From 6675b10a5b47c9fe18e11e69bc9157b23b8416de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Apr 2024 07:46:14 -0700 Subject: [PATCH] Bump @sigstore/oci from 0.2.0 to 0.3.0 (#35) * Bump @sigstore/oci from 0.2.0 to 0.3.0 Bumps [@sigstore/oci](https://github.com/sigstore/sigstore-js) from 0.2.0 to 0.3.0. - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/oci@0.2.0...@sigstore/oci@0.3.0) --- updated-dependencies: - dependency-name: "@sigstore/oci" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * rebuild dist Signed-off-by: Brian DeHamer --------- Signed-off-by: dependabot[bot] Signed-off-by: Brian DeHamer Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer --- dist/index.js | 17 ++--------------- package-lock.json | 14 +++++++------- package.json | 2 +- 3 files changed, 10 insertions(+), 23 deletions(-) diff --git a/dist/index.js b/dist/index.js index 29bfd32..86fd835 100644 --- a/dist/index.js +++ b/dist/index.js @@ -11452,7 +11452,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function ( if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it"); return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver); }; -var _OCIImage_instances, _OCIImage_client, _OCIImage_credentials, _OCIImage_downgrade, _OCIImage_createReferrersIndexByTag; +var _OCIImage_instances, _OCIImage_client, _OCIImage_credentials, _OCIImage_createReferrersIndexByTag; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.OCIImage = void 0; /* @@ -11474,17 +11474,13 @@ const constants_1 = __nccwpck_require__(61319); const error_1 = __nccwpck_require__(60064); const registry_1 = __nccwpck_require__(27464); const EMPTY_BLOB = Buffer.from('{}'); -const DOWNGRADE_REGISTRIES = ['amazonaws.com']; class OCIImage { constructor(image, creds, opts) { _OCIImage_instances.add(this); _OCIImage_client.set(this, void 0); _OCIImage_credentials.set(this, void 0); - _OCIImage_downgrade.set(this, false); __classPrivateFieldSet(this, _OCIImage_client, new registry_1.RegistryClient(image.registry, image.path, opts), "f"); __classPrivateFieldSet(this, _OCIImage_credentials, creds, "f"); - // If the registry is not OCI-compliant, downgrade to Docker V2 API - __classPrivateFieldSet(this, _OCIImage_downgrade, DOWNGRADE_REGISTRIES.some((r) => image.registry.includes(r)), "f"); } async addArtifact(opts) { let artifactDescriptor; @@ -11512,15 +11508,6 @@ class OCIImage { }, annotations, }); - /* istanbul ignore if */ - if (__classPrivateFieldGet(this, _OCIImage_downgrade, "f")) { - // ECR can't handle media types with parameters, so we need to strip the - // version parameter from the Sigstore bundle media type. - manifest.artifactType = manifest.artifactType - ? manifest.artifactType.replace(/;.*/, '') - : undefined; - manifest.layers[0].mediaType = manifest.layers[0].mediaType.replace(/;.*/, ''); - } // Upload artifact manifest artifactDescriptor = await __classPrivateFieldGet(this, _OCIImage_client, "f").uploadManifest(JSON.stringify(manifest)); // Manually update the referrers list if the referrers API is not supported. @@ -11562,7 +11549,7 @@ class OCIImage { } } exports.OCIImage = OCIImage; -_OCIImage_client = new WeakMap(), _OCIImage_credentials = new WeakMap(), _OCIImage_downgrade = new WeakMap(), _OCIImage_instances = new WeakSet(), _OCIImage_createReferrersIndexByTag = +_OCIImage_client = new WeakMap(), _OCIImage_credentials = new WeakMap(), _OCIImage_instances = new WeakSet(), _OCIImage_createReferrersIndexByTag = // Create a referrers index by tag. This is a fallback for registries that do // not support the referrers API. // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-manifests-with-subject diff --git a/package-lock.json b/package-lock.json index a23da7a..c694dec 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "@actions/attest": "^1.1.0", "@actions/core": "^1.10.1", "@actions/glob": "^0.4.0", - "@sigstore/oci": "^0.2.0" + "@sigstore/oci": "^0.3.0" }, "devDependencies": { "@sigstore/mock": "^0.7.2", @@ -1708,9 +1708,9 @@ } }, "node_modules/@sigstore/oci": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.2.0.tgz", - "integrity": "sha512-fPKD4jd/D6VR/AqkJn7YHYguZlVcd2GI6lc2d/cK2xwZNV/bfCVd6jvJht5wdz8tyAvVvLyfMHBh/UtNwDG0fg==", + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.0.tgz", + "integrity": "sha512-RZeirZtdSQvBC04j+rvPwBOnzMsc1NC3Ucx4krSh37Ch/Z1BwwAEV3QDQ18McXX2Guvc2pnWeGd6RXn+vpivww==", "dependencies": { "make-fetch-happen": "^13.0.0" }, @@ -9858,9 +9858,9 @@ } }, "@sigstore/oci": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.2.0.tgz", - "integrity": "sha512-fPKD4jd/D6VR/AqkJn7YHYguZlVcd2GI6lc2d/cK2xwZNV/bfCVd6jvJht5wdz8tyAvVvLyfMHBh/UtNwDG0fg==", + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.0.tgz", + "integrity": "sha512-RZeirZtdSQvBC04j+rvPwBOnzMsc1NC3Ucx4krSh37Ch/Z1BwwAEV3QDQ18McXX2Guvc2pnWeGd6RXn+vpivww==", "requires": { "make-fetch-happen": "^13.0.0" } diff --git a/package.json b/package.json index 3a8a9f3..24386e3 100644 --- a/package.json +++ b/package.json @@ -72,7 +72,7 @@ "@actions/attest": "^1.1.0", "@actions/core": "^1.10.1", "@actions/glob": "^0.4.0", - "@sigstore/oci": "^0.2.0" + "@sigstore/oci": "^0.3.0" }, "devDependencies": { "@sigstore/mock": "^0.7.2",