Compare commits
4 Commits
v2.2.0
...
bdehamer/del
| Author | SHA1 | Date | |
|---|---|---|---|
| 700b0a9962 | |||
| f41311b4cd | |||
| d0c17db4ba | |||
| caa5c7e0da |
@@ -27,11 +27,12 @@ information on artifact attestations.
|
||||
<!-- prettier-ignore-start -->
|
||||
> [!NOTE]
|
||||
> Artifact attestations are available in public repositories for all
|
||||
> current GitHub plans. They are not available on legacy plans, such as Bronze,
|
||||
> Silver, or Gold. If you are on a GitHub Free, GitHub Pro, or GitHub Team plan,
|
||||
> artifact attestations are only available for public repositories. To use
|
||||
> artifact attestations in private or internal repositories, you must be on a
|
||||
> GitHub Enterprise Cloud plan.
|
||||
> current GitHub plans.
|
||||
>
|
||||
> To use artifact attestations in private or internal repositories, you must
|
||||
> be on a GitHub Enterprise Cloud plan.
|
||||
>
|
||||
> Artifact attestations are NOT supported on GitHub Enterprise Server.
|
||||
<!-- prettier-ignore-end -->
|
||||
|
||||
## Usage
|
||||
|
||||
+26
-6
@@ -56529,6 +56529,14 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(98253)
|
||||
const { File: UndiciFile } = __nccwpck_require__(63041)
|
||||
const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(94322)
|
||||
|
||||
let random
|
||||
try {
|
||||
const crypto = __nccwpck_require__(77598)
|
||||
random = (max) => crypto.randomInt(0, max)
|
||||
} catch {
|
||||
random = (max) => Math.floor(Math.random(max))
|
||||
}
|
||||
|
||||
let ReadableStream = globalThis.ReadableStream
|
||||
|
||||
/** @type {globalThis['File']} */
|
||||
@@ -56614,7 +56622,7 @@ function extractBody (object, keepalive = false) {
|
||||
// Set source to a copy of the bytes held by object.
|
||||
source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength))
|
||||
} else if (util.isFormDataLike(object)) {
|
||||
const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}`
|
||||
const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}`
|
||||
const prefix = `--${boundary}\r\nContent-Disposition: form-data`
|
||||
|
||||
/*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> */
|
||||
@@ -70747,8 +70755,10 @@ const createAttestation = async (subjects, predicate, opts) => {
|
||||
predicateType: predicate.type,
|
||||
predicate: predicate.params,
|
||||
sigstore: opts.sigstoreInstance,
|
||||
token: opts.githubToken
|
||||
token: opts.githubToken,
|
||||
skipWrite: true
|
||||
});
|
||||
console.log(JSON.stringify(attestation.bundle));
|
||||
const result = attestation;
|
||||
if (subjects.length === 1 && opts.pushToRegistry) {
|
||||
const subject = subjects[0];
|
||||
@@ -71254,10 +71264,18 @@ const getSubjectFromChecksumsString = (checksums) => {
|
||||
if (!HEX_STRING_RE.test(digest)) {
|
||||
throw new Error(`Invalid digest: ${digest}`);
|
||||
}
|
||||
subjects.push({
|
||||
name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
});
|
||||
if (digestAlgorithm(digest) === 'sha1') {
|
||||
subjects.push({
|
||||
uri: name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
});
|
||||
}
|
||||
else {
|
||||
subjects.push({
|
||||
name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
});
|
||||
}
|
||||
}
|
||||
return subjects;
|
||||
};
|
||||
@@ -71288,6 +71306,8 @@ const parseSubjectPathList = (input) => {
|
||||
};
|
||||
const digestAlgorithm = (digest) => {
|
||||
switch (digest.length) {
|
||||
case 40:
|
||||
return 'sha1';
|
||||
case 64:
|
||||
return 'sha256';
|
||||
case 128:
|
||||
|
||||
Generated
+1372
-275
File diff suppressed because it is too large
Load Diff
+6
-6
@@ -77,23 +77,23 @@
|
||||
"csv-parse": "^5.6.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@eslint/js": "^9.18.0",
|
||||
"@eslint/js": "^9.19.0",
|
||||
"@sigstore/mock": "^0.9.0",
|
||||
"@types/jest": "^29.5.14",
|
||||
"@types/make-fetch-happen": "^10.0.4",
|
||||
"@types/node": "^22.10.7",
|
||||
"@types/node": "^22.10.10",
|
||||
"@vercel/ncc": "^0.38.3",
|
||||
"eslint": "^9.18.0",
|
||||
"eslint": "^9.19.0",
|
||||
"eslint-plugin-import": "^2.31.0",
|
||||
"eslint-plugin-jest": "^28.11.0",
|
||||
"jest": "^29.7.0",
|
||||
"js-yaml": "^4.1.0",
|
||||
"markdownlint-cli": "^0.43.0",
|
||||
"markdownlint-cli": "^0.44.0",
|
||||
"nock": "^13.5.6",
|
||||
"prettier": "^3.4.2",
|
||||
"ts-jest": "^29.2.5",
|
||||
"typescript": "^5.7.3",
|
||||
"typescript-eslint": "^8.21.0",
|
||||
"undici": "^5.28.4"
|
||||
"typescript-eslint": "^8.22.0",
|
||||
"undici": "^5.28.5"
|
||||
}
|
||||
}
|
||||
|
||||
+4
-1
@@ -25,9 +25,12 @@ export const createAttestation = async (
|
||||
predicateType: predicate.type,
|
||||
predicate: predicate.params,
|
||||
sigstore: opts.sigstoreInstance,
|
||||
token: opts.githubToken
|
||||
token: opts.githubToken,
|
||||
skipWrite: true
|
||||
})
|
||||
|
||||
console.log(JSON.stringify(attestation.bundle))
|
||||
|
||||
const result: AttestResult = attestation
|
||||
|
||||
if (subjects.length === 1 && opts.pushToRegistry) {
|
||||
|
||||
+13
-4
@@ -189,10 +189,17 @@ const getSubjectFromChecksumsString = (checksums: string): Subject[] => {
|
||||
throw new Error(`Invalid digest: ${digest}`)
|
||||
}
|
||||
|
||||
subjects.push({
|
||||
name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
})
|
||||
if (digestAlgorithm(digest) === 'sha1') {
|
||||
subjects.push({
|
||||
uri: name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
} as any)
|
||||
} else {
|
||||
subjects.push({
|
||||
name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
return subjects
|
||||
@@ -233,6 +240,8 @@ const parseSubjectPathList = (input: string): string[] => {
|
||||
|
||||
const digestAlgorithm = (digest: string): string => {
|
||||
switch (digest.length) {
|
||||
case 40:
|
||||
return 'sha1'
|
||||
case 64:
|
||||
return 'sha256'
|
||||
case 128:
|
||||
|
||||
Reference in New Issue
Block a user