Merge pull request #98 from step-security/shubham-patch-1

chore: fast forward upstream changes v4.1.1->v5.0.0
step-security · Jul 31, 2024 · c7424e5 · c7424e5
2 parents 0b52437 + d3f3921
commit c7424e5
Show file tree

Hide file tree

Showing 16 changed files with 41,881 additions and 40,497 deletions.
diff --git a/.github/workflows/actions_release.yml b/.github/workflows/actions_release.yml
@@ -4,7 +4,7 @@ on:
   workflow_dispatch:
     inputs:
       tag:
-        description: "Tag for the release"
+        description: 'Tag for the release'
         required: true
 
 permissions:
@@ -18,4 +18,4 @@ jobs:
       contents: write
     uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
     with:
-      tag: "${{ github.event.inputs.tag }}"
+      tag: '${{ github.event.inputs.tag }}'
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -15,10 +15,10 @@ jobs:
           egress-policy: audit
 
       - uses: actions/checkout@v4
-      - name: Use Node.js 16
+      - name: Use Node.js 20
         uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 20
       - name: Install dependencies
         run: npm ci
         env:

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -9,16 +9,16 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: 'CodeQL'
 
 on:
   push:
-    branches: ["main"]
+    branches: ['main']
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: ["main"]
+    branches: ['main']
   schedule:
-    - cron: "0 0 * * 1"
+    - cron: '0 0 * * 1'
 
 permissions:
   contents: read
@@ -35,7 +35,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: ["javascript", "typescript"]
+        language: ['javascript', 'typescript']
         # CodeQL supports [ $supported-codeql-languages ]
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 
@@ -75,4 +75,4 @@ jobs:
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
         with:
-          category: "/language:${{matrix.language}}"
+          category: '/language:${{matrix.language}}'
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -12,7 +12,7 @@ on:
   schedule:
     - cron: '20 7 * * 2'
   push:
-    branches: ["main"]
+    branches: ['main']
 
 # Declare default permissions as read only.
 permissions: read-all
@@ -35,12 +35,12 @@ jobs:
         with:
           egress-policy: audit
 
-      - name: "Checkout code"
+      - name: 'Checkout code'
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           persist-credentials: false
 
-      - name: "Run analysis"
+      - name: 'Run analysis'
         uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
@@ -62,15 +62,15 @@ jobs:
 
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
-      - name: "Upload artifact"
+      - name: 'Upload artifact'
         uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
-      - name: "Upload to code-scanning"
+      - name: 'Upload to code-scanning'
         uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
         with:
           sarif_file: results.sarif
diff --git a/.gitignore b/.gitignore
@@ -84,4 +84,7 @@ typings/
 # DynamoDB Local files
 .dynamodb/
 
+# Vscode
+.vscode/
+
 # End of https://www.gitignore.io/api/node
diff --git a/.node-version b/.node-version
@@ -0,0 +1 @@
+20
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,10 +1,10 @@
 repos:
-- repo: https://github.com/gitleaks/gitleaks
-  rev: v8.16.3
-  hooks:
-  - id: gitleaks
-- repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.4.0
-  hooks:
-  - id: end-of-file-fixer
-  - id: trailing-whitespace
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.16.3
+    hooks:
+      - id: gitleaks
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
diff --git a/.prettierrc b/.prettierrc
@@ -1,4 +1,5 @@
 {
   "printWidth": 120,
-  "singleQuote": true
+  "singleQuote": true,
+  "endOfLine": "lf"
 }
diff --git a/README.md b/README.md
@@ -25,7 +25,7 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/pr-labeler-action@v4
+      - uses: step-security/pr-labeler-action@v5
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           configuration-path: .github/pr-labeler.yml # optional, .github/pr-labeler.yml is the default value

diff --git a/__tests__/utils/config.test.ts b/__tests__/utils/config.test.ts
@@ -19,7 +19,7 @@ describe('getConfig', () => {
       'path/to/config',
       { owner: 'repo-owner', repo: 'repo-name' },
       'ref',
-      defaultConfig
+      defaultConfig,
     );
 
     expect(config).toBe(defaultConfig);

diff --git a/action.yml b/action.yml
@@ -12,4 +12,4 @@ branding:
   color: 'white'
 runs:
   using: 'node20'
-  main: './dist/index.js'
+  main: 'dist/index.js'