dependabot/fetch-metadata
2
0
Fork 0
mirror of https://github.com/dependabot/fetch-metadata.git synced 2026-03-12 18:07:12 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #647 from dependabot/dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.24.0

Browse Source 
Bump @modelcontextprotocol/sdk from 1.11.2 to 1.24.0
This commit is contained in:
fetch-metadata-action-automation[bot]
2025-12-22 12:39:08 -08:00
committed by GitHub
parent 3837dcc013 fa144c97df
commit 252291c490
6 changed files with 423 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dist/index.js generated vendored
View File

@@ -10497,9 +10497,7 @@ const util = __importStar(__nccwpck_require__(9180));
async function run() {
const token = core.getInput('github-token');
if (!token) {
/* eslint-disable no-template-curly-in-string */
core.setFailed('github-token is not set! Please add \'github-token: "${{ secrets.GITHUB_TOKEN }}"\' to your workflow file.');
/* eslint-enable no-template-curly-in-string */
return;
}
try {

325
package-lock.json generated
View File

@@ -943,6 +943,19 @@
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
}
},
"node_modules/@hono/node-server": {
"version": "1.19.7",
"resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.7.tgz",
"integrity": "sha512-vUcD0uauS7EU2caukW8z5lJKtoGMokxNbJtBiwHgpqxEXokaHCBkQUmCHhjFB1VUTWdqj25QoMkMKzgjq+uhrw==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=18.14.1"
},
"peerDependencies": {
"hono": "^4"
}
},
"node_modules/@humanfs/core": {
"version": "0.19.1",
"resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz",
@@ -1411,25 +1424,88 @@
}
},
"node_modules/@modelcontextprotocol/sdk": {
"version": "1.11.2",
"resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.11.2.tgz",
"integrity": "sha512-H9vwztj5OAqHg9GockCQC06k1natgcxWQSRpQcPJf6i5+MWBzfKkRtxGbjQf0X2ihii0ffLZCRGbYV2f2bjNCQ==",
"version": "1.25.1",
"resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.25.1.tgz",
"integrity": "sha512-yO28oVFFC7EBoiKdAn+VqRm+plcfv4v0xp6osG/VsCB0NlPZWi87ajbCZZ8f/RvOFLEu7//rSRmuZZ7lMoe3gQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"@hono/node-server": "^1.19.7",
"ajv": "^8.17.1",
"ajv-formats": "^3.0.1",
"content-type": "^1.0.5",
"cors": "^2.8.5",
"cross-spawn": "^7.0.3",
"cross-spawn": "^7.0.5",
"eventsource": "^3.0.2",
"eventsource-parser": "^3.0.0",
"express": "^5.0.1",
"express-rate-limit": "^7.5.0",
"jose": "^6.1.1",
"json-schema-typed": "^8.0.2",
"pkce-challenge": "^5.0.0",
"raw-body": "^3.0.0",
"zod": "^3.23.8",
"zod-to-json-schema": "^3.24.1"
"zod": "^3.25 || ^4.0",
"zod-to-json-schema": "^3.25.0"
},
"engines": {
"node": ">=18"
},
"peerDependencies": {
"@cfworker/json-schema": "^4.1.1",
"zod": "^3.25 || ^4.0"
},
"peerDependenciesMeta": {
"@cfworker/json-schema": {
"optional": true
},
"zod": {
"optional": false
}
}
},
"node_modules/@modelcontextprotocol/sdk/node_modules/ajv": {
"version": "8.17.1",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
"integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
"dev": true,
"license": "MIT",
"dependencies": {
"fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1",
"json-schema-traverse": "^1.0.0",
"require-from-string": "^2.0.2"
},
"funding": {
"type": "github",
"url": "https://github.com/sponsors/epoberezkin"
}
},
"node_modules/@modelcontextprotocol/sdk/node_modules/json-schema-traverse": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
"integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
"dev": true,
"license": "MIT"
},
"node_modules/@modelcontextprotocol/sdk/node_modules/zod": {
"version": "4.2.1",
"resolved": "https://registry.npmjs.org/zod/-/zod-4.2.1.tgz",
"integrity": "sha512-0wZ1IRqGGhMP76gLqz8EyfBXKk0J2qo2+H3fi4mcUP/KtTocoX08nmIAHl1Z2kJIZbZee8KOpBCSNPRgauucjw==",
"dev": true,
"license": "MIT",
"peer": true,
"funding": {
"url": "https://github.com/sponsors/colinhacks"
}
},
"node_modules/@modelcontextprotocol/sdk/node_modules/zod-to-json-schema": {
"version": "3.25.0",
"resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.0.tgz",
"integrity": "sha512-HvWtU2UG41LALjajJrML6uQejQhNJx+JBO9IflpSja4R03iNWfKXrj6W2h7ljuLyc1nKS+9yDyL/9tD1U/yBnQ==",
"dev": true,
"license": "ISC",
"peerDependencies": {
"zod": "^3.25 || ^4"
}
},
"node_modules/@mswjs/interceptors": {
@@ -2131,6 +2207,48 @@
"url": "https://github.com/sponsors/epoberezkin"
}
},
"node_modules/ajv-formats": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz",
"integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"ajv": "^8.0.0"
},
"peerDependencies": {
"ajv": "^8.0.0"
},
"peerDependenciesMeta": {
"ajv": {
"optional": true
}
}
},
"node_modules/ajv-formats/node_modules/ajv": {
"version": "8.17.1",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
"integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
"dev": true,
"license": "MIT",
"dependencies": {
"fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1",
"json-schema-traverse": "^1.0.0",
"require-from-string": "^2.0.2"
},
"funding": {
"type": "github",
"url": "https://github.com/sponsors/epoberezkin"
}
},
"node_modules/ajv-formats/node_modules/json-schema-traverse": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
"integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
"dev": true,
"license": "MIT"
},
"node_modules/ansi-escapes": {
"version": "4.3.2",
"resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz",
@@ -3918,6 +4036,23 @@
"integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=",
"dev": true
},
"node_modules/fast-uri": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz",
"integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==",
"dev": true,
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/fastify"
},
{
"type": "opencollective",
"url": "https://opencollective.com/fastify"
}
],
"license": "BSD-3-Clause"
},
"node_modules/fastq": {
"version": "1.13.0",
"resolved": "https://registry.npmjs.org/fastq/-/fastq-1.13.0.tgz",
@@ -4400,6 +4535,17 @@
"node": ">= 0.4"
}
},
"node_modules/hono": {
"version": "4.11.1",
"resolved": "https://registry.npmjs.org/hono/-/hono-4.11.1.tgz",
"integrity": "sha512-KsFcH0xxHes0J4zaQgWbYwmz3UPOOskdqZmItstUG93+Wk1ePBLkLGwbP9zlmh1BFUiL8Qp+Xfu9P7feJWpGNg==",
"dev": true,
"license": "MIT",
"peer": true,
"engines": {
"node": ">=16.9.0"
}
},
"node_modules/html-escaper": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz",
@@ -5620,6 +5766,16 @@
"url": "https://github.com/chalk/supports-color?sponsor=1"
}
},
"node_modules/jose": {
"version": "6.1.3",
"resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz",
"integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==",
"dev": true,
"license": "MIT",
"funding": {
"url": "https://github.com/sponsors/panva"
}
},
"node_modules/js-tokens": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
@@ -5670,6 +5826,13 @@
"integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
"dev": true
},
"node_modules/json-schema-typed": {
"version": "8.0.2",
"resolved": "https://registry.npmjs.org/json-schema-typed/-/json-schema-typed-8.0.2.tgz",
"integrity": "sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==",
"dev": true,
"license": "BSD-2-Clause"
},
"node_modules/json-stable-stringify-without-jsonify": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz",
@@ -6621,6 +6784,16 @@
"node": ">=0.10.0"
}
},
"node_modules/require-from-string": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz",
"integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/resolve": {
"version": "1.22.8",
"resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz",
@@ -7936,20 +8109,9 @@
"integrity": "sha512-OdqJE9UDRPwWsrHjLN2F8bPxvwJBK22EHLWtanu0LSYr5YqzsaaW3RMgmjwr8Rypg5k+meEJdSPXJZXE/yqOMg==",
"dev": true,
"license": "MIT",
"peer": true,
"funding": {
"url": "https://github.com/sponsors/colinhacks"
}
},
"node_modules/zod-to-json-schema": {
"version": "3.24.5",
"resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.24.5.tgz",
"integrity": "sha512-/AuWwMP+YqiPbsJx5D6TfgRTc4kTLjsh5SOcd4bLsfUg2RcEXrFMJl1DGgdHy2aCfsIA/cr/1JM0xcB2GZji8g==",
"dev": true,
"license": "ISC",
"peerDependencies": {
"zod": "^3.24.1"
}
}
},
"dependencies": {
@@ -8636,6 +8798,13 @@
"levn": "^0.4.1"
}
},
"@hono/node-server": {
"version": "1.19.7",
"resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.7.tgz",
"integrity": "sha512-vUcD0uauS7EU2caukW8z5lJKtoGMokxNbJtBiwHgpqxEXokaHCBkQUmCHhjFB1VUTWdqj25QoMkMKzgjq+uhrw==",
"dev": true,
"requires": {}
},
"@humanfs/core": {
"version": "0.19.1",
"resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz",
@@ -9008,21 +9177,61 @@
}
},
"@modelcontextprotocol/sdk": {
"version": "1.11.2",
"resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.11.2.tgz",
"integrity": "sha512-H9vwztj5OAqHg9GockCQC06k1natgcxWQSRpQcPJf6i5+MWBzfKkRtxGbjQf0X2ihii0ffLZCRGbYV2f2bjNCQ==",
"version": "1.25.1",
"resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.25.1.tgz",
"integrity": "sha512-yO28oVFFC7EBoiKdAn+VqRm+plcfv4v0xp6osG/VsCB0NlPZWi87ajbCZZ8f/RvOFLEu7//rSRmuZZ7lMoe3gQ==",
"dev": true,
"requires": {
"@hono/node-server": "^1.19.7",
"ajv": "^8.17.1",
"ajv-formats": "^3.0.1",
"content-type": "^1.0.5",
"cors": "^2.8.5",
"cross-spawn": "^7.0.3",
"cross-spawn": "^7.0.5",
"eventsource": "^3.0.2",
"eventsource-parser": "^3.0.0",
"express": "^5.0.1",
"express-rate-limit": "^7.5.0",
"jose": "^6.1.1",
"json-schema-typed": "^8.0.2",
"pkce-challenge": "^5.0.0",
"raw-body": "^3.0.0",
"zod": "^3.23.8",
"zod-to-json-schema": "^3.24.1"
"zod": "^3.25 || ^4.0",
"zod-to-json-schema": "^3.25.0"
},
"dependencies": {
"ajv": {
"version": "8.17.1",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
"integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1",
"json-schema-traverse": "^1.0.0",
"require-from-string": "^2.0.2"
}
},
"json-schema-traverse": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
"integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
"dev": true
},
"zod": {
"version": "4.2.1",
"resolved": "https://registry.npmjs.org/zod/-/zod-4.2.1.tgz",
"integrity": "sha512-0wZ1IRqGGhMP76gLqz8EyfBXKk0J2qo2+H3fi4mcUP/KtTocoX08nmIAHl1Z2kJIZbZee8KOpBCSNPRgauucjw==",
"dev": true,
"peer": true
},
"zod-to-json-schema": {
"version": "3.25.0",
"resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.0.tgz",
"integrity": "sha512-HvWtU2UG41LALjajJrML6uQejQhNJx+JBO9IflpSja4R03iNWfKXrj6W2h7ljuLyc1nKS+9yDyL/9tD1U/yBnQ==",
"dev": true,
"requires": {}
}
}
},
"@mswjs/interceptors": {
@@ -9584,6 +9793,35 @@
"uri-js": "^4.2.2"
}
},
"ajv-formats": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz",
"integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==",
"dev": true,
"requires": {
"ajv": "^8.0.0"
},
"dependencies": {
"ajv": {
"version": "8.17.1",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
"integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1",
"json-schema-traverse": "^1.0.0",
"require-from-string": "^2.0.2"
}
},
"json-schema-traverse": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
"integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
"dev": true
}
}
},
"ansi-escapes": {
"version": "4.3.2",
"resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz",
@@ -10851,6 +11089,12 @@
"integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=",
"dev": true
},
"fast-uri": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz",
"integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==",
"dev": true
},
"fastq": {
"version": "1.13.0",
"resolved": "https://registry.npmjs.org/fastq/-/fastq-1.13.0.tgz",
@@ -11190,6 +11434,13 @@
"function-bind": "^1.1.2"
}
},
"hono": {
"version": "4.11.1",
"resolved": "https://registry.npmjs.org/hono/-/hono-4.11.1.tgz",
"integrity": "sha512-KsFcH0xxHes0J4zaQgWbYwmz3UPOOskdqZmItstUG93+Wk1ePBLkLGwbP9zlmh1BFUiL8Qp+Xfu9P7feJWpGNg==",
"dev": true,
"peer": true
},
"html-escaper": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz",
@@ -12059,6 +12310,12 @@
}
}
},
"jose": {
"version": "6.1.3",
"resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz",
"integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==",
"dev": true
},
"js-tokens": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
@@ -12099,6 +12356,12 @@
"integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
"dev": true
},
"json-schema-typed": {
"version": "8.0.2",
"resolved": "https://registry.npmjs.org/json-schema-typed/-/json-schema-typed-8.0.2.tgz",
"integrity": "sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==",
"dev": true
},
"json-stable-stringify-without-jsonify": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz",
@@ -12764,6 +13027,12 @@
"integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=",
"dev": true
},
"require-from-string": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz",
"integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==",
"dev": true
},
"resolve": {
"version": "1.22.8",
"resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz",
@@ -13658,15 +13927,7 @@
"version": "3.24.4",
"resolved": "https://registry.npmjs.org/zod/-/zod-3.24.4.tgz",
"integrity": "sha512-OdqJE9UDRPwWsrHjLN2F8bPxvwJBK22EHLWtanu0LSYr5YqzsaaW3RMgmjwr8Rypg5k+meEJdSPXJZXE/yqOMg==",
"dev": true,
"peer": true
},
"zod-to-json-schema": {
"version": "3.24.5",
"resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.24.5.tgz",
"integrity": "sha512-/AuWwMP+YqiPbsJx5D6TfgRTc4kTLjsh5SOcd4bLsfUg2RcEXrFMJl1DGgdHy2aCfsIA/cr/1JM0xcB2GZji8g==",
"dev": true,
"requires": {}
"dev": true
}
}
}

96
src/dependabot/output.test.ts
View File

@@ -54,18 +54,18 @@ test('when given a single dependency it sets its values', async () => {
expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies)
expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toBeCalledWith('directory', 'wwwroot')
expect(core.setOutput).toBeCalledWith('package-ecosystem', 'nuget')
expect(core.setOutput).toBeCalledWith('target-branch', 'main')
expect(core.setOutput).toBeCalledWith('previous-version', '1.0.2')
expect(core.setOutput).toBeCalledWith('new-version', '1.1.3-beta')
expect(core.setOutput).toBeCalledWith('compatibility-score', 43)
expect(core.setOutput).toBeCalledWith('alert-state', 'FIXED')
expect(core.setOutput).toBeCalledWith('ghsa-id', 'VERY_LONG_ID')
expect(core.setOutput).toBeCalledWith('cvss', 4.6)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toHaveBeenCalledWith('directory', 'wwwroot')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'nuget')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '1.0.2')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '1.1.3-beta')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 43)
expect(core.setOutput).toHaveBeenCalledWith('alert-state', 'FIXED')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', 'VERY_LONG_ID')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 4.6)
})
test('when given a multiple dependencies, it uses the highest values for types', async () => {
@@ -100,18 +100,18 @@ test('when given a multiple dependencies, it uses the highest values for types',
expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies)
expect(core.setOutput).toBeCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:development')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-major')
expect(core.setOutput).toBeCalledWith('directory', '')
expect(core.setOutput).toBeCalledWith('package-ecosystem', '')
expect(core.setOutput).toBeCalledWith('target-branch', '')
expect(core.setOutput).toBeCalledWith('previous-version', '')
expect(core.setOutput).toBeCalledWith('new-version', '')
expect(core.setOutput).toBeCalledWith('compatibility-score', 0)
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:development')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-major')
expect(core.setOutput).toHaveBeenCalledWith('directory', '')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', '')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', '')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0)
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})
test('when the dependency has no update type', async () => {
@@ -131,18 +131,18 @@ test('when the dependency has no update type', async () => {
expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies)
expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toBeCalledWith('update-type', null)
expect(core.setOutput).toBeCalledWith('directory', '')
expect(core.setOutput).toBeCalledWith('package-ecosystem', '')
expect(core.setOutput).toBeCalledWith('target-branch', '')
expect(core.setOutput).toBeCalledWith('previous-version', '')
expect(core.setOutput).toBeCalledWith('new-version', '')
expect(core.setOutput).toBeCalledWith('compatibility-score', 0)
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toHaveBeenCalledWith('update-type', null)
expect(core.setOutput).toHaveBeenCalledWith('directory', '')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', '')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', '')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0)
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})
test('when given a multiple dependencies, and some do not have update types', async () => {
@@ -175,16 +175,16 @@ test('when given a multiple dependencies, and some do not have update types', as
expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies)
expect(core.setOutput).toBeCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:development')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toBeCalledWith('directory', '')
expect(core.setOutput).toBeCalledWith('package-ecosystem', '')
expect(core.setOutput).toBeCalledWith('target-branch', '')
expect(core.setOutput).toBeCalledWith('previous-version', '')
expect(core.setOutput).toBeCalledWith('new-version', '')
expect(core.setOutput).toBeCalledWith('compatibility-score', 0)
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:development')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toHaveBeenCalledWith('directory', '')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', '')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', '')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0)
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})

2
src/dry-run.ts
View File

@@ -1,4 +1,4 @@
/* eslint-disable no-console, @typescript-eslint/no-var-requires, no-unused-expressions */
import * as github from '@actions/github'
import { Context } from '@actions/github/lib/context'
import * as dotenv from 'dotenv'

145
src/main.test.ts
View File

@@ -11,6 +11,19 @@ beforeEach(() => {
jest.spyOn(core, 'setFailed').mockImplementation(jest.fn())
jest.spyOn(core, 'startGroup').mockImplementation(jest.fn())
jest.spyOn(core, 'getBooleanInput').mockReturnValue(false)
jest.spyOn(util, 'getBody').mockReturnValue(`
Bumps [fake/package](https://github.com/) from 0.0.0 to 0.0.1.
<details>
<summary>Release notes</summary>
<blockquote>
<h2>0.0.1</h2>
<h2>Summary</h2>
<p>This is a fake description for a fake update</p>
<h2>What's Changed</h2>
* Nothing
</blockquote>
</details>
`)
})
test('it early exits with an error if github-token is not set', async () => {
@@ -22,10 +35,10 @@ test('it early exits with an error if github-token is not set', async () => {
expect(core.setFailed).toHaveBeenCalledWith(
expect.stringContaining('github-token is not set!')
)
/* eslint-disable no-unused-expressions */
expect(dependabotCommits.getMessage).not.toHaveBeenCalled
expect(dependabotCommits.getAlert).not.toHaveBeenCalled
/* eslint-enable no-unused-expressions */
})
test('it does nothing if the PR is not verified as from Dependabot', async () => {
@@ -40,9 +53,9 @@ test('it does nothing if the PR is not verified as from Dependabot', async () =>
expect(core.setFailed).toHaveBeenCalledWith(
expect.stringContaining('PR is not from Dependabot, nothing to do.')
)
/* eslint-disable no-unused-expressions */
expect(dependabotCommits.getAlert).not.toHaveBeenCalled
/* eslint-enable no-unused-expressions */
})
test('it does nothing if there is no metadata in the commit', async () => {
@@ -57,9 +70,9 @@ test('it does nothing if there is no metadata in the commit', async () => {
expect(core.setFailed).toHaveBeenCalledWith(
expect.stringContaining('PR does not contain metadata, nothing to do.')
)
/* eslint-disable no-unused-expressions */
expect(dependabotCommits.getAlert).not.toHaveBeenCalled
/* eslint-enable no-unused-expressions */
})
test('it sets the updated dependency as an output for subsequent actions when given a commit message for application', async () => {
@@ -120,20 +133,20 @@ test('it sets the updated dependency as an output for subsequent actions when gi
]
)
expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toBeCalledWith('directory', '/')
expect(core.setOutput).toBeCalledWith('package-ecosystem', 'nuget')
expect(core.setOutput).toBeCalledWith('target-branch', 'main')
expect(core.setOutput).toBeCalledWith('previous-version', '4.0.1')
expect(core.setOutput).toBeCalledWith('new-version', '4.2.2')
expect(core.setOutput).toBeCalledWith('compatibility-score', 0)
expect(core.setOutput).toBeCalledWith('maintainer-changes', false)
expect(core.setOutput).toBeCalledWith('dependency-group', '')
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toHaveBeenCalledWith('directory', '/')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'nuget')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '4.0.1')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '4.2.2')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0)
expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false)
expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '')
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})
test('it sets the updated dependency as an output for subsequent actions when there is a leading v in the commit message version', async () => {
@@ -193,20 +206,20 @@ test('it sets the updated dependency as an output for subsequent actions when th
]
)
expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toBeCalledWith('directory', '/')
expect(core.setOutput).toBeCalledWith('package-ecosystem', 'nuget')
expect(core.setOutput).toBeCalledWith('target-branch', 'main')
expect(core.setOutput).toBeCalledWith('previous-version', 'v4.0.1')
expect(core.setOutput).toBeCalledWith('new-version', 'v4.2.2')
expect(core.setOutput).toBeCalledWith('compatibility-score', 0)
expect(core.setOutput).toBeCalledWith('maintainer-changes', false)
expect(core.setOutput).toBeCalledWith('dependency-group', '')
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toHaveBeenCalledWith('directory', '/')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'nuget')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', 'v4.0.1')
expect(core.setOutput).toHaveBeenCalledWith('new-version', 'v4.2.2')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0)
expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false)
expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '')
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})
test('it supports returning information about grouped updates', async () => {
@@ -377,20 +390,20 @@ test('it sets the updated dependency as an output for subsequent actions when gi
]
)
expect(core.setOutput).toBeCalledWith('dependency-names', 'rubocop')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:development')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toBeCalledWith('directory', '/')
expect(core.setOutput).toBeCalledWith('package-ecosystem', 'bundler')
expect(core.setOutput).toBeCalledWith('target-branch', 'main')
expect(core.setOutput).toBeCalledWith('previous-version', '1.30.1')
expect(core.setOutput).toBeCalledWith('new-version', '1.31.0')
expect(core.setOutput).toBeCalledWith('compatibility-score', 0)
expect(core.setOutput).toBeCalledWith('maintainer-changes', false)
expect(core.setOutput).toBeCalledWith('dependency-group', '')
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'rubocop')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:development')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor')
expect(core.setOutput).toHaveBeenCalledWith('directory', '/')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'bundler')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '1.30.1')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '1.31.0')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0)
expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false)
expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '')
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})
test('if there are multiple dependencies, it summarizes them', async () => {
@@ -471,20 +484,20 @@ test('if there are multiple dependencies, it summarizes them', async () => {
]
)
expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails, coffeescript')
expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-major')
expect(core.setOutput).toBeCalledWith('directory', '/api/main')
expect(core.setOutput).toBeCalledWith('package-ecosystem', 'npm_and_yarn')
expect(core.setOutput).toBeCalledWith('target-branch', 'trunk')
expect(core.setOutput).toBeCalledWith('previous-version', '4.0.1')
expect(core.setOutput).toBeCalledWith('new-version', '4.2.2')
expect(core.setOutput).toBeCalledWith('compatibility-score', 34)
expect(core.setOutput).toBeCalledWith('maintainer-changes', false)
expect(core.setOutput).toBeCalledWith('dependency-group', '')
expect(core.setOutput).toBeCalledWith('alert-state', '')
expect(core.setOutput).toBeCalledWith('ghsa-id', '')
expect(core.setOutput).toBeCalledWith('cvss', 0)
expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails, coffeescript')
expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production')
expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-major')
expect(core.setOutput).toHaveBeenCalledWith('directory', '/api/main')
expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'npm_and_yarn')
expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'trunk')
expect(core.setOutput).toHaveBeenCalledWith('previous-version', '4.0.1')
expect(core.setOutput).toHaveBeenCalledWith('new-version', '4.2.2')
expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 34)
expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false)
expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '')
expect(core.setOutput).toHaveBeenCalledWith('alert-state', '')
expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '')
expect(core.setOutput).toHaveBeenCalledWith('cvss', 0)
})
test('it sets the action to failed if there is an unexpected exception', async () => {
@@ -499,9 +512,9 @@ test('it sets the action to failed if there is an unexpected exception', async (
expect(core.setFailed).toHaveBeenCalledWith(
expect.stringContaining('Something bad happened!')
)
/* eslint-disable no-unused-expressions */
expect(dependabotCommits.getAlert).not.toHaveBeenCalled
/* eslint-enable no-unused-expressions */
})
test('it sets the action to failed if there is a request error', async () => {
@@ -525,7 +538,7 @@ test('it sets the action to failed if there is a request error', async () => {
expect(core.setFailed).toHaveBeenCalledWith(
expect.stringContaining('(500) Something bad happened!')
)
/* eslint-disable no-unused-expressions */
expect(dependabotCommits.getAlert).not.toHaveBeenCalled
/* eslint-enable no-unused-expressions */
})

4
src/main.ts
View File

@@ -10,11 +10,11 @@ export async function run (): Promise<void> {
const token = core.getInput('github-token')
if (!token) {
/* eslint-disable no-template-curly-in-string */
core.setFailed(
'github-token is not set! Please add \'github-token: "${{ secrets.GITHUB_TOKEN }}"\' to your workflow file.'
)
/* eslint-enable no-template-curly-in-string */
return
}