Skip to content

Codex/evm ledger legacy path#786

Open
ByteZhang1024 wants to merge 6 commits into
onekeyfrom
codex/evm-ledger-legacy-path
Open

Codex/evm ledger legacy path#786
ByteZhang1024 wants to merge 6 commits into
onekeyfrom
codex/evm-ledger-legacy-path

Conversation

@ByteZhang1024
Copy link
Copy Markdown
Contributor

@ByteZhang1024 ByteZhang1024 commented May 12, 2026

No description provided.

@ByteZhang1024
fix(core): support EVM ledger legacy paths
d7932a4
@ByteZhang1024
fix: add ledger ble discovery diagnostics
1527f4e
@ByteZhang1024
fix: handle ledger evm blind signing errors
28735d9
@ByteZhang1024
fix(ledger): retry once on stuck-app (APDU 0x6901) before surfacing
26c53e5 
Stax returns 0x6901 when OpenAppCommand lands mid-transition right
after CloseApp — before the user can react. Reset transport, wait
500ms, then redo the call (including fingerprint check) exactly
once; on a second 6901 surface the original DeviceAppStuck error.

Adds debugLog around the retry path so persistent stuck-app reports
can be triaged from the logs.
@ByteZhang1024
chore: release 1.1.26-alpha.13
bb9bcb8
@ByteZhang1024
style(ledger): apply eslint --fix to satisfy prettier rules
9da4d0d
@revan-zhang
Copy link
Copy Markdown
Contributor

revan-zhang commented May 12, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@ByteZhang1024 ByteZhang1024 enabled auto-merge (squash) May 12, 2026 01:22
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 12, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedelectron@​28.2.3946010096100
Addednode-fetch@​2.7.06610010085100
Addedcross-env@​7.0.310010010082100
Addeddebug@​4.3.49910010084100
Addedfs-extra@​11.2.010010010091100

View full report

@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 12, 2026

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @types/node is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/electron@28.2.3npm/@types/node@18.19.17

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@types/node@18.19.17. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm @types/node is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/electron@28.2.3npm/@types/node@18.19.17

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@types/node@18.19.17. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ByteZhang1024 @revan-zhang