Compare commits

...

7 Commits

Author SHA1 Message Date
Aiqiao Yan 6991442d16 add logging 2024-10-15 19:26:36 +00:00
Aiqiao Yan aa1d992d0e add logging 2024-10-15 19:15:01 +00:00
Aiqiao Yan 250d70de9c Update unit-tests.yml 2024-10-15 15:08:40 -04:00
Aiqiao Yan 4c113affef Update unit-tests.yml 2024-10-15 15:02:06 -04:00
Aiqiao Yan 19806ac731 Revert "bump @sigstore/sign from 2.3.2 to 3.0.0"
This reverts commit c6c5ef6b8e.
2024-10-15 18:47:19 +00:00
Aiqiao Yan eb8c672aad Revert "bump @actions/core from 1.10.1 to 1.11.1"
This reverts commit ac1332a8e2.
2024-10-15 18:47:10 +00:00
Aiqiao Yan c0f30ebbce Revert "prep release of @actions/attest v1.5.0"
This reverts commit 26c752f562.
2024-10-15 18:47:00 +00:00
6 changed files with 691 additions and 759 deletions
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
- name: Set Node.js 20.x
uses: actions/setup-node@v4
with:
node-version: 20.x
node-version: 20.18.x
- name: npm install
run: npm install
-7
View File
@@ -1,15 +1,8 @@
# @actions/attest Releases
### 1.5.0
- Bump @actions/core from 1.10.1 to 1.11.1 [#1847](https://github.com/actions/toolkit/pull/1847)
- Bump @sigstore/bundle from 2.3.2 to 3.0.0 [#1846](https://github.com/actions/toolkit/pull/1846)
- Bump @sigstore/sign from 2.3.2 to 3.0.0 [#1846](https://github.com/actions/toolkit/pull/1846)
### 1.4.2
- Fix bug in `buildSLSAProvenancePredicate`/`attestProvenance` when generating provenance statement for enterprise account using customized OIDC issuer value [#1823](https://github.com/actions/toolkit/pull/1823)
### 1.4.1
- Bump @actions/http-client from 2.2.1 to 2.2.3 [#1805](https://github.com/actions/toolkit/pull/1805)
+676 -744
View File
File diff suppressed because it is too large Load Diff
+6 -6
View File
@@ -1,6 +1,6 @@
{
"name": "@actions/attest",
"version": "1.5.0",
"version": "1.4.2",
"description": "Actions attestation lib",
"keywords": [
"github",
@@ -35,19 +35,19 @@
"url": "https://github.com/actions/toolkit/issues"
},
"devDependencies": {
"@sigstore/mock": "^0.8.0",
"@sigstore/rekor-types": "^3.0.0",
"@sigstore/mock": "^0.7.4",
"@sigstore/rekor-types": "^2.0.0",
"@types/jsonwebtoken": "^9.0.6",
"nock": "^13.5.1",
"undici": "^5.28.4"
},
"dependencies": {
"@actions/core": "^1.11.1",
"@actions/core": "^1.10.1",
"@actions/github": "^6.0.0",
"@actions/http-client": "^2.2.3",
"@octokit/plugin-retry": "^6.0.1",
"@sigstore/bundle": "^3.0.0",
"@sigstore/sign": "^3.0.0",
"@sigstore/bundle": "^2.3.2",
"@sigstore/sign": "^2.3.2",
"jose": "^5.2.3"
},
"overrides": {
+2 -1
View File
@@ -86,6 +86,7 @@ const initBundleBuilder = (opts: SignOptions): BundleBuilder => {
witnesses.push(
new RekorWitness({
rekorBaseURL: opts.rekorURL,
entryType: 'dsse',
fetchOnConflict: true,
timeout,
retry
@@ -105,5 +106,5 @@ const initBundleBuilder = (opts: SignOptions): BundleBuilder => {
// Build the bundle with the singleCertificate option which will
// trigger the creation of v0.3 DSSE bundles
return new DSSEBundleBuilder({signer, witnesses})
return new DSSEBundleBuilder({signer, witnesses, singleCertificate: true})
}
+6
View File
@@ -393,6 +393,12 @@ describe('@actions/exec', () => {
const args = ['-c', `node '${scriptPath}' 'file=${semaphorePath}' &`]
exitCode = await exec.exec(`"${toolName}"`, args, _testExecOptions)
/* eslint-disable-next-line no-console */
console.log(toolName)
/* eslint-disable-next-line no-console */
console.log(exitCode)
/* eslint-disable-next-line no-console */
console.log(debugList)
}
expect(exitCode).toBe(0)