198 Commits

Author SHA1 Message Date
dependabot[bot] 41d694c98d Bump the actions-minor group with 1 update (#34)
Bumps the actions-minor group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action).


Updates `anchore/sbom-action` from 0.15.9 to 0.15.10
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](https://github.com/anchore/sbom-action/compare/9fece9e20048ca9590af301449208b2b8861333b...ab5d7b5f48981941c4c5d6bf33aeb98fe3bae38c)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 08:16:29 -07:00
dependabot[bot] 0b5415aa25 Bump the npm-development group with 5 updates (#31)
Bumps the npm-development group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.11.28` | `20.11.30` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `7.2.0` | `7.3.1` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `7.2.0` | `7.3.1` |
| [eslint-plugin-jsonc](https://github.com/ota-meshi/eslint-plugin-jsonc) | `2.13.0` | `2.14.1` |
| [typescript](https://github.com/Microsoft/TypeScript) | `5.4.2` | `5.4.3` |


Updates `@types/node` from 20.11.28 to 20.11.30
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.2.0 to 7.3.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.3.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.2.0 to 7.3.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.3.1/packages/parser)

Updates `eslint-plugin-jsonc` from 2.13.0 to 2.14.1
- [Release notes](https://github.com/ota-meshi/eslint-plugin-jsonc/releases)
- [Changelog](https://github.com/ota-meshi/eslint-plugin-jsonc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ota-meshi/eslint-plugin-jsonc/compare/v2.13.0...v2.14.1)

Updates `typescript` from 5.4.2 to 5.4.3
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.4.2...v5.4.3)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: eslint-plugin-jsonc
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-25 08:07:53 -07:00
dependabot[bot] 817d650747 Bump the npm-development group with 2 updates (#29)
Bumps the npm-development group with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [typescript](https://github.com/Microsoft/TypeScript).


Updates `@types/node` from 20.11.24 to 20.11.28
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `typescript` from 5.3.3 to 5.4.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.3.3...v5.4.2)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-18 09:49:36 -07:00
Brian DeHamer 5d89d51206 Bump dev-deps group with 2 updates (#28)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-03-14 09:42:56 -07:00
dependabot[bot] f8e0f3ab00 Bump @typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 (#25)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.21.0 to 7.0.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.0.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-03-12 07:28:46 -07:00
dependabot[bot] e37c92d3ba Bump the actions-minor group with 1 update (#26)
Bumps the actions-minor group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action).


Updates `anchore/sbom-action` from 0.15.8 to 0.15.9
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](https://github.com/anchore/sbom-action/compare/b6a39da80722a2cb0ef5d197531764a89b5d48c3...9fece9e20048ca9590af301449208b2b8861333b)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-10 20:51:42 -07:00
Brian DeHamer d023f128e6 pin actions/attest to v0.1.0 (#22)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
v0.1.1
2024-03-05 13:11:49 -08:00
Brian DeHamer 48e5743928 add release instructions (#21)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
v0.1.0
2024-03-05 11:08:55 -08:00
Brian DeHamer 05284cc010 pin predicate action to 0.1.0 (#20)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-03-05 11:06:06 -08:00
Brian DeHamer 847c6befa7 rename internal action (phase 2) (#19)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
predicate@0.1.0
2024-03-04 15:22:18 -08:00
Brian DeHamer 7345afdf7b rename internal action (phase 1) (#18)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-03-04 15:16:57 -08:00
dependabot[bot] 2c07a865a6 Bump the npm-development group with 2 updates (#17)
Bumps the npm-development group with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [eslint-plugin-github](https://github.com/github/eslint-plugin-github).


Updates `@types/node` from 20.11.20 to 20.11.24
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `eslint-plugin-github` from 4.10.1 to 4.10.2
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.10.1...v4.10.2)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 06:35:31 -08:00
Brian DeHamer 5a5a50bfea for signing w/ private Sigstore instance (#16)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-29 16:30:33 -08:00
Brian DeHamer e6b5225a37 minor action.yml refactoring (#15)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-29 16:29:18 -08:00
Brian DeHamer 1f89084ff5 update reference to sub-action (#14)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-29 14:00:50 -08:00
Brian DeHamer 3eb264bd7e input refactor and readme updates (#13)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-29 11:59:05 -08:00
Eugene 69180bebd9 Unit Test (#12)
* annoying tests..

* update test

* udpate

* update the tests
2024-02-28 17:22:13 -08:00
Eugene 57dd0cd8d8 update the readme (#11)
* update the readme

* fixing lint

* fixing lint
2024-02-28 12:43:56 -08:00
Brian DeHamer a024fd602e import predicate type from @actions/attest (#10)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-27 08:18:56 -08:00
Brian DeHamer 775f7eda24 remove coverage badge (#7)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
Co-authored-by: Eugene <108841108+ejahnGithub@users.noreply.github.com>
2024-02-26 14:52:10 -08:00
Eugene 2b7ac0ae45 Update action.yml (#8) 2024-02-26 10:01:57 -08:00
Brian DeHamer 7596a93cc2 Merge pull request #6 from actions/workflow-fixup
workflow fixup
2024-02-23 17:32:30 -08:00
Brian DeHamer 3f55024f1e workflow fixup
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 17:28:11 -08:00
Brian DeHamer a4ea0a2090 Merge pull request #5 from actions/codeowners
add package-security team to CODEOWNERS
2024-02-23 17:27:09 -08:00
Brian DeHamer 8dc8dc4954 add package-security team to CODEOWNERS
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 17:16:44 -08:00
Brian DeHamer 1a76e89386 Merge pull request #4 from actions/dependabot/npm_and_yarn/npm-development-be7203e702
Bump the npm-development group with 3 updates
2024-02-23 16:09:41 -08:00
dependabot[bot] 58833e73bd Bump the npm-development group with 3 updates
Bumps the npm-development group with 3 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [eslint](https://github.com/eslint/eslint) and [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest).


Updates `@types/node` from 20.11.19 to 20.11.20
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `eslint` from 8.56.0 to 8.57.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.56.0...v8.57.0)

Updates `eslint-plugin-jest` from 27.6.3 to 27.9.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.6.3...v27.9.0)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-24 00:05:04 +00:00
Brian DeHamer ce9bc31c73 Merge pull request #1 from actions/dependabot/github_actions/super-linter/super-linter-6
Bump super-linter/super-linter from 5 to 6
2024-02-23 16:03:37 -08:00
Brian DeHamer ccb7df3d73 release script formatting
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 16:00:17 -08:00
Brian DeHamer 6722a1e353 use .node-version in ci workflow
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 15:52:36 -08:00
Brian DeHamer 3fc5fa9684 regen package-lock
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 15:52:23 -08:00
Brian DeHamer 425504667a fix permissions in codeql workflow
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 15:45:41 -08:00
Brian DeHamer 2c2f9f2e7f update fetch-depth for linter checkout
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 15:39:02 -08:00
dependabot[bot] fd71f88930 Bump super-linter/super-linter from 5 to 6
Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 5 to 6.
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](https://github.com/super-linter/super-linter/compare/v5...v6)

---
updated-dependencies:
- dependency-name: super-linter/super-linter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-23 23:15:09 +00:00
Eugene 2580b8b5da Merge pull request #3 from actions/eugene/attest-sbom
init attest sbom
2024-02-23 15:14:10 -08:00
ejahnGithub 9a8656b2b0 fix package.json 2024-02-23 15:08:41 -08:00
ejahnGithub ca0027b0ef fixed ci 2024-02-23 15:07:37 -08:00
ejahnGithub 44419f1051 clean eslint 2024-02-23 14:57:06 -08:00
ejahnGithub 5e05628c2a remove attest lib 2024-02-23 14:56:17 -08:00
ejahnGithub 541c5ce47a regenerate dist 2024-02-23 14:34:31 -08:00
ejahnGithub 2b3fc04d2a move generateSBOMStatement logic 2024-02-23 14:23:56 -08:00
ejahnGithub 169a8ea839 ci update 2024-02-23 12:43:18 -08:00
ejahnGithub dbe6e39e22 ci update 2024-02-23 12:33:59 -08:00
ejahnGithub 6246c41c1e ci update 2024-02-23 12:28:03 -08:00
ejahnGithub 2a70a04bc5 update ci 2024-02-23 10:47:42 -08:00
ejahnGithub da027096a7 update ci 2024-02-22 08:48:04 -08:00
ejahnGithub 21c8450480 init attest sbom 2024-02-22 08:46:34 -08:00
Brian DeHamer 622dcc06e2 Initial commit 2024-02-20 11:28:19 -08:00