Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v1.1.13 #98

Merged
merged 4 commits into from
Jan 13, 2023
Merged

Release v1.1.13 #98

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
172c878
Update all dependencies (#92)
renovate[bot] Jan 11, 2023
f8a7ac1
Bump json5 from 1.0.1 to 1.0.2 (#95)
dependabot[bot] Jan 11, 2023
7b1604d
Block egress traffic and add stability badge (#96)
miguelnietoa Jan 13, 2023
2a3486d
Prepare release v1.1.13 (#97)
miguelnietoa Jan 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,14 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
disable-sudo: true
egress-policy: block
allowed-endpoints: >
coveralls.io:443
github.com:443
registry.yarnpkg.com:443

- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 # v2.6.0
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Install modules
run: yarn
- name: Run tests
Expand Down
8 changes: 6 additions & 2 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,10 +43,14 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443

- name: Checkout repository
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
Expand Down
11 changes: 8 additions & 3 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,16 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
registry.npmjs.org:443
registry.yarnpkg.com:443

- uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
# Setup .npmrc file to publish to npm
- uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # v3.5.1
- uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version: "16.x"
registry-url: "https://registry.npmjs.org"
Expand Down
20 changes: 15 additions & 5 deletions .github/workflows/scorecards.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,25 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
api.osv.dev:443
api.securityscorecards.dev:443
bestpractices.coreinfrastructure.org:443
fulcio.sigstore.dev:443
github.com:443
rekor.sigstore.dev:443
sigstore-tuf-root.storage.googleapis.com:443

- name: "Checkout code"
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6
uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -51,14 +61,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@c7f292ea4f542c473194b33813ccd4c207a6c725 # v2.1.21
uses: github/codeql-action/upload-sarif@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # v2.1.37
with:
sarif_file: results.sarif
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Changelog

## 1.1.13 (13.01.2023)

* Update all dependencies.
* Block egress traffic in GitHub Actions.
* Add stability badge in README.

## 1.1.12 (28.12.2022)

* Add Renovate as dependency update tool.
Expand Down
3 changes: 2 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@

# EditorJS Tooltip Inline-tool

![stability-stable](https://img.shields.io/badge/stability-stable-green.svg)
![](https://badgen.net/badge/Editor.js/v2.0/blue)
[![Coverage Status](https://coveralls.io/repos/github/kommitters/editorjs-tooltip/badge.svg)](https://coveralls.io/github/kommitters/editorjs-tooltip)
[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6470/badge)](https://bestpractices.coreinfrastructure.org/projects/6470)
Expand Down
17 changes: 9 additions & 8 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "editorjs-tooltip",
"version": "1.1.12",
"version": "1.1.13",
"keywords": [
"tool",
"tooltip",
Expand Down Expand Up @@ -32,18 +32,19 @@
"@babel/core": "^7.15.5",
"@babel/preset-env": "^7.15.6",
"@testing-library/jest-dom": "^5.14.1",
"babel-jest": "^27.2.4",
"babel-loader": "^8.2.2",
"babel-jest": "^29.0.0",
"babel-loader": "^9.0.0",
"css-loader": "^6.5.1",
"eslint": "^7.32.0",
"eslint-config-airbnb-base": "^14.2.1",
"eslint": "^8.0.0",
"eslint-config-airbnb-base": "^15.0.0",
"eslint-plugin-import": "^2.24.2",
"eslint-plugin-jest": "^24.5.2",
"jest": "^27.2.4",
"eslint-plugin-jest": "^27.0.0",
"jest": "^29.0.0",
"jest-environment-jsdom": "^29.3.1",
"style-loader": "^3.3.0",
"svg-inline-loader": "^0.8.2",
"webpack": "^5.56.1",
"webpack-cli": "^4.8.0"
"webpack-cli": "^5.0.0"
},
"jest": {
"setupFilesAfterEnv": [
Expand Down
2 changes: 1 addition & 1 deletion test/config/assetsTransform.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module.exports = {
process() {
return 'module.exports = {};';
return { code: 'module.exports = {};' };
},
getCacheKey() {
return 'assetsTransform';
Expand Down
Loading