diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index da36a79..bbd7c29 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -17,8 +17,6 @@ jobs: cache: 'npm' registry-url: 'https://registry.npmjs.org' - run: npm ci - - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies - run: npm audit signatures - name: Release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/package-lock.json b/package-lock.json index 376cb87..e89e385 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,7 +18,7 @@ "@semantic-release/commit-analyzer": "^11.1.0", "@semantic-release/git": "^10.0.1", "@semantic-release/github": "^9.2.6", - "@semantic-release/npm": "11.0.2", + "@semantic-release/npm": "11.0.3", "@semantic-release/release-notes-generator": "^12.1.0", "@types/chai": "^4.3.12", "@types/mocha": "^10.0.6", @@ -2001,9 +2001,9 @@ } }, "node_modules/@semantic-release/npm": { - "version": "11.0.2", - "resolved": "https://registry.npmjs.org/@semantic-release/npm/-/npm-11.0.2.tgz", - "integrity": "sha512-owtf3RjyPvRE63iUKZ5/xO4uqjRpVQDUB9+nnXj0xwfIeM9pRl+cG+zGDzdftR4m3f2s4Wyf3SexW+kF5DFtWA==", + "version": "11.0.3", + "resolved": "https://registry.npmjs.org/@semantic-release/npm/-/npm-11.0.3.tgz", + "integrity": "sha512-KUsozQGhRBAnoVg4UMZj9ep436VEGwT536/jwSqB7vcEfA6oncCUU7UIYTRdLx7GvTtqn0kBjnkfLVkcnBa2YQ==", "dev": true, "dependencies": { "@semantic-release/error": "^4.0.0", @@ -2013,7 +2013,7 @@ "lodash-es": "^4.17.21", "nerf-dart": "^1.0.0", "normalize-url": "^8.0.0", - "npm": "^10.0.0", + "npm": "^10.5.0", "rc": "^1.2.8", "read-pkg": "^9.0.0", "registry-auth-token": "^5.0.0", @@ -7109,9 +7109,9 @@ } }, "node_modules/npm": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/npm/-/npm-10.3.0.tgz", - "integrity": "sha512-9u5GFc1UqI2DLlGI7QdjkpIaBs3UhTtY8KoCqYJK24gV/j/tByaI4BA4R7RkOc+ASqZMzFPKt4Pj2Z8JcGo//A==", + "version": "10.5.0", + "resolved": "https://registry.npmjs.org/npm/-/npm-10.5.0.tgz", + "integrity": "sha512-Ejxwvfh9YnWVU2yA5FzoYLTW52vxHCz+MHrOFg9Cc8IFgF/6f5AGPAvb5WTay5DIUP1NIfN3VBZ0cLlGO0Ys+A==", "bundleDependencies": [ "@isaacs/string-locale-compare", "@npmcli/arborist", @@ -7175,7 +7175,6 @@ "semver", "spdx-expression-parse", "ssri", - "strip-ansi", "supports-color", "tar", "text-table", @@ -7194,8 +7193,8 @@ "@npmcli/map-workspaces": "^3.0.4", "@npmcli/package-json": "^5.0.0", "@npmcli/promise-spawn": "^7.0.1", - "@npmcli/run-script": "^7.0.3", - "@sigstore/tuf": "^2.2.0", + "@npmcli/run-script": "^7.0.4", + "@sigstore/tuf": "^2.3.1", "abbrev": "^2.0.0", "archy": "~1.0.0", "cacache": "^18.0.2", @@ -7241,15 +7240,14 @@ "npm-user-validate": "^2.0.0", "npmlog": "^7.0.1", "p-map": "^4.0.0", - "pacote": "^17.0.5", + "pacote": "^17.0.6", "parse-conflict-json": "^3.0.1", "proc-log": "^3.0.0", "qrcode-terminal": "^0.12.0", "read": "^2.1.0", - "semver": "^7.5.4", + "semver": "^7.6.0", "spdx-expression-parse": "^3.0.1", "ssri": "^10.0.5", - "strip-ansi": "^7.1.0", "supports-color": "^9.4.0", "tar": "^6.2.0", "text-table": "~0.2.0", @@ -7321,6 +7319,18 @@ "node": ">=12" } }, + "node_modules/npm/node_modules/@isaacs/cliui/node_modules/ansi-regex": { + "version": "6.0.1", + "dev": true, + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/ansi-regex?sponsor=1" + } + }, "node_modules/npm/node_modules/@isaacs/cliui/node_modules/emoji-regex": { "version": "9.2.2", "dev": true, @@ -7344,6 +7354,21 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/npm/node_modules/@isaacs/cliui/node_modules/strip-ansi": { + "version": "7.1.0", + "dev": true, + "inBundle": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^6.0.1" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/strip-ansi?sponsor=1" + } + }, "node_modules/npm/node_modules/@isaacs/string-locale-compare": { "version": "1.1.0", "dev": true, @@ -7351,7 +7376,7 @@ "license": "ISC" }, "node_modules/npm/node_modules/@npmcli/agent": { - "version": "2.2.0", + "version": "2.2.1", "dev": true, "inBundle": true, "license": "ISC", @@ -7367,7 +7392,7 @@ } }, "node_modules/npm/node_modules/@npmcli/arborist": { - "version": "7.3.0", + "version": "7.4.0", "dev": true, "inBundle": true, "license": "ISC", @@ -7380,7 +7405,7 @@ "@npmcli/name-from-folder": "^2.0.0", "@npmcli/node-gyp": "^3.0.0", "@npmcli/package-json": "^5.0.0", - "@npmcli/query": "^3.0.1", + "@npmcli/query": "^3.1.0", "@npmcli/run-script": "^7.0.2", "bin-links": "^4.0.1", "cacache": "^18.0.0", @@ -7399,7 +7424,7 @@ "parse-conflict-json": "^3.0.0", "proc-log": "^3.0.0", "promise-all-reject-late": "^1.0.0", - "promise-call-limit": "^1.0.2", + "promise-call-limit": "^3.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.7", "ssri": "^10.0.5", @@ -7414,7 +7439,7 @@ } }, "node_modules/npm/node_modules/@npmcli/config": { - "version": "8.1.0", + "version": "8.2.0", "dev": true, "inBundle": true, "license": "ISC", @@ -7585,7 +7610,7 @@ } }, "node_modules/npm/node_modules/@npmcli/query": { - "version": "3.0.1", + "version": "3.1.0", "dev": true, "inBundle": true, "license": "ISC", @@ -7597,15 +7622,15 @@ } }, "node_modules/npm/node_modules/@npmcli/run-script": { - "version": "7.0.3", + "version": "7.0.4", "dev": true, "inBundle": true, "license": "ISC", "dependencies": { "@npmcli/node-gyp": "^3.0.0", + "@npmcli/package-json": "^5.0.0", "@npmcli/promise-spawn": "^7.0.0", "node-gyp": "^10.0.0", - "read-package-json-fast": "^3.0.0", "which": "^4.0.0" }, "engines": { @@ -7623,19 +7648,28 @@ } }, "node_modules/npm/node_modules/@sigstore/bundle": { - "version": "2.1.0", + "version": "2.2.0", "dev": true, "inBundle": true, "license": "Apache-2.0", "dependencies": { - "@sigstore/protobuf-specs": "^0.2.1" + "@sigstore/protobuf-specs": "^0.3.0" }, "engines": { "node": "^16.14.0 || >=18.0.0" } }, + "node_modules/npm/node_modules/@sigstore/core": { + "version": "1.0.0", + "dev": true, + "inBundle": true, + "license": "Apache-2.0", + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, "node_modules/npm/node_modules/@sigstore/protobuf-specs": { - "version": "0.2.1", + "version": "0.3.0", "dev": true, "inBundle": true, "license": "Apache-2.0", @@ -7644,13 +7678,14 @@ } }, "node_modules/npm/node_modules/@sigstore/sign": { - "version": "2.2.0", + "version": "2.2.3", "dev": true, "inBundle": true, "license": "Apache-2.0", "dependencies": { - "@sigstore/bundle": "^2.1.0", - "@sigstore/protobuf-specs": "^0.2.1", + "@sigstore/bundle": "^2.2.0", + "@sigstore/core": "^1.0.0", + "@sigstore/protobuf-specs": "^0.3.0", "make-fetch-happen": "^13.0.0" }, "engines": { @@ -7658,13 +7693,27 @@ } }, "node_modules/npm/node_modules/@sigstore/tuf": { - "version": "2.2.0", + "version": "2.3.1", "dev": true, "inBundle": true, "license": "Apache-2.0", "dependencies": { - "@sigstore/protobuf-specs": "^0.2.1", - "tuf-js": "^2.1.0" + "@sigstore/protobuf-specs": "^0.3.0", + "tuf-js": "^2.2.0" + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, + "node_modules/npm/node_modules/@sigstore/verify": { + "version": "1.1.0", + "dev": true, + "inBundle": true, + "license": "Apache-2.0", + "dependencies": { + "@sigstore/bundle": "^2.2.0", + "@sigstore/core": "^1.0.0", + "@sigstore/protobuf-specs": "^0.3.0" }, "engines": { "node": "^16.14.0 || >=18.0.0" @@ -7727,15 +7776,12 @@ } }, "node_modules/npm/node_modules/ansi-regex": { - "version": "6.0.1", + "version": "5.0.1", "dev": true, "inBundle": true, "license": "MIT", "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" + "node": ">=8" } }, "node_modules/npm/node_modules/ansi-styles": { @@ -7912,27 +7958,6 @@ "node": ">= 10" } }, - "node_modules/npm/node_modules/cli-columns/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/npm/node_modules/cli-columns/node_modules/strip-ansi": { - "version": "6.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/npm/node_modules/cli-table3": { "version": "0.6.3", "dev": true, @@ -8006,27 +8031,6 @@ "node": ">=8.0.0" } }, - "node_modules/npm/node_modules/columnify/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/npm/node_modules/columnify/node_modules/strip-ansi": { - "version": "6.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/npm/node_modules/common-ancestor-path": { "version": "1.0.1", "dev": true, @@ -8116,7 +8120,7 @@ } }, "node_modules/npm/node_modules/diff": { - "version": "5.1.0", + "version": "5.2.0", "dev": true, "inBundle": true, "license": "BSD-3-Clause", @@ -8232,27 +8236,6 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, - "node_modules/npm/node_modules/gauge/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/npm/node_modules/gauge/node_modules/strip-ansi": { - "version": "6.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/npm/node_modules/glob": { "version": "10.3.10", "dev": true, @@ -8288,7 +8271,7 @@ "license": "ISC" }, "node_modules/npm/node_modules/hasown": { - "version": "2.0.0", + "version": "2.0.1", "dev": true, "inBundle": true, "license": "MIT", @@ -8318,7 +8301,7 @@ "license": "BSD-2-Clause" }, "node_modules/npm/node_modules/http-proxy-agent": { - "version": "7.0.0", + "version": "7.0.2", "dev": true, "inBundle": true, "license": "MIT", @@ -8331,7 +8314,7 @@ } }, "node_modules/npm/node_modules/https-proxy-agent": { - "version": "7.0.2", + "version": "7.0.4", "dev": true, "inBundle": true, "license": "MIT", @@ -8413,11 +8396,24 @@ "node": "^16.14.0 || >=18.0.0" } }, - "node_modules/npm/node_modules/ip": { - "version": "2.0.0", + "node_modules/npm/node_modules/ip-address": { + "version": "9.0.5", "dev": true, "inBundle": true, - "license": "MIT" + "license": "MIT", + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } + }, + "node_modules/npm/node_modules/ip-address/node_modules/sprintf-js": { + "version": "1.1.3", + "dev": true, + "inBundle": true, + "license": "BSD-3-Clause" }, "node_modules/npm/node_modules/ip-regex": { "version": "5.0.0", @@ -8494,6 +8490,12 @@ "@pkgjs/parseargs": "^0.11.0" } }, + "node_modules/npm/node_modules/jsbn": { + "version": "1.1.0", + "dev": true, + "inBundle": true, + "license": "MIT" + }, "node_modules/npm/node_modules/json-parse-even-better-errors": { "version": "3.0.1", "dev": true, @@ -8547,7 +8549,7 @@ } }, "node_modules/npm/node_modules/libnpmdiff": { - "version": "6.0.5", + "version": "6.0.7", "dev": true, "inBundle": true, "license": "ISC", @@ -8567,7 +8569,7 @@ } }, "node_modules/npm/node_modules/libnpmexec": { - "version": "7.0.6", + "version": "7.0.8", "dev": true, "inBundle": true, "license": "ISC", @@ -8589,7 +8591,7 @@ } }, "node_modules/npm/node_modules/libnpmfund": { - "version": "5.0.3", + "version": "5.0.5", "dev": true, "inBundle": true, "license": "ISC", @@ -8627,7 +8629,7 @@ } }, "node_modules/npm/node_modules/libnpmpack": { - "version": "6.0.5", + "version": "6.0.7", "dev": true, "inBundle": true, "license": "ISC", @@ -8642,7 +8644,7 @@ } }, "node_modules/npm/node_modules/libnpmpublish": { - "version": "9.0.3", + "version": "9.0.4", "dev": true, "inBundle": true, "license": "ISC", @@ -8653,7 +8655,7 @@ "npm-registry-fetch": "^16.0.0", "proc-log": "^3.0.0", "semver": "^7.3.7", - "sigstore": "^2.1.0", + "sigstore": "^2.2.0", "ssri": "^10.0.5" }, "engines": { @@ -8702,7 +8704,7 @@ } }, "node_modules/npm/node_modules/lru-cache": { - "version": "10.1.0", + "version": "10.2.0", "dev": true, "inBundle": true, "license": "ISC", @@ -9149,7 +9151,7 @@ } }, "node_modules/npm/node_modules/pacote": { - "version": "17.0.5", + "version": "17.0.6", "dev": true, "inBundle": true, "license": "ISC", @@ -9169,7 +9171,7 @@ "promise-retry": "^2.0.1", "read-package-json": "^7.0.0", "read-package-json-fast": "^3.0.0", - "sigstore": "^2.0.0", + "sigstore": "^2.2.0", "ssri": "^10.0.0", "tar": "^6.1.11" }, @@ -9251,7 +9253,7 @@ } }, "node_modules/npm/node_modules/promise-call-limit": { - "version": "1.0.2", + "version": "3.0.1", "dev": true, "inBundle": true, "license": "ISC", @@ -9364,7 +9366,7 @@ "optional": true }, "node_modules/npm/node_modules/semver": { - "version": "7.5.4", + "version": "7.6.0", "dev": true, "inBundle": true, "license": "ISC", @@ -9430,15 +9432,17 @@ } }, "node_modules/npm/node_modules/sigstore": { - "version": "2.1.0", + "version": "2.2.2", "dev": true, "inBundle": true, "license": "Apache-2.0", "dependencies": { - "@sigstore/bundle": "^2.1.0", - "@sigstore/protobuf-specs": "^0.2.1", - "@sigstore/sign": "^2.1.0", - "@sigstore/tuf": "^2.1.0" + "@sigstore/bundle": "^2.2.0", + "@sigstore/core": "^1.0.0", + "@sigstore/protobuf-specs": "^0.3.0", + "@sigstore/sign": "^2.2.3", + "@sigstore/tuf": "^2.3.1", + "@sigstore/verify": "^1.1.0" }, "engines": { "node": "^16.14.0 || >=18.0.0" @@ -9455,16 +9459,16 @@ } }, "node_modules/npm/node_modules/socks": { - "version": "2.7.1", + "version": "2.8.0", "dev": true, "inBundle": true, "license": "MIT", "dependencies": { - "ip": "^2.0.0", + "ip-address": "^9.0.5", "smart-buffer": "^4.2.0" }, "engines": { - "node": ">= 10.13.0", + "node": ">= 16.0.0", "npm": ">= 3.0.0" } }, @@ -9493,7 +9497,7 @@ } }, "node_modules/npm/node_modules/spdx-exceptions": { - "version": "2.3.0", + "version": "2.5.0", "dev": true, "inBundle": true, "license": "CC-BY-3.0" @@ -9509,7 +9513,7 @@ } }, "node_modules/npm/node_modules/spdx-license-ids": { - "version": "3.0.16", + "version": "3.0.17", "dev": true, "inBundle": true, "license": "CC0-1.0" @@ -9555,37 +9559,7 @@ "node": ">=8" } }, - "node_modules/npm/node_modules/string-width-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/npm/node_modules/string-width-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/npm/node_modules/string-width/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/npm/node_modules/string-width/node_modules/strip-ansi": { + "node_modules/npm/node_modules/strip-ansi": { "version": "6.0.1", "dev": true, "inBundle": true, @@ -9597,21 +9571,6 @@ "node": ">=8" } }, - "node_modules/npm/node_modules/strip-ansi": { - "version": "7.1.0", - "dev": true, - "inBundle": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, "node_modules/npm/node_modules/strip-ansi-cjs": { "name": "strip-ansi", "version": "6.0.1", @@ -9625,15 +9584,6 @@ "node": ">=8" } }, - "node_modules/npm/node_modules/strip-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/npm/node_modules/supports-color": { "version": "9.4.0", "dev": true, @@ -9718,7 +9668,7 @@ } }, "node_modules/npm/node_modules/tuf-js": { - "version": "2.1.0", + "version": "2.2.0", "dev": true, "inBundle": true, "license": "MIT", @@ -9866,15 +9816,6 @@ "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, - "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "dev": true, - "inBundle": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/ansi-styles": { "version": "4.3.0", "dev": true, @@ -9890,16 +9831,16 @@ "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { + "node_modules/npm/node_modules/wrap-ansi/node_modules/ansi-regex": { "version": "6.0.1", "dev": true, "inBundle": true, "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/ansi-regex?sponsor=1" } }, "node_modules/npm/node_modules/wrap-ansi/node_modules/emoji-regex": { @@ -9925,6 +9866,21 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/npm/node_modules/wrap-ansi/node_modules/strip-ansi": { + "version": "7.1.0", + "dev": true, + "inBundle": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^6.0.1" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/strip-ansi?sponsor=1" + } + }, "node_modules/npm/node_modules/write-file-atomic": { "version": "5.0.1", "dev": true, diff --git a/package.json b/package.json index 49cb0cf..569aa82 100644 --- a/package.json +++ b/package.json @@ -133,7 +133,7 @@ "@semantic-release/commit-analyzer": "^11.1.0", "@semantic-release/git": "^10.0.1", "@semantic-release/github": "^9.2.6", - "@semantic-release/npm": "11.0.2", + "@semantic-release/npm": "11.0.3", "@semantic-release/release-notes-generator": "^12.1.0", "@types/chai": "^4.3.12", "@types/mocha": "^10.0.6",