Add `preprod` network by NachoPal · Pull Request #265 · midnightntwrk/midnight-node

NachoPal · 2025-11-14T10:07:05Z

Overview

Add preprod network

Closes: https://shielded.atlassian.net/browse/SRE-1282

🗹 TODO before merging

Ready

📌 Submission Checklist

Changes are backward-compatible (or flagged if breaking)
Pull request description explains why the change is needed
Self-reviewed the diff
I have included a change file, or skipped for this reason:
If the changes introduce a new feature, I have bumped the node minor version
Update documentation (if relevant)
No new todos introduced

🧪 Testing Evidence

Please describe any additional testing aside from CI:

Additional tests are provided (if possible)

🔱 Fork Strategy

Node Runtime Update
Node Client Update
Other:
N/A

Links

github-actions · 2025-11-14T10:10:51Z

Checkmarx One – Scan Summary & Details – 2802d1bf-7fae-4806-b1de-e0e1c87f1d3f

New Issues (137)

Checkmarx found the following issues in this Pull Request

Issue	Source File / Package	Checkmarx Insight
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: 2DSzihMpWngTpOkIL9QBLklNBE4%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: OqHhIFAXd7jJz8CIuwHGD3zEWhQ%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: ijij%2FjNf3fDoRG04Xj%2BPMbZgqqs%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: 4FjRyzL5K950%2BlSwxJbVFVMNNvc%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: GnYwd39Oy13Mp22dwTiattFa5bc%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: Miqll54vN7Mm3ro80ZDKxl4Yo0U%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: vwypWzQifS78Mgs4gcgLzomkxmA%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: 6lWh5rcT2KwSByqVlz5ierjAcu0%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: %2Fs4WlCpG1tRCrlNvwGoCWVLPeMg%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: CmR8khbKBN7kGrG4AH4d5fUHr5U%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: 69PDIuEhWxuLrQmmgbKh4RnphIE%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: 4npSjeDAyDG12eR3xJYF6tBBL5c%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: CEkR%2Frfx53YF2jNcDtUVlrVF8n8%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: sWd0AyzBcSeeuG3JfA8miAPzcrg%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: Jzby%2FjhvwmvFtEwG9Rl%2F5SgZeiY%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: QK239mguETyYqPif8gvP8fLEmwI%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: vLBM6jzhUa%2FdBWVvNtVFtAnISjo%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: sDtDGni7xln3z41KzdEELdrDlJc%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: C6dBNCS5E7ecVhqOrK4QlrIOyBU%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: bWmwU5bcGN6OKM0FWnkVz8Wt%2F80%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: x9%2Fjca%2BcqigPt7CeRNENZMA9Qy4%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: VLeHh6J7upqSbeGNrI%2B0Fk9xuwA%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: Gq0vxKWaJXtz7uHUjRP2N%2Fcc%2Fus%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: WCEQC8K9XPkSRpsJa4cG0Kqx2oQ%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: I9nAE3vDq7WULej9MEnTnnztoow%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: gTRiMpSbIbFhDCVE7eKN8uDc2Ns%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: WZamc48euht6wvy4K1x1hADCeOI%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: UEGsOFkZ2OU4MxRcUxFRaM8IglM%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: %2FBdG9AKjhorn3Q05x0lviS3A7bI%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: emq7Djz%2B5ukcm5qdPm0fubcovKE%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 1	details When installing a package, its pin version should be defined `ID: 8pLxHb3VVG00gZL20%2FPEPJDjlzM%3D`
Apt Get Install Pin Version Not Defined	/Dockerfile: 4	details When installing a package, its pin version should be defined `ID: FJcBH62T9GE%2FW4xfF%2F3kz5kld%2FQ%3D`
CVE-2025-59288	Npm-playwright-1.52.0	details Recommended version: 1.55.1 Description: In versions prior to 1.55.1, improper verification of the cryptographic signature in Playwright allows an unauthorized attacker to perform spoofin... Attack Vector: ADJACENT_NETWORK Attack Complexity: HIGH `ID: %2F3d1fMgZArCv0Gyl25MfrvXgmS5Z0BUvV3M0ES9nKbw%3D` Vulnerable Package
CVE-2025-62522	Npm-vite-7.1.5	details Recommended version: 7.1.11 Description: Vite is a frontend tooling framework for JavaScript. In versions 2.9.18 prior to 3.0.0, 3.2.9 prior to 4.0.0, 4.5.3 prior to 5.0.0, 5.2.6 prior to ... Attack Vector: NETWORK Attack Complexity: LOW `ID: agahgb%2FAvj5PC5Sf0H%2Fz%2FDR%2BBbXq8XIh%2Fenr0xP08zA%3D` Vulnerable Package
CVE-2025-62522	Npm-vite-6.3.6	details Recommended version: 6.4.1 Description: Vite is a frontend tooling framework for JavaScript. In versions 2.9.18 prior to 3.0.0, 3.2.9 prior to 4.0.0, 4.5.3 prior to 5.0.0, 5.2.6 prior to ... Attack Vector: NETWORK Attack Complexity: LOW `ID: IqqtvII2vXHbrX0UJtMqbWaprp62LOa0BTjmhHD3dUo%3D` Vulnerable Package
Container Capabilities Unrestricted	/docker-compose.yml: 245	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: 3LvGvp%2BgXxhlohDr2KLienNa5%2Fo%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 265	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: SvqBlo%2BqPuBdFcFHCg8YfBlbKNo%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 382	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: CnItjrz%2B803aY3Q%2Be01hx9z3iHM%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 102	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: VAkJSLR5VFPNnPQx%2Bh5z4BixzzY%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 70	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: vWy9BXGm2h11pzL0yk7%2FIG%2Flemw%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 314	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: OGmAWStZlo2tROKfY9RC74ECt3E%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 131	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: XcKuOAoNUpto7HFdC3aUSZYt4ZU%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 418	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: il5w6iR9LHc0I6S09PdZ2xLQ%2Fag%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 150	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: 7qgfWZLjEq9LoTcWQp7uip5JP24%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 168	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: qbBKj8KzNDhNn2coPr8liZsunZ4%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 97	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: t%2F9BXqPEvZwp9jsI6TfXOpT6FYk%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 35	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: Q3HA07oRqNqOiD4Fc%2FLYGvxUoZU%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 86	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: tDg9MdRBoNyyxDfiUgAXJ4CbfoM%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 188	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: j1Fk6awRyWbW%2BwAifVoHcOnDZdw%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 54	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: EDMGpoe9HyhoSJ9IAopUXlTRnWw%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 44	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: GppTxKqm2N40GPHKTd4VU3ZuVSQ%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 2	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: vCzVy1jdNn4wUL9tEm4%2BqqAWszI%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 134	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: OFO9I4m5Ixkp7gjVJ2LpM49%2B5NU%3D`
Container Capabilities Unrestricted	/test-compose-latest.yml: 2	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: ChmchZrUAWATKVq%2FD3ILNqgci7k%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 214	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: ItJBBzAAoNBJDPIwdkwH%2Bg8pnws%3D`
Container Capabilities Unrestricted	/fork-test-compose.yml: 118	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: q1SQP%2Bw5FKruNDwGikShvIAld%2BE%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 66	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: %2F0DyC%2BJPNRedfid4GJhKO%2BHGJLQ%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 454	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: SfzKXrAaefWeB4OfLeuLZxnV85w%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 159	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: TGCkUrBNkcwsl33v4M7E9rR1TpQ%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 348	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: QK4N89Ye03RM47u9nF2nfFV1Frc%3D`
Container Capabilities Unrestricted	/docker-compose.yml: 279	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... `ID: gUgVK1Bb%2FLJPCgBHUaB0UXDJif8%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 371	details Incoming container traffic should be bound to a specific host interface `ID: 0Wm9ADWUBtCQERxXdmR%2FT3k%2Fup0%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 77	details Incoming container traffic should be bound to a specific host interface `ID: rijY4GbNkm2p8MLO10z5%2BCu1e1g%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 56	details Incoming container traffic should be bound to a specific host interface `ID: BcpXnOQz9Fnb5Ffx9tpgIQrg35M%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 87	details Incoming container traffic should be bound to a specific host interface `ID: Ux9lA8v7Mz%2F6r%2BOfSDqHJrCMo0E%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 41	details Incoming container traffic should be bound to a specific host interface `ID: YdB3z22Gb6r8134Nn%2Fb8yG8Tf3U%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 40	details Incoming container traffic should be bound to a specific host interface `ID: nkbOzb1ToZTTDiYMOsFHpkwkgpo%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 443	details Incoming container traffic should be bound to a specific host interface `ID: 8zUXuZVhGUnd5pfpqPJBCgpvRm8%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 302	details Incoming container traffic should be bound to a specific host interface `ID: AjWtdpcHinYdPr1ljjLayx4C0ck%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 337	details Incoming container traffic should be bound to a specific host interface `ID: 6yVCdGOfbDPwikBAdhxUkrVVIUM%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 407	details Incoming container traffic should be bound to a specific host interface `ID: nFDOZOZKCVWyg2arz1QwMjn890s%3D`
Container Traffic Not Bound To Host Interface	/test-compose-latest.yml: 4	details Incoming container traffic should be bound to a specific host interface `ID: zYxSJHbPoO4pYi%2FD3BIZ3tmrmQ4%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 93	details Incoming container traffic should be bound to a specific host interface `ID: 59iGAEnoXD2gxQDn%2BUmD%2BGwSNVU%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 225	details Incoming container traffic should be bound to a specific host interface `ID: fl9T%2BmRfM267KfCBkEb6EWi1icU%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 272	details Incoming container traffic should be bound to a specific host interface `ID: JwEROjGO1loBrWXVUEPMxA1Vy14%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 63	details Incoming container traffic should be bound to a specific host interface `ID: LOyQ3GkF0GHzs6O7mcyvLFZHyM0%3D`
Container Traffic Not Bound To Host Interface	/docker-compose.yml: 148	details Incoming container traffic should be bound to a specific host interface `ID: HdclvEqhsV3G9TLYd5OSQfzQn4g%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 141	details Incoming container traffic should be bound to a specific host interface `ID: 35hrkRKm%2F%2FHyhAcR%2BM0rosIXbXQ%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 125	details Incoming container traffic should be bound to a specific host interface `ID: 3%2FO0%2B0W6OMBgzQmgEgWFOi5vCpo%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 157	details Incoming container traffic should be bound to a specific host interface `ID: HOG%2B3p0VxXSf9NqbBJLJ0LbxSMo%3D`
Container Traffic Not Bound To Host Interface	/fork-test-compose.yml: 109	details Incoming container traffic should be bound to a specific host interface `ID: AWPCswZ8oeJi0NqMN1PcqRFvnp8%3D`
Healthcheck Not Set	/docker-compose.yml: 382	details Check containers periodically to see if they are running properly. `ID: vK7XHYCLhfbq3WNrGqv3%2B2LK%2Fb0%3D`
Healthcheck Not Set	/docker-compose.yml: 314	details Check containers periodically to see if they are running properly. `ID: %2Bis9WgcbrrOAhy2fJPjUahfqAjw%3D`
Healthcheck Not Set	/docker-compose.yml: 44	details Check containers periodically to see if they are running properly. `ID: s84p%2FGdZL6SYZvgfKrwBZYwiCFM%3D`
Healthcheck Not Set	/docker-compose.yml: 279	details Check containers periodically to see if they are running properly. `ID: sPehqxqVdUALr7KIco2pIPV3Onc%3D`
Healthcheck Not Set	/docker-compose.yml: 348	details Check containers periodically to see if they are running properly. `ID: kcI%2FNdmZOvcTacoVoY9vSPhNDHc%3D`
Healthcheck Not Set	/fork-test-compose.yml: 86	details Check containers periodically to see if they are running properly. `ID: Kr3BpyzZfVSqeFcPN%2FNp000Csb4%3D`
Healthcheck Not Set	/fork-test-compose.yml: 102	details Check containers periodically to see if they are running properly. `ID: g7NQ2yapI9Vdn7tVWNmIn7GB2yE%3D`
Healthcheck Not Set	/fork-test-compose.yml: 54	details Check containers periodically to see if they are running properly. `ID: II2H5%2Fjif4jLMBQWFO9YU9wyUDM%3D`
Healthcheck Not Set	/docker-compose.yml: 418	details Check containers periodically to see if they are running properly. `ID: aoznIMhKDeOnsUt2sXyX2CmJ0QA%3D`
Healthcheck Not Set	/docker-compose.yml: 265	details Check containers periodically to see if they are running properly. `ID: OvJgvrN3hUPIwn0GSseTk0MEgfM%3D`
Healthcheck Not Set	/fork-test-compose.yml: 150	details Check containers periodically to see if they are running properly. `ID: OwxW2Mk0HzoD0218fBPeNrS6U6Q%3D`
Healthcheck Not Set	/fork-test-compose.yml: 134	details Check containers periodically to see if they are running properly. `ID: eEEkOL%2BNEDbIUpiyfrGw5I5%2BBBc%3D`
Healthcheck Not Set	/fork-test-compose.yml: 70	details Check containers periodically to see if they are running properly. `ID: f3nKgedKNLICkMtp3gqtcjl0MG0%3D`
Healthcheck Not Set	/fork-test-compose.yml: 168	details Check containers periodically to see if they are running properly. `ID: EVxAZFgQJgHvp8FkuDFLriyMKEg%3D`
Healthcheck Not Set	/docker-compose.yml: 97	details Check containers periodically to see if they are running properly. `ID: bfI%2FOjvhmE9HdyiC6b9sfsJdDP4%3D`
Healthcheck Not Set	/docker-compose.yml: 454	details Check containers periodically to see if they are running properly. `ID: FGFzFmUi66fBUpgJIiVzQsACasE%3D`
Healthcheck Not Set	/fork-test-compose.yml: 118	details Check containers periodically to see if they are running properly. `ID: pDUpW7iW9Vymf4fKnSDuB545twI%3D`
Memory Not Limited	/fork-test-compose.yml: 168	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: cejIOhoPMwZQK16%2FAayTsbtV7pw%3D`
Memory Not Limited	/fork-test-compose.yml: 118	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: %2B16OwHVNPe5w7lUqUJxy2y8RrIc%3D`
Memory Not Limited	/fork-test-compose.yml: 134	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: pjXXo7Yp2cE5Wtky%2BXzF%2Bi3B77o%3D`
Memory Not Limited	/fork-test-compose.yml: 70	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: 7v65i7ts4b6traMROeudtSOAXOU%3D`
Memory Not Limited	/fork-test-compose.yml: 150	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: 1N9B5OsWgvveN2GuyL5O848d1N0%3D`
Memory Not Limited	/fork-test-compose.yml: 86	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: 53%2B9lOwAlbCtTqxasUY3LZnncEI%3D`
Memory Not Limited	/fork-test-compose.yml: 54	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: HU8tz5pJ%2Fx2xwOJVNN%2BqJ8Sdy68%3D`
Memory Not Limited	/fork-test-compose.yml: 35	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: GQWxl7yL6Dt4Ngn3ZGWM8QYMSWE%3D`
Memory Not Limited	/fork-test-compose.yml: 102	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... `ID: WiW9qfBrY6AhWwFZwjW6brJh3Ts%3D`
Security Opt Not Set	/docker-compose.yml: 159	details Attribute 'security_opt' should be defined. `ID: hOOvblo9So4tjCobbDNrA%2FKPJ2M%3D`
Security Opt Not Set	/test-compose-latest.yml: 2	details Attribute 'security_opt' should be defined. `ID: NfhnF%2FsxIvLoJ4H0dWGus7aaeyg%3D`
Security Opt Not Set	/fork-test-compose.yml: 150	details Attribute 'security_opt' should be defined. `ID: O7DV3N6CcFtVYkp46BRnGVMX7xE%3D`
Security Opt Not Set	/fork-test-compose.yml: 102	details Attribute 'security_opt' should be defined. `ID: 939LnL5yK%2F3qfT34ZAeCrev0XFc%3D`
Security Opt Not Set	/fork-test-compose.yml: 70	details Attribute 'security_opt' should be defined. `ID: hDRmSq0NDQzIUQLZd05PspbfejI%3D`
Security Opt Not Set	/docker-compose.yml: 188	details Attribute 'security_opt' should be defined. `ID: jyKnsdSnXZc9ffu0DP0twR%2Fpl8g%3D`
Security Opt Not Set	/fork-test-compose.yml: 134	details Attribute 'security_opt' should be defined. `ID: 7lhmYmmX7dXEBGPGQjNp3XFIj3s%3D`
Security Opt Not Set	/fork-test-compose.yml: 118	details Attribute 'security_opt' should be defined. `ID: 5jw1HMKDCpD7EMjIdEAIICslbfw%3D`
Security Opt Not Set	/fork-test-compose.yml: 86	details Attribute 'security_opt' should be defined. `ID: bdd8BnHIclk1w%2Be3DHZsi8rwaco%3D`
Security Opt Not Set	/docker-compose.yml: 44	details Attribute 'security_opt' should be defined. `ID: TSUbVGt2XfQUlGRZITMRDwVUeZc%3D`
Security Opt Not Set	/fork-test-compose.yml: 168	details Attribute 'security_opt' should be defined. `ID: RUreJwngXzxVW4ATKaEDNKcFxRs%3D`
Security Opt Not Set	/fork-test-compose.yml: 35	details Attribute 'security_opt' should be defined. `ID: fJ6vdVOtRsywG9XmUFoE7M7EjQA%3D`
Security Opt Not Set	/docker-compose.yml: 214	details Attribute 'security_opt' should be defined. `ID: Ayafbqn1FfB1Rz0xWtP7xk4Yqnw%3D`
Security Opt Not Set	/fork-test-compose.yml: 54	details Attribute 'security_opt' should be defined. `ID: kAzDyEj9Jm9Cz%2BLPuu7O4qMK2kc%3D`
CVE-2025-5889	Npm-brace-expansion-2.0.1	details Recommended version: 2.0.2 Description: A vulnerability was found in juliangruber brace-expansion. It has been rated as problematic. Affected by this issue is the function "expand" of the... Attack Vector: NETWORK Attack Complexity: HIGH `ID: 5xE9%2BjuH7n0%2FgsCVf6p9gW%2F%2BowfqwS440qOVsc5p%2FSo%3D` Vulnerable Package
CVE-2025-5889	Npm-brace-expansion-1.1.11	details Recommended version: 1.1.12 Description: A vulnerability was found in juliangruber brace-expansion. It has been rated as problematic. Affected by this issue is the function "expand" of the... Attack Vector: NETWORK Attack Complexity: HIGH `ID: dthzYjxIsFUmSumO0GuVdZnMoBOPWFK7fgUXUAZrWUk%3D` Vulnerable Package
Cpus Not Limited	/fork-test-compose.yml: 70	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: w6ToqSj4Hb5Ty%2FMxnkaU9IJBluw%3D`
Cpus Not Limited	/fork-test-compose.yml: 118	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: t2XfjN%2B8Mwhv9M27lTqe1NVV9dA%3D`
Cpus Not Limited	/fork-test-compose.yml: 150	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: uQh68aWtPElUmgBwJ8nmH15DpFg%3D`
Cpus Not Limited	/fork-test-compose.yml: 35	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: %2BBFcVGxFnZr1YwkSHkIENPPoZ%2BE%3D`
Cpus Not Limited	/fork-test-compose.yml: 134	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: 8koSpysPxhYQlfGYJQryeKJYJ1A%3D`
Cpus Not Limited	/fork-test-compose.yml: 54	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: zsbIu8f%2BrWwNHTzHHTx%2F2cXwr1o%3D`
Cpus Not Limited	/fork-test-compose.yml: 102	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: %2B68V2HAdIKRKskaj57ncFVjGius%3D`
Cpus Not Limited	/fork-test-compose.yml: 168	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: JBK8KK%2B0FiYygYWWITnkBOFXBzU%3D`
Cpus Not Limited	/fork-test-compose.yml: 86	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests `ID: awq%2F%2BNz8cP3Wa0VMQQIFUmjRVwU%3D`
Healthcheck Instruction Missing	/Dockerfile: 1	details Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working `ID: rrtQavAwzMLt4FDXtyT6UzxGzXk%3D`
Healthcheck Instruction Missing	/Dockerfile: 1	details Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working `ID: swQrxBEMON63K8lm%2BTcgtLi2N9k%3D`
Healthcheck Instruction Missing	/Dockerfile: 1	details Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working `ID: ZhA5vjI4FLXeT9X4KRq%2Fy%2F8xTp8%3D`
Use_of_Unsafe_Keyword	/runtime/build.rs: 19	details The dangerous function, unsafe, was found in use at line 19 in /runtime/build.rs file. Such functions may expose information and allow an attacke... `ID: uKMaBbmZqRgaXzptGB7%2FpTrAv3Y%3D` Attack Vector
Use_of_Unsafe_Keyword	/runtime/build.rs: 28	details The dangerous function, unsafe, was found in use at line 28 in /runtime/build.rs file. Such functions may expose information and allow an attacke... `ID: FJIVxlQ6A2U2VsTdIHZuLC2JLgs%3D` Attack Vector

This reverts commit 5a43d4c.

This reverts commit 5c4d7e7.

github-advanced-security

Checkmarx One found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

This reverts commit e6fdbe2.

This reverts commit d529e1d.

This reverts commit 980d1a8.

This reverts commit 6709891.

* fix: error when loading chain spec for non-dev cfg_preset (#187) (#194) * fix: error when loading chain spec for non-dev cfg_preset --------- Co-authored-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com> Co-authored-by: Squirrel <giles.cope@shielded.io> * chore: PC 1.8 deployment fixes (#201) * chore: node-dev-01 new chain spec with PC 1.8 registrations (#191) * chore: PC 1.8 new registrations (#197) * chore: PC 1.8 new registrations * chore: add governance info * chore: fix chain-spec to match PC 1.8 registration (#200) * Cherry pick: bump to ledger ledger-6.1.0-alpha.5 (#203) (#204) * bump to ledger ledger-6.1.0-alpha.5 (#203) (cherry picked from commit b3fac93) * Change GITHUB_TOKEN to GHP_TOKEN in workflow --------- Co-authored-by: Fenton Haslam <50406962+Fentonhaslam@users.noreply.github.com> * Backport gov (#206) * Fix: Federated Authority configurations (#180) * fix federated authorities for qanet and node-dev-01 * chore: regenerate chain_specs * fix: rebuild preview chainspec --------- Co-authored-by: Ignacio Palacios <ignacio.palacios.santos@gmail.com> * [0.18.0 cherry-pick] Add midnight_ prefix to chain ID to follow Polkadot convention (#216) * Add `midnight_` prefix to chain ID to follow Polkadot convention (#188) * feat: add 'midnight_' prefix to all chain ids Network ID is created as a transformation of the chain id * chore: rebuild chainspecs * docs: add change file * feat: add check on network_id spec conformity * chore: rebuild chainspecs * Backport #142 (#220) * Feat: Federated Authority Observation - querying `db-sync` (#142) * feat: query governance data * test: e2e tests base for governance contracts * feat: adding governance contracts to local-env * aaarrrgggg deploy failing * feat: Governance contracts deployed to local-env * federate-authority-configs updated with expected contracts * feat: new members properly read from the minted nft * chore: clean up * feat: add new calls to set addresses and policy_id + benchmarks * nit * chore: make clippy happy * chore: add change file * feat: replace vec by PolicyId and MainchainAddress * chore: regenerate metadata * chore: make clippy happy * test: add test for contracts info setters * chore: update federated configs with preview real data + test fix * chore: regenerate metadata * chore: rebuild metadata * chore: rebuild chain_specs * [cherry-pick 0.18.0] Deduplicate Mapping types (#166) (#221) * Deduplicate Mapping types (#166) * chore: replace Mapping with MappingEntry Signed-off-by: yHSJ <josh@securitybot.info> * chore: changefile * chore: remove unnecessary conversions * fix: regenerate metadata * chore: update metadata * Add change tag * test: fix test compile errors --------- Signed-off-by: yHSJ <josh@securitybot.info> Co-authored-by: Giles Cope <gilescope@gmail.com> Co-authored-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com> Co-authored-by: Justin Frevert <justinfrevert@gmail.com> * chore: rebuild metadata * chore: rebuild chainspecs --------- Signed-off-by: yHSJ <josh@securitybot.info> Co-authored-by: Joshua Marchand (JSHy) <79121297+yHSJ@users.noreply.github.com> Co-authored-by: Giles Cope <gilescope@gmail.com> Co-authored-by: Justin Frevert <justinfrevert@gmail.com> * Fix node entrypoint (#217) * fix node entrypoint * test * last try * fix: node entrypoint passing `--` as an arg Found when running with SHOW_CONFIG=1: ``` NAME: args HELP: The arguments passed to the node TYPE: Vec < String > DEFAULT: SOURCES: cli CURRENT_VALUE: "--, " ``` --------- Co-authored-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com> * [cherry-pick 0.18.0] Update cNight Observation for new Datum structure (#189) (#225) * Update cNight Observation for new Datum structure (#189) * feat: update to follow new datum structure * test: fix tests * fix: DustPublicKey deserialized correctly (PM-19983); fix test * fix: check for DustPublicKey length; Fix missing dereg event (PM-20229) * refactor: rename types - more precise naming * refactor: rename fields for precision * feat: wrap cnight array types in new structs * feat: use McBlockHash and TxBlockHash in more places * fix: clippy warnings * docs: add change file * docs: add change file * docs: add change file * build: remove unused dep serde_arrays * chore: update metadata * feat: rename MappingEntry utxo_id -> utxo_tx_hash * feat: update type of utxo_tx_hash * feat: change type of cmst block hash * feat: add check for mapping validator auth token * chore: update sqlx cache * test: fix tests for cnight config validation * chore: update cnight config files * test: use aiken cnight smart contracts * fix: use new mapping validator address * chore: update metadata * test: fix tests after cnight pallet update * test: fix more tests, 2 e2e tests still failing * test: fix mint cnight tx budget * test: remove old typescript local-env tests * build: remove leftover target * build: remove leftover target --------- Co-authored-by: Radosław Sporny <404@rspo.dev> * chore: rebuild chainspecs --------- Co-authored-by: Radosław Sporny <404@rspo.dev> * Update governance contracts (#226) * fix: update node-dev-01 gov contracts * fix: qanet and preview gov contracts * chore: update chain-specs * Add `preprod` network (#265) * feat: add preprod network * nit * chore: change file * chore: preprod validators * chore: regenerate genesis * fix: align with preview * chore: update preprod pc-config * Revert "chore: update preprod pc-config" This reverts commit 5a43d4c. * Revert "fix: align with preview" This reverts commit 5c4d7e7. * chore: preprod chain-spec * fix: npm audit * fix * remove cache * :/ * change to trixie * Revert "remove cache" This reverts commit e6fdbe2. * recover no cache * Revert "change to trixie" This reverts commit d529e1d. * Revert ":/" This reverts commit 980d1a8. * logs * fix: update to trixie * Revert "logs" This reverts commit 6709891. * undo no-cache --------- Co-authored-by: Radosław Sporny <404@rspo.dev> * docs: reset changes (node-0.18.0-rc.6) * fix: fix main merge * fix: fix main merge 2 * fix: fix main merge 3 * fix: add mainchain memebers for preprod --------- Signed-off-by: yHSJ <josh@securitybot.info> Co-authored-by: Radosław Sporny <404@rspo.dev> Co-authored-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com> Co-authored-by: Squirrel <giles.cope@shielded.io> Co-authored-by: justinfrevert <81839854+justinfrevert@users.noreply.github.com> Co-authored-by: Fenton Haslam <50406962+Fentonhaslam@users.noreply.github.com> Co-authored-by: Ignacio Palacios <ignacio.palacios.santos@gmail.com> Co-authored-by: Joshua Marchand (JSHy) <79121297+yHSJ@users.noreply.github.com> Co-authored-by: Giles Cope <gilescope@gmail.com> Co-authored-by: Justin Frevert <justinfrevert@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

NachoPal added 2 commits November 14, 2025 10:56

feat: add preprod network

17ff792

nit

1bf7a86

NachoPal requested a review from a team as a code owner November 14, 2025 10:07

NachoPal marked this pull request as draft November 14, 2025 10:14

NachoPal and others added 8 commits November 14, 2025 11:19

chore: change file

5ce257d

chore: preprod validators

38c877d

chore: regenerate genesis

6b4931a

fix: align with preview

5c4d7e7

chore: update preprod pc-config

5a43d4c

Revert "chore: update preprod pc-config"

0063c24

This reverts commit 5a43d4c.

Revert "fix: align with preview"

2d9dc92

This reverts commit 5c4d7e7.

chore: preprod chain-spec

ccef8df

github-advanced-security AI found potential problems Nov 14, 2025

View reviewed changes

Comment thread res/preprod/chain-spec-abridged.json Dismissed

fix: npm audit

596da68

NachoPal marked this pull request as ready for review November 14, 2025 17:44

fix

8694510

github-advanced-security AI found potential problems Nov 17, 2025

View reviewed changes

NachoPal added 11 commits November 17, 2025 11:59

remove cache

e6fdbe2

:/

980d1a8

change to trixie

d529e1d

Revert "remove cache"

e2aa903

This reverts commit e6fdbe2.

recover no cache

d40f710

Revert "change to trixie"

610d473

This reverts commit d529e1d.

Revert ":/"

06347e3

This reverts commit 980d1a8.

logs

6709891

fix: update to trixie

c3f7648

Revert "logs"

90f247c

This reverts commit 6709891.

undo no-cache

5ed6f12

justinfrevert approved these changes Nov 17, 2025

View reviewed changes

NachoPal merged commit 717ff41 into release/node-0.18.0 Nov 17, 2025
39 of 40 checks passed

NachoPal deleted the nacho/add-preprod-network branch November 17, 2025 18:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add `preprod` network#265

Add `preprod` network#265
NachoPal merged 23 commits into
release/node-0.18.0from
nacho/add-preprod-network

NachoPal commented Nov 14, 2025 •

edited

Loading

Uh oh!

github-actions Bot commented Nov 14, 2025 •

edited

Loading

Uh oh!

Uh oh!

github-advanced-security AI left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

NachoPal commented Nov 14, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Overview

🗹 TODO before merging

📌 Submission Checklist

🧪 Testing Evidence

🔱 Fork Strategy

Links

Uh oh!

github-actions Bot commented Nov 14, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

github-advanced-security AI left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

NachoPal commented Nov 14, 2025 •

edited

Loading

github-actions Bot commented Nov 14, 2025 •

edited

Loading