brave / brave-site-specific-scripts Goto Github PK

Get the latest l10n from Transifex.

https://github.com/brave/brave-site-specific-scripts/network/alerts

There is an issue with Tip button on GitHub profile pages below contributions graph. It's misplaced into legends container and on click it doesn't work.

Version 1.23.71 Chromium: 90.0.4430.72 (Official Build) (x86_64)
GitHub with dark theme

Tip button and menu button (three dots) blocked by clipboard button.

Example: octocat/Spoon-Knife@d0dd1f6#r124496324

The .js-actions selector no longer works, and as a result the inline tipping button is no longer added.

Every time I start the latest version of Brave I am getting the following warnings logged in Windows Application Event Log:

[5616:4040:0828/034148.695:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension feipjgjfhmnfhhmbkclfopokbcgnpnnd installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_1271587990, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

[5616:4040:0828/034148.695:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension mjkjompjknhcipamakpfliebpggggpga installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_1674008644, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

[5616:4040:0828/034148.695:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension gajhkmnhhoadjcfchafgbekhgigglnkp installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_158010780, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

[5616:4040:0828/034148.694:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension ldopphkgfhfchjcgfilekhkifaodmegm installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_940507668, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

[5616:4040:0828/034148.694:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension bpkoijdaibakhfgahdfknbdcankhidoa installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_975507051, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

[5616:4040:0828/034148.694:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension eoceebklhjepohnakemchinmkdpbolgh installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_812818540, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

There seems to be 6 of them total, and they repeat in the log, but every time they have different scoped_dir, for example here is the first one from the above list just from a different browser start:

[8692:7068:0828/034120.253:WARNING:chrome_content_verifier_delegate.cc(213)] Corruption detected in extension feipjgjfhmnfhhmbkclfopokbcgnpnnd installed at: C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir8692_154979165, from webstore: 0, corruption reason: 1, should be repaired: 1, extension location: kComponent

Note the same "extension" ID but different path.

C:\Users\igor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Greaselion\Temp\scoped_dir5616_1271587990 folder contains the files youtubeBase.bundle.js and manifest.json.

Here is a ZIP archive of that folder: scoped_dir5616_1271587990.zip so you can try to determine what is going on.

I understand that this Greaselion is something similer to GreaseMonkey which I use.

I want to completely disable this script injection done by the browser, as well as all check, update, or repair activity tied to it.

If it is of any importance, I already have Brave Rewards disabled.

Please advise how I can accomplish that.

We had a few dependabot security alerts in this repo. I fixed one of them by performing the recommended upgrade, but that ended up triggering ~15 more alerts. I addressed several of those individually, but many of them eventually came down to us using the tslint package which is now deprecated.

The best way to address this is to upgrade all of our npm packages and migrate to eslint.

Hello, I'm getting the following warning in the browser console when navigating around GitHub:

This page was not restored from back/forward cache because a content script from the extension with ID eoceebklhjepohnakemchinmkdpbolgh received a message while the page was cached. This behavior will change shortly which may break the extension. If you are the developer of the extension, see https://developer.chrome.com/blog/bfcache-extension-messaging-changes.

According to "brave://extensions-internals" the ID belongs to Brave's greaselion. While we're at this, I don't understand why the extension is even active when I have disabled the "Show Brave Rewards button" option and haven't even set up Rewards.

https://github.com/brave/brave-site-specific-scripts/security/dependabot

Description

Currently, we set 'rewards-enabled' to TRUE, without consulting prefs at https://github.com/brave/brave-core/blob/5769e9dfb04898f8e750828fe0581d41322cd0d8/components/brave_rewards/browser/rewards_service_impl.cc#L1321, per @jonathansampson.

This is related to brave/brave-browser#14277.

Solution

Should check prefs as to whether Rewards has actually been enabled.

I just want my browser to browse the site cleanly without any addon.
Is it possible to turn it off?

see https://github.com/brave/brave-site-specific-scripts/security/dependabot for more details, ping me if you don't have access.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• Update jest monorepo (@types/jest, jest, jest-environment-jsdom)
• Update dependency @types/node to v14.18.63
• Update dependency eslint-plugin-import to v2.29.1
• Update dependency eslint-plugin-jest to v25.7.0
• Update dependency eslint-plugin-jsdoc to v39.9.1
• Update dependency ts-loader to v9.5.1
• Update dependency typescript to v4.9.5
• Update dependency webpack to v5.91.0
• Update actions/checkout action to v4
• Update github/codeql-action action to v3

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Pin dependencies (actions/checkout, github/codeql-action)
• Update dependency @types/chrome to v0.0.267
• Update dependency ts-jest to v28.0.8
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

When you visit a Twitter profile, Brave attempts to lookup publisher info for the author. These calls happen even if the Brave profile is brand new, and its user hasn't fully opted-in to Brave Rewards. We should not make these calls unless that user has opted-in.

Originally posted by @jonathansampson in #40 (comment)

see brave/brave-browser#11409

marking this for high prioritization based on this thread: https://bravesoftware.slack.com/archives/CB0KCRCQN/p1613880512000800

Is it possible to adapt brave-site-specific-scripts code to create a custom tip button for my own website?

Let's say I put the port.postMessage call, from github/tipping.ts, on a button on my website:

And replace the variables with my publisher data (plus other JS code like port), will it work?

I'm thinking to create a WordPress plugin so people can add a "Donate with Brave" button on their pages.

PS: Sorry in advance if this is not the right place for this kind of question. Let me know if there is a better place to ask this.

Where appropriate, text-nodes with brave://* patterns could be converted into clickable links. For example, Twitter automatically converts https://* into a clickable link, but does nothing for brave://*. Converting these text nodes to clickable links would be helpful as users could simply click to reach the desired resource.

From a support perspective, it is not uncommon to ask a user to "visit brave://rewards" and wind up having to explain to the user that this is a URL, which can be copied and pasted into their address bar.

This would only make sense where URL patterns are already converted. It would not be necessary to support platforms and sites where this automatic conversion does not already take place.

We could limit the linkable-paths to only a sensible list (e.g. rewards, settings, version).