Skip to content

fix: sanitize groth16 verification key reading #2008

fix: sanitize groth16 verification key reading

fix: sanitize groth16 verification key reading #2008

Workflow file for this run

on: pull_request
name: pull_request
jobs:
staticcheck:
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: install Go
uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: install deps
run: go install golang.org/x/tools/cmd/goimports@latest && go install github.com/klauspost/asmfmt/cmd/asmfmt@latest
- name: gofmt
run: if [[ -n $(gofmt -l .) ]]; then echo "please run gofmt"; exit 1; fi
- name: generated files should not be modified
run: |
go generate ./...
git update-index --assume-unchanged go.mod
git update-index --assume-unchanged go.sum
if [[ -n $(git status --porcelain) ]]; then echo "git repo is dirty after running go generate -- please don't modify generated files"; echo $(git diff);echo $(git status --porcelain); exit 1; fi
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.60
args: -v --timeout=5m
test:
needs: staticcheck
runs-on: ubuntu-latest-128
permissions:
pull-requests: write
steps:
- name: checkout code
uses: actions/checkout@v4
- name: install Go
uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: install deps
run: |
go install golang.org/x/tools/cmd/goimports@latest && go install github.com/klauspost/asmfmt/cmd/asmfmt@latest
go install github.com/consensys/[email protected]
go install github.com/ethereum/go-ethereum/cmd/[email protected]
sudo add-apt-repository ppa:ethereum/ethereum
sudo apt-get update
sudo apt-get install solc
# Install gotestfmt on the VM running the action.
- name: Set up gotestfmt
uses: gotesttools/gotestfmt-action@v2
with:
# Optional: pass GITHUB_TOKEN to avoid rate limiting.
token: ${{ secrets.GITHUB_TOKEN }}
# Run tests with nice formatting. Save the original log in /tmp/gotest.log
- name: Run tests
run: |
set -euo pipefail
go test -json -v -p 4 -short -timeout=30m ./... 2>&1 | gotestfmt -hide=all | tee /tmp/gotest.log
go test -json -v -p 4 -tags=release_checks,solccheck . 2>&1 | gotestfmt -hide=all | tee -a /tmp/gotest.log
go test -json -v -p 4 -tags=prover_checks ./test/... 2>&1 | gotestfmt -hide=all | tee -a /tmp/gotest.log
go test -json -v -p 4 -tags=prover_checks ./examples/... 2>&1 | gotestfmt -hide=all | tee -a /tmp/gotest.log
go test -json -v -run=NONE -fuzz=FuzzIntcomp -fuzztime=30s ./internal/backend/ioutils 2>&1 | gotestfmt -hide=all | tee -a /tmp/gotest.log
slack-notifications:
if: always()
uses: ./.github/workflows/slack-notifications.yml
needs:
- test
- staticcheck
secrets:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
with:
status: ${{ needs.staticcheck.result }}${{ needs.test.result }}
actor: ${{ github.actor }}
repository: ${{ github.repository }}
branch: ${{ github.event.pull_request.head.ref }}
run_id: ${{ github.run_id }}