Compare commits

...

13 Commits

Author SHA1 Message Date
Brian DeHamer c29e4e9225 update release documentation (#59)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-10 10:48:50 -07:00
Brian DeHamer 798ee587a2 bump actions/attest from v1.1.0 to v1.1.1 (#61)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-10 10:48:30 -07:00
Brian DeHamer 7d87da1e33 Bump actions/attest to v1.1.0 (#58)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-06 12:15:31 -07:00
Brian DeHamer e318c7dfea fix typos in README and action.yml (#57)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-06 12:14:46 -07:00
dependabot[bot] 614575ea4f Bump the npm-development group with 5 updates (#56)
Bumps the npm-development group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.12.7` | `20.12.8` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `7.7.1` | `7.8.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `7.7.1` | `7.8.0` |
| [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `28.3.0` | `28.5.0` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | `0.39.0` | `0.40.0` |


Updates `@types/node` from 20.12.7 to 20.12.8
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.7.1 to 7.8.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.8.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.7.1 to 7.8.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.8.0/packages/parser)

Updates `eslint-plugin-jest` from 28.3.0 to 28.5.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.3.0...v28.5.0)

Updates `markdownlint-cli` from 0.39.0 to 0.40.0
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.39.0...v0.40.0)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: markdownlint-cli
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-06 09:44:27 -07:00
Brian DeHamer d00b213255 disable github action linting (#54)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-01 14:01:58 -07:00
Brian DeHamer f975621746 add readme link to gh docs (#53)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-01 13:58:45 -07:00
Brian DeHamer 5297f161fa add branding metadata (#52)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-30 11:54:08 -07:00
Phill MV 10c27177cd Update README.md to point to attestation cli manual (#51) 2024-04-30 10:19:11 -04:00
dependabot[bot] c80e3ed30c Bump the npm-development group with 4 updates (#50)
Bumps the npm-development group with 4 updates: [@actions/attest](https://github.com/actions/toolkit/tree/HEAD/packages/attest), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest).


Updates `@actions/attest` from 1.1.0 to 1.2.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/attest/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/attest)

Updates `@typescript-eslint/eslint-plugin` from 7.7.0 to 7.7.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.7.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.7.0 to 7.7.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.7.1/packages/parser)

Updates `eslint-plugin-jest` from 28.2.0 to 28.3.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.2.0...v28.3.0)

---
updated-dependencies:
- dependency-name: "@actions/attest"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 12:20:57 -07:00
Brian DeHamer c168f2354d fix reference to actions/attest (#49)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-26 13:35:58 -07:00
Brian DeHamer 5448b22ebd update readme with SBOM generation example (#48)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-25 16:41:57 -07:00
Brian DeHamer b125530ffd update action references (#47)
Bump actions/attest-sbom/predicate from 0.1.0 to 1.0.0
Bump actions/attest from 0.1.0 to 1.0.0

Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-25 12:50:52 -07:00
6 changed files with 206 additions and 142 deletions
+2 -1
View File
@@ -46,4 +46,5 @@ jobs:
TYPESCRIPT_DEFAULT_STYLE: prettier
VALIDATE_ALL_CODEBASE: true
VALIDATE_JAVASCRIPT_STANDARD: false
VALIDATE_JSCPD: false
VALIDATE_JSCPD: false
VALIDATE_GITHUB_ACTIONS: false
+21 -9
View File
@@ -18,9 +18,12 @@ Once the attestation has been created and signed, it will be uploaded to the GH
attestations API and associated with the repository from which the workflow was
initiated.
Attestations can be verified using the `attestation` command in the [GitHub
Attestations can be verified using the [`attestation` command in the GitHub
CLI][7].
See [Using artifact attestations to establish provenance for builds][11]
for more information on artifact attestations.
## Usage
Within the GitHub Actions workflow which builds some artifact you would like to
@@ -38,7 +41,8 @@ attest:
necessary to request a Sigstore signing certificate. The `attestations`
permission is necessary to persist the attestation.
1. Add the following to your workflow after your artifact has been built:
1. Add the following to your workflow after your artifact has been built and
your SBOM has been generated:
```yaml
- uses: actions/attest-sbom@v1
@@ -47,7 +51,7 @@ attest:
sbom-path: '<PATH TO SBOM>'
```
The `subject-path` parameter should identity the artifact for which you want
The `subject-path` parameter should identify the artifact for which you want
to generate an SBOM attestation. The `sbom-path` parameter should identify
the SBOM document to be associated with the subject.
@@ -56,13 +60,13 @@ attest:
See [action.yml](action.yml)
```yaml
- uses: actions/attest@v1
- uses: actions/attest-sbom@v1
with:
# Path to the artifact serving as the subject of the attestation. Must
# specify exactly one of "subject-path" or "subject-digest".
subject-path:
# SHA256 digest of the subject for for the attestation. Must be in the form
# SHA256 digest of the subject for the attestation. Must be in the form
# "sha256:hex_digest" (e.g. "sha256:abc123..."). Must specify exactly one
# of "subject-path" or "subject-digest".
subject-digest:
@@ -129,12 +133,15 @@ jobs:
- name: Build artifact
run: make my-app
- name: Generate SBOM
run: make sbom
uses: anchore/sbom-action@v0
with:
format: 'spdx-json'
output-file: 'sbom.spdx.json'
- name: Attest
uses: actions/attest-sbom@v1
with:
subject-path: '${{ github.workspace }}/my-app'
sbom-path: '${{ github.workspace }}/my-app.sbom.spdx.json'
sbom-path: 'sbom.spdx.json'
```
### Identify Subjects by Wildcard
@@ -202,7 +209,11 @@ jobs:
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
- name: Generate SBOM
run: make sbom
uses: anchore/sbom-action@v0
with:
image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
format: 'cyclonedx-json'
output-file: 'sbom.cyclonedx.json'
- name: Attest
uses: actions/attest-sbom@v1
id: attest
@@ -218,8 +229,9 @@ jobs:
[4]: https://spdx.dev/
[5]: https://cyclonedx.org/
[6]: https://www.sigstore.dev/
[7]: https://cli.github.com/
[7]: https://cli.github.com/manual/gh_attestation_verify
[8]:
https://github.com/sigstore/protobuf-specs/blob/main/protos/sigstore_bundle.proto
[9]: https://jsonlines.org/
[10]: https://github.com/actions/toolkit/tree/main/packages/glob#patterns
[11]: https://docs.github.com/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds
+8
View File
@@ -28,3 +28,11 @@ otherwise, skip directly to step #5.
```shell
gh release create vX.X.X
```
1. Move (or create) the major version tag to point to the same commit tagged
above:
```shell
git tag -fa vX -m "vX"
git push origin vX --force
```
+6 -3
View File
@@ -1,6 +1,9 @@
name: 'Attest SBOM'
description: 'Generate SBOM attestations for build artifacts'
author: 'GitHub'
branding:
color: 'blue'
icon: 'paperclip'
inputs:
subject-path:
@@ -10,7 +13,7 @@ inputs:
required: false
subject-digest:
description: >
SHA256 digest of the subject for for the attestation. Must be in the form
SHA256 digest of the subject for the attestation. Must be in the form
"sha256:hex_digest" (e.g. "sha256:abc123..."). Must specify exactly one of
"subject-path" or "subject-digest".
required: false
@@ -45,11 +48,11 @@ outputs:
runs:
using: 'composite'
steps:
- uses: actions/attest-sbom/predicate@847c6befa7ce187c962fa6c3e6cd3c96e4da9565 # predicate@0.1.0
- uses: actions/attest-sbom/predicate@534423496eab34674190bc45fdacbb8b1198e07f # predicate@1.0.0
id: generate-sbom-predicate
with:
sbom-path: ${{ inputs.sbom-path || steps.sbom-output.outputs.path }}
- uses: actions/attest@14e407ca15f1b08f4869fc058b059f7f1e434df6 # v0.1.0
- uses: actions/attest@32f49af6653ef9b7d1a40182d53fc9ebd53447d8 # v1.1.1
id: attest
with:
subject-path: ${{ inputs.subject-path }}
+163 -123
View File
@@ -12,19 +12,19 @@
"@actions/core": "^1.10.1"
},
"devDependencies": {
"@actions/attest": "^1.1.0",
"@actions/attest": "^1.2.1",
"@types/jest": "^29.5.12",
"@types/node": "^20.12.7",
"@typescript-eslint/eslint-plugin": "^7.7.0",
"@typescript-eslint/parser": "^7.7.0",
"@types/node": "^20.12.8",
"@typescript-eslint/eslint-plugin": "^7.8.0",
"@typescript-eslint/parser": "^7.8.0",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"eslint-plugin-github": "^4.10.2",
"eslint-plugin-jest": "^28.2.0",
"eslint-plugin-jest": "^28.5.0",
"eslint-plugin-jsonc": "^2.15.1",
"eslint-plugin-prettier": "^5.1.3",
"jest": "^29.7.0",
"markdownlint-cli": "^0.39.0",
"markdownlint-cli": "^0.40.0",
"prettier": "^3.2.5",
"prettier-eslint": "^16.3.0",
"ts-jest": "^29.1.2",
@@ -44,19 +44,19 @@
}
},
"node_modules/@actions/attest": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.1.0.tgz",
"integrity": "sha512-SrKYqTjDAEmVwQMeY4kb3LBsF2O02aKjN1ePJPJfSEK8Vr8IGYMw4ts2mFlKRYc6/yp87OQb0owyXfoMj5BzZA==",
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.2.1.tgz",
"integrity": "sha512-ZLfmO6o2x3UL2BG++oIHMPx5kApWr8Uy1cgiiafXpHgamsqFUPjUtcp0/gpOaXkxUZftdVno7NwBTisw8qr9UA==",
"dev": true,
"dependencies": {
"@actions/core": "^1.10.1",
"@actions/github": "^6.0.0",
"@actions/http-client": "^2.2.1",
"@sigstore/bundle": "^2.2.0",
"@sigstore/sign": "^2.2.3",
"@octokit/plugin-retry": "^6.0.1",
"@sigstore/bundle": "^2.3.0",
"@sigstore/sign": "^2.3.0",
"jsonwebtoken": "^9.0.2",
"jwks-rsa": "^3.1.0",
"make-fetch-happen": "^13.0.0"
"jwks-rsa": "^3.1.0"
}
},
"node_modules/@actions/core": {
@@ -1558,6 +1558,23 @@
"@octokit/core": ">=5"
}
},
"node_modules/@octokit/plugin-retry": {
"version": "6.0.1",
"resolved": "https://registry.npmjs.org/@octokit/plugin-retry/-/plugin-retry-6.0.1.tgz",
"integrity": "sha512-SKs+Tz9oj0g4p28qkZwl/topGcb0k0qPNX/i7vBKmDsjoeqnVfFUquqrE/O9oJY7+oLzdCtkiWSXLpLjvl6uog==",
"dev": true,
"dependencies": {
"@octokit/request-error": "^5.0.0",
"@octokit/types": "^12.0.0",
"bottleneck": "^2.15.3"
},
"engines": {
"node": ">= 18"
},
"peerDependencies": {
"@octokit/core": ">=5"
}
},
"node_modules/@octokit/request": {
"version": "8.2.0",
"resolved": "https://registry.npmjs.org/@octokit/request/-/request-8.2.0.tgz",
@@ -1619,12 +1636,12 @@
}
},
"node_modules/@sigstore/bundle": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.2.0.tgz",
"integrity": "sha512-5VI58qgNs76RDrwXNhpmyN/jKpq9evV/7f1XrcqcAfvxDl5SeVY/I5Rmfe96ULAV7/FK5dge9RBKGBJPhL1WsQ==",
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.1.tgz",
"integrity": "sha512-eqV17lO3EIFqCWK3969Rz+J8MYrRZKw9IBHpSo6DEcEX2c+uzDFOgHE9f2MnyDpfs48LFO4hXmk9KhQ74JzU1g==",
"dev": true,
"dependencies": {
"@sigstore/protobuf-specs": "^0.3.0"
"@sigstore/protobuf-specs": "^0.3.1"
},
"engines": {
"node": "^16.14.0 || >=18.0.0"
@@ -1640,23 +1657,23 @@
}
},
"node_modules/@sigstore/protobuf-specs": {
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/@sigstore/protobuf-specs/-/protobuf-specs-0.3.0.tgz",
"integrity": "sha512-zxiQ66JFOjVvP9hbhGj/F/qNdsZfkGb/dVXSanNRNuAzMlr4MC95voPUBX8//ZNnmv3uSYzdfR/JSkrgvZTGxA==",
"version": "0.3.1",
"resolved": "https://registry.npmjs.org/@sigstore/protobuf-specs/-/protobuf-specs-0.3.1.tgz",
"integrity": "sha512-aIL8Z9NsMr3C64jyQzE0XlkEyBLpgEJJFDHLVVStkFV5Q3Il/r/YtY6NJWKQ4cy4AE7spP1IX5Jq7VCAxHHMfQ==",
"dev": true,
"engines": {
"node": "^14.17.0 || ^16.13.0 || >=18.0.0"
"node": "^16.14.0 || >=18.0.0"
}
},
"node_modules/@sigstore/sign": {
"version": "2.2.3",
"resolved": "https://registry.npmjs.org/@sigstore/sign/-/sign-2.2.3.tgz",
"integrity": "sha512-LqlA+ffyN02yC7RKszCdMTS6bldZnIodiox+IkT8B2f8oRYXCB3LQ9roXeiEL21m64CVH1wyveYAORfD65WoSw==",
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/@sigstore/sign/-/sign-2.3.0.tgz",
"integrity": "sha512-tsAyV6FC3R3pHmKS880IXcDJuiFJiKITO1jxR1qbplcsBkZLBmjrEw5GbC7ikD6f5RU1hr7WnmxB/2kKc1qUWQ==",
"dev": true,
"dependencies": {
"@sigstore/bundle": "^2.2.0",
"@sigstore/bundle": "^2.3.0",
"@sigstore/core": "^1.0.0",
"@sigstore/protobuf-specs": "^0.3.0",
"@sigstore/protobuf-specs": "^0.3.1",
"make-fetch-happen": "^13.0.0"
},
"engines": {
@@ -1868,9 +1885,9 @@
"dev": true
},
"node_modules/@types/node": {
"version": "20.12.7",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.7.tgz",
"integrity": "sha512-wq0cICSkRLVaf3UGLMGItu/PtdY7oaXaI/RVU+xliKVOtRna3PRY57ZDfztpDL0n11vfymMUnXv8QwYCO7L1wg==",
"version": "20.12.8",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz",
"integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==",
"dev": true,
"dependencies": {
"undici-types": "~5.26.4"
@@ -1937,16 +1954,16 @@
"dev": true
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.7.0.tgz",
"integrity": "sha512-GJWR0YnfrKnsRoluVO3PRb9r5aMZriiMMM/RHj5nnTrBy1/wIgk76XCtCKcnXGjpZQJQRFtGV9/0JJ6n30uwpQ==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.8.0.tgz",
"integrity": "sha512-gFTT+ezJmkwutUPmB0skOj3GZJtlEGnlssems4AjkVweUPGj7jRwwqg0Hhg7++kPGJqKtTYx+R05Ftww372aIg==",
"dev": true,
"dependencies": {
"@eslint-community/regexpp": "^4.10.0",
"@typescript-eslint/scope-manager": "7.7.0",
"@typescript-eslint/type-utils": "7.7.0",
"@typescript-eslint/utils": "7.7.0",
"@typescript-eslint/visitor-keys": "7.7.0",
"@typescript-eslint/scope-manager": "7.8.0",
"@typescript-eslint/type-utils": "7.8.0",
"@typescript-eslint/utils": "7.8.0",
"@typescript-eslint/visitor-keys": "7.8.0",
"debug": "^4.3.4",
"graphemer": "^1.4.0",
"ignore": "^5.3.1",
@@ -1972,17 +1989,17 @@
}
},
"node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.7.0.tgz",
"integrity": "sha512-LKGAXMPQs8U/zMRFXDZOzmMKgFv3COlxUQ+2NMPhbqgVm6R1w+nU1i4836Pmxu9jZAuIeyySNrN/6Rc657ggig==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.8.0.tgz",
"integrity": "sha512-L0yFqOCflVqXxiZyXrDr80lnahQfSOfc9ELAAZ75sqicqp2i36kEZZGuUymHNFoYOqxRT05up760b4iGsl02nQ==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.4.0",
"@types/json-schema": "^7.0.15",
"@types/semver": "^7.5.8",
"@typescript-eslint/scope-manager": "7.7.0",
"@typescript-eslint/types": "7.7.0",
"@typescript-eslint/typescript-estree": "7.7.0",
"@typescript-eslint/scope-manager": "7.8.0",
"@typescript-eslint/types": "7.8.0",
"@typescript-eslint/typescript-estree": "7.8.0",
"semver": "^7.6.0"
},
"engines": {
@@ -1997,15 +2014,15 @@
}
},
"node_modules/@typescript-eslint/parser": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.7.0.tgz",
"integrity": "sha512-fNcDm3wSwVM8QYL4HKVBggdIPAy9Q41vcvC/GtDobw3c4ndVT3K6cqudUmjHPw8EAp4ufax0o58/xvWaP2FmTg==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.8.0.tgz",
"integrity": "sha512-KgKQly1pv0l4ltcftP59uQZCi4HUYswCLbTqVZEJu7uLX8CTLyswqMLqLN+2QFz4jCptqWVV4SB7vdxcH2+0kQ==",
"dev": true,
"dependencies": {
"@typescript-eslint/scope-manager": "7.7.0",
"@typescript-eslint/types": "7.7.0",
"@typescript-eslint/typescript-estree": "7.7.0",
"@typescript-eslint/visitor-keys": "7.7.0",
"@typescript-eslint/scope-manager": "7.8.0",
"@typescript-eslint/types": "7.8.0",
"@typescript-eslint/typescript-estree": "7.8.0",
"@typescript-eslint/visitor-keys": "7.8.0",
"debug": "^4.3.4"
},
"engines": {
@@ -2025,13 +2042,13 @@
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.7.0.tgz",
"integrity": "sha512-/8INDn0YLInbe9Wt7dK4cXLDYp0fNHP5xKLHvZl3mOT5X17rK/YShXaiNmorl+/U4VKCVIjJnx4Ri5b0y+HClw==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.8.0.tgz",
"integrity": "sha512-viEmZ1LmwsGcnr85gIq+FCYI7nO90DVbE37/ll51hjv9aG+YZMb4WDE2fyWpUR4O/UrhGRpYXK/XajcGTk2B8g==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "7.7.0",
"@typescript-eslint/visitor-keys": "7.7.0"
"@typescript-eslint/types": "7.8.0",
"@typescript-eslint/visitor-keys": "7.8.0"
},
"engines": {
"node": "^18.18.0 || >=20.0.0"
@@ -2042,13 +2059,13 @@
}
},
"node_modules/@typescript-eslint/type-utils": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.7.0.tgz",
"integrity": "sha512-bOp3ejoRYrhAlnT/bozNQi3nio9tIgv3U5C0mVDdZC7cpcQEDZXvq8inrHYghLVwuNABRqrMW5tzAv88Vy77Sg==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.8.0.tgz",
"integrity": "sha512-H70R3AefQDQpz9mGv13Uhi121FNMh+WEaRqcXTX09YEDky21km4dV1ZXJIp8QjXc4ZaVkXVdohvWDzbnbHDS+A==",
"dev": true,
"dependencies": {
"@typescript-eslint/typescript-estree": "7.7.0",
"@typescript-eslint/utils": "7.7.0",
"@typescript-eslint/typescript-estree": "7.8.0",
"@typescript-eslint/utils": "7.8.0",
"debug": "^4.3.4",
"ts-api-utils": "^1.3.0"
},
@@ -2069,17 +2086,17 @@
}
},
"node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.7.0.tgz",
"integrity": "sha512-LKGAXMPQs8U/zMRFXDZOzmMKgFv3COlxUQ+2NMPhbqgVm6R1w+nU1i4836Pmxu9jZAuIeyySNrN/6Rc657ggig==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.8.0.tgz",
"integrity": "sha512-L0yFqOCflVqXxiZyXrDr80lnahQfSOfc9ELAAZ75sqicqp2i36kEZZGuUymHNFoYOqxRT05up760b4iGsl02nQ==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.4.0",
"@types/json-schema": "^7.0.15",
"@types/semver": "^7.5.8",
"@typescript-eslint/scope-manager": "7.7.0",
"@typescript-eslint/types": "7.7.0",
"@typescript-eslint/typescript-estree": "7.7.0",
"@typescript-eslint/scope-manager": "7.8.0",
"@typescript-eslint/types": "7.8.0",
"@typescript-eslint/typescript-estree": "7.8.0",
"semver": "^7.6.0"
},
"engines": {
@@ -2094,9 +2111,9 @@
}
},
"node_modules/@typescript-eslint/types": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.7.0.tgz",
"integrity": "sha512-G01YPZ1Bd2hn+KPpIbrAhEWOn5lQBrjxkzHkWvP6NucMXFtfXoevK82hzQdpfuQYuhkvFDeQYbzXCjR1z9Z03w==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.8.0.tgz",
"integrity": "sha512-wf0peJ+ZGlcH+2ZS23aJbOv+ztjeeP8uQ9GgwMJGVLx/Nj9CJt17GWgWWoSmoRVKAX2X+7fzEnAjxdvK2gqCLw==",
"dev": true,
"engines": {
"node": "^18.18.0 || >=20.0.0"
@@ -2107,13 +2124,13 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.7.0.tgz",
"integrity": "sha512-8p71HQPE6CbxIBy2kWHqM1KGrC07pk6RJn40n0DSc6bMOBBREZxSDJ+BmRzc8B5OdaMh1ty3mkuWRg4sCFiDQQ==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.8.0.tgz",
"integrity": "sha512-5pfUCOwK5yjPaJQNy44prjCwtr981dO8Qo9J9PwYXZ0MosgAbfEMB008dJ5sNo3+/BN6ytBPuSvXUg9SAqB0dg==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "7.7.0",
"@typescript-eslint/visitor-keys": "7.7.0",
"@typescript-eslint/types": "7.8.0",
"@typescript-eslint/visitor-keys": "7.8.0",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@@ -2283,12 +2300,12 @@
}
},
"node_modules/@typescript-eslint/visitor-keys": {
"version": "7.7.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.7.0.tgz",
"integrity": "sha512-h0WHOj8MhdhY8YWkzIF30R379y0NqyOHExI9N9KCzvmu05EgG4FumeYa3ccfKUSphyWkWQE1ybVrgz/Pbam6YA==",
"version": "7.8.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.8.0.tgz",
"integrity": "sha512-q4/gibTNBQNA0lGyYQCmWRS5D15n8rXh4QjK3KV+MBPlTYHpfBUT3D3PaPR/HeNiI9W6R7FvlkcGhNyAoP+caA==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "7.7.0",
"@typescript-eslint/types": "7.8.0",
"eslint-visitor-keys": "^3.4.3"
},
"engines": {
@@ -2771,6 +2788,12 @@
"integrity": "sha512-NzUnlZexiaH/46WDhANlyR2bXRopNg4F/zuSA3OpZnllCUgRaOF2znDioDWrmbNVsuZk6l9pMquQB38cfBZwkQ==",
"dev": true
},
"node_modules/bottleneck": {
"version": "2.19.5",
"resolved": "https://registry.npmjs.org/bottleneck/-/bottleneck-2.19.5.tgz",
"integrity": "sha512-VHiNCbI1lKdl44tGrhNfU3lup0Tj/ZBMJB5/2ZbNXRCPuRCO7ed2mgcK4r17y+KB2EfuYuRaVlwNbAeaWGSpbw==",
"dev": true
},
"node_modules/brace-expansion": {
"version": "1.1.11",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
@@ -3106,12 +3129,12 @@
"dev": true
},
"node_modules/commander": {
"version": "11.1.0",
"resolved": "https://registry.npmjs.org/commander/-/commander-11.1.0.tgz",
"integrity": "sha512-yPVavfyCcRhmorC7rWlkHn15b4wDVgVmBA7kV4QVBsF7kv/9TKJAbAXVTxvTnwP8HHKjRCJDClKbciiYS7p0DQ==",
"version": "12.0.0",
"resolved": "https://registry.npmjs.org/commander/-/commander-12.0.0.tgz",
"integrity": "sha512-MwVNWlYjDTtOjX5PiD7o5pK0UrFU/OYgcJfjjK4RaHZETNtjJqrZa9Y9ds88+A+f+d5lv+561eZ+yCKoS3gbAA==",
"dev": true,
"engines": {
"node": ">=16"
"node": ">=18"
}
},
"node_modules/common-tags": {
@@ -3858,12 +3881,12 @@
}
},
"node_modules/eslint-plugin-jest": {
"version": "28.2.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.2.0.tgz",
"integrity": "sha512-yRDti/a+f+SMSmNTiT9/M/MzXGkitl8CfzUxnpoQcTyfq8gUrXMriVcWU36W1X6BZSUoyUCJrDAWWUA2N4hE5g==",
"version": "28.5.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.5.0.tgz",
"integrity": "sha512-6np6DGdmNq/eBbA7HOUNV8fkfL86PYwBfwyb8n23FXgJNTR8+ot3smRHjza9LGsBBZRypK3qyF79vMjohIL8eQ==",
"dev": true,
"dependencies": {
"@typescript-eslint/utils": "^6.0.0"
"@typescript-eslint/utils": "^6.0.0 || ^7.0.0"
},
"engines": {
"node": "^16.10.0 || ^18.12.0 || >=20.0.0"
@@ -5996,6 +6019,15 @@
"integrity": "sha512-AilxAyFOAcK5wA1+LeaySVBrHsGQvUFCDWXKpZjzaL0PqW+xfBOttn8GNtWKFWqneyMZj41MWF9Kl6iPWLwgOA==",
"dev": true
},
"node_modules/jsonpointer": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/jsonpointer/-/jsonpointer-5.0.1.tgz",
"integrity": "sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==",
"dev": true,
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/jsonwebtoken": {
"version": "9.0.2",
"resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz",
@@ -6430,9 +6462,9 @@
}
},
"node_modules/markdown-it": {
"version": "14.0.0",
"resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-14.0.0.tgz",
"integrity": "sha512-seFjF0FIcPt4P9U39Bq1JYblX0KZCjDLFFQPHpL5AzHpqPEKtosxmdq/LTVZnjfH7tjt9BxStm+wXcDBNuYmzw==",
"version": "14.1.0",
"resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-14.1.0.tgz",
"integrity": "sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==",
"dev": true,
"dependencies": {
"argparse": "^2.0.1",
@@ -6440,20 +6472,20 @@
"linkify-it": "^5.0.0",
"mdurl": "^2.0.0",
"punycode.js": "^2.3.1",
"uc.micro": "^2.0.0"
"uc.micro": "^2.1.0"
},
"bin": {
"markdown-it": "bin/markdown-it.mjs"
}
},
"node_modules/markdownlint": {
"version": "0.33.0",
"resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.33.0.tgz",
"integrity": "sha512-4lbtT14A3m0LPX1WS/3d1m7Blg+ZwiLq36WvjQqFGsX3Gik99NV+VXp/PW3n+Q62xyPdbvGOCfjPqjW+/SKMig==",
"version": "0.34.0",
"resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.34.0.tgz",
"integrity": "sha512-qwGyuyKwjkEMOJ10XN6OTKNOVYvOIi35RNvDLNxTof5s8UmyGHlCdpngRHoRGNvQVGuxO3BJ7uNSgdeX166WXw==",
"dev": true,
"dependencies": {
"markdown-it": "14.0.0",
"markdownlint-micromark": "0.1.8"
"markdown-it": "14.1.0",
"markdownlint-micromark": "0.1.9"
},
"engines": {
"node": ">=18"
@@ -6463,20 +6495,22 @@
}
},
"node_modules/markdownlint-cli": {
"version": "0.39.0",
"resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.39.0.tgz",
"integrity": "sha512-ZuFN7Xpsbn1Nbp0YYkeLOfXOMOfLQBik2lKRy8pVI/llmKQ2uW7x+8k5OMgF6o7XCsTDSYC/OOmeJ+3qplvnJQ==",
"version": "0.40.0",
"resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.40.0.tgz",
"integrity": "sha512-JXhI3dRQcaqwiFYpPz6VJ7aKYheD53GmTz9y4D/d0F1MbZDGOp9pqKlbOfUX/pHP/iAoeiE4wYRmk8/kjLakxA==",
"dev": true,
"dependencies": {
"commander": "~11.1.0",
"commander": "~12.0.0",
"get-stdin": "~9.0.0",
"glob": "~10.3.10",
"ignore": "~5.3.0",
"glob": "~10.3.12",
"ignore": "~5.3.1",
"js-yaml": "^4.1.0",
"jsonc-parser": "~3.2.1",
"markdownlint": "~0.33.0",
"minimatch": "~9.0.3",
"run-con": "~1.3.2"
"jsonpointer": "5.0.1",
"markdownlint": "~0.34.0",
"minimatch": "~9.0.4",
"run-con": "~1.3.2",
"toml": "~3.0.0"
},
"bin": {
"markdownlint": "markdownlint.js"
@@ -6495,16 +6529,16 @@
}
},
"node_modules/markdownlint-cli/node_modules/glob": {
"version": "10.3.10",
"resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
"integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
"version": "10.3.12",
"resolved": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz",
"integrity": "sha512-TCNv8vJ+xz4QiqTpfOJA7HvYv+tNIRHKfUWw/q+v2jdgN4ebz+KY9tGx5J4rHP0o84mNP+ApH66HRX8us3Khqg==",
"dev": true,
"dependencies": {
"foreground-child": "^3.1.0",
"jackspeak": "^2.3.5",
"jackspeak": "^2.3.6",
"minimatch": "^9.0.1",
"minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
"path-scurry": "^1.10.1"
"minipass": "^7.0.4",
"path-scurry": "^1.10.2"
},
"bin": {
"glob": "dist/esm/bin.mjs"
@@ -6517,9 +6551,9 @@
}
},
"node_modules/markdownlint-cli/node_modules/minimatch": {
"version": "9.0.3",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
"integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
"version": "9.0.4",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
"integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -6532,12 +6566,12 @@
}
},
"node_modules/markdownlint-micromark": {
"version": "0.1.8",
"resolved": "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.8.tgz",
"integrity": "sha512-1ouYkMRo9/6gou9gObuMDnvZM8jC/ly3QCFQyoSPCS2XV1ZClU0xpKbL1Ar3bWWRT1RnBZkWUEiNKrI2CwiBQA==",
"version": "0.1.9",
"resolved": "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.9.tgz",
"integrity": "sha512-5hVs/DzAFa8XqYosbEAEg6ok6MF2smDj89ztn9pKkCtdKHVdPQuGMH7frFfYL9mLkvfFe4pTyAMffLbjf3/EyA==",
"dev": true,
"engines": {
"node": ">=16"
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/DavidAnson"
@@ -7088,12 +7122,12 @@
"dev": true
},
"node_modules/path-scurry": {
"version": "1.10.1",
"resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.1.tgz",
"integrity": "sha512-MkhCqzzBEpPvxxQ71Md0b1Kk51W01lrYvlMzSUaIzNsODdd7mqhiimSZlr+VegAz5Z6Vzt9Xg2ttE//XBhH3EQ==",
"version": "1.10.2",
"resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz",
"integrity": "sha512-7xTavNy5RQXnsjANvVvMkEjvloOinkAjv/Z6Ildz9v2RinZ4SBKTWFOVRbaF8p0vpHnyjV/UwNDdKuUv6M5qcA==",
"dev": true,
"dependencies": {
"lru-cache": "^9.1.1 || ^10.0.0",
"lru-cache": "^10.2.0",
"minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
},
"engines": {
@@ -8315,6 +8349,12 @@
"node": ">=8.0"
}
},
"node_modules/toml": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/toml/-/toml-3.0.0.tgz",
"integrity": "sha512-y/mWCZinnvxjTKYhJ+pYxwD0mRLVvOtdS2Awbgxln6iEnt4rk0yBxeSBHkGJcPucRiG0e55mwWp+g/05rsrd6w==",
"dev": true
},
"node_modules/ts-api-utils": {
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-1.3.0.tgz",
@@ -8537,9 +8577,9 @@
}
},
"node_modules/uc.micro": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-2.0.0.tgz",
"integrity": "sha512-DffL94LsNOccVn4hyfRe5rdKa273swqeA5DJpMOeFmEn1wCDc7nAbbB0gXlgBCL7TNzeTv6G7XVWzan7iJtfig==",
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-2.1.0.tgz",
"integrity": "sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==",
"dev": true
},
"node_modules/unbox-primitive": {
+6 -6
View File
@@ -73,19 +73,19 @@
"@actions/core": "^1.10.1"
},
"devDependencies": {
"@actions/attest": "^1.1.0",
"@actions/attest": "^1.2.1",
"@types/jest": "^29.5.12",
"@types/node": "^20.12.7",
"@typescript-eslint/eslint-plugin": "^7.7.0",
"@typescript-eslint/parser": "^7.7.0",
"@types/node": "^20.12.8",
"@typescript-eslint/eslint-plugin": "^7.8.0",
"@typescript-eslint/parser": "^7.8.0",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"eslint-plugin-github": "^4.10.2",
"eslint-plugin-jest": "^28.2.0",
"eslint-plugin-jest": "^28.5.0",
"eslint-plugin-jsonc": "^2.15.1",
"eslint-plugin-prettier": "^5.1.3",
"jest": "^29.7.0",
"markdownlint-cli": "^0.39.0",
"markdownlint-cli": "^0.40.0",
"prettier": "^3.2.5",
"prettier-eslint": "^16.3.0",
"ts-jest": "^29.1.2",