Commit Graph

15 Commits

Author SHA1 Message Date
pezkuwichain e5339235ad revert: temporarily restore content to the last Play-Store-compatible state
The live Play Store release (wallet-android 85bde7e, published 2026-06-15)
was built against whatever was on this branch's HEAD at the time - which,
since master had received no commits between 2026-03-02 and this week, was
commit 7a087cf. This week's changes (nova-base sync, Tron config/icons,
balance test fixtures, etc.) are real and wanted, but they've made master
incompatible with that still-live app version, and live users installing
fresh right now get a completely empty tokens list because of it (the app's
chain sync silently fails whole-hog on any single malformed/incompatible
chain entry, leaving new installs with zero locally-cached chains).

This makes master's served content match 7a087cf exactly, stopping the
bleeding for current live users without needing an emergency app release.
None of this week's work is lost - it's all preserved on
pending/post-fix-release and will come back once wallet-android's Tron
send feature is complete and both repos can ship together in one
coordinated release.
2026-07-11 08:23:48 -07:00
pezkuwichain 1b49b149d0 fix: auto-merge only waited on Code Quality, never retried after Security
auto-merge.yml only listened for the "Code Quality" workflow_run event.
Whenever "Security" (CodeQL etc., usually the slower of the two) finished
after Code Quality, the merge attempt fired too early, failed against the
still-pending required check, and nothing ever re-triggered it - the PR sat
open until someone noticed and merged it by hand. This is the actual cause
behind the recurring "master->main sync PR stuck" issue, not a one-off fluke.

Now listens for both workflows, and verifies every required check is
actually green (via `gh pr checks --required`) before merging rather than
trusting that the one workflow which fired us means everything is done -
whichever of the two finishes last will now successfully trigger the merge.
2026-07-11 08:12:47 -07:00
pezkuwichain 94bacf6e8a fix: target master (not GitHub default branch) in Nova Base sync PRs
sync-nova-base.yml checked out and PR'd against whatever branch GitHub
considers the repo default - which is 'main', a read-only mirror kept in
sync FROM master (auto-pr.yml/auto-merge.yml only flow master -> main,
never the reverse). master is what the live app actually fetches configs
from (see wallet-android's CHAINS_URL etc. all pointing at .../master/...).

Net effect: every one of the 29 accumulated 'Sync from Nova Base' PRs
(#1 through #36, 2026-02-09 through 2026-07-09) landed on a branch nothing
downstream ever reads, so 5 months of upstream Nova chain/RPC/asset
maintenance never reached production regardless of whether those PRs got
merged. Explicit ref/base: master makes future runs target the branch that
actually matters; the 29 stale main-targeted PRs are being closed as
superseded now that #36's content has been applied to master directly (see
next commit).
2026-07-09 22:23:51 -07:00
pezkuwichain 35c1ed3d38 fix: trigger CI workflows on master, not just main (#39)
master is where real development happens and gets pushed to directly
(main is the auto-synced mirror) - branch protection was just added to
master requiring these exact check contexts, but the workflows only
fired for PRs/pushes targeting main, so the required checks could never
actually run for a master PR, permanently blocking every future merge.
2026-07-09 04:31:39 -07:00
pezkuwichain a4e2038aac fix: exclude "account" field from hardcoded-private-key scan (false positive)
Every account_overrides.json/chains_for_testBalance.json entry has a
32-byte hex "account" field - a public AccountId32 (Substrate's public
account identifier), not a private key. The two share the same byte
length/hex format, but are fundamentally different: one is meant to be
public (it's literally how you address a chain account), the other
must stay secret. The scanner's regex can't tell them apart and flags
every single one, which just triggered a false "Possible private key
found" failure on PR #33 (the master->main sync).

This isn't a one-off - it'll fire on every future sync PR too, since
chains_for_testBalance.json always has these fields. Left as "FAILURE"
long-term, it trains reviewers to ignore this specific check, which is
exactly the alarm-fatigue failure mode that would let a real leaked
secret slip through unnoticed.
2026-07-08 09:46:58 -07:00
pezkuwichain 7a087cfa14 Fix auto-pr to not fail when branches are already in sync 2026-03-02 15:08:14 +03:00
pezkuwichain 20c5fd20cc Replace force-push sync with PR-based auto-merge workflow 2026-03-02 14:21:07 +03:00
pezkuwichain c6a992c4e6 fix: exclude currencyIdScale from hardcoded secrets scan 2026-02-19 06:21:20 +03:00
pezkuwichain 0aeec6b566 ci: add Code Quality and Security workflows (Python lint, JSON validation, chain integrity, secret scan) 2026-02-19 05:56:31 +03:00
pezkuwichain c0f3152035 fix: improve branch sync workflow with force push and better error handling 2026-02-09 05:07:56 +03:00
pezkuwichain e8045a4b75 fix: bidirectional sync between main and master branches 2026-02-09 04:50:08 +03:00
pezkuwichain 71d14b884a feat: add Nova-base sync mechanism
- Add sync_from_nova.py script to merge Nova chains with Pezkuwi overlay
- Add GitHub Action for daily auto-sync
- Sync all chains from nova-base (includes Polkadot Coretime and other missing chains)
- Pezkuwi chains appear first and take priority

This fixes DOT swap crash caused by missing Polkadot Coretime chain.
2026-02-09 04:39:23 +03:00
pezkuwichain b550b109b6 Add GitHub Actions workflow to sync master to main 2026-02-04 08:55:22 +03:00
pezkuwichain ef3032497c ci: Add GitHub Action to auto-sync main and master branches 2026-02-03 05:45:04 +03:00
pezkuwichain 0fe520cd33 Add CodeQL analysis workflow configuration 2026-01-23 15:20:22 +03:00