pezkuwichain/pwap
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pwap.git synced 2026-04-22 02:07:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
847 Commits 1 Branch 0 Tags
main
Commit Graph

24 Commits

Author SHA1 Message Date
pezkuwichain 672682558f chore: migrate git dependencies to Gitea mirror (git.pezkuwichain.io) 2026-04-21 18:52:54 +03:00
pezkuwichain 50a17d6453 ci: decouple deploy from mobile app, web-only pipeline 
Mobile app is distributed via Play Store DApps browser, no longer
built/deployed from this repo. Deploy and security audit now only
depend on the web job passing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-07 23:54:46 +03:00
pezkuwichain aa3a49f0f6 fix: resolve critical fast-xml-parser vulnerability and block deploy on audit 
- Override fast-xml-parser to ^5.3.6 (fixes CVE-2026-25896, CVE-2026-26278, CVE-2026-25128)
- Add security-audit to deploy job dependencies in quality-gate workflow
 2026-02-23 18:23:55 +03:00
pezkuwichain 7183e659c6 fix: enforce security audit - remove continue-on-error 2026-02-23 10:19:49 +03:00
pezkuwichain 88b69f13cd feat: add WalletConnect v2 integration for mobile wallet connection 
- Add @walletconnect/sign-client for dApp-side WC v2 support
- Create walletconnect-service.ts with session management and Signer adapter
- Create WalletConnectModal.tsx with QR code display
- Update PezkuwiContext with connectWalletConnect(), session restore, walletSource tracking
- Update WalletContext signing router: mobile → WalletConnect → extension
- Update WalletModal with "Connect with pezWallet (Mobile)" button
- Move WalletConnect projectId to env variable
- Fix vite build: disable assetsInclude for JSON (crypto-browserify compat)
 2026-02-22 18:36:29 +03:00
pezkuwichain ca3709e8ef fix: correct RPC endpoints - remove wrong :9944 port 2026-02-04 12:35:42 +03:00
pezkuwichain 91e14bf200 fix: add production fallback endpoints for blockchain connection 
- Add VITE_NETWORK and endpoint env vars to CI/CD build
- Add Asset Hub and People Chain endpoints to build config
- Add hardcoded production fallbacks in PezkuwiContext
- Disable WebSocket real-time service (not deployed yet)
- Endpoints: rpc.pezkuwichain.io, mainnet, beta, asset-hub, people
 2026-02-04 12:19:29 +03:00
pezkuwichain 02094a3635 feat: add XCM teleport and CI/CD deployment workflow 
Features:
- Add XCMTeleportModal for cross-chain HEZ transfers
- Support Asset Hub and People Chain teleports
- Add "Fund Fees" button with user-friendly tooltips
- Use correct XCM V3 format with teyrchain junction

Fixes:
- Fix PEZ transfer to use Asset Hub API
- Silence unnecessary pallet availability warnings
- Fix transaction loading performance (10 blocks limit)
- Remove Supabase admin_roles dependency

CI/CD:
- Add auto-deploy to VPS on main branch push
- Add version bumping on deploy
- Upload build artifacts for deployment
 2026-02-04 11:35:25 +03:00
pezkuwichain cdb58297d0 Remove Cloudflare workflow - using Cloudflare dashboard instead 2026-01-18 05:37:11 +03:00
pezkuwichain 8b85ae7ece Fix: create .env from secret in Cloudflare workflow 2026-01-18 05:18:22 +03:00
pezkuwichain 1576088821 Fix Cloudflare workflow: remove npm cache dependency 2026-01-18 05:11:22 +03:00
pezkuwichain a194c87b7c Add Cloudflare Pages deployment workflow 2026-01-18 05:01:01 +03:00
pezkuwichain 02880b4004 Fix mobile peer deps, skip SDK UI job for now 2026-01-18 01:22:06 +03:00
pezkuwichain 20bdbe1905 Fix mobile types override and SDK UI yarn detection 2026-01-18 01:17:35 +03:00
pezkuwichain c75ae9a7f5 Fix CI: remove root package.json, fix mobile overrides, update workflow 2026-01-18 01:13:24 +03:00
pezkuwichain 994625b6b5 Add unified build scripts and update Quality Gate workflow for all packages 2026-01-18 01:07:27 +03:00
pezkuwichain 832276f387 fix(ci): update TruffleHog to scan full repo instead of diff 2025-12-11 03:23:51 +03:00
pezkuwichain e0c1f2c7a9 fix(ci): checkout pezkuwi-sdk for docs generation 2025-12-11 03:11:04 +03:00
pezkuwichain 275e3f8d43 fix(ci): correct npm install path for monorepo 2025-11-20 06:17:59 +03:00
pezkuwichain 6bca067c6b fix: GitHub Actions workflow - correct workspace commands 
The workflow was using npm workspace commands (-w web) but the repository
doesn't have a root package.json configured for workspaces. Updated to use
working-directory instead to properly execute commands in the web directory.

Changes:
- Install dependencies: npm ci in web directory
- Run linter: npm run lint in web directory
- Run tests: npm run test in web directory
- Build project: npm run build in web directory

This fixes the "No workspaces found" error that was causing the workflow to fail.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-20 04:33:16 +03:00
pezkuwichain a7c8d00afe chore(project): Update dependencies, vite config, and clean up repository 2025-11-19 18:45:00 +03:00
pezkuwichain 49cdcb523c chore(ci): Establish quality gate and strengthen pre-commit hook 2025-11-19 18:35:11 +03:00
pezkuwichain 18e4adb283 fix: Optimize GitHub Actions workflow and fix .gitattributes warnings 
- Refactor security-check.yml to separate critical vs optional checks
- Make TruffleHog, Gitleaks, and Snyk scans optional (continue-on-error)
- Fix .gitattributes negative pattern warning (!.env.example)
- Use specific .env patterns instead of wildcards
- Improve workflow job organization and summary reporting

This ensures the CI/CD pipeline doesn't fail when optional security
tools are not configured with tokens, while maintaining strict
validation for critical security checks.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-28 21:55:45 +03:00
pezkuwichain 159700eade feat: Add comprehensive GitHub security integration 
Security Infrastructure:
- Add .gitattributes for merge conflict protection and sensitive file handling
- Add SECURITY.md with detailed security policies and procedures
- Add pre-commit hook template for local secret detection
- Add GitHub Actions workflow for automated security scanning
- Add comprehensive documentation for git hooks

Code Security Improvements:
- Fix AuthContext.tsx: Remove hardcoded credentials, use environment variables
- Migrate WalletContext.tsx: Replace Ethereum/MetaMask with Polkadot.js
- Refactor lib/wallet.ts: Complete Substrate configuration with asset management
- Update TokenSwap.tsx: Add real API integration for balance queries
- Update StakingDashboard.tsx: Add blockchain integration placeholders

Environment Management:
- Update .env with proper security warnings
- Update .env.example with comprehensive template
- All sensitive data now uses environment variables
- Demo mode controllable via VITE_ENABLE_DEMO_MODE flag

Security Measures Implemented:
 4-layer protection (gitignore + gitattributes + pre-commit + CI/CD)
 Automated secret scanning (TruffleHog + Gitleaks)
 Pre-commit hooks prevent accidental commits
 CI/CD pipeline validates all PRs
 Environment variable validation
 Dependency security auditing

Breaking Changes:
- WalletContext now uses Polkadot.js instead of MetaMask
- lib/wallet.ts completely rewritten for Substrate
- ASSET_IDs and CHAIN_CONFIG exported from lib/wallet.ts
- Demo mode must be explicitly enabled

Migration Notes:
- Install pre-commit hook: cp .git-hooks/pre-commit.example .git/hooks/pre-commit
- Copy environment: cp .env.example .env
- Update .env with your credentials
- Enable GitHub Actions in repository settings

Co-authored-by: Claude <noreply@anthropic.com>
 2025-10-28 21:48:48 +03:00