Skip to content

Commit

Permalink
Merge branch 'main' into npm-provenance
Browse files Browse the repository at this point in the history
  • Loading branch information
bingenito authored Oct 31, 2023
2 parents 931b118 + 805616d commit efd64d3
Show file tree
Hide file tree
Showing 7 changed files with 57 additions and 38 deletions.
2 changes: 2 additions & 0 deletions .eslintrc.json
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@
],
"rules": {
"@typescript-eslint/no-inferrable-types": ["error", { "ignoreProperties": true, "ignoreParameters": true}],
"@typescript-eslint/no-unused-vars" : "off",
"@typescript-eslint/no-explicit-any" : "off",
"no-console": "error"
},
"overrides": [
Expand Down
11 changes: 9 additions & 2 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,14 @@

version: 2
updates:
- package-ecosystem: "npm" # See documentation for possible values
directory: "/" # Location of package manifests
# Maintain dependencies for npm
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "monthly"

# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "monthly"
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,18 +24,18 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -49,4 +49,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v2
4 changes: 2 additions & 2 deletions .github/workflows/continuous-integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
NODE_VERSION: '20'

steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v2
with:
Expand All @@ -29,7 +29,7 @@ jobs:
- run: npm run docs

- name: Codecov
uses: codecov/codecov-action@v3.0.0
uses: codecov/codecov-action@v3.1.4
with:
directory: ./build/coverage
flags: unittests
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v2
Expand Down
56 changes: 33 additions & 23 deletions .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,16 @@
name: Scorecards supply-chain security
# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.

name: Scorecard supply-chain security
on:
# Only the default branch is supported.
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
branch_protection_rule:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: '22 23 * * 1'
- cron: '20 13 * * 3'
push:
branches: [ "main" ]

Expand All @@ -12,51 +19,54 @@ permissions: read-all

jobs:
analysis:
name: Scorecards analysis
name: Scorecard analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Used to receive a badge. (Upcoming feature)
# Needed to publish results and get a badge (see publish_results below).
id-token: write
# Needs for private repositories.
contents: read
actions: read
# Uncomment the permissions below if installing in a private repository.
# contents: read
# actions: read

steps:
- name: "Checkout code"
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0
uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@v2.0.6
uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
with:
results_file: results.sarif
results_format: sarif
# (Optional) Read-only PAT token. Uncomment the `repo_token` line below if:
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecards on a *private* repository
# - you are installing Scorecard on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
repo_token: ${{ secrets.SCORECARD_TOKEN }}

# Publish the results for public repositories to enable scorecard badges. For more details, see
# https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories, `publish_results` will automatically be set to `false`, regardless
# of the value entered here.
publish_results: true
# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
# - Allows the repository to include the Scorecard badge.
# - See https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories:
# - `publish_results` will always be set to `false`, regardless
# of the value entered here.
publish_results: false

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26
uses: github/codeql-action/upload-sarif@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39
with:
sarif_file: results.sarif
sarif_file: results.sarif
12 changes: 6 additions & 6 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,13 @@
"version": "npx lerna version --no-push --no-git-tag-version"
},
"devDependencies": {
"@rollup/plugin-commonjs": "^24.0.0",
"@rollup/plugin-commonjs": "^25.0.0",
"@rollup/plugin-replace": "^5.0.2",
"@rollup/plugin-typescript": "^11.0.0",
"@types/jasmine": "^4.0.2",
"@types/node": "^18.11.18",
"@typescript-eslint/eslint-plugin": "^5.30.5",
"@typescript-eslint/parser": "^5.30.5",
"@typescript-eslint/eslint-plugin": "^6.2.1",
"@typescript-eslint/parser": "^6.2.1",
"copyfiles": "^2.4.1",
"dts-bundle": "^0.7.3",
"eslint": "^8.12.0",
Expand All @@ -38,15 +38,15 @@
"gulp-typescript": "^5.0.1",
"gulp-uglify": "^3.0.2",
"husky": "^8.0.1",
"jasmine": "^4.2.1",
"lint-staged": "^13.0.3",
"jasmine": "^5.0.0",
"lint-staged": "^14.0.1",
"merge2": "^1.4.1",
"remap-istanbul": "^0.13.0",
"rollup": "^3.9.0",
"rollup-plugin-sourcemaps": "^0.6.2",
"run-sequence": "^2.2.1",
"tslib": "^2.2.0",
"typedoc": "^0.23.10",
"typedoc": "^0.25.0",
"typescript": "^5.0.3"
},
"overrides": {
Expand Down

0 comments on commit efd64d3

Please sign in to comment.