324 Commits

Author SHA1 Message Date
gitulisca fb88c2d3ea Add snapshot correlator action input 2025-04-03 05:21:10 +00:00
dependabot[bot] ff9ee49630 Bump the npm-dependencies group across 1 directory with 13 updates
Bumps the npm-dependencies group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) | `5.1.1` | `6.0.0` |
| [cross-fetch](https://github.com/lquixada/cross-fetch) | `3.1.5` | `4.1.0` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.0.3` | `16.4.7` |
| [octokit](https://github.com/octokit/octokit.js) | `4.0.2` | `4.1.2` |
| [tar](https://github.com/isaacs/node-tar) | `6.2.1` | `7.4.3` |
| [yaml](https://github.com/eemeli/yaml) | `2.2.2` | `2.7.0` |
| [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) | `7.25.4` | `7.26.9` |
| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.24.7` | `7.26.0` |
| [@vercel/ncc](https://github.com/vercel/ncc) | `0.36.1` | `0.38.3` |
| [eslint](https://github.com/eslint/eslint) | `8.46.0` | `9.21.0` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.5.0` | `29.7.0` |
| [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.1` | `29.5.14` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.1.0` | `29.2.6` |



Updates `@actions/github` from 5.1.1 to 6.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

Updates `cross-fetch` from 3.1.5 to 4.1.0
- [Release notes](https://github.com/lquixada/cross-fetch/releases)
- [Changelog](https://github.com/lquixada/cross-fetch/blob/v4.x/CHANGELOG.md)
- [Commits](https://github.com/lquixada/cross-fetch/compare/v3.1.5...v4.1.0)

Updates `dotenv` from 16.0.3 to 16.4.7
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/motdotla/dotenv/compare/v16.0.3...v16.4.7)

Updates `octokit` from 4.0.2 to 4.1.2
- [Release notes](https://github.com/octokit/octokit.js/releases)
- [Commits](https://github.com/octokit/octokit.js/compare/v4.0.2...v4.1.2)

Updates `tar` from 6.2.1 to 7.4.3
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v6.2.1...v7.4.3)

Updates `yaml` from 2.2.2 to 2.7.0
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.2.2...v2.7.0)

Updates `@babel/preset-env` from 7.25.4 to 7.26.9
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.26.9/packages/babel-preset-env)

Updates `@babel/preset-typescript` from 7.24.7 to 7.26.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.26.0/packages/babel-preset-typescript)

Updates `@vercel/ncc` from 0.36.1 to 0.38.3
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](https://github.com/vercel/ncc/compare/0.36.1...0.38.3)

Updates `eslint` from 8.46.0 to 9.21.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.46.0...v9.21.0)

Updates `jest` from 29.5.0 to 29.7.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest)

Updates `@types/jest` from 29.5.1 to 29.5.14
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Updates `ts-jest` from 29.1.0 to 29.2.6
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.0...v29.2.6)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: cross-fetch
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: dotenv
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: octokit
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: tar
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@babel/preset-env"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@babel/preset-typescript"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-24 17:57:20 +00:00
dependabot[bot] a0c82b9f57 Bump actions/setup-node in the actions-dependencies group
Bumps the actions-dependencies group with 1 update: [actions/setup-node](https://github.com/actions/setup-node).


Updates `actions/setup-node` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.1.0...v4.2.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-27 13:45:02 +00:00
dependabot[bot] d1f5964eb3 Bump the npm_and_yarn group with 2 updates
Bumps the npm_and_yarn group with 2 updates: [braces](https://github.com/micromatch/braces) and [undici](https://github.com/nodejs/undici).


Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

Updates `undici` from 5.28.4 to 5.28.5
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-22 01:14:42 +00:00
dependabot[bot] be33637a70 Bump the npm_and_yarn group across 1 directory with 2 updates
Bumps the npm_and_yarn group with 2 updates in the /test directory: [braces](https://github.com/micromatch/braces) and [undici](https://github.com/nodejs/undici).


Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

Updates `undici` from 5.28.4 to 5.28.5
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-21 23:50:31 +00:00
Eli Reisman 58dce73160 Merge pull request #73 from advanced-security/dependabot/github_actions/actions-dependencies-a0c7c5ab1c
Bump the actions-dependencies group with 4 updates
2024-12-02 12:55:10 -08:00
dependabot[bot] b53413783f Bump the actions-dependencies group with 4 updates
Bumps the actions-dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

Updates `actions/setup-node` from 3.7.0 to 4.1.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.7.0...v4.1.0)

Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

Updates `github/codeql-action` from 2 to 3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-02 15:56:23 +00:00
Henri Maurer bcc5ca88e3 Merge pull request #82 from advanced-security/hm/upgrade-ds-tk
Upgrade dependency-submission-toolkit to 2.0.4
2024-11-27 13:43:25 +00:00
hmaurer dcf1bf27b4 Upgrade dependency-submission-toolkit to 2.0.4 2024-11-27 13:22:49 +00:00
Lane Seppala 21f62c116e Fix dependabot config syntax 2024-10-25 20:39:27 +00:00
Lane Seppala c60f7aa147 Merge pull request #72 from advanced-security/lsep/fix-depbot-codeowners
Fix dependabot config and CODEOWNERS
2024-10-25 14:38:13 -06:00
Lane Seppala 5c6120e741 Fix dependabot config and CODEOWNERS 2024-10-25 20:35:02 +00:00
Justin Holguín 2f1440854c Merge pull request #71 from advanced-security/juxtin/readme-update
Update README.md for v0.0.3
2024-09-30 12:27:23 -07:00
Justin Holguín 80ff314cbe Update README.md for v0.0.3 2024-09-30 11:23:11 -07:00
Justin Holguín d7bc998696 Merge pull request #70 from advanced-security/juxtin/ghes-fix
Add support for releaseServerUrl
2024-09-30 10:50:28 -07:00
Justin Holguín 32b6a8be43 Remove configuration option and automatically use the right value 2024-09-27 21:48:16 +00:00
Justin Holguín 2857c71253 Fix tests by using jest-babel 2024-09-27 20:07:32 +00:00
Justin Holguín ecb240e2d7 Merge remote-tracking branch 'origin/main' into ghes-fix 2024-09-27 17:29:09 +00:00
Lane Seppala 421db58c03 Merge pull request #68 from advanced-security/codeowners
Update CODEOWNERS
2024-08-27 17:04:02 -06:00
Justin Hutchings 1b54ab70bb Update CODEOWNERS 2024-08-26 16:30:26 -07:00
Justin Hutchings 472123c5f1 Update docs 2024-08-26 23:28:42 +00:00
Justin Hutchings 8ad6ba7803 Clean up code 2024-08-26 23:22:50 +00:00
Justin Hutchings 6b81b8e569 Change from convenience method to rest command 2024-08-26 23:19:44 +00:00
Justin Hutchings b241c92568 Rebuild dist 2024-08-26 23:08:02 +00:00
Justin Hutchings 6130522064 Add debugging 2024-08-26 23:07:59 +00:00
Justin Hutchings cff2be16fa Add debugging 2024-08-26 22:54:29 +00:00
Justin Hutchings 723a111a61 Rebuild dist 2024-08-26 22:51:12 +00:00
Justin Hutchings 5787da590b Add fetch 2024-08-26 22:51:04 +00:00
Justin Hutchings 61b2daa67f Rebuild dist 2024-08-26 22:49:31 +00:00
Justin Hutchings 9b4a8182c2 Change octokit from Actions specific one to generic one 2024-08-26 22:49:12 +00:00
Justin Hutchings 0f2d542cef Rebuild dist 2024-08-26 22:45:02 +00:00
Justin Hutchings 9ff0000670 Add debugging 2024-08-26 22:39:44 +00:00
Justin Hutchings 01216ee138 Add debugging 2024-08-26 22:35:19 +00:00
Justin Hutchings a0e040ff7b Tweak GHES fix to make it off by default 2024-08-26 21:30:17 +00:00
Justin Hutchings a0a4b55d4d Tweak GHES fix 2024-08-26 21:28:19 +00:00
Justin Hutchings 8511b070f0 Create fix for Add GitHub Enterprise Server support #42 2024-08-26 21:24:18 +00:00
Justin Hutchings 7303e5e522 Merge pull request #43 from advanced-security/dependabot/npm_and_yarn/test/npm_and_yarn-49b2ef70b2
Bump the npm_and_yarn group across 1 directory with 4 updates
2024-05-08 07:07:45 +10:00
Justin Hutchings 63a8d8de1e Merge pull request #44 from advanced-security/dependabot/npm_and_yarn/npm_and_yarn-49b2ef70b2
Bump the npm_and_yarn group with 4 updates
2024-05-08 07:06:27 +10:00
dependabot[bot] d8d3455ed6 Bump the npm_and_yarn group with 4 updates
Bumps the npm_and_yarn group with 4 updates: [tar](https://github.com/isaacs/node-tar), [yaml](https://github.com/eemeli/yaml), [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) and [undici](https://github.com/nodejs/undici).


Updates `tar` from 6.1.13 to 6.2.1
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v6.1.13...v6.2.1)

Updates `yaml` from 2.2.1 to 2.2.2
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.2.1...v2.2.2)

Updates `@babel/traverse` from 7.20.5 to 7.24.5
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.5/packages/babel-traverse)

Updates `undici` from 5.21.0 to 5.28.4
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.21.0...v5.28.4)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: yaml
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-07 20:32:29 +00:00
dependabot[bot] 2e5dd5d452 Bump the npm_and_yarn group across 1 directory with 4 updates
Bumps the npm_and_yarn group with 4 updates in the /test directory: [tar](https://github.com/isaacs/node-tar), [yaml](https://github.com/eemeli/yaml), [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) and [undici](https://github.com/nodejs/undici).


Updates `tar` from 6.1.13 to 6.2.1
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v6.1.13...v6.2.1)

Updates `yaml` from 2.2.1 to 2.2.2
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.2.1...v2.2.2)

Updates `@babel/traverse` from 7.20.5 to 7.24.5
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.5/packages/babel-traverse)

Updates `undici` from 5.10.0 to 5.28.4
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.10.0...v5.28.4)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: yaml
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-07 20:32:23 +00:00
Justin Hutchings 3ea8a853fc Merge pull request #39 from advanced-security/dependabot/github_actions/actions/setup-node-3.7.0
Bump actions/setup-node from 3.6.0 to 3.7.0
2024-05-08 06:30:55 +10:00
Justin Hutchings d2ad702059 Add grouping, disable version updates for npm 2024-05-08 06:29:56 +10:00
Justin Hutchings 384d6ea0b6 Merge pull request #41 from advanced-security/dependabot/npm_and_yarn/eslint-8.46.0
Bump eslint from 8.40.0 to 8.46.0
2024-05-08 06:26:37 +10:00
dependabot[bot] 34535ba482 Bump eslint from 8.40.0 to 8.46.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.40.0 to 8.46.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.40.0...v8.46.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-31 13:26:37 +00:00
Lane Seppala efe25be749 Merge pull request #23 from felickz/patch-1
Readme to v0.0.2
2023-07-18 11:40:42 -06:00
dependabot[bot] e1ef448669 Bump actions/setup-node from 3.6.0 to 3.7.0
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.6.0...v3.7.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-06 13:36:32 +00:00
Lane Seppala d05bcf1b85 Merge pull request #14 from lseppala/lsep/purl-qualifiers
Fix encoding of PURL qualifiers
2023-06-02 10:51:37 -06:00
Lane Seppala 5961fd4755 Defensively guard against dangling ? from qualifiers 2023-06-02 16:07:51 +00:00
Lane Seppala 83edbc93dd Qualifiers are a map of string key-value pairs 2023-06-02 15:24:39 +00:00
Chad Bentz 2a225a4eaf Readme to v0.0.2 2023-05-12 14:48:18 -04:00