Compare commits

...

48 Commits

Author SHA1 Message Date
Federico Builes 1ade604b58 adding spdx-satisfies 2022-10-04 15:46:53 +02:00
Federico Builes cc2a6ab32f Merge pull request #268 from actions/dependabot/npm_and_yarn/yaml-2.1.2
Bump yaml from 2.1.1 to 2.1.2
2022-10-03 11:32:30 +02:00
Federico Builes 5de8be4c40 Merge branch 'main' into dependabot/npm_and_yarn/yaml-2.1.2
# Conflicts:
#	dist/index.js.map
2022-10-03 11:31:02 +02:00
Federico Builes 1b8bd021a3 adding dist 2022-10-03 11:29:46 +02:00
Federico Builes 65d8cd176f Merge pull request #267 from actions/dependabot/npm_and_yarn/types/node-16.11.63
Bump @types/node from 16.11.62 to 16.11.63
2022-10-03 11:29:23 +02:00
Federico Builes 6d500ff869 Merge pull request #266 from actions/dependabot/npm_and_yarn/actions/github-5.1.1
Bump @actions/github from 5.1.0 to 5.1.1
2022-10-03 11:29:14 +02:00
Federico Builes 0259ed8420 add dist 2022-10-03 11:28:16 +02:00
dependabot[bot] ec636f3d19 Bump yaml from 2.1.1 to 2.1.2
Bumps [yaml](https://github.com/eemeli/yaml) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.1...v2.1.2)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 02:06:25 +00:00
dependabot[bot] 367e85631b Bump @types/node from 16.11.62 to 16.11.63
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.11.62 to 16.11.63.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 02:05:36 +00:00
dependabot[bot] abf7b5a775 Bump @actions/github from 5.1.0 to 5.1.1
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 02:05:00 +00:00
Federico Builes ba85772f4b Merge pull request #265 from actions/dependabot/npm_and_yarn/actions/core-1.10.0
Bump @actions/core from 1.9.1 to 1.10.0
2022-09-30 09:09:00 +02:00
Federico Builes 8d812df813 adding dist 2022-09-30 09:07:38 +02:00
dependabot[bot] 63e12b21ed Bump @actions/core from 1.9.1 to 1.10.0
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.9.1 to 1.10.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 01:45:02 +00:00
Federico Builes 0385b5b162 Merge pull request #248 from actions/add-scanned-deps
Add scanned deps
2022-09-28 10:53:37 +02:00
Federico Builes 8e053e0f5e Merge pull request #262 from actions/dependabot/npm_and_yarn/typescript-4.8.4
Bump typescript from 4.8.3 to 4.8.4
2022-09-28 08:04:35 +02:00
Federico Builes e0ff0cf732 Merge pull request #261 from actions/dependabot/npm_and_yarn/got-12.5.1
Bump got from 12.5.0 to 12.5.1
2022-09-28 08:04:26 +02:00
dependabot[bot] ea65cbfc18 Bump typescript from 4.8.3 to 4.8.4
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.8.3 to 4.8.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.8.3...v4.8.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-28 01:29:19 +00:00
dependabot[bot] 5bf43a89cd Bump got from 12.5.0 to 12.5.1
Bumps [got](https://github.com/sindresorhus/got) from 12.5.0 to 12.5.1.
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](https://github.com/sindresorhus/got/compare/v12.5.0...v12.5.1)

---
updated-dependencies:
- dependency-name: got
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-28 01:29:03 +00:00
Federico Builes 468485fc8e Clean up the main script a bit. 2022-09-27 12:25:12 +02:00
Federico Builes 46c9f79a1f Create utils.ts file for helper functions. 2022-09-27 12:23:05 +02:00
Federico Builes cd3f55e8f9 Add all the dependencies to the review summary too. 2022-09-27 11:52:15 +02:00
Federico Builes f832351766 Merge pull request #258 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.38.1
Bump @typescript-eslint/eslint-plugin from 5.38.0 to 5.38.1
2022-09-27 08:10:02 +02:00
dependabot[bot] f96ed229f4 Bump @typescript-eslint/eslint-plugin from 5.38.0 to 5.38.1
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.38.0 to 5.38.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.38.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-27 06:08:27 +00:00
Federico Builes 629703a27b Merge pull request #260 from actions/dependabot/npm_and_yarn/types/node-16.11.62
Bump @types/node from 16.11.60 to 16.11.62
2022-09-27 08:08:06 +02:00
Federico Builes d05bfb69a5 Merge pull request #259 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.38.1
Bump @typescript-eslint/parser from 5.38.0 to 5.38.1
2022-09-27 08:07:40 +02:00
dependabot[bot] 02bcebdd6e Bump @types/node from 16.11.60 to 16.11.62
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.11.60 to 16.11.62.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-27 01:30:25 +00:00
dependabot[bot] fbeabf7e29 Bump @typescript-eslint/parser from 5.38.0 to 5.38.1
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.38.0 to 5.38.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.38.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-27 01:30:16 +00:00
Federico Builes 0515f5cb39 Adding a skeleton for scanned dependencies in the summary. 2022-09-26 19:14:04 +02:00
Federico Builes 2d1d679f58 Move manifest grouping outside main.ts 2022-09-26 19:13:25 +02:00
Federico Builes a3563a05bc Use a set instead of raw JS objects. 2022-09-26 12:41:16 +02:00
Federico Builes 8a20ddbf25 try adding 3 sections 2022-09-26 12:21:24 +02:00
Federico Builes 2a646668d9 adding dist 2022-09-26 12:03:34 +02:00
Federico Builes 60be833ffd Update manifest formatting in output. 2022-09-26 12:01:39 +02:00
Federico Builes edc501a219 adding dist 2022-09-26 11:41:40 +02:00
Federico Builes 000837f2ac Don't nest groups. 2022-09-26 11:41:02 +02:00
Federico Builes 89f99d150a adding colors to the dep output 2022-09-26 11:35:05 +02:00
Federico Builes 0ed41eff02 Merge branch 'main' into add-scanned-deps 2022-09-26 11:34:43 +02:00
Federico Builes dbe70eb550 updating gitignore 2022-09-26 11:29:22 +02:00
Federico Builes 78c7c01396 Merge branch 'main' into add-scanned-deps
# Conflicts:
#	dist/index.js.map
2022-09-26 08:47:23 +02:00
Federico Builes 89a5c76329 Merge pull request #254 from actions/dependabot/npm_and_yarn/actions/github-5.1.0
Bump @actions/github from 5.0.3 to 5.1.0
2022-09-26 08:46:18 +02:00
Federico Builes 4a6d691283 adding dist 2022-09-26 08:45:09 +02:00
Federico Builes b58d457243 Merge pull request #253 from actions/dependabot/npm_and_yarn/types/node-16.11.60
Bump @types/node from 16.11.59 to 16.11.60
2022-09-26 08:42:47 +02:00
Federico Builes cc033856be Merge pull request #255 from actions/dependabot/npm_and_yarn/eslint-8.24.0
Bump eslint from 8.23.1 to 8.24.0
2022-09-26 08:04:38 +02:00
dependabot[bot] 8595e805a5 Bump eslint from 8.23.1 to 8.24.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.23.1 to 8.24.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.23.1...v8.24.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-26 01:55:41 +00:00
dependabot[bot] fa10a7f0d6 Bump @actions/github from 5.0.3 to 5.1.0
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 5.0.3 to 5.1.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-26 01:54:35 +00:00
dependabot[bot] 6755d8aa71 Bump @types/node from 16.11.59 to 16.11.60
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.11.59 to 16.11.60.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-26 01:54:19 +00:00
Federico Builes 8ec13c1f01 adding dist 2022-09-22 16:52:03 +02:00
Federico Builes 723ec8c0d3 Try showing information about the scanned dependencies. 2022-09-22 16:49:45 +02:00
9 changed files with 631 additions and 317 deletions
+1
View File
@@ -1,4 +1,5 @@
event.json
.ruby-version
# Dependency directory
node_modules
Generated Vendored
+180 -76
View File
@@ -203,6 +203,7 @@ const filter_1 = __nccwpck_require__(8752);
const licenses_1 = __nccwpck_require__(3247);
const summary = __importStar(__nccwpck_require__(8608));
const git_refs_1 = __nccwpck_require__(1086);
const utils_1 = __nccwpck_require__(918);
function run() {
return __awaiter(this, void 0, void 0, function* () {
try {
@@ -215,39 +216,22 @@ function run() {
headRef: refs.head
});
const minSeverity = config.fail_on_severity;
let failed = false;
const licenses = {
allow: config.allow_licenses,
deny: config.deny_licenses
};
const scopes = config.fail_on_scopes;
const scopedChanges = (0, filter_1.filterChangesByScopes)(scopes, changes);
const allowedGhsas = config.allow_ghsas || [];
const filteredChanges = (0, filter_1.filterOutAllowedAdvisories)(allowedGhsas, scopedChanges);
const scopedChanges = (0, filter_1.filterChangesByScopes)(config.fail_on_scopes, changes);
const filteredChanges = (0, filter_1.filterOutAllowedAdvisories)(config.allow_ghsas, scopedChanges);
const addedChanges = (0, filter_1.filterChangesBySeverity)(minSeverity, filteredChanges).filter(change => change.change_type === 'added' &&
change.vulnerabilities !== undefined &&
change.vulnerabilities.length > 0);
const [licenseErrors, unknownLicenses] = (0, licenses_1.getDeniedLicenseChanges)(filteredChanges, licenses);
const [licenseErrors, unknownLicenses] = (0, licenses_1.getDeniedLicenseChanges)(filteredChanges, {
allow: config.allow_licenses,
deny: config.deny_licenses
});
summary.addSummaryToSummary(addedChanges, licenseErrors, unknownLicenses);
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change);
}
failed = true;
}
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity || '');
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors);
core.setFailed('Dependency review detected incompatible licenses.');
}
printNullLicenses(unknownLicenses);
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity);
summary.addLicensesToSummary(licenseErrors, unknownLicenses, config);
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.');
}
else {
core.info(`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`);
}
summary.addScannedDependencies(changes);
printVulnerabilitiesBlock(addedChanges, minSeverity);
printLicensesBlock(licenseErrors, unknownLicenses);
printScannedDependencies(changes);
}
catch (error) {
if (error instanceof request_error_1.RequestError && error.status === 404) {
@@ -270,20 +254,37 @@ function run() {
}
});
}
function printVulnerabilitiesBlock(addedChanges, minSeverity) {
let failed = false;
core.group('Vulnerabilities', () => __awaiter(this, void 0, void 0, function* () {
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change);
}
failed = true;
}
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.');
}
else {
core.info(`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`);
}
}));
}
function printChangeVulnerabilities(change) {
for (const vuln of change.vulnerabilities) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} ${vuln.advisory_summary} ${renderSeverity(vuln.severity)}`);
core.info(`${vuln.advisory_url}`);
}
}
function renderSeverity(severity) {
const color = {
critical: 'red',
high: 'red',
moderate: 'yellow',
low: 'grey'
}[severity];
return `${ansi_styles_1.default.color[color].open}(${severity} severity)${ansi_styles_1.default.color[color].close}`;
function printLicensesBlock(licenseErrors, unknownLicenses) {
core.group('Licenses', () => __awaiter(this, void 0, void 0, function* () {
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors);
core.setFailed('Dependency review detected incompatible licenses.');
}
printNullLicenses(unknownLicenses);
}));
}
function printLicensesError(changes) {
if (changes.length === 0) {
@@ -303,6 +304,42 @@ function printNullLicenses(changes) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close}`);
}
}
function renderSeverity(severity) {
const color = {
critical: 'red',
high: 'red',
moderate: 'yellow',
low: 'grey'
}[severity];
return `${ansi_styles_1.default.color[color].open}(${severity} severity)${ansi_styles_1.default.color[color].close}`;
}
function renderScannedDependency(change) {
const changeType = change.change_type;
if (changeType !== 'added' && changeType !== 'removed') {
throw new Error(`Unexpected change type: ${changeType}`);
}
const color = {
added: 'green',
removed: 'red'
}[changeType];
const icon = {
added: '+',
removed: '-'
}[changeType];
return `${ansi_styles_1.default.color[color].open}${icon} ${change.manifest}@${change.version}${ansi_styles_1.default.color[color].close}`;
}
function printScannedDependencies(changes) {
core.group('Dependency Changes', () => __awaiter(this, void 0, void 0, function* () {
const dependencies = (0, utils_1.groupDependenciesByManifest)(changes);
for (const manifestName of dependencies.keys()) {
const manifestChanges = dependencies.get(manifestName) || [];
core.info(`File: ${ansi_styles_1.default.bold.open}${manifestName}${ansi_styles_1.default.bold.close}`);
for (const change of manifestChanges) {
core.info(`${renderScannedDependency(change)}`);
}
}
}));
}
run();
@@ -414,8 +451,9 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.addLicensesToSummary = exports.addChangeVulnerabilitiesToSummary = exports.addSummaryToSummary = void 0;
exports.addScannedDependencies = exports.addLicensesToSummary = exports.addChangeVulnerabilitiesToSummary = exports.addSummaryToSummary = void 0;
const core = __importStar(__nccwpck_require__(2186));
const utils_1 = __nccwpck_require__(918);
function addSummaryToSummary(addedPackages, licenseErrors, unknownLicenses) {
core.summary
.addHeading('Dependency Review')
@@ -424,7 +462,7 @@ function addSummaryToSummary(addedPackages, licenseErrors, unknownLicenses) {
exports.addSummaryToSummary = addSummaryToSummary;
function addChangeVulnerabilitiesToSummary(addedPackages, severity) {
const rows = [];
const manifests = getManifests(addedPackages);
const manifests = (0, utils_1.getManifestsSet)(addedPackages);
core.summary
.addHeading('Vulnerabilities')
.addQuote(`Vulnerabilites were filtered by mininum severity <strong>${severity}</strong>.`);
@@ -441,16 +479,16 @@ function addChangeVulnerabilitiesToSummary(addedPackages, severity) {
previous_version === change.version;
if (!sameAsPrevious) {
rows.push([
renderUrl(change.source_repository_url, change.name),
(0, utils_1.renderUrl)(change.source_repository_url, change.name),
change.version,
renderUrl(vuln.advisory_url, vuln.advisory_summary),
(0, utils_1.renderUrl)(vuln.advisory_url, vuln.advisory_summary),
vuln.severity
]);
}
else {
rows.push([
{ data: '', colspan: '2' },
renderUrl(vuln.advisory_url, vuln.advisory_summary),
(0, utils_1.renderUrl)(vuln.advisory_url, vuln.advisory_summary),
vuln.severity
]);
}
@@ -484,13 +522,13 @@ function addLicensesToSummary(licenseErrors, unknownLicenses, config) {
}
if (licenseErrors.length > 0) {
const rows = [];
const manifests = getManifests(licenseErrors);
const manifests = (0, utils_1.getManifestsSet)(licenseErrors);
core.summary.addHeading('Incompatible Licenses', 3).addSeparator();
for (const manifest of manifests) {
core.summary.addHeading(`<em>${manifest}</em>`, 4);
for (const change of licenseErrors.filter(pkg => pkg.manifest === manifest)) {
rows.push([
renderUrl(change.source_repository_url, change.name),
(0, utils_1.renderUrl)(change.source_repository_url, change.name),
change.version,
change.license || ''
]);
@@ -504,14 +542,14 @@ function addLicensesToSummary(licenseErrors, unknownLicenses, config) {
core.debug(`found ${unknownLicenses.length} unknown licenses`);
if (unknownLicenses.length > 0) {
const rows = [];
const manifests = getManifests(unknownLicenses);
const manifests = (0, utils_1.getManifestsSet)(unknownLicenses);
core.debug(`found ${manifests.entries.length} manifests for unknown licenses`);
core.summary.addHeading('Unknown Licenses', 3).addSeparator();
for (const manifest of manifests) {
core.summary.addHeading(`<em>${manifest}</em>`, 4);
for (const change of unknownLicenses.filter(pkg => pkg.manifest === manifest)) {
rows.push([
renderUrl(change.source_repository_url, change.name),
(0, utils_1.renderUrl)(change.source_repository_url, change.name),
change.version
]);
}
@@ -520,9 +558,49 @@ function addLicensesToSummary(licenseErrors, unknownLicenses, config) {
}
}
exports.addLicensesToSummary = addLicensesToSummary;
function getManifests(changes) {
function addScannedDependencies(changes) {
const dependencies = (0, utils_1.groupDependenciesByManifest)(changes);
const manifests = dependencies.keys();
const summary = core.summary
.addHeading('Scanned Dependencies')
.addRaw(`We scanned ${dependencies.size} manifest files:`);
for (const manifest of manifests) {
const deps = dependencies.get(manifest);
if (deps) {
const dependencyNames = deps.map(dependency => `<li>${dependency.name}@${dependency.version}</li>`);
summary.addRaw(`<h3>${manifest}</h3><ul>${dependencyNames.join('')}</ul>`);
}
}
}
exports.addScannedDependencies = addScannedDependencies;
/***/ }),
/***/ 918:
/***/ ((__unused_webpack_module, exports) => {
"use strict";
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.renderUrl = exports.getManifestsSet = exports.groupDependenciesByManifest = void 0;
function groupDependenciesByManifest(changes) {
var _a;
const dependencies = new Map();
for (const change of changes) {
const manifestName = change.manifest;
if (dependencies.get(manifestName) === undefined) {
dependencies.set(manifestName, []);
}
(_a = dependencies.get(manifestName)) === null || _a === void 0 ? void 0 : _a.push(change);
}
return dependencies;
}
exports.groupDependenciesByManifest = groupDependenciesByManifest;
function getManifestsSet(changes) {
return new Set(changes.flatMap(c => c.manifest));
}
exports.getManifestsSet = getManifestsSet;
function renderUrl(url, text) {
if (url) {
return `<a href="${url}">${text}</a>`;
@@ -531,6 +609,7 @@ function renderUrl(url, text) {
return text;
}
}
exports.renderUrl = renderUrl;
/***/ }),
@@ -674,7 +753,6 @@ const file_command_1 = __nccwpck_require__(717);
const utils_1 = __nccwpck_require__(5278);
const os = __importStar(__nccwpck_require__(2037));
const path = __importStar(__nccwpck_require__(1017));
const uuid_1 = __nccwpck_require__(5840);
const oidc_utils_1 = __nccwpck_require__(8041);
/**
* The code to exit an action
@@ -704,20 +782,9 @@ function exportVariable(name, val) {
process.env[name] = convertedVal;
const filePath = process.env['GITHUB_ENV'] || '';
if (filePath) {
const delimiter = `ghadelimiter_${uuid_1.v4()}`;
// These should realistically never happen, but just in case someone finds a way to exploit uuid generation let's not allow keys or values that contain the delimiter.
if (name.includes(delimiter)) {
throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`);
}
if (convertedVal.includes(delimiter)) {
throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`);
}
const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`;
file_command_1.issueCommand('ENV', commandValue);
}
else {
command_1.issueCommand('set-env', { name }, convertedVal);
return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val));
}
command_1.issueCommand('set-env', { name }, convertedVal);
}
exports.exportVariable = exportVariable;
/**
@@ -735,7 +802,7 @@ exports.setSecret = setSecret;
function addPath(inputPath) {
const filePath = process.env['GITHUB_PATH'] || '';
if (filePath) {
file_command_1.issueCommand('PATH', inputPath);
file_command_1.issueFileCommand('PATH', inputPath);
}
else {
command_1.issueCommand('add-path', {}, inputPath);
@@ -775,7 +842,10 @@ function getMultilineInput(name, options) {
const inputs = getInput(name, options)
.split('\n')
.filter(x => x !== '');
return inputs;
if (options && options.trimWhitespace === false) {
return inputs;
}
return inputs.map(input => input.trim());
}
exports.getMultilineInput = getMultilineInput;
/**
@@ -808,8 +878,12 @@ exports.getBooleanInput = getBooleanInput;
*/
// eslint-disable-next-line @typescript-eslint/no-explicit-any
function setOutput(name, value) {
const filePath = process.env['GITHUB_OUTPUT'] || '';
if (filePath) {
return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value));
}
process.stdout.write(os.EOL);
command_1.issueCommand('set-output', { name }, value);
command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value));
}
exports.setOutput = setOutput;
/**
@@ -938,7 +1012,11 @@ exports.group = group;
*/
// eslint-disable-next-line @typescript-eslint/no-explicit-any
function saveState(name, value) {
command_1.issueCommand('save-state', { name }, value);
const filePath = process.env['GITHUB_STATE'] || '';
if (filePath) {
return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value));
}
command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value));
}
exports.saveState = saveState;
/**
@@ -1004,13 +1082,14 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.issueCommand = void 0;
exports.prepareKeyValueMessage = exports.issueFileCommand = void 0;
// We use any as a valid input type
/* eslint-disable @typescript-eslint/no-explicit-any */
const fs = __importStar(__nccwpck_require__(7147));
const os = __importStar(__nccwpck_require__(2037));
const uuid_1 = __nccwpck_require__(5840);
const utils_1 = __nccwpck_require__(5278);
function issueCommand(command, message) {
function issueFileCommand(command, message) {
const filePath = process.env[`GITHUB_${command}`];
if (!filePath) {
throw new Error(`Unable to find environment variable for file command ${command}`);
@@ -1022,7 +1101,22 @@ function issueCommand(command, message) {
encoding: 'utf8'
});
}
exports.issueCommand = issueCommand;
exports.issueFileCommand = issueFileCommand;
function prepareKeyValueMessage(key, value) {
const delimiter = `ghadelimiter_${uuid_1.v4()}`;
const convertedValue = utils_1.toCommandValue(value);
// These should realistically never happen, but just in case someone finds a
// way to exploit uuid generation let's not allow keys or values that contain
// the delimiter.
if (key.includes(delimiter)) {
throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`);
}
if (convertedValue.includes(delimiter)) {
throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`);
}
return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`;
}
exports.prepareKeyValueMessage = prepareKeyValueMessage;
//# sourceMappingURL=file-command.js.map
/***/ }),
@@ -1609,8 +1703,9 @@ exports.context = new Context.Context();
* @param token the repo PAT or GITHUB_TOKEN
* @param options other options to set
*/
function getOctokit(token, options) {
return new utils_1.GitHub(utils_1.getOctokitOptions(token, options));
function getOctokit(token, options, ...additionalPlugins) {
const GitHubWithPlugins = utils_1.GitHub.plugin(...additionalPlugins);
return new GitHubWithPlugins(utils_1.getOctokitOptions(token, options));
}
exports.getOctokit = getOctokit;
//# sourceMappingURL=github.js.map
@@ -1692,7 +1787,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getOctokitOptions = exports.GitHub = exports.context = void 0;
exports.getOctokitOptions = exports.GitHub = exports.defaults = exports.context = void 0;
const Context = __importStar(__nccwpck_require__(4087));
const Utils = __importStar(__nccwpck_require__(7914));
// octokit + plugins
@@ -1701,13 +1796,13 @@ const plugin_rest_endpoint_methods_1 = __nccwpck_require__(3044);
const plugin_paginate_rest_1 = __nccwpck_require__(4193);
exports.context = new Context.Context();
const baseUrl = Utils.getApiBaseUrl();
const defaults = {
exports.defaults = {
baseUrl,
request: {
agent: Utils.getProxyAgent(baseUrl)
}
};
exports.GitHub = core_1.Octokit.plugin(plugin_rest_endpoint_methods_1.restEndpointMethods, plugin_paginate_rest_1.paginateRest).defaults(defaults);
exports.GitHub = core_1.Octokit.plugin(plugin_rest_endpoint_methods_1.restEndpointMethods, plugin_paginate_rest_1.paginateRest).defaults(exports.defaults);
/**
* Convience function to correctly format Octokit Options to pass into the constructor.
*
@@ -15048,6 +15143,9 @@ function filterChangesBySeverity(severity, changes) {
}
exports.filterChangesBySeverity = filterChangesBySeverity;
function filterChangesByScopes(scopes, changes) {
if (scopes === undefined) {
return [];
}
const filteredChanges = changes.filter(change => {
// if there is no scope on the change (Enterprise Server API for now), we will assume it is a runtime scope
const scope = change.scope || 'runtime';
@@ -15057,6 +15155,9 @@ function filterChangesByScopes(scopes, changes) {
}
exports.filterChangesByScopes = filterChangesByScopes;
function filterOutAllowedAdvisories(ghsas, changes) {
if (ghsas === undefined) {
return [];
}
const filteredChanges = changes.filter(change => {
const noAdvisories = change.vulnerabilities === undefined ||
change.vulnerabilities.length === 0;
@@ -15467,7 +15568,7 @@ function composeNode(ctx, token, props, onError) {
node.srcToken = token;
return node;
}
function composeEmptyNode(ctx, offset, before, pos, { spaceBefore, comment, anchor, tag }, onError) {
function composeEmptyNode(ctx, offset, before, pos, { spaceBefore, comment, anchor, tag, end }, onError) {
const token = {
type: 'scalar',
offset: utilEmptyScalarPosition.emptyScalarPosition(offset, before, pos),
@@ -15482,8 +15583,10 @@ function composeEmptyNode(ctx, offset, before, pos, { spaceBefore, comment, anch
}
if (spaceBefore)
node.spaceBefore = true;
if (comment)
if (comment) {
node.comment = comment;
node.range[2] = end;
}
return node;
}
function composeAlias({ options }, { offset, source, end }, onError) {
@@ -17493,7 +17596,7 @@ function createNode(value, tagName, ctx) {
if (value instanceof String ||
value instanceof Number ||
value instanceof Boolean ||
(typeof BigInt === 'function' && value instanceof BigInt) // not supported everywhere
(typeof BigInt !== 'undefined' && value instanceof BigInt) // not supported everywhere
) {
// https://tc39.es/ecma262/#sec-serializejsonproperty
value = value.valueOf();
@@ -22076,7 +22179,8 @@ class YAMLSet extends YAMLMap.YAMLMap {
let pair;
if (Node.isPair(key))
pair = key;
else if (typeof key === 'object' &&
else if (key &&
typeof key === 'object' &&
'key' in key &&
'value' in key &&
key.value === null)
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
+278 -164
View File
@@ -1,31 +1,32 @@
{
"name": "dependency-review-action",
"version": "2.3.0",
"version": "2.4.0",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "dependency-review-action",
"version": "2.3.0",
"version": "2.4.0",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.9.1",
"@actions/github": "^5.0.3",
"@actions/core": "^1.10.0",
"@actions/github": "^5.1.1",
"@octokit/plugin-retry": "^3.0.9",
"@octokit/request-error": "^3.0.1",
"ansi-styles": "^6.1.1",
"got": "^12.5.0",
"got": "^12.5.1",
"nodemon": "^2.0.20",
"yaml": "^2.1.1",
"spdx-satisfies": "^5.0.1",
"yaml": "^2.1.2",
"zod": "^3.19.1"
},
"devDependencies": {
"@types/node": "^16.11.59",
"@typescript-eslint/eslint-plugin": "^5.38.0",
"@typescript-eslint/parser": "^5.38.0",
"@types/node": "^16.11.63",
"@typescript-eslint/eslint-plugin": "^5.38.1",
"@typescript-eslint/parser": "^5.38.1",
"@vercel/ncc": "^0.34.0",
"esbuild-register": "^3.3.3",
"eslint": "^8.23.1",
"eslint": "^8.24.0",
"eslint-plugin-github": "^4.3.7",
"eslint-plugin-jest": "^27.0.4",
"jest": "^27.5.1",
@@ -33,22 +34,22 @@
"nodemon": "^2.0.20",
"prettier": "2.7.1",
"ts-jest": "^27.1.4",
"typescript": "^4.8.3"
"typescript": "^4.8.4"
}
},
"node_modules/@actions/core": {
"version": "1.9.1",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
"integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
"version": "1.10.0",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
"integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
"dependencies": {
"@actions/http-client": "^2.0.1",
"uuid": "^8.3.2"
}
},
"node_modules/@actions/github": {
"version": "5.0.3",
"resolved": "https://registry.npmjs.org/@actions/github/-/github-5.0.3.tgz",
"integrity": "sha512-myjA/pdLQfhUGLtRZC/J4L1RXOG4o6aYdiEq+zr5wVVKljzbFld+xv10k1FX6IkIJtNxbAq44BdwSNpQ015P0A==",
"version": "5.1.1",
"resolved": "https://registry.npmjs.org/@actions/github/-/github-5.1.1.tgz",
"integrity": "sha512-Nk59rMDoJaV+mHCOJPXuvB1zIbomlKS0dmSIqPGxd0enAXBnOfn4VWF+CGtRCwXZG9Epa54tZA7VIRlJDS8A6g==",
"dependencies": {
"@actions/http-client": "^2.0.1",
"@octokit/core": "^3.6.0",
@@ -705,9 +706,9 @@
}
},
"node_modules/@humanwhocodes/config-array": {
"version": "0.10.4",
"resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.10.4.tgz",
"integrity": "sha512-mXAIHxZT3Vcpg83opl1wGlVZ9xydbfZO3r5YfRSH6Gpp2J/PfdBP0wbDa2sO6/qRbcalpoevVyW6A/fI6LfeMw==",
"version": "0.10.5",
"resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.10.5.tgz",
"integrity": "sha512-XVVDtp+dVvRxMoxSiSfasYaG02VEe1qH5cKgMQJWhol6HwzbcqoCMJi8dAGoYAO57jhUyhI6cWuRiTcRaDaYug==",
"dev": true,
"dependencies": {
"@humanwhocodes/object-schema": "^1.2.1",
@@ -1393,6 +1394,11 @@
"@types/node": "*"
}
},
"node_modules/@types/http-cache-semantics": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.1.tgz",
"integrity": "sha512-SZs7ekbP8CN0txVG2xVRH6EgKmEm31BOxA07vkFaETzZz1xh+cbt8BcI0slpymvwhx5dlFnQG2rTlPVQn+iRPQ=="
},
"node_modules/@types/istanbul-lib-coverage": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz",
@@ -1430,9 +1436,9 @@
"dev": true
},
"node_modules/@types/node": {
"version": "16.11.59",
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.59.tgz",
"integrity": "sha512-6u+36Dj3aDzhfBVUf/mfmc92OEdzQ2kx2jcXGdigfl70E/neV21ZHE6UCz4MDzTRcVqGAM27fk+DLXvyDsn3Jw==",
"version": "16.11.63",
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.63.tgz",
"integrity": "sha512-3OxnrEQLBz8EIIaHpg3CibmTAEGkDBcHY4fL5cnBwg2vd2yvHrUDGWxK+MlYPeXWWIoJJW79dGtU+oeBr6166Q==",
"dev": true
},
"node_modules/@types/prettier": {
@@ -1463,14 +1469,14 @@
"dev": true
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.38.0.tgz",
"integrity": "sha512-GgHi/GNuUbTOeoJiEANi0oI6fF3gBQc3bGFYj40nnAPCbhrtEDf2rjBmefFadweBmO1Du1YovHeDP2h5JLhtTQ==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.38.1.tgz",
"integrity": "sha512-ky7EFzPhqz3XlhS7vPOoMDaQnQMn+9o5ICR9CPr/6bw8HrFkzhMSxuA3gRfiJVvs7geYrSeawGJjZoZQKCOglQ==",
"dev": true,
"dependencies": {
"@typescript-eslint/scope-manager": "5.38.0",
"@typescript-eslint/type-utils": "5.38.0",
"@typescript-eslint/utils": "5.38.0",
"@typescript-eslint/scope-manager": "5.38.1",
"@typescript-eslint/type-utils": "5.38.1",
"@typescript-eslint/utils": "5.38.1",
"debug": "^4.3.4",
"ignore": "^5.2.0",
"regexpp": "^3.2.0",
@@ -1510,14 +1516,14 @@
}
},
"node_modules/@typescript-eslint/parser": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.38.0.tgz",
"integrity": "sha512-/F63giJGLDr0ms1Cr8utDAxP2SPiglaD6V+pCOcG35P2jCqdfR7uuEhz1GIC3oy4hkUF8xA1XSXmd9hOh/a5EA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.38.1.tgz",
"integrity": "sha512-LDqxZBVFFQnQRz9rUZJhLmox+Ep5kdUmLatLQnCRR6523YV+XhRjfYzStQ4MheFA8kMAfUlclHSbu+RKdRwQKw==",
"dev": true,
"dependencies": {
"@typescript-eslint/scope-manager": "5.38.0",
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/typescript-estree": "5.38.0",
"@typescript-eslint/scope-manager": "5.38.1",
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/typescript-estree": "5.38.1",
"debug": "^4.3.4"
},
"engines": {
@@ -1537,13 +1543,13 @@
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.38.0.tgz",
"integrity": "sha512-ByhHIuNyKD9giwkkLqzezZ9y5bALW8VNY6xXcP+VxoH4JBDKjU5WNnsiD4HJdglHECdV+lyaxhvQjTUbRboiTA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.38.1.tgz",
"integrity": "sha512-BfRDq5RidVU3RbqApKmS7RFMtkyWMM50qWnDAkKgQiezRtLKsoyRKIvz1Ok5ilRWeD9IuHvaidaLxvGx/2eqTQ==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/visitor-keys": "5.38.0"
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/visitor-keys": "5.38.1"
},
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -1554,13 +1560,13 @@
}
},
"node_modules/@typescript-eslint/type-utils": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.38.0.tgz",
"integrity": "sha512-iZq5USgybUcj/lfnbuelJ0j3K9dbs1I3RICAJY9NZZpDgBYXmuUlYQGzftpQA9wC8cKgtS6DASTvF3HrXwwozA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.38.1.tgz",
"integrity": "sha512-UU3j43TM66gYtzo15ivK2ZFoDFKKP0k03MItzLdq0zV92CeGCXRfXlfQX5ILdd4/DSpHkSjIgLLLh1NtkOJOAw==",
"dev": true,
"dependencies": {
"@typescript-eslint/typescript-estree": "5.38.0",
"@typescript-eslint/utils": "5.38.0",
"@typescript-eslint/typescript-estree": "5.38.1",
"@typescript-eslint/utils": "5.38.1",
"debug": "^4.3.4",
"tsutils": "^3.21.0"
},
@@ -1581,9 +1587,9 @@
}
},
"node_modules/@typescript-eslint/types": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.38.0.tgz",
"integrity": "sha512-HHu4yMjJ7i3Cb+8NUuRCdOGu2VMkfmKyIJsOr9PfkBVYLYrtMCK/Ap50Rpov+iKpxDTfnqvDbuPLgBE5FwUNfA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.38.1.tgz",
"integrity": "sha512-QTW1iHq1Tffp9lNfbfPm4WJabbvpyaehQ0SrvVK2yfV79SytD9XDVxqiPvdrv2LK7DGSFo91TB2FgWanbJAZXg==",
"dev": true,
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -1594,13 +1600,13 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.38.0.tgz",
"integrity": "sha512-6P0RuphkR+UuV7Avv7MU3hFoWaGcrgOdi8eTe1NwhMp2/GjUJoODBTRWzlHpZh6lFOaPmSvgxGlROa0Sg5Zbyg==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.38.1.tgz",
"integrity": "sha512-99b5e/Enoe8fKMLdSuwrfH/C0EIbpUWmeEKHmQlGZb8msY33qn1KlkFww0z26o5Omx7EVjzVDCWEfrfCDHfE7g==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/visitor-keys": "5.38.0",
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/visitor-keys": "5.38.1",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@@ -1636,15 +1642,15 @@
}
},
"node_modules/@typescript-eslint/utils": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.38.0.tgz",
"integrity": "sha512-6sdeYaBgk9Fh7N2unEXGz+D+som2QCQGPAf1SxrkEr+Z32gMreQ0rparXTNGRRfYUWk/JzbGdcM8NSSd6oqnTA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.38.1.tgz",
"integrity": "sha512-oIuUiVxPBsndrN81oP8tXnFa/+EcZ03qLqPDfSZ5xIJVm7A9V0rlkQwwBOAGtrdN70ZKDlKv+l1BeT4eSFxwXA==",
"dev": true,
"dependencies": {
"@types/json-schema": "^7.0.9",
"@typescript-eslint/scope-manager": "5.38.0",
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/typescript-estree": "5.38.0",
"@typescript-eslint/scope-manager": "5.38.1",
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/typescript-estree": "5.38.1",
"eslint-scope": "^5.1.1",
"eslint-utils": "^3.0.0"
},
@@ -1660,12 +1666,12 @@
}
},
"node_modules/@typescript-eslint/visitor-keys": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.38.0.tgz",
"integrity": "sha512-MxnrdIyArnTi+XyFLR+kt/uNAcdOnmT+879os7qDRI+EYySR4crXJq9BXPfRzzLGq0wgxkwidrCJ9WCAoacm1w==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.38.1.tgz",
"integrity": "sha512-bSHr1rRxXt54+j2n4k54p4fj8AHJ49VDWtjpImOpzQj4qjAiOpPni+V1Tyajh19Api1i844F757cur8wH3YvOA==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/types": "5.38.1",
"eslint-visitor-keys": "^3.3.0"
},
"engines": {
@@ -1856,6 +1862,14 @@
"node": ">=6.0"
}
},
"node_modules/array-find-index": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/array-find-index/-/array-find-index-1.0.2.tgz",
"integrity": "sha512-M1HQyIXcBGtVywBt8WVdim+lrNaK7VHp99Qt5pSNziXznKHViIBbXWtfRTpEFpF/c4FdfxNAsCCwPp5phBYJtw==",
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/array-includes": {
"version": "3.1.5",
"resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.5.tgz",
@@ -2124,18 +2138,19 @@
"dev": true
},
"node_modules/cacheable-lookup": {
"version": "6.0.4",
"resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-6.0.4.tgz",
"integrity": "sha512-mbcDEZCkv2CZF4G01kr8eBd/5agkt9oCqz75tJMSIsquvRZ2sL6Hi5zGVKi/0OSC9oO1GHfJ2AV0ZIOY9vye0A==",
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz",
"integrity": "sha512-+qJyx4xiKra8mZrcwhjMRMUhD5NR1R8esPkzIYxX96JiecFoxAXFuz/GpR3+ev4PE1WamHip78wV0vcmPQtp8w==",
"engines": {
"node": ">=10.6.0"
"node": ">=14.16"
}
},
"node_modules/cacheable-request": {
"version": "10.1.2",
"resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.1.2.tgz",
"integrity": "sha512-N7F4os5ZI+8mWHSbeJmxn+qimf5uK3WU53FD1b298XLGtOLPpSA/1xAchfP4NJlDwqgaviZ0SQfxTQD0K6lr9w==",
"version": "10.2.1",
"resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.1.tgz",
"integrity": "sha512-3tLJyBjGuXw1s5gpKFSG3iS4kaKT4id04dZi98wzHQp/8cqZNweBnrF9J+rrlvrf4M53OdtDGNctNHFias8BEA==",
"dependencies": {
"@types/http-cache-semantics": "^4.0.1",
"get-stream": "^6.0.1",
"http-cache-semantics": "^4.1.0",
"keyv": "^4.5.0",
@@ -2776,13 +2791,13 @@
}
},
"node_modules/eslint": {
"version": "8.23.1",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.23.1.tgz",
"integrity": "sha512-w7C1IXCc6fNqjpuYd0yPlcTKKmHlHHktRkzmBPZ+7cvNBQuiNjx0xaMTjAJGCafJhQkrFJooREv0CtrVzmHwqg==",
"version": "8.24.0",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.24.0.tgz",
"integrity": "sha512-dWFaPhGhTAiPcCgm3f6LI2MBWbogMnTJzFBbhXVRQDJPkr9pGZvVjlVfXd+vyDcWPA2Ic9L2AXPIQM0+vk/cSQ==",
"dev": true,
"dependencies": {
"@eslint/eslintrc": "^1.3.2",
"@humanwhocodes/config-array": "^0.10.4",
"@humanwhocodes/config-array": "^0.10.5",
"@humanwhocodes/gitignore-to-minimatch": "^1.0.2",
"@humanwhocodes/module-importer": "^1.0.1",
"ajv": "^6.10.0",
@@ -3805,14 +3820,14 @@
}
},
"node_modules/got": {
"version": "12.5.0",
"resolved": "https://registry.npmjs.org/got/-/got-12.5.0.tgz",
"integrity": "sha512-/Bneo/L6bLN1wDyJCeRZ3CLoixvwb9v3rE3IHulFSfTHwP85xSr4QatA8K0c6GlL5+mc4IZ57BzluNZJiXvHIg==",
"version": "12.5.1",
"resolved": "https://registry.npmjs.org/got/-/got-12.5.1.tgz",
"integrity": "sha512-sD16AK8cCyUoPtKr/NMvLTFFa+T3i3S+zoiuvhq0HP2YiqBZA9AtlBjAdsQBsLBK7slPuvmfE0OxhGi7N5dD4w==",
"dependencies": {
"@sindresorhus/is": "^5.2.0",
"@szmarczak/http-timer": "^5.0.1",
"cacheable-lookup": "^6.0.4",
"cacheable-request": "^10.1.2",
"cacheable-lookup": "^7.0.0",
"cacheable-request": "^10.2.1",
"decompress-response": "^6.0.0",
"form-data-encoder": "^2.1.2",
"get-stream": "^6.0.1",
@@ -5700,9 +5715,9 @@
}
},
"node_modules/normalize-url": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-7.1.0.tgz",
"integrity": "sha512-JgkdydFdLe1E5Q7DpLvKVyBZOOwXYGhIbMbOMm3lJ06XKzaiit+qo1HciO3z3IFklStfarzJHVQf9ZcNPTvZlw==",
"version": "7.2.0",
"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-7.2.0.tgz",
"integrity": "sha512-uhXOdZry0L6M2UIo9BTt7FdpBDiAGN/7oItedQwPKh8jh31ZlvC8U9Xl/EJ3aijDHaywXTW3QbZ6LuCocur1YA==",
"engines": {
"node": ">=12.20"
},
@@ -6416,6 +6431,50 @@
"source-map": "^0.6.0"
}
},
"node_modules/spdx-compare": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/spdx-compare/-/spdx-compare-1.0.0.tgz",
"integrity": "sha512-C1mDZOX0hnu0ep9dfmuoi03+eOdDoz2yvK79RxbcrVEG1NO1Ph35yW102DHWKN4pk80nwCgeMmSY5L25VE4D9A==",
"dependencies": {
"array-find-index": "^1.0.2",
"spdx-expression-parse": "^3.0.0",
"spdx-ranges": "^2.0.0"
}
},
"node_modules/spdx-exceptions": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz",
"integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A=="
},
"node_modules/spdx-expression-parse": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz",
"integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==",
"dependencies": {
"spdx-exceptions": "^2.1.0",
"spdx-license-ids": "^3.0.0"
}
},
"node_modules/spdx-license-ids": {
"version": "3.0.12",
"resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.12.tgz",
"integrity": "sha512-rr+VVSXtRhO4OHbXUiAF7xW3Bo9DuuF6C5jH+q/x15j2jniycgKbxU09Hr0WqlSLUs4i4ltHGXqTe7VHclYWyA=="
},
"node_modules/spdx-ranges": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/spdx-ranges/-/spdx-ranges-2.1.1.tgz",
"integrity": "sha512-mcdpQFV7UDAgLpXEE/jOMqvK4LBoO0uTQg0uvXUewmEFhpiZx5yJSZITHB8w1ZahKdhfZqP5GPEOKLyEq5p8XA=="
},
"node_modules/spdx-satisfies": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/spdx-satisfies/-/spdx-satisfies-5.0.1.tgz",
"integrity": "sha512-Nwor6W6gzFp8XX4neaKQ7ChV4wmpSh2sSDemMFSzHxpTw460jxFYeOn+jq4ybnSSw/5sc3pjka9MQPouksQNpw==",
"dependencies": {
"spdx-compare": "^1.0.0",
"spdx-expression-parse": "^3.0.0",
"spdx-ranges": "^2.0.0"
}
},
"node_modules/sprintf-js": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
@@ -6842,9 +6901,9 @@
}
},
"node_modules/typescript": {
"version": "4.8.3",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.3.tgz",
"integrity": "sha512-goMHfm00nWPa8UvR/CPSvykqf6dVV8x/dp0c5mFTMTIu0u0FlGWRioyy7Nn0PGAdHxpJZnuO/ut+PpQ8UiHAig==",
"version": "4.8.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
"integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
@@ -7135,9 +7194,9 @@
"dev": true
},
"node_modules/yaml": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.1.tgz",
"integrity": "sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw==",
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.2.tgz",
"integrity": "sha512-VSdf2/K3FqAetooKQv45Hcu6sA00aDgWZeGcG6V9IYJnVLTnb6988Tie79K5nx2vK7cEpf+yW8Oy+7iPAbdiHA==",
"engines": {
"node": ">= 14"
}
@@ -7192,18 +7251,18 @@
},
"dependencies": {
"@actions/core": {
"version": "1.9.1",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
"integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
"version": "1.10.0",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
"integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
"requires": {
"@actions/http-client": "^2.0.1",
"uuid": "^8.3.2"
}
},
"@actions/github": {
"version": "5.0.3",
"resolved": "https://registry.npmjs.org/@actions/github/-/github-5.0.3.tgz",
"integrity": "sha512-myjA/pdLQfhUGLtRZC/J4L1RXOG4o6aYdiEq+zr5wVVKljzbFld+xv10k1FX6IkIJtNxbAq44BdwSNpQ015P0A==",
"version": "5.1.1",
"resolved": "https://registry.npmjs.org/@actions/github/-/github-5.1.1.tgz",
"integrity": "sha512-Nk59rMDoJaV+mHCOJPXuvB1zIbomlKS0dmSIqPGxd0enAXBnOfn4VWF+CGtRCwXZG9Epa54tZA7VIRlJDS8A6g==",
"requires": {
"@actions/http-client": "^2.0.1",
"@octokit/core": "^3.6.0",
@@ -7705,9 +7764,9 @@
}
},
"@humanwhocodes/config-array": {
"version": "0.10.4",
"resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.10.4.tgz",
"integrity": "sha512-mXAIHxZT3Vcpg83opl1wGlVZ9xydbfZO3r5YfRSH6Gpp2J/PfdBP0wbDa2sO6/qRbcalpoevVyW6A/fI6LfeMw==",
"version": "0.10.5",
"resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.10.5.tgz",
"integrity": "sha512-XVVDtp+dVvRxMoxSiSfasYaG02VEe1qH5cKgMQJWhol6HwzbcqoCMJi8dAGoYAO57jhUyhI6cWuRiTcRaDaYug==",
"dev": true,
"requires": {
"@humanwhocodes/object-schema": "^1.2.1",
@@ -8275,6 +8334,11 @@
"@types/node": "*"
}
},
"@types/http-cache-semantics": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.1.tgz",
"integrity": "sha512-SZs7ekbP8CN0txVG2xVRH6EgKmEm31BOxA07vkFaETzZz1xh+cbt8BcI0slpymvwhx5dlFnQG2rTlPVQn+iRPQ=="
},
"@types/istanbul-lib-coverage": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz",
@@ -8312,9 +8376,9 @@
"dev": true
},
"@types/node": {
"version": "16.11.59",
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.59.tgz",
"integrity": "sha512-6u+36Dj3aDzhfBVUf/mfmc92OEdzQ2kx2jcXGdigfl70E/neV21ZHE6UCz4MDzTRcVqGAM27fk+DLXvyDsn3Jw==",
"version": "16.11.63",
"resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.63.tgz",
"integrity": "sha512-3OxnrEQLBz8EIIaHpg3CibmTAEGkDBcHY4fL5cnBwg2vd2yvHrUDGWxK+MlYPeXWWIoJJW79dGtU+oeBr6166Q==",
"dev": true
},
"@types/prettier": {
@@ -8345,14 +8409,14 @@
"dev": true
},
"@typescript-eslint/eslint-plugin": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.38.0.tgz",
"integrity": "sha512-GgHi/GNuUbTOeoJiEANi0oI6fF3gBQc3bGFYj40nnAPCbhrtEDf2rjBmefFadweBmO1Du1YovHeDP2h5JLhtTQ==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.38.1.tgz",
"integrity": "sha512-ky7EFzPhqz3XlhS7vPOoMDaQnQMn+9o5ICR9CPr/6bw8HrFkzhMSxuA3gRfiJVvs7geYrSeawGJjZoZQKCOglQ==",
"dev": true,
"requires": {
"@typescript-eslint/scope-manager": "5.38.0",
"@typescript-eslint/type-utils": "5.38.0",
"@typescript-eslint/utils": "5.38.0",
"@typescript-eslint/scope-manager": "5.38.1",
"@typescript-eslint/type-utils": "5.38.1",
"@typescript-eslint/utils": "5.38.1",
"debug": "^4.3.4",
"ignore": "^5.2.0",
"regexpp": "^3.2.0",
@@ -8372,53 +8436,53 @@
}
},
"@typescript-eslint/parser": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.38.0.tgz",
"integrity": "sha512-/F63giJGLDr0ms1Cr8utDAxP2SPiglaD6V+pCOcG35P2jCqdfR7uuEhz1GIC3oy4hkUF8xA1XSXmd9hOh/a5EA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.38.1.tgz",
"integrity": "sha512-LDqxZBVFFQnQRz9rUZJhLmox+Ep5kdUmLatLQnCRR6523YV+XhRjfYzStQ4MheFA8kMAfUlclHSbu+RKdRwQKw==",
"dev": true,
"requires": {
"@typescript-eslint/scope-manager": "5.38.0",
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/typescript-estree": "5.38.0",
"@typescript-eslint/scope-manager": "5.38.1",
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/typescript-estree": "5.38.1",
"debug": "^4.3.4"
}
},
"@typescript-eslint/scope-manager": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.38.0.tgz",
"integrity": "sha512-ByhHIuNyKD9giwkkLqzezZ9y5bALW8VNY6xXcP+VxoH4JBDKjU5WNnsiD4HJdglHECdV+lyaxhvQjTUbRboiTA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.38.1.tgz",
"integrity": "sha512-BfRDq5RidVU3RbqApKmS7RFMtkyWMM50qWnDAkKgQiezRtLKsoyRKIvz1Ok5ilRWeD9IuHvaidaLxvGx/2eqTQ==",
"dev": true,
"requires": {
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/visitor-keys": "5.38.0"
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/visitor-keys": "5.38.1"
}
},
"@typescript-eslint/type-utils": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.38.0.tgz",
"integrity": "sha512-iZq5USgybUcj/lfnbuelJ0j3K9dbs1I3RICAJY9NZZpDgBYXmuUlYQGzftpQA9wC8cKgtS6DASTvF3HrXwwozA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.38.1.tgz",
"integrity": "sha512-UU3j43TM66gYtzo15ivK2ZFoDFKKP0k03MItzLdq0zV92CeGCXRfXlfQX5ILdd4/DSpHkSjIgLLLh1NtkOJOAw==",
"dev": true,
"requires": {
"@typescript-eslint/typescript-estree": "5.38.0",
"@typescript-eslint/utils": "5.38.0",
"@typescript-eslint/typescript-estree": "5.38.1",
"@typescript-eslint/utils": "5.38.1",
"debug": "^4.3.4",
"tsutils": "^3.21.0"
}
},
"@typescript-eslint/types": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.38.0.tgz",
"integrity": "sha512-HHu4yMjJ7i3Cb+8NUuRCdOGu2VMkfmKyIJsOr9PfkBVYLYrtMCK/Ap50Rpov+iKpxDTfnqvDbuPLgBE5FwUNfA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.38.1.tgz",
"integrity": "sha512-QTW1iHq1Tffp9lNfbfPm4WJabbvpyaehQ0SrvVK2yfV79SytD9XDVxqiPvdrv2LK7DGSFo91TB2FgWanbJAZXg==",
"dev": true
},
"@typescript-eslint/typescript-estree": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.38.0.tgz",
"integrity": "sha512-6P0RuphkR+UuV7Avv7MU3hFoWaGcrgOdi8eTe1NwhMp2/GjUJoODBTRWzlHpZh6lFOaPmSvgxGlROa0Sg5Zbyg==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.38.1.tgz",
"integrity": "sha512-99b5e/Enoe8fKMLdSuwrfH/C0EIbpUWmeEKHmQlGZb8msY33qn1KlkFww0z26o5Omx7EVjzVDCWEfrfCDHfE7g==",
"dev": true,
"requires": {
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/visitor-keys": "5.38.0",
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/visitor-keys": "5.38.1",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@@ -8438,26 +8502,26 @@
}
},
"@typescript-eslint/utils": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.38.0.tgz",
"integrity": "sha512-6sdeYaBgk9Fh7N2unEXGz+D+som2QCQGPAf1SxrkEr+Z32gMreQ0rparXTNGRRfYUWk/JzbGdcM8NSSd6oqnTA==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.38.1.tgz",
"integrity": "sha512-oIuUiVxPBsndrN81oP8tXnFa/+EcZ03qLqPDfSZ5xIJVm7A9V0rlkQwwBOAGtrdN70ZKDlKv+l1BeT4eSFxwXA==",
"dev": true,
"requires": {
"@types/json-schema": "^7.0.9",
"@typescript-eslint/scope-manager": "5.38.0",
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/typescript-estree": "5.38.0",
"@typescript-eslint/scope-manager": "5.38.1",
"@typescript-eslint/types": "5.38.1",
"@typescript-eslint/typescript-estree": "5.38.1",
"eslint-scope": "^5.1.1",
"eslint-utils": "^3.0.0"
}
},
"@typescript-eslint/visitor-keys": {
"version": "5.38.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.38.0.tgz",
"integrity": "sha512-MxnrdIyArnTi+XyFLR+kt/uNAcdOnmT+879os7qDRI+EYySR4crXJq9BXPfRzzLGq0wgxkwidrCJ9WCAoacm1w==",
"version": "5.38.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.38.1.tgz",
"integrity": "sha512-bSHr1rRxXt54+j2n4k54p4fj8AHJ49VDWtjpImOpzQj4qjAiOpPni+V1Tyajh19Api1i844F757cur8wH3YvOA==",
"dev": true,
"requires": {
"@typescript-eslint/types": "5.38.0",
"@typescript-eslint/types": "5.38.1",
"eslint-visitor-keys": "^3.3.0"
}
},
@@ -8591,6 +8655,11 @@
"@babel/runtime-corejs3": "^7.10.2"
}
},
"array-find-index": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/array-find-index/-/array-find-index-1.0.2.tgz",
"integrity": "sha512-M1HQyIXcBGtVywBt8WVdim+lrNaK7VHp99Qt5pSNziXznKHViIBbXWtfRTpEFpF/c4FdfxNAsCCwPp5phBYJtw=="
},
"array-includes": {
"version": "3.1.5",
"resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.5.tgz",
@@ -8801,15 +8870,16 @@
"dev": true
},
"cacheable-lookup": {
"version": "6.0.4",
"resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-6.0.4.tgz",
"integrity": "sha512-mbcDEZCkv2CZF4G01kr8eBd/5agkt9oCqz75tJMSIsquvRZ2sL6Hi5zGVKi/0OSC9oO1GHfJ2AV0ZIOY9vye0A=="
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz",
"integrity": "sha512-+qJyx4xiKra8mZrcwhjMRMUhD5NR1R8esPkzIYxX96JiecFoxAXFuz/GpR3+ev4PE1WamHip78wV0vcmPQtp8w=="
},
"cacheable-request": {
"version": "10.1.2",
"resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.1.2.tgz",
"integrity": "sha512-N7F4os5ZI+8mWHSbeJmxn+qimf5uK3WU53FD1b298XLGtOLPpSA/1xAchfP4NJlDwqgaviZ0SQfxTQD0K6lr9w==",
"version": "10.2.1",
"resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.1.tgz",
"integrity": "sha512-3tLJyBjGuXw1s5gpKFSG3iS4kaKT4id04dZi98wzHQp/8cqZNweBnrF9J+rrlvrf4M53OdtDGNctNHFias8BEA==",
"requires": {
"@types/http-cache-semantics": "^4.0.1",
"get-stream": "^6.0.1",
"http-cache-semantics": "^4.1.0",
"keyv": "^4.5.0",
@@ -9287,13 +9357,13 @@
}
},
"eslint": {
"version": "8.23.1",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.23.1.tgz",
"integrity": "sha512-w7C1IXCc6fNqjpuYd0yPlcTKKmHlHHktRkzmBPZ+7cvNBQuiNjx0xaMTjAJGCafJhQkrFJooREv0CtrVzmHwqg==",
"version": "8.24.0",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.24.0.tgz",
"integrity": "sha512-dWFaPhGhTAiPcCgm3f6LI2MBWbogMnTJzFBbhXVRQDJPkr9pGZvVjlVfXd+vyDcWPA2Ic9L2AXPIQM0+vk/cSQ==",
"dev": true,
"requires": {
"@eslint/eslintrc": "^1.3.2",
"@humanwhocodes/config-array": "^0.10.4",
"@humanwhocodes/config-array": "^0.10.5",
"@humanwhocodes/gitignore-to-minimatch": "^1.0.2",
"@humanwhocodes/module-importer": "^1.0.1",
"ajv": "^6.10.0",
@@ -10044,14 +10114,14 @@
}
},
"got": {
"version": "12.5.0",
"resolved": "https://registry.npmjs.org/got/-/got-12.5.0.tgz",
"integrity": "sha512-/Bneo/L6bLN1wDyJCeRZ3CLoixvwb9v3rE3IHulFSfTHwP85xSr4QatA8K0c6GlL5+mc4IZ57BzluNZJiXvHIg==",
"version": "12.5.1",
"resolved": "https://registry.npmjs.org/got/-/got-12.5.1.tgz",
"integrity": "sha512-sD16AK8cCyUoPtKr/NMvLTFFa+T3i3S+zoiuvhq0HP2YiqBZA9AtlBjAdsQBsLBK7slPuvmfE0OxhGi7N5dD4w==",
"requires": {
"@sindresorhus/is": "^5.2.0",
"@szmarczak/http-timer": "^5.0.1",
"cacheable-lookup": "^6.0.4",
"cacheable-request": "^10.1.2",
"cacheable-lookup": "^7.0.0",
"cacheable-request": "^10.2.1",
"decompress-response": "^6.0.0",
"form-data-encoder": "^2.1.2",
"get-stream": "^6.0.1",
@@ -11481,9 +11551,9 @@
"dev": true
},
"normalize-url": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-7.1.0.tgz",
"integrity": "sha512-JgkdydFdLe1E5Q7DpLvKVyBZOOwXYGhIbMbOMm3lJ06XKzaiit+qo1HciO3z3IFklStfarzJHVQf9ZcNPTvZlw=="
"version": "7.2.0",
"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-7.2.0.tgz",
"integrity": "sha512-uhXOdZry0L6M2UIo9BTt7FdpBDiAGN/7oItedQwPKh8jh31ZlvC8U9Xl/EJ3aijDHaywXTW3QbZ6LuCocur1YA=="
},
"npm-run-path": {
"version": "4.0.1",
@@ -11982,6 +12052,50 @@
"source-map": "^0.6.0"
}
},
"spdx-compare": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/spdx-compare/-/spdx-compare-1.0.0.tgz",
"integrity": "sha512-C1mDZOX0hnu0ep9dfmuoi03+eOdDoz2yvK79RxbcrVEG1NO1Ph35yW102DHWKN4pk80nwCgeMmSY5L25VE4D9A==",
"requires": {
"array-find-index": "^1.0.2",
"spdx-expression-parse": "^3.0.0",
"spdx-ranges": "^2.0.0"
}
},
"spdx-exceptions": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz",
"integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A=="
},
"spdx-expression-parse": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz",
"integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==",
"requires": {
"spdx-exceptions": "^2.1.0",
"spdx-license-ids": "^3.0.0"
}
},
"spdx-license-ids": {
"version": "3.0.12",
"resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.12.tgz",
"integrity": "sha512-rr+VVSXtRhO4OHbXUiAF7xW3Bo9DuuF6C5jH+q/x15j2jniycgKbxU09Hr0WqlSLUs4i4ltHGXqTe7VHclYWyA=="
},
"spdx-ranges": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/spdx-ranges/-/spdx-ranges-2.1.1.tgz",
"integrity": "sha512-mcdpQFV7UDAgLpXEE/jOMqvK4LBoO0uTQg0uvXUewmEFhpiZx5yJSZITHB8w1ZahKdhfZqP5GPEOKLyEq5p8XA=="
},
"spdx-satisfies": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/spdx-satisfies/-/spdx-satisfies-5.0.1.tgz",
"integrity": "sha512-Nwor6W6gzFp8XX4neaKQ7ChV4wmpSh2sSDemMFSzHxpTw460jxFYeOn+jq4ybnSSw/5sc3pjka9MQPouksQNpw==",
"requires": {
"spdx-compare": "^1.0.0",
"spdx-expression-parse": "^3.0.0",
"spdx-ranges": "^2.0.0"
}
},
"sprintf-js": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
@@ -12290,9 +12404,9 @@
}
},
"typescript": {
"version": "4.8.3",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.3.tgz",
"integrity": "sha512-goMHfm00nWPa8UvR/CPSvykqf6dVV8x/dp0c5mFTMTIu0u0FlGWRioyy7Nn0PGAdHxpJZnuO/ut+PpQ8UiHAig==",
"version": "4.8.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
"integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
"dev": true
},
"unbox-primitive": {
@@ -12515,9 +12629,9 @@
"dev": true
},
"yaml": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.1.tgz",
"integrity": "sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw=="
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.2.tgz",
"integrity": "sha512-VSdf2/K3FqAetooKQv45Hcu6sA00aDgWZeGcG6V9IYJnVLTnb6988Tie79K5nx2vK7cEpf+yW8Oy+7iPAbdiHA=="
},
"yargs": {
"version": "16.2.0",
+10 -9
View File
@@ -25,23 +25,24 @@
"author": "GitHub",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.9.1",
"@actions/github": "^5.0.3",
"@actions/core": "^1.10.0",
"@actions/github": "^5.1.1",
"@octokit/plugin-retry": "^3.0.9",
"@octokit/request-error": "^3.0.1",
"ansi-styles": "^6.1.1",
"got": "^12.5.0",
"got": "^12.5.1",
"nodemon": "^2.0.20",
"yaml": "^2.1.1",
"spdx-satisfies": "^5.0.1",
"yaml": "^2.1.2",
"zod": "^3.19.1"
},
"devDependencies": {
"@types/node": "^16.11.59",
"@typescript-eslint/eslint-plugin": "^5.38.0",
"@typescript-eslint/parser": "^5.38.0",
"@types/node": "^16.11.63",
"@typescript-eslint/eslint-plugin": "^5.38.1",
"@typescript-eslint/parser": "^5.38.1",
"@vercel/ncc": "^0.34.0",
"esbuild-register": "^3.3.3",
"eslint": "^8.23.1",
"eslint": "^8.24.0",
"eslint-plugin-github": "^4.3.7",
"eslint-plugin-jest": "^27.0.4",
"jest": "^27.5.1",
@@ -49,6 +50,6 @@
"nodemon": "^2.0.20",
"prettier": "2.7.1",
"ts-jest": "^27.1.4",
"typescript": "^4.8.3"
"typescript": "^4.8.4"
}
}
+10 -2
View File
@@ -35,9 +35,13 @@ export function filterChangesBySeverity(
}
export function filterChangesByScopes(
scopes: Scope[],
scopes: Scope[] | undefined,
changes: Changes
): Changes {
if (scopes === undefined) {
return []
}
const filteredChanges = changes.filter(change => {
// if there is no scope on the change (Enterprise Server API for now), we will assume it is a runtime scope
const scope = change.scope || 'runtime'
@@ -48,9 +52,13 @@ export function filterChangesByScopes(
}
export function filterOutAllowedAdvisories(
ghsas: string[],
ghsas: string[] | undefined,
changes: Changes
): Changes {
if (ghsas === undefined) {
return []
}
const filteredChanges = changes.filter(change => {
const noAdvisories =
change.vulnerabilities === undefined ||
+102 -54
View File
@@ -3,7 +3,7 @@ import * as dependencyGraph from './dependency-graph'
import * as github from '@actions/github'
import styles from 'ansi-styles'
import {RequestError} from '@octokit/request-error'
import {Change, Severity, Scope} from './schemas'
import {Change, Severity, Changes} from './schemas'
import {readConfig} from '../src/config'
import {
filterChangesBySeverity,
@@ -14,6 +14,8 @@ import {getDeniedLicenseChanges} from './licenses'
import * as summary from './summary'
import {getRefs} from './git-refs'
import {groupDependenciesByManifest} from './utils'
async function run(): Promise<void> {
try {
const config = readConfig()
@@ -26,27 +28,15 @@ async function run(): Promise<void> {
headRef: refs.head
})
const minSeverity = config.fail_on_severity
let failed = false
const licenses = {
allow: config.allow_licenses,
deny: config.deny_licenses
}
const scopes = config.fail_on_scopes
const scopedChanges = filterChangesByScopes(scopes as Scope[], changes)
const allowedGhsas: string[] = config.allow_ghsas || []
const minSeverity = config.fail_on_severity as Severity
const scopedChanges = filterChangesByScopes(config.fail_on_scopes, changes)
const filteredChanges = filterOutAllowedAdvisories(
allowedGhsas,
config.allow_ghsas,
scopedChanges
)
const addedChanges = filterChangesBySeverity(
minSeverity as Severity,
minSeverity,
filteredChanges
).filter(
change =>
@@ -57,36 +47,20 @@ async function run(): Promise<void> {
const [licenseErrors, unknownLicenses] = getDeniedLicenseChanges(
filteredChanges,
licenses
{
allow: config.allow_licenses,
deny: config.deny_licenses
}
)
summary.addSummaryToSummary(addedChanges, licenseErrors, unknownLicenses)
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change)
}
failed = true
}
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity || '')
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors)
core.setFailed('Dependency review detected incompatible licenses.')
}
printNullLicenses(unknownLicenses)
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity)
summary.addLicensesToSummary(licenseErrors, unknownLicenses, config)
summary.addScannedDependencies(changes)
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.')
} else {
core.info(
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
)
}
printVulnerabilitiesBlock(addedChanges, minSeverity)
printLicensesBlock(licenseErrors, unknownLicenses)
printScannedDependencies(changes)
} catch (error) {
if (error instanceof RequestError && error.status === 404) {
core.setFailed(
@@ -108,6 +82,29 @@ async function run(): Promise<void> {
}
}
function printVulnerabilitiesBlock(
addedChanges: Change[],
minSeverity: Severity
): void {
let failed = false
core.group('Vulnerabilities', async () => {
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change)
}
failed = true
}
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.')
} else {
core.info(
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
)
}
})
}
function printChangeVulnerabilities(change: Change): void {
for (const vuln of change.vulnerabilities) {
core.info(
@@ -121,18 +118,17 @@ function printChangeVulnerabilities(change: Change): void {
}
}
function renderSeverity(
severity: 'critical' | 'high' | 'moderate' | 'low'
): string {
const color = (
{
critical: 'red',
high: 'red',
moderate: 'yellow',
low: 'grey'
} as const
)[severity]
return `${styles.color[color].open}(${severity} severity)${styles.color[color].close}`
function printLicensesBlock(
licenseErrors: Change[],
unknownLicenses: Change[]
): void {
core.group('Licenses', async () => {
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors)
core.setFailed('Dependency review detected incompatible licenses.')
}
printNullLicenses(unknownLicenses)
})
}
function printLicensesError(changes: Change[]): void {
@@ -161,4 +157,56 @@ function printNullLicenses(changes: Change[]): void {
}
}
function renderSeverity(
severity: 'critical' | 'high' | 'moderate' | 'low'
): string {
const color = (
{
critical: 'red',
high: 'red',
moderate: 'yellow',
low: 'grey'
} as const
)[severity]
return `${styles.color[color].open}(${severity} severity)${styles.color[color].close}`
}
function renderScannedDependency(change: Change): string {
const changeType: string = change.change_type
if (changeType !== 'added' && changeType !== 'removed') {
throw new Error(`Unexpected change type: ${changeType}`)
}
const color = (
{
added: 'green',
removed: 'red'
} as const
)[changeType]
const icon = (
{
added: '+',
removed: '-'
} as const
)[changeType]
return `${styles.color[color].open}${icon} ${change.manifest}@${change.version}${styles.color[color].close}`
}
function printScannedDependencies(changes: Changes): void {
core.group('Dependency Changes', async () => {
const dependencies = groupDependenciesByManifest(changes)
for (const manifestName of dependencies.keys()) {
const manifestChanges = dependencies.get(manifestName) || []
core.info(`File: ${styles.bold.open}${manifestName}${styles.bold.close}`)
for (const change of manifestChanges) {
core.info(`${renderScannedDependency(change)}`)
}
}
})
}
run()
+19 -11
View File
@@ -1,6 +1,7 @@
import * as core from '@actions/core'
import {ConfigurationOptions, Change, Changes} from './schemas'
import {SummaryTableRow} from '@actions/core/lib/summary'
import {groupDependenciesByManifest, getManifestsSet, renderUrl} from './utils'
export function addSummaryToSummary(
addedPackages: Changes,
@@ -20,7 +21,7 @@ export function addChangeVulnerabilitiesToSummary(
): void {
const rows: SummaryTableRow[] = []
const manifests = getManifests(addedPackages)
const manifests = getManifestsSet(addedPackages)
core.summary
.addHeading('Vulnerabilities')
@@ -99,7 +100,7 @@ export function addLicensesToSummary(
if (licenseErrors.length > 0) {
const rows: SummaryTableRow[] = []
const manifests = getManifests(licenseErrors)
const manifests = getManifestsSet(licenseErrors)
core.summary.addHeading('Incompatible Licenses', 3).addSeparator()
@@ -125,7 +126,7 @@ export function addLicensesToSummary(
if (unknownLicenses.length > 0) {
const rows: SummaryTableRow[] = []
const manifests = getManifests(unknownLicenses)
const manifests = getManifestsSet(unknownLicenses)
core.debug(
`found ${manifests.entries.length} manifests for unknown licenses`
@@ -150,14 +151,21 @@ export function addLicensesToSummary(
}
}
function getManifests(changes: Changes): Set<string> {
return new Set(changes.flatMap(c => c.manifest))
}
export function addScannedDependencies(changes: Changes): void {
const dependencies = groupDependenciesByManifest(changes)
const manifests = dependencies.keys()
function renderUrl(url: string | null, text: string): string {
if (url) {
return `<a href="${url}">${text}</a>`
} else {
return text
const summary = core.summary
.addHeading('Scanned Dependencies')
.addRaw(`We scanned ${dependencies.size} manifest files:`)
for (const manifest of manifests) {
const deps = dependencies.get(manifest)
if (deps) {
const dependencyNames = deps.map(
dependency => `<li>${dependency.name}@${dependency.version}</li>`
)
summary.addRaw(`<h3>${manifest}</h3><ul>${dependencyNames.join('')}</ul>`)
}
}
}
+30
View File
@@ -0,0 +1,30 @@
import {Changes} from './schemas'
export function groupDependenciesByManifest(
changes: Changes
): Map<string, Changes> {
const dependencies: Map<string, Changes> = new Map()
for (const change of changes) {
const manifestName = change.manifest
if (dependencies.get(manifestName) === undefined) {
dependencies.set(manifestName, [])
}
dependencies.get(manifestName)?.push(change)
}
return dependencies
}
export function getManifestsSet(changes: Changes): Set<string> {
return new Set(changes.flatMap(c => c.manifest))
}
export function renderUrl(url: string | null, text: string): string {
if (url) {
return `<a href="${url}">${text}</a>`
} else {
return text
}
}