removed nosec, fix typo, removed unessecary comment

.github/workflows/publish-release.yml

@@ -11,7 +11,7 @@ on:
         type: boolean
         required: false
         default: false
-        description: 'Use this to skip: gosec, gosec-cosmos, nosec_alert,check-changelog, check-upgrade-uandler-updated, build-test, smoke-test and go straight to approval step.'
+        description: 'Use this to skip: gosec, gosec-cosmos, check-changelog, check-upgrade-uandler-updated, build-test, smoke-test and go straight to approval step.'
 
 concurrency:
   group: publish-release
@@ -104,92 +104,6 @@ jobs:
         run: |
           echo "Check Skipped, Mark Green for Pipeline Execution"
 
-  nosec_alert:
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    env:
-      GO111MODULE: on
-    steps:
-      - name: Checkout Source
-        if: ${{ github.event.inputs.skip_checks != 'true' }}
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Getting files updated in the PR
-        if: ${{ github.event.inputs.skip_checks != 'true' }}
-        id: changed-files
-        uses: tj-actions/changed-files@v41
-        with:
-          base_sha: ${{ github.event.pull_request.base.sha }}
-
-      - name: List all changed files
-        if: ${{ github.event.inputs.skip_checks != 'true' }}
-        run: |
-          for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
-            echo "$file was changed"
-          done
-
-      - name: Report nosec usage
-        if: ${{ github.event.inputs.skip_checks != 'true' }}
-        run: |
-          nosec_list=()
-          nosec_detected=0
-          echo "Changed files: ${{ steps.changed-files.outputs.all_changed_files }}"
-                    
-          for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
-            if git diff ${{ github.event.pull_request.base.sha }} $file | grep -q nosec; then
-              echo "nosec detected in $file"
-              nosec_list+=("$file,")
-              nosec_detected=1
-            else
-              echo "nosec not detected in $file"
-            fi
-          done
-
-          nosec_list_string="${nosec_list[@]}"
-          nosec_list_string="${nosec_list_string%,}"
-          echo "nosec_files=$nosec_list_string" >> $GITHUB_ENV
-          echo "nosec_detected=$nosec_detected" >> $GITHUB_ENV
-
-      - name: Report nosec uses
-        uses: mshick/add-pr-comment@v2
-        if: ${{ env.nosec_detected == 1 && github.event.inputs.skip_checks != 'true' }}
-        with:
-          message: |
-            *!!!WARNING!!!*
-            `nosec` detected in the following files: ${{ env.nosec_files }}
-
-            Be very careful about using `#nosec` in code. It can be a quick way to suppress security warnings and move forward with development, it should be employed with caution. Suppressing warnings with #nosec can hide potentially serious vulnerabilities. Only use #nosec when you're absolutely certain that the security issue is either a false positive or has been mitigated in another way.
-
-            Only suppress a single rule (or a specific set of rules) within a section of code, while continuing to scan for other problems. To do this, you can list the rule(s) to be suppressed within the #nosec annotation, e.g: /* #nosec G401 */ or //#nosec G201 G202 G203
-            Broad `#nosec` annotations should be avoided, as they can hide other vulnerabilities. **The CI will block you from merging this PR until you remove `#nosec` annotations that do not target specific rules**.
-
-            Pay extra attention to the way `#nosec` is being used in the files listed above. 
-
-      - name: Add Label
-        uses: actions/github-script@v6
-        if: ${{ env.nosec_detected == 1 && github.event.inputs.skip_checks != 'true' }}
-        with:
-          script: |
-            github.rest.issues.addLabels({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              labels: ["nosec"]
-            })
-
-      - name: Check for '#nosec' without a specific rule
-        if: ${{ github.event.inputs.skip_checks != 'true' }}
-        run: |
-          DIFF=$(git diff ${{ github.event.pull_request.base.sha }})
-          echo "$DIFF" | grep -P '#nosec(?!(\sG\d{3}))(?![^\s\t])([\s\t]*|$)' && echo "nosec without specified rule found!" && exit 1 || exit 0
-
-      - name: Skip Checks Succeed for Needs.
-        if: ${{ github.event.inputs.skip_checks == 'true' }}
-        run: |
-          echo "Check Skipped, Mark Green for Pipeline Execution"
-
   check-changelog:
     runs-on: ubuntu-latest
     steps:
@@ -408,7 +322,6 @@ jobs:
       - gosec
       - gosec-cosmos
       - lint
-      - nosec_alert
       - check-changelog
       - check-upgrade-handler-updated
       - smoke-test

contrib/local-mainnet/zetacored/configs/start.sh

@@ -95,7 +95,6 @@ logt "Setup script variables."
 export STATE_SYNC_SERVER="${STATE_SYNC_SERVER}"
 export TRUST_HEIGHT=$(curl -s http://${STATE_SYNC_SERVER}/block | jq -r '.result.block.header.height')
 export HEIGHT=$((TRUST_HEIGHT-40000))
-#export HEIGHT=$((TRUST_HEIGHT-100))
 export TRUST_HASH=$(curl -s "http://${STATE_SYNC_SERVER}/block?height=${HEIGHT}" | jq -r '.result.block_id.hash')
 export RPC_STATE_SYNC_SERVERS="${RPC_STATE_SYNC_SERVERS}"
 export SEED="${SEED_NODE}"

readme.md

@@ -94,7 +94,7 @@ Currently, raising the proposal to deploy to testnet is a manual process via Gov
 
 ## Creating a Release / Hotfix Release
 
-To create a release yous simply execute the publish-release workflow and follow the steps below.
+To create a release simply execute the publish-release workflow and follow the steps below.
 
 ### Steps
  - Step 1. Go to this pipeline: https://github.com/zeta-chain/node/actions/workflows/publish-release.yml