diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 052c48e0..80524b2e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,12 +29,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: languages: ${{ matrix.language }} queries: security-extended,security-and-quality - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 5870edde..8ce01406 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -16,7 +16,7 @@ jobs: env: SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} container: - image: returntocorp/semgrep@sha256:cda1b566fafbf6010a02a3ea1d265b1c8eba4380e489a13891a102243d81ca6f # latest + image: returntocorp/semgrep@sha256:48d1634d311ddef6b6a9915d79d9d69886bce1ec5e91cd944716f2c18d51c96d # latest steps: - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - run: semgrep ci diff --git a/package.json b/package.json index 43fc0f18..6d8d7ba1 100644 --- a/package.json +++ b/package.json @@ -3,10 +3,10 @@ "author": "The OpenINF Authors & Friends", "private": "true", "description": "The OpenINF portal, other static resources, and more static electricity", - "packageManager": "pnpm@10.17.0", + "packageManager": "pnpm@10.17.1", "engines": { - "node": "22.19.0", - "pnpm": "10.17.0" + "node": "22.20.0", + "pnpm": "10.17.1" }, "exports": { "./build/constants": "./build/shared/constants.mjs", @@ -106,7 +106,7 @@ "stylelint": "16.24.0", "stylelint-config-recess-order": "6.1.0", "stylelint-config-standard-scss": "14.0.0", - "tsx": "4.20.5", + "tsx": "4.20.6", "typescript": "5.9.2", "unified": "11.0.5", "vnu-jar": "24.10.17", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 5ed64ce9..71f267ea 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -85,7 +85,7 @@ importers: version: 1.1.0 gulp-postcss: specifier: 10.0.0 - version: 10.0.0(postcss@8.5.6)(tsx@4.20.5) + version: 10.0.0(postcss@8.5.6)(tsx@4.20.6) gulp-rename: specifier: 2.1.0 version: 2.1.0 @@ -255,8 +255,8 @@ importers: specifier: 14.0.0 version: 14.0.0(postcss@8.5.6)(stylelint@16.24.0(typescript@5.9.2)) tsx: - specifier: 4.20.5 - version: 4.20.5 + specifier: 4.20.6 + version: 4.20.6 typescript: specifier: 5.9.2 version: 5.9.2 @@ -4363,8 +4363,8 @@ packages: tslib@2.8.1: resolution: {integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==} - tsx@4.20.5: - resolution: {integrity: sha512-+wKjMNU9w/EaQayHXb7WA7ZaHY6hN8WgfvHNQ3t1PnU91/7O8TcTnIhCDYTZwnt8JsO9IBqZ30Ln1r7pPF52Aw==} + tsx@4.20.6: + resolution: {integrity: sha512-ytQKuwgmrrkDTFP4LjR0ToE2nqgy886GpvRSpU0JAnrdBYppuY5rLkRUYPU1yCryb24SsKBTL/hlDQAEFVwtZg==} engines: {node: '>=18.0.0'} hasBin: true @@ -6859,12 +6859,12 @@ snapshots: through2: 2.0.5 vinyl-sourcemaps-apply: 0.2.1 - gulp-postcss@10.0.0(postcss@8.5.6)(tsx@4.20.5): + gulp-postcss@10.0.0(postcss@8.5.6)(tsx@4.20.6): dependencies: fancy-log: 2.0.0 plugin-error: 2.0.1 postcss: 8.5.6 - postcss-load-config: 5.1.0(postcss@8.5.6)(tsx@4.20.5) + postcss-load-config: 5.1.0(postcss@8.5.6)(tsx@4.20.6) vinyl-sourcemaps-apply: 0.2.1 transitivePeerDependencies: - jiti @@ -8145,13 +8145,13 @@ snapshots: dependencies: postcss: 8.5.6 - postcss-load-config@5.1.0(postcss@8.5.6)(tsx@4.20.5): + postcss-load-config@5.1.0(postcss@8.5.6)(tsx@4.20.6): dependencies: lilconfig: 3.1.3 yaml: 2.8.1 optionalDependencies: postcss: 8.5.6 - tsx: 4.20.5 + tsx: 4.20.6 postcss-media-query-parser@0.2.3: {} @@ -9778,7 +9778,7 @@ snapshots: tslib@2.8.1: {} - tsx@4.20.5: + tsx@4.20.6: dependencies: esbuild: 0.25.10 get-tsconfig: 4.10.1