Compare commits
138 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 1c59cdf2a9 | |||
| 29fc7a23bd | |||
| 903977c63a | |||
| aabd50a60d | |||
| 981c44c2a9 | |||
| c0d32934e8 | |||
| 963fe8045d | |||
| bf94d94f63 | |||
| 43ce5df965 | |||
| 24bc5e9934 | |||
| 97790d29c7 | |||
| 74dbdf9819 | |||
| f3f3519b2a | |||
| 216910dd9a | |||
| eb561ba6bd | |||
| 3f246861d8 | |||
| faa63c3cba | |||
| dfd519642f | |||
| 871f4064a1 | |||
| d6f6abdda3 | |||
| 54764c9203 | |||
| c6587b663d | |||
| 42e2bc1ed2 | |||
| 0b87f02bee | |||
| 00be2ce1fc | |||
| 2860b57e48 | |||
| fd6e756c7b | |||
| f83a407eb9 | |||
| b0e1f384d7 | |||
| c973154c92 | |||
| 3355ec4be5 | |||
| 76ad37608d | |||
| 3eff3f5918 | |||
| 7278093fa0 | |||
| b5b49104d4 | |||
| e56fe29417 | |||
| cc3101831d | |||
| ef97470a0f | |||
| efecf6fd09 | |||
| 24d7ef3c5d | |||
| 01fa67b82e | |||
| 1791775ce6 | |||
| 92f1ecaaea | |||
| 47d4ff9127 | |||
| 9c5310eee9 | |||
| d616ba30f2 | |||
| 7181a20a1f | |||
| eebebcdc2a | |||
| 571f236610 | |||
| fe78920139 | |||
| bd115a9b66 | |||
| 72a5a0f647 | |||
| 21412fec7b | |||
| 0777fbe61e | |||
| cc22dcd654 | |||
| 6b5518a9ed | |||
| 20cca5c0c4 | |||
| a51db20961 | |||
| a7d02aef82 | |||
| 4ac3d318ab | |||
| 25271922eb | |||
| 4474253eb8 | |||
| 1a7225bc91 | |||
| 4ebaca3419 | |||
| a96d28f120 | |||
| 29b67f0a05 | |||
| c187f6f12d | |||
| 3b0a091baa | |||
| 3456819f12 | |||
| 56e63b1bc5 | |||
| 2ae9a2d51b | |||
| 1261e18905 | |||
| dc7b0a2788 | |||
| 06297bf229 | |||
| bccacf9708 | |||
| 8c646c1c91 | |||
| 30c4549c8c | |||
| 93c8cb2c8a | |||
| d7c6d6203f | |||
| 92bcc5a0bf | |||
| 545050ada5 | |||
| 2b674f0e26 | |||
| 802525536f | |||
| 4eb9ad1d38 | |||
| 12cf02f216 | |||
| c7ff505b05 | |||
| 90221b23f7 | |||
| 2f38c7e78c | |||
| c235374b9d | |||
| ae2949c9c1 | |||
| 3ae540bf96 | |||
| 1c15a1745e | |||
| 19b36f0933 | |||
| 0b9547aabf | |||
| b327132e4b | |||
| f9a13e70f4 | |||
| db9f724163 | |||
| 7db11574b7 | |||
| 7063d0ca45 | |||
| 2dd55385c1 | |||
| 48729e4e38 | |||
| 230442bc30 | |||
| 4235242818 | |||
| 731e67eca2 | |||
| b601c09c4e | |||
| 982e1d16cb | |||
| f0a04841ce | |||
| e622e72c6f | |||
| 92e40d7290 | |||
| 21763d05e0 | |||
| 2c245d1aba | |||
| d6fb424a28 | |||
| 088fc4d4e8 | |||
| 132427b4bc | |||
| 5f0449f13c | |||
| 0b73ead548 | |||
| 67a046c994 | |||
| 64c25ba2f4 | |||
| f3682c87a7 | |||
| fc7745e42a | |||
| a8dcc6b774 | |||
| d09b96a7b1 | |||
| 243561faa0 | |||
| 860cc21fc2 | |||
| 98f8200aaa | |||
| b3375e0be4 | |||
| 737f9b3a71 | |||
| 91660a5ad1 | |||
| 2b78124491 | |||
| 365fad2034 | |||
| 31314537ae | |||
| c893395cf8 | |||
| 93e4466112 | |||
| 0e2b63f1f4 | |||
| 0e9a322413 | |||
| fdcc204dbb | |||
| 871c00fde8 | |||
| 52795b8e93 |
Vendored
+13
@@ -0,0 +1,13 @@
|
||||
{
|
||||
"version": "0.1.0",
|
||||
"configurations": [
|
||||
{
|
||||
"name": "Debug Jest Tests",
|
||||
"type": "node",
|
||||
"request": "launch",
|
||||
"runtimeArgs": ["--inspect-brk", "${workspaceRoot}/node_modules/.bin/jest", "--runInBand", "--coverage", "false"],
|
||||
"console": "integratedTerminal",
|
||||
"internalConsoleOptions": "neverOpen"
|
||||
}
|
||||
]
|
||||
}
|
||||
@@ -73,6 +73,39 @@ Here are a few things you can do that will increase the likelihood of your pull
|
||||
- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
|
||||
- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
|
||||
|
||||
## Cutting a new release
|
||||
|
||||
1. Go to [Draft a new
|
||||
release](https://github.com/actions/dependency-review-action/releases/new)
|
||||
in the Releases page.
|
||||
2. Make sure that the `Publish this Action to the GitHub Marketplace`
|
||||
checkbox is enabled
|
||||
|
||||
<img width="481" alt="Screenshot 2022-06-15 at 12 08 19" src="https://user-images.githubusercontent.com/2161/173822484-4b60d8b4-c674-4bff-b5ff-b0c4a3650ab7.png">
|
||||
|
||||
3. Click "Choose a tag" and then "Create new tag", where the tag name
|
||||
will be your version prefixed by a `v` (e.g. `v1.2.3`).
|
||||
4. Use a version number for the release title (e.g. "1.2.3").
|
||||
|
||||
<img width="700" alt="Screenshot 2022-06-15 at 12 08 36" src="https://user-images.githubusercontent.com/2161/173822548-33ab3432-d679-4dc1-adf8-b50fdaf47de3.png">
|
||||
|
||||
5. Add your release notes. If this is a major version make sure to
|
||||
include a small description of the biggest changes in the new version.
|
||||
6. Click "Publish Release".
|
||||
|
||||
You now have a tag and release using the semver version you used
|
||||
above. The last remaining thing to do is to move the dynamic version
|
||||
identifier to match the current SHA. This allows users to adopt a
|
||||
major version number (e.g. `v1`) in their workflows while
|
||||
automatically getting all the
|
||||
minor/patch updates.
|
||||
|
||||
To do this just force-create a new annotated tag and push it:
|
||||
```
|
||||
git tag -fa v1 -m "Updating v1 tag"
|
||||
git push origin v1 --force
|
||||
```
|
||||
|
||||
## Resources
|
||||
|
||||
- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
This action scans your pull requests for dependency changes and will raise an error if any new dependencies have existing vulnerabilities. The action is supported by an [API endpoint](https://docs.github.com/en/rest/reference/dependency-graph#dependency-review) that diffs the dependencies between any two revisions.
|
||||
|
||||
The action is available for all public repositories, as well as private repositories that have Github Advanced Security licensed.
|
||||
The action is available for all public repositories, as well as private repositories that have GitHub Advanced Security licensed.
|
||||
|
||||
<img width="854" alt="Screen Shot 2022-03-31 at 1 10 51 PM" src="https://user-images.githubusercontent.com/2161/161042286-b22d7dd3-13cb-458d-8744-ce70ed9bf562.png">
|
||||
|
||||
@@ -25,10 +25,99 @@ jobs:
|
||||
- name: 'Checkout Repository'
|
||||
uses: actions/checkout@v3
|
||||
- name: 'Dependency Review'
|
||||
uses: actions/dependency-review-action@v1
|
||||
uses: actions/dependency-review-action@v2
|
||||
```
|
||||
|
||||
Please keep in mind that you need a GitHub Advanced Security license if you're running this Action on private repos.
|
||||
Please keep in mind that you need a GitHub Advanced Security license if you're running this action on private repos.
|
||||
|
||||
## Configuration
|
||||
You can pass additional options to the Dependency Review
|
||||
Action using your workflow file. Here's an example workflow with
|
||||
all the possible configurations:
|
||||
|
||||
```yaml
|
||||
name: 'Dependency Review'
|
||||
on: [pull_request]
|
||||
permissions:
|
||||
contents: read
|
||||
jobs:
|
||||
dependency-review:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: 'Checkout Repository'
|
||||
uses: actions/checkout@v3
|
||||
- name: Dependency Review
|
||||
uses: actions/dependency-review-action@v2
|
||||
with:
|
||||
# Possible values: "critical", "high", "moderate", "low"
|
||||
# fail-on-severity: critical
|
||||
#
|
||||
# You can only can only include one of these two options: `allow-licenses` and `deny-licences`
|
||||
#
|
||||
# Possible values: Any `spdx_id` value(s) from https://docs.github.com/en/rest/licenses
|
||||
# allow-licenses: GPL-3.0, BSD-3-Clause, MIT
|
||||
#
|
||||
# Possible values: Any `spdx_id` value(s) from https://docs.github.com/en/rest/licenses
|
||||
# deny-licenses: LGPL-2.0, BSD-2-Clause
|
||||
```
|
||||
|
||||
### Vulnerability Severity
|
||||
|
||||
By default the action will fail on any pull request that contains a
|
||||
vulnerable dependency, regardless of the severity level. You can override this behavior by
|
||||
using the `fail-on-severity` option, which will cause a failure on any pull requests that introduce vulnerabilities of the specified severity level or higher. The possible values are: `critical`, `high`, `moderate`, or `low`. The
|
||||
action defaults to `low`.
|
||||
|
||||
This example will only fail on pull requests with `critical` and `high` vulnerabilities:
|
||||
|
||||
```yaml
|
||||
- name: Dependency Review
|
||||
uses: actions/dependency-review-action@v2
|
||||
with:
|
||||
fail-on-severity: high
|
||||
```
|
||||
|
||||
### Licenses
|
||||
|
||||
You can set the action to fail on pull requests based on the licenses of the dependencies
|
||||
they introduce. With `allow-licenses` you can define the list of licenses
|
||||
your repository will accept. Alternatively, you can use `deny-licenses` to only
|
||||
forbid a subset of licenses.
|
||||
|
||||
You can use the [Licenses
|
||||
API](https://docs.github.com/en/rest/licenses) to see the full list of
|
||||
supported licenses. Use the `spdx_id` field for every license you want
|
||||
to filter. A couple of examples:
|
||||
|
||||
```yaml
|
||||
# only allow MIT-licensed dependents
|
||||
- name: Dependency Review
|
||||
uses: actions/dependency-review-action@v2
|
||||
with:
|
||||
allow-licenses: MIT
|
||||
```
|
||||
|
||||
```yaml
|
||||
# Block Apache 1.1 and 2.0 licensed dependents
|
||||
- name: Dependency Review
|
||||
uses: actions/dependency-review-action@v2
|
||||
with:
|
||||
deny-licenses: Apache-1.1, Apache-2.0
|
||||
```
|
||||
|
||||
**Important**
|
||||
|
||||
* The action will only accept one of the two parameters; an error will
|
||||
be raised if you provide both.
|
||||
* By default both parameters are empty (no license checking is
|
||||
performed).
|
||||
* We don't have license information for all of your dependents. If we
|
||||
can't detect the license for a dependency **we will inform you, but the
|
||||
action won't fail**.
|
||||
|
||||
## Blocking pull requests
|
||||
|
||||
The Dependency Review GitHub Action check will only block a pull request from being merged if the repository owner has required the check to pass before merging. For more information, see the [documentation on protected branches](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging).
|
||||
|
||||
## Getting help
|
||||
|
||||
@@ -37,7 +126,7 @@ issue](https://github.com/actions/dependency-review-action/issues/new/choose).
|
||||
|
||||
## Contributing
|
||||
|
||||
We are grateful for any contributions made to this project.
|
||||
We are grateful for any contributions made to this project.
|
||||
|
||||
Please read [CONTRIBUTING.MD](https://github.com/actions/dependency-review-action/blob/main/CONTRIBUTING.md) to get started.
|
||||
|
||||
|
||||
@@ -0,0 +1,53 @@
|
||||
import {expect, test, beforeEach} from '@jest/globals'
|
||||
import {readConfig} from '../src/config'
|
||||
|
||||
// GitHub Action inputs come in the form of environment variables
|
||||
// with an INPUT prefix (e.g. INPUT_FAIL-ON-SEVERITY)
|
||||
function setInput(input: string, value: string) {
|
||||
process.env[`INPUT_${input.toUpperCase()}`] = value
|
||||
}
|
||||
|
||||
// We want a clean ENV before each test. We use `delete`
|
||||
// since we want `undefined` values and not empty strings.
|
||||
function clearInputs() {
|
||||
delete process.env['INPUT_FAIL-ON-SEVERITY']
|
||||
delete process.env['INPUT_ALLOW-LICENSES']
|
||||
delete process.env['INPUT_DENY-LICENSES']
|
||||
}
|
||||
|
||||
beforeEach(() => {
|
||||
clearInputs()
|
||||
})
|
||||
|
||||
test('it defaults to low severity', async () => {
|
||||
const options = readConfig()
|
||||
expect(options.fail_on_severity).toEqual('low')
|
||||
})
|
||||
|
||||
test('it reads custom configs', async () => {
|
||||
setInput('fail-on-severity', 'critical')
|
||||
setInput('allow-licenses', ' BSD, GPL 2')
|
||||
|
||||
const options = readConfig()
|
||||
expect(options.fail_on_severity).toEqual('critical')
|
||||
expect(options.allow_licenses).toEqual(['BSD', 'GPL 2'])
|
||||
})
|
||||
|
||||
test('it defaults to empty allow/deny lists ', async () => {
|
||||
const options = readConfig()
|
||||
|
||||
expect(options.allow_licenses).toEqual(undefined)
|
||||
expect(options.deny_licenses).toEqual(undefined)
|
||||
})
|
||||
|
||||
test('it raises an error if both an allow and denylist are specified', async () => {
|
||||
setInput('allow-licenses', 'MIT')
|
||||
setInput('deny-licenses', 'BSD')
|
||||
|
||||
expect(() => readConfig()).toThrow()
|
||||
})
|
||||
|
||||
test('it raises an error when given an unknown severity', async () => {
|
||||
setInput('fail-on-severity', 'zombies')
|
||||
expect(() => readConfig()).toThrow()
|
||||
})
|
||||
@@ -0,0 +1,59 @@
|
||||
import {expect, test} from '@jest/globals'
|
||||
import {Change, Changes} from '../src/schemas'
|
||||
import {filterChangesBySeverity} from '../src/filter'
|
||||
|
||||
let npmChange: Change = {
|
||||
manifest: 'package.json',
|
||||
change_type: 'added',
|
||||
ecosystem: 'npm',
|
||||
name: 'Reeuhq',
|
||||
version: '1.0.2',
|
||||
package_url: 'pkg:npm/reeuhq@1.0.2',
|
||||
license: 'MIT',
|
||||
source_repository_url: 'github.com/some-repo',
|
||||
vulnerabilities: [
|
||||
{
|
||||
severity: 'critical',
|
||||
advisory_ghsa_id: 'first-random_string',
|
||||
advisory_summary: 'very dangerouns',
|
||||
advisory_url: 'github.com/future-funk'
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
let rubyChange: Change = {
|
||||
change_type: 'added',
|
||||
manifest: 'Gemfile.lock',
|
||||
ecosystem: 'rubygems',
|
||||
name: 'actionsomething',
|
||||
version: '3.2.0',
|
||||
package_url: 'pkg:gem/actionsomething@3.2.0',
|
||||
license: 'BSD',
|
||||
source_repository_url: 'github.com/some-repo',
|
||||
vulnerabilities: [
|
||||
{
|
||||
severity: 'moderate',
|
||||
advisory_ghsa_id: 'second-random_string',
|
||||
advisory_summary: 'not so dangerouns',
|
||||
advisory_url: 'github.com/future-funk'
|
||||
},
|
||||
{
|
||||
severity: 'low',
|
||||
advisory_ghsa_id: 'third-random_string',
|
||||
advisory_summary: 'dont page me',
|
||||
advisory_url: 'github.com/future-funk'
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
test('it properly filters changes by severity', async () => {
|
||||
const changes = [npmChange, rubyChange]
|
||||
let result = filterChangesBySeverity('high', changes)
|
||||
expect(result).toEqual([npmChange])
|
||||
|
||||
result = filterChangesBySeverity('low', changes)
|
||||
expect(changes).toEqual([npmChange, rubyChange])
|
||||
|
||||
result = filterChangesBySeverity('critical', changes)
|
||||
expect(changes).toEqual([npmChange, rubyChange])
|
||||
})
|
||||
@@ -0,0 +1,4 @@
|
||||
fail_on_severity: critical
|
||||
allow_licenses:
|
||||
- "BSD"
|
||||
- "GPL 2"
|
||||
@@ -0,0 +1,2 @@
|
||||
allow_licenses: []
|
||||
deny_licenses: []
|
||||
@@ -0,0 +1 @@
|
||||
fail_on_severity: critical
|
||||
@@ -0,0 +1,70 @@
|
||||
import {expect, test} from '@jest/globals'
|
||||
import {Change, Changes} from '../src/schemas'
|
||||
import {getDeniedLicenseChanges} from '../src/licenses'
|
||||
|
||||
let npmChange: Change = {
|
||||
manifest: 'package.json',
|
||||
change_type: 'added',
|
||||
ecosystem: 'npm',
|
||||
name: 'Reeuhq',
|
||||
version: '1.0.2',
|
||||
package_url: 'pkg:npm/reeuhq@1.0.2',
|
||||
license: 'MIT',
|
||||
source_repository_url: 'github.com/some-repo',
|
||||
vulnerabilities: [
|
||||
{
|
||||
severity: 'critical',
|
||||
advisory_ghsa_id: 'first-random_string',
|
||||
advisory_summary: 'very dangerouns',
|
||||
advisory_url: 'github.com/future-funk'
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
let rubyChange: Change = {
|
||||
change_type: 'added',
|
||||
manifest: 'Gemfile.lock',
|
||||
ecosystem: 'rubygems',
|
||||
name: 'actionsomething',
|
||||
version: '3.2.0',
|
||||
package_url: 'pkg:gem/actionsomething@3.2.0',
|
||||
license: 'BSD',
|
||||
source_repository_url: 'github.com/some-repo',
|
||||
vulnerabilities: [
|
||||
{
|
||||
severity: 'moderate',
|
||||
advisory_ghsa_id: 'second-random_string',
|
||||
advisory_summary: 'not so dangerouns',
|
||||
advisory_url: 'github.com/future-funk'
|
||||
},
|
||||
{
|
||||
severity: 'low',
|
||||
advisory_ghsa_id: 'third-random_string',
|
||||
advisory_summary: 'dont page me',
|
||||
advisory_url: 'github.com/future-funk'
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
test('it fails if a license outside the allow list is found', async () => {
|
||||
const changes: Changes = [npmChange, rubyChange]
|
||||
const [invalidChanges, _] = getDeniedLicenseChanges(changes, {allow: ['BSD']})
|
||||
expect(invalidChanges[0]).toBe(npmChange)
|
||||
})
|
||||
|
||||
test('it fails if a license inside the deny list is found', async () => {
|
||||
const changes: Changes = [npmChange, rubyChange]
|
||||
const [invalidChanges] = getDeniedLicenseChanges(changes, {deny: ['BSD']})
|
||||
expect(invalidChanges[0]).toBe(rubyChange)
|
||||
})
|
||||
|
||||
// This is more of a "here's a behavior that might be surprising" than an actual
|
||||
// thing we want in the system. Please remove this test after refactoring.
|
||||
test('it fails all license checks when allow is provided an empty array', async () => {
|
||||
const changes: Changes = [npmChange, rubyChange]
|
||||
let [invalidChanges, _] = getDeniedLicenseChanges(changes, {
|
||||
allow: [],
|
||||
deny: ['BSD']
|
||||
})
|
||||
expect(invalidChanges.length).toBe(2)
|
||||
})
|
||||
@@ -1,5 +0,0 @@
|
||||
import {expect, test} from '@jest/globals'
|
||||
|
||||
test('tests things', async () => {
|
||||
expect(true).toEqual(true)
|
||||
})
|
||||
+11
-1
@@ -3,9 +3,19 @@ description: 'Prevent the introduction of dependencies with known vulnerabilitie
|
||||
author: 'GitHub'
|
||||
inputs:
|
||||
repo-token:
|
||||
description: 'Token for the repository. Can be passed in using `{{ secrets.GITHUB_TOKEN }}`.'
|
||||
description: Token for the repository. Can be passed in using `{{ secrets.GITHUB_TOKEN }}`.
|
||||
required: false
|
||||
default: ${{ github.token }}
|
||||
fail-on-severity:
|
||||
description: Don't block PRs below this severity. Possible values are `low`, `moderate`, `high`, `critical`.
|
||||
required: false
|
||||
default: 'low'
|
||||
allow-licenses:
|
||||
description: Comma-separated list of allowed licenses (e.g. "MIT, GPL 3.0, BSD 2 Clause")
|
||||
required: false
|
||||
deny-licenses:
|
||||
description: Comma-separated list of forbidden licenses (e.g. "MIT, GPL 3.0, BSD 2 Clause")
|
||||
required: false
|
||||
runs:
|
||||
using: 'node16'
|
||||
main: 'dist/index.js'
|
||||
|
||||
+350
-102
File diff suppressed because it is too large
Load Diff
+1
-1
File diff suppressed because one or more lines are too long
Generated
+159
-359
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "0.0.1",
|
||||
"version": "2.0.1",
|
||||
"lockfileVersion": 2,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "dependency-review-action",
|
||||
"version": "0.0.1",
|
||||
"version": "2.0.1",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.8.2",
|
||||
@@ -14,25 +14,26 @@
|
||||
"@octokit/plugin-retry": "^3.0.9",
|
||||
"@octokit/request-error": "^2.1.0",
|
||||
"ansi-styles": "^6.1.0",
|
||||
"got": "^12.0.4",
|
||||
"got": "^12.1.0",
|
||||
"nodemon": "^2.0.16",
|
||||
"zod": "^3.17.2"
|
||||
"yaml": "^2.1.1",
|
||||
"zod": "^3.17.3"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/node": "^17.0.35",
|
||||
"@typescript-eslint/eslint-plugin": "^5.25.0",
|
||||
"@typescript-eslint/parser": "^5.26.0",
|
||||
"@vercel/ncc": "^0.33.4",
|
||||
"esbuild-register": "^3.3.2",
|
||||
"eslint": "^8.16.0",
|
||||
"@types/node": "^17.0.43",
|
||||
"@typescript-eslint/eslint-plugin": "^5.28.0",
|
||||
"@typescript-eslint/parser": "^5.28.0",
|
||||
"@vercel/ncc": "^0.34.0",
|
||||
"esbuild-register": "^3.3.3",
|
||||
"eslint": "^8.17.0",
|
||||
"eslint-plugin-github": "^4.3.6",
|
||||
"eslint-plugin-jest": "^26.2.2",
|
||||
"eslint-plugin-jest": "^26.5.3",
|
||||
"jest": "^27.5.1",
|
||||
"js-yaml": "^4.1.0",
|
||||
"nodemon": "^2.0.16",
|
||||
"prettier": "2.6.2",
|
||||
"prettier": "2.7.0",
|
||||
"ts-jest": "^27.1.4",
|
||||
"typescript": "^4.6.4"
|
||||
"typescript": "^4.7.3"
|
||||
}
|
||||
},
|
||||
"node_modules/@actions/core": {
|
||||
@@ -1365,9 +1366,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@types/node": {
|
||||
"version": "17.0.35",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.35.tgz",
|
||||
"integrity": "sha512-vu1SrqBjbbZ3J6vwY17jBs8Sr/BKA+/a/WtjRG+whKg1iuLFOosq872EXS0eXWILdO36DHQQeku/ZcL6hz2fpg=="
|
||||
"version": "17.0.43",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.43.tgz",
|
||||
"integrity": "sha512-jnUpgw8fL9kP2iszfIDyBQtw5Mf4/XSqy0Loc1J9pI14ejL83XcCEvSf50Gs/4ET0I9VCCDoOfufQysj0S66xA=="
|
||||
},
|
||||
"node_modules/@types/prettier": {
|
||||
"version": "2.4.4",
|
||||
@@ -1405,14 +1406,14 @@
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/@typescript-eslint/eslint-plugin": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.25.0.tgz",
|
||||
"integrity": "sha512-icYrFnUzvm+LhW0QeJNKkezBu6tJs9p/53dpPLFH8zoM9w1tfaKzVurkPotEpAqQ8Vf8uaFyL5jHd0Vs6Z0ZQg==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.28.0.tgz",
|
||||
"integrity": "sha512-DXVU6Cg29H2M6EybqSg2A+x8DgO9TCUBRp4QEXQHJceLS7ogVDP0g3Lkg/SZCqcvkAP/RruuQqK0gdlkgmhSUA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": "5.25.0",
|
||||
"@typescript-eslint/type-utils": "5.25.0",
|
||||
"@typescript-eslint/utils": "5.25.0",
|
||||
"@typescript-eslint/scope-manager": "5.28.0",
|
||||
"@typescript-eslint/type-utils": "5.28.0",
|
||||
"@typescript-eslint/utils": "5.28.0",
|
||||
"debug": "^4.3.4",
|
||||
"functional-red-black-tree": "^1.0.1",
|
||||
"ignore": "^5.2.0",
|
||||
@@ -1437,53 +1438,6 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.25.0.tgz",
|
||||
"integrity": "sha512-p4SKTFWj+2VpreUZ5xMQsBMDdQ9XdRvODKXN4EksyBjFp2YvQdLkyHqOffakYZPuWJUDNu3jVXtHALDyTv3cww==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/visitor-keys": "5.25.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.25.0.tgz",
|
||||
"integrity": "sha512-7fWqfxr0KNHj75PFqlGX24gWjdV/FDBABXL5dyvBOWHpACGyveok8Uj4ipPX/1fGU63fBkzSIycEje4XsOxUFA==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.25.0.tgz",
|
||||
"integrity": "sha512-yd26vFgMsC4h2dgX4+LR+GeicSKIfUvZREFLf3DDjZPtqgLx5AJZr6TetMNwFP9hcKreTTeztQYBTNbNoOycwA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/eslint-plugin/node_modules/semver": {
|
||||
"version": "7.3.7",
|
||||
"resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz",
|
||||
@@ -1500,14 +1454,14 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/parser": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.26.0.tgz",
|
||||
"integrity": "sha512-n/IzU87ttzIdnAH5vQ4BBDnLPly7rC5VnjN3m0xBG82HK6rhRxnCb3w/GyWbNDghPd+NktJqB/wl6+YkzZ5T5Q==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.28.0.tgz",
|
||||
"integrity": "sha512-ekqoNRNK1lAcKhZESN/PdpVsWbP9jtiNqzFWkp/yAUdZvJalw2heCYuqRmM5eUJSIYEkgq5sGOjq+ZqsLMjtRA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": "5.26.0",
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/typescript-estree": "5.26.0",
|
||||
"@typescript-eslint/scope-manager": "5.28.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/typescript-estree": "5.28.0",
|
||||
"debug": "^4.3.4"
|
||||
},
|
||||
"engines": {
|
||||
@@ -1527,13 +1481,13 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/scope-manager": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.26.0.tgz",
|
||||
"integrity": "sha512-gVzTJUESuTwiju/7NiTb4c5oqod8xt5GhMbExKsCTp6adU3mya6AGJ4Pl9xC7x2DX9UYFsjImC0mA62BCY22Iw==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.28.0.tgz",
|
||||
"integrity": "sha512-LeBLTqF/he1Z+boRhSqnso6YrzcKMTQ8bO/YKEe+6+O/JGof9M0g3IJlIsqfrK/6K03MlFIlycbf1uQR1IjE+w==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/visitor-keys": "5.26.0"
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/visitor-keys": "5.28.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
@@ -1544,12 +1498,12 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/type-utils": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.25.0.tgz",
|
||||
"integrity": "sha512-B6nb3GK3Gv1Rsb2pqalebe/RyQoyG/WDy9yhj8EE0Ikds4Xa8RR28nHz+wlt4tMZk5bnAr0f3oC8TuDAd5CPrw==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.28.0.tgz",
|
||||
"integrity": "sha512-SyKjKh4CXPglueyC6ceAFytjYWMoPHMswPQae236zqe1YbhvCVQyIawesYywGiu98L9DwrxsBN69vGIVxJ4mQQ==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/utils": "5.25.0",
|
||||
"@typescript-eslint/utils": "5.28.0",
|
||||
"debug": "^4.3.4",
|
||||
"tsutils": "^3.21.0"
|
||||
},
|
||||
@@ -1570,9 +1524,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/types": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.26.0.tgz",
|
||||
"integrity": "sha512-8794JZFE1RN4XaExLWLI2oSXsVImNkl79PzTOOWt9h0UHROwJedNOD2IJyfL0NbddFllcktGIO2aOu10avQQyA==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.28.0.tgz",
|
||||
"integrity": "sha512-2OOm8ZTOQxqkPbf+DAo8oc16sDlVR5owgJfKheBkxBKg1vAfw2JsSofH9+16VPlN9PWtv8Wzhklkqw3k/zCVxA==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
@@ -1583,13 +1537,13 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/typescript-estree": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.26.0.tgz",
|
||||
"integrity": "sha512-EyGpw6eQDsfD6jIqmXP3rU5oHScZ51tL/cZgFbFBvWuCwrIptl+oueUZzSmLtxFuSOQ9vDcJIs+279gnJkfd1w==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.28.0.tgz",
|
||||
"integrity": "sha512-9GX+GfpV+F4hdTtYc6OV9ZkyYilGXPmQpm6AThInpBmKJEyRSIjORJd1G9+bknb7OTFYL+Vd4FBJAO6T78OVqA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/visitor-keys": "5.26.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/visitor-keys": "5.28.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
@@ -1625,15 +1579,15 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.25.0.tgz",
|
||||
"integrity": "sha512-qNC9bhnz/n9Kba3yI6HQgQdBLuxDoMgdjzdhSInZh6NaDnFpTUlwNGxplUFWfY260Ya0TRPvkg9dd57qxrJI9g==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.28.0.tgz",
|
||||
"integrity": "sha512-E60N5L0fjv7iPJV3UGc4EC+A3Lcj4jle9zzR0gW7vXhflO7/J29kwiTGITA2RlrmPokKiZbBy2DgaclCaEUs6g==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@types/json-schema": "^7.0.9",
|
||||
"@typescript-eslint/scope-manager": "5.25.0",
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/typescript-estree": "5.25.0",
|
||||
"@typescript-eslint/scope-manager": "5.28.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/typescript-estree": "5.28.0",
|
||||
"eslint-scope": "^5.1.1",
|
||||
"eslint-utils": "^3.0.0"
|
||||
},
|
||||
@@ -1648,102 +1602,13 @@
|
||||
"eslint": "^6.0.0 || ^7.0.0 || ^8.0.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/scope-manager": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.25.0.tgz",
|
||||
"integrity": "sha512-p4SKTFWj+2VpreUZ5xMQsBMDdQ9XdRvODKXN4EksyBjFp2YvQdLkyHqOffakYZPuWJUDNu3jVXtHALDyTv3cww==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/visitor-keys": "5.25.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/types": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.25.0.tgz",
|
||||
"integrity": "sha512-7fWqfxr0KNHj75PFqlGX24gWjdV/FDBABXL5dyvBOWHpACGyveok8Uj4ipPX/1fGU63fBkzSIycEje4XsOxUFA==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/typescript-estree": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.25.0.tgz",
|
||||
"integrity": "sha512-MrPODKDych/oWs/71LCnuO7NyR681HuBly2uLnX3r5i4ME7q/yBqC4hW33kmxtuauLTM0OuBOhhkFaxCCOjEEw==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/visitor-keys": "5.25.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
"semver": "^7.3.7",
|
||||
"tsutils": "^3.21.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
},
|
||||
"peerDependenciesMeta": {
|
||||
"typescript": {
|
||||
"optional": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/visitor-keys": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.25.0.tgz",
|
||||
"integrity": "sha512-yd26vFgMsC4h2dgX4+LR+GeicSKIfUvZREFLf3DDjZPtqgLx5AJZr6TetMNwFP9hcKreTTeztQYBTNbNoOycwA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/typescript-eslint"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/utils/node_modules/semver": {
|
||||
"version": "7.3.7",
|
||||
"resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz",
|
||||
"integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"lru-cache": "^6.0.0"
|
||||
},
|
||||
"bin": {
|
||||
"semver": "bin/semver.js"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=10"
|
||||
}
|
||||
},
|
||||
"node_modules/@typescript-eslint/visitor-keys": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.26.0.tgz",
|
||||
"integrity": "sha512-wei+ffqHanYDOQgg/fS6Hcar6wAWv0CUPQ3TZzOWd2BLfgP539rb49bwua8WRAs7R6kOSLn82rfEu2ro6Llt8Q==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.28.0.tgz",
|
||||
"integrity": "sha512-BtfP1vCor8cWacovzzPFOoeW4kBQxzmhxGoOpt0v1SFvG+nJ0cWaVdJk7cky1ArTcFHHKNIxyo2LLr3oNkSuXA==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
},
|
||||
"engines": {
|
||||
@@ -1755,9 +1620,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@vercel/ncc": {
|
||||
"version": "0.33.4",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.33.4.tgz",
|
||||
"integrity": "sha512-ln18hs7dMffelP47tpkaR+V5Tj6coykNyxJrlcmCormPqRQjB/Gv4cu2FfBG+PMzIfdZp2CLDsrrB1NPU22Qhg==",
|
||||
"version": "0.34.0",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.34.0.tgz",
|
||||
"integrity": "sha512-G9h5ZLBJ/V57Ou9vz5hI8pda/YQX5HQszCs3AmIus3XzsmRn/0Ptic5otD3xVST8QLKk7AMk7AqpsyQGN7MZ9A==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"ncc": "dist/ncc/cli.js"
|
||||
@@ -2885,9 +2750,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/esbuild-register": {
|
||||
"version": "3.3.2",
|
||||
"resolved": "https://registry.npmjs.org/esbuild-register/-/esbuild-register-3.3.2.tgz",
|
||||
"integrity": "sha512-jceAtTO6zxPmCfSD5cBb3rgIK1vmuqCKYwgylHiS1BF4pq0jJiJb4K2QMuqF4BEw7XDBRatYzip0upyTzfkgsQ==",
|
||||
"version": "3.3.3",
|
||||
"resolved": "https://registry.npmjs.org/esbuild-register/-/esbuild-register-3.3.3.tgz",
|
||||
"integrity": "sha512-eFHOkutgIMJY5gc8LUp/7c+LLlDqzNi9T6AwCZ2WKKl3HmT+5ef3ZRyPPxDOynInML0fgaC50yszPKfPnjC0NQ==",
|
||||
"dev": true,
|
||||
"peerDependencies": {
|
||||
"esbuild": ">=0.12 <1"
|
||||
@@ -2952,9 +2817,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/eslint": {
|
||||
"version": "8.16.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.16.0.tgz",
|
||||
"integrity": "sha512-MBndsoXY/PeVTDJeWsYj7kLZ5hQpJOfMYLsF6LicLHQWbRDG19lK5jOix4DPl8yY4SUFcE3txy86OzFLWT+yoA==",
|
||||
"version": "8.17.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.17.0.tgz",
|
||||
"integrity": "sha512-gq0m0BTJfci60Fz4nczYxNAlED+sMcihltndR8t9t1evnU/azx53x3t2UHXC/uRjcbvRw/XctpaNygSTcQD+Iw==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@eslint/eslintrc": "^1.3.0",
|
||||
@@ -3194,9 +3059,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/eslint-plugin-jest": {
|
||||
"version": "26.2.2",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-26.2.2.tgz",
|
||||
"integrity": "sha512-etSFZ8VIFX470aA6kTqDPhIq7YWe0tjBcboFNV3WeiC18PJ/AVonGhuTwlmuz2fBkH8FJHA7JQ4k7GsQIj1Gew==",
|
||||
"version": "26.5.3",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-26.5.3.tgz",
|
||||
"integrity": "sha512-sICclUqJQnR1bFRZGLN2jnSVsYOsmPYYnroGCIMVSvTS3y8XR3yjzy1EcTQmk6typ5pRgyIWzbjqxK6cZHEZuQ==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/utils": "^5.10.0"
|
||||
@@ -3860,9 +3725,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/got": {
|
||||
"version": "12.0.4",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.0.4.tgz",
|
||||
"integrity": "sha512-2Eyz4iU/ktq7wtMFXxzK7g5p35uNYLLdiZarZ5/Yn3IJlNEpBd5+dCgcAyxN8/8guZLszffwe3wVyw+DEVrpBg==",
|
||||
"version": "12.1.0",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.1.0.tgz",
|
||||
"integrity": "sha512-hBv2ty9QN2RdbJJMK3hesmSkFTjVIHyIDDbssCKnSmq62edGgImJWD10Eb1k77TiV1bxloxqcFAVK8+9pkhOig==",
|
||||
"dependencies": {
|
||||
"@sindresorhus/is": "^4.6.0",
|
||||
"@szmarczak/http-timer": "^5.0.1",
|
||||
@@ -6288,9 +6153,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/prettier": {
|
||||
"version": "2.6.2",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.6.2.tgz",
|
||||
"integrity": "sha512-PkUpF+qoXTqhOeWL9fu7As8LXsIUZ1WYaJiY/a7McAQzxjk82OF0tibkFXVCDImZtWxbvojFjerkiLb0/q8mew==",
|
||||
"version": "2.7.0",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.0.tgz",
|
||||
"integrity": "sha512-nwoX4GMFgxoPC6diHvSwmK/4yU8FFH3V8XWtLQrbj4IBsK2pkYhG4kf/ljF/haaZ/aii+wNJqISrCDPgxGWDVQ==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"prettier": "bin-prettier.js"
|
||||
@@ -7193,9 +7058,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/typescript": {
|
||||
"version": "4.6.4",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.6.4.tgz",
|
||||
"integrity": "sha512-9ia/jWHIEbo49HfjrLGfKbZSuWo9iTMwXO+Ca3pRsSpbsMbc7/IU8NKdCZVRRBafVPGnoJeFL76ZOAA84I9fEg==",
|
||||
"version": "4.7.3",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.7.3.tgz",
|
||||
"integrity": "sha512-WOkT3XYvrpXx4vMMqlD+8R8R37fZkjyLGlxavMc4iB8lrl8L0DeTcHbYgw/v0N/z9wAFsgBhcsF0ruoySS22mA==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"tsc": "bin/tsc",
|
||||
@@ -7571,6 +7436,14 @@
|
||||
"integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/yaml": {
|
||||
"version": "2.1.1",
|
||||
"resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.1.tgz",
|
||||
"integrity": "sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw==",
|
||||
"engines": {
|
||||
"node": ">= 14"
|
||||
}
|
||||
},
|
||||
"node_modules/yargs": {
|
||||
"version": "16.2.0",
|
||||
"resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz",
|
||||
@@ -7599,9 +7472,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/zod": {
|
||||
"version": "3.17.2",
|
||||
"resolved": "https://registry.npmjs.org/zod/-/zod-3.17.2.tgz",
|
||||
"integrity": "sha512-L8UPS2J/F3dIA8gsPTvGjd8wSRuwR1Td4AqR2Nw8r8BgcLIbZZ5/tCII7hbTLXTQDhxUnnsFdHwpETGajt5i3A==",
|
||||
"version": "3.17.3",
|
||||
"resolved": "https://registry.npmjs.org/zod/-/zod-3.17.3.tgz",
|
||||
"integrity": "sha512-4oKP5zvG6GGbMlqBkI5FESOAweldEhSOZ6LI6cG+JzUT7ofj1ZOC0PJudpQOpT1iqOFpYYtX5Pw0+o403y4bcg==",
|
||||
"funding": {
|
||||
"url": "https://github.com/sponsors/colinhacks"
|
||||
}
|
||||
@@ -8682,9 +8555,9 @@
|
||||
}
|
||||
},
|
||||
"@types/node": {
|
||||
"version": "17.0.35",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.35.tgz",
|
||||
"integrity": "sha512-vu1SrqBjbbZ3J6vwY17jBs8Sr/BKA+/a/WtjRG+whKg1iuLFOosq872EXS0eXWILdO36DHQQeku/ZcL6hz2fpg=="
|
||||
"version": "17.0.43",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.43.tgz",
|
||||
"integrity": "sha512-jnUpgw8fL9kP2iszfIDyBQtw5Mf4/XSqy0Loc1J9pI14ejL83XcCEvSf50Gs/4ET0I9VCCDoOfufQysj0S66xA=="
|
||||
},
|
||||
"@types/prettier": {
|
||||
"version": "2.4.4",
|
||||
@@ -8722,14 +8595,14 @@
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/eslint-plugin": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.25.0.tgz",
|
||||
"integrity": "sha512-icYrFnUzvm+LhW0QeJNKkezBu6tJs9p/53dpPLFH8zoM9w1tfaKzVurkPotEpAqQ8Vf8uaFyL5jHd0Vs6Z0ZQg==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.28.0.tgz",
|
||||
"integrity": "sha512-DXVU6Cg29H2M6EybqSg2A+x8DgO9TCUBRp4QEXQHJceLS7ogVDP0g3Lkg/SZCqcvkAP/RruuQqK0gdlkgmhSUA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/scope-manager": "5.25.0",
|
||||
"@typescript-eslint/type-utils": "5.25.0",
|
||||
"@typescript-eslint/utils": "5.25.0",
|
||||
"@typescript-eslint/scope-manager": "5.28.0",
|
||||
"@typescript-eslint/type-utils": "5.28.0",
|
||||
"@typescript-eslint/utils": "5.28.0",
|
||||
"debug": "^4.3.4",
|
||||
"functional-red-black-tree": "^1.0.1",
|
||||
"ignore": "^5.2.0",
|
||||
@@ -8738,32 +8611,6 @@
|
||||
"tsutils": "^3.21.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.25.0.tgz",
|
||||
"integrity": "sha512-p4SKTFWj+2VpreUZ5xMQsBMDdQ9XdRvODKXN4EksyBjFp2YvQdLkyHqOffakYZPuWJUDNu3jVXtHALDyTv3cww==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/visitor-keys": "5.25.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/types": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.25.0.tgz",
|
||||
"integrity": "sha512-7fWqfxr0KNHj75PFqlGX24gWjdV/FDBABXL5dyvBOWHpACGyveok8Uj4ipPX/1fGU63fBkzSIycEje4XsOxUFA==",
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/visitor-keys": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.25.0.tgz",
|
||||
"integrity": "sha512-yd26vFgMsC4h2dgX4+LR+GeicSKIfUvZREFLf3DDjZPtqgLx5AJZr6TetMNwFP9hcKreTTeztQYBTNbNoOycwA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
}
|
||||
},
|
||||
"semver": {
|
||||
"version": "7.3.7",
|
||||
"resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz",
|
||||
@@ -8776,52 +8623,52 @@
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/parser": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.26.0.tgz",
|
||||
"integrity": "sha512-n/IzU87ttzIdnAH5vQ4BBDnLPly7rC5VnjN3m0xBG82HK6rhRxnCb3w/GyWbNDghPd+NktJqB/wl6+YkzZ5T5Q==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.28.0.tgz",
|
||||
"integrity": "sha512-ekqoNRNK1lAcKhZESN/PdpVsWbP9jtiNqzFWkp/yAUdZvJalw2heCYuqRmM5eUJSIYEkgq5sGOjq+ZqsLMjtRA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/scope-manager": "5.26.0",
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/typescript-estree": "5.26.0",
|
||||
"@typescript-eslint/scope-manager": "5.28.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/typescript-estree": "5.28.0",
|
||||
"debug": "^4.3.4"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/scope-manager": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.26.0.tgz",
|
||||
"integrity": "sha512-gVzTJUESuTwiju/7NiTb4c5oqod8xt5GhMbExKsCTp6adU3mya6AGJ4Pl9xC7x2DX9UYFsjImC0mA62BCY22Iw==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.28.0.tgz",
|
||||
"integrity": "sha512-LeBLTqF/he1Z+boRhSqnso6YrzcKMTQ8bO/YKEe+6+O/JGof9M0g3IJlIsqfrK/6K03MlFIlycbf1uQR1IjE+w==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/visitor-keys": "5.26.0"
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/visitor-keys": "5.28.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/type-utils": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.25.0.tgz",
|
||||
"integrity": "sha512-B6nb3GK3Gv1Rsb2pqalebe/RyQoyG/WDy9yhj8EE0Ikds4Xa8RR28nHz+wlt4tMZk5bnAr0f3oC8TuDAd5CPrw==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.28.0.tgz",
|
||||
"integrity": "sha512-SyKjKh4CXPglueyC6ceAFytjYWMoPHMswPQae236zqe1YbhvCVQyIawesYywGiu98L9DwrxsBN69vGIVxJ4mQQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/utils": "5.25.0",
|
||||
"@typescript-eslint/utils": "5.28.0",
|
||||
"debug": "^4.3.4",
|
||||
"tsutils": "^3.21.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/types": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.26.0.tgz",
|
||||
"integrity": "sha512-8794JZFE1RN4XaExLWLI2oSXsVImNkl79PzTOOWt9h0UHROwJedNOD2IJyfL0NbddFllcktGIO2aOu10avQQyA==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.28.0.tgz",
|
||||
"integrity": "sha512-2OOm8ZTOQxqkPbf+DAo8oc16sDlVR5owgJfKheBkxBKg1vAfw2JsSofH9+16VPlN9PWtv8Wzhklkqw3k/zCVxA==",
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/typescript-estree": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.26.0.tgz",
|
||||
"integrity": "sha512-EyGpw6eQDsfD6jIqmXP3rU5oHScZ51tL/cZgFbFBvWuCwrIptl+oueUZzSmLtxFuSOQ9vDcJIs+279gnJkfd1w==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.28.0.tgz",
|
||||
"integrity": "sha512-9GX+GfpV+F4hdTtYc6OV9ZkyYilGXPmQpm6AThInpBmKJEyRSIjORJd1G9+bknb7OTFYL+Vd4FBJAO6T78OVqA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/visitor-keys": "5.26.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/visitor-keys": "5.28.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
@@ -8841,85 +8688,33 @@
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/utils": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.25.0.tgz",
|
||||
"integrity": "sha512-qNC9bhnz/n9Kba3yI6HQgQdBLuxDoMgdjzdhSInZh6NaDnFpTUlwNGxplUFWfY260Ya0TRPvkg9dd57qxrJI9g==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.28.0.tgz",
|
||||
"integrity": "sha512-E60N5L0fjv7iPJV3UGc4EC+A3Lcj4jle9zzR0gW7vXhflO7/J29kwiTGITA2RlrmPokKiZbBy2DgaclCaEUs6g==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@types/json-schema": "^7.0.9",
|
||||
"@typescript-eslint/scope-manager": "5.25.0",
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/typescript-estree": "5.25.0",
|
||||
"@typescript-eslint/scope-manager": "5.28.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"@typescript-eslint/typescript-estree": "5.28.0",
|
||||
"eslint-scope": "^5.1.1",
|
||||
"eslint-utils": "^3.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.25.0.tgz",
|
||||
"integrity": "sha512-p4SKTFWj+2VpreUZ5xMQsBMDdQ9XdRvODKXN4EksyBjFp2YvQdLkyHqOffakYZPuWJUDNu3jVXtHALDyTv3cww==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/visitor-keys": "5.25.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/types": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.25.0.tgz",
|
||||
"integrity": "sha512-7fWqfxr0KNHj75PFqlGX24gWjdV/FDBABXL5dyvBOWHpACGyveok8Uj4ipPX/1fGU63fBkzSIycEje4XsOxUFA==",
|
||||
"dev": true
|
||||
},
|
||||
"@typescript-eslint/typescript-estree": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.25.0.tgz",
|
||||
"integrity": "sha512-MrPODKDych/oWs/71LCnuO7NyR681HuBly2uLnX3r5i4ME7q/yBqC4hW33kmxtuauLTM0OuBOhhkFaxCCOjEEw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"@typescript-eslint/visitor-keys": "5.25.0",
|
||||
"debug": "^4.3.4",
|
||||
"globby": "^11.1.0",
|
||||
"is-glob": "^4.0.3",
|
||||
"semver": "^7.3.7",
|
||||
"tsutils": "^3.21.0"
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/visitor-keys": {
|
||||
"version": "5.25.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.25.0.tgz",
|
||||
"integrity": "sha512-yd26vFgMsC4h2dgX4+LR+GeicSKIfUvZREFLf3DDjZPtqgLx5AJZr6TetMNwFP9hcKreTTeztQYBTNbNoOycwA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.25.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
}
|
||||
},
|
||||
"semver": {
|
||||
"version": "7.3.7",
|
||||
"resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz",
|
||||
"integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"lru-cache": "^6.0.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"@typescript-eslint/visitor-keys": {
|
||||
"version": "5.26.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.26.0.tgz",
|
||||
"integrity": "sha512-wei+ffqHanYDOQgg/fS6Hcar6wAWv0CUPQ3TZzOWd2BLfgP539rb49bwua8WRAs7R6kOSLn82rfEu2ro6Llt8Q==",
|
||||
"version": "5.28.0",
|
||||
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.28.0.tgz",
|
||||
"integrity": "sha512-BtfP1vCor8cWacovzzPFOoeW4kBQxzmhxGoOpt0v1SFvG+nJ0cWaVdJk7cky1ArTcFHHKNIxyo2LLr3oNkSuXA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/types": "5.26.0",
|
||||
"@typescript-eslint/types": "5.28.0",
|
||||
"eslint-visitor-keys": "^3.3.0"
|
||||
}
|
||||
},
|
||||
"@vercel/ncc": {
|
||||
"version": "0.33.4",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.33.4.tgz",
|
||||
"integrity": "sha512-ln18hs7dMffelP47tpkaR+V5Tj6coykNyxJrlcmCormPqRQjB/Gv4cu2FfBG+PMzIfdZp2CLDsrrB1NPU22Qhg==",
|
||||
"version": "0.34.0",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.34.0.tgz",
|
||||
"integrity": "sha512-G9h5ZLBJ/V57Ou9vz5hI8pda/YQX5HQszCs3AmIus3XzsmRn/0Ptic5otD3xVST8QLKk7AMk7AqpsyQGN7MZ9A==",
|
||||
"dev": true
|
||||
},
|
||||
"abab": {
|
||||
@@ -9770,9 +9565,9 @@
|
||||
"peer": true
|
||||
},
|
||||
"esbuild-register": {
|
||||
"version": "3.3.2",
|
||||
"resolved": "https://registry.npmjs.org/esbuild-register/-/esbuild-register-3.3.2.tgz",
|
||||
"integrity": "sha512-jceAtTO6zxPmCfSD5cBb3rgIK1vmuqCKYwgylHiS1BF4pq0jJiJb4K2QMuqF4BEw7XDBRatYzip0upyTzfkgsQ==",
|
||||
"version": "3.3.3",
|
||||
"resolved": "https://registry.npmjs.org/esbuild-register/-/esbuild-register-3.3.3.tgz",
|
||||
"integrity": "sha512-eFHOkutgIMJY5gc8LUp/7c+LLlDqzNi9T6AwCZ2WKKl3HmT+5ef3ZRyPPxDOynInML0fgaC50yszPKfPnjC0NQ==",
|
||||
"dev": true,
|
||||
"requires": {}
|
||||
},
|
||||
@@ -9816,9 +9611,9 @@
|
||||
}
|
||||
},
|
||||
"eslint": {
|
||||
"version": "8.16.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.16.0.tgz",
|
||||
"integrity": "sha512-MBndsoXY/PeVTDJeWsYj7kLZ5hQpJOfMYLsF6LicLHQWbRDG19lK5jOix4DPl8yY4SUFcE3txy86OzFLWT+yoA==",
|
||||
"version": "8.17.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.17.0.tgz",
|
||||
"integrity": "sha512-gq0m0BTJfci60Fz4nczYxNAlED+sMcihltndR8t9t1evnU/azx53x3t2UHXC/uRjcbvRw/XctpaNygSTcQD+Iw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@eslint/eslintrc": "^1.3.0",
|
||||
@@ -10096,9 +9891,9 @@
|
||||
}
|
||||
},
|
||||
"eslint-plugin-jest": {
|
||||
"version": "26.2.2",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-26.2.2.tgz",
|
||||
"integrity": "sha512-etSFZ8VIFX470aA6kTqDPhIq7YWe0tjBcboFNV3WeiC18PJ/AVonGhuTwlmuz2fBkH8FJHA7JQ4k7GsQIj1Gew==",
|
||||
"version": "26.5.3",
|
||||
"resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-26.5.3.tgz",
|
||||
"integrity": "sha512-sICclUqJQnR1bFRZGLN2jnSVsYOsmPYYnroGCIMVSvTS3y8XR3yjzy1EcTQmk6typ5pRgyIWzbjqxK6cZHEZuQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@typescript-eslint/utils": "^5.10.0"
|
||||
@@ -10492,9 +10287,9 @@
|
||||
}
|
||||
},
|
||||
"got": {
|
||||
"version": "12.0.4",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.0.4.tgz",
|
||||
"integrity": "sha512-2Eyz4iU/ktq7wtMFXxzK7g5p35uNYLLdiZarZ5/Yn3IJlNEpBd5+dCgcAyxN8/8guZLszffwe3wVyw+DEVrpBg==",
|
||||
"version": "12.1.0",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-12.1.0.tgz",
|
||||
"integrity": "sha512-hBv2ty9QN2RdbJJMK3hesmSkFTjVIHyIDDbssCKnSmq62edGgImJWD10Eb1k77TiV1bxloxqcFAVK8+9pkhOig==",
|
||||
"requires": {
|
||||
"@sindresorhus/is": "^4.6.0",
|
||||
"@szmarczak/http-timer": "^5.0.1",
|
||||
@@ -12317,9 +12112,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"prettier": {
|
||||
"version": "2.6.2",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.6.2.tgz",
|
||||
"integrity": "sha512-PkUpF+qoXTqhOeWL9fu7As8LXsIUZ1WYaJiY/a7McAQzxjk82OF0tibkFXVCDImZtWxbvojFjerkiLb0/q8mew==",
|
||||
"version": "2.7.0",
|
||||
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.0.tgz",
|
||||
"integrity": "sha512-nwoX4GMFgxoPC6diHvSwmK/4yU8FFH3V8XWtLQrbj4IBsK2pkYhG4kf/ljF/haaZ/aii+wNJqISrCDPgxGWDVQ==",
|
||||
"dev": true
|
||||
},
|
||||
"prettier-linter-helpers": {
|
||||
@@ -12969,9 +12764,9 @@
|
||||
}
|
||||
},
|
||||
"typescript": {
|
||||
"version": "4.6.4",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.6.4.tgz",
|
||||
"integrity": "sha512-9ia/jWHIEbo49HfjrLGfKbZSuWo9iTMwXO+Ca3pRsSpbsMbc7/IU8NKdCZVRRBafVPGnoJeFL76ZOAA84I9fEg==",
|
||||
"version": "4.7.3",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.7.3.tgz",
|
||||
"integrity": "sha512-WOkT3XYvrpXx4vMMqlD+8R8R37fZkjyLGlxavMc4iB8lrl8L0DeTcHbYgw/v0N/z9wAFsgBhcsF0ruoySS22mA==",
|
||||
"dev": true
|
||||
},
|
||||
"unbox-primitive": {
|
||||
@@ -13260,6 +13055,11 @@
|
||||
"integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
|
||||
"dev": true
|
||||
},
|
||||
"yaml": {
|
||||
"version": "2.1.1",
|
||||
"resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.1.tgz",
|
||||
"integrity": "sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw=="
|
||||
},
|
||||
"yargs": {
|
||||
"version": "16.2.0",
|
||||
"resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz",
|
||||
@@ -13282,9 +13082,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"zod": {
|
||||
"version": "3.17.2",
|
||||
"resolved": "https://registry.npmjs.org/zod/-/zod-3.17.2.tgz",
|
||||
"integrity": "sha512-L8UPS2J/F3dIA8gsPTvGjd8wSRuwR1Td4AqR2Nw8r8BgcLIbZZ5/tCII7hbTLXTQDhxUnnsFdHwpETGajt5i3A=="
|
||||
"version": "3.17.3",
|
||||
"resolved": "https://registry.npmjs.org/zod/-/zod-3.17.3.tgz",
|
||||
"integrity": "sha512-4oKP5zvG6GGbMlqBkI5FESOAweldEhSOZ6LI6cG+JzUT7ofj1ZOC0PJudpQOpT1iqOFpYYtX5Pw0+o403y4bcg=="
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
+13
-12
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "0.0.1",
|
||||
"version": "2.0.1",
|
||||
"private": true,
|
||||
"description": "A GitHub Action for Dependency Review",
|
||||
"main": "lib/main.js",
|
||||
@@ -30,24 +30,25 @@
|
||||
"@octokit/plugin-retry": "^3.0.9",
|
||||
"@octokit/request-error": "^2.1.0",
|
||||
"ansi-styles": "^6.1.0",
|
||||
"got": "^12.0.4",
|
||||
"got": "^12.1.0",
|
||||
"nodemon": "^2.0.16",
|
||||
"zod": "^3.17.2"
|
||||
"yaml": "^2.1.1",
|
||||
"zod": "^3.17.3"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/node": "^17.0.35",
|
||||
"@typescript-eslint/eslint-plugin": "^5.25.0",
|
||||
"@typescript-eslint/parser": "^5.26.0",
|
||||
"@vercel/ncc": "^0.33.4",
|
||||
"esbuild-register": "^3.3.2",
|
||||
"eslint": "^8.16.0",
|
||||
"@types/node": "^17.0.43",
|
||||
"@typescript-eslint/eslint-plugin": "^5.28.0",
|
||||
"@typescript-eslint/parser": "^5.28.0",
|
||||
"@vercel/ncc": "^0.34.0",
|
||||
"esbuild-register": "^3.3.3",
|
||||
"eslint": "^8.17.0",
|
||||
"eslint-plugin-github": "^4.3.6",
|
||||
"eslint-plugin-jest": "^26.2.2",
|
||||
"eslint-plugin-jest": "^26.5.3",
|
||||
"jest": "^27.5.1",
|
||||
"js-yaml": "^4.1.0",
|
||||
"nodemon": "^2.0.16",
|
||||
"prettier": "2.6.2",
|
||||
"prettier": "2.7.0",
|
||||
"ts-jest": "^27.1.4",
|
||||
"typescript": "^4.6.4"
|
||||
"typescript": "^4.7.3"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
import * as core from '@actions/core'
|
||||
import * as z from 'zod'
|
||||
import {ConfigurationOptions, SEVERITIES} from './schemas'
|
||||
|
||||
function getOptionalInput(name: string): string | undefined {
|
||||
const value = core.getInput(name)
|
||||
return value.length > 0 ? value : undefined
|
||||
}
|
||||
|
||||
export function readConfig(): ConfigurationOptions {
|
||||
const fail_on_severity = z
|
||||
.enum(SEVERITIES)
|
||||
.default('low')
|
||||
.parse(getOptionalInput('fail-on-severity'))
|
||||
const allow_licenses = getOptionalInput('allow-licenses')
|
||||
const deny_licenses = getOptionalInput('deny-licenses')
|
||||
|
||||
if (allow_licenses !== undefined && deny_licenses !== undefined) {
|
||||
throw new Error("Can't specify both allow_licenses and deny_licenses")
|
||||
}
|
||||
|
||||
return {
|
||||
fail_on_severity,
|
||||
allow_licenses: allow_licenses?.split(',').map(x => x.trim()),
|
||||
deny_licenses: deny_licenses?.split(',').map(x => x.trim())
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,36 @@
|
||||
import {Changes} from './schemas'
|
||||
import {Severity, SEVERITIES} from './schemas'
|
||||
|
||||
export function filterChangesBySeverity(
|
||||
severity: Severity,
|
||||
changes: Changes
|
||||
): Changes {
|
||||
const severityIdx = SEVERITIES.indexOf(severity)
|
||||
let filteredChanges = []
|
||||
for (let change of changes) {
|
||||
if (
|
||||
change === undefined ||
|
||||
change.vulnerabilities === undefined ||
|
||||
change.vulnerabilities.length === 0
|
||||
) {
|
||||
continue
|
||||
}
|
||||
|
||||
let fChange = {
|
||||
...change,
|
||||
vulnerabilities: change.vulnerabilities.filter(vuln => {
|
||||
const vulnIdx = SEVERITIES.indexOf(vuln.severity)
|
||||
if (vulnIdx <= severityIdx) {
|
||||
return true
|
||||
}
|
||||
})
|
||||
}
|
||||
filteredChanges.push(fChange)
|
||||
}
|
||||
|
||||
// don't want to deal with changes with no vulnerabilities
|
||||
filteredChanges = filteredChanges.filter(
|
||||
change => change.vulnerabilities.length > 0
|
||||
)
|
||||
return filteredChanges
|
||||
}
|
||||
@@ -0,0 +1,45 @@
|
||||
import {Change, ChangeSchema} from './schemas'
|
||||
|
||||
/**
|
||||
* Loops through a list of changes, filtering and returning the
|
||||
* ones that don't conform to the licenses allow/deny lists.
|
||||
*
|
||||
* Keep in mind that we don't let users specify both an allow and a deny
|
||||
* list in their config files, so this code works under the assumption that
|
||||
* one of the two list parameters will be empty. If both lists are provided,
|
||||
* we will ignore the deny list.
|
||||
* @param {Change[]} changes The list of changes to filter.
|
||||
* @param { { allow?: string[], deny?: string[]}} licenses An object with `allow`/`deny` keys, each containing a list of licenses.
|
||||
* @returns {[Array<Change>, Array<Change]} A tuple where the first element is the list of denied changes and the second one is the list of changes with unknown licenses
|
||||
*/
|
||||
export function getDeniedLicenseChanges(
|
||||
changes: Array<Change>,
|
||||
licenses: {
|
||||
allow?: Array<string>
|
||||
deny?: Array<string>
|
||||
}
|
||||
): [Array<Change>, Array<Change>] {
|
||||
let {allow, deny} = licenses
|
||||
|
||||
let disallowed: Change[] = []
|
||||
let unknown: Change[] = []
|
||||
|
||||
for (const change of changes) {
|
||||
let license = change.license
|
||||
if (license === null) {
|
||||
unknown.push(change)
|
||||
continue
|
||||
}
|
||||
if (allow !== undefined) {
|
||||
if (!allow.includes(license)) {
|
||||
disallowed.push(change)
|
||||
}
|
||||
} else if (deny !== undefined) {
|
||||
if (deny.includes(license)) {
|
||||
disallowed.push(change)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return [disallowed, unknown]
|
||||
}
|
||||
+81
-14
@@ -3,7 +3,10 @@ import * as dependencyGraph from './dependency-graph'
|
||||
import * as github from '@actions/github'
|
||||
import styles from 'ansi-styles'
|
||||
import {RequestError} from '@octokit/request-error'
|
||||
import {PullRequestSchema} from './schemas'
|
||||
import {Change, PullRequestSchema, Severity} from './schemas'
|
||||
import {readConfig} from '../src/config'
|
||||
import {filterChangesBySeverity} from '../src/filter'
|
||||
import {getDeniedLicenseChanges} from './licenses'
|
||||
|
||||
async function run(): Promise<void> {
|
||||
try {
|
||||
@@ -24,32 +27,49 @@ async function run(): Promise<void> {
|
||||
headRef: pull_request.head.sha
|
||||
})
|
||||
|
||||
let config = readConfig()
|
||||
let minSeverity = config.fail_on_severity
|
||||
let failed = false
|
||||
|
||||
for (const change of changes) {
|
||||
let licenses = {
|
||||
allow: config.allow_licenses,
|
||||
deny: config.deny_licenses
|
||||
}
|
||||
|
||||
let filteredChanges = filterChangesBySeverity(
|
||||
minSeverity as Severity,
|
||||
changes
|
||||
)
|
||||
|
||||
for (const change of filteredChanges) {
|
||||
if (
|
||||
change.change_type === 'added' &&
|
||||
change.vulnerabilities !== undefined &&
|
||||
change.vulnerabilities.length > 0
|
||||
) {
|
||||
for (const vuln of change.vulnerabilities) {
|
||||
core.info(
|
||||
`${styles.bold.open}${change.manifest} » ${change.name}@${
|
||||
change.version
|
||||
}${styles.bold.close} – ${vuln.advisory_summary} ${renderSeverity(
|
||||
vuln.severity
|
||||
)}`
|
||||
)
|
||||
core.info(` ↪ ${vuln.advisory_url}`)
|
||||
}
|
||||
printChangeVulnerabilities(change)
|
||||
failed = true
|
||||
}
|
||||
}
|
||||
|
||||
let [licenseErrors, unknownLicenses] = getDeniedLicenseChanges(
|
||||
changes,
|
||||
licenses
|
||||
)
|
||||
|
||||
if (licenseErrors.length > 0) {
|
||||
printLicensesError(licenseErrors, licenses)
|
||||
core.setFailed('Dependency review detected incompatible licenses.')
|
||||
}
|
||||
|
||||
printNullLicenses(unknownLicenses)
|
||||
|
||||
if (failed) {
|
||||
throw new Error('Dependency review detected vulnerable packages.')
|
||||
core.setFailed('Dependency review detected vulnerable packages.')
|
||||
} else {
|
||||
core.info('Dependency review did not detect any vulnerable packages.')
|
||||
core.info(
|
||||
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
|
||||
)
|
||||
}
|
||||
} catch (error) {
|
||||
if (error instanceof RequestError && error.status === 404) {
|
||||
@@ -70,6 +90,19 @@ async function run(): Promise<void> {
|
||||
}
|
||||
}
|
||||
|
||||
function printChangeVulnerabilities(change: Change) {
|
||||
for (const vuln of change.vulnerabilities) {
|
||||
core.info(
|
||||
`${styles.bold.open}${change.manifest} » ${change.name}@${
|
||||
change.version
|
||||
}${styles.bold.close} – ${vuln.advisory_summary} ${renderSeverity(
|
||||
vuln.severity
|
||||
)}`
|
||||
)
|
||||
core.info(` ↪ ${vuln.advisory_url}`)
|
||||
}
|
||||
}
|
||||
|
||||
function renderSeverity(
|
||||
severity: 'critical' | 'high' | 'moderate' | 'low'
|
||||
): string {
|
||||
@@ -84,4 +117,38 @@ function renderSeverity(
|
||||
return `${styles.color[color].open}(${severity} severity)${styles.color[color].close}`
|
||||
}
|
||||
|
||||
function printLicensesError(
|
||||
changes: Array<Change>,
|
||||
licenses: {
|
||||
allow?: Array<string>
|
||||
deny?: Array<string>
|
||||
}
|
||||
): void {
|
||||
if (changes.length == 0) {
|
||||
return
|
||||
}
|
||||
|
||||
let {allow = [], deny = []} = licenses
|
||||
|
||||
core.info('\nThe following dependencies have incompatible licenses:\n')
|
||||
for (const change of changes) {
|
||||
core.info(
|
||||
`${styles.bold.open}${change.manifest} » ${change.name}@${change.version}${styles.bold.close} – License: ${styles.color.red.open}${change.license}${styles.color.red.close}`
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
function printNullLicenses(changes: Array<Change>): void {
|
||||
if (changes.length === 0) {
|
||||
return
|
||||
}
|
||||
|
||||
core.info('\nWe could not detect a license for the following dependencies:\n')
|
||||
for (const change of changes) {
|
||||
core.info(
|
||||
`${styles.bold.open}${change.manifest} » ${change.name}@${change.version}${styles.bold.close}`
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
run()
|
||||
|
||||
+19
-1
@@ -1,6 +1,8 @@
|
||||
import * as z from 'zod'
|
||||
|
||||
const ChangeSchema = z.object({
|
||||
export const SEVERITIES = ['critical', 'high', 'moderate', 'low'] as const
|
||||
|
||||
export const ChangeSchema = z.object({
|
||||
change_type: z.enum(['added', 'removed']),
|
||||
manifest: z.string(),
|
||||
ecosystem: z.string(),
|
||||
@@ -19,6 +21,7 @@ const ChangeSchema = z.object({
|
||||
})
|
||||
)
|
||||
.optional()
|
||||
.default([])
|
||||
})
|
||||
|
||||
export const PullRequestSchema = z.object({
|
||||
@@ -27,6 +30,21 @@ export const PullRequestSchema = z.object({
|
||||
head: z.object({sha: z.string()})
|
||||
})
|
||||
|
||||
export const ConfigurationOptionsSchema = z
|
||||
.object({
|
||||
fail_on_severity: z.enum(SEVERITIES).default('low'),
|
||||
allow_licenses: z.array(z.string()).default([]),
|
||||
deny_licenses: z.array(z.string()).default([])
|
||||
})
|
||||
.partial()
|
||||
.refine(
|
||||
obj => !(obj.allow_licenses && obj.deny_licenses),
|
||||
"Your workflow file has both an allow_licenses list and deny_licenses list, but you can only set one or the other."
|
||||
)
|
||||
|
||||
export const ChangesSchema = z.array(ChangeSchema)
|
||||
|
||||
export type Change = z.infer<typeof ChangeSchema>
|
||||
export type Changes = z.infer<typeof ChangesSchema>
|
||||
export type ConfigurationOptions = z.infer<typeof ConfigurationOptionsSchema>
|
||||
export type Severity = typeof SEVERITIES[number]
|
||||
|
||||
Reference in New Issue
Block a user