Skip to content

Commit a9706b7

Browse files
authored
chore: upgrade dependency graph (#106)
Signed-off-by: NishkarshRaj <nishkarshraj000@gmail.com>
1 parent 20a4477 commit a9706b7

6 files changed

Lines changed: 1383 additions & 1220 deletions

File tree

.github/workflows/dependency-review.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,11 +9,11 @@ jobs:
99
runs-on: ubuntu-latest
1010
steps:
1111
- name: Harden Runner
12-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
12+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
1313
with:
1414
egress-policy: audit
1515

1616
- name: "Checkout Repository"
1717
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
1818
- name: "Dependency Review"
19-
uses: actions/dependency-review-action@6c5ccdad469c9f8a2996bfecaec55a631a347034 # v3.1.0
19+
uses: actions/dependency-review-action@c74b580d73376b7750d3d2a50bfb8adc2c937507 # v3.1.5

.github/workflows/release-npm.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
packages: write
1616
steps:
1717
- name: Harden Runner
18-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
18+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
1919
with:
2020
egress-policy: audit
2121

.github/workflows/super-devsecops.yml

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ jobs:
1919
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
2020
steps:
2121
- name: Harden Runner
22-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
22+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
2323
with:
2424
egress-policy: audit
2525
- name: Checkout code
@@ -39,7 +39,7 @@ jobs:
3939
- name: Checkout the code
4040
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
4141
- name: Scan the source code and upload dependency results
42-
uses: anchore/sbom-action@ace0b9722a703812d78949ee4ac5b90de1c0eba2
42+
uses: anchore/sbom-action@c7f031d9249a826a082ea14c79d3b686a51d485a
4343
with:
4444
path: .
4545
dependency-snapshot: true
@@ -53,7 +53,7 @@ jobs:
5353
node-version: [16.x, 18.x, 20.x]
5454
steps:
5555
- name: Harden Runner
56-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
56+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
5757
with:
5858
egress-policy: audit
5959
- name: Checkout Repository to Runner Context
@@ -75,7 +75,7 @@ jobs:
7575
node-version: [16.x, 18.x, 20.x]
7676
steps:
7777
- name: Harden Runner
78-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
78+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
7979
with:
8080
egress-policy: audit
8181

@@ -105,20 +105,20 @@ jobs:
105105
language: ["javascript-typescript"]
106106
steps:
107107
- name: Harden Runner
108-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
108+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
109109
with:
110110
egress-policy: audit
111111
- name: Checkout repository
112112
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
113113

114114
- name: Initialize CodeQL
115-
uses: github/codeql-action/init@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
115+
uses: github/codeql-action/init@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
116116
with:
117117
languages: ${{ matrix.language }}
118118
- name: Autobuild
119-
uses: github/codeql-action/autobuild@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
119+
uses: github/codeql-action/autobuild@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
120120
- name: Perform CodeQL Analysis
121-
uses: github/codeql-action/analyze@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
121+
uses: github/codeql-action/analyze@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
122122
with:
123123
category: "/language:${{matrix.language}}"
124124
sast_sonar:
@@ -129,7 +129,7 @@ jobs:
129129
needs: test
130130
steps:
131131
- name: Harden Runner
132-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
132+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
133133
with:
134134
egress-policy: audit
135135
- name: Analyze with SonarCloud
@@ -150,7 +150,7 @@ jobs:
150150
needs: test
151151
steps:
152152
- name: Harden Runner
153-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
153+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
154154
with:
155155
egress-policy: audit
156156
- name: "Checkout code"
@@ -171,7 +171,7 @@ jobs:
171171
path: results.sarif
172172
retention-days: 5
173173
- name: "Upload to code-scanning"
174-
uses: github/codeql-action/upload-sarif@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
174+
uses: github/codeql-action/upload-sarif@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
175175
with:
176176
sarif_file: results.sarif
177177
build-and-push-image:
@@ -183,13 +183,13 @@ jobs:
183183
needs: sast_codeql
184184
steps:
185185
- name: Harden Runner
186-
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
186+
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
187187
with:
188188
egress-policy: audit
189189
- name: Checkout repository
190190
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
191191
- name: Log in to the Container registry
192-
uses: docker/login-action@1f401f745bf57e30b3a2800ad308a87d2ebdf14b
192+
uses: docker/login-action@3d58c274f17dffee475a5520cbe67f0a882c4dbb
193193
with:
194194
registry: ghcr.io
195195
username: ${{ github.actor }}
@@ -199,7 +199,7 @@ jobs:
199199
docker build -t ghcr.io/stormsinbrewing/savvy-devsecops .
200200
docker push ghcr.io/stormsinbrewing/savvy-devsecops
201201
- name: Image SBOM Scan with Syft
202-
uses: anchore/sbom-action@ace0b9722a703812d78949ee4ac5b90de1c0eba2
202+
uses: anchore/sbom-action@c7f031d9249a826a082ea14c79d3b686a51d485a
203203
with:
204204
image: "ghcr.io/stormsinbrewing/savvy-devsecops"
205205
dependency-snapshot: true

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ RUN yarn install --production
77
COPY . .
88
RUN yarn build
99

10-
FROM nginx:1.25.3-alpine@sha256:db353d0f0c479c91bd15e01fc68ed0f33d9c4c52f3415e63332c3d0bf7a4bb77 as production
10+
FROM nginx:1.25.3-alpine@sha256:3923f8de8d2214b9490e68fd6ae63ea604deddd166df2755b788bef04848b9bc as production
1111
ENV NODE_ENV production
1212
COPY --from=builder /app/build /usr/share/nginx/html
1313
COPY nginx.conf /etc/nginx/conf.d/default.conf

package.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
"dependencies": {
1111
"@babel/plugin-proposal-private-property-in-object": "^7.21.11",
1212
"@testing-library/jest-dom": "^6.1.4",
13-
"@testing-library/react": "^14.0.0",
13+
"@testing-library/react": "^14.1.2",
1414
"@testing-library/user-event": "^14.0.0",
1515
"react": "^18.2.0",
1616
"react-dom": "^18.2.0",
@@ -43,12 +43,12 @@
4343
]
4444
},
4545
"devDependencies": {
46-
"eslint": "^8.52.0",
46+
"eslint": "^8.56.0",
4747
"eslint-config-standard": "^17.1.0",
4848
"eslint-plugin-import": "^2.29.0",
49-
"eslint-plugin-n": "^15.0.0 || ^16.0.0 ",
49+
"eslint-plugin-n": "^16.6.2",
5050
"eslint-plugin-promise": "^6.0.0",
5151
"eslint-plugin-react": "^7.33.2",
52-
"prettier": "3.0.3"
52+
"prettier": "3.1.1"
5353
}
5454
}

0 commit comments

Comments
 (0)