Skip to content

Feat: add archive gateway authentication#63

Merged
brunomenezes merged 4 commits into
mainfrom
feat/add-archive-gateway-authentication
Jun 25, 2026
Merged

Feat: add archive gateway authentication#63
brunomenezes merged 4 commits into
mainfrom
feat/add-archive-gateway-authentication

Conversation

@brunomenezes

@brunomenezes brunomenezes commented Jun 25, 2026

Copy link
Copy Markdown
Collaborator

Summary

Code changes to add the required configuration to access the archive nodes provided by SubSquid (a.k.a SQD). As a stable and long-running API, it mostly uses the paid RPC service (e.g. Alchemy), but when it restarts for any reason, like cloud provider maintenance, etc. It will check the archive nodes first and receive a 403 response, breaking the processor, but the GraphQL API is not affected. Unfortunately, the data will gradually become stale

SQD Documentation ref: https://docs.sqd.dev/en/data/api-keys

@brunomenezes brunomenezes added Type: Chore Improvements to the code base and DX. It has no impact on external users e.g. Update deps Type: Refactor Code changes that neither adds a new feature nor fix a bug. labels Jun 25, 2026
@socket-security

Copy link
Copy Markdown

@socket-security

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm validator is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package-lock.jsonnpm/@subsquid/graphql-server@4.12.0npm/type-graphql@1.2.0-rc.1npm/validator@13.15.35

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/validator@13.15.35. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@brunomenezes brunomenezes requested a review from tuler June 25, 2026 10:08
@brunomenezes brunomenezes moved this from Todo to Waiting review in Rollups SDK Jun 25, 2026
@github-project-automation github-project-automation Bot moved this from Waiting review to Waiting Merge in Rollups SDK Jun 25, 2026
@brunomenezes brunomenezes merged commit 9dff515 into main Jun 25, 2026
4 checks passed
@github-project-automation github-project-automation Bot moved this from Waiting Merge to Done in Rollups SDK Jun 25, 2026
@brunomenezes brunomenezes deleted the feat/add-archive-gateway-authentication branch June 25, 2026 14:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Type: Chore Improvements to the code base and DX. It has no impact on external users e.g. Update deps Type: Refactor Code changes that neither adds a new feature nor fix a bug.

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

2 participants