Compare commits

...

15 Commits

Author SHA1 Message Date
Brian DeHamer 7305951e90 bump package version to 1.3.3 (#102)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-07-09 08:21:58 -07:00
dependabot[bot] eedca7cd2b Bump the npm-development group with 4 updates (#101)
Bumps the npm-development group with 4 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [ts-jest](https://github.com/kulshekhar/ts-jest).


Updates `@types/node` from 20.14.9 to 20.14.10
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.15.0 to 7.16.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.16.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.15.0 to 7.16.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.16.0/packages/parser)

Updates `ts-jest` from 29.1.5 to 29.2.0
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.5...v29.2.0)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-07-09 07:59:35 -07:00
Brian DeHamer 68a047fd01 bugfix for glob exclude patterns (#100)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-07-09 07:55:19 -07:00
dependabot[bot] 7fc0e943d8 Bump the npm-development group across 1 directory with 4 updates (#99)
* Bump the npm-development group across 1 directory with 4 updates

Bumps the npm-development group with 4 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [typescript](https://github.com/Microsoft/TypeScript).


Updates `@types/node` from 20.14.3 to 20.14.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.13.1 to 7.15.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.15.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.13.1 to 7.15.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.15.0/packages/parser)

Updates `typescript` from 5.4.5 to 5.5.3
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.4.5...v5.5.3)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>

* rebuild dist

Signed-off-by: Brian DeHamer <bdehamer@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Brian DeHamer <bdehamer@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-07-02 12:31:24 -07:00
Brian DeHamer be7daec55a add multi-subject example to docs (#96)
* add multi-subject example to docs

Signed-off-by: Brian DeHamer <bdehamer@github.com>

* Update README.md

Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>

* Update README.md

Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>

---------

Signed-off-by: Brian DeHamer <bdehamer@github.com>
Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>
2024-06-19 15:06:47 -07:00
dependabot[bot] da36b5f14b Bump the npm-development group with 6 updates (#93)
Bumps the npm-development group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@sigstore/mock](https://github.com/sigstore/sigstore-js) | `0.7.4` | `0.7.5` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.14.2` | `20.14.3` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `7.13.0` | `7.13.1` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `7.13.0` | `7.13.1` |
| [prettier](https://github.com/prettier/prettier) | `3.3.1` | `3.3.2` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.1.4` | `29.1.5` |


Updates `@sigstore/mock` from 0.7.4 to 0.7.5
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/mock@0.7.4...@sigstore/mock@0.7.5)

Updates `@types/node` from 20.14.2 to 20.14.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.13.0 to 7.13.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.13.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.13.0 to 7.13.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.13.1/packages/parser)

Updates `prettier` from 3.3.1 to 3.3.2
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.3.1...3.3.2)

Updates `ts-jest` from 29.1.4 to 29.1.5
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.4...v29.1.5)

---
updated-dependencies:
- dependency-name: "@sigstore/mock"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 11:00:25 -07:00
Brian DeHamer 8afbcf6e5e increase timeout for OCI operations (#92)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-17 06:51:46 -07:00
Brian DeHamer 0fdba851bc bump @sigstore/oci from 0.3.6 to 0.3.7 (#90)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-13 14:22:50 -07:00
Brian DeHamer b24527d9cb Bump @actions/attest from 1.2.1 to 1.3.0 (#89)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-12 13:17:25 -07:00
Brian DeHamer 65e3b8bbb5 bump @sigstore/oci to 0.3.6 (#88)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-12 11:27:41 -07:00
dependabot[bot] 0164ca8f6f Bump braces from 3.0.2 to 3.0.3 (#87)
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-12 11:02:35 -07:00
dependabot[bot] b7c5f92e1b Bump the npm-development group with 6 updates (#86)
Bumps the npm-development group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.14.0` | `20.14.2` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `7.12.0` | `7.13.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `7.12.0` | `7.13.0` |
| [eslint-plugin-github](https://github.com/github/eslint-plugin-github) | `5.0.0` | `5.0.1` |
| [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `28.5.0` | `28.6.0` |
| [prettier](https://github.com/prettier/prettier) | `3.3.0` | `3.3.1` |


Updates `@types/node` from 20.14.0 to 20.14.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.12.0 to 7.13.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.13.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.12.0 to 7.13.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.13.0/packages/parser)

Updates `eslint-plugin-github` from 5.0.0 to 5.0.1
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v5.0.0...v5.0.1)

Updates `eslint-plugin-jest` from 28.5.0 to 28.6.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.5.0...v28.6.0)

Updates `prettier` from 3.3.0 to 3.3.1
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.3.0...3.3.1)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-12 10:38:20 -07:00
dependabot[bot] f80a8431fd Bump eslint-plugin-github from 4.10.2 to 5.0.0 (#84)
Bumps [eslint-plugin-github](https://github.com/github/eslint-plugin-github) from 4.10.2 to 5.0.0.
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.10.2...v5.0.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-06-04 11:58:40 -07:00
Brian DeHamer 805ae990d5 Revert "disable github action linting (#49)" (#85)
This reverts commit 74e71f701d.
2024-06-04 08:37:19 -07:00
dependabot[bot] 4b199e0571 Bump the npm-development group with 5 updates (#82)
Bumps the npm-development group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.12.12` | `20.14.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `7.11.0` | `7.12.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `7.11.0` | `7.12.0` |
| [prettier](https://github.com/prettier/prettier) | `3.2.5` | `3.3.0` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.1.3` | `29.1.4` |


Updates `@types/node` from 20.12.12 to 20.14.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.11.0 to 7.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.12.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.11.0 to 7.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.12.0/packages/parser)

Updates `prettier` from 3.2.5 to 3.3.0
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.2.5...3.3.0)

Updates `ts-jest` from 29.1.3 to 29.1.4
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.3...v29.1.4)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 07:57:52 -07:00
8 changed files with 355 additions and 288 deletions
-1
View File
@@ -47,4 +47,3 @@ jobs:
VALIDATE_ALL_CODEBASE: true
VALIDATE_JAVASCRIPT_STANDARD: false
VALIDATE_JSCPD: false
VALIDATE_GITHUB_ACTIONS: false
+18 -1
View File
@@ -164,7 +164,7 @@ jobs:
predicate: '{}'
```
### Identify Subjects by Wildcard
### Identify Multiple Subjects
If you are generating multiple artifacts, you can generate an attestation for
each by using a wildcard in the `subject-path` input.
@@ -180,6 +180,23 @@ each by using a wildcard in the `subject-path` input.
For supported wildcards along with behavior and documentation, see
[@actions/glob][8] which is used internally to search for files.
Alternatively, you can explicitly list multiple subjects with either a comma or
newline delimited list:
```yaml
- uses: actions/attest@v1
with:
subject-path: 'dist/foo, dist/bar'
```
```yaml
- uses: actions/attest@v1
with:
subject-path: |
dist/foo
dist/bar
```
### Container Image
When working with container images you can invoke the action with the
+23
View File
@@ -296,6 +296,29 @@ describe('subjectFromInputs', () => {
})
})
describe('when an excluding glob is supplied', () => {
it('returns the multiple subjects', async () => {
const inputs: SubjectInputs = {
...blankInputs,
subjectPath: `${path.join(dir, 'subject-*')},!${path.join(dir, 'subject-1')}`
}
const subjects = await subjectFromInputs(inputs)
expect(subjects).toBeDefined()
expect(subjects).toHaveLength(2)
expect(subjects).toContainEqual({
name: 'subject-0',
digest: { sha256: expectedDigest }
})
expect(subjects).toContainEqual({
name: 'subject-2',
digest: { sha256: expectedDigest }
})
})
})
describe('when a multi-line glob list is supplied', () => {
it('returns the multiple subjects', async () => {
const inputs: SubjectInputs = {
Generated Vendored
+43 -27
View File
@@ -116,22 +116,16 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.signingEndpoints = exports.SIGSTORE_GITHUB = exports.SIGSTORE_PUBLIC_GOOD = void 0;
exports.signingEndpoints = exports.SIGSTORE_PUBLIC_GOOD = void 0;
const github = __importStar(__nccwpck_require__(95438));
const PUBLIC_GOOD_ID = 'public-good';
const GITHUB_ID = 'github';
const FULCIO_PUBLIC_GOOD_URL = 'https://fulcio.sigstore.dev';
const REKOR_PUBLIC_GOOD_URL = 'https://rekor.sigstore.dev';
const FULCIO_INTERNAL_URL = 'https://fulcio.githubapp.com';
const TSA_INTERNAL_URL = 'https://timestamp.githubapp.com';
exports.SIGSTORE_PUBLIC_GOOD = {
fulcioURL: FULCIO_PUBLIC_GOOD_URL,
rekorURL: REKOR_PUBLIC_GOOD_URL
};
exports.SIGSTORE_GITHUB = {
fulcioURL: FULCIO_INTERNAL_URL,
tsaServerURL: TSA_INTERNAL_URL
};
const signingEndpoints = (sigstore) => {
var _a;
let instance;
@@ -150,10 +144,21 @@ const signingEndpoints = (sigstore) => {
case PUBLIC_GOOD_ID:
return exports.SIGSTORE_PUBLIC_GOOD;
case GITHUB_ID:
return exports.SIGSTORE_GITHUB;
return buildGitHubEndpoints();
}
};
exports.signingEndpoints = signingEndpoints;
function buildGitHubEndpoints() {
const serverURL = process.env.GITHUB_SERVER_URL || 'https://github.com';
let host = new URL(serverURL).hostname;
if (host === 'github.com') {
host = 'githubapp.com';
}
return {
fulcioURL: `https://fulcio.${host}`,
tsaServerURL: `https://timestamp.${host}`
};
}
//# sourceMappingURL=endpoints.js.map
/***/ }),
@@ -254,6 +259,7 @@ const REQUIRED_CLAIMS = [
'sha',
'repository',
'event_name',
'job_workflow_ref',
'workflow_ref',
'repository_id',
'repository_owner_id',
@@ -346,8 +352,7 @@ exports.attestProvenance = exports.buildSLSAProvenancePredicate = void 0;
const attest_1 = __nccwpck_require__(46373);
const oidc_1 = __nccwpck_require__(95847);
const SLSA_PREDICATE_V1_TYPE = 'https://slsa.dev/provenance/v1';
const GITHUB_BUILDER_ID_PREFIX = 'https://github.com/actions/runner';
const GITHUB_BUILD_TYPE = 'https://slsa-framework.github.io/github-actions-buildtypes/workflow/v1';
const GITHUB_BUILD_TYPE = 'https://actions.github.io/buildtypes/workflow/v1';
const DEFAULT_ISSUER = 'https://token.actions.githubusercontent.com';
/**
* Builds an SLSA (Supply Chain Levels for Software Artifacts) provenance
@@ -383,7 +388,8 @@ const buildSLSAProvenancePredicate = (issuer = DEFAULT_ISSUER) => __awaiter(void
github: {
event_name: claims.event_name,
repository_id: claims.repository_id,
repository_owner_id: claims.repository_owner_id
repository_owner_id: claims.repository_owner_id,
runner_environment: claims.runner_environment
}
},
resolvedDependencies: [
@@ -397,7 +403,7 @@ const buildSLSAProvenancePredicate = (issuer = DEFAULT_ISSUER) => __awaiter(void
},
runDetails: {
builder: {
id: `${GITHUB_BUILDER_ID_PREFIX}/${claims.runner_environment}`
id: `${serverURL}/${claims.job_workflow_ref}`
},
metadata: {
invocationId: `${serverURL}/${claims.repository}/actions/runs/${claims.run_id}/attempts/${claims.run_attempt}`
@@ -478,6 +484,7 @@ const initBundleBuilder = (opts) => {
witnesses.push(new sign_1.RekorWitness({
rekorBaseURL: opts.rekorURL,
entryType: 'dsse',
fetchOnConflict: true,
timeout,
retry
}));
@@ -11744,13 +11751,20 @@ class OCIImage {
});
// Upload artifact manifest
artifactDescriptor = await __classPrivateFieldGet(this, _OCIImage_client, "f").uploadManifest(JSON.stringify(manifest));
// Check to see if registry supports the referrers API. For most
// registries the presence of a subjectDigest response header when
// uploading the artifact manifest indicates that the referrers API IS
// supported -- however, this is not a guarantee (AWS ECR does NOT support
// the referrers API but still reports a subjectDigest).
const referrersSupported = await __classPrivateFieldGet(this, _OCIImage_client, "f").pingReferrers();
// Manually update the referrers list if the referrers API is not supported.
// The lack of a subjectDigest indicates that the referrers API is not
// supported.
if (artifactDescriptor.subjectDigest === undefined) {
if (!artifactDescriptor.subjectDigest || !referrersSupported) {
// Strip subjectDigest from the artifact descriptor (in case it was returned)
/* eslint-disable-next-line @typescript-eslint/no-unused-vars */
const { subjectDigest, ...descriptor } = artifactDescriptor;
await __classPrivateFieldGet(this, _OCIImage_instances, "m", _OCIImage_createReferrersIndexByTag).call(this, {
artifact: {
...artifactDescriptor,
...descriptor,
artifactType: opts.mediaType,
annotations,
},
@@ -11953,7 +11967,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
};
var _RegistryClient_instances, _RegistryClient_baseURL, _RegistryClient_repository, _RegistryClient_fetch, _RegistryClient_fetchDistributionToken, _RegistryClient_fetchOAuth2Token;
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.RegistryClient = void 0;
exports.RegistryClient = exports.ZERO_DIGEST = void 0;
/*
Copyright 2023 The Sigstore Authors.
@@ -11980,6 +11994,7 @@ const ALL_MANIFEST_MEDIA_TYPES = [
constants_1.CONTENT_TYPE_DOCKER_MANIFEST,
constants_1.CONTENT_TYPE_DOCKER_MANIFEST_LIST,
].join(',');
exports.ZERO_DIGEST = 'sha256:0000000000000000000000000000000000000000000000000000000000000000';
class RegistryClient {
constructor(registry, repository, opts) {
_RegistryClient_instances.add(this);
@@ -12115,6 +12130,11 @@ class RegistryClient {
subjectDigest,
};
}
// Returns true if the registry supports the referrers API
async pingReferrers() {
const response = await __classPrivateFieldGet(this, _RegistryClient_fetch, "f").call(this, `${__classPrivateFieldGet(this, _RegistryClient_baseURL, "f")}/v2/${__classPrivateFieldGet(this, _RegistryClient_repository, "f")}/referrers/${exports.ZERO_DIGEST}`);
return response.status === 200;
}
static digest(blob) {
const hash = node_crypto_1.default.createHash('sha256');
hash.update(blob);
@@ -79907,7 +79927,7 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.createAttestation = void 0;
const attest_1 = __nccwpck_require__(74113);
const oci_1 = __nccwpck_require__(47353);
const OCI_TIMEOUT = 2000;
const OCI_TIMEOUT = 30000;
const OCI_RETRY = 3;
const createAttestation = async (subject, predicate, opts) => {
// Sign provenance w/ Sigstore
@@ -80054,7 +80074,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.run = void 0;
exports.run = run;
const core = __importStar(__nccwpck_require__(42186));
const github = __importStar(__nccwpck_require__(95438));
const fs_1 = __importDefault(__nccwpck_require__(57147));
@@ -80143,7 +80163,6 @@ async function run(inputs) {
process.removeListener('log', logHandler);
}
}
exports.run = run;
// Log details about the attestation to the GitHub Actions run
const logAttestation = (attestation, sigstoreInstance) => {
core.info(`Attestation created for ${attestation.subjectName}@${attestation.subjectDigest}`);
@@ -80337,14 +80356,11 @@ exports.subjectFromInputs = subjectFromInputs;
// calculated and returned along with the subject's name.
const getSubjectFromPath = async (subjectPath, subjectName) => {
const digestedSubjects = [];
const files = [];
// Parse the list of subject paths
const subjectPaths = parseList(subjectPath);
const subjectPaths = parseList(subjectPath).join('\n');
// Expand the globbed paths to a list of files
for (const subPath of subjectPaths) {
/* eslint-disable-next-line github/no-then */
files.push(...(await glob.create(subPath).then(async (g) => g.glob())));
}
/* eslint-disable-next-line github/no-then */
const files = await glob.create(subjectPaths).then(async (g) => g.glob());
if (files.length > MAX_SUBJECT_COUNT) {
throw new Error(`Too many subjects specified. The maximum number of subjects is ${MAX_SUBJECT_COUNT}.`);
}
@@ -94338,7 +94354,7 @@ exports.parse = parse;
/***/ ((module) => {
"use strict";
module.exports = {"i8":"2.3.1"};
module.exports = {"i8":"2.3.2"};
/***/ }),
+255 -240
View File
@@ -1,41 +1,41 @@
{
"name": "actions/attest",
"version": "1.2.0",
"version": "1.3.3",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "actions/attest",
"version": "1.2.0",
"version": "1.3.3",
"license": "MIT",
"dependencies": {
"@actions/attest": "^1.2.1",
"@actions/attest": "^1.3.0",
"@actions/core": "^1.10.1",
"@actions/glob": "^0.4.0",
"@sigstore/oci": "^0.3.4",
"@sigstore/oci": "^0.3.7",
"csv-parse": "^5.5.6"
},
"devDependencies": {
"@sigstore/mock": "^0.7.4",
"@sigstore/mock": "^0.7.5",
"@types/jest": "^29.5.12",
"@types/make-fetch-happen": "^10.0.4",
"@types/node": "^20.12.12",
"@typescript-eslint/eslint-plugin": "^7.11.0",
"@typescript-eslint/parser": "^7.11.0",
"@types/node": "^20.14.10",
"@typescript-eslint/eslint-plugin": "^7.16.0",
"@typescript-eslint/parser": "^7.16.0",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"eslint-plugin-github": "^4.10.2",
"eslint-plugin-jest": "^28.5.0",
"eslint-plugin-github": "^5.0.1",
"eslint-plugin-jest": "^28.6.0",
"eslint-plugin-jsonc": "^2.16.0",
"eslint-plugin-prettier": "^5.1.3",
"jest": "^29.7.0",
"js-yaml": "^4.1.0",
"markdownlint-cli": "^0.41.0",
"nock": "^13.5.4",
"prettier": "^3.2.5",
"prettier": "^3.3.2",
"prettier-eslint": "^16.3.0",
"ts-jest": "^29.1.3",
"typescript": "^5.4.5",
"ts-jest": "^29.2.0",
"typescript": "^5.5.3",
"undici": "^5.28.4"
},
"engines": {
@@ -51,16 +51,16 @@
}
},
"node_modules/@actions/attest": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.2.1.tgz",
"integrity": "sha512-ZLfmO6o2x3UL2BG++oIHMPx5kApWr8Uy1cgiiafXpHgamsqFUPjUtcp0/gpOaXkxUZftdVno7NwBTisw8qr9UA==",
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.3.0.tgz",
"integrity": "sha512-Xmv+HIefU8PMx3q+BwGmL28MLyQ2FF05ROZjH+iuoQ9q43qzmbJmmzou3NBOSspUa1N2nVtirPq7jPj9g8AMEg==",
"dependencies": {
"@actions/core": "^1.10.1",
"@actions/github": "^6.0.0",
"@actions/http-client": "^2.2.1",
"@octokit/plugin-retry": "^6.0.1",
"@sigstore/bundle": "^2.3.0",
"@sigstore/sign": "^2.3.0",
"@sigstore/bundle": "^2.3.2",
"@sigstore/sign": "^2.3.2",
"jsonwebtoken": "^9.0.2",
"jwks-rsa": "^3.1.0"
}
@@ -1635,25 +1635,25 @@
}
},
"node_modules/@peculiar/webcrypto": {
"version": "1.4.6",
"resolved": "https://registry.npmjs.org/@peculiar/webcrypto/-/webcrypto-1.4.6.tgz",
"integrity": "sha512-YBcMfqNSwn3SujUJvAaySy5tlYbYm6tVt9SKoXu8BaTdKGROiJDgPR3TXpZdAKUfklzm3lRapJEAltiMQtBgZg==",
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/@peculiar/webcrypto/-/webcrypto-1.5.0.tgz",
"integrity": "sha512-BRs5XUAwiyCDQMsVA9IDvDa7UBR9gAvPHgugOeGng3YN6vJ9JYonyDc0lNczErgtCWtucjR5N7VtaonboD/ezg==",
"dev": true,
"dependencies": {
"@peculiar/asn1-schema": "^2.3.8",
"@peculiar/json-schema": "^1.1.12",
"pvtsutils": "^1.3.5",
"tslib": "^2.6.2",
"webcrypto-core": "^1.7.9"
"webcrypto-core": "^1.8.0"
},
"engines": {
"node": ">=10.12.0"
}
},
"node_modules/@peculiar/x509": {
"version": "1.9.7",
"resolved": "https://registry.npmjs.org/@peculiar/x509/-/x509-1.9.7.tgz",
"integrity": "sha512-O+fR1ge6U8upO52q5b3d4tF4SxUdK4IQ0y++Z/Wlqq+ySZUf+deHnbMlDB1YZsIQ/DXU0i5M7Y1DyF5kwpXouQ==",
"version": "1.11.0",
"resolved": "https://registry.npmjs.org/@peculiar/x509/-/x509-1.11.0.tgz",
"integrity": "sha512-8rdxE//tsWLb2Yo2TYO2P8gieStbrHK/huFMV5PPfwX8I5HmtOus+Ox6nTKrPA9o+WOPaa5xKenee+QdmHBd5g==",
"dev": true,
"dependencies": {
"@peculiar/asn1-cms": "^2.3.8",
@@ -1664,7 +1664,7 @@
"@peculiar/asn1-schema": "^2.3.8",
"@peculiar/asn1-x509": "^2.3.8",
"pvtsutils": "^1.3.5",
"reflect-metadata": "^0.2.1",
"reflect-metadata": "^0.2.2",
"tslib": "^2.6.2",
"tsyringe": "^4.8.0"
}
@@ -1689,11 +1689,11 @@
}
},
"node_modules/@sigstore/bundle": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.1.tgz",
"integrity": "sha512-eqV17lO3EIFqCWK3969Rz+J8MYrRZKw9IBHpSo6DEcEX2c+uzDFOgHE9f2MnyDpfs48LFO4hXmk9KhQ74JzU1g==",
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.2.tgz",
"integrity": "sha512-wueKWDk70QixNLB363yHc2D2ItTgYiMTdPwK8D9dKQMR3ZQ0c35IxP5xnwQ8cNLoCgCRcHf14kE+CLIvNX1zmA==",
"dependencies": {
"@sigstore/protobuf-specs": "^0.3.1"
"@sigstore/protobuf-specs": "^0.3.2"
},
"engines": {
"node": "^16.14.0 || >=18.0.0"
@@ -1708,20 +1708,20 @@
}
},
"node_modules/@sigstore/mock": {
"version": "0.7.4",
"resolved": "https://registry.npmjs.org/@sigstore/mock/-/mock-0.7.4.tgz",
"integrity": "sha512-ij9X2Fij9fcH7upxf3KuAZ38ecGSMm+Asvbik5xiHTBUcwe1+bZ5eG6k5p1eHaNY+XJ581bC6O33871Bm5m5mQ==",
"version": "0.7.5",
"resolved": "https://registry.npmjs.org/@sigstore/mock/-/mock-0.7.5.tgz",
"integrity": "sha512-XZxQFFMXFwp5x+/th9vKffdCVZKvGNhhrfyTF8M8xyouLnF3SkLlMhLl39ukoEZRqNBs9TeM3HqnbVEMWIJiUQ==",
"dev": true,
"dependencies": {
"@peculiar/webcrypto": "^1.4.6",
"@peculiar/x509": "^1.9.7",
"@peculiar/webcrypto": "^1.5.0",
"@peculiar/x509": "^1.11.0",
"@sigstore/protobuf-specs": "^0.3.2",
"asn1js": "^3.0.5",
"bytestreamjs": "^2.0.1",
"canonicalize": "^2.0.0",
"jose": "^5.2.4",
"jose": "^5.4.0",
"nock": "^13.5.4",
"pkijs": "^3.0.16",
"pkijs": "^3.1.0",
"pvutils": "^1.1.3"
},
"engines": {
@@ -1729,9 +1729,9 @@
}
},
"node_modules/@sigstore/oci": {
"version": "0.3.4",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.4.tgz",
"integrity": "sha512-ydRTsvHOmLWnlR2BTtG1pHYvLkHG/oaqVyd2WDkfLU7B3dIWfqavE80VCzidNWuZpXN7m8+uBNatus2Qva1ktA==",
"version": "0.3.7",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.7.tgz",
"integrity": "sha512-1JmebwEXil+NVzugFURbC+D3Vzj6WyTI1B+7damUk94dWXamE9cJ057iSo72rupiSozM6N7lVMjtD1c/P5Rrrw==",
"dependencies": {
"make-fetch-happen": "^13.0.1",
"proc-log": "^4.2.0"
@@ -1749,13 +1749,13 @@
}
},
"node_modules/@sigstore/sign": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/@sigstore/sign/-/sign-2.3.1.tgz",
"integrity": "sha512-YZ71wKIOweC8ViUeZXboz0iPLqMkskxuoeN/D1CEpAyZvEepbX9oRMIoO6a/DxUqO1VEaqmcmmqzSiqtOsvSmw==",
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/@sigstore/sign/-/sign-2.3.2.tgz",
"integrity": "sha512-5Vz5dPVuunIIvC5vBb0APwo7qKA4G9yM48kPWJT+OEERs40md5GoUR1yedwpekWZ4m0Hhw44m6zU+ObsON+iDA==",
"dependencies": {
"@sigstore/bundle": "^2.3.0",
"@sigstore/bundle": "^2.3.2",
"@sigstore/core": "^1.0.0",
"@sigstore/protobuf-specs": "^0.3.1",
"@sigstore/protobuf-specs": "^0.3.2",
"make-fetch-happen": "^13.0.1",
"proc-log": "^4.2.0",
"promise-retry": "^2.0.1"
@@ -1960,9 +1960,9 @@
"integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w=="
},
"node_modules/@types/node": {
"version": "20.12.12",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.12.tgz",
"integrity": "sha512-eWLDGF/FOSPtAvEqeRAQ4C8LSA7M1I7i0ky1I8U7kD1J5ITyW3AsRhQrKVoWf5pFKZ2kILsEGJhsI9r93PYnOw==",
"version": "20.14.10",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.14.10.tgz",
"integrity": "sha512-MdiXf+nDuMvY0gJKxyfZ7/6UFsETO7mGKF54MVD/ekJS6HdFtpZFBgrh6Pseu64XTb2MLyFPlbW6hj8HYRQNOQ==",
"dependencies": {
"undici-types": "~5.26.4"
}
@@ -2037,16 +2037,16 @@
"license": "MIT"
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.11.0.tgz",
"integrity": "sha512-P+qEahbgeHW4JQ/87FuItjBj8O3MYv5gELDzr8QaQ7fsll1gSMTYb6j87MYyxwf3DtD7uGFB9ShwgmCJB5KmaQ==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.16.0.tgz",
"integrity": "sha512-py1miT6iQpJcs1BiJjm54AMzeuMPBSPuKPlnT8HlfudbcS5rYeX5jajpLf3mrdRh9dA/Ec2FVUY0ifeVNDIhZw==",
"dev": true,
"dependencies": {
"@eslint-community/regexpp": "^4.10.0",
"@typescript-eslint/scope-manager": "7.11.0",
"@typescript-eslint/type-utils": "7.11.0",
"@typescript-eslint/utils": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0",
"@typescript-eslint/scope-manager": "7.16.0",
"@typescript-eslint/type-utils": "7.16.0",
"@typescript-eslint/utils": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0",
"graphemer": "^1.4.0",
"ignore": "^5.3.1",
"natural-compare": "^1.4.0",
@@ -2070,15 +2070,15 @@
}
},
"node_modules/@typescript-eslint/parser": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.11.0.tgz",
"integrity": "sha512-yimw99teuaXVWsBcPO1Ais02kwJ1jmNA1KxE7ng0aT7ndr1pT1wqj0OJnsYVGKKlc4QJai86l/025L6z8CljOg==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.16.0.tgz",
"integrity": "sha512-ar9E+k7CU8rWi2e5ErzQiC93KKEFAXA2Kky0scAlPcxYblLt8+XZuHUZwlyfXILyQa95P6lQg+eZgh/dDs3+Vw==",
"dev": true,
"dependencies": {
"@typescript-eslint/scope-manager": "7.11.0",
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/typescript-estree": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0",
"@typescript-eslint/scope-manager": "7.16.0",
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/typescript-estree": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0",
"debug": "^4.3.4"
},
"engines": {
@@ -2098,13 +2098,13 @@
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.11.0.tgz",
"integrity": "sha512-27tGdVEiutD4POirLZX4YzT180vevUURJl4wJGmm6TrQoiYwuxTIY98PBp6L2oN+JQxzE0URvYlzJaBHIekXAw==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.16.0.tgz",
"integrity": "sha512-8gVv3kW6n01Q6TrI1cmTZ9YMFi3ucDT7i7aI5lEikk2ebk1AEjrwX8MDTdaX5D7fPXMBLvnsaa0IFTAu+jcfOw==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0"
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0"
},
"engines": {
"node": "^18.18.0 || >=20.0.0"
@@ -2115,13 +2115,13 @@
}
},
"node_modules/@typescript-eslint/type-utils": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.11.0.tgz",
"integrity": "sha512-WmppUEgYy+y1NTseNMJ6mCFxt03/7jTOy08bcg7bxJJdsM4nuhnchyBbE8vryveaJUf62noH7LodPSo5Z0WUCg==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.16.0.tgz",
"integrity": "sha512-j0fuUswUjDHfqV/UdW6mLtOQQseORqfdmoBNDFOqs9rvNVR2e+cmu6zJu/Ku4SDuqiJko6YnhwcL8x45r8Oqxg==",
"dev": true,
"dependencies": {
"@typescript-eslint/typescript-estree": "7.11.0",
"@typescript-eslint/utils": "7.11.0",
"@typescript-eslint/typescript-estree": "7.16.0",
"@typescript-eslint/utils": "7.16.0",
"debug": "^4.3.4",
"ts-api-utils": "^1.3.0"
},
@@ -2142,9 +2142,9 @@
}
},
"node_modules/@typescript-eslint/types": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.11.0.tgz",
"integrity": "sha512-MPEsDRZTyCiXkD4vd3zywDCifi7tatc4K37KqTprCvaXptP7Xlpdw0NR2hRJTetG5TxbWDB79Ys4kLmHliEo/w==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.16.0.tgz",
"integrity": "sha512-fecuH15Y+TzlUutvUl9Cc2XJxqdLr7+93SQIbcZfd4XRGGKoxyljK27b+kxKamjRkU7FYC6RrbSCg0ALcZn/xw==",
"dev": true,
"engines": {
"node": "^18.18.0 || >=20.0.0"
@@ -2155,13 +2155,13 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.11.0.tgz",
"integrity": "sha512-cxkhZ2C/iyi3/6U9EPc5y+a6csqHItndvN/CzbNXTNrsC3/ASoYQZEt9uMaEp+xFNjasqQyszp5TumAVKKvJeQ==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.16.0.tgz",
"integrity": "sha512-a5NTvk51ZndFuOLCh5OaJBELYc2O3Zqxfl3Js78VFE1zE46J2AaVuW+rEbVkQznjkmlzWsUI15BG5tQMixzZLw==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0",
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@@ -2192,9 +2192,9 @@
}
},
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
"version": "9.0.4",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
"integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
"version": "9.0.5",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
"integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -2207,15 +2207,15 @@
}
},
"node_modules/@typescript-eslint/utils": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.11.0.tgz",
"integrity": "sha512-xlAWwPleNRHwF37AhrZurOxA1wyXowW4PqVXZVUNCLjB48CqdPJoJWkrpH2nij9Q3Lb7rtWindtoXwxjxlKKCA==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.16.0.tgz",
"integrity": "sha512-PqP4kP3hb4r7Jav+NiRCntlVzhxBNWq6ZQ+zQwII1y/G/1gdIPeYDCKr2+dH6049yJQsWZiHU6RlwvIFBXXGNA==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.4.0",
"@typescript-eslint/scope-manager": "7.11.0",
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/typescript-estree": "7.11.0"
"@typescript-eslint/scope-manager": "7.16.0",
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/typescript-estree": "7.16.0"
},
"engines": {
"node": "^18.18.0 || >=20.0.0"
@@ -2229,12 +2229,12 @@
}
},
"node_modules/@typescript-eslint/visitor-keys": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.11.0.tgz",
"integrity": "sha512-7syYk4MzjxTEk0g/w3iqtgxnFQspDJfn6QKD36xMuuhTzjcxY7F8EmBLnALjVyaOF1/bVocu3bS/2/F7rXrveQ==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.16.0.tgz",
"integrity": "sha512-rMo01uPy9C7XxG7AFsxa8zLnWXTF8N3PYclekWSrurvhwiw1eW88mrKiAYe6s53AUY57nTRz8dJsuuXdkAhzCg==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/types": "7.16.0",
"eslint-visitor-keys": "^3.4.3"
},
"engines": {
@@ -2721,11 +2721,12 @@
}
},
"node_modules/braces": {
"version": "3.0.2",
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
"integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"license": "MIT",
"dependencies": {
"fill-range": "^7.0.1"
"fill-range": "^7.1.1"
},
"engines": {
"node": ">=8"
@@ -3667,9 +3668,9 @@
}
},
"node_modules/eslint-plugin-github": {
"version": "4.10.2",
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.10.2.tgz",
"integrity": "sha512-F1F5aAFgi1Y5hYoTFzGQACBkw5W1hu2Fu5FSTrMlXqrojJnKl1S2pWO/rprlowRQpt+hzHhqSpsfnodJEVd5QA==",
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-5.0.1.tgz",
"integrity": "sha512-qbXG3wL5Uh2JB92EKeX2hPtO9c/t75qVxQjVLYuTFfhHifLZzv9CBvLCvoaBhLrAC/xTMVht7DK/NofYK8X4Dg==",
"dev": true,
"dependencies": {
"@github/browserslist-config": "^1.0.0",
@@ -3768,9 +3769,9 @@
}
},
"node_modules/eslint-plugin-jest": {
"version": "28.5.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.5.0.tgz",
"integrity": "sha512-6np6DGdmNq/eBbA7HOUNV8fkfL86PYwBfwyb8n23FXgJNTR8+ot3smRHjza9LGsBBZRypK3qyF79vMjohIL8eQ==",
"version": "28.6.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.6.0.tgz",
"integrity": "sha512-YG28E1/MIKwnz+e2H7VwYPzHUYU4aMa19w0yGcwXnnmJH6EfgHahTJ2un3IyraUxNfnz/KUhJAFXNNwWPo12tg==",
"dev": true,
"dependencies": {
"@typescript-eslint/utils": "^6.0.0 || ^7.0.0"
@@ -4114,9 +4115,10 @@
}
},
"node_modules/fill-range": {
"version": "7.0.1",
"version": "7.1.1",
"resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
"integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"license": "MIT",
"dependencies": {
"to-regex-range": "^5.0.1"
},
@@ -4707,9 +4709,9 @@
"license": "BSD-3-Clause"
},
"node_modules/ipaddr.js": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.1.0.tgz",
"integrity": "sha512-LlbxQ7xKzfBusov6UMi4MFpEg0m+mAm9xyNGEduwXMEDuf4WfzB/RZwMVYEd7IKGvh4IUkEXYxtAVu9T3OelJQ==",
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.2.0.tgz",
"integrity": "sha512-Ag3wB2o37wslZS19hZqorUnrnzSkpOVy+IiiDEiTqNubEYpYuHWIf6K4psgN2ZWKExS4xhVCrRVfb/wfW8fWJA==",
"dev": true,
"engines": {
"node": ">= 10"
@@ -4909,8 +4911,9 @@
},
"node_modules/is-number": {
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
"integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=0.12.0"
}
@@ -5705,9 +5708,9 @@
}
},
"node_modules/jose": {
"version": "5.3.0",
"resolved": "https://registry.npmjs.org/jose/-/jose-5.3.0.tgz",
"integrity": "sha512-IChe9AtAE79ru084ow8jzkN2lNrG3Ntfiv65Cvj9uOCE2m5LNsdHG+9EbxWxAoWRF9TgDOqLN5jm08++owDVRg==",
"version": "5.4.0",
"resolved": "https://registry.npmjs.org/jose/-/jose-5.4.0.tgz",
"integrity": "sha512-6rpxTHPAQyWMb9A35BroFl1Sp0ST3DpPcm5EVIxZxdH+e0Hv9fwhyB3XLKFUcHNpdSDnETmBfuPPTTlYz5+USw==",
"dev": true,
"funding": {
"url": "https://github.com/sponsors/panva"
@@ -6979,9 +6982,9 @@
}
},
"node_modules/pkijs": {
"version": "3.0.16",
"resolved": "https://registry.npmjs.org/pkijs/-/pkijs-3.0.16.tgz",
"integrity": "sha512-iDUm90wfgtfd1PDV1oEnQj/4jBIU9hCSJeV0kQKThwDpbseFxC4TdpoMYlwE9maol5u0wMGZX9cNG2h1/0Lhww==",
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/pkijs/-/pkijs-3.1.0.tgz",
"integrity": "sha512-N+OCWUp6xrg7OkG+4DIiZUOsp3qMztjq8RGCc1hSY92dsUG8cTlAo7pEkfRGjcdyBv2c1Y9bjAzqdTJAlctuNg==",
"dev": true,
"dependencies": {
"asn1js": "^3.0.5",
@@ -7012,9 +7015,10 @@
}
},
"node_modules/prettier": {
"version": "3.2.5",
"version": "3.3.2",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.2.tgz",
"integrity": "sha512-rAVeHYMcv8ATV5d508CFdn+8/pHPpXeIid1DdrPwXnaAdH7cqjVbpJaT5eq4yRAFU/lsbwYwSF/n5iNrdJHPQA==",
"dev": true,
"license": "MIT",
"bin": {
"prettier": "bin/prettier.cjs"
},
@@ -7341,9 +7345,9 @@
"license": "MIT"
},
"node_modules/reflect-metadata": {
"version": "0.2.1",
"resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.2.1.tgz",
"integrity": "sha512-i5lLI6iw9AU3Uu4szRNPPEkomnkjRTaVt9hy/bn5g/oSzekBSMeLZblcjP74AW0vBabqERLLIrz+gR8QYR54Tw==",
"version": "0.2.2",
"resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.2.2.tgz",
"integrity": "sha512-urBwgfrvVP/eAyXx4hluJivBKzuEbSQs9rKWCrCkbSxNv8mxPcUZKeuoF3Uy4mJl3Lwprp6yy5/39VWigZ4K6Q==",
"dev": true
},
"node_modules/reflect.getprototypeof": {
@@ -8052,8 +8056,9 @@
},
"node_modules/to-regex-range": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
"integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"is-number": "^7.0.0"
},
@@ -8074,9 +8079,9 @@
}
},
"node_modules/ts-jest": {
"version": "29.1.3",
"resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.3.tgz",
"integrity": "sha512-6L9qz3ginTd1NKhOxmkP0qU3FyKjj5CPoY+anszfVn6Pmv/RIKzhiMCsH7Yb7UvJR9I2A64rm4zQl531s2F1iw==",
"version": "29.2.0",
"resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.0.tgz",
"integrity": "sha512-eFmkE9MG0+oT6nqSOcUwL+2UUmK2IvhhUV8hFDsCHnc++v2WCCbQQZh5vvjsa8sgOY/g9T0325hmkEmi6rninA==",
"dev": true,
"dependencies": {
"bs-logger": "0.x",
@@ -8287,9 +8292,9 @@
}
},
"node_modules/typescript": {
"version": "5.4.5",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.5.tgz",
"integrity": "sha512-vcI4UpRgg81oIRUFwR0WSIHKt11nJ7SAVlYNIu+QpqeyXP+gpQJy/Z4+F0aGxSE4MqwjyXvW/TzgkLAx2AGHwQ==",
"version": "5.5.3",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.3.tgz",
"integrity": "sha512-/hreyEujaB0w76zKo6717l3L0o/qEUtRgdvUBvlkhoWeOVMjMuHNHk0BRBzikzuGDqNmPQbg5ifMEqsHLiIUcQ==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
@@ -8453,9 +8458,9 @@
}
},
"node_modules/webcrypto-core": {
"version": "1.7.9",
"resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-1.7.9.tgz",
"integrity": "sha512-FE+a4PPkOmBbgNDIyRmcHhgXn+2ClRl3JzJdDu/P4+B8y81LqKe6RAsI9b3lAOHe1T1BMkSjsRHTYRikImZnVA==",
"version": "1.8.0",
"resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-1.8.0.tgz",
"integrity": "sha512-kR1UQNH8MD42CYuLzvibfakG5Ew5seG85dMMoAM/1LqvckxaF6pUiidLuraIu4V+YCIFabYecUZAW0TuxAoaqw==",
"dev": true,
"dependencies": {
"@peculiar/asn1-schema": "^2.3.8",
@@ -8661,16 +8666,16 @@
"dev": true
},
"@actions/attest": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.2.1.tgz",
"integrity": "sha512-ZLfmO6o2x3UL2BG++oIHMPx5kApWr8Uy1cgiiafXpHgamsqFUPjUtcp0/gpOaXkxUZftdVno7NwBTisw8qr9UA==",
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.3.0.tgz",
"integrity": "sha512-Xmv+HIefU8PMx3q+BwGmL28MLyQ2FF05ROZjH+iuoQ9q43qzmbJmmzou3NBOSspUa1N2nVtirPq7jPj9g8AMEg==",
"requires": {
"@actions/core": "^1.10.1",
"@actions/github": "^6.0.0",
"@actions/http-client": "^2.2.1",
"@octokit/plugin-retry": "^6.0.1",
"@sigstore/bundle": "^2.3.0",
"@sigstore/sign": "^2.3.0",
"@sigstore/bundle": "^2.3.2",
"@sigstore/sign": "^2.3.2",
"jsonwebtoken": "^9.0.2",
"jwks-rsa": "^3.1.0"
}
@@ -9762,22 +9767,22 @@
}
},
"@peculiar/webcrypto": {
"version": "1.4.6",
"resolved": "https://registry.npmjs.org/@peculiar/webcrypto/-/webcrypto-1.4.6.tgz",
"integrity": "sha512-YBcMfqNSwn3SujUJvAaySy5tlYbYm6tVt9SKoXu8BaTdKGROiJDgPR3TXpZdAKUfklzm3lRapJEAltiMQtBgZg==",
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/@peculiar/webcrypto/-/webcrypto-1.5.0.tgz",
"integrity": "sha512-BRs5XUAwiyCDQMsVA9IDvDa7UBR9gAvPHgugOeGng3YN6vJ9JYonyDc0lNczErgtCWtucjR5N7VtaonboD/ezg==",
"dev": true,
"requires": {
"@peculiar/asn1-schema": "^2.3.8",
"@peculiar/json-schema": "^1.1.12",
"pvtsutils": "^1.3.5",
"tslib": "^2.6.2",
"webcrypto-core": "^1.7.9"
"webcrypto-core": "^1.8.0"
}
},
"@peculiar/x509": {
"version": "1.9.7",
"resolved": "https://registry.npmjs.org/@peculiar/x509/-/x509-1.9.7.tgz",
"integrity": "sha512-O+fR1ge6U8upO52q5b3d4tF4SxUdK4IQ0y++Z/Wlqq+ySZUf+deHnbMlDB1YZsIQ/DXU0i5M7Y1DyF5kwpXouQ==",
"version": "1.11.0",
"resolved": "https://registry.npmjs.org/@peculiar/x509/-/x509-1.11.0.tgz",
"integrity": "sha512-8rdxE//tsWLb2Yo2TYO2P8gieStbrHK/huFMV5PPfwX8I5HmtOus+Ox6nTKrPA9o+WOPaa5xKenee+QdmHBd5g==",
"dev": true,
"requires": {
"@peculiar/asn1-cms": "^2.3.8",
@@ -9788,7 +9793,7 @@
"@peculiar/asn1-schema": "^2.3.8",
"@peculiar/asn1-x509": "^2.3.8",
"pvtsutils": "^1.3.5",
"reflect-metadata": "^0.2.1",
"reflect-metadata": "^0.2.2",
"tslib": "^2.6.2",
"tsyringe": "^4.8.0"
}
@@ -9802,11 +9807,11 @@
"dev": true
},
"@sigstore/bundle": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.1.tgz",
"integrity": "sha512-eqV17lO3EIFqCWK3969Rz+J8MYrRZKw9IBHpSo6DEcEX2c+uzDFOgHE9f2MnyDpfs48LFO4hXmk9KhQ74JzU1g==",
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.2.tgz",
"integrity": "sha512-wueKWDk70QixNLB363yHc2D2ItTgYiMTdPwK8D9dKQMR3ZQ0c35IxP5xnwQ8cNLoCgCRcHf14kE+CLIvNX1zmA==",
"requires": {
"@sigstore/protobuf-specs": "^0.3.1"
"@sigstore/protobuf-specs": "^0.3.2"
}
},
"@sigstore/core": {
@@ -9815,27 +9820,27 @@
"integrity": "sha512-JzBqdVIyqm2FRQCulY6nbQzMpJJpSiJ8XXWMhtOX9eKgaXXpfNOF53lzQEjIydlStnd/eFtuC1dW4VYdD93oRg=="
},
"@sigstore/mock": {
"version": "0.7.4",
"resolved": "https://registry.npmjs.org/@sigstore/mock/-/mock-0.7.4.tgz",
"integrity": "sha512-ij9X2Fij9fcH7upxf3KuAZ38ecGSMm+Asvbik5xiHTBUcwe1+bZ5eG6k5p1eHaNY+XJ581bC6O33871Bm5m5mQ==",
"version": "0.7.5",
"resolved": "https://registry.npmjs.org/@sigstore/mock/-/mock-0.7.5.tgz",
"integrity": "sha512-XZxQFFMXFwp5x+/th9vKffdCVZKvGNhhrfyTF8M8xyouLnF3SkLlMhLl39ukoEZRqNBs9TeM3HqnbVEMWIJiUQ==",
"dev": true,
"requires": {
"@peculiar/webcrypto": "^1.4.6",
"@peculiar/x509": "^1.9.7",
"@peculiar/webcrypto": "^1.5.0",
"@peculiar/x509": "^1.11.0",
"@sigstore/protobuf-specs": "^0.3.2",
"asn1js": "^3.0.5",
"bytestreamjs": "^2.0.1",
"canonicalize": "^2.0.0",
"jose": "^5.2.4",
"jose": "^5.4.0",
"nock": "^13.5.4",
"pkijs": "^3.0.16",
"pkijs": "^3.1.0",
"pvutils": "^1.1.3"
}
},
"@sigstore/oci": {
"version": "0.3.4",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.4.tgz",
"integrity": "sha512-ydRTsvHOmLWnlR2BTtG1pHYvLkHG/oaqVyd2WDkfLU7B3dIWfqavE80VCzidNWuZpXN7m8+uBNatus2Qva1ktA==",
"version": "0.3.7",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.7.tgz",
"integrity": "sha512-1JmebwEXil+NVzugFURbC+D3Vzj6WyTI1B+7damUk94dWXamE9cJ057iSo72rupiSozM6N7lVMjtD1c/P5Rrrw==",
"requires": {
"make-fetch-happen": "^13.0.1",
"proc-log": "^4.2.0"
@@ -9847,13 +9852,13 @@
"integrity": "sha512-c6B0ehIWxMI8wiS/bj6rHMPqeFvngFV7cDU/MY+B16P9Z3Mp9k8L93eYZ7BYzSickzuqAQqAq0V956b3Ju6mLw=="
},
"@sigstore/sign": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/@sigstore/sign/-/sign-2.3.1.tgz",
"integrity": "sha512-YZ71wKIOweC8ViUeZXboz0iPLqMkskxuoeN/D1CEpAyZvEepbX9oRMIoO6a/DxUqO1VEaqmcmmqzSiqtOsvSmw==",
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/@sigstore/sign/-/sign-2.3.2.tgz",
"integrity": "sha512-5Vz5dPVuunIIvC5vBb0APwo7qKA4G9yM48kPWJT+OEERs40md5GoUR1yedwpekWZ4m0Hhw44m6zU+ObsON+iDA==",
"requires": {
"@sigstore/bundle": "^2.3.0",
"@sigstore/bundle": "^2.3.2",
"@sigstore/core": "^1.0.0",
"@sigstore/protobuf-specs": "^0.3.1",
"@sigstore/protobuf-specs": "^0.3.2",
"make-fetch-happen": "^13.0.1",
"proc-log": "^4.2.0",
"promise-retry": "^2.0.1"
@@ -10040,9 +10045,9 @@
"integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w=="
},
"@types/node": {
"version": "20.12.12",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.12.tgz",
"integrity": "sha512-eWLDGF/FOSPtAvEqeRAQ4C8LSA7M1I7i0ky1I8U7kD1J5ITyW3AsRhQrKVoWf5pFKZ2kILsEGJhsI9r93PYnOw==",
"version": "20.14.10",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.14.10.tgz",
"integrity": "sha512-MdiXf+nDuMvY0gJKxyfZ7/6UFsETO7mGKF54MVD/ekJS6HdFtpZFBgrh6Pseu64XTb2MLyFPlbW6hj8HYRQNOQ==",
"requires": {
"undici-types": "~5.26.4"
}
@@ -10111,16 +10116,16 @@
"dev": true
},
"@typescript-eslint/eslint-plugin": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.11.0.tgz",
"integrity": "sha512-P+qEahbgeHW4JQ/87FuItjBj8O3MYv5gELDzr8QaQ7fsll1gSMTYb6j87MYyxwf3DtD7uGFB9ShwgmCJB5KmaQ==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.16.0.tgz",
"integrity": "sha512-py1miT6iQpJcs1BiJjm54AMzeuMPBSPuKPlnT8HlfudbcS5rYeX5jajpLf3mrdRh9dA/Ec2FVUY0ifeVNDIhZw==",
"dev": true,
"requires": {
"@eslint-community/regexpp": "^4.10.0",
"@typescript-eslint/scope-manager": "7.11.0",
"@typescript-eslint/type-utils": "7.11.0",
"@typescript-eslint/utils": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0",
"@typescript-eslint/scope-manager": "7.16.0",
"@typescript-eslint/type-utils": "7.16.0",
"@typescript-eslint/utils": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0",
"graphemer": "^1.4.0",
"ignore": "^5.3.1",
"natural-compare": "^1.4.0",
@@ -10128,54 +10133,54 @@
}
},
"@typescript-eslint/parser": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.11.0.tgz",
"integrity": "sha512-yimw99teuaXVWsBcPO1Ais02kwJ1jmNA1KxE7ng0aT7ndr1pT1wqj0OJnsYVGKKlc4QJai86l/025L6z8CljOg==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.16.0.tgz",
"integrity": "sha512-ar9E+k7CU8rWi2e5ErzQiC93KKEFAXA2Kky0scAlPcxYblLt8+XZuHUZwlyfXILyQa95P6lQg+eZgh/dDs3+Vw==",
"dev": true,
"requires": {
"@typescript-eslint/scope-manager": "7.11.0",
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/typescript-estree": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0",
"@typescript-eslint/scope-manager": "7.16.0",
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/typescript-estree": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0",
"debug": "^4.3.4"
}
},
"@typescript-eslint/scope-manager": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.11.0.tgz",
"integrity": "sha512-27tGdVEiutD4POirLZX4YzT180vevUURJl4wJGmm6TrQoiYwuxTIY98PBp6L2oN+JQxzE0URvYlzJaBHIekXAw==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.16.0.tgz",
"integrity": "sha512-8gVv3kW6n01Q6TrI1cmTZ9YMFi3ucDT7i7aI5lEikk2ebk1AEjrwX8MDTdaX5D7fPXMBLvnsaa0IFTAu+jcfOw==",
"dev": true,
"requires": {
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0"
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0"
}
},
"@typescript-eslint/type-utils": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.11.0.tgz",
"integrity": "sha512-WmppUEgYy+y1NTseNMJ6mCFxt03/7jTOy08bcg7bxJJdsM4nuhnchyBbE8vryveaJUf62noH7LodPSo5Z0WUCg==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.16.0.tgz",
"integrity": "sha512-j0fuUswUjDHfqV/UdW6mLtOQQseORqfdmoBNDFOqs9rvNVR2e+cmu6zJu/Ku4SDuqiJko6YnhwcL8x45r8Oqxg==",
"dev": true,
"requires": {
"@typescript-eslint/typescript-estree": "7.11.0",
"@typescript-eslint/utils": "7.11.0",
"@typescript-eslint/typescript-estree": "7.16.0",
"@typescript-eslint/utils": "7.16.0",
"debug": "^4.3.4",
"ts-api-utils": "^1.3.0"
}
},
"@typescript-eslint/types": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.11.0.tgz",
"integrity": "sha512-MPEsDRZTyCiXkD4vd3zywDCifi7tatc4K37KqTprCvaXptP7Xlpdw0NR2hRJTetG5TxbWDB79Ys4kLmHliEo/w==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.16.0.tgz",
"integrity": "sha512-fecuH15Y+TzlUutvUl9Cc2XJxqdLr7+93SQIbcZfd4XRGGKoxyljK27b+kxKamjRkU7FYC6RrbSCg0ALcZn/xw==",
"dev": true
},
"@typescript-eslint/typescript-estree": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.11.0.tgz",
"integrity": "sha512-cxkhZ2C/iyi3/6U9EPc5y+a6csqHItndvN/CzbNXTNrsC3/ASoYQZEt9uMaEp+xFNjasqQyszp5TumAVKKvJeQ==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.16.0.tgz",
"integrity": "sha512-a5NTvk51ZndFuOLCh5OaJBELYc2O3Zqxfl3Js78VFE1zE46J2AaVuW+rEbVkQznjkmlzWsUI15BG5tQMixzZLw==",
"dev": true,
"requires": {
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/visitor-keys": "7.11.0",
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/visitor-keys": "7.16.0",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@@ -10194,9 +10199,9 @@
}
},
"minimatch": {
"version": "9.0.4",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
"integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
"version": "9.0.5",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
"integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -10205,24 +10210,24 @@
}
},
"@typescript-eslint/utils": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.11.0.tgz",
"integrity": "sha512-xlAWwPleNRHwF37AhrZurOxA1wyXowW4PqVXZVUNCLjB48CqdPJoJWkrpH2nij9Q3Lb7rtWindtoXwxjxlKKCA==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.16.0.tgz",
"integrity": "sha512-PqP4kP3hb4r7Jav+NiRCntlVzhxBNWq6ZQ+zQwII1y/G/1gdIPeYDCKr2+dH6049yJQsWZiHU6RlwvIFBXXGNA==",
"dev": true,
"requires": {
"@eslint-community/eslint-utils": "^4.4.0",
"@typescript-eslint/scope-manager": "7.11.0",
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/typescript-estree": "7.11.0"
"@typescript-eslint/scope-manager": "7.16.0",
"@typescript-eslint/types": "7.16.0",
"@typescript-eslint/typescript-estree": "7.16.0"
}
},
"@typescript-eslint/visitor-keys": {
"version": "7.11.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.11.0.tgz",
"integrity": "sha512-7syYk4MzjxTEk0g/w3iqtgxnFQspDJfn6QKD36xMuuhTzjcxY7F8EmBLnALjVyaOF1/bVocu3bS/2/F7rXrveQ==",
"version": "7.16.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.16.0.tgz",
"integrity": "sha512-rMo01uPy9C7XxG7AFsxa8zLnWXTF8N3PYclekWSrurvhwiw1eW88mrKiAYe6s53AUY57nTRz8dJsuuXdkAhzCg==",
"dev": true,
"requires": {
"@typescript-eslint/types": "7.11.0",
"@typescript-eslint/types": "7.16.0",
"eslint-visitor-keys": "^3.4.3"
}
},
@@ -10552,10 +10557,12 @@
}
},
"braces": {
"version": "3.0.2",
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
"integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"requires": {
"fill-range": "^7.0.1"
"fill-range": "^7.1.1"
}
},
"browserslist": {
@@ -11185,9 +11192,9 @@
}
},
"eslint-plugin-github": {
"version": "4.10.2",
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.10.2.tgz",
"integrity": "sha512-F1F5aAFgi1Y5hYoTFzGQACBkw5W1hu2Fu5FSTrMlXqrojJnKl1S2pWO/rprlowRQpt+hzHhqSpsfnodJEVd5QA==",
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-5.0.1.tgz",
"integrity": "sha512-qbXG3wL5Uh2JB92EKeX2hPtO9c/t75qVxQjVLYuTFfhHifLZzv9CBvLCvoaBhLrAC/xTMVht7DK/NofYK8X4Dg==",
"dev": true,
"requires": {
"@github/browserslist-config": "^1.0.0",
@@ -11268,9 +11275,9 @@
}
},
"eslint-plugin-jest": {
"version": "28.5.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.5.0.tgz",
"integrity": "sha512-6np6DGdmNq/eBbA7HOUNV8fkfL86PYwBfwyb8n23FXgJNTR8+ot3smRHjza9LGsBBZRypK3qyF79vMjohIL8eQ==",
"version": "28.6.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.6.0.tgz",
"integrity": "sha512-YG28E1/MIKwnz+e2H7VwYPzHUYU4aMa19w0yGcwXnnmJH6EfgHahTJ2un3IyraUxNfnz/KUhJAFXNNwWPo12tg==",
"dev": true,
"requires": {
"@typescript-eslint/utils": "^6.0.0 || ^7.0.0"
@@ -11479,7 +11486,9 @@
}
},
"fill-range": {
"version": "7.0.1",
"version": "7.1.1",
"resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
"integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"requires": {
"to-regex-range": "^5.0.1"
@@ -11849,9 +11858,9 @@
}
},
"ipaddr.js": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.1.0.tgz",
"integrity": "sha512-LlbxQ7xKzfBusov6UMi4MFpEg0m+mAm9xyNGEduwXMEDuf4WfzB/RZwMVYEd7IKGvh4IUkEXYxtAVu9T3OelJQ==",
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.2.0.tgz",
"integrity": "sha512-Ag3wB2o37wslZS19hZqorUnrnzSkpOVy+IiiDEiTqNubEYpYuHWIf6K4psgN2ZWKExS4xhVCrRVfb/wfW8fWJA==",
"dev": true
},
"is-array-buffer": {
@@ -11973,6 +11982,8 @@
},
"is-number": {
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
"integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
"dev": true
},
"is-number-object": {
@@ -12510,9 +12521,9 @@
}
},
"jose": {
"version": "5.3.0",
"resolved": "https://registry.npmjs.org/jose/-/jose-5.3.0.tgz",
"integrity": "sha512-IChe9AtAE79ru084ow8jzkN2lNrG3Ntfiv65Cvj9uOCE2m5LNsdHG+9EbxWxAoWRF9TgDOqLN5jm08++owDVRg==",
"version": "5.4.0",
"resolved": "https://registry.npmjs.org/jose/-/jose-5.4.0.tgz",
"integrity": "sha512-6rpxTHPAQyWMb9A35BroFl1Sp0ST3DpPcm5EVIxZxdH+e0Hv9fwhyB3XLKFUcHNpdSDnETmBfuPPTTlYz5+USw==",
"dev": true
},
"js-tokens": {
@@ -13396,9 +13407,9 @@
}
},
"pkijs": {
"version": "3.0.16",
"resolved": "https://registry.npmjs.org/pkijs/-/pkijs-3.0.16.tgz",
"integrity": "sha512-iDUm90wfgtfd1PDV1oEnQj/4jBIU9hCSJeV0kQKThwDpbseFxC4TdpoMYlwE9maol5u0wMGZX9cNG2h1/0Lhww==",
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/pkijs/-/pkijs-3.1.0.tgz",
"integrity": "sha512-N+OCWUp6xrg7OkG+4DIiZUOsp3qMztjq8RGCc1hSY92dsUG8cTlAo7pEkfRGjcdyBv2c1Y9bjAzqdTJAlctuNg==",
"dev": true,
"requires": {
"asn1js": "^3.0.5",
@@ -13419,7 +13430,9 @@
"dev": true
},
"prettier": {
"version": "3.2.5",
"version": "3.3.2",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.2.tgz",
"integrity": "sha512-rAVeHYMcv8ATV5d508CFdn+8/pHPpXeIid1DdrPwXnaAdH7cqjVbpJaT5eq4yRAFU/lsbwYwSF/n5iNrdJHPQA==",
"dev": true
},
"prettier-eslint": {
@@ -13606,9 +13619,9 @@
"dev": true
},
"reflect-metadata": {
"version": "0.2.1",
"resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.2.1.tgz",
"integrity": "sha512-i5lLI6iw9AU3Uu4szRNPPEkomnkjRTaVt9hy/bn5g/oSzekBSMeLZblcjP74AW0vBabqERLLIrz+gR8QYR54Tw==",
"version": "0.2.2",
"resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.2.2.tgz",
"integrity": "sha512-urBwgfrvVP/eAyXx4hluJivBKzuEbSQs9rKWCrCkbSxNv8mxPcUZKeuoF3Uy4mJl3Lwprp6yy5/39VWigZ4K6Q==",
"dev": true
},
"reflect.getprototypeof": {
@@ -14058,6 +14071,8 @@
},
"to-regex-range": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
"integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
"dev": true,
"requires": {
"is-number": "^7.0.0"
@@ -14071,9 +14086,9 @@
"requires": {}
},
"ts-jest": {
"version": "29.1.3",
"resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.3.tgz",
"integrity": "sha512-6L9qz3ginTd1NKhOxmkP0qU3FyKjj5CPoY+anszfVn6Pmv/RIKzhiMCsH7Yb7UvJR9I2A64rm4zQl531s2F1iw==",
"version": "29.2.0",
"resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.0.tgz",
"integrity": "sha512-eFmkE9MG0+oT6nqSOcUwL+2UUmK2IvhhUV8hFDsCHnc++v2WCCbQQZh5vvjsa8sgOY/g9T0325hmkEmi6rninA==",
"dev": true,
"requires": {
"bs-logger": "0.x",
@@ -14207,9 +14222,9 @@
}
},
"typescript": {
"version": "5.4.5",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.5.tgz",
"integrity": "sha512-vcI4UpRgg81oIRUFwR0WSIHKt11nJ7SAVlYNIu+QpqeyXP+gpQJy/Z4+F0aGxSE4MqwjyXvW/TzgkLAx2AGHwQ==",
"version": "5.5.3",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.3.tgz",
"integrity": "sha512-/hreyEujaB0w76zKo6717l3L0o/qEUtRgdvUBvlkhoWeOVMjMuHNHk0BRBzikzuGDqNmPQbg5ifMEqsHLiIUcQ==",
"dev": true
},
"uc.micro": {
@@ -14310,9 +14325,9 @@
}
},
"webcrypto-core": {
"version": "1.7.9",
"resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-1.7.9.tgz",
"integrity": "sha512-FE+a4PPkOmBbgNDIyRmcHhgXn+2ClRl3JzJdDu/P4+B8y81LqKe6RAsI9b3lAOHe1T1BMkSjsRHTYRikImZnVA==",
"version": "1.8.0",
"resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-1.8.0.tgz",
"integrity": "sha512-kR1UQNH8MD42CYuLzvibfakG5Ew5seG85dMMoAM/1LqvckxaF6pUiidLuraIu4V+YCIFabYecUZAW0TuxAoaqw==",
"dev": true,
"requires": {
"@peculiar/asn1-schema": "^2.3.8",
+12 -12
View File
@@ -1,7 +1,7 @@
{
"name": "actions/attest",
"description": "Generate signed attestations for workflow artifacts",
"version": "1.2.0",
"version": "1.3.3",
"author": "",
"private": true,
"homepage": "https://github.com/actions/attest",
@@ -69,33 +69,33 @@
]
},
"dependencies": {
"@actions/attest": "^1.2.1",
"@actions/attest": "^1.3.0",
"@actions/core": "^1.10.1",
"@actions/glob": "^0.4.0",
"@sigstore/oci": "^0.3.4",
"@sigstore/oci": "^0.3.7",
"csv-parse": "^5.5.6"
},
"devDependencies": {
"@sigstore/mock": "^0.7.4",
"@sigstore/mock": "^0.7.5",
"@types/jest": "^29.5.12",
"@types/make-fetch-happen": "^10.0.4",
"@types/node": "^20.12.12",
"@typescript-eslint/eslint-plugin": "^7.11.0",
"@typescript-eslint/parser": "^7.11.0",
"@types/node": "^20.14.10",
"@typescript-eslint/eslint-plugin": "^7.16.0",
"@typescript-eslint/parser": "^7.16.0",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"eslint-plugin-github": "^4.10.2",
"eslint-plugin-jest": "^28.5.0",
"eslint-plugin-github": "^5.0.1",
"eslint-plugin-jest": "^28.6.0",
"eslint-plugin-jsonc": "^2.16.0",
"eslint-plugin-prettier": "^5.1.3",
"jest": "^29.7.0",
"js-yaml": "^4.1.0",
"markdownlint-cli": "^0.41.0",
"nock": "^13.5.4",
"prettier": "^3.2.5",
"prettier": "^3.3.2",
"prettier-eslint": "^16.3.0",
"ts-jest": "^29.1.3",
"typescript": "^5.4.5",
"ts-jest": "^29.2.0",
"typescript": "^5.5.3",
"undici": "^5.28.4"
}
}
+1 -1
View File
@@ -1,7 +1,7 @@
import { Attestation, Predicate, Subject, attest } from '@actions/attest'
import { attachArtifactToImage, getRegistryCredentials } from '@sigstore/oci'
const OCI_TIMEOUT = 2000
const OCI_TIMEOUT = 30000
const OCI_RETRY = 3
export type SigstoreInstance = 'public-good' | 'github'
+3 -6
View File
@@ -56,16 +56,13 @@ const getSubjectFromPath = async (
subjectName?: string
): Promise<Subject[]> => {
const digestedSubjects: Subject[] = []
const files: string[] = []
// Parse the list of subject paths
const subjectPaths = parseList(subjectPath)
const subjectPaths = parseList(subjectPath).join('\n')
// Expand the globbed paths to a list of files
for (const subPath of subjectPaths) {
/* eslint-disable-next-line github/no-then */
files.push(...(await glob.create(subPath).then(async g => g.glob())))
}
/* eslint-disable-next-line github/no-then */
const files = await glob.create(subjectPaths).then(async g => g.glob())
if (files.length > MAX_SUBJECT_COUNT) {
throw new Error(