Compare commits

...

78 Commits

Author SHA1 Message Date
Federico Builes a9c83d3af6 Merge pull request #81 from actions/elireisman/fix-default-case
Fix default-case in error handling
2022-05-23 12:30:51 -07:00
Eli Reisman f4b10ab0c4 update dist package 2022-05-23 11:46:07 -07:00
Eli Reisman a4da1f9048 handle unexpected error types opaquely 2022-05-23 11:45:36 -07:00
Eli Reisman 19edfd7243 fix default case in error handling 2022-05-23 11:36:34 -07:00
Federico Builes 0be808458e Merge pull request #80 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.26.0
Bump @typescript-eslint/parser from 5.24.0 to 5.26.0
2022-05-23 11:20:37 -07:00
Federico Builes 77396f2e4f Merge pull request #79 from actions/dependabot/npm_and_yarn/zod-3.17.2
Bump zod from 3.16.0 to 3.17.2
2022-05-23 11:19:59 -07:00
Federico Builes 9bc6bded9e updating dist 2022-05-23 11:18:56 -07:00
dependabot[bot] 3b26a2a544 Bump zod from 3.16.0 to 3.17.2
Bumps [zod](https://github.com/colinhacks/zod) from 3.16.0 to 3.17.2.
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colinhacks/zod/compare/v3.16.0...v3.17.2)

---
updated-dependencies:
- dependency-name: zod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 18:16:20 +00:00
dependabot[bot] 7517e23bfc Bump @typescript-eslint/parser from 5.24.0 to 5.26.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.24.0 to 5.26.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.26.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 18:16:05 +00:00
Federico Builes cdae254423 Merge pull request #78 from actions/dependabot/npm_and_yarn/eslint-8.16.0
Bump eslint from 8.15.0 to 8.16.0
2022-05-23 11:14:59 -07:00
Federico Builes a257e84a2f Merge pull request #77 from actions/dependabot/npm_and_yarn/types/node-17.0.35
Bump @types/node from 17.0.33 to 17.0.35
2022-05-23 11:14:38 -07:00
dependabot[bot] e0be07f423 Bump eslint from 8.15.0 to 8.16.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.15.0 to 8.16.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.15.0...v8.16.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 18:04:04 +00:00
dependabot[bot] 4b83e15691 Bump @types/node from 17.0.33 to 17.0.35
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 17.0.33 to 17.0.35.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 18:03:59 +00:00
Federico Builes e4396493ba Merge pull request #73 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.25.0
Bump @typescript-eslint/eslint-plugin from 5.24.0 to 5.25.0
2022-05-23 11:03:13 -07:00
dependabot[bot] 8ba008fb62 Bump @typescript-eslint/eslint-plugin from 5.24.0 to 5.25.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.24.0 to 5.25.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.25.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-18 01:30:23 +00:00
Federico Builes 5ce46b3424 Merge pull request #65 from actions/update-readme
Update README to include GHAS instructions
2022-05-16 14:20:09 -07:00
Federico Builes 9680f24ea3 Merge pull request #71 from actions/dependabot/npm_and_yarn/actions/github-5.0.3
Bump @actions/github from 5.0.1 to 5.0.3
2022-05-16 14:19:29 -07:00
Federico Builes 9cdb91e238 updating dist files 2022-05-16 14:17:47 -07:00
dependabot[bot] 92e8876693 Bump @actions/github from 5.0.1 to 5.0.3
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 5.0.1 to 5.0.3.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-16 21:15:27 +00:00
Federico Builes c91da44591 Merge pull request #67 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.2.2
Bump eslint-plugin-jest from 26.1.5 to 26.2.2
2022-05-16 14:13:20 -07:00
Federico Builes b988161c8f Merge pull request #70 from actions/updating-deps
Updating NPM Dependencies
2022-05-16 14:09:47 -07:00
Federico Builes a086ec5a2d updating dependencies 2022-05-16 14:06:20 -07:00
dependabot[bot] b40a0040b5 Bump eslint-plugin-jest from 26.1.5 to 26.2.2
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 26.1.5 to 26.2.2.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v26.1.5...v26.2.2)

---
updated-dependencies:
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-16 21:05:19 +00:00
Federico Builes dcc694e92a Merge pull request #61 from actions/dependabot/npm_and_yarn/zod-3.16.0
Bump zod from 3.15.1 to 3.16.0
2022-05-16 14:04:47 -07:00
dependabot[bot] dfafa144e7 Bump zod from 3.15.1 to 3.16.0
Bumps [zod](https://github.com/colinhacks/zod) from 3.15.1 to 3.16.0.
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colinhacks/zod/compare/v3.15.1...v3.16.0)

---
updated-dependencies:
- dependency-name: zod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-16 21:03:27 +00:00
Federico Builes 7a2877d9c8 updating the dist folder 2022-05-16 14:02:08 -07:00
Federico Builes 265d6e12a9 updating README 2022-05-13 08:11:58 +02:00
Eli Reisman 39e692fa32 Merge pull request #60 from actions/elireisman/handle-403
Enable differentiated error messages for DR eligibility
2022-05-12 11:13:53 -07:00
Federico Builes 744ab92b2c Merge pull request #62 from actions/update-hacking
Update CONTRIBUTING.md
2022-05-12 10:26:10 +02:00
Federico Builes 0b8c1ff0d6 Update CONTRIBUTING.md 2022-05-12 10:25:45 +02:00
Eli Reisman 7dcdeab949 update dist 2022-05-11 20:03:29 +00:00
Eli Reisman cabd238caa enable differentiated error messages for DR eligibility when API returns 403 2022-05-11 19:53:29 +00:00
Federico Builes 2fee08ee9a Merge pull request #55 from actions/dependabot/npm_and_yarn/eslint-8.15.0
Bump eslint from 8.14.0 to 8.15.0
2022-05-09 15:42:54 +02:00
Federico Builes 9571135e29 updating dist folder 2022-05-09 15:41:42 +02:00
dependabot[bot] 85d9dc08d0 Bump eslint from 8.14.0 to 8.15.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.14.0 to 8.15.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.14.0...v8.15.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-09 13:40:42 +00:00
Federico Builes 005e168d77 Merge pull request #54 from actions/updating-deps
Updating JS Dependencies in a single PR
2022-05-09 15:39:26 +02:00
Federico Builes 9c59c3e487 Updating dependencies.
Closes #49
Closes #50
Closes #51
Closes #52
Closes #53
2022-05-09 15:36:27 +02:00
Federico Builes e4574efd2a update deps 2022-05-05 17:25:18 +02:00
Federico Builes e343d06cbe Merge pull request #48 from actions/dependabot/npm_and_yarn/typescript-4.6.4
Bump typescript from 4.6.3 to 4.6.4
2022-05-05 17:24:06 +02:00
Federico Builes 3a4a231669 Merge pull request #47 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.22.0
Bump @typescript-eslint/eslint-plugin from 5.18.0 to 5.22.0
2022-05-05 17:23:59 +02:00
dependabot[bot] 3b3aee2807 Bump typescript from 4.6.3 to 4.6.4
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.6.3 to 4.6.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.6.3...v4.6.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 15:23:59 +00:00
Federico Builes 7e68ff5413 Merge pull request #15 from actions/dependabot/npm_and_yarn/actions/github-5.0.1
Bump @actions/github from 5.0.0 to 5.0.1
2022-05-05 17:23:43 +02:00
Federico Builes f3e7f2e17c Merge pull request #39 from actions/dependabot/npm_and_yarn/eslint-8.14.0
Bump eslint from 8.12.0 to 8.14.0
2022-05-05 17:23:08 +02:00
dependabot[bot] 5aadf9df79 Bump @actions/github from 5.0.0 to 5.0.1
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 15:21:20 +00:00
dependabot[bot] 2912ad058b Bump eslint from 8.12.0 to 8.14.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.12.0 to 8.14.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.12.0...v8.14.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 15:21:10 +00:00
dependabot[bot] 41113f0103 Bump @typescript-eslint/eslint-plugin from 5.18.0 to 5.22.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.18.0 to 5.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.22.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 15:20:48 +00:00
Federico Builes 457441cf81 Merge pull request #45 from actions/dependabot/npm_and_yarn/actions/core-1.7.0
Bump @actions/core from 1.6.0 to 1.7.0
2022-05-05 17:20:37 +02:00
Federico Builes 53e123e9bc Merge pull request #46 from actions/dependabot/npm_and_yarn/nodemon-2.0.16
Bump nodemon from 2.0.15 to 2.0.16
2022-05-05 17:19:57 +02:00
Federico Builes 51033d1351 package release 2022-05-05 16:57:05 +02:00
dependabot[bot] 727184648e Bump @actions/core from 1.6.0 to 1.7.0
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 14:52:31 +00:00
dependabot[bot] 51f78cb35f Bump nodemon from 2.0.15 to 2.0.16
Bumps [nodemon](https://github.com/remy/nodemon) from 2.0.15 to 2.0.16.
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](https://github.com/remy/nodemon/compare/v2.0.15...v2.0.16)

---
updated-dependencies:
- dependency-name: nodemon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:37:24 +00:00
Federico Builes 2ac4ee7782 Merge pull request #40 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.1.5
Bump eslint-plugin-jest from 26.1.3 to 26.1.5
2022-05-05 14:36:22 +02:00
Federico Builes 731c8509d5 Merge pull request #29 from actions/dependabot/npm_and_yarn/vercel/ncc-0.33.4
Bump @vercel/ncc from 0.33.3 to 0.33.4
2022-05-05 14:31:16 +02:00
Federico Builes 58c9c8dc08 add sourcemap 2022-05-05 14:30:11 +02:00
dependabot[bot] 38015e8ba9 Bump @vercel/ncc from 0.33.3 to 0.33.4
Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.33.3 to 0.33.4.
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](https://github.com/vercel/ncc/compare/0.33.3...0.33.4)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:28:30 +00:00
Federico Builes 55aad1c2ed Merge pull request #26 from actions/dependabot/github_actions/actions/upload-artifact-3
Bump actions/upload-artifact from 2 to 3
2022-05-05 14:27:27 +02:00
dependabot[bot] 132849cc93 Bump eslint-plugin-jest from 26.1.3 to 26.1.5
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 26.1.3 to 26.1.5.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v26.1.3...v26.1.5)

---
updated-dependencies:
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-25 02:49:57 +00:00
dependabot[bot] 52530a057c Bump actions/upload-artifact from 2 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-11 01:39:43 +00:00
Lane Seppala f7d534938a Merge pull request #20 from courtneycl/main
Update content
2022-04-06 14:11:01 -06:00
Courtney Claessens 27e65b9589 Update action.yml 2022-04-06 16:03:35 -04:00
Courtney Claessens 1d0829d84c Update README.md 2022-04-06 16:00:03 -04:00
Federico Builes e0e026c756 Merge pull request #18 from actions/update-codeowners
Updating CODEOWNERS.
2022-04-06 19:05:12 +02:00
Federico Builes 0e686847c0 Merge pull request #17 from actions/sarahkemi/update-readme
Update README copy
2022-04-06 10:13:48 +02:00
Sarah Aladetan 43afa84d78 update readme copy 2022-04-05 11:44:34 -07:00
Lane Seppala ac46ae2e5b Merge pull request #16 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.18.0
Bump @typescript-eslint/eslint-plugin from 5.17.0 to 5.18.0
2022-04-04 17:02:50 -06:00
dependabot[bot] ad9ad2d36d Bump @typescript-eslint/eslint-plugin from 5.17.0 to 5.18.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.17.0 to 5.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.18.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 22:59:44 +00:00
Lane Seppala be26556282 Merge pull request #13 from actions/dependabot/npm_and_yarn/prettier-2.6.2
Bump prettier from 2.6.1 to 2.6.2
2022-04-04 16:58:53 -06:00
Lane Seppala c083fa1499 Merge pull request #12 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.18.0
Bump @typescript-eslint/parser from 5.14.0 to 5.18.0
2022-04-04 16:58:37 -06:00
dependabot[bot] 157075c780 Bump @typescript-eslint/parser from 5.14.0 to 5.18.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.14.0 to 5.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.18.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 22:40:17 +00:00
dependabot[bot] 6ddfe40705 Bump prettier from 2.6.1 to 2.6.2
Bumps [prettier](https://github.com/prettier/prettier) from 2.6.1 to 2.6.2.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.6.1...2.6.2)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 22:40:15 +00:00
Lane Seppala ecf7f31121 Merge pull request #11 from actions/dependabot/npm_and_yarn/got-12.0.3
Bump got from 12.0.1 to 12.0.3
2022-04-04 16:39:27 -06:00
Lane Seppala 79799f95b1 Merge pull request #9 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.17.0
Bump @typescript-eslint/eslint-plugin from 5.14.0 to 5.17.0
2022-04-04 16:38:22 -06:00
Lane Seppala 20749a73f2 Merge pull request #8 from actions/dependabot/npm_and_yarn/ts-jest-27.1.4
Bump ts-jest from 27.1.3 to 27.1.4
2022-04-04 16:38:15 -06:00
Lane Seppala 047972e563 Merge pull request #7 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.1.3
Bump eslint-plugin-jest from 26.1.1 to 26.1.3
2022-04-04 16:38:05 -06:00
dependabot[bot] 1fcd0f0cda Bump got from 12.0.1 to 12.0.3
Bumps [got](https://github.com/sindresorhus/got) from 12.0.1 to 12.0.3.
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](https://github.com/sindresorhus/got/compare/v12.0.1...v12.0.3)

---
updated-dependencies:
- dependency-name: got
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 01:33:11 +00:00
dependabot[bot] 11ad653c6c Bump @typescript-eslint/eslint-plugin from 5.14.0 to 5.17.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.14.0 to 5.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.17.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 01:32:54 +00:00
dependabot[bot] a7b1112790 Bump ts-jest from 27.1.3 to 27.1.4
Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 27.1.3 to 27.1.4.
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v27.1.3...v27.1.4)

---
updated-dependencies:
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 01:32:35 +00:00
dependabot[bot] b72e171434 Bump eslint-plugin-jest from 26.1.1 to 26.1.3
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 26.1.1 to 26.1.3.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v26.1.1...v26.1.3)

---
updated-dependencies:
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 01:32:28 +00:00
10 changed files with 3178 additions and 3247 deletions
+1 -1
View File
@@ -46,7 +46,7 @@ jobs:
id: diff
# If index.js was different than expected, upload the expected version as an artifact
- uses: actions/upload-artifact@v2
- uses: actions/upload-artifact@v3
if: ${{ failure() && steps.diff.conclusion == 'failure' }}
with:
name: dist
+5 -1
View File
@@ -40,7 +40,11 @@ npm run test
## Local Development
We have a script to scan a given PR for vulnerabilities, this will
help you test your local changes. Make sure to [grab a Personal Access Token (PAT)](https://github.com/settings/tokens) before proceeding!
help you test your local changes. Make sure to [grab a Personal Access Token (PAT)](https://github.com/settings/tokens) before proceeding (you'll need `repo` permissions for private repos):
<img width="480" alt="Screenshot 2022-05-12 at 10 22 21" src="https://user-images.githubusercontent.com/2161/168026161-16788a0a-b6c8-428e-bb6a-83ea2a403070.png">
The syntax of the script is:
```sh
$ GITHUB_TOKEN=<token> ./scripts/scan_pr <pr_url>
+5 -3
View File
@@ -1,8 +1,8 @@
# dependency-review-action
This Action scans your pull requests for vulnerabilities introduced
when adding or updating your project's dependencies. A check in your
Pull Requests will let notify you of the results.
This action scans your pull requests for dependency changes and will raise an error if any new dependencies have existing vulnerabilities. The action is supported by an [API endpoint](https://docs.github.com/en/rest/reference/dependency-graph#dependency-review) that diffs the dependencies between any two revisions.
The action is available for all public repositories, as well as private repositories that have Github Advanced Security licensed.
<img width="854" alt="Screen Shot 2022-03-31 at 1 10 51 PM" src="https://user-images.githubusercontent.com/2161/161042286-b22d7dd3-13cb-458d-8744-ce70ed9bf562.png">
@@ -28,6 +28,8 @@ jobs:
uses: actions/dependency-review-action@v1
```
Please keep in mind that you need a GitHub Advanced Security license if you're running this Action on private repos.
## Getting help
If you have bug reports, questions or suggestions please [create a new
+1 -1
View File
@@ -1,5 +1,5 @@
name: 'Dependency Review'
description: 'GitHub Action for Dependency Review'
description: 'Prevent the introduction of dependencies with known vulnerabilities'
author: 'GitHub'
inputs:
repo-token:
Generated Vendored
+2532 -2753
View File
File diff suppressed because it is too large Load Diff
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
+607 -469
View File
File diff suppressed because it is too large Load Diff
+15 -15
View File
@@ -25,29 +25,29 @@
"author": "GitHub",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.6.0",
"@actions/github": "^5.0.0",
"@actions/core": "^1.8.2",
"@actions/github": "^5.0.3",
"@octokit/plugin-retry": "^3.0.9",
"@octokit/request-error": "^2.1.0",
"ansi-styles": "^6.1.0",
"got": "^12.0.1",
"nodemon": "^2.0.15",
"zod": "^3.13.4"
"got": "^12.0.4",
"nodemon": "^2.0.16",
"zod": "^3.17.2"
},
"devDependencies": {
"@types/node": "^17.0.23",
"@typescript-eslint/eslint-plugin": "^5.14.0",
"@typescript-eslint/parser": "^5.14.0",
"@vercel/ncc": "^0.33.3",
"@types/node": "^17.0.35",
"@typescript-eslint/eslint-plugin": "^5.25.0",
"@typescript-eslint/parser": "^5.26.0",
"@vercel/ncc": "^0.33.4",
"esbuild-register": "^3.3.2",
"eslint": "^8.12.0",
"eslint": "^8.16.0",
"eslint-plugin-github": "^4.3.6",
"eslint-plugin-jest": "^26.1.1",
"eslint-plugin-jest": "^26.2.2",
"jest": "^27.5.1",
"js-yaml": "^4.1.0",
"nodemon": "^2.0.15",
"prettier": "2.6.1",
"ts-jest": "^27.1.3",
"typescript": "^4.6.3"
"nodemon": "^2.0.16",
"prettier": "2.6.2",
"ts-jest": "^27.1.4",
"typescript": "^4.6.4"
}
}
+10 -2
View File
@@ -53,11 +53,19 @@ async function run(): Promise<void> {
}
} catch (error) {
if (error instanceof RequestError && error.status === 404) {
core.setFailed(
`Dependency review could not obtain dependency data for the specified owner, repository, or revision range.`
)
} else if (error instanceof RequestError && error.status === 403) {
core.setFailed(
`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled, see https://github.com/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`
)
} else if (error instanceof Error) {
core.setFailed(error.message)
} else {
if (error instanceof Error) {
core.setFailed(error.message)
} else {
core.setFailed('Unexpected fatal error')
}
}
}
}