diff --git a/package.json b/package.json index ade5bb4..0d2a6d8 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "dependencies": { "@actions/core": "^3.0.1", "@actions/github": "^9.1.1", - "@docker/actions-toolkit": "^0.91.0", + "@docker/actions-toolkit": "^0.92.0", "@renovate/pep440": "^1.0.0", "csv-parse": "^7.0.0", "handlebars": "^4.7.9", diff --git a/yarn.lock b/yarn.lock index edcdf90..63a425b 100644 --- a/yarn.lock +++ b/yarn.lock @@ -34,9 +34,9 @@ __metadata: languageName: node linkType: hard -"@actions/cache@npm:^6.0.1": - version: 6.0.1 - resolution: "@actions/cache@npm:6.0.1" +"@actions/cache@npm:^6.1.0": + version: 6.1.0 + resolution: "@actions/cache@npm:6.1.0" dependencies: "@actions/core": "npm:^3.0.1" "@actions/exec": "npm:^3.0.0" @@ -47,7 +47,7 @@ __metadata: "@azure/storage-blob": "npm:^12.31.0" "@protobuf-ts/runtime-rpc": "npm:^2.11.1" semver: "npm:^7.7.4" - checksum: 10/05d2c18210fa3b583765d734e9dce6532c76d271805929608ee35f56dd3064e1d30f007400e3a275f74a7ad3e454cf0051b6eab4f15a9669dac081d811ee9d10 + checksum: 10/0cd89f335c1e89f514d56060110bfddc6ab1112ec0091533364c32aec2621896112cde71cfc4089b86d00f3b5478996088e4c4e0aba0aec32aae0afeb4921b3d languageName: node linkType: hard @@ -446,33 +446,32 @@ __metadata: languageName: node linkType: hard -"@docker/actions-toolkit@npm:^0.91.0": - version: 0.91.0 - resolution: "@docker/actions-toolkit@npm:0.91.0" +"@docker/actions-toolkit@npm:^0.92.0": + version: 0.92.0 + resolution: "@docker/actions-toolkit@npm:0.92.0" dependencies: "@actions/artifact": "npm:^6.2.1" - "@actions/cache": "npm:^6.0.1" + "@actions/cache": "npm:^6.1.0" "@actions/core": "npm:^3.0.1" "@actions/exec": "npm:^3.0.0" "@actions/github": "npm:^9.1.1" "@actions/http-client": "npm:^4.0.1" "@actions/io": "npm:^3.0.2" "@actions/tool-cache": "npm:^4.0.0" - "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/sign": "npm:^4.1.1" - "@sigstore/tuf": "npm:^4.0.2" - "@sigstore/verify": "npm:^3.1.1" + "@sigstore/bundle": "npm:^5.0.0" + "@sigstore/tuf": "npm:^5.0.0" + "@sigstore/verify": "npm:^4.1.0" async-retry: "npm:^1.3.3" - csv-parse: "npm:^6.2.1" + csv-parse: "npm:^7.0.0" gunzip-maybe: "npm:^1.4.2" handlebars: "npm:^4.7.9" he: "npm:^1.2.0" - js-yaml: "npm:^4.1.1" + js-yaml: "npm:^5.2.0" jwt-decode: "npm:^4.0.0" - semver: "npm:^7.8.1" + semver: "npm:^7.8.5" tar-stream: "npm:^3.2.0" - tmp: "npm:^0.2.6" - checksum: 10/31ab0d572e716a765fa4db963a342c9c313460839f9a32c06045e07d47dda314e1dbd50f5f3bed7d4e4caa0f9e0b95d28abce3b4d59bfa54cea3f7d9408e5497 + tmp: "npm:^0.2.7" + checksum: 10/599cea84b897069c53744a2f05371c6d9ad60da18448b4431273529b92fd2d77ddc718ee205cf0bf1da53083d412da90b1067f1e64a5fdac73fe71d486726064 languageName: node linkType: hard @@ -937,7 +936,7 @@ __metadata: languageName: node linkType: hard -"@gar/promise-retry@npm:^1.0.2": +"@gar/promise-retry@npm:^1.0.2, @gar/promise-retry@npm:^1.0.3": version: 1.0.3 resolution: "@gar/promise-retry@npm:1.0.3" checksum: 10/0d13ea3bb1025755e055648f6e290d2a7e0c87affaf552218f09f66b3fcd9ea9d5c9cc5fe2aa6e285e1530437768e40f9448fe9a86f4f3417b216dcf488d3d1a @@ -1676,6 +1675,15 @@ __metadata: languageName: node linkType: hard +"@sigstore/bundle@npm:^5.0.0": + version: 5.0.0 + resolution: "@sigstore/bundle@npm:5.0.0" + dependencies: + "@sigstore/protobuf-specs": "npm:^0.5.0" + checksum: 10/9d86dd7f8086832fff2a36ce84bd38a895fe951a8848963c1dddf1d0eb4d14394c94626fc53c4173f42be5ee8d7319b593ce3a77491e8b1497349c653decba90 + languageName: node + linkType: hard + "@sigstore/core@npm:^3.2.0, @sigstore/core@npm:^3.2.1": version: 3.2.1 resolution: "@sigstore/core@npm:3.2.1" @@ -1683,6 +1691,13 @@ __metadata: languageName: node linkType: hard +"@sigstore/core@npm:^4.0.1": + version: 4.0.1 + resolution: "@sigstore/core@npm:4.0.1" + checksum: 10/2d8961554cfa7293a7a506ed950da677f707436042166848d94b5c0558dee62194df3bcbfb31648d78e00aa5f28d1813ca04cccef7fa6ed50544cfbf2feb453b + languageName: node + linkType: hard + "@sigstore/protobuf-specs@npm:^0.5.0": version: 0.5.0 resolution: "@sigstore/protobuf-specs@npm:0.5.0" @@ -1714,6 +1729,16 @@ __metadata: languageName: node linkType: hard +"@sigstore/tuf@npm:^5.0.0": + version: 5.0.0 + resolution: "@sigstore/tuf@npm:5.0.0" + dependencies: + "@sigstore/protobuf-specs": "npm:^0.5.0" + tuf-js: "npm:^6.0.0" + checksum: 10/74723623c8383a22f755a1eca03d1c0f481d2624e8c5607422af8fe1d2847b2f478513c471693fdd37b24a7c2a17782cabef592a76431b3a54ab328716510303 + languageName: node + linkType: hard + "@sigstore/verify@npm:^3.1.1": version: 3.1.1 resolution: "@sigstore/verify@npm:3.1.1" @@ -1725,6 +1750,17 @@ __metadata: languageName: node linkType: hard +"@sigstore/verify@npm:^4.1.0": + version: 4.1.0 + resolution: "@sigstore/verify@npm:4.1.0" + dependencies: + "@sigstore/bundle": "npm:^5.0.0" + "@sigstore/core": "npm:^4.0.1" + "@sigstore/protobuf-specs": "npm:^0.5.0" + checksum: 10/63d34a885d15fb37a111e6a85df61ba6a4247efa15d6989b83328043fe2c7be38b0b87b8e0c26cb906809920fde344eaab37fb34f0acd0d8b97c80bfdaa14f62 + languageName: node + linkType: hard + "@standard-schema/spec@npm:^1.0.0": version: 1.1.0 resolution: "@standard-schema/spec@npm:1.1.0" @@ -1749,6 +1785,16 @@ __metadata: languageName: node linkType: hard +"@tufjs/models@npm:5.0.0": + version: 5.0.0 + resolution: "@tufjs/models@npm:5.0.0" + dependencies: + "@tufjs/canonical-json": "npm:2.0.0" + minimatch: "npm:^10.2.1" + checksum: 10/94946c22b44d1f4c5d493270640af9fc7ad9868ec1450403d68829f9eee7da0626f307b6782e6688f35a8e28845f52f4c0941bb16e77712c353fb35952cfac27 + languageName: node + linkType: hard + "@types/chai@npm:^5.2.2": version: 5.2.3 resolution: "@types/chai@npm:5.2.3" @@ -2450,6 +2496,15 @@ __metadata: languageName: node linkType: hard +"brace-expansion@npm:^5.0.5": + version: 5.0.7 + resolution: "brace-expansion@npm:5.0.7" + dependencies: + balanced-match: "npm:^4.0.2" + checksum: 10/98c12de33fa53ab07b2b5179f6740045508c61c4319638faf47a0d72615db80058f66c0d1cb74dc8ed591bbf507c068027e80cfb86a2f467bfd330574e13ed7b + languageName: node + linkType: hard + "browserify-zlib@npm:^0.1.4": version: 0.1.4 resolution: "browserify-zlib@npm:0.1.4" @@ -2782,13 +2837,6 @@ __metadata: languageName: node linkType: hard -"csv-parse@npm:^6.2.1": - version: 6.2.1 - resolution: "csv-parse@npm:6.2.1" - checksum: 10/7fbde1225c6df6aaea01a202934e1f15ce16ed55e544ead0d066b0c4dc9ae1a2fc881b412889cbf115cd74cbf14ea17388b394e8a31e05cb412dd7dc6114bebd - languageName: node - linkType: hard - "csv-parse@npm:^7.0.0": version: 7.0.0 resolution: "csv-parse@npm:7.0.0" @@ -2842,7 +2890,7 @@ __metadata: dependencies: "@actions/core": "npm:^3.0.1" "@actions/github": "npm:^9.1.1" - "@docker/actions-toolkit": "npm:^0.91.0" + "@docker/actions-toolkit": "npm:^0.92.0" "@eslint/js": "npm:^9.39.3" "@renovate/pep440": "npm:^1.0.0" "@types/node": "npm:^24.11.0" @@ -4043,6 +4091,17 @@ __metadata: languageName: node linkType: hard +"js-yaml@npm:^5.2.0": + version: 5.2.0 + resolution: "js-yaml@npm:5.2.0" + dependencies: + argparse: "npm:^2.0.1" + bin: + js-yaml: bin/js-yaml.mjs + checksum: 10/8a5e55c5d0fcafae4ac02114a99dc070048b8e5a82a056089ce1f69f8a00fd8eb05b622e76ad50aac1f9d409010636c9616c6b2ed4e58dae138379a60d301220 + languageName: node + linkType: hard + "jsbn@npm:1.1.0": version: 1.1.0 resolution: "jsbn@npm:1.1.0" @@ -4349,6 +4408,15 @@ __metadata: languageName: node linkType: hard +"minimatch@npm:^10.2.1": + version: 10.2.5 + resolution: "minimatch@npm:10.2.5" + dependencies: + brace-expansion: "npm:^5.0.5" + checksum: 10/19e87a931aff60ee7b9d80f39f817b8bfc54f61f8356ee3549fbf636dbccacacfec8d803eac73293955c4527cd085247dfc064bce4a5e349f8f3b85e2bf5da0f + languageName: node + linkType: hard + "minimatch@npm:^3.0.4, minimatch@npm:^3.1.2": version: 3.1.2 resolution: "minimatch@npm:3.1.2" @@ -5380,7 +5448,7 @@ __metadata: languageName: node linkType: hard -"semver@npm:^7.7.4, semver@npm:^7.8.1": +"semver@npm:^7.7.4": version: 7.8.1 resolution: "semver@npm:7.8.1" bin: @@ -5813,7 +5881,7 @@ __metadata: languageName: node linkType: hard -"tmp@npm:^0.2.6": +"tmp@npm:^0.2.7": version: 0.2.7 resolution: "tmp@npm:0.2.7" checksum: 10/0a3bc90beb0c6275273c3475fb57e466eaab1c9c4a101d029ff62b18146ce136e7f75d09de34863d9f2c2a492751402508f9e028bc98eb34a1416195d4b15619 @@ -5868,6 +5936,17 @@ __metadata: languageName: node linkType: hard +"tuf-js@npm:^6.0.0": + version: 6.0.0 + resolution: "tuf-js@npm:6.0.0" + dependencies: + "@gar/promise-retry": "npm:^1.0.3" + "@tufjs/models": "npm:5.0.0" + debug: "npm:^4.4.3" + checksum: 10/e18e528bb5b848c80ad15b5eb23cf5ff5de65867a8ebe5a97ecb71b4d8c0568251d6f14db05f54b8bf3955d6febf3d3846a4d094953aa59eb4dae9a21905d904 + languageName: node + linkType: hard + "tunnel@npm:^0.0.6": version: 0.0.6 resolution: "tunnel@npm:0.0.6"