Skip to content

Fix/ledger ble#791

Merged
ByteZhang1024 merged 5 commits into
onekeyfrom
fix/ledger_ble
May 15, 2026
Merged

Fix/ledger ble#791
ByteZhang1024 merged 5 commits into
onekeyfrom
fix/ledger_ble

Conversation

@ByteZhang1024
Copy link
Copy Markdown
Contributor

@ByteZhang1024 ByteZhang1024 commented May 14, 2026

No description provided.

@ByteZhang1024 ByteZhang1024 mentioned this pull request May 14, 2026
Merged
@revan-zhang
Copy link
Copy Markdown
Contributor

revan-zhang commented May 14, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 14, 2026
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @react-native/debugger-frontend is 96.0% likely obfuscated

Confidence: 0.96

Location: Package overview

From: ?npm/expo@54.0.20npm/@react-native/debugger-frontend@0.81.5

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@react-native/debugger-frontend@0.81.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@ByteZhang1024 ByteZhang1024 enabled auto-merge (squash) May 14, 2026 06:17
wabicai
wabicai previously approved these changes May 14, 2026
View reviewed changes
@ByteZhang1024
Copy link
Copy Markdown
Contributor Author

ByteZhang1024 commented May 14, 2026

@SocketSecurity ignore npm/es5-ext@0.10.64

@ByteZhang1024
Copy link
Copy Markdown
Contributor Author

ByteZhang1024 commented May 15, 2026

@SocketSecurity ignore npm/@ledgerhq/device-management-kit@1.2.0

@ByteZhang1024 ByteZhang1024 force-pushed the fix/ledger_ble branch 2 times, most recently from d57bf9d to 7678297 Compare May 15, 2026 03:11
@ByteZhang1024
fix: stabilize ledger device discovery
77b0163
@ByteZhang1024
fix(core): avoid re-prompting safety checks within one allNetwork req…
d422dad 
…uest

Track whether ApplySettings(PromptTemporarily) has been applied on the
parent allNetwork method, and propagate that state to child methods so
each sub-call doesn't re-issue the safety prompt for the same request.
@ByteZhang1024
style(ledger): apply eslint --fix to satisfy prettier and import order
9c4e634
@ByteZhang1024
fix(ledger): route DeviceNotInDiscoveryCache through DeviceNotFound
1cd5291 
LedgerDeviceManager.connect() throws this tag when dm.connect(path) hits
a path not in _discovered. The connector's doConnect catch only wraps it
on the BLE-direct-connect path; non-direct BLE and USB paths leaked the
tag uncoded — getting mapped to ThirdPartyUnknownError (USB) or
BleGattBondingFailed (BLE-non-direct) downstream.

Adding the tag to DEVICE_NOT_FOUND_TAGS makes mapLedgerError classify it
as HardwareErrorCode.DeviceNotFound on every path, so the upper layer
produces a consistent ThirdPartyDeviceNotFound error.
@ByteZhang1024
chore: release 1.1.26
dbd95ee
@ByteZhang1024 ByteZhang1024 merged commit 25f2737 into onekey May 15, 2026
6 of 8 checks passed
@ByteZhang1024 ByteZhang1024 deleted the fix/ledger_ble branch May 15, 2026 03:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@originalix originalix originalix approved these changes

@wabicai wabicai wabicai left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ByteZhang1024 @revan-zhang @originalix @wabicai