Compare commits

...

2 Commits

Author SHA1 Message Date
Brian DeHamer 8afbcf6e5e increase timeout for OCI operations (#92)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-17 06:51:46 -07:00
Brian DeHamer 0fdba851bc bump @sigstore/oci from 0.3.6 to 0.3.7 (#90)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-13 14:22:50 -07:00
4 changed files with 14 additions and 14 deletions
Generated Vendored
+2 -2
View File
@@ -11758,7 +11758,7 @@ class OCIImage {
// the referrers API but still reports a subjectDigest).
const referrersSupported = await __classPrivateFieldGet(this, _OCIImage_client, "f").pingReferrers();
// Manually update the referrers list if the referrers API is not supported.
if (!referrersSupported) {
if (!artifactDescriptor.subjectDigest || !referrersSupported) {
// Strip subjectDigest from the artifact descriptor (in case it was returned)
/* eslint-disable-next-line @typescript-eslint/no-unused-vars */
const { subjectDigest, ...descriptor } = artifactDescriptor;
@@ -79927,7 +79927,7 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.createAttestation = void 0;
const attest_1 = __nccwpck_require__(74113);
const oci_1 = __nccwpck_require__(47353);
const OCI_TIMEOUT = 2000;
const OCI_TIMEOUT = 30000;
const OCI_RETRY = 3;
const createAttestation = async (subject, predicate, opts) => {
// Sign provenance w/ Sigstore
+9 -9
View File
@@ -1,18 +1,18 @@
{
"name": "actions/attest",
"version": "1.3.0",
"version": "1.3.1",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "actions/attest",
"version": "1.3.0",
"version": "1.3.1",
"license": "MIT",
"dependencies": {
"@actions/attest": "^1.3.0",
"@actions/core": "^1.10.1",
"@actions/glob": "^0.4.0",
"@sigstore/oci": "^0.3.6",
"@sigstore/oci": "^0.3.7",
"csv-parse": "^5.5.6"
},
"devDependencies": {
@@ -1729,9 +1729,9 @@
}
},
"node_modules/@sigstore/oci": {
"version": "0.3.6",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.6.tgz",
"integrity": "sha512-nv/uHEHj6AbzGcBg1Cs7EsetB0M+N8GW1wYA26KQT6ymirv5UWUtqx9L1hbJjClpQ6/8R0vYXCpunvic2O1jfg==",
"version": "0.3.7",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.7.tgz",
"integrity": "sha512-1JmebwEXil+NVzugFURbC+D3Vzj6WyTI1B+7damUk94dWXamE9cJ057iSo72rupiSozM6N7lVMjtD1c/P5Rrrw==",
"dependencies": {
"make-fetch-happen": "^13.0.1",
"proc-log": "^4.2.0"
@@ -9838,9 +9838,9 @@
}
},
"@sigstore/oci": {
"version": "0.3.6",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.6.tgz",
"integrity": "sha512-nv/uHEHj6AbzGcBg1Cs7EsetB0M+N8GW1wYA26KQT6ymirv5UWUtqx9L1hbJjClpQ6/8R0vYXCpunvic2O1jfg==",
"version": "0.3.7",
"resolved": "https://registry.npmjs.org/@sigstore/oci/-/oci-0.3.7.tgz",
"integrity": "sha512-1JmebwEXil+NVzugFURbC+D3Vzj6WyTI1B+7damUk94dWXamE9cJ057iSo72rupiSozM6N7lVMjtD1c/P5Rrrw==",
"requires": {
"make-fetch-happen": "^13.0.1",
"proc-log": "^4.2.0"
+2 -2
View File
@@ -1,7 +1,7 @@
{
"name": "actions/attest",
"description": "Generate signed attestations for workflow artifacts",
"version": "1.3.0",
"version": "1.3.1",
"author": "",
"private": true,
"homepage": "https://github.com/actions/attest",
@@ -72,7 +72,7 @@
"@actions/attest": "^1.3.0",
"@actions/core": "^1.10.1",
"@actions/glob": "^0.4.0",
"@sigstore/oci": "^0.3.6",
"@sigstore/oci": "^0.3.7",
"csv-parse": "^5.5.6"
},
"devDependencies": {
+1 -1
View File
@@ -1,7 +1,7 @@
import { Attestation, Predicate, Subject, attest } from '@actions/attest'
import { attachArtifactToImage, getRegistryCredentials } from '@sigstore/oci'
const OCI_TIMEOUT = 2000
const OCI_TIMEOUT = 30000
const OCI_RETRY = 3
export type SigstoreInstance = 'public-good' | 'github'