Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Even more deps updates #7498

Merged
merged 5 commits into from
May 10, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions DEPENDENCIES.md
Original file line number Diff line number Diff line change
Expand Up @@ -737,6 +737,8 @@ graph LR;
sigstore-->sigstore-verify["@sigstore/verify"];
sigstore-bundle-->sigstore-protobuf-specs["@sigstore/protobuf-specs"];
sigstore-sign-->make-fetch-happen;
sigstore-sign-->proc-log;
sigstore-sign-->promise-retry;
sigstore-sign-->sigstore-bundle["@sigstore/bundle"];
sigstore-sign-->sigstore-core["@sigstore/core"];
sigstore-sign-->sigstore-protobuf-specs["@sigstore/protobuf-specs"];
Expand Down
6 changes: 5 additions & 1 deletion node_modules/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@
!/@tufjs/
/@tufjs/*
!/@tufjs/canonical-json
!/@tufjs/models
!/abbrev
!/agent-base
!/aggregate-error
Expand Down Expand Up @@ -211,6 +210,11 @@
!/tiny-relative-date
!/treeverse
!/tuf-js
!/tuf-js/node_modules/
/tuf-js/node_modules/*
!/tuf-js/node_modules/@tufjs/
/tuf-js/node_modules/@tufjs/*
!/tuf-js/node_modules/@tufjs/models
wraithgar marked this conversation as resolved.
Show resolved Hide resolved
!/unique-filename
!/unique-slug
!/util-deprecate
Expand Down
10 changes: 5 additions & 5 deletions node_modules/@npmcli/fs/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@npmcli/fs",
"version": "3.1.0",
"version": "3.1.1",
"description": "filesystem utilities for the npm cli",
"main": "lib/index.js",
"files": [
Expand All @@ -11,7 +11,7 @@
"snap": "tap",
"test": "tap",
"npmclilint": "npmcli-lint",
"lint": "eslint \"**/*.js\"",
"lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"",
"lintfix": "npm run lint -- --fix",
"posttest": "npm run lint",
"postsnap": "npm run lintfix --",
Expand All @@ -20,7 +20,7 @@
},
"repository": {
"type": "git",
"url": "https://github.com/npm/fs.git"
"url": "git+https://github.com/npm/fs.git"
},
"keywords": [
"npm",
Expand All @@ -30,7 +30,7 @@
"license": "ISC",
"devDependencies": {
"@npmcli/eslint-config": "^4.0.0",
"@npmcli/template-oss": "4.8.0",
"@npmcli/template-oss": "4.22.0",
"tap": "^16.0.1"
},
"dependencies": {
Expand All @@ -41,7 +41,7 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "4.8.0"
"version": "4.22.0"
},
"tap": {
"nyc-arg": [
Expand Down
44 changes: 16 additions & 28 deletions node_modules/@sigstore/sign/dist/external/error.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,21 @@
"use strict";
/*
Copyright 2023 The Sigstore Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.checkStatus = exports.HTTPError = void 0;
exports.HTTPError = void 0;
class HTTPError extends Error {
constructor({ status, message, location, }) {
super(`(${status}) ${message}`);
Expand All @@ -9,30 +24,3 @@ class HTTPError extends Error {
}
}
exports.HTTPError = HTTPError;
const checkStatus = async (response) => {
if (response.ok) {
return response;
}
else {
let message = response.statusText;
const location = response.headers?.get('Location') || undefined;
const contentType = response.headers?.get('Content-Type');
// If response type is JSON, try to parse the body for a message
if (contentType?.includes('application/json')) {
try {
await response.json().then((body) => {
message = body.message;
});
}
catch (e) {
// ignore
}
}
throw new HTTPError({
status: response.status,
message: message,
location: location,
});
}
};
exports.checkStatus = checkStatus;
99 changes: 99 additions & 0 deletions node_modules/@sigstore/sign/dist/external/fetch.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.fetchWithRetry = void 0;
/*
Copyright 2023 The Sigstore Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const http2_1 = require("http2");
const make_fetch_happen_1 = __importDefault(require("make-fetch-happen"));
const proc_log_1 = require("proc-log");
const promise_retry_1 = __importDefault(require("promise-retry"));
const util_1 = require("../util");
const error_1 = require("./error");
const { HTTP2_HEADER_LOCATION, HTTP2_HEADER_CONTENT_TYPE, HTTP2_HEADER_USER_AGENT, HTTP_STATUS_INTERNAL_SERVER_ERROR, HTTP_STATUS_TOO_MANY_REQUESTS, HTTP_STATUS_REQUEST_TIMEOUT, } = http2_1.constants;
async function fetchWithRetry(url, options) {
return (0, promise_retry_1.default)(async (retry, attemptNum) => {
const method = options.method || 'POST';
const headers = {
[HTTP2_HEADER_USER_AGENT]: util_1.ua.getUserAgent(),
...options.headers,
};
const response = await (0, make_fetch_happen_1.default)(url, {
method,
headers,
body: options.body,
timeout: options.timeout,
retry: false, // We're handling retries ourselves
}).catch((reason) => {
proc_log_1.log.http('fetch', `${method} ${url} attempt ${attemptNum} failed with ${reason}`);
return retry(reason);
});
if (response.ok) {
return response;
}
else {
const error = await errorFromResponse(response);
proc_log_1.log.http('fetch', `${method} ${url} attempt ${attemptNum} failed with ${response.status}`);
if (retryable(response.status)) {
return retry(error);
}
else {
throw error;
}
}
}, retryOpts(options.retry));
}
exports.fetchWithRetry = fetchWithRetry;
// Translate a Response into an HTTPError instance. This will attempt to parse
// the response body for a message, but will default to the statusText if none
// is found.
const errorFromResponse = async (response) => {
let message = response.statusText;
const location = response.headers?.get(HTTP2_HEADER_LOCATION) || undefined;
const contentType = response.headers?.get(HTTP2_HEADER_CONTENT_TYPE);
// If response type is JSON, try to parse the body for a message
if (contentType?.includes('application/json')) {
try {
const body = await response.json();
message = body.message || message;
}
catch (e) {
// ignore
}
}
return new error_1.HTTPError({
status: response.status,
message: message,
location: location,
});
};
// Determine if a status code is retryable. This includes 5xx errors, 408, and
// 429.
const retryable = (status) => [HTTP_STATUS_REQUEST_TIMEOUT, HTTP_STATUS_TOO_MANY_REQUESTS].includes(status) || status >= HTTP_STATUS_INTERNAL_SERVER_ERROR;
// Normalize the retry options to the format expected by promise-retry
const retryOpts = (retry) => {
if (typeof retry === 'boolean') {
return { retries: retry ? 1 : 0 };
}
else if (typeof retry === 'number') {
return { retries: retry };
}
else {
return { retries: 0, ...retry };
}
};
30 changes: 10 additions & 20 deletions node_modules/@sigstore/sign/dist/external/fulcio.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Fulcio = void 0;
/*
Expand All @@ -19,33 +16,26 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const make_fetch_happen_1 = __importDefault(require("make-fetch-happen"));
const util_1 = require("../util");
const error_1 = require("./error");
const fetch_1 = require("./fetch");
/**
* Fulcio API client.
*/
class Fulcio {
constructor(options) {
this.fetch = make_fetch_happen_1.default.defaults({
retry: options.retry,
timeout: options.timeout,
this.options = options;
}
async createSigningCertificate(request) {
const { baseURL, retry, timeout } = this.options;
const url = `${baseURL}/api/v2/signingCert`;
const response = await (0, fetch_1.fetchWithRetry)(url, {
headers: {
'Content-Type': 'application/json',
'User-Agent': util_1.ua.getUserAgent(),
},
});
this.baseUrl = options.baseURL;
}
async createSigningCertificate(request) {
const url = `${this.baseUrl}/api/v2/signingCert`;
const response = await this.fetch(url, {
method: 'POST',
body: JSON.stringify(request),
timeout,
retry,
});
await (0, error_1.checkStatus)(response);
const data = await response.json();
return data;
return response.json();
}
}
exports.Fulcio = Fulcio;
77 changes: 21 additions & 56 deletions node_modules/@sigstore/sign/dist/external/rekor.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Rekor = void 0;
/*
Expand All @@ -19,37 +16,31 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const make_fetch_happen_1 = __importDefault(require("make-fetch-happen"));
const util_1 = require("../util");
const error_1 = require("./error");
const fetch_1 = require("./fetch");
/**
* Rekor API client.
*/
class Rekor {
constructor(options) {
this.fetch = make_fetch_happen_1.default.defaults({
retry: options.retry,
timeout: options.timeout,
headers: {
Accept: 'application/json',
'User-Agent': util_1.ua.getUserAgent(),
},
});
this.baseUrl = options.baseURL;
this.options = options;
}
/**
* Create a new entry in the Rekor log.
* @param propsedEntry {ProposedEntry} Data to create a new entry
* @returns {Promise<Entry>} The created entry
*/
async createEntry(propsedEntry) {
const url = `${this.baseUrl}/api/v1/log/entries`;
const response = await this.fetch(url, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
const { baseURL, timeout, retry } = this.options;
const url = `${baseURL}/api/v1/log/entries`;
const response = await (0, fetch_1.fetchWithRetry)(url, {
headers: {
'Content-Type': 'application/json',
Accept: 'application/json',
},
body: JSON.stringify(propsedEntry),
timeout,
retry,
});
await (0, error_1.checkStatus)(response);
const data = await response.json();
return entryFromResponse(data);
}
Expand All @@ -59,44 +50,18 @@ class Rekor {
* @returns {Promise<Entry>} The retrieved entry
*/
async getEntry(uuid) {
const url = `${this.baseUrl}/api/v1/log/entries/${uuid}`;
const response = await this.fetch(url);
await (0, error_1.checkStatus)(response);
const data = await response.json();
return entryFromResponse(data);
}
/**
* Search the Rekor log index for entries matching the given query.
* @param opts {SearchIndex} Options to search the Rekor log
* @returns {Promise<string[]>} UUIDs of matching entries
*/
async searchIndex(opts) {
const url = `${this.baseUrl}/api/v1/index/retrieve`;
const response = await this.fetch(url, {
method: 'POST',
body: JSON.stringify(opts),
headers: { 'Content-Type': 'application/json' },
const { baseURL, timeout, retry } = this.options;
const url = `${baseURL}/api/v1/log/entries/${uuid}`;
const response = await (0, fetch_1.fetchWithRetry)(url, {
method: 'GET',
headers: {
Accept: 'application/json',
},
timeout,
retry,
});
await (0, error_1.checkStatus)(response);
const data = await response.json();
return data;
}
/**
* Search the Rekor logs for matching the given query.
* @param opts {SearchLogQuery} Query to search the Rekor log
* @returns {Promise<Entry[]>} List of matching entries
*/
async searchLog(opts) {
const url = `${this.baseUrl}/api/v1/log/entries/retrieve`;
const response = await this.fetch(url, {
method: 'POST',
body: JSON.stringify(opts),
headers: { 'Content-Type': 'application/json' },
});
await (0, error_1.checkStatus)(response);
const rawData = await response.json();
const data = rawData.map((d) => entryFromResponse(d));
return data;
return entryFromResponse(data);
}
}
exports.Rekor = Rekor;
Expand Down
Loading
Loading