Compare commits

...

21 Commits

Author SHA1 Message Date
Sambo Chea
7c76e17f13
Merge pull request #1 from CUBETIQ/dependabot/npm_and_yarn/eslint-8.12.0
Some checks reported errors
continuous-integration/drone/push Build was killed
Bump eslint from 7.32.0 to 8.12.0
2022-03-31 09:03:57 +07:00
Sambo Chea
3fd4b6f22b
Merge pull request #6 from CUBETIQ/dependabot/npm_and_yarn/lint-staged-12.3.7
Bump lint-staged from 11.2.6 to 12.3.7
2022-03-31 09:03:49 +07:00
Sambo Chea
8164515bd2
Merge pull request #8 from CUBETIQ/dependabot/npm_and_yarn/ts-jest-27.1.4
Bump ts-jest from 27.1.3 to 27.1.4
2022-03-31 09:03:42 +07:00
Sambo Chea
434c6c6ed9
Merge pull request #12 from CUBETIQ/dependabot/npm_and_yarn/types/jest-27.4.1
Bump @types/jest from 27.4.0 to 27.4.1
2022-03-31 09:03:34 +07:00
Sambo Chea
f68c6e76ca
Merge pull request #9 from CUBETIQ/dependabot/npm_and_yarn/typescript-4.6.3
Bump typescript from 4.5.5 to 4.6.3
2022-03-31 09:03:23 +07:00
dependabot[bot]
5aaf0b047c
Bump typescript from 4.5.5 to 4.6.3
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.5.5 to 4.6.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.5.5...v4.6.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 10:44:51 +00:00
dependabot[bot]
13ec7206d3
Bump @types/jest from 27.4.0 to 27.4.1
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 27.4.0 to 27.4.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 10:44:26 +00:00
dependabot[bot]
e8c2635712
Bump eslint from 7.32.0 to 8.12.0
Bumps [eslint](https://github.com/eslint/eslint) from 7.32.0 to 8.12.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.32.0...v8.12.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 10:44:22 +00:00
Sambo Chea
1789279fe5
Merge pull request #11 from CUBETIQ/dependabot/npm_and_yarn/eslint-plugin-jsdoc-38.1.4
Bump eslint-plugin-jsdoc from 36.1.1 to 38.1.4
2022-03-30 17:43:33 +07:00
dependabot[bot]
85cebfb695
Bump eslint-plugin-jsdoc from 36.1.1 to 38.1.4
Bumps [eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) from 36.1.1 to 38.1.4.
- [Release notes](https://github.com/gajus/eslint-plugin-jsdoc/releases)
- [Commits](https://github.com/gajus/eslint-plugin-jsdoc/compare/v36.1.1...v38.1.4)

---
updated-dependencies:
- dependency-name: eslint-plugin-jsdoc
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 04:40:27 +00:00
dependabot[bot]
b2b6d0b30b
Bump ts-jest from 27.1.3 to 27.1.4
Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 27.1.3 to 27.1.4.
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v27.1.3...v27.1.4)

---
updated-dependencies:
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 04:40:47 +00:00
dependabot[bot]
ede350fba8
Bump lint-staged from 11.2.6 to 12.3.7
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 11.2.6 to 12.3.7.
- [Release notes](https://github.com/okonet/lint-staged/releases)
- [Commits](https://github.com/okonet/lint-staged/compare/v11.2.6...v12.3.7)

---
updated-dependencies:
- dependency-name: lint-staged
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 04:40:19 +00:00
Sambo Chea
724eb69ff5
Merge pull request #3 from CUBETIQ/dependabot/npm_and_yarn/types/node-17.0.23
Bump @types/node from 16.11.24 to 17.0.23
2022-03-26 09:39:21 +07:00
Sambo Chea
4c9c6fb204
Merge pull request #4 from CUBETIQ/dependabot/npm_and_yarn/tsconfig-paths-3.14.1
Bump tsconfig-paths from 3.12.0 to 3.14.1
2022-03-26 09:39:13 +07:00
Sambo Chea
ca8a7f6ca6
Merge pull request #5 from CUBETIQ/dependabot/npm_and_yarn/eslint-config-prettier-8.5.0
Bump eslint-config-prettier from 8.3.0 to 8.5.0
2022-03-26 09:39:04 +07:00
Sambo Chea
3064d7d349
Create codeql.yml 2022-03-26 09:36:28 +07:00
dependabot[bot]
4f3e144901
Bump eslint-config-prettier from 8.3.0 to 8.5.0
Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 8.3.0 to 8.5.0.
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/eslint-config-prettier/compare/v8.3.0...v8.5.0)

---
updated-dependencies:
- dependency-name: eslint-config-prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-26 02:34:39 +00:00
dependabot[bot]
02519c5119
Bump tsconfig-paths from 3.12.0 to 3.14.1
Bumps [tsconfig-paths](https://github.com/dividab/tsconfig-paths) from 3.12.0 to 3.14.1.
- [Release notes](https://github.com/dividab/tsconfig-paths/releases)
- [Changelog](https://github.com/dividab/tsconfig-paths/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dividab/tsconfig-paths/compare/v3.12.0...v3.14.1)

---
updated-dependencies:
- dependency-name: tsconfig-paths
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-26 02:34:33 +00:00
dependabot[bot]
4a8ee82f50
Bump @types/node from 16.11.24 to 17.0.23
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.11.24 to 17.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-26 02:34:27 +00:00
Sambo Chea
a1c4b9466b
Create codacy.yml 2022-03-26 09:33:51 +07:00
Sambo Chea
7c775399ef
Create dependabot.yml 2022-03-26 09:33:28 +07:00
5 changed files with 781 additions and 643 deletions

11
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,11 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: "npm" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "daily"

60
.github/workflows/codacy.yml vendored Normal file
View File

@ -0,0 +1,60 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow checks out code, performs a Codacy security scan
# and integrates the results with the
# GitHub Advanced Security code scanning feature. For more information on
# the Codacy security scan action usage and parameters, see
# https://github.com/codacy/codacy-analysis-cli-action.
# For more information on Codacy Analysis CLI in general, see
# https://github.com/codacy/codacy-analysis-cli.
name: Codacy Security Scan
on:
push:
branches: [ main ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
schedule:
- cron: '34 10 * * 5'
permissions:
contents: read
jobs:
codacy-security-scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout code
uses: actions/checkout@v2
# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
with:
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# You can also omit the token and run the tools that support default configurations
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
verbose: true
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will handover control about PR rejection to the GitHub side
max-allowed-issues: 2147483647
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: results.sarif

70
.github/workflows/codeql.yml vendored Normal file
View File

@ -0,0 +1,70 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ main ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
schedule:
- cron: '23 7 * * 0'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'javascript' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
uses: actions/checkout@v2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

1253
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -23,22 +23,22 @@
"author": "Sambo Chea <sombochea@cubetiqs.com>", "author": "Sambo Chea <sombochea@cubetiqs.com>",
"license": "ISC", "license": "ISC",
"devDependencies": { "devDependencies": {
"@types/jest": "^27.4.0", "@types/jest": "^27.4.1",
"@types/node": "^16.9.1", "@types/node": "^17.0.23",
"@typescript-eslint/eslint-plugin": "^4.30.0", "@typescript-eslint/eslint-plugin": "^4.30.0",
"@typescript-eslint/parser": "^4.30.0", "@typescript-eslint/parser": "^4.30.0",
"eslint": "^7.32.0", "eslint": "^8.12.0",
"eslint-config-prettier": "^8.3.0", "eslint-config-prettier": "^8.5.0",
"eslint-plugin-jsdoc": "^36.0.8", "eslint-plugin-jsdoc": "^38.1.4",
"eslint-plugin-prefer-arrow": "^1.2.3", "eslint-plugin-prefer-arrow": "^1.2.3",
"husky": "^7.0.2", "husky": "^7.0.2",
"jest": "^27.5.1", "jest": "^27.5.1",
"lint-staged": "^11.1.2", "lint-staged": "^12.3.7",
"prettier": "2.3.2", "prettier": "2.3.2",
"ts-jest": "^27.1.3", "ts-jest": "^27.1.4",
"ts-node-dev": "^1.1.8", "ts-node-dev": "^1.1.8",
"tsconfig-paths": "^3.12.0", "tsconfig-paths": "^3.14.1",
"typescript": "^4.4.2" "typescript": "^4.6.3"
}, },
"lint-staged": { "lint-staged": {
"**/*": "prettier --write --ignore-unknown" "**/*": "prettier --write --ignore-unknown"