/packages/address-book/jest.config.js b/packages/address-book/jest.config.js
@@ -0,0 +1 @@
+module.exports = require('../../jest.config');
diff --git a/packages/address-book/package.json b/packages/address-book/package.json
@@ -0,0 +1,30 @@
+{
+  "name": "@openzeppelin/defender-sdk-address-book-client",
+  "version": "1.15.0",
+  "description": "",
+  "main": "./lib/index.js",
+  "types": "./lib/index.d.ts",
+  "scripts": {
+    "build": "rm -rf lib && tsc",
+    "test": "npm run test:unit",
+    "test:unit": "jest --verbose --passWithNoTests --forceExit",
+    "watch": "tsc -w"
+  },
+  "files": [
+    "lib",
+    "!*.test.js",
+    "!*.test.js.map",
+    "!*.test.d.ts",
+    "!*__mocks__"
+  ],
+  "author": "OpenZeppelin Defender <[email protected]>",
+  "license": "MIT",
+  "dependencies": {
+    "@openzeppelin/defender-sdk-base-client": "^1.15.0",
+    "lodash": "^4.17.21",
+    "dotenv": "^16.3.1"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}
diff --git a/packages/address-book/src/api/index.ts b/packages/address-book/src/api/index.ts
@@ -0,0 +1,31 @@
+import { BaseApiClient } from '@openzeppelin/defender-sdk-base-client';
+import { AddressBookResponse, CreateAddressBookRequest } from '../models/address-book';
+
+const PATH = '/address-book';
+
+export class AddressBookClient extends BaseApiClient {
+  protected getPoolId(): string {
+    return process.env.DEFENDER_POOL_ID ?? 'us-west-2_94f3puJWv';
+  }
+
+  protected getPoolClientId(): string {
+    return process.env.DEFENDER_POOL_CLIENT_ID ?? '40e58hbc7pktmnp9i26hh5nsav';
+  }
+
+  protected getApiUrl(): string {
+    return process.env.DEFENDER_API_URL ?? 'https://defender-api.openzeppelin.com/';
+  }
+
+  public async list(): Promise<AddressBookResponse[]> {
+    return this.apiCall(async (api) => api.get(`${PATH}`));
+  }
+
+  public async create(address: CreateAddressBookRequest): Promise<AddressBookResponse> {
+    return this.apiCall(async (api) => api.post(`${PATH}`, address));
+  }
+
+  public async delete(addressBookId: string): Promise<{ message: string }> {
+    const encodedId = encodeURIComponent(addressBookId);
+    return this.apiCall(async (api) => api.delete(`${PATH}/${encodedId}`));
+  }
+}