run update periphery before synching whitelist

[0xDEnYO]

Why did I implement it this way?

This makes sure that the whitelist party maintained by the SC team are always up to date when running the sync whitelist command

Checklist before requesting a review

• I have performed a self-review of my code
• This pull request is as small as possible and only tackles one problem
• I have added tests that cover the functionality / test the bug
• For new facets: I have checked all points from this list: https://www.notion.so/lifi/New-Facet-Contract-Checklist-157f0ff14ac78095a2b8f999d655622e
• I have updated any required documentation

Checklist for reviewer (DO NOT DEPLOY and contracts BEFORE CHECKING THIS!!!)

• I have checked that any arbitrary calls to external contracts are validated and or restricted
• I have checked that any privileged calls (i.e. storage modifications) are validated and or restricted
• I have ensured that any new contracts have had AT A MINIMUM 1 preliminary audit conducted on by <company/auditor>

[coderabbitai]

Walkthrough

The change adds a pre-sync prerequisite step to diamondSyncWhitelist.sh that executes a TypeScript whitelist updater (updateWhitelistPeriphery.ts via bunx tsx) before proceeding with token-contracts logic, with informational messaging and failure handling integrated into the existing control flow.

Changes

Cohort / File(s)	Summary
Pre-sync whitelist update script/tasks/diamondSyncWhitelist.sh	Inserts prerequisite step to run updateWhitelistPeriphery.ts for updating periphery and composer whitelist entries; adds informational messages and routes failures through existing checkFailure mechanism

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify the script path and execution method (bunx tsx) are correct and available in the environment
• Confirm the prerequisite runs in all necessary execution paths and doesn't interfere with conditional logic
• Check that informational messages and error handling integrate cleanly with existing script patterns

Possibly related PRs

• New whitelist format #1405: Introduces the updateWhitelistPeriphery.ts script and whitelist format changes that this PR directly calls as a pre-sync step
• improve multi-chain execution (and log output) for syncWhitelist script #1496: Also modifies script/tasks/diamondSyncWhitelist.sh with restructured control flow and logging in the same script file
• composer added to whitelist.json #1482: Adds substantial changes to updateWhitelistPeriphery.ts and Composer whitelist data—directly related to the script being invoked by this PR

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: updating periphery before whitelist synching is the primary modification to the script.
Description check	✅ Passed	The description includes a rationale section and both required checklists with items marked appropriately, covering the essential template requirements despite some unchecked items.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch whitelist-script-update

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 101084a and 0f7d11c.

📒 Files selected for processing (1)

• script/tasks/diamondSyncWhitelist.sh (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

script/**/*.sh

📄 CodeRabbit inference engine (conventions.md)

script/**/*.sh: Bash scripts must begin with #!/bin/bash, use modular functions with clear sections (Logging, Error handling and logging, Deployment functions), follow DRY principle using helper files, use consistent indentation and naming, include proper comments and documentation
Bash scripts must use helper functions for logging (echoDebug, error, warning, success), validate inputs and environment early, check function exit status with checkFailure, use set -e where appropriate, and provide automated retry mechanisms for RPC issues

Files:

• script/tasks/diamondSyncWhitelist.sh

🧠 Learnings (26)

📓 Common learnings

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1334
File: deployments/mainnet.json:54-54
Timestamp: 2025-08-26T02:20:52.515Z
Learning: For deployment PRs in the lifinance/contracts repository, carefully verify the specific scope mentioned in the PR title and description before suggesting updates to other networks. Not all deployments are cross-network updates - some are targeted to specific chains only.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1256
File: deployments/zksync.diamond.json:81-87
Timestamp: 2025-07-04T08:59:08.108Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1168
File: script/deploy/_targetState.json:1564-1589
Timestamp: 2025-05-27T12:36:26.987Z
Learning: When reviewing deployment PRs in the lifinance/contracts repository, target state configuration files (like script/deploy/_targetState.json) may be updated for multiple networks even when the PR is focused on deploying to a specific network. The scope should be determined by the PR title and description, not just by all configuration changes present in the files.

Learnt from: mirooon
Repo: lifinance/contracts PR: 1283
File: deployments/ronin.diamond.json:65-68
Timestamp: 2025-08-07T10:20:01.383Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) and deployment log files have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs involving address updates like the RelayFacet to Worldchain, verify the actual presence of entries in files before reporting issues. The RelayFacet exists in the diamond log file and the PR diff already contains the necessary address change.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1325
File: script/tasks/diamondSyncDEXs.sh:116-116
Timestamp: 2025-08-27T08:45:59.606Z
Learning: In script/tasks/diamondSyncDEXs.sh, user 0xDEnYO has chosen to selectively apply ShellCheck fixes, keeping array assignments using $() construct and other patterns as-is in their controlled deployment environment, prioritizing functionality over strict ShellCheck compliance.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs updating contract addresses (like RelayFacet on Worldchain), verify the presence of entries in all relevant files (worldchain.json, worldchain.diamond.json, _deployments_log_file.json) before reporting inconsistencies. The RelayFacet entry exists in all required deployment files with the correct address.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1266
File: script/deploy/safe/execute-pending-timelock-tx.ts:129-129
Timestamp: 2025-07-17T04:21:50.790Z
Learning: In the lifinance/contracts repository, 0xDEnYO prefers not to add private key format validation in deployment scripts like execute-pending-timelock-tx.ts, prioritizing code simplicity over strict validation in their controlled environment.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1266
File: script/deploy/safe/execute-pending-timelock-tx.ts:334-334
Timestamp: 2025-07-17T04:21:55.549Z
Learning: In the lifinance/contracts repository, 0xDEnYO prefers to keep private key processing simple in scripts like execute-pending-timelock-tx.ts without adding format validation, prioritizing code simplicity over strict validation in controlled environments.

Learnt from: mirooon
Repo: lifinance/contracts PR: 1524
File: config/whitelist.json:3235-3241
Timestamp: 2025-12-10T17:25:01.008Z
Learning: Repo lifinance/contracts: In config/whitelist.json, selectors may intentionally have an empty string ("") signature value (e.g., 0x0c307f76 in OKX entries). This is acceptable and should not be flagged. Overlap between whitelist.json and config/functionSelectorsToRemove.json is valid and does not imply removal or a missing signature.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 874
File: script/tasks/diamondSyncSigs.sh:88-88
Timestamp: 2024-11-26T01:50:51.809Z
Learning: In the 'lifinance/contracts' repository, scripts like 'script/tasks/diamondSyncSigs.sh' are executed only on local machines where private keys are securely managed, so additional private key security improvements are not required.

Learnt from: mirooon
Repo: lifinance/contracts PR: 1145
File: script/tasks/diamondSyncWhitelistedAddresses.sh:208-209
Timestamp: 2025-06-05T10:00:01.583Z
Learning: Task scripts in script/tasks/ directory (like diamondSyncWhitelistedAddresses.sh) define functions that are sourced by deployAllContracts.sh and called from there, rather than executing directly. They don't need to call their own functions at the end of the file.

Learnt from: CR
Repo: lifinance/contracts PR: 0
File: conventions.md:0-0
Timestamp: 2025-12-02T10:08:06.478Z
Learning: Applies to test/**/*.t.sol : For facets requiring whitelist functionality, test contracts should inherit from TestWhitelistManagerBase and use its functions (addToWhitelist, removeFromWhitelist, setFunctionWhitelistBySelector, removeFunctionApprovalBySelector)

Learnt from: mirooon
Repo: lifinance/contracts PR: 1524
File: config/whitelist.json:4358-4366
Timestamp: 2025-12-10T17:36:50.095Z
Learning: Repo lifinance/contracts: In config/whitelist.json, temporary network keys (e.g., "stable") may appear under DEX entries (such as Fly) while deployments are in progress and the corresponding chain configuration PR hasn’t merged yet. This is expected, does not break the workflow, and should not be flagged as an unsupported chain key.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1102
File: script/tasks/diamondSyncSigs_FAST.sh:14-18
Timestamp: 2025-04-23T05:20:45.831Z
Learning: In the lifinance/contracts repository, the `diamondSyncSigs_FAST` function in script/tasks/diamondSyncSigs_FAST.sh doesn't need explicit parameter validation (like for the ENVIRONMENT parameter) because it's called from a master script that ensures these parameters are available.

Learnt from: mirooon
Repo: lifinance/contracts PR: 1193
File: script/tasks/diamondSyncWhitelistedAddresses.sh:97-97
Timestamp: 2025-06-06T16:10:04.674Z
Learning: In script/tasks/diamondSyncWhitelistedAddresses.sh (lines 97 and 133), there are shell array assignments using command substitution that should be fixed using mapfile instead: `WHITELISTED_ADDRESSES=($(getApprovedWhitelistedAddresses))` should be `mapfile -t WHITELISTED_ADDRESSES < <(getApprovedWhitelistedAddresses)` and similarly for `WHITELISTED_ADDRESSES_UPDATED`. User mirooon requested to be reminded of this issue in future PRs when this file is modified.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 874
File: script/tasks/diamondSyncSigs.ts:132-139
Timestamp: 2024-11-25T09:37:51.935Z
Learning: In `script/tasks/diamondSyncSigs.ts`, when there are no cleanup actions required, using `process.exit()` directly is acceptable, and there's no need to implement a graceful shutdown function.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1196
File: script/helperFunctions.sh:1447-1462
Timestamp: 2025-06-19T06:23:47.848Z
Learning: 0xDEnYO prefers to keep eval usage in local bash scripts when the security risk is acceptable in their controlled environment, prioritizing simplicity over security hardening for local tooling.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1266
File: script/deploy/safe/execute-pending-timelock-tx.ts:627-628
Timestamp: 2025-07-17T04:21:26.825Z
Learning: In the lifinance/contracts repository, 0xDEnYO prefers to keep '0x0' as a fallback address in gas estimation calls rather than throwing errors when the wallet account address is not available, prioritizing code simplicity over strict validation.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1212
File: .github/workflows/convertForkedPRsToInternal.yml:81-106
Timestamp: 2025-07-16T06:18:02.682Z
Learning: 0xDEnYO prefers to use printf "%q" for shell escaping in GitHub workflows to increase security and protection from potential injections, even when it might cause formatting issues, prioritizing security over convenience.

📚 Learning: 2024-11-26T01:50:51.809Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 874
File: script/tasks/diamondSyncSigs.sh:88-88
Timestamp: 2024-11-26T01:50:51.809Z
Learning: In the 'lifinance/contracts' repository, scripts like 'script/tasks/diamondSyncSigs.sh' are executed only on local machines where private keys are securely managed, so additional private key security improvements are not required.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-08-27T08:45:59.606Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1325
File: script/tasks/diamondSyncDEXs.sh:116-116
Timestamp: 2025-08-27T08:45:59.606Z
Learning: In script/tasks/diamondSyncDEXs.sh, user 0xDEnYO has chosen to selectively apply ShellCheck fixes, keeping array assignments using $() construct and other patterns as-is in their controlled deployment environment, prioritizing functionality over strict ShellCheck compliance.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-06-05T10:00:01.583Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1145
File: script/tasks/diamondSyncWhitelistedAddresses.sh:208-209
Timestamp: 2025-06-05T10:00:01.583Z
Learning: Task scripts in script/tasks/ directory (like diamondSyncWhitelistedAddresses.sh) define functions that are sourced by deployAllContracts.sh and called from there, rather than executing directly. They don't need to call their own functions at the end of the file.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-07-04T08:59:08.108Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1256
File: deployments/zksync.diamond.json:81-87
Timestamp: 2025-07-04T08:59:08.108Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-12-02T10:08:06.478Z

Learnt from: CR
Repo: lifinance/contracts PR: 0
File: conventions.md:0-0
Timestamp: 2025-12-02T10:08:06.478Z
Learning: Applies to test/**/*.t.sol : For facets requiring whitelist functionality, test contracts should inherit from TestWhitelistManagerBase and use its functions (addToWhitelist, removeFromWhitelist, setFunctionWhitelistBySelector, removeFunctionApprovalBySelector)

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-12-10T17:36:50.095Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1524
File: config/whitelist.json:4358-4366
Timestamp: 2025-12-10T17:36:50.095Z
Learning: Repo lifinance/contracts: In config/whitelist.json, temporary network keys (e.g., "stable") may appear under DEX entries (such as Fly) while deployments are in progress and the corresponding chain configuration PR hasn’t merged yet. This is expected, does not break the workflow, and should not be flagged as an unsupported chain key.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-08-07T10:20:01.383Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1283
File: deployments/ronin.diamond.json:65-68
Timestamp: 2025-08-07T10:20:01.383Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) and deployment log files have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-04-21T03:17:53.443Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs involving address updates like the RelayFacet to Worldchain, verify the actual presence of entries in files before reporting issues. The RelayFacet exists in the diamond log file and the PR diff already contains the necessary address change.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-04-21T03:17:53.443Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs updating contract addresses (like RelayFacet on Worldchain), verify the presence of entries in all relevant files (worldchain.json, worldchain.diamond.json, _deployments_log_file.json) before reporting inconsistencies. The RelayFacet entry exists in all required deployment files with the correct address.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-12-10T17:25:01.008Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1524
File: config/whitelist.json:3235-3241
Timestamp: 2025-12-10T17:25:01.008Z
Learning: Repo lifinance/contracts: In config/whitelist.json, selectors may intentionally have an empty string ("") signature value (e.g., 0x0c307f76 in OKX entries). This is acceptable and should not be flagged. Overlap between whitelist.json and config/functionSelectorsToRemove.json is valid and does not imply removal or a missing signature.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-06-06T16:10:04.674Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1193
File: script/tasks/diamondSyncWhitelistedAddresses.sh:97-97
Timestamp: 2025-06-06T16:10:04.674Z
Learning: In script/tasks/diamondSyncWhitelistedAddresses.sh (lines 97 and 133), there are shell array assignments using command substitution that should be fixed using mapfile instead: `WHITELISTED_ADDRESSES=($(getApprovedWhitelistedAddresses))` should be `mapfile -t WHITELISTED_ADDRESSES < <(getApprovedWhitelistedAddresses)` and similarly for `WHITELISTED_ADDRESSES_UPDATED`. User mirooon requested to be reminded of this issue in future PRs when this file is modified.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-06-06T16:09:58.692Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1193
File: script/tasks/diamondSyncWhitelistedAddresses.sh:128-128
Timestamp: 2025-06-06T16:09:58.692Z
Learning: In script/tasks/diamondSyncWhitelistedAddresses.sh at line 128, there is an unquoted command substitution `$(getPrivateKey "$NETWORK" "$ENVIRONMENT")` that should be quoted as `"$(getPrivateKey "$NETWORK" "$ENVIRONMENT")"` to prevent word splitting issues. The user mirooon wants to be reminded about this issue in future PRs when this file is touched.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2024-10-04T09:21:59.708Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 819
File: deployments/polygon.json:0-0
Timestamp: 2024-10-04T09:21:59.708Z
Learning: Ensure that scripts used for codebase verification produce valid and accurate results before reporting issues, especially when checking Ethereum address checksums in `deployments/polygon.json`.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-05-27T12:36:26.987Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1168
File: script/deploy/_targetState.json:1564-1589
Timestamp: 2025-05-27T12:36:26.987Z
Learning: When reviewing deployment PRs in the lifinance/contracts repository, target state configuration files (like script/deploy/_targetState.json) may be updated for multiple networks even when the PR is focused on deploying to a specific network. The scope should be determined by the PR title and description, not just by all configuration changes present in the files.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-09-09T10:39:26.383Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1357
File: deployments/lens.diamond.json:48-51
Timestamp: 2025-09-09T10:39:26.383Z
Learning: In the lifinance/contracts repository, when deployment JSON files show address changes (like AcrossFacetV3 address updates in deployments/*.diamond.json), the corresponding _deployments_log_file.json updates may be handled in separate PRs rather than the same PR that updates the diamond configuration files.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2024-11-26T01:18:52.125Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 782
File: script/deploy/deploySingleContract.sh:231-231
Timestamp: 2024-11-26T01:18:52.125Z
Learning: In the `deploySingleContract.sh` script, environment variable assignments preceding the `forge script` command (e.g., `DEPLOYSALT=$DEPLOYSALT ... forge script ...`) are acceptable and function correctly, even when variable expansions like `$DIAMOND_TYPE` and `$NETWORK` are used later in the same command.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-11-06T10:38:55.953Z

Learnt from: ezynda3
Repo: lifinance/contracts PR: 1450
File: script/deploy/safe/safe-utils.ts:926-926
Timestamp: 2025-11-06T10:38:55.953Z
Learning: In the `script/deploy/safe/safe-utils.ts` file, within the `getSafeMongoCollection()` function, the VPN IP address '18.195.61.255' should remain hardcoded rather than being moved to an environment variable.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-01-29T06:28:56.328Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 961
File: script/tasks/diamondUpdateFacet.sh:119-119
Timestamp: 2025-01-29T06:28:56.328Z
Learning: In shell scripts, environment variables can be safely assigned inline with commands (e.g., `VAR=value command`) when they are only needed for that specific command execution, as demonstrated in the `diamondUpdateFacet.sh` script.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-06-24T01:27:58.260Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1231
File: script/helperFunctions.sh:3641-3646
Timestamp: 2025-06-24T01:27:58.260Z
Learning: In the script/helperFunctions.sh codebase, the scripts have existing validation mechanisms that ensure the ENVIRONMENT parameter is always either "production" or "staging" before reaching functions like updateDiamondLogs, making additional validation within individual functions redundant.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-12-02T10:08:06.478Z

Learnt from: CR
Repo: lifinance/contracts PR: 0
File: conventions.md:0-0
Timestamp: 2025-12-02T10:08:06.478Z
Learning: Applies to script/demoScripts/**/*.ts : Use setupEnvironment() from demoScriptHelpers.ts for viem client setup, ensureBalance() and ensureAllowance() for token checks, executeTransaction() for transaction execution, createContractObject() for ERC20 contracts, and getEnvVar() for environment variable access

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-08-01T22:11:04.478Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1193
File: deployments/base.staging.json:6-6
Timestamp: 2025-08-01T22:11:04.478Z
Learning: The user mirooon prefers to maintain both DexManagerFacet and WhitelistManagerFacet entries in staging deployment configurations during migration periods, even when the DexManagerFacet contract no longer exists in the codebase. This approach allows for backward compatibility testing and rollback capabilities in the staging environment.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-08-26T02:20:52.515Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1334
File: deployments/mainnet.json:54-54
Timestamp: 2025-08-26T02:20:52.515Z
Learning: For deployment PRs in the lifinance/contracts repository, carefully verify the specific scope mentioned in the PR title and description before suggesting updates to other networks. Not all deployments are cross-network updates - some are targeted to specific chains only.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2024-11-26T01:03:43.597Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 782
File: deployments/scroll.diamond.json:111-111
Timestamp: 2024-11-26T01:03:43.597Z
Learning: When reviewing pull requests, only point out missing contract addresses in `deployments/<network>.diamond.json` if the contract's address is present in `deployments/<network>.json` but missing in `deployments/<network>.diamond.json`. If the contract is not deployed on a network (i.e., not present in `deployments/<network>.json`), then no action is needed.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2024-10-04T09:17:19.275Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 819
File: deployments/avalanche.diamond.json:105-105
Timestamp: 2024-10-04T09:17:19.275Z
Learning: In the `lifinance/contracts` repository, contracts may have different addresses across networks. Do not check if contracts have the same addresses across all networks in future reviews.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-03-21T13:48:54.006Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1048
File: script/deploy/safe/safe-decode-utils.ts:0-0
Timestamp: 2025-03-21T13:48:54.006Z
Learning: When reviewing PRs with a specific focused purpose (like migrating between package managers), restrict suggestions to issues directly related to that purpose rather than general code improvements.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

🧬 Code graph analysis (1)

script/tasks/diamondSyncWhitelist.sh (1)

script/helperFunctions.sh (1)

• checkFailure (3095-3105)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: run-unit-tests

🔇 Additional comments (1)

script/tasks/diamondSyncWhitelist.sh (1)

13-18: LGTM! ✅

The pre-sync step for updating whitelist periphery is correctly positioned before the main sync logic. The error handling via checkFailure is appropriate, path formatting aligns with deployAllContracts.sh, and the intentional design choice to omit the ENVIRONMENT parameter (to update both production and staging whitelists) is sound and addresses the PR objective.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• JIRA integration encountered authorization issues. Please disconnect and reconnect the integration in the CodeRabbit UI.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 0e87633 and 101084a.

📒 Files selected for processing (2)

• config/whitelist.json (1 hunks)
• script/tasks/diamondSyncWhitelist.sh (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

script/**/*.sh

📄 CodeRabbit inference engine (conventions.md)

script/**/*.sh: Bash scripts must begin with #!/bin/bash, use modular functions with clear sections (Logging, Error handling and logging, Deployment functions), follow DRY principle using helper files, use consistent indentation and naming, include proper comments and documentation
Bash scripts must use helper functions for logging (echoDebug, error, warning, success), validate inputs and environment early, check function exit status with checkFailure, use set -e where appropriate, and provide automated retry mechanisms for RPC issues

Files:

• script/tasks/diamondSyncWhitelist.sh

🧠 Learnings (13)

📓 Common learnings

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1334
File: deployments/mainnet.json:54-54
Timestamp: 2025-08-26T02:20:52.515Z
Learning: For deployment PRs in the lifinance/contracts repository, carefully verify the specific scope mentioned in the PR title and description before suggesting updates to other networks. Not all deployments are cross-network updates - some are targeted to specific chains only.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1168
File: script/deploy/_targetState.json:1564-1589
Timestamp: 2025-05-27T12:36:26.987Z
Learning: When reviewing deployment PRs in the lifinance/contracts repository, target state configuration files (like script/deploy/_targetState.json) may be updated for multiple networks even when the PR is focused on deploying to a specific network. The scope should be determined by the PR title and description, not just by all configuration changes present in the files.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1256
File: deployments/zksync.diamond.json:81-87
Timestamp: 2025-07-04T08:59:08.108Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Learnt from: mirooon
Repo: lifinance/contracts PR: 1283
File: deployments/ronin.diamond.json:65-68
Timestamp: 2025-08-07T10:20:01.383Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) and deployment log files have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 874
File: script/tasks/diamondSyncSigs.sh:88-88
Timestamp: 2024-11-26T01:50:51.809Z
Learning: In the 'lifinance/contracts' repository, scripts like 'script/tasks/diamondSyncSigs.sh' are executed only on local machines where private keys are securely managed, so additional private key security improvements are not required.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs involving address updates like the RelayFacet to Worldchain, verify the actual presence of entries in files before reporting issues. The RelayFacet exists in the diamond log file and the PR diff already contains the necessary address change.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1266
File: script/deploy/safe/execute-pending-timelock-tx.ts:334-334
Timestamp: 2025-07-17T04:21:55.549Z
Learning: In the lifinance/contracts repository, 0xDEnYO prefers to keep private key processing simple in scripts like execute-pending-timelock-tx.ts without adding format validation, prioritizing code simplicity over strict validation in controlled environments.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1325
File: script/tasks/diamondSyncDEXs.sh:116-116
Timestamp: 2025-08-27T08:45:59.606Z
Learning: In script/tasks/diamondSyncDEXs.sh, user 0xDEnYO has chosen to selectively apply ShellCheck fixes, keeping array assignments using $() construct and other patterns as-is in their controlled deployment environment, prioritizing functionality over strict ShellCheck compliance.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs updating contract addresses (like RelayFacet on Worldchain), verify the presence of entries in all relevant files (worldchain.json, worldchain.diamond.json, _deployments_log_file.json) before reporting inconsistencies. The RelayFacet entry exists in all required deployment files with the correct address.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1266
File: script/deploy/safe/execute-pending-timelock-tx.ts:129-129
Timestamp: 2025-07-17T04:21:50.790Z
Learning: In the lifinance/contracts repository, 0xDEnYO prefers not to add private key format validation in deployment scripts like execute-pending-timelock-tx.ts, prioritizing code simplicity over strict validation in their controlled environment.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 782
File: deployments/base.diamond.json:148-148
Timestamp: 2024-11-25T09:05:43.045Z
Learning: In deployment configuration files (e.g., `deployments/base.diamond.json`), empty addresses for contracts like `Permit2Proxy` may be placeholders and will be updated after approvals are released from the multisig safe.

Learnt from: CR
Repo: lifinance/contracts PR: 0
File: conventions.md:0-0
Timestamp: 2025-12-02T10:08:06.466Z
Learning: Applies to test/**/*.t.sol : For facets requiring whitelist functionality, test contracts should inherit from TestWhitelistManagerBase and use its functions (addToWhitelist, removeFromWhitelist, setFunctionWhitelistBySelector, removeFunctionApprovalBySelector)

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1196
File: script/helperFunctions.sh:1447-1462
Timestamp: 2025-06-19T06:23:47.848Z
Learning: 0xDEnYO prefers to keep eval usage in local bash scripts when the security risk is acceptable in their controlled environment, prioritizing simplicity over security hardening for local tooling.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1266
File: script/deploy/safe/execute-pending-timelock-tx.ts:627-628
Timestamp: 2025-07-17T04:21:26.825Z
Learning: In the lifinance/contracts repository, 0xDEnYO prefers to keep '0x0' as a fallback address in gas estimation calls rather than throwing errors when the wallet account address is not available, prioritizing code simplicity over strict validation.

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1212
File: .github/workflows/convertForkedPRsToInternal.yml:81-106
Timestamp: 2025-07-16T06:18:02.682Z
Learning: 0xDEnYO prefers to use printf "%q" for shell escaping in GitHub workflows to increase security and protection from potential injections, even when it might cause formatting issues, prioritizing security over convenience.

📚 Learning: 2025-08-27T08:45:59.606Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1325
File: script/tasks/diamondSyncDEXs.sh:116-116
Timestamp: 2025-08-27T08:45:59.606Z
Learning: In script/tasks/diamondSyncDEXs.sh, user 0xDEnYO has chosen to selectively apply ShellCheck fixes, keeping array assignments using $() construct and other patterns as-is in their controlled deployment environment, prioritizing functionality over strict ShellCheck compliance.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2024-11-26T01:50:51.809Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 874
File: script/tasks/diamondSyncSigs.sh:88-88
Timestamp: 2024-11-26T01:50:51.809Z
Learning: In the 'lifinance/contracts' repository, scripts like 'script/tasks/diamondSyncSigs.sh' are executed only on local machines where private keys are securely managed, so additional private key security improvements are not required.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-06-05T10:00:01.583Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1145
File: script/tasks/diamondSyncWhitelistedAddresses.sh:208-209
Timestamp: 2025-06-05T10:00:01.583Z
Learning: Task scripts in script/tasks/ directory (like diamondSyncWhitelistedAddresses.sh) define functions that are sourced by deployAllContracts.sh and called from there, rather than executing directly. They don't need to call their own functions at the end of the file.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-12-02T10:08:06.466Z

Learnt from: CR
Repo: lifinance/contracts PR: 0
File: conventions.md:0-0
Timestamp: 2025-12-02T10:08:06.466Z
Learning: Applies to test/**/*.t.sol : For facets requiring whitelist functionality, test contracts should inherit from TestWhitelistManagerBase and use its functions (addToWhitelist, removeFromWhitelist, setFunctionWhitelistBySelector, removeFunctionApprovalBySelector)

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-07-04T08:59:08.108Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1256
File: deployments/zksync.diamond.json:81-87
Timestamp: 2025-07-04T08:59:08.108Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-04-21T03:17:53.443Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs involving address updates like the RelayFacet to Worldchain, verify the actual presence of entries in files before reporting issues. The RelayFacet exists in the diamond log file and the PR diff already contains the necessary address change.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-01-28T14:29:00.823Z

Learnt from: ezynda3
Repo: lifinance/contracts PR: 924
File: script/deploy/zksync/utils/UpdateScriptBase.sol:112-178
Timestamp: 2025-01-28T14:29:00.823Z
Learning: The suggestion to modify `buildDiamondCut` function in `UpdateScriptBase.sol` to handle selectors from multiple old facets differently was deemed unnecessary by the maintainer.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-08-07T10:20:01.383Z

Learnt from: mirooon
Repo: lifinance/contracts PR: 1283
File: deployments/ronin.diamond.json:65-68
Timestamp: 2025-08-07T10:20:01.383Z
Learning: When analyzing deployment PRs in the lifinance/contracts repository, carefully verify that target state configuration files (like script/deploy/_targetState.json) and deployment log files have been updated before flagging missing entries. The AI summary section should be consulted to understand all file changes, as manual searches might miss entries due to formatting differences or search limitations.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-04-21T03:17:53.443Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1109
File: deployments/worldchain.json:28-28
Timestamp: 2025-04-21T03:17:53.443Z
Learning: For deployment PRs updating contract addresses (like RelayFacet on Worldchain), verify the presence of entries in all relevant files (worldchain.json, worldchain.diamond.json, _deployments_log_file.json) before reporting inconsistencies. The RelayFacet entry exists in all required deployment files with the correct address.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-11-13T09:20:21.608Z

Learnt from: ezynda3
Repo: lifinance/contracts PR: 1461
File: script/deploy/facets/UpdateWhitelistManagerFacet.s.sol:21-24
Timestamp: 2025-11-13T09:20:21.608Z
Learning: In deployment scripts that use the NO_BROADCAST flag (noBroadcast), the flag is specifically for building calldata for SAFE transactions (the diamondCut itself), not for helper contract deployments. Helper contracts like MigrateWhitelistManager need to be deployed regardless of the NO_BROADCAST flag setting, as they are prerequisites for the main diamondCut operation.

Applied to files:

• script/tasks/diamondSyncWhitelist.sh

📚 Learning: 2025-11-25T02:57:58.015Z

Learnt from: 0xDEnYO
Repo: lifinance/contracts PR: 1466
File: config/whitelist.json:2546-2554
Timestamp: 2025-11-25T02:57:58.015Z
Learning: In lifinance/contracts config/whitelist.json, the SushiSwap Aggregator uses functions:
- snwap(address,uint256,address,address,uint256,address,bytes) -> selector 0x5f3bd1c8
- snwapMultiple((address,uint256,address)[],(address,address,uint256)[],(address,uint256,bytes)[]) -> selector 0xd33721a5
These selectors are canonical across networks and valid for the monad entry as well. Always compute with Keccak-256 (not SHA3-256) when verifying.

Applied to files:

• config/whitelist.json

📚 Learning: 2025-11-14T12:58:18.040Z

Learnt from: ezynda3
Repo: lifinance/contracts PR: 1463
File: config/whitelist.json:24-26
Timestamp: 2025-11-14T12:58:18.040Z
Learning: In lifinance/contracts reviews, selectors must be verified by code or concrete on-chain evidence (ABI/tx) rather than assumed; provide a reproducible script or reference when proposing selector mappings.

Applied to files:

• config/whitelist.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: run-unit-tests
• GitHub Check: run-unit-tests

🔇 Additional comments (1)

config/whitelist.json (1)

7198-7207: No changes needed; signature and selector are correctly paired.

The signature "runVM((uint8,bytes32)[],(bytes[]))" with selector 0x00a32e6c is correct. The updateWhitelistPeriphery.ts script validates all selector/signature pairs using validateSelector(), which computes keccak256(signature) and compares the first 4 bytes against the provided selector. This entry exists in the whitelist, confirming it passed validation. The address 0x873fd892E827B9C3057f5A49A612EeecD6694cd3 is properly EIP-55 checksummed and consistent across config/whitelist.json and config/composerWhitelist.json.

Likely an incorrect or invalid review comment.

[mirooon]

I would put it below ENVIRONMENT variable definition and pass ENVIRONMENT param to updateWhitelistPeriphery.ts . Like we do in deployAllContracts.sh script

[0xDEnYO]

@mirooon
if we do not pass a parameter, then both whitelist files get updated.
I feel this is the correct and desired handling here, no?

(in the back of my mind there is also the point that we should soon update the whitelist on staging everytime we update on production so that we keep the staging setup in sync as Victor ran into problems there several times already)