Compare commits
63 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 0ff3da6f81 | |||
| 6d88398316 | |||
| 29022577bf | |||
| a4bf690c47 | |||
| 3f67248108 | |||
| e82e9497cb | |||
| 945cb4d00a | |||
| 459b39211c | |||
| c109d3f46d | |||
| 706aa54d76 | |||
| 12cfe866a8 | |||
| 0caa632377 | |||
| df02ee7d42 | |||
| 38e9237630 | |||
| 03c7962be5 | |||
| cff3674e25 | |||
| a184554be2 | |||
| 660812709b | |||
| d8b4cd80d5 | |||
| 8e5d487bb8 | |||
| 3e6e055a26 | |||
| 1f8d096c90 | |||
| 0247f51a25 | |||
| f599dc7887 | |||
| 6919a4885f | |||
| 8f97494d2e | |||
| 08ec176670 | |||
| 40a9da4614 | |||
| 9ad1f84ed2 | |||
| 464e6ac735 | |||
| 141e2dae22 | |||
| 37bb7a46dd | |||
| 5abb42a215 | |||
| 5aafbe4a32 | |||
| d623612924 | |||
| 08fe899167 | |||
| 067e030d27 | |||
| 6b47d2662b | |||
| 290634fe98 | |||
| 352f50a80e | |||
| 11310527b4 | |||
| ea0f46928b | |||
| 369356e2e7 | |||
| 13fe21bc0a | |||
| 136c0838bf | |||
| 8ed85b3757 | |||
| a952d7b1b7 | |||
| b8e622f102 | |||
| ac059c649c | |||
| 93652d7af0 | |||
| ba127cac5e | |||
| 1dd7392739 | |||
| 8f801ec4bb | |||
| 2d265aa7cc | |||
| c57c602135 | |||
| c2097b2a9b | |||
| 0a055a6a13 | |||
| 3417e62ba2 | |||
| 49fecaf158 | |||
| 173a4b8d96 | |||
| db1829cd87 | |||
| d87317e782 | |||
| 30d5821115 |
@@ -3,12 +3,12 @@ updates:
|
||||
- package-ecosystem: github-actions
|
||||
directory: /
|
||||
schedule:
|
||||
interval: daily
|
||||
interval: weekly
|
||||
|
||||
- package-ecosystem: npm
|
||||
directory: /
|
||||
schedule:
|
||||
interval: daily
|
||||
interval: weekly
|
||||
ignore:
|
||||
- dependency-name: '@types/node'
|
||||
update-types: ['version-update:semver-major']
|
||||
|
||||
+2
-2
@@ -112,8 +112,8 @@ minor/patch updates.
|
||||
To do this just checkout `main`, force-create a new annotated tag, and push it:
|
||||
|
||||
```
|
||||
git tag -fa v2 -m "Updating v2 to 2.3.4"
|
||||
git push origin v2 --force
|
||||
git tag -fa v3 -m "Updating v3 to 3.0.1"
|
||||
git push origin v3 --force
|
||||
```
|
||||
|
||||
## Resources
|
||||
|
||||
@@ -115,7 +115,7 @@ You can use an external configuration file to specify the settings for this acti
|
||||
| Option | Usage | Possible values |
|
||||
|-----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `config-file` | A path to a file in the current repository or an external repository. Use this syntax for external files: `OWNER/REPOSITORY/FILENAME@BRANCH` | **Local file**: `./.github/dependency-review-config.yml` <br> **External repo**: `github/octorepo/dependency-review-config.yml@main` |
|
||||
| `external-repo-token` | Specifies a token for fetching the configuration file if the file resides in a private external repository. Create a token in [developer settings](https://github.com/settings/tokens). | Any token with `read` permissions to the repository hosting the config file. |
|
||||
| `external-repo-token` | Specifies a token for fetching the configuration file. It is required if the file resides in a private external repository and for all GitHub Enterprise Server repositories. Create a token in [developer settings](https://github.com/settings/tokens). | Any token with `read` permissions to the repository hosting the config file. |
|
||||
|
||||
#### Example
|
||||
|
||||
|
||||
@@ -111,9 +111,9 @@ test('it reads an external config file', async () => {
|
||||
expect(config.allow_licenses).toEqual(['BSD', 'GPL 2'])
|
||||
})
|
||||
|
||||
test('raises an error when the the config file was not found', async () => {
|
||||
test('raises an error when the config file was not found', async () => {
|
||||
setInput('config-file', 'fixtures/i-dont-exist')
|
||||
await expect(readConfig()).rejects.toThrow(/Unable to fetch config file/)
|
||||
await expect(readConfig()).rejects.toThrow(/Unable to fetch/)
|
||||
})
|
||||
|
||||
test('it parses options from both sources', async () => {
|
||||
@@ -232,6 +232,16 @@ test('it is not possible to disable both checks', async () => {
|
||||
)
|
||||
})
|
||||
|
||||
test('it supports comma-separated lists', async () => {
|
||||
setInput(
|
||||
'config-file',
|
||||
'./__tests__/fixtures/inline-license-config-sample.yml'
|
||||
)
|
||||
let config = await readConfig()
|
||||
|
||||
expect(config.allow_licenses).toEqual(['MIT', 'GPL-2.0-only'])
|
||||
})
|
||||
|
||||
describe('licenses that are not valid SPDX licenses', () => {
|
||||
beforeAll(() => {
|
||||
jest.spyOn(Utils, 'isSPDXValid').mockReturnValue(false)
|
||||
@@ -240,14 +250,14 @@ describe('licenses that are not valid SPDX licenses', () => {
|
||||
test('it raises an error for invalid licenses in allow-licenses', async () => {
|
||||
setInput('allow-licenses', ' BSD, GPL 2')
|
||||
await expect(readConfig()).rejects.toThrow(
|
||||
'Invalid license(s) in allow-licenses: BSD, GPL 2'
|
||||
'Invalid license(s) in allow-licenses: BSD,GPL 2'
|
||||
)
|
||||
})
|
||||
|
||||
test('it raises an error for invalid licenses in deny-licenses', async () => {
|
||||
setInput('deny-licenses', ' BSD, GPL 2')
|
||||
await expect(readConfig()).rejects.toThrow(
|
||||
'Invalid license(s) in deny-licenses: BSD, GPL 2'
|
||||
'Invalid license(s) in deny-licenses: BSD,GPL 2'
|
||||
)
|
||||
})
|
||||
})
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
allow-licenses: MIT, GPL-2.0-only
|
||||
+1
-1
@@ -30,7 +30,7 @@ inputs:
|
||||
description: Comma-separated list of forbidden licenses (e.g. "MIT, GPL 3.0, BSD 2 Clause")
|
||||
required: false
|
||||
allow-ghsas:
|
||||
description: Comma-separated list of allowed Github Advisory IDs (e.g. "GHSA-abcd-1234-5679, GHSA-efgh-1234-5679")
|
||||
description: Comma-separated list of allowed GitHub Advisory IDs (e.g. "GHSA-abcd-1234-5679, GHSA-efgh-1234-5679")
|
||||
required: false
|
||||
external-repo-token:
|
||||
description: A token for fetching external configuration file if it lives in another repository. It is required if the repository is private
|
||||
|
||||
+43
-7
@@ -622,7 +622,7 @@ function addChangeVulnerabilitiesToSummary(addedPackages, severity) {
|
||||
const manifests = (0, utils_1.getManifestsSet)(addedPackages);
|
||||
core.summary
|
||||
.addHeading('Vulnerabilities')
|
||||
.addQuote(`Vulnerabilites were filtered by mininum severity <strong>${severity}</strong>.`);
|
||||
.addQuote(`Vulnerabilities were filtered by minimum severity <strong>${severity}</strong>.`);
|
||||
if (addedPackages.length === 0) {
|
||||
core.summary.addQuote('No vulnerabilities found in added packages.');
|
||||
return;
|
||||
@@ -802,6 +802,11 @@ function isSPDXValid(license) {
|
||||
}
|
||||
}
|
||||
exports.isSPDXValid = isSPDXValid;
|
||||
function isEnterprise() {
|
||||
var _a;
|
||||
const serverUrl = new URL((_a = process.env['GITHUB_SERVER_URL']) !== null && _a !== void 0 ? _a : 'https://github.com');
|
||||
return serverUrl.hostname.toLowerCase() !== 'github.com';
|
||||
}
|
||||
function octokitClient(token = 'repo-token', required = true) {
|
||||
const opts = {};
|
||||
// auth is only added if token is present. For remote config files in public
|
||||
@@ -810,6 +815,11 @@ function octokitClient(token = 'repo-token', required = true) {
|
||||
if (auth !== undefined) {
|
||||
opts['auth'] = auth;
|
||||
}
|
||||
//baseUrl is required for GitHub Enterprise Server
|
||||
//https://github.com/octokit/octokit.js/blob/9c8fa89d5b0bc4ddbd6dec638db00a2f6c94c298/README.md?plain=1#L196
|
||||
if (isEnterprise()) {
|
||||
opts['baseUrl'] = new URL('api/v3', process.env['GITHUB_SERVER_URL']);
|
||||
}
|
||||
return new octokit_1.Octokit(opts);
|
||||
}
|
||||
exports.octokitClient = octokitClient;
|
||||
@@ -27507,7 +27517,7 @@ function validateLicenses(key, licenses) {
|
||||
}
|
||||
const invalid_licenses = licenses.filter(license => !(0, utils_1.isSPDXValid)(license));
|
||||
if (invalid_licenses.length > 0) {
|
||||
throw new Error(`Invalid license(s) in ${key}: ${invalid_licenses.join(', ')}`);
|
||||
throw new Error(`Invalid license(s) in ${key}: ${invalid_licenses}`);
|
||||
}
|
||||
}
|
||||
function readConfigFile(filePath) {
|
||||
@@ -27531,15 +27541,31 @@ function readConfigFile(filePath) {
|
||||
return parseConfigFile(data);
|
||||
}
|
||||
catch (error) {
|
||||
core.debug(error);
|
||||
throw new Error('Unable to fetch config file');
|
||||
throw new Error(`Unable to fetch or parse config file: ${error.message}`);
|
||||
}
|
||||
});
|
||||
}
|
||||
function parseConfigFile(configData) {
|
||||
try {
|
||||
const data = yaml_1.default.parse(configData);
|
||||
// These are the options that we support where the user can provide
|
||||
// either a YAML list or a comma-separated string.
|
||||
const listKeys = [
|
||||
'allow-licenses',
|
||||
'deny-licenses',
|
||||
'fail-on-scopes',
|
||||
'allow-ghsas'
|
||||
];
|
||||
for (const key of Object.keys(data)) {
|
||||
// strings can contain list values (e.g. 'MIT, Apache-2.0'). In this
|
||||
// case we need to parse that into a list (e.g. ['MIT', 'Apache-2.0']).
|
||||
if (listKeys.includes(key)) {
|
||||
const val = data[key];
|
||||
if (typeof val === 'string') {
|
||||
data[key] = val.split(',').map(x => x.trim());
|
||||
}
|
||||
}
|
||||
// perform SPDX validation
|
||||
if (key === 'allow-licenses' || key === 'deny-licenses') {
|
||||
validateLicenses(key, data[key]);
|
||||
}
|
||||
@@ -27830,6 +27856,11 @@ function isSPDXValid(license) {
|
||||
}
|
||||
}
|
||||
exports.isSPDXValid = isSPDXValid;
|
||||
function isEnterprise() {
|
||||
var _a;
|
||||
const serverUrl = new URL((_a = process.env['GITHUB_SERVER_URL']) !== null && _a !== void 0 ? _a : 'https://github.com');
|
||||
return serverUrl.hostname.toLowerCase() !== 'github.com';
|
||||
}
|
||||
function octokitClient(token = 'repo-token', required = true) {
|
||||
const opts = {};
|
||||
// auth is only added if token is present. For remote config files in public
|
||||
@@ -27838,6 +27869,11 @@ function octokitClient(token = 'repo-token', required = true) {
|
||||
if (auth !== undefined) {
|
||||
opts['auth'] = auth;
|
||||
}
|
||||
//baseUrl is required for GitHub Enterprise Server
|
||||
//https://github.com/octokit/octokit.js/blob/9c8fa89d5b0bc4ddbd6dec638db00a2f6c94c298/README.md?plain=1#L196
|
||||
if (isEnterprise()) {
|
||||
opts['baseUrl'] = new URL('api/v3', process.env['GITHUB_SERVER_URL']);
|
||||
}
|
||||
return new octokit_1.Octokit(opts);
|
||||
}
|
||||
exports.octokitClient = octokitClient;
|
||||
@@ -36285,11 +36321,11 @@ exports.visitAsync = visitAsync;
|
||||
"use strict";
|
||||
__nccwpck_require__.r(__webpack_exports__);
|
||||
/* harmony export */ __nccwpck_require__.d(__webpack_exports__, {
|
||||
/* harmony export */ "modifierNames": () => (/* binding */ modifierNames),
|
||||
/* harmony export */ "foregroundColorNames": () => (/* binding */ foregroundColorNames),
|
||||
/* harmony export */ "backgroundColorNames": () => (/* binding */ backgroundColorNames),
|
||||
/* harmony export */ "colorNames": () => (/* binding */ colorNames),
|
||||
/* harmony export */ "default": () => (__WEBPACK_DEFAULT_EXPORT__)
|
||||
/* harmony export */ "default": () => (__WEBPACK_DEFAULT_EXPORT__),
|
||||
/* harmony export */ "foregroundColorNames": () => (/* binding */ foregroundColorNames),
|
||||
/* harmony export */ "modifierNames": () => (/* binding */ modifierNames)
|
||||
/* harmony export */ });
|
||||
const ANSI_BACKGROUND_OFFSET = 10;
|
||||
|
||||
|
||||
+1
-1
File diff suppressed because one or more lines are too long
Generated
+258
-141
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "2.5.1",
|
||||
"version": "3.0.2",
|
||||
"lockfileVersion": 2,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "dependency-review-action",
|
||||
"version": "2.5.1",
|
||||
"version": "3.0.2",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.0",
|
||||
@@ -14,7 +14,7 @@
|
||||
"@octokit/plugin-retry": "^4.0.3",
|
||||
"@octokit/request-error": "^3.0.2",
|
||||
"ansi-styles": "^6.2.1",
|
||||
"got": "^12.5.2",
|
||||
"got": "^12.5.3",
|
||||
"nodemon": "^2.0.20",
|
||||
"octokit": "^2.0.10",
|
||||
"spdx-expression-parse": "^3.0.1",
|
||||
@@ -24,22 +24,22 @@
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/jest": "^27.5.2",
|
||||
"@types/node": "^16.18.3",
|
||||
"@types/node": "^16.18.8",
|
||||
"@types/spdx-expression-parse": "^3.0.2",
|
||||
"@types/spdx-satisfies": "^0.1.0",
|
||||
"@typescript-eslint/eslint-plugin": "^5.42.1",
|
||||
"@typescript-eslint/parser": "^5.42.1",
|
||||
"@vercel/ncc": "^0.34.0",
|
||||
"@typescript-eslint/eslint-plugin": "^5.45.0",
|
||||
"@typescript-eslint/parser": "^5.46.0",
|
||||
"@vercel/ncc": "^0.36.0",
|
||||
"esbuild-register": "^3.4.1",
|
||||
"eslint": "^8.27.0",
|
||||
"eslint-plugin-github": "^4.4.1",
|
||||
"eslint-plugin-jest": "^27.1.5",
|
||||
"eslint": "^8.29.0",
|
||||
"eslint-plugin-github": "^4.6.0",
|
||||
"eslint-plugin-jest": "^27.1.6",
|
||||
"jest": "^27.5.1",
|
||||
"js-yaml": "^4.1.0",
|
||||
"nodemon": "^2.0.20",
|
||||
"prettier": "2.7.1",
|
||||
"prettier": "2.8.1",
|
||||
"ts-jest": "^27.1.4",
|
||||
"typescript": "^4.8.4"
|
||||
"typescript": "^4.9.3"
|
||||
}
|
||||
},
|
||||
"node_modules/@actions/core": {
|
||||
@@ -1802,9 +1802,9 @@
|
||||
"integrity": "sha512-ssE3Vlrys7sdIzs5LOxCzTVMsU7i9oa/IaW92wF32JFb3CVczqOkru2xspuKczHEbG3nvmPY7IFqVmGGHdNbYw=="
|
||||
},
|
||||
"node_modules/@types/node": {
|
||||
"version": "16.18.3",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.3.tgz",
|
||||
"integrity": "sha512-jh6m0QUhIRcZpNv7Z/rpN+ZWXOicUUQbSoWks7Htkbb9IjFQj4kzcX/xFCkjstCj5flMsN8FiSvt+q+Tcs4Llg=="
|
||||
"version": "16.18.8",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.8.tgz",
|
||||
"integrity": "sha512-TrpoNiaPvBH5h8rQQenMtVsJXtGsVBRJrcp2Ik6oEt99jHfGvDLh20VTTq3ixTbjYujukYz1IlY4N8a8yfY0jA=="
|
||||
},
|
||||
"node_modules/@types/prettier": {
|
||||
"version": "2.7.1",
|
||||
@@ -1852,14 +1852,14 @@
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/@typescript-eslint/eslint-plugin": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.42.1.tgz",
|
||||
"integrity": "sha512-LyR6x784JCiJ1j6sH5Y0K6cdExqCCm8DJUTcwG5ThNXJj/G8o5E56u5EdG4SLy+bZAwZBswC+GYn3eGdttBVCg==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.45.0.tgz",
|
||||
"integrity": "sha512-CXXHNlf0oL+Yg021cxgOdMHNTXD17rHkq7iW6RFHoybdFgQBjU3yIXhhcPpGwr1CjZlo6ET8C6tzX5juQoXeGA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": "5.42.1",
|
||||
"@typescript-eslint/type-utils": "5.42.1",
|
||||
"@typescript-eslint/utils": "5.42.1",
|
||||
"@typescript-eslint/scope-manager": "5.45.0",
|
||||
"@typescript-eslint/type-utils": "5.45.0",
|
||||
"@typescript-eslint/utils": "5.45.0",
|
||||
"debug": "^4.3.4",
|
||||
"ignore": "^5.2.0",
|
||||
"natural-compare-lite": "^1.4.0",
|
||||
@@ -1885,14 +1885,14 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/parser": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.42.1.tgz",
|
||||
"integrity": "sha512-kAV+NiNBWVQDY9gDJDToTE/NO8BHi4f6b7zTsVAJoTkmB/zlfOpiEVBzHOKtlgTndCKe8vj9F/PuolemZSh50Q==",
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.46.0.tgz",
|
||||
"integrity": "sha512-joNO6zMGUZg+C73vwrKXCd8usnsmOYmgW/w5ZW0pG0RGvqeznjtGDk61EqqTpNrFLUYBW2RSBFrxdAZMqA4OZA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": "5.42.1",
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/typescript-estree": "5.42.1",
|
||||
"@typescript-eslint/scope-manager": "5.46.0",
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"@typescript-eslint/typescript-estree": "5.46.0",
|
||||
"debug": "^4.3.4"
|
||||
},
|
||||
"engines": {
|
||||
@@ -1911,14 +1911,88 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/scope-manager": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.42.1.tgz",
|
||||
"integrity": "sha512-QAZY/CBP1Emx4rzxurgqj3rUinfsh/6mvuKbLNMfJMMKYLRBfweus8brgXF8f64ABkIZ3zdj2/rYYtF8eiuksQ==",
|
||||
"node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.46.0.tgz",
|
||||
"integrity": "sha512-7wWBq9d/GbPiIM6SqPK9tfynNxVbfpihoY5cSFMer19OYUA3l4powA2uv0AV2eAZV6KoAh6lkzxv4PoxOLh1oA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/visitor-keys": "5.42.1"
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"@typescript-eslint/visitor-keys": "5.46.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.46.0.tgz",
|
||||
"integrity": "sha512-wHWgQHFB+qh6bu0IAPAJCdeCdI0wwzZnnWThlmHNY01XJ9Z97oKqKOzWYpR2I83QmshhQJl6LDM9TqMiMwJBTw==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.46.0.tgz",
|
||||
"integrity": "sha512-kDLNn/tQP+Yp8Ro2dUpyyVV0Ksn2rmpPpB0/3MO874RNmXtypMwSeazjEN/Q6CTp8D7ExXAAekPEcCEB/vtJkw==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"@typescript-eslint/visitor-keys": "5.46.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
"semver": "^7.3.7",
|
||||
"tsutils": "^3.21.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
},
|
||||
"peerDependenciesMeta": {
|
||||
"typescript": {
|
||||
"optional": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.46.0.tgz",
|
||||
"integrity": "sha512-E13gBoIXmaNhwjipuvQg1ByqSAu/GbEpP/qzFihugJ+MomtoJtFAJG/+2DRPByf57B863m0/q7Zt16V9ohhANw==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/scope-manager": {
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.45.0.tgz",
|
||||
"integrity": "sha512-noDMjr87Arp/PuVrtvN3dXiJstQR1+XlQ4R1EvzG+NMgXi8CuMCXpb8JqNtFHKceVSQ985BZhfRdowJzbv4yKw==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"@typescript-eslint/visitor-keys": "5.45.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
@@ -1929,13 +2003,13 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/type-utils": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.42.1.tgz",
|
||||
"integrity": "sha512-WWiMChneex5w4xPIX56SSnQQo0tEOy5ZV2dqmj8Z371LJ0E+aymWD25JQ/l4FOuuX+Q49A7pzh/CGIQflxMVXg==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.45.0.tgz",
|
||||
"integrity": "sha512-DY7BXVFSIGRGFZ574hTEyLPRiQIvI/9oGcN8t1A7f6zIs6ftbrU0nhyV26ZW//6f85avkwrLag424n+fkuoJ1Q==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/typescript-estree": "5.42.1",
|
||||
"@typescript-eslint/utils": "5.42.1",
|
||||
"@typescript-eslint/typescript-estree": "5.45.0",
|
||||
"@typescript-eslint/utils": "5.45.0",
|
||||
"debug": "^4.3.4",
|
||||
"tsutils": "^3.21.0"
|
||||
},
|
||||
@@ -1956,9 +2030,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/types": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.42.1.tgz",
|
||||
"integrity": "sha512-Qrco9dsFF5lhalz+lLFtxs3ui1/YfC6NdXu+RAGBa8uSfn01cjO7ssCsjIsUs484vny9Xm699FSKwpkCcqwWwA==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.45.0.tgz",
|
||||
"integrity": "sha512-QQij+u/vgskA66azc9dCmx+rev79PzX8uDHpsqSjEFtfF2gBUTRCpvYMh2gw2ghkJabNkPlSUCimsyBEQZd1DA==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
@@ -1969,13 +2043,13 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/typescript-estree": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.42.1.tgz",
|
||||
"integrity": "sha512-qElc0bDOuO0B8wDhhW4mYVgi/LZL+igPwXtV87n69/kYC/7NG3MES0jHxJNCr4EP7kY1XVsRy8C/u3DYeTKQmw==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.45.0.tgz",
|
||||
"integrity": "sha512-maRhLGSzqUpFcZgXxg1qc/+H0bT36lHK4APhp0AEUVrpSwXiRAomm/JGjSG+kNUio5kAa3uekCYu/47cnGn5EQ==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/visitor-keys": "5.42.1",
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"@typescript-eslint/visitor-keys": "5.45.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
@@ -1996,16 +2070,16 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.42.1.tgz",
|
||||
"integrity": "sha512-Gxvf12xSp3iYZd/fLqiQRD4uKZjDNR01bQ+j8zvhPjpsZ4HmvEFL/tC4amGNyxN9Rq+iqvpHLhlqx6KTxz9ZyQ==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.45.0.tgz",
|
||||
"integrity": "sha512-OUg2JvsVI1oIee/SwiejTot2OxwU8a7UfTFMOdlhD2y+Hl6memUSL4s98bpUTo8EpVEr0lmwlU7JSu/p2QpSvA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@types/json-schema": "^7.0.9",
|
||||
"@types/semver": "^7.3.12",
|
||||
"@typescript-eslint/scope-manager": "5.42.1",
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/typescript-estree": "5.42.1",
|
||||
"@typescript-eslint/scope-manager": "5.45.0",
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"@typescript-eslint/typescript-estree": "5.45.0",
|
||||
"eslint-scope": "^5.1.1",
|
||||
"eslint-utils": "^3.0.0",
|
||||
"semver": "^7.3.7"
|
||||
@@ -2022,12 +2096,12 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/visitor-keys": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.42.1.tgz",
|
||||
"integrity": "sha512-LOQtSF4z+hejmpUvitPlc4hA7ERGoj2BVkesOcG91HCn8edLGUXbTrErmutmPbl8Bo9HjAvOO/zBKQHExXNA2A==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.45.0.tgz",
|
||||
"integrity": "sha512-jc6Eccbn2RtQPr1s7th6jJWQHBHI6GBVQkCHoJFQ5UreaKm59Vxw+ynQUPPY2u2Amquc+7tmEoC2G52ApsGNNg==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
},
|
||||
"engines": {
|
||||
@@ -2039,9 +2113,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@vercel/ncc": {
|
||||
"version": "0.34.0",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.34.0.tgz",
|
||||
"integrity": "sha512-G9h5ZLBJ/V57Ou9vz5hI8pda/YQX5HQszCs3AmIus3XzsmRn/0Ptic5otD3xVST8QLKk7AMk7AqpsyQGN7MZ9A==",
|
||||
"version": "0.36.0",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.36.0.tgz",
|
||||
"integrity": "sha512-/ZTUJ/ZkRt694k7KJNimgmHjtQcRuVwsST2Z6XfYveQIuBbHR+EqkTc1jfgPkQmMyk/vtpxo3nVxe8CNuau86A==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"ncc": "dist/ncc/cli.js"
|
||||
@@ -3614,9 +3688,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/eslint": {
|
||||
"version": "8.27.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.27.0.tgz",
|
||||
"integrity": "sha512-0y1bfG2ho7mty+SiILVf9PfuRA49ek4Nc60Wmmu62QlobNR+CeXa4xXIJgcuwSQgZiWaPH+5BDsctpIW0PR/wQ==",
|
||||
"version": "8.29.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.29.0.tgz",
|
||||
"integrity": "sha512-isQ4EEiyUjZFbEKvEGJKKGBwXtvXX+zJbkVKCgTuB9t/+jUBcy8avhkEwWJecI15BkRkOYmvIM5ynbhRjEkoeg==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@eslint/eslintrc": "^1.3.3",
|
||||
@@ -3782,9 +3856,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/eslint-plugin-github": {
|
||||
"version": "4.4.1",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.4.1.tgz",
|
||||
"integrity": "sha512-wpxUIPw+EK5bdUssB8W5Z9/tapZptfJuLkThwPY8p52v75MV/Fb1AkCrLGlYO0yi3mQGFoa3uE0NMzssVAFrUw==",
|
||||
"version": "4.6.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.6.0.tgz",
|
||||
"integrity": "sha512-6VMH3wLUPEnV/0VuV3f0F74LF93N522Ht9KBYWDuPWKhr1NBzCqySIbQsxjPINIynoLtsErSc/YgICrocCc2zw==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@github/browserslist-config": "^1.0.0",
|
||||
@@ -3875,9 +3949,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/eslint-plugin-jest": {
|
||||
"version": "27.1.5",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-27.1.5.tgz",
|
||||
"integrity": "sha512-CK2dekZ5VBdzsOSOH5Fc1rwC+cWXjkcyrmf1RV714nDUDKu+o73TTJiDxpbILG8PtPPpAAl3ywzh5QA7Ft0mjA==",
|
||||
"version": "27.1.6",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-27.1.6.tgz",
|
||||
"integrity": "sha512-XA7RFLSrlQF9IGtAmhddkUkBuICCTuryfOTfCSWcZHiHb69OilIH05oozH2XA6CEOtztnOd0vgXyvxZodkxGjg==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/utils": "^5.10.0"
|
||||
@@ -4540,9 +4614,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/got": {
|
||||
"version": "12.5.2",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.5.2.tgz",
|
||||
"integrity": "sha512-guHGMSEcsA5m1oPRweXUJnug0vuvlkX9wx5hzOka+ZBrBUOJHU0Z1JcNu3QE5IPGnA5aXUsQHdWOD4eJg9/v3A==",
|
||||
"version": "12.5.3",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.5.3.tgz",
|
||||
"integrity": "sha512-8wKnb9MGU8IPGRIo+/ukTy9XLJBwDiCpIf5TVzQ9Cpol50eMTpBq2GAuDsuDIz7hTYmZgMgC1e9ydr6kSDWs3w==",
|
||||
"dependencies": {
|
||||
"@sindresorhus/is": "^5.2.0",
|
||||
"@szmarczak/http-timer": "^5.0.1",
|
||||
@@ -6823,9 +6897,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/prettier": {
|
||||
"version": "2.7.1",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
|
||||
"integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
|
||||
"version": "2.8.1",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.8.1.tgz",
|
||||
"integrity": "sha512-lqGoSJBQNJidqCHE80vqZJHWHRFoNYsSpP9AjFhlhi9ODCJA541svILes/+/1GM3VaL/abZi7cpFzOpdR9UPKg==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"prettier": "bin-prettier.js"
|
||||
@@ -7782,9 +7856,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/typescript": {
|
||||
"version": "4.8.4",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
|
||||
"integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
|
||||
"version": "4.9.3",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.3.tgz",
|
||||
"integrity": "sha512-CIfGzTelbKNEnLpLdGFgdyKhG23CKdKgQPOBc+OUNrkJ2vr+KSzsSV5kq5iWhEQbok+quxgGzrAtGWCyU7tHnA==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"tsc": "bin/tsc",
|
||||
@@ -9602,9 +9676,9 @@
|
||||
"integrity": "sha512-ssE3Vlrys7sdIzs5LOxCzTVMsU7i9oa/IaW92wF32JFb3CVczqOkru2xspuKczHEbG3nvmPY7IFqVmGGHdNbYw=="
|
||||
},
|
||||
"@types/node": {
|
||||
"version": "16.18.3",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.3.tgz",
|
||||
"integrity": "sha512-jh6m0QUhIRcZpNv7Z/rpN+ZWXOicUUQbSoWks7Htkbb9IjFQj4kzcX/xFCkjstCj5flMsN8FiSvt+q+Tcs4Llg=="
|
||||
"version": "16.18.8",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.8.tgz",
|
||||
"integrity": "sha512-TrpoNiaPvBH5h8rQQenMtVsJXtGsVBRJrcp2Ik6oEt99jHfGvDLh20VTTq3ixTbjYujukYz1IlY4N8a8yfY0jA=="
|
||||
},
|
||||
"@types/prettier": {
|
||||
"version": "2.7.1",
|
||||
@@ -9652,14 +9726,14 @@
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/eslint-plugin": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.42.1.tgz",
|
||||
"integrity": "sha512-LyR6x784JCiJ1j6sH5Y0K6cdExqCCm8DJUTcwG5ThNXJj/G8o5E56u5EdG4SLy+bZAwZBswC+GYn3eGdttBVCg==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.45.0.tgz",
|
||||
"integrity": "sha512-CXXHNlf0oL+Yg021cxgOdMHNTXD17rHkq7iW6RFHoybdFgQBjU3yIXhhcPpGwr1CjZlo6ET8C6tzX5juQoXeGA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/scope-manager": "5.42.1",
|
||||
"@typescript-eslint/type-utils": "5.42.1",
|
||||
"@typescript-eslint/utils": "5.42.1",
|
||||
"@typescript-eslint/scope-manager": "5.45.0",
|
||||
"@typescript-eslint/type-utils": "5.45.0",
|
||||
"@typescript-eslint/utils": "5.45.0",
|
||||
"debug": "^4.3.4",
|
||||
"ignore": "^5.2.0",
|
||||
"natural-compare-lite": "^1.4.0",
|
||||
@@ -9669,53 +9743,96 @@
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/parser": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.42.1.tgz",
|
||||
"integrity": "sha512-kAV+NiNBWVQDY9gDJDToTE/NO8BHi4f6b7zTsVAJoTkmB/zlfOpiEVBzHOKtlgTndCKe8vj9F/PuolemZSh50Q==",
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.46.0.tgz",
|
||||
"integrity": "sha512-joNO6zMGUZg+C73vwrKXCd8usnsmOYmgW/w5ZW0pG0RGvqeznjtGDk61EqqTpNrFLUYBW2RSBFrxdAZMqA4OZA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/scope-manager": "5.42.1",
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/typescript-estree": "5.42.1",
|
||||
"@typescript-eslint/scope-manager": "5.46.0",
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"@typescript-eslint/typescript-estree": "5.46.0",
|
||||
"debug": "^4.3.4"
|
||||
},
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.46.0.tgz",
|
||||
"integrity": "sha512-7wWBq9d/GbPiIM6SqPK9tfynNxVbfpihoY5cSFMer19OYUA3l4powA2uv0AV2eAZV6KoAh6lkzxv4PoxOLh1oA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"@typescript-eslint/visitor-keys": "5.46.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/types": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.46.0.tgz",
|
||||
"integrity": "sha512-wHWgQHFB+qh6bu0IAPAJCdeCdI0wwzZnnWThlmHNY01XJ9Z97oKqKOzWYpR2I83QmshhQJl6LDM9TqMiMwJBTw==",
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/typescript-estree": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.46.0.tgz",
|
||||
"integrity": "sha512-kDLNn/tQP+Yp8Ro2dUpyyVV0Ksn2rmpPpB0/3MO874RNmXtypMwSeazjEN/Q6CTp8D7ExXAAekPEcCEB/vtJkw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"@typescript-eslint/visitor-keys": "5.46.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
"semver": "^7.3.7",
|
||||
"tsutils": "^3.21.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/visitor-keys": {
|
||||
"version": "5.46.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.46.0.tgz",
|
||||
"integrity": "sha512-E13gBoIXmaNhwjipuvQg1ByqSAu/GbEpP/qzFihugJ+MomtoJtFAJG/+2DRPByf57B863m0/q7Zt16V9ohhANw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.46.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/scope-manager": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.42.1.tgz",
|
||||
"integrity": "sha512-QAZY/CBP1Emx4rzxurgqj3rUinfsh/6mvuKbLNMfJMMKYLRBfweus8brgXF8f64ABkIZ3zdj2/rYYtF8eiuksQ==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.45.0.tgz",
|
||||
"integrity": "sha512-noDMjr87Arp/PuVrtvN3dXiJstQR1+XlQ4R1EvzG+NMgXi8CuMCXpb8JqNtFHKceVSQ985BZhfRdowJzbv4yKw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/visitor-keys": "5.42.1"
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"@typescript-eslint/visitor-keys": "5.45.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/type-utils": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.42.1.tgz",
|
||||
"integrity": "sha512-WWiMChneex5w4xPIX56SSnQQo0tEOy5ZV2dqmj8Z371LJ0E+aymWD25JQ/l4FOuuX+Q49A7pzh/CGIQflxMVXg==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.45.0.tgz",
|
||||
"integrity": "sha512-DY7BXVFSIGRGFZ574hTEyLPRiQIvI/9oGcN8t1A7f6zIs6ftbrU0nhyV26ZW//6f85avkwrLag424n+fkuoJ1Q==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/typescript-estree": "5.42.1",
|
||||
"@typescript-eslint/utils": "5.42.1",
|
||||
"@typescript-eslint/typescript-estree": "5.45.0",
|
||||
"@typescript-eslint/utils": "5.45.0",
|
||||
"debug": "^4.3.4",
|
||||
"tsutils": "^3.21.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/types": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.42.1.tgz",
|
||||
"integrity": "sha512-Qrco9dsFF5lhalz+lLFtxs3ui1/YfC6NdXu+RAGBa8uSfn01cjO7ssCsjIsUs484vny9Xm699FSKwpkCcqwWwA==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.45.0.tgz",
|
||||
"integrity": "sha512-QQij+u/vgskA66azc9dCmx+rev79PzX8uDHpsqSjEFtfF2gBUTRCpvYMh2gw2ghkJabNkPlSUCimsyBEQZd1DA==",
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/typescript-estree": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.42.1.tgz",
|
||||
"integrity": "sha512-qElc0bDOuO0B8wDhhW4mYVgi/LZL+igPwXtV87n69/kYC/7NG3MES0jHxJNCr4EP7kY1XVsRy8C/u3DYeTKQmw==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.45.0.tgz",
|
||||
"integrity": "sha512-maRhLGSzqUpFcZgXxg1qc/+H0bT36lHK4APhp0AEUVrpSwXiRAomm/JGjSG+kNUio5kAa3uekCYu/47cnGn5EQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/visitor-keys": "5.42.1",
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"@typescript-eslint/visitor-keys": "5.45.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
@@ -9724,35 +9841,35 @@
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/utils": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.42.1.tgz",
|
||||
"integrity": "sha512-Gxvf12xSp3iYZd/fLqiQRD4uKZjDNR01bQ+j8zvhPjpsZ4HmvEFL/tC4amGNyxN9Rq+iqvpHLhlqx6KTxz9ZyQ==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.45.0.tgz",
|
||||
"integrity": "sha512-OUg2JvsVI1oIee/SwiejTot2OxwU8a7UfTFMOdlhD2y+Hl6memUSL4s98bpUTo8EpVEr0lmwlU7JSu/p2QpSvA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@types/json-schema": "^7.0.9",
|
||||
"@types/semver": "^7.3.12",
|
||||
"@typescript-eslint/scope-manager": "5.42.1",
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/typescript-estree": "5.42.1",
|
||||
"@typescript-eslint/scope-manager": "5.45.0",
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"@typescript-eslint/typescript-estree": "5.45.0",
|
||||
"eslint-scope": "^5.1.1",
|
||||
"eslint-utils": "^3.0.0",
|
||||
"semver": "^7.3.7"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/visitor-keys": {
|
||||
"version": "5.42.1",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.42.1.tgz",
|
||||
"integrity": "sha512-LOQtSF4z+hejmpUvitPlc4hA7ERGoj2BVkesOcG91HCn8edLGUXbTrErmutmPbl8Bo9HjAvOO/zBKQHExXNA2A==",
|
||||
"version": "5.45.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.45.0.tgz",
|
||||
"integrity": "sha512-jc6Eccbn2RtQPr1s7th6jJWQHBHI6GBVQkCHoJFQ5UreaKm59Vxw+ynQUPPY2u2Amquc+7tmEoC2G52ApsGNNg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.42.1",
|
||||
"@typescript-eslint/types": "5.45.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
}
|
||||
},
|
||||
"@vercel/ncc": {
|
||||
"version": "0.34.0",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.34.0.tgz",
|
||||
"integrity": "sha512-G9h5ZLBJ/V57Ou9vz5hI8pda/YQX5HQszCs3AmIus3XzsmRn/0Ptic5otD3xVST8QLKk7AMk7AqpsyQGN7MZ9A==",
|
||||
"version": "0.36.0",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.36.0.tgz",
|
||||
"integrity": "sha512-/ZTUJ/ZkRt694k7KJNimgmHjtQcRuVwsST2Z6XfYveQIuBbHR+EqkTc1jfgPkQmMyk/vtpxo3nVxe8CNuau86A==",
|
||||
"dev": true
|
||||
},
|
||||
"abab": {
|
||||
@@ -10842,9 +10959,9 @@
|
||||
}
|
||||
},
|
||||
"eslint": {
|
||||
"version": "8.27.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.27.0.tgz",
|
||||
"integrity": "sha512-0y1bfG2ho7mty+SiILVf9PfuRA49ek4Nc60Wmmu62QlobNR+CeXa4xXIJgcuwSQgZiWaPH+5BDsctpIW0PR/wQ==",
|
||||
"version": "8.29.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.29.0.tgz",
|
||||
"integrity": "sha512-isQ4EEiyUjZFbEKvEGJKKGBwXtvXX+zJbkVKCgTuB9t/+jUBcy8avhkEwWJecI15BkRkOYmvIM5ynbhRjEkoeg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@eslint/eslintrc": "^1.3.3",
|
||||
@@ -10994,9 +11111,9 @@
|
||||
}
|
||||
},
|
||||
"eslint-plugin-github": {
|
||||
"version": "4.4.1",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.4.1.tgz",
|
||||
"integrity": "sha512-wpxUIPw+EK5bdUssB8W5Z9/tapZptfJuLkThwPY8p52v75MV/Fb1AkCrLGlYO0yi3mQGFoa3uE0NMzssVAFrUw==",
|
||||
"version": "4.6.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.6.0.tgz",
|
||||
"integrity": "sha512-6VMH3wLUPEnV/0VuV3f0F74LF93N522Ht9KBYWDuPWKhr1NBzCqySIbQsxjPINIynoLtsErSc/YgICrocCc2zw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@github/browserslist-config": "^1.0.0",
|
||||
@@ -11072,9 +11189,9 @@
|
||||
}
|
||||
},
|
||||
"eslint-plugin-jest": {
|
||||
"version": "27.1.5",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-27.1.5.tgz",
|
||||
"integrity": "sha512-CK2dekZ5VBdzsOSOH5Fc1rwC+cWXjkcyrmf1RV714nDUDKu+o73TTJiDxpbILG8PtPPpAAl3ywzh5QA7Ft0mjA==",
|
||||
"version": "27.1.6",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-27.1.6.tgz",
|
||||
"integrity": "sha512-XA7RFLSrlQF9IGtAmhddkUkBuICCTuryfOTfCSWcZHiHb69OilIH05oozH2XA6CEOtztnOd0vgXyvxZodkxGjg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/utils": "^5.10.0"
|
||||
@@ -11520,9 +11637,9 @@
|
||||
}
|
||||
},
|
||||
"got": {
|
||||
"version": "12.5.2",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.5.2.tgz",
|
||||
"integrity": "sha512-guHGMSEcsA5m1oPRweXUJnug0vuvlkX9wx5hzOka+ZBrBUOJHU0Z1JcNu3QE5IPGnA5aXUsQHdWOD4eJg9/v3A==",
|
||||
"version": "12.5.3",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.5.3.tgz",
|
||||
"integrity": "sha512-8wKnb9MGU8IPGRIo+/ukTy9XLJBwDiCpIf5TVzQ9Cpol50eMTpBq2GAuDsuDIz7hTYmZgMgC1e9ydr6kSDWs3w==",
|
||||
"requires": {
|
||||
"@sindresorhus/is": "^5.2.0",
|
||||
"@szmarczak/http-timer": "^5.0.1",
|
||||
@@ -13245,9 +13362,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"prettier": {
|
||||
"version": "2.7.1",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
|
||||
"integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
|
||||
"version": "2.8.1",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.8.1.tgz",
|
||||
"integrity": "sha512-lqGoSJBQNJidqCHE80vqZJHWHRFoNYsSpP9AjFhlhi9ODCJA541svILes/+/1GM3VaL/abZi7cpFzOpdR9UPKg==",
|
||||
"dev": true
|
||||
},
|
||||
"prettier-linter-helpers": {
|
||||
@@ -13929,9 +14046,9 @@
|
||||
}
|
||||
},
|
||||
"typescript": {
|
||||
"version": "4.8.4",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
|
||||
"integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
|
||||
"version": "4.9.3",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.3.tgz",
|
||||
"integrity": "sha512-CIfGzTelbKNEnLpLdGFgdyKhG23CKdKgQPOBc+OUNrkJ2vr+KSzsSV5kq5iWhEQbok+quxgGzrAtGWCyU7tHnA==",
|
||||
"dev": true
|
||||
},
|
||||
"unbox-primitive": {
|
||||
|
||||
+11
-11
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "2.5.1",
|
||||
"version": "3.0.2",
|
||||
"private": true,
|
||||
"description": "A GitHub Action for Dependency Review",
|
||||
"main": "lib/main.js",
|
||||
@@ -30,7 +30,7 @@
|
||||
"@octokit/plugin-retry": "^4.0.3",
|
||||
"@octokit/request-error": "^3.0.2",
|
||||
"ansi-styles": "^6.2.1",
|
||||
"got": "^12.5.2",
|
||||
"got": "^12.5.3",
|
||||
"nodemon": "^2.0.20",
|
||||
"octokit": "^2.0.10",
|
||||
"spdx-expression-parse": "^3.0.1",
|
||||
@@ -40,21 +40,21 @@
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/jest": "^27.5.2",
|
||||
"@types/node": "^16.18.3",
|
||||
"@typescript-eslint/eslint-plugin": "^5.42.1",
|
||||
"@typescript-eslint/parser": "^5.42.1",
|
||||
"@types/node": "^16.18.8",
|
||||
"@typescript-eslint/eslint-plugin": "^5.45.0",
|
||||
"@typescript-eslint/parser": "^5.46.0",
|
||||
"@types/spdx-expression-parse": "^3.0.2",
|
||||
"@types/spdx-satisfies": "^0.1.0",
|
||||
"@vercel/ncc": "^0.34.0",
|
||||
"@vercel/ncc": "^0.36.0",
|
||||
"esbuild-register": "^3.4.1",
|
||||
"eslint": "^8.27.0",
|
||||
"eslint-plugin-github": "^4.4.1",
|
||||
"eslint-plugin-jest": "^27.1.5",
|
||||
"eslint": "^8.29.0",
|
||||
"eslint-plugin-github": "^4.6.0",
|
||||
"eslint-plugin-jest": "^27.1.6",
|
||||
"jest": "^27.5.1",
|
||||
"js-yaml": "^4.1.0",
|
||||
"nodemon": "^2.0.20",
|
||||
"prettier": "2.7.1",
|
||||
"prettier": "2.8.1",
|
||||
"ts-jest": "^27.1.4",
|
||||
"typescript": "^4.8.4"
|
||||
"typescript": "^4.9.3"
|
||||
}
|
||||
}
|
||||
|
||||
+27
-5
@@ -80,12 +80,11 @@ function validateLicenses(
|
||||
if (licenses === undefined) {
|
||||
return
|
||||
}
|
||||
|
||||
const invalid_licenses = licenses.filter(license => !isSPDXValid(license))
|
||||
|
||||
if (invalid_licenses.length > 0) {
|
||||
throw new Error(
|
||||
`Invalid license(s) in ${key}: ${invalid_licenses.join(', ')}`
|
||||
)
|
||||
throw new Error(`Invalid license(s) in ${key}: ${invalid_licenses}`)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -113,18 +112,41 @@ async function readConfigFile(
|
||||
}
|
||||
return parseConfigFile(data)
|
||||
} catch (error) {
|
||||
core.debug(error as string)
|
||||
throw new Error('Unable to fetch config file')
|
||||
throw new Error(
|
||||
`Unable to fetch or parse config file: ${(error as Error).message}`
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
function parseConfigFile(configData: string): ConfigurationOptionsPartial {
|
||||
try {
|
||||
const data = YAML.parse(configData)
|
||||
|
||||
// These are the options that we support where the user can provide
|
||||
// either a YAML list or a comma-separated string.
|
||||
const listKeys = [
|
||||
'allow-licenses',
|
||||
'deny-licenses',
|
||||
'fail-on-scopes',
|
||||
'allow-ghsas'
|
||||
]
|
||||
|
||||
for (const key of Object.keys(data)) {
|
||||
// strings can contain list values (e.g. 'MIT, Apache-2.0'). In this
|
||||
// case we need to parse that into a list (e.g. ['MIT', 'Apache-2.0']).
|
||||
if (listKeys.includes(key)) {
|
||||
const val = data[key]
|
||||
|
||||
if (typeof val === 'string') {
|
||||
data[key] = val.split(',').map(x => x.trim())
|
||||
}
|
||||
}
|
||||
|
||||
// perform SPDX validation
|
||||
if (key === 'allow-licenses' || key === 'deny-licenses') {
|
||||
validateLicenses(key, data[key])
|
||||
}
|
||||
|
||||
// get rid of the ugly dashes from the actions conventions
|
||||
if (key.includes('-')) {
|
||||
data[key.replace(/-/g, '_')] = data[key]
|
||||
|
||||
+1
-1
@@ -35,7 +35,7 @@ export function addChangeVulnerabilitiesToSummary(
|
||||
core.summary
|
||||
.addHeading('Vulnerabilities')
|
||||
.addQuote(
|
||||
`Vulnerabilites were filtered by mininum severity <strong>${severity}</strong>.`
|
||||
`Vulnerabilities were filtered by minimum severity <strong>${severity}</strong>.`
|
||||
)
|
||||
|
||||
if (addedPackages.length === 0) {
|
||||
|
||||
@@ -41,6 +41,13 @@ export function isSPDXValid(license: string): boolean {
|
||||
}
|
||||
}
|
||||
|
||||
function isEnterprise(): boolean {
|
||||
const serverUrl = new URL(
|
||||
process.env['GITHUB_SERVER_URL'] ?? 'https://github.com'
|
||||
)
|
||||
return serverUrl.hostname.toLowerCase() !== 'github.com'
|
||||
}
|
||||
|
||||
export function octokitClient(token = 'repo-token', required = true): Octokit {
|
||||
const opts: Record<string, unknown> = {}
|
||||
|
||||
@@ -51,5 +58,11 @@ export function octokitClient(token = 'repo-token', required = true): Octokit {
|
||||
opts['auth'] = auth
|
||||
}
|
||||
|
||||
//baseUrl is required for GitHub Enterprise Server
|
||||
//https://github.com/octokit/octokit.js/blob/9c8fa89d5b0bc4ddbd6dec638db00a2f6c94c298/README.md?plain=1#L196
|
||||
if (isEnterprise()) {
|
||||
opts['baseUrl'] = new URL('api/v3', process.env['GITHUB_SERVER_URL'])
|
||||
}
|
||||
|
||||
return new Octokit(opts)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user