Compare commits
28 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 21213e825c | |||
| 5b46420b3f | |||
| 48ae13709e | |||
| 7efb859132 | |||
| 50b9449a2f | |||
| 56ef6dcc04 | |||
| 6531c188bd | |||
| 0797d4eff6 | |||
| 7ba820f614 | |||
| bd71948983 | |||
| 374343effe | |||
| 5a79ab0fa4 | |||
| 0c3e582042 | |||
| 876b304ec0 | |||
| 3104f6d51c | |||
| 5d8c040f29 | |||
| 466989c808 | |||
| 67f3292117 | |||
| 3f420ae88d | |||
| ef571d5a84 | |||
| 0eb73668fa | |||
| 7a168cbdc4 | |||
| d5fd67e101 | |||
| 27e6d82755 | |||
| 3d11e5a0f7 | |||
| 51ef6b3995 | |||
| cfe815dd6d | |||
| 9db31129a3 |
@@ -23,10 +23,10 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Set Node.js 16.x
|
||||
uses: actions/setup-node@v6.2.0
|
||||
uses: actions/setup-node@v4.4.0
|
||||
with:
|
||||
node-version: 16.x
|
||||
|
||||
@@ -46,7 +46,7 @@ jobs:
|
||||
id: diff
|
||||
|
||||
# If index.js was different than expected, upload the expected version as an artifact
|
||||
- uses: actions/upload-artifact@v6
|
||||
- uses: actions/upload-artifact@v4
|
||||
if: ${{ failure() && steps.diff.conclusion == 'failure' }}
|
||||
with:
|
||||
name: dist
|
||||
|
||||
@@ -0,0 +1,42 @@
|
||||
name: Sync Fork with Upstream
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 0 * * 1' # Runs at midnight UTC every Monday
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
sync:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Fetch Upstream Remote
|
||||
run: |
|
||||
git remote add upstream https://github.com/advanced-security/component-detection-dependency-submission-action.git
|
||||
git fetch upstream
|
||||
- name: Set Git Config
|
||||
run: |
|
||||
git config user.name "github-actions[bot]"
|
||||
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
- name: Create and Push Branch
|
||||
run: |
|
||||
git checkout -b weekly-sync-branch-${{ github.run_id }}
|
||||
git merge upstream/main --no-commit
|
||||
git reset -- ./.github
|
||||
git commit -m "Merge upstream:main"
|
||||
git commit --allow-empty -m "Empty commit to open PR"
|
||||
git push --set-upstream origin weekly-sync-branch-${{ github.run_id }}
|
||||
- name: Open Pull Request
|
||||
run: |
|
||||
gh repo set-default actions/component-detection-dependency-submission-action
|
||||
gh pr create -B main -H weekly-sync-branch-${{ github.run_id }} --title 'Sync Fork with Upstream' --body 'Weekly Cron. Created by GitHub Actions.'
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
@@ -16,7 +16,7 @@ jobs:
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/checkout@v4
|
||||
- name: Unit test
|
||||
run: |
|
||||
npm install
|
||||
|
||||
+1
-1
@@ -1 +1 @@
|
||||
* @advanced-security/advanced-security-dependency-graph @advanced-security/oss-maintainers
|
||||
* @advanced-security/advanced-security-dependency-graph
|
||||
|
||||
+4
-7
@@ -64365,12 +64365,9 @@ const TIPS = [
|
||||
'🔐 encrypt with Dotenvx: https://dotenvx.com',
|
||||
'🔐 prevent committing .env to code: https://dotenvx.com/precommit',
|
||||
'🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
|
||||
'📡 add observability to secrets: https://dotenvx.com/ops',
|
||||
'👥 sync secrets across teammates & machines: https://dotenvx.com/ops',
|
||||
'🗂️ backup and recover secrets: https://dotenvx.com/ops',
|
||||
'✅ audit secrets and track compliance: https://dotenvx.com/ops',
|
||||
'🔄 add secrets lifecycle management: https://dotenvx.com/ops',
|
||||
'🔑 add access controls to secrets: https://dotenvx.com/ops',
|
||||
'🤖 agentic secret storage: https://dotenvx.com/as2',
|
||||
'⚡️ secrets for agents: https://dotenvx.com/as2',
|
||||
'🛡️ auth for agents: https://vestauth.com',
|
||||
'🛠️ run anywhere with `dotenvx run -- yourcommand`',
|
||||
'⚙️ specify custom .env file path with { path: \'/custom/path/.env\' }',
|
||||
'⚙️ enable debug logging with { debug: true }',
|
||||
@@ -93631,7 +93628,7 @@ __webpack_unused_export__ = defaultContentType
|
||||
/***/ 56:
|
||||
/***/ ((module) => {
|
||||
|
||||
module.exports = /*#__PURE__*/JSON.parse('{"name":"dotenv","version":"17.2.3","description":"Loads environment variables from .env file","main":"lib/main.js","types":"lib/main.d.ts","exports":{".":{"types":"./lib/main.d.ts","require":"./lib/main.js","default":"./lib/main.js"},"./config":"./config.js","./config.js":"./config.js","./lib/env-options":"./lib/env-options.js","./lib/env-options.js":"./lib/env-options.js","./lib/cli-options":"./lib/cli-options.js","./lib/cli-options.js":"./lib/cli-options.js","./package.json":"./package.json"},"scripts":{"dts-check":"tsc --project tests/types/tsconfig.json","lint":"standard","pretest":"npm run lint && npm run dts-check","test":"tap run tests/**/*.js --allow-empty-coverage --disable-coverage --timeout=60000","test:coverage":"tap run tests/**/*.js --show-full-coverage --timeout=60000 --coverage-report=text --coverage-report=lcov","prerelease":"npm test","release":"standard-version"},"repository":{"type":"git","url":"git://github.com/motdotla/dotenv.git"},"homepage":"https://github.com/motdotla/dotenv#readme","funding":"https://dotenvx.com","keywords":["dotenv","env",".env","environment","variables","config","settings"],"readmeFilename":"README.md","license":"BSD-2-Clause","devDependencies":{"@types/node":"^18.11.3","decache":"^4.6.2","sinon":"^14.0.1","standard":"^17.0.0","standard-version":"^9.5.0","tap":"^19.2.0","typescript":"^4.8.4"},"engines":{"node":">=12"},"browser":{"fs":false}}');
|
||||
module.exports = /*#__PURE__*/JSON.parse('{"name":"dotenv","version":"17.3.1","description":"Loads environment variables from .env file","main":"lib/main.js","types":"lib/main.d.ts","exports":{".":{"types":"./lib/main.d.ts","require":"./lib/main.js","default":"./lib/main.js"},"./config":"./config.js","./config.js":"./config.js","./lib/env-options":"./lib/env-options.js","./lib/env-options.js":"./lib/env-options.js","./lib/cli-options":"./lib/cli-options.js","./lib/cli-options.js":"./lib/cli-options.js","./package.json":"./package.json"},"scripts":{"dts-check":"tsc --project tests/types/tsconfig.json","lint":"standard","pretest":"npm run lint && npm run dts-check","test":"tap run tests/**/*.js --allow-empty-coverage --disable-coverage --timeout=60000","test:coverage":"tap run tests/**/*.js --show-full-coverage --timeout=60000 --coverage-report=text --coverage-report=lcov","prerelease":"npm test","release":"standard-version"},"repository":{"type":"git","url":"git://github.com/motdotla/dotenv.git"},"homepage":"https://github.com/motdotla/dotenv#readme","funding":"https://dotenvx.com","keywords":["dotenv","env",".env","environment","variables","config","settings"],"readmeFilename":"README.md","license":"BSD-2-Clause","devDependencies":{"@types/node":"^18.11.3","decache":"^4.6.2","sinon":"^14.0.1","standard":"^17.0.0","standard-version":"^9.5.0","tap":"^19.2.0","typescript":"^4.8.4"},"engines":{"node":">=12"},"browser":{"fs":false}}');
|
||||
|
||||
/***/ }),
|
||||
|
||||
|
||||
+1
-1
File diff suppressed because one or more lines are too long
Generated
+337
-484
File diff suppressed because it is too large
Load Diff
+4
-4
@@ -30,19 +30,19 @@
|
||||
"@actions/github": "^9.0.0",
|
||||
"@github/dependency-submission-toolkit": "^2.0.5",
|
||||
"cross-fetch": "^4.1.0",
|
||||
"dotenv": "^17.2.3",
|
||||
"dotenv": "^17.3.1",
|
||||
"fs": "^0.0.1-security",
|
||||
"octokit": "^5.0.5",
|
||||
"tar": "^7.5.7",
|
||||
"tar": "^7.5.10",
|
||||
"yaml": "^2.8.2"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@babel/preset-env": "^7.29.0",
|
||||
"@babel/preset-typescript": "^7.28.5",
|
||||
"@eslint/js": "^9.39.2",
|
||||
"@eslint/js": "^10.0.1",
|
||||
"@types/jest": "^30.0.0",
|
||||
"@vercel/ncc": "^0.38.4",
|
||||
"eslint": "^9.39.2",
|
||||
"eslint": "^10.0.2",
|
||||
"jest": "^30.2.0",
|
||||
"jest-transform-stub": "^2.0.0",
|
||||
"ts-jest": "^29.4.6"
|
||||
|
||||
Generated
+13
-13
@@ -15,7 +15,7 @@
|
||||
"cross-fetch": "^3.1.5",
|
||||
"dotenv": "^16.0.3",
|
||||
"fs": "^0.0.1-security",
|
||||
"tar": "^7.5.7",
|
||||
"tar": "^7.5.8",
|
||||
"yaml": "^2.2.2"
|
||||
},
|
||||
"devDependencies": {
|
||||
@@ -3716,9 +3716,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/minimatch": {
|
||||
"version": "3.1.2",
|
||||
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
|
||||
"integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
|
||||
"version": "3.1.5",
|
||||
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
|
||||
"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"brace-expansion": "^1.1.7"
|
||||
@@ -4368,9 +4368,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/tar": {
|
||||
"version": "7.5.7",
|
||||
"resolved": "https://registry.npmjs.org/tar/-/tar-7.5.7.tgz",
|
||||
"integrity": "sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==",
|
||||
"version": "7.5.8",
|
||||
"resolved": "https://registry.npmjs.org/tar/-/tar-7.5.8.tgz",
|
||||
"integrity": "sha512-SYkBtK99u0yXa+IWL0JRzzcl7RxNpvX/U08Z+8DKnysfno7M+uExnTZH8K+VGgShf2qFPKtbNr9QBl8n7WBP6Q==",
|
||||
"dependencies": {
|
||||
"@isaacs/fs-minipass": "^4.0.0",
|
||||
"chownr": "^3.0.0",
|
||||
@@ -7633,9 +7633,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"minimatch": {
|
||||
"version": "3.1.2",
|
||||
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
|
||||
"integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
|
||||
"version": "3.1.5",
|
||||
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
|
||||
"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"brace-expansion": "^1.1.7"
|
||||
@@ -8091,9 +8091,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"tar": {
|
||||
"version": "7.5.7",
|
||||
"resolved": "https://registry.npmjs.org/tar/-/tar-7.5.7.tgz",
|
||||
"integrity": "sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==",
|
||||
"version": "7.5.8",
|
||||
"resolved": "https://registry.npmjs.org/tar/-/tar-7.5.8.tgz",
|
||||
"integrity": "sha512-SYkBtK99u0yXa+IWL0JRzzcl7RxNpvX/U08Z+8DKnysfno7M+uExnTZH8K+VGgShf2qFPKtbNr9QBl8n7WBP6Q==",
|
||||
"requires": {
|
||||
"@isaacs/fs-minipass": "^4.0.0",
|
||||
"chownr": "^3.0.0",
|
||||
|
||||
+1
-1
@@ -31,7 +31,7 @@
|
||||
"cross-fetch": "^3.1.5",
|
||||
"dotenv": "^16.0.3",
|
||||
"fs": "^0.0.1-security",
|
||||
"tar": "^7.5.7",
|
||||
"tar": "^7.5.8",
|
||||
"yaml": "^2.2.2"
|
||||
},
|
||||
"devDependencies": {
|
||||
|
||||
Reference in New Issue
Block a user