From 35cfe2422ed5658cfc87b5cca7e50507f7d478da Mon Sep 17 00:00:00 2001 From: Brian DeHamer Date: Wed, 25 Feb 2026 16:03:18 -0800 Subject: [PATCH] bump @actions/attest from 3.0.0 to 3.1.0 (#362) Signed-off-by: Brian DeHamer --- dist/index.js | 38 +++++++++++++++++++++++++++++++++++++- package-lock.json | 8 ++++---- package.json | 2 +- 3 files changed, 42 insertions(+), 6 deletions(-) diff --git a/dist/index.js b/dist/index.js index 6176025..82aa25c 100644 --- a/dist/index.js +++ b/dist/index.js @@ -108507,6 +108507,27 @@ exports.LRUCache = LRUCache; /***/ }), +/***/ 60983: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +// This file exists as a CommonJS module to read the version from package.json. +// In an ESM package, using `require()` directly in .ts files requires disabling +// ESLint rules and doesn't work reliably across all Node.js versions. +// By keeping this as a .cjs file, we can use require() naturally and export +// the version for the ESM modules to import. +const packageJson = __nccwpck_require__(47849) +module.exports = {version: packageJson.version} + + +/***/ }), + +/***/ 47849: +/***/ ((module) => { + +module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/attest","version":"3.1.0","description":"Actions attestation lib","keywords":["github","actions","attestation"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/attest","license":"MIT","type":"module","main":"lib/index.js","types":"lib/index.d.ts","exports":{".":{"types":"./lib/index.d.ts","import":"./lib/index.js"}},"directories":{"lib":"lib","test":"__tests__"},"files":["lib"],"publishConfig":{"access":"public","provenance":true},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/attest"},"scripts":{"test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc && cp src/package-version.cjs lib/"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"devDependencies":{"@sigstore/mock":"^0.10.0","@sigstore/rekor-types":"^3.0.0","@types/jsonwebtoken":"^9.0.6","nock":"^13.5.1","undici":"^6.23.0"},"dependencies":{"@actions/core":"^3.0.0","@actions/github":"^9.0.0","@actions/http-client":"^4.0.0","@octokit/plugin-retry":"^8.0.3","@sigstore/bundle":"^3.1.0","@sigstore/sign":"^3.1.0","jose":"^5.10.0"}}'); + +/***/ }), + /***/ 4592: /***/ ((module) => { @@ -116109,6 +116130,8 @@ const initBundleBuilder = (opts) => { return new sign_dist/* DSSEBundleBuilder */.VV({ signer, witnesses }); }; //# sourceMappingURL=sign.js.map +// EXTERNAL MODULE: ./node_modules/@actions/attest/lib/package-version.cjs +var package_version = __nccwpck_require__(60983); ;// CONCATENATED MODULE: ./node_modules/@actions/attest/lib/store.js var store_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } @@ -116121,6 +116144,7 @@ var store_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar }; + const CREATE_ATTESTATION_REQUEST = 'POST /repos/{owner}/{repo}/attestations'; const store_DEFAULT_RETRY_COUNT = 5; /** @@ -116134,11 +116158,12 @@ const writeAttestation = (attestation_1, token_1, ...args_1) => store_awaiter(vo var _a; const retries = (_a = options.retry) !== null && _a !== void 0 ? _a : store_DEFAULT_RETRY_COUNT; const octokit = getOctokit(token, { retry: { retries } }, retry); + const headers = Object.assign({ 'User-Agent': store_getUserAgent() }, options.headers); try { const response = yield octokit.request(CREATE_ATTESTATION_REQUEST, { owner: github_context.repo.owner, repo: github_context.repo.repo, - headers: options.headers, + headers, bundle: attestation }); const data = typeof response.data == 'string' @@ -116151,6 +116176,17 @@ const writeAttestation = (attestation_1, token_1, ...args_1) => store_awaiter(vo throw new Error(`Failed to persist attestation: ${message}`); } }); +const store_getUserAgent = () => { + const baseUserAgent = `@actions/attest-${package_version.version}`; + const orchId = process.env['ACTIONS_ORCHESTRATION_ID']; + if (orchId) { + // Sanitize the orchestration ID to ensure it contains only valid characters + // Valid characters: 0-9, a-z, _, -, . + const sanitizedId = orchId.replace(/[^a-z0-9_.-]/gi, '_'); + return `${baseUserAgent} actions_orchestration_id/${sanitizedId}`; + } + return baseUserAgent; +}; //# sourceMappingURL=store.js.map ;// CONCATENATED MODULE: ./node_modules/@actions/attest/lib/attest.js var attest_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) { diff --git a/package-lock.json b/package-lock.json index 286f7b9..fd4d173 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "4.0.0", "license": "MIT", "dependencies": { - "@actions/attest": "^3.0.0", + "@actions/attest": "^3.1.0", "@actions/core": "^3.0.0", "@actions/github": "^9.0.0", "@actions/glob": "^0.6.1", @@ -42,9 +42,9 @@ } }, "node_modules/@actions/attest": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.0.0.tgz", - "integrity": "sha512-XrGmxFA3rZO4ACtVEUHFUI318lMycHQjHep3SX/AqU8IwR0y9afw8URsGrQZhGqwMDTYxYFST9PaNQCksIyE8A==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.1.0.tgz", + "integrity": "sha512-uJmeYeeL5xM65sZN/SzKq57vA7/9bGhlErASxsKalChG6wxHna1z/o3bnw1guNjd1hWIeCCGg6WM9dfC8SS18A==", "license": "MIT", "dependencies": { "@actions/core": "^3.0.0", diff --git a/package.json b/package.json index 87dd8eb..3094e92 100644 --- a/package.json +++ b/package.json @@ -78,7 +78,7 @@ ] }, "dependencies": { - "@actions/attest": "^3.0.0", + "@actions/attest": "^3.1.0", "@actions/core": "^3.0.0", "@actions/github": "^9.0.0", "@actions/glob": "^0.6.1",