diff --git a/README.md b/README.md index e68f294..3501db3 100644 --- a/README.md +++ b/README.md @@ -28,34 +28,7 @@ jobs: uses: actions/dependency-review-action@v1 ``` -Please keep in mind that you need a GitHub Advanced Security license -if you're running this Action on private repos. - -## Configuration - -The Dependency Review Action uses a YAML configuration file. It -expects this file to be named `dependency-review.yml`, inside your -`.github/` directory. - -Here's a sample configuration file: - -```yaml -fail_on_severity: low -``` - -[Here](https://github.com/actions/dependency-review-action/blob/main/.github/dependency-review.yml) -you can see an example of the configuration file we use for this repository. - -### Severity - -By default this Action blocks any pull request that contains a -vulnerability of any severity level. You can override this behavior by -setting an option in your configuration file: - -```yaml -# choose one of: 'critical', 'high', 'moderate' or 'low' -fail_on_severity: high -``` +Please keep in mind that you need a GitHub Advanced Security license if you're running this Action on private repos. ## Getting help diff --git a/package-lock.json b/package-lock.json index 98aea86..dffd11e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,13 +16,13 @@ "ansi-styles": "^6.1.0", "got": "^12.1.0", "nodemon": "^2.0.16", - "yaml": "^2.1.0", + "yaml": "^2.1.1", "zod": "^3.17.3" }, "devDependencies": { "@types/node": "^17.0.40", - "@typescript-eslint/eslint-plugin": "^5.27.0", - "@typescript-eslint/parser": "^5.27.0", + "@typescript-eslint/eslint-plugin": "^5.27.1", + "@typescript-eslint/parser": "^5.27.1", "@vercel/ncc": "^0.34.0", "esbuild-register": "^3.3.3", "eslint": "^8.17.0", @@ -1406,14 +1406,14 @@ "dev": true }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.27.0.tgz", - "integrity": "sha512-DDrIA7GXtmHXr1VCcx9HivA39eprYBIFxbQEHI6NyraRDxCGpxAFiYQAT/1Y0vh1C+o2vfBiy4IuPoXxtTZCAQ==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.27.1.tgz", + "integrity": "sha512-6dM5NKT57ZduNnJfpY81Phe9nc9wolnMCnknb1im6brWi1RYv84nbMS3olJa27B6+irUVV1X/Wb+Am0FjJdGFw==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "5.27.0", - "@typescript-eslint/type-utils": "5.27.0", - "@typescript-eslint/utils": "5.27.0", + "@typescript-eslint/scope-manager": "5.27.1", + "@typescript-eslint/type-utils": "5.27.1", + "@typescript-eslint/utils": "5.27.1", "debug": "^4.3.4", "functional-red-black-tree": "^1.0.1", "ignore": "^5.2.0", @@ -1454,14 +1454,14 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.27.0.tgz", - "integrity": "sha512-8oGjQF46c52l7fMiPPvX4It3u3V3JipssqDfHQ2hcR0AeR8Zge+OYyKUCm5b70X72N1qXt0qgHenwN6Gc2SXZA==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.27.1.tgz", + "integrity": "sha512-7Va2ZOkHi5NP+AZwb5ReLgNF6nWLGTeUJfxdkVUAPPSaAdbWNnFZzLZ4EGGmmiCTg+AwlbE1KyUYTBglosSLHQ==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "5.27.0", - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/typescript-estree": "5.27.0", + "@typescript-eslint/scope-manager": "5.27.1", + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/typescript-estree": "5.27.1", "debug": "^4.3.4" }, "engines": { @@ -1481,13 +1481,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.27.0.tgz", - "integrity": "sha512-VnykheBQ/sHd1Vt0LJ1JLrMH1GzHO+SzX6VTXuStISIsvRiurue/eRkTqSrG0CexHQgKG8shyJfR4o5VYioB9g==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.27.1.tgz", + "integrity": "sha512-fQEOSa/QroWE6fAEg+bJxtRZJTH8NTskggybogHt4H9Da8zd4cJji76gA5SBlR0MgtwF7rebxTbDKB49YUCpAg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/visitor-keys": "5.27.0" + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/visitor-keys": "5.27.1" }, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" @@ -1498,12 +1498,12 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.27.0.tgz", - "integrity": "sha512-vpTvRRchaf628Hb/Xzfek+85o//zEUotr1SmexKvTfs7czXfYjXVT/a5yDbpzLBX1rhbqxjDdr1Gyo0x1Fc64g==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.27.1.tgz", + "integrity": "sha512-+UC1vVUWaDHRnC2cQrCJ4QtVjpjjCgjNFpg8b03nERmkHv9JV9X5M19D7UFMd+/G7T/sgFwX2pGmWK38rqyvXw==", "dev": true, "dependencies": { - "@typescript-eslint/utils": "5.27.0", + "@typescript-eslint/utils": "5.27.1", "debug": "^4.3.4", "tsutils": "^3.21.0" }, @@ -1524,9 +1524,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.27.0.tgz", - "integrity": "sha512-lY6C7oGm9a/GWhmUDOs3xAVRz4ty/XKlQ2fOLr8GAIryGn0+UBOoJDWyHer3UgrHkenorwvBnphhP+zPmzmw0A==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.27.1.tgz", + "integrity": "sha512-LgogNVkBhCTZU/m8XgEYIWICD6m4dmEDbKXESCbqOXfKZxRKeqpiJXQIErv66sdopRKZPo5l32ymNqibYEH/xg==", "dev": true, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" @@ -1537,13 +1537,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.27.0.tgz", - "integrity": "sha512-QywPMFvgZ+MHSLRofLI7BDL+UczFFHyj0vF5ibeChDAJgdTV8k4xgEwF0geFhVlPc1p8r70eYewzpo6ps+9LJQ==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.27.1.tgz", + "integrity": "sha512-DnZvvq3TAJ5ke+hk0LklvxwYsnXpRdqUY5gaVS0D4raKtbznPz71UJGnPTHEFo0GDxqLOLdMkkmVZjSpET1hFw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/visitor-keys": "5.27.0", + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/visitor-keys": "5.27.1", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -1579,15 +1579,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.27.0.tgz", - "integrity": "sha512-nZvCrkIJppym7cIbP3pOwIkAefXOmfGPnCM0LQfzNaKxJHI6VjI8NC662uoiPlaf5f6ymkTy9C3NQXev2mdXmA==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.27.1.tgz", + "integrity": "sha512-mZ9WEn1ZLDaVrhRaYgzbkXBkTPghPFsup8zDbbsYTxC5OmqrFE7skkKS/sraVsLP3TcT3Ki5CSyEFBRkLH/H/w==", "dev": true, "dependencies": { "@types/json-schema": "^7.0.9", - "@typescript-eslint/scope-manager": "5.27.0", - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/typescript-estree": "5.27.0", + "@typescript-eslint/scope-manager": "5.27.1", + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/typescript-estree": "5.27.1", "eslint-scope": "^5.1.1", "eslint-utils": "^3.0.0" }, @@ -1603,12 +1603,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.27.0.tgz", - "integrity": "sha512-46cYrteA2MrIAjv9ai44OQDUoCZyHeGIc4lsjCUX2WT6r4C+kidz1bNiR4017wHOPUythYeH+Sc7/cFP97KEAA==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.27.1.tgz", + "integrity": "sha512-xYs6ffo01nhdJgPieyk7HAOpjhTsx7r/oB9LWEhwAXgwn33tkr+W8DI2ChboqhZlC4q3TC6geDYPoiX8ROqyOQ==", "dev": true, "dependencies": { - "@typescript-eslint/types": "5.27.0", + "@typescript-eslint/types": "5.27.1", "eslint-visitor-keys": "^3.3.0" }, "engines": { @@ -7437,9 +7437,9 @@ "dev": true }, "node_modules/yaml": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.0.tgz", - "integrity": "sha512-OuAINfTsoJrY5H7CBWnKZhX6nZciXBydrMtTHr1dC4nP40X5jyTIVlogZHxSlVZM8zSgXRfgZGsaHF4+pV+JRw==", + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.1.tgz", + "integrity": "sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw==", "engines": { "node": ">= 14" } @@ -8595,14 +8595,14 @@ "dev": true }, "@typescript-eslint/eslint-plugin": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.27.0.tgz", - "integrity": "sha512-DDrIA7GXtmHXr1VCcx9HivA39eprYBIFxbQEHI6NyraRDxCGpxAFiYQAT/1Y0vh1C+o2vfBiy4IuPoXxtTZCAQ==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.27.1.tgz", + "integrity": "sha512-6dM5NKT57ZduNnJfpY81Phe9nc9wolnMCnknb1im6brWi1RYv84nbMS3olJa27B6+irUVV1X/Wb+Am0FjJdGFw==", "dev": true, "requires": { - "@typescript-eslint/scope-manager": "5.27.0", - "@typescript-eslint/type-utils": "5.27.0", - "@typescript-eslint/utils": "5.27.0", + "@typescript-eslint/scope-manager": "5.27.1", + "@typescript-eslint/type-utils": "5.27.1", + "@typescript-eslint/utils": "5.27.1", "debug": "^4.3.4", "functional-red-black-tree": "^1.0.1", "ignore": "^5.2.0", @@ -8623,52 +8623,52 @@ } }, "@typescript-eslint/parser": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.27.0.tgz", - "integrity": "sha512-8oGjQF46c52l7fMiPPvX4It3u3V3JipssqDfHQ2hcR0AeR8Zge+OYyKUCm5b70X72N1qXt0qgHenwN6Gc2SXZA==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.27.1.tgz", + "integrity": "sha512-7Va2ZOkHi5NP+AZwb5ReLgNF6nWLGTeUJfxdkVUAPPSaAdbWNnFZzLZ4EGGmmiCTg+AwlbE1KyUYTBglosSLHQ==", "dev": true, "requires": { - "@typescript-eslint/scope-manager": "5.27.0", - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/typescript-estree": "5.27.0", + "@typescript-eslint/scope-manager": "5.27.1", + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/typescript-estree": "5.27.1", "debug": "^4.3.4" } }, "@typescript-eslint/scope-manager": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.27.0.tgz", - "integrity": "sha512-VnykheBQ/sHd1Vt0LJ1JLrMH1GzHO+SzX6VTXuStISIsvRiurue/eRkTqSrG0CexHQgKG8shyJfR4o5VYioB9g==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.27.1.tgz", + "integrity": "sha512-fQEOSa/QroWE6fAEg+bJxtRZJTH8NTskggybogHt4H9Da8zd4cJji76gA5SBlR0MgtwF7rebxTbDKB49YUCpAg==", "dev": true, "requires": { - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/visitor-keys": "5.27.0" + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/visitor-keys": "5.27.1" } }, "@typescript-eslint/type-utils": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.27.0.tgz", - "integrity": "sha512-vpTvRRchaf628Hb/Xzfek+85o//zEUotr1SmexKvTfs7czXfYjXVT/a5yDbpzLBX1rhbqxjDdr1Gyo0x1Fc64g==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.27.1.tgz", + "integrity": "sha512-+UC1vVUWaDHRnC2cQrCJ4QtVjpjjCgjNFpg8b03nERmkHv9JV9X5M19D7UFMd+/G7T/sgFwX2pGmWK38rqyvXw==", "dev": true, "requires": { - "@typescript-eslint/utils": "5.27.0", + "@typescript-eslint/utils": "5.27.1", "debug": "^4.3.4", "tsutils": "^3.21.0" } }, "@typescript-eslint/types": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.27.0.tgz", - "integrity": "sha512-lY6C7oGm9a/GWhmUDOs3xAVRz4ty/XKlQ2fOLr8GAIryGn0+UBOoJDWyHer3UgrHkenorwvBnphhP+zPmzmw0A==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.27.1.tgz", + "integrity": "sha512-LgogNVkBhCTZU/m8XgEYIWICD6m4dmEDbKXESCbqOXfKZxRKeqpiJXQIErv66sdopRKZPo5l32ymNqibYEH/xg==", "dev": true }, "@typescript-eslint/typescript-estree": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.27.0.tgz", - "integrity": "sha512-QywPMFvgZ+MHSLRofLI7BDL+UczFFHyj0vF5ibeChDAJgdTV8k4xgEwF0geFhVlPc1p8r70eYewzpo6ps+9LJQ==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.27.1.tgz", + "integrity": "sha512-DnZvvq3TAJ5ke+hk0LklvxwYsnXpRdqUY5gaVS0D4raKtbznPz71UJGnPTHEFo0GDxqLOLdMkkmVZjSpET1hFw==", "dev": true, "requires": { - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/visitor-keys": "5.27.0", + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/visitor-keys": "5.27.1", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -8688,26 +8688,26 @@ } }, "@typescript-eslint/utils": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.27.0.tgz", - "integrity": "sha512-nZvCrkIJppym7cIbP3pOwIkAefXOmfGPnCM0LQfzNaKxJHI6VjI8NC662uoiPlaf5f6ymkTy9C3NQXev2mdXmA==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.27.1.tgz", + "integrity": "sha512-mZ9WEn1ZLDaVrhRaYgzbkXBkTPghPFsup8zDbbsYTxC5OmqrFE7skkKS/sraVsLP3TcT3Ki5CSyEFBRkLH/H/w==", "dev": true, "requires": { "@types/json-schema": "^7.0.9", - "@typescript-eslint/scope-manager": "5.27.0", - "@typescript-eslint/types": "5.27.0", - "@typescript-eslint/typescript-estree": "5.27.0", + "@typescript-eslint/scope-manager": "5.27.1", + "@typescript-eslint/types": "5.27.1", + "@typescript-eslint/typescript-estree": "5.27.1", "eslint-scope": "^5.1.1", "eslint-utils": "^3.0.0" } }, "@typescript-eslint/visitor-keys": { - "version": "5.27.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.27.0.tgz", - "integrity": "sha512-46cYrteA2MrIAjv9ai44OQDUoCZyHeGIc4lsjCUX2WT6r4C+kidz1bNiR4017wHOPUythYeH+Sc7/cFP97KEAA==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.27.1.tgz", + "integrity": "sha512-xYs6ffo01nhdJgPieyk7HAOpjhTsx7r/oB9LWEhwAXgwn33tkr+W8DI2ChboqhZlC4q3TC6geDYPoiX8ROqyOQ==", "dev": true, "requires": { - "@typescript-eslint/types": "5.27.0", + "@typescript-eslint/types": "5.27.1", "eslint-visitor-keys": "^3.3.0" } }, @@ -13056,9 +13056,9 @@ "dev": true }, "yaml": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.0.tgz", - "integrity": "sha512-OuAINfTsoJrY5H7CBWnKZhX6nZciXBydrMtTHr1dC4nP40X5jyTIVlogZHxSlVZM8zSgXRfgZGsaHF4+pV+JRw==" + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.1.1.tgz", + "integrity": "sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw==" }, "yargs": { "version": "16.2.0", diff --git a/package.json b/package.json index 043bef8..43bd22a 100644 --- a/package.json +++ b/package.json @@ -32,13 +32,13 @@ "ansi-styles": "^6.1.0", "got": "^12.1.0", "nodemon": "^2.0.16", - "yaml": "^2.1.0", + "yaml": "^2.1.1", "zod": "^3.17.3" }, "devDependencies": { "@types/node": "^17.0.40", - "@typescript-eslint/eslint-plugin": "^5.27.0", - "@typescript-eslint/parser": "^5.27.0", + "@typescript-eslint/eslint-plugin": "^5.27.1", + "@typescript-eslint/parser": "^5.27.1", "@vercel/ncc": "^0.34.0", "esbuild-register": "^3.3.3", "eslint": "^8.17.0",