diff --git a/.eslintrc.json b/.eslintrc.json index 51337adc..e5e193f2 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -9,6 +9,8 @@ ], "rules": { "@typescript-eslint/no-inferrable-types": ["error", { "ignoreProperties": true, "ignoreParameters": true}], + "@typescript-eslint/no-unused-vars" : "off", + "@typescript-eslint/no-explicit-any" : "off", "no-console": "error" }, "overrides": [ diff --git a/.github/dependabot.yml b/.github/dependabot.yml index fe250ebd..b9c973f8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,7 +5,14 @@ version: 2 updates: - - package-ecosystem: "npm" # See documentation for possible values - directory: "/" # Location of package manifests + # Maintain dependencies for npm + - package-ecosystem: "npm" + directory: "/" schedule: interval: "monthly" + + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 7d6d81ed..b912f8d3 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -24,18 +24,18 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@v2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -49,4 +49,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 869bb88a..74a22a03 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -17,7 +17,7 @@ jobs: NODE_VERSION: '20' steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v2 with: @@ -29,7 +29,7 @@ jobs: - run: npm run docs - name: Codecov - uses: codecov/codecov-action@v3.0.0 + uses: codecov/codecov-action@v3.1.4 with: directory: ./build/coverage flags: unittests diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 595b43c5..85273b5c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v2 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 619902fe..37ac70da 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -1,9 +1,16 @@ -name: Scorecards supply-chain security +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecard supply-chain security on: - # Only the default branch is supported. + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained schedule: - - cron: '22 23 * * 1' + - cron: '20 13 * * 3' push: branches: [ "main" ] @@ -12,51 +19,54 @@ permissions: read-all jobs: analysis: - name: Scorecards analysis + name: Scorecard analysis runs-on: ubuntu-latest permissions: # Needed to upload the results to code-scanning dashboard. security-events: write - # Used to receive a badge. (Upcoming feature) + # Needed to publish results and get a badge (see publish_results below). id-token: write - # Needs for private repositories. - contents: read - actions: read - + # Uncomment the permissions below if installing in a private repository. + # contents: read + # actions: read + steps: - name: "Checkout code" - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@v2.0.6 + uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 with: results_file: results.sarif results_format: sarif - # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if: + # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: # - you want to enable the Branch-Protection check on a *public* repository, or - # - you are installing Scorecards on a *private* repository + # - you are installing Scorecard on a *private* repository # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. - repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} + repo_token: ${{ secrets.SCORECARD_TOKEN }} - # Publish the results for public repositories to enable scorecard badges. For more details, see - # https://github.com/ossf/scorecard-action#publishing-results. - # For private repositories, `publish_results` will automatically be set to `false`, regardless - # of the value entered here. - publish_results: true + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: false # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file path: results.sarif retention-days: 5 - + # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26 + uses: github/codeql-action/upload-sarif@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 with: - sarif_file: results.sarif + sarif_file: results.sarif \ No newline at end of file diff --git a/package.json b/package.json index 1ff889c4..14339662 100644 --- a/package.json +++ b/package.json @@ -16,13 +16,13 @@ "version": "npx lerna version --no-push --no-git-tag-version" }, "devDependencies": { - "@rollup/plugin-commonjs": "^24.0.0", + "@rollup/plugin-commonjs": "^25.0.0", "@rollup/plugin-replace": "^5.0.2", "@rollup/plugin-typescript": "^11.0.0", "@types/jasmine": "^4.0.2", "@types/node": "^18.11.18", - "@typescript-eslint/eslint-plugin": "^5.30.5", - "@typescript-eslint/parser": "^5.30.5", + "@typescript-eslint/eslint-plugin": "^6.2.1", + "@typescript-eslint/parser": "^6.2.1", "copyfiles": "^2.4.1", "dts-bundle": "^0.7.3", "eslint": "^8.12.0", @@ -38,15 +38,15 @@ "gulp-typescript": "^5.0.1", "gulp-uglify": "^3.0.2", "husky": "^8.0.1", - "jasmine": "^4.2.1", - "lint-staged": "^13.0.3", + "jasmine": "^5.0.0", + "lint-staged": "^14.0.1", "merge2": "^1.4.1", "remap-istanbul": "^0.13.0", "rollup": "^3.9.0", "rollup-plugin-sourcemaps": "^0.6.2", "run-sequence": "^2.2.1", "tslib": "^2.2.0", - "typedoc": "^0.23.10", + "typedoc": "^0.25.0", "typescript": "^5.0.3" }, "overrides": {