diff --git a/.github/workflows/check-uncommitted.yml b/.github/workflows/check-uncommitted.yml index 5fca679..568c95d 100644 --- a/.github/workflows/check-uncommitted.yml +++ b/.github/workflows/check-uncommitted.yml @@ -13,9 +13,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version-file: .nvmrc cache: 'npm' @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Compare the expected vs actual files run: test -z "$(git status --porcelain)" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ee1eba6..300b6da 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,9 +13,9 @@ jobs: name: CI runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version-file: .nvmrc cache: 'npm' diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml index 46714a7..735a461 100644 --- a/.github/workflows/dependabot-auto-merge.yml +++ b/.github/workflows/dependabot-auto-merge.yml @@ -9,12 +9,12 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }} private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Auto-merge run: gh pr merge --auto --merge '${{ github.event.pull_request.html_url }}' diff --git a/.github/workflows/dependabot-build.yml b/.github/workflows/dependabot-build.yml index 0f2043c..ef91aa0 100644 --- a/.github/workflows/dependabot-build.yml +++ b/.github/workflows/dependabot-build.yml @@ -16,7 +16,7 @@ jobs: dependency-type: ${{ steps.dependabot-metadata.outputs.dependency-type }} package-ecosystem: ${{ steps.dependabot-metadata.outputs.package-ecosystem }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Fetch dependabot metadata id: dependabot-metadata @@ -31,17 +31,17 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }} private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: # Check out using an app token so any pushed changes will trigger checkruns token: ${{ steps.generate_token.outputs.token }} - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version-file: .nvmrc cache: 'npm' diff --git a/.github/workflows/release-bump-version.yml b/.github/workflows/release-bump-version.yml index 291554e..2593668 100644 --- a/.github/workflows/release-bump-version.yml +++ b/.github/workflows/release-bump-version.yml @@ -22,18 +22,18 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }} private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: # Ensure we start from main in case the workflow is run from a branch ref: "main" token: ${{ steps.generate_token.outputs.token }} - - uses: actions/setup-node@v4 # bin/bump-version needs npm + - uses: actions/setup-node@v6 # bin/bump-version needs npm with: node-version-file: .nvmrc cache: 'npm' diff --git a/.github/workflows/release-move-tracking-tag.yml b/.github/workflows/release-move-tracking-tag.yml index e815057..d23c2de 100644 --- a/.github/workflows/release-move-tracking-tag.yml +++ b/.github/workflows/release-move-tracking-tag.yml @@ -38,12 +38,12 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }} private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: token: ${{ steps.generate_token.outputs.token }} diff --git a/.github/workflows/release-publish-package.yml b/.github/workflows/release-publish-package.yml index 0fa3663..a623c5b 100644 --- a/.github/workflows/release-publish-package.yml +++ b/.github/workflows/release-publish-package.yml @@ -14,7 +14,7 @@ jobs: packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Publish id: publish diff --git a/dist/index.js b/dist/index.js index f8dba29..ae1cc24 100644 --- a/dist/index.js +++ b/dist/index.js @@ -10527,9 +10527,7 @@ const util = __importStar(__nccwpck_require__(9180)); async function run() { const token = core.getInput('github-token'); if (!token) { - /* eslint-disable no-template-curly-in-string */ core.setFailed('github-token is not set! Please add \'github-token: "${{ secrets.GITHUB_TOKEN }}"\' to your workflow file.'); - /* eslint-enable no-template-curly-in-string */ return; } try { diff --git a/package-lock.json b/package-lock.json index 9088d9b..4e0e56d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "dependabot-pull-request-action", - "version": "2.4.0", + "version": "2.5.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "dependabot-pull-request-action", - "version": "2.4.0", + "version": "2.5.0", "license": "MIT", "dependencies": { "@actions/core": "^1.10.0", @@ -190,6 +190,7 @@ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.9.tgz", "integrity": "sha512-G2EgeufBcYw27U4hhoIwFcgc1XU7TlXJ3mv04oOv1WCuo900U/anZSPzEqNjwdjgffkk2Gs0AN0dW1CKVLcG7w==", "dev": true, + "peer": true, "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.22.5", @@ -896,10 +897,11 @@ } }, "node_modules/@eslint/eslintrc/node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", + "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", "dev": true, + "license": "MIT", "dependencies": { "argparse": "^2.0.1" }, @@ -941,6 +943,19 @@ "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, + "node_modules/@hono/node-server": { + "version": "1.19.7", + "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.7.tgz", + "integrity": "sha512-vUcD0uauS7EU2caukW8z5lJKtoGMokxNbJtBiwHgpqxEXokaHCBkQUmCHhjFB1VUTWdqj25QoMkMKzgjq+uhrw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=18.14.1" + }, + "peerDependencies": { + "hono": "^4" + } + }, "node_modules/@humanfs/core": { "version": "0.19.1", "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz", @@ -1409,25 +1424,88 @@ } }, "node_modules/@modelcontextprotocol/sdk": { - "version": "1.11.2", - "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.11.2.tgz", - "integrity": "sha512-H9vwztj5OAqHg9GockCQC06k1natgcxWQSRpQcPJf6i5+MWBzfKkRtxGbjQf0X2ihii0ffLZCRGbYV2f2bjNCQ==", + "version": "1.25.1", + "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.25.1.tgz", + "integrity": "sha512-yO28oVFFC7EBoiKdAn+VqRm+plcfv4v0xp6osG/VsCB0NlPZWi87ajbCZZ8f/RvOFLEu7//rSRmuZZ7lMoe3gQ==", "dev": true, "license": "MIT", "dependencies": { + "@hono/node-server": "^1.19.7", + "ajv": "^8.17.1", + "ajv-formats": "^3.0.1", "content-type": "^1.0.5", "cors": "^2.8.5", - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "eventsource": "^3.0.2", + "eventsource-parser": "^3.0.0", "express": "^5.0.1", "express-rate-limit": "^7.5.0", + "jose": "^6.1.1", + "json-schema-typed": "^8.0.2", "pkce-challenge": "^5.0.0", "raw-body": "^3.0.0", - "zod": "^3.23.8", - "zod-to-json-schema": "^3.24.1" + "zod": "^3.25 || ^4.0", + "zod-to-json-schema": "^3.25.0" }, "engines": { "node": ">=18" + }, + "peerDependencies": { + "@cfworker/json-schema": "^4.1.1", + "zod": "^3.25 || ^4.0" + }, + "peerDependenciesMeta": { + "@cfworker/json-schema": { + "optional": true + }, + "zod": { + "optional": false + } + } + }, + "node_modules/@modelcontextprotocol/sdk/node_modules/ajv": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", + "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "dev": true, + "license": "MIT", + "dependencies": { + "fast-deep-equal": "^3.1.3", + "fast-uri": "^3.0.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/@modelcontextprotocol/sdk/node_modules/json-schema-traverse": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", + "dev": true, + "license": "MIT" + }, + "node_modules/@modelcontextprotocol/sdk/node_modules/zod": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/zod/-/zod-4.2.1.tgz", + "integrity": "sha512-0wZ1IRqGGhMP76gLqz8EyfBXKk0J2qo2+H3fi4mcUP/KtTocoX08nmIAHl1Z2kJIZbZee8KOpBCSNPRgauucjw==", + "dev": true, + "license": "MIT", + "peer": true, + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } + }, + "node_modules/@modelcontextprotocol/sdk/node_modules/zod-to-json-schema": { + "version": "3.25.0", + "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.0.tgz", + "integrity": "sha512-HvWtU2UG41LALjajJrML6uQejQhNJx+JBO9IflpSja4R03iNWfKXrj6W2h7ljuLyc1nKS+9yDyL/9tD1U/yBnQ==", + "dev": true, + "license": "ISC", + "peerDependencies": { + "zod": "^3.25 || ^4" } }, "node_modules/@mswjs/interceptors": { @@ -1495,6 +1573,7 @@ "version": "3.6.0", "resolved": "https://registry.npmjs.org/@octokit/core/-/core-3.6.0.tgz", "integrity": "sha512-7RKRKuA4xTjMhY+eG3jthb3hlZCsOwg3rztWh75Xc+ShDWOfDDATWbeZpAHBNRpm4Tv9WgBMOy1zEJYXG6NJ7Q==", + "peer": true, "dependencies": { "@octokit/auth-token": "^2.4.4", "@octokit/graphql": "^4.5.8", @@ -1809,6 +1888,7 @@ "integrity": "sha512-v1DKRfUdyW+jJhZNEI1PYy29S2YRxMV5AOO/x/SjKmW0acCIOqmbj6Haf9eHAhsPmrhlHSxEhv/1WszcLWV4cg==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "undici-types": "~6.21.0" } @@ -1881,6 +1961,7 @@ "integrity": "sha512-LKMrmwCPoLhM45Z00O1ulb6jwyVr2kr3XJp+G+tSEZcbauNnScewcQwtJqXDhXeYPDEjZ8C1SjXm015CirEmGg==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@typescript-eslint/scope-manager": "8.32.1", "@typescript-eslint/types": "8.32.1", @@ -2093,6 +2174,7 @@ "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.1.tgz", "integrity": "sha512-OvQ/2pUDKmgfCg++xsTX1wGxfTaszcHVcTctW4UJB4hibJx2HXxxO5UmVgyjMa+ZDsiaf5wWLXYpRWMmBI0QHg==", "dev": true, + "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -2125,6 +2207,48 @@ "url": "https://github.com/sponsors/epoberezkin" } }, + "node_modules/ajv-formats": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz", + "integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "ajv": "^8.0.0" + }, + "peerDependencies": { + "ajv": "^8.0.0" + }, + "peerDependenciesMeta": { + "ajv": { + "optional": true + } + } + }, + "node_modules/ajv-formats/node_modules/ajv": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", + "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "dev": true, + "license": "MIT", + "dependencies": { + "fast-deep-equal": "^3.1.3", + "fast-uri": "^3.0.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/ajv-formats/node_modules/json-schema-traverse": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", + "dev": true, + "license": "MIT" + }, "node_modules/ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", @@ -2452,24 +2576,28 @@ "integrity": "sha512-3pZEU3NT5BFUo/AD5ERPWOgQOCZITni6iavr5AUw5AUwQjMlI0kzu5btnyD39AF0gUEsDPwJT+oY1ORBJijPjQ==" }, "node_modules/body-parser": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.0.tgz", - "integrity": "sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.1.tgz", + "integrity": "sha512-nfDwkulwiZYQIGwxdy0RUmowMhKcFVcYXUU7m4QlKYim1rUtg83xm2yjZ40QjDuc291AJjjeSc9b++AWHSgSHw==", "dev": true, "license": "MIT", "dependencies": { "bytes": "^3.1.2", "content-type": "^1.0.5", - "debug": "^4.4.0", + "debug": "^4.4.3", "http-errors": "^2.0.0", - "iconv-lite": "^0.6.3", + "iconv-lite": "^0.7.0", "on-finished": "^2.4.1", "qs": "^6.14.0", - "raw-body": "^3.0.0", - "type-is": "^2.0.0" + "raw-body": "^3.0.1", + "type-is": "^2.0.1" }, "engines": { "node": ">=18" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" } }, "node_modules/brace-expansion": { @@ -2513,6 +2641,7 @@ "url": "https://github.com/sponsors/ai" } ], + "peer": true, "dependencies": { "caniuse-lite": "^1.0.30001503", "electron-to-chromium": "^1.4.431", @@ -2904,9 +3033,9 @@ } }, "node_modules/debug": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", - "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "version": "4.4.3", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz", + "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==", "dev": true, "license": "MIT", "dependencies": { @@ -3292,6 +3421,7 @@ "integrity": "sha512-Hx0MOjPh6uK9oq9nVsATZKE/Wlbai7KFjfCuw9UHaguDW3x+HF0O5nIi3ud39TWgrTjTO5nHxmL3R1eANinWHQ==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.12.1", @@ -3812,19 +3942,21 @@ } }, "node_modules/express": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/express/-/express-5.1.0.tgz", - "integrity": "sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA==", + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz", + "integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "accepts": "^2.0.0", - "body-parser": "^2.2.0", + "body-parser": "^2.2.1", "content-disposition": "^1.0.0", "content-type": "^1.0.5", "cookie": "^0.7.1", "cookie-signature": "^1.2.1", "debug": "^4.4.0", + "depd": "^2.0.0", "encodeurl": "^2.0.0", "escape-html": "^1.0.3", "etag": "^1.8.1", @@ -3904,6 +4036,23 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", "dev": true }, + "node_modules/fast-uri": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz", + "integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fastify" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/fastify" + } + ], + "license": "BSD-3-Clause" + }, "node_modules/fastq": { "version": "1.13.0", "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.13.0.tgz", @@ -4386,6 +4535,17 @@ "node": ">= 0.4" } }, + "node_modules/hono": { + "version": "4.11.1", + "resolved": "https://registry.npmjs.org/hono/-/hono-4.11.1.tgz", + "integrity": "sha512-KsFcH0xxHes0J4zaQgWbYwmz3UPOOskdqZmItstUG93+Wk1ePBLkLGwbP9zlmh1BFUiL8Qp+Xfu9P7feJWpGNg==", + "dev": true, + "license": "MIT", + "peer": true, + "engines": { + "node": ">=16.9.0" + } + }, "node_modules/html-escaper": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", @@ -4393,20 +4553,24 @@ "dev": true }, "node_modules/http-errors": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", - "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz", + "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==", "dev": true, "license": "MIT", "dependencies": { - "depd": "2.0.0", - "inherits": "2.0.4", - "setprototypeof": "1.2.0", - "statuses": "2.0.1", - "toidentifier": "1.0.1" + "depd": "~2.0.0", + "inherits": "~2.0.4", + "setprototypeof": "~1.2.0", + "statuses": "~2.0.2", + "toidentifier": "~1.0.1" }, "engines": { "node": ">= 0.8" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" } }, "node_modules/human-signals": { @@ -4419,9 +4583,9 @@ } }, "node_modules/iconv-lite": { - "version": "0.6.3", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", - "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==", + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.7.1.tgz", + "integrity": "sha512-2Tth85cXwGFHfvRgZWszZSvdo+0Xsqmw8k8ZwxScfcBneNUraK+dxRxRm24nszx80Y0TVio8kKLt5sLE7ZCLlw==", "dev": true, "license": "MIT", "dependencies": { @@ -4429,6 +4593,10 @@ }, "engines": { "node": ">=0.10.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" } }, "node_modules/ignore": { @@ -5047,6 +5215,7 @@ "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", "dev": true, + "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -5597,6 +5766,16 @@ "url": "https://github.com/chalk/supports-color?sponsor=1" } }, + "node_modules/jose": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz", + "integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==", + "dev": true, + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" + } + }, "node_modules/js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -5604,10 +5783,11 @@ "dev": true }, "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "version": "3.14.2", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.2.tgz", + "integrity": "sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==", "dev": true, + "license": "MIT", "dependencies": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -5646,6 +5826,13 @@ "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", "dev": true }, + "node_modules/json-schema-typed": { + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/json-schema-typed/-/json-schema-typed-8.0.2.tgz", + "integrity": "sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==", + "dev": true, + "license": "BSD-2-Clause" + }, "node_modules/json-stable-stringify-without-jsonify": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", @@ -6513,19 +6700,19 @@ } }, "node_modules/raw-body": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.0.tgz", - "integrity": "sha512-RmkhL8CAyCRPXCE28MMH0z2PNWQBNk2Q09ZdxM9IOOXwxwZbN+qbWaatPkdkWIKL2ZVDImrN/pK5HTRz2PcS4g==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.2.tgz", + "integrity": "sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA==", "dev": true, "license": "MIT", "dependencies": { - "bytes": "3.1.2", - "http-errors": "2.0.0", - "iconv-lite": "0.6.3", - "unpipe": "1.0.0" + "bytes": "~3.1.2", + "http-errors": "~2.0.1", + "iconv-lite": "~0.7.0", + "unpipe": "~1.0.0" }, "engines": { - "node": ">= 0.8" + "node": ">= 0.10" } }, "node_modules/react-is": { @@ -6597,6 +6784,16 @@ "node": ">=0.10.0" } }, + "node_modules/require-from-string": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/resolve": { "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", @@ -7049,9 +7246,9 @@ } }, "node_modules/statuses": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", - "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz", + "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==", "dev": true, "license": "MIT", "engines": { @@ -7332,6 +7529,7 @@ "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", "integrity": "sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==", "dev": true, + "peer": true, "dependencies": { "@cspotcode/source-map-support": "^0.8.0", "@tsconfig/node10": "^1.0.7", @@ -7549,6 +7747,7 @@ "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true, "license": "Apache-2.0", + "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -7913,16 +8112,6 @@ "funding": { "url": "https://github.com/sponsors/colinhacks" } - }, - "node_modules/zod-to-json-schema": { - "version": "3.24.5", - "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.24.5.tgz", - "integrity": "sha512-/AuWwMP+YqiPbsJx5D6TfgRTc4kTLjsh5SOcd4bLsfUg2RcEXrFMJl1DGgdHy2aCfsIA/cr/1JM0xcB2GZji8g==", - "dev": true, - "license": "ISC", - "peerDependencies": { - "zod": "^3.24.1" - } } }, "dependencies": { @@ -8049,6 +8238,7 @@ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.9.tgz", "integrity": "sha512-G2EgeufBcYw27U4hhoIwFcgc1XU7TlXJ3mv04oOv1WCuo900U/anZSPzEqNjwdjgffkk2Gs0AN0dW1CKVLcG7w==", "dev": true, + "peer": true, "requires": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.22.5", @@ -8576,9 +8766,9 @@ "dev": true }, "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", + "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", "dev": true, "requires": { "argparse": "^2.0.1" @@ -8608,6 +8798,13 @@ "levn": "^0.4.1" } }, + "@hono/node-server": { + "version": "1.19.7", + "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.7.tgz", + "integrity": "sha512-vUcD0uauS7EU2caukW8z5lJKtoGMokxNbJtBiwHgpqxEXokaHCBkQUmCHhjFB1VUTWdqj25QoMkMKzgjq+uhrw==", + "dev": true, + "requires": {} + }, "@humanfs/core": { "version": "0.19.1", "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz", @@ -8980,21 +9177,61 @@ } }, "@modelcontextprotocol/sdk": { - "version": "1.11.2", - "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.11.2.tgz", - "integrity": "sha512-H9vwztj5OAqHg9GockCQC06k1natgcxWQSRpQcPJf6i5+MWBzfKkRtxGbjQf0X2ihii0ffLZCRGbYV2f2bjNCQ==", + "version": "1.25.1", + "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.25.1.tgz", + "integrity": "sha512-yO28oVFFC7EBoiKdAn+VqRm+plcfv4v0xp6osG/VsCB0NlPZWi87ajbCZZ8f/RvOFLEu7//rSRmuZZ7lMoe3gQ==", "dev": true, "requires": { + "@hono/node-server": "^1.19.7", + "ajv": "^8.17.1", + "ajv-formats": "^3.0.1", "content-type": "^1.0.5", "cors": "^2.8.5", - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "eventsource": "^3.0.2", + "eventsource-parser": "^3.0.0", "express": "^5.0.1", "express-rate-limit": "^7.5.0", + "jose": "^6.1.1", + "json-schema-typed": "^8.0.2", "pkce-challenge": "^5.0.0", "raw-body": "^3.0.0", - "zod": "^3.23.8", - "zod-to-json-schema": "^3.24.1" + "zod": "^3.25 || ^4.0", + "zod-to-json-schema": "^3.25.0" + }, + "dependencies": { + "ajv": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", + "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.3", + "fast-uri": "^3.0.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2" + } + }, + "json-schema-traverse": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", + "dev": true + }, + "zod": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/zod/-/zod-4.2.1.tgz", + "integrity": "sha512-0wZ1IRqGGhMP76gLqz8EyfBXKk0J2qo2+H3fi4mcUP/KtTocoX08nmIAHl1Z2kJIZbZee8KOpBCSNPRgauucjw==", + "dev": true, + "peer": true + }, + "zod-to-json-schema": { + "version": "3.25.0", + "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.0.tgz", + "integrity": "sha512-HvWtU2UG41LALjajJrML6uQejQhNJx+JBO9IflpSja4R03iNWfKXrj6W2h7ljuLyc1nKS+9yDyL/9tD1U/yBnQ==", + "dev": true, + "requires": {} + } } }, "@mswjs/interceptors": { @@ -9049,6 +9286,7 @@ "version": "3.6.0", "resolved": "https://registry.npmjs.org/@octokit/core/-/core-3.6.0.tgz", "integrity": "sha512-7RKRKuA4xTjMhY+eG3jthb3hlZCsOwg3rztWh75Xc+ShDWOfDDATWbeZpAHBNRpm4Tv9WgBMOy1zEJYXG6NJ7Q==", + "peer": true, "requires": { "@octokit/auth-token": "^2.4.4", "@octokit/graphql": "^4.5.8", @@ -9354,6 +9592,7 @@ "resolved": "https://registry.npmjs.org/@types/node/-/node-22.15.18.tgz", "integrity": "sha512-v1DKRfUdyW+jJhZNEI1PYy29S2YRxMV5AOO/x/SjKmW0acCIOqmbj6Haf9eHAhsPmrhlHSxEhv/1WszcLWV4cg==", "dev": true, + "peer": true, "requires": { "undici-types": "~6.21.0" } @@ -9409,6 +9648,7 @@ "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.32.1.tgz", "integrity": "sha512-LKMrmwCPoLhM45Z00O1ulb6jwyVr2kr3XJp+G+tSEZcbauNnScewcQwtJqXDhXeYPDEjZ8C1SjXm015CirEmGg==", "dev": true, + "peer": true, "requires": { "@typescript-eslint/scope-manager": "8.32.1", "@typescript-eslint/types": "8.32.1", @@ -9531,7 +9771,8 @@ "version": "8.14.1", "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.1.tgz", "integrity": "sha512-OvQ/2pUDKmgfCg++xsTX1wGxfTaszcHVcTctW4UJB4hibJx2HXxxO5UmVgyjMa+ZDsiaf5wWLXYpRWMmBI0QHg==", - "dev": true + "dev": true, + "peer": true }, "acorn-jsx": { "version": "5.3.2", @@ -9552,6 +9793,35 @@ "uri-js": "^4.2.2" } }, + "ajv-formats": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz", + "integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==", + "dev": true, + "requires": { + "ajv": "^8.0.0" + }, + "dependencies": { + "ajv": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", + "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.3", + "fast-uri": "^3.0.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2" + } + }, + "json-schema-traverse": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", + "dev": true + } + } + }, "ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", @@ -9790,20 +10060,20 @@ "integrity": "sha512-3pZEU3NT5BFUo/AD5ERPWOgQOCZITni6iavr5AUw5AUwQjMlI0kzu5btnyD39AF0gUEsDPwJT+oY1ORBJijPjQ==" }, "body-parser": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.0.tgz", - "integrity": "sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.1.tgz", + "integrity": "sha512-nfDwkulwiZYQIGwxdy0RUmowMhKcFVcYXUU7m4QlKYim1rUtg83xm2yjZ40QjDuc291AJjjeSc9b++AWHSgSHw==", "dev": true, "requires": { "bytes": "^3.1.2", "content-type": "^1.0.5", - "debug": "^4.4.0", + "debug": "^4.4.3", "http-errors": "^2.0.0", - "iconv-lite": "^0.6.3", + "iconv-lite": "^0.7.0", "on-finished": "^2.4.1", "qs": "^6.14.0", - "raw-body": "^3.0.0", - "type-is": "^2.0.0" + "raw-body": "^3.0.1", + "type-is": "^2.0.1" } }, "brace-expansion": { @@ -9830,6 +10100,7 @@ "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", "dev": true, + "peer": true, "requires": { "caniuse-lite": "^1.0.30001503", "electron-to-chromium": "^1.4.431", @@ -10098,9 +10369,9 @@ } }, "debug": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", - "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "version": "4.4.3", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz", + "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==", "dev": true, "requires": { "ms": "^2.1.3" @@ -10376,6 +10647,7 @@ "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.26.0.tgz", "integrity": "sha512-Hx0MOjPh6uK9oq9nVsATZKE/Wlbai7KFjfCuw9UHaguDW3x+HF0O5nIi3ud39TWgrTjTO5nHxmL3R1eANinWHQ==", "dev": true, + "peer": true, "requires": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.12.1", @@ -10743,18 +11015,20 @@ } }, "express": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/express/-/express-5.1.0.tgz", - "integrity": "sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA==", + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz", + "integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==", "dev": true, + "peer": true, "requires": { "accepts": "^2.0.0", - "body-parser": "^2.2.0", + "body-parser": "^2.2.1", "content-disposition": "^1.0.0", "content-type": "^1.0.5", "cookie": "^0.7.1", "cookie-signature": "^1.2.1", "debug": "^4.4.0", + "depd": "^2.0.0", "encodeurl": "^2.0.0", "escape-html": "^1.0.3", "etag": "^1.8.1", @@ -10815,6 +11089,12 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", "dev": true }, + "fast-uri": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz", + "integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==", + "dev": true + }, "fastq": { "version": "1.13.0", "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.13.0.tgz", @@ -11154,6 +11434,13 @@ "function-bind": "^1.1.2" } }, + "hono": { + "version": "4.11.1", + "resolved": "https://registry.npmjs.org/hono/-/hono-4.11.1.tgz", + "integrity": "sha512-KsFcH0xxHes0J4zaQgWbYwmz3UPOOskdqZmItstUG93+Wk1ePBLkLGwbP9zlmh1BFUiL8Qp+Xfu9P7feJWpGNg==", + "dev": true, + "peer": true + }, "html-escaper": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", @@ -11161,16 +11448,16 @@ "dev": true }, "http-errors": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", - "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz", + "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==", "dev": true, "requires": { - "depd": "2.0.0", - "inherits": "2.0.4", - "setprototypeof": "1.2.0", - "statuses": "2.0.1", - "toidentifier": "1.0.1" + "depd": "~2.0.0", + "inherits": "~2.0.4", + "setprototypeof": "~1.2.0", + "statuses": "~2.0.2", + "toidentifier": "~1.0.1" } }, "human-signals": { @@ -11180,9 +11467,9 @@ "dev": true }, "iconv-lite": { - "version": "0.6.3", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", - "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==", + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.7.1.tgz", + "integrity": "sha512-2Tth85cXwGFHfvRgZWszZSvdo+0Xsqmw8k8ZwxScfcBneNUraK+dxRxRm24nszx80Y0TVio8kKLt5sLE7ZCLlw==", "dev": true, "requires": { "safer-buffer": ">= 2.1.2 < 3.0.0" @@ -11601,6 +11888,7 @@ "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", "dev": true, + "peer": true, "requires": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -12022,6 +12310,12 @@ } } }, + "jose": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz", + "integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==", + "dev": true + }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -12029,9 +12323,9 @@ "dev": true }, "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "version": "3.14.2", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.2.tgz", + "integrity": "sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==", "dev": true, "requires": { "argparse": "^1.0.7", @@ -12062,6 +12356,12 @@ "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", "dev": true }, + "json-schema-typed": { + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/json-schema-typed/-/json-schema-typed-8.0.2.tgz", + "integrity": "sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==", + "dev": true + }, "json-stable-stringify-without-jsonify": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", @@ -12668,15 +12968,15 @@ "dev": true }, "raw-body": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.0.tgz", - "integrity": "sha512-RmkhL8CAyCRPXCE28MMH0z2PNWQBNk2Q09ZdxM9IOOXwxwZbN+qbWaatPkdkWIKL2ZVDImrN/pK5HTRz2PcS4g==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.2.tgz", + "integrity": "sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA==", "dev": true, "requires": { - "bytes": "3.1.2", - "http-errors": "2.0.0", - "iconv-lite": "0.6.3", - "unpipe": "1.0.0" + "bytes": "~3.1.2", + "http-errors": "~2.0.1", + "iconv-lite": "~0.7.0", + "unpipe": "~1.0.0" } }, "react-is": { @@ -12727,6 +13027,12 @@ "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", "dev": true }, + "require-from-string": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", + "dev": true + }, "resolve": { "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", @@ -13042,9 +13348,9 @@ } }, "statuses": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", - "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz", + "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==", "dev": true }, "strict-event-emitter": { @@ -13222,6 +13528,7 @@ "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", "integrity": "sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==", "dev": true, + "peer": true, "requires": { "@cspotcode/source-map-support": "^0.8.0", "@tsconfig/node10": "^1.0.7", @@ -13369,7 +13676,8 @@ "version": "5.8.3", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", - "dev": true + "dev": true, + "peer": true }, "unbox-primitive": { "version": "1.1.0", @@ -13620,13 +13928,6 @@ "resolved": "https://registry.npmjs.org/zod/-/zod-3.24.4.tgz", "integrity": "sha512-OdqJE9UDRPwWsrHjLN2F8bPxvwJBK22EHLWtanu0LSYr5YqzsaaW3RMgmjwr8Rypg5k+meEJdSPXJZXE/yqOMg==", "dev": true - }, - "zod-to-json-schema": { - "version": "3.24.5", - "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.24.5.tgz", - "integrity": "sha512-/AuWwMP+YqiPbsJx5D6TfgRTc4kTLjsh5SOcd4bLsfUg2RcEXrFMJl1DGgdHy2aCfsIA/cr/1JM0xcB2GZji8g==", - "dev": true, - "requires": {} } } } diff --git a/package.json b/package.json index c96c6cd..268d248 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "dependabot-pull-request-action", - "version": "2.4.0", + "version": "2.5.0", "description": "Parse Dependabot commit metadata to automate PR handling", "main": "dist/index.js", "scripts": { diff --git a/src/dependabot/output.test.ts b/src/dependabot/output.test.ts index 59e1e5f..2fbffb4 100644 --- a/src/dependabot/output.test.ts +++ b/src/dependabot/output.test.ts @@ -54,18 +54,18 @@ test('when given a single dependency it sets its values', async () => { expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies) - expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor') - expect(core.setOutput).toBeCalledWith('directory', 'wwwroot') - expect(core.setOutput).toBeCalledWith('package-ecosystem', 'nuget') - expect(core.setOutput).toBeCalledWith('target-branch', 'main') - expect(core.setOutput).toBeCalledWith('previous-version', '1.0.2') - expect(core.setOutput).toBeCalledWith('new-version', '1.1.3-beta') - expect(core.setOutput).toBeCalledWith('compatibility-score', 43) - expect(core.setOutput).toBeCalledWith('alert-state', 'FIXED') - expect(core.setOutput).toBeCalledWith('ghsa-id', 'VERY_LONG_ID') - expect(core.setOutput).toBeCalledWith('cvss', 4.6) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor') + expect(core.setOutput).toHaveBeenCalledWith('directory', 'wwwroot') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'nuget') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '1.0.2') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '1.1.3-beta') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 43) + expect(core.setOutput).toHaveBeenCalledWith('alert-state', 'FIXED') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', 'VERY_LONG_ID') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 4.6) }) test('when given a multiple dependencies, it uses the highest values for types', async () => { @@ -100,18 +100,18 @@ test('when given a multiple dependencies, it uses the highest values for types', expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies) - expect(core.setOutput).toBeCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:development') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-major') - expect(core.setOutput).toBeCalledWith('directory', '') - expect(core.setOutput).toBeCalledWith('package-ecosystem', '') - expect(core.setOutput).toBeCalledWith('target-branch', '') - expect(core.setOutput).toBeCalledWith('previous-version', '') - expect(core.setOutput).toBeCalledWith('new-version', '') - expect(core.setOutput).toBeCalledWith('compatibility-score', 0) - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:development') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-major') + expect(core.setOutput).toHaveBeenCalledWith('directory', '') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', '') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', '') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0) + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) test('when the dependency has no update type', async () => { @@ -131,18 +131,18 @@ test('when the dependency has no update type', async () => { expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies) - expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production') - expect(core.setOutput).toBeCalledWith('update-type', null) - expect(core.setOutput).toBeCalledWith('directory', '') - expect(core.setOutput).toBeCalledWith('package-ecosystem', '') - expect(core.setOutput).toBeCalledWith('target-branch', '') - expect(core.setOutput).toBeCalledWith('previous-version', '') - expect(core.setOutput).toBeCalledWith('new-version', '') - expect(core.setOutput).toBeCalledWith('compatibility-score', 0) - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production') + expect(core.setOutput).toHaveBeenCalledWith('update-type', null) + expect(core.setOutput).toHaveBeenCalledWith('directory', '') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', '') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', '') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0) + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) test('when given a multiple dependencies, and some do not have update types', async () => { @@ -175,16 +175,16 @@ test('when given a multiple dependencies, and some do not have update types', as expect(core.setOutput).toHaveBeenCalledWith('updated-dependencies-json', updatedDependencies) - expect(core.setOutput).toBeCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:development') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor') - expect(core.setOutput).toBeCalledWith('directory', '') - expect(core.setOutput).toBeCalledWith('package-ecosystem', '') - expect(core.setOutput).toBeCalledWith('target-branch', '') - expect(core.setOutput).toBeCalledWith('previous-version', '') - expect(core.setOutput).toBeCalledWith('new-version', '') - expect(core.setOutput).toBeCalledWith('compatibility-score', 0) - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'rspec, coffee-rails, coffeescript, rspec-coffeescript') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:development') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor') + expect(core.setOutput).toHaveBeenCalledWith('directory', '') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', '') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', '') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0) + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) diff --git a/src/dry-run.ts b/src/dry-run.ts index d36fd71..1ff65d9 100755 --- a/src/dry-run.ts +++ b/src/dry-run.ts @@ -1,4 +1,4 @@ -/* eslint-disable no-console, @typescript-eslint/no-var-requires, no-unused-expressions */ + import * as github from '@actions/github' import { Context } from '@actions/github/lib/context' import * as dotenv from 'dotenv' diff --git a/src/main.test.ts b/src/main.test.ts index 39fa1b6..c43420e 100644 --- a/src/main.test.ts +++ b/src/main.test.ts @@ -11,6 +11,19 @@ beforeEach(() => { jest.spyOn(core, 'setFailed').mockImplementation(jest.fn()) jest.spyOn(core, 'startGroup').mockImplementation(jest.fn()) jest.spyOn(core, 'getBooleanInput').mockReturnValue(false) + jest.spyOn(util, 'getBody').mockReturnValue(` +Bumps [fake/package](https://github.com/) from 0.0.0 to 0.0.1. +
+Release notes +
+

0.0.1

+

Summary

+

This is a fake description for a fake update

+

What's Changed

+* Nothing +
+
+`) }) test('it early exits with an error if github-token is not set', async () => { @@ -22,10 +35,10 @@ test('it early exits with an error if github-token is not set', async () => { expect(core.setFailed).toHaveBeenCalledWith( expect.stringContaining('github-token is not set!') ) - /* eslint-disable no-unused-expressions */ + expect(dependabotCommits.getMessage).not.toHaveBeenCalled expect(dependabotCommits.getAlert).not.toHaveBeenCalled - /* eslint-enable no-unused-expressions */ + }) test('it does nothing if the PR is not verified as from Dependabot', async () => { @@ -40,9 +53,9 @@ test('it does nothing if the PR is not verified as from Dependabot', async () => expect(core.setFailed).toHaveBeenCalledWith( expect.stringContaining('PR is not from Dependabot, nothing to do.') ) - /* eslint-disable no-unused-expressions */ + expect(dependabotCommits.getAlert).not.toHaveBeenCalled - /* eslint-enable no-unused-expressions */ + }) test('it does nothing if there is no metadata in the commit', async () => { @@ -57,9 +70,9 @@ test('it does nothing if there is no metadata in the commit', async () => { expect(core.setFailed).toHaveBeenCalledWith( expect.stringContaining('PR does not contain metadata, nothing to do.') ) - /* eslint-disable no-unused-expressions */ + expect(dependabotCommits.getAlert).not.toHaveBeenCalled - /* eslint-enable no-unused-expressions */ + }) test('it sets the updated dependency as an output for subsequent actions when given a commit message for application', async () => { @@ -120,20 +133,20 @@ test('it sets the updated dependency as an output for subsequent actions when gi ] ) - expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor') - expect(core.setOutput).toBeCalledWith('directory', '/') - expect(core.setOutput).toBeCalledWith('package-ecosystem', 'nuget') - expect(core.setOutput).toBeCalledWith('target-branch', 'main') - expect(core.setOutput).toBeCalledWith('previous-version', '4.0.1') - expect(core.setOutput).toBeCalledWith('new-version', '4.2.2') - expect(core.setOutput).toBeCalledWith('compatibility-score', 0) - expect(core.setOutput).toBeCalledWith('maintainer-changes', false) - expect(core.setOutput).toBeCalledWith('dependency-group', '') - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor') + expect(core.setOutput).toHaveBeenCalledWith('directory', '/') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'nuget') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '4.0.1') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '4.2.2') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0) + expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false) + expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '') + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) test('it sets the updated dependency as an output for subsequent actions when there is a leading v in the commit message version', async () => { @@ -193,20 +206,20 @@ test('it sets the updated dependency as an output for subsequent actions when th ] ) - expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor') - expect(core.setOutput).toBeCalledWith('directory', '/') - expect(core.setOutput).toBeCalledWith('package-ecosystem', 'nuget') - expect(core.setOutput).toBeCalledWith('target-branch', 'main') - expect(core.setOutput).toBeCalledWith('previous-version', 'v4.0.1') - expect(core.setOutput).toBeCalledWith('new-version', 'v4.2.2') - expect(core.setOutput).toBeCalledWith('compatibility-score', 0) - expect(core.setOutput).toBeCalledWith('maintainer-changes', false) - expect(core.setOutput).toBeCalledWith('dependency-group', '') - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor') + expect(core.setOutput).toHaveBeenCalledWith('directory', '/') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'nuget') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', 'v4.0.1') + expect(core.setOutput).toHaveBeenCalledWith('new-version', 'v4.2.2') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0) + expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false) + expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '') + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) test('it supports returning information about grouped updates', async () => { @@ -377,20 +390,20 @@ test('it sets the updated dependency as an output for subsequent actions when gi ] ) - expect(core.setOutput).toBeCalledWith('dependency-names', 'rubocop') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:development') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-minor') - expect(core.setOutput).toBeCalledWith('directory', '/') - expect(core.setOutput).toBeCalledWith('package-ecosystem', 'bundler') - expect(core.setOutput).toBeCalledWith('target-branch', 'main') - expect(core.setOutput).toBeCalledWith('previous-version', '1.30.1') - expect(core.setOutput).toBeCalledWith('new-version', '1.31.0') - expect(core.setOutput).toBeCalledWith('compatibility-score', 0) - expect(core.setOutput).toBeCalledWith('maintainer-changes', false) - expect(core.setOutput).toBeCalledWith('dependency-group', '') - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'rubocop') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:development') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-minor') + expect(core.setOutput).toHaveBeenCalledWith('directory', '/') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'bundler') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'main') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '1.30.1') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '1.31.0') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 0) + expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false) + expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '') + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) test('if there are multiple dependencies, it summarizes them', async () => { @@ -471,20 +484,20 @@ test('if there are multiple dependencies, it summarizes them', async () => { ] ) - expect(core.setOutput).toBeCalledWith('dependency-names', 'coffee-rails, coffeescript') - expect(core.setOutput).toBeCalledWith('dependency-type', 'direct:production') - expect(core.setOutput).toBeCalledWith('update-type', 'version-update:semver-major') - expect(core.setOutput).toBeCalledWith('directory', '/api/main') - expect(core.setOutput).toBeCalledWith('package-ecosystem', 'npm_and_yarn') - expect(core.setOutput).toBeCalledWith('target-branch', 'trunk') - expect(core.setOutput).toBeCalledWith('previous-version', '4.0.1') - expect(core.setOutput).toBeCalledWith('new-version', '4.2.2') - expect(core.setOutput).toBeCalledWith('compatibility-score', 34) - expect(core.setOutput).toBeCalledWith('maintainer-changes', false) - expect(core.setOutput).toBeCalledWith('dependency-group', '') - expect(core.setOutput).toBeCalledWith('alert-state', '') - expect(core.setOutput).toBeCalledWith('ghsa-id', '') - expect(core.setOutput).toBeCalledWith('cvss', 0) + expect(core.setOutput).toHaveBeenCalledWith('dependency-names', 'coffee-rails, coffeescript') + expect(core.setOutput).toHaveBeenCalledWith('dependency-type', 'direct:production') + expect(core.setOutput).toHaveBeenCalledWith('update-type', 'version-update:semver-major') + expect(core.setOutput).toHaveBeenCalledWith('directory', '/api/main') + expect(core.setOutput).toHaveBeenCalledWith('package-ecosystem', 'npm_and_yarn') + expect(core.setOutput).toHaveBeenCalledWith('target-branch', 'trunk') + expect(core.setOutput).toHaveBeenCalledWith('previous-version', '4.0.1') + expect(core.setOutput).toHaveBeenCalledWith('new-version', '4.2.2') + expect(core.setOutput).toHaveBeenCalledWith('compatibility-score', 34) + expect(core.setOutput).toHaveBeenCalledWith('maintainer-changes', false) + expect(core.setOutput).toHaveBeenCalledWith('dependency-group', '') + expect(core.setOutput).toHaveBeenCalledWith('alert-state', '') + expect(core.setOutput).toHaveBeenCalledWith('ghsa-id', '') + expect(core.setOutput).toHaveBeenCalledWith('cvss', 0) }) test('it sets the action to failed if there is an unexpected exception', async () => { @@ -499,9 +512,9 @@ test('it sets the action to failed if there is an unexpected exception', async ( expect(core.setFailed).toHaveBeenCalledWith( expect.stringContaining('Something bad happened!') ) - /* eslint-disable no-unused-expressions */ + expect(dependabotCommits.getAlert).not.toHaveBeenCalled - /* eslint-enable no-unused-expressions */ + }) test('it sets the action to failed if there is a request error', async () => { @@ -525,7 +538,7 @@ test('it sets the action to failed if there is a request error', async () => { expect(core.setFailed).toHaveBeenCalledWith( expect.stringContaining('(500) Something bad happened!') ) - /* eslint-disable no-unused-expressions */ + expect(dependabotCommits.getAlert).not.toHaveBeenCalled - /* eslint-enable no-unused-expressions */ + }) diff --git a/src/main.ts b/src/main.ts index f05bc1f..4cd488f 100644 --- a/src/main.ts +++ b/src/main.ts @@ -10,11 +10,11 @@ export async function run (): Promise { const token = core.getInput('github-token') if (!token) { - /* eslint-disable no-template-curly-in-string */ + core.setFailed( 'github-token is not set! Please add \'github-token: "${{ secrets.GITHUB_TOKEN }}"\' to your workflow file.' ) - /* eslint-enable no-template-curly-in-string */ + return }