From 38b654a8087d932927880d33bcaabadf92603a2f Mon Sep 17 00:00:00 2001 From: Gar Date: Wed, 5 Nov 2025 10:56:38 -0800 Subject: [PATCH 1/4] deps: proc-log@6.0.0 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 908ee39..3d7eced 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ ], "dependencies": { "hosted-git-info": "^9.0.0", - "proc-log": "^5.0.0", + "proc-log": "^6.0.0", "semver": "^7.3.5", "validate-npm-package-name": "^6.0.0" }, From 6eb5c258181b468ef5ae45430bd37210a55cee39 Mon Sep 17 00:00:00 2001 From: Gar Date: Wed, 5 Nov 2025 10:56:58 -0800 Subject: [PATCH 2/4] deps: validate-npm-package-name@7.0.0 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 3d7eced..9484dd3 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ "hosted-git-info": "^9.0.0", "proc-log": "^6.0.0", "semver": "^7.3.5", - "validate-npm-package-name": "^6.0.0" + "validate-npm-package-name": "^7.0.0" }, "devDependencies": { "@npmcli/eslint-config": "^5.0.0", From 75dd00bbbd154d5a03feaf40f2a98e1e88db3b2a Mon Sep 17 00:00:00 2001 From: Gar Date: Wed, 5 Nov 2025 10:58:50 -0800 Subject: [PATCH 3/4] chore: @npmcli/template-oss@4.28.0 --- .github/workflows/audit.yml | 3 +++ .github/workflows/ci-release.yml | 4 ++++ .github/workflows/ci.yml | 3 +++ .github/workflows/codeql-analysis.yml | 3 +++ .github/workflows/post-dependabot.yml | 2 +- .github/workflows/pull-request.yml | 3 +++ .github/workflows/release-integration.yml | 4 ++++ .github/workflows/release.yml | 1 + .gitignore | 1 + package.json | 4 ++-- 10 files changed, 25 insertions(+), 3 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index a3ae725..85282bd 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -8,6 +8,9 @@ on: # "At 08:00 UTC (01:00 PT) on Monday" https://crontab.guru/#0_8_*_*_1 - cron: "0 8 * * 1" +permissions: + contents: read + jobs: audit: name: Audit Dependencies diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 3e275fe..e9ab5ff 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -18,6 +18,10 @@ on: required: true type: string +permissions: + contents: read + checks: write + jobs: lint-all: name: Lint All diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce92ea4..92a33b5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,6 +12,9 @@ on: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" +permissions: + contents: read + jobs: lint: name: Lint diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 15c8efe..af848e1 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,6 +13,9 @@ on: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" +permissions: + contents: read + jobs: analyze: name: Analyze diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 1ea8693..3a91911 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -54,7 +54,7 @@ jobs: else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT + echo "workspace=--workspace ${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 7dbdfd4..c69932d 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -10,6 +10,9 @@ on: - edited - synchronize +permissions: + contents: read + jobs: commitlint: name: Lint Commits diff --git a/.github/workflows/release-integration.yml b/.github/workflows/release-integration.yml index 130578e..9ca9a2b 100644 --- a/.github/workflows/release-integration.yml +++ b/.github/workflows/release-integration.yml @@ -19,6 +19,10 @@ on: PUBLISH_TOKEN: required: true +permissions: + contents: read + id-token: write + jobs: publish: name: Publish diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 75acebb..53ff3c2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -244,6 +244,7 @@ jobs: if: needs.release.outputs.releases uses: ./.github/workflows/release-integration.yml permissions: + contents: read id-token: write secrets: PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} diff --git a/.gitignore b/.gitignore index 2bab6d1..dedbc77 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ !**/.gitignore !/.commitlintrc.js +!/.eslint.config.js !/.eslintrc.js !/.eslintrc.local.* !/.git-blame-ignore-revs diff --git a/package.json b/package.json index 9484dd3..d7e1188 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^5.0.0", - "@npmcli/template-oss": "4.23.5", + "@npmcli/template-oss": "4.28.0", "tap": "^16.0.1" }, "scripts": { @@ -54,7 +54,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.23.5", + "version": "4.28.0", "publish": true } } From c7014651965b3372f1c6a8dd208cbd23e8ca9daa Mon Sep 17 00:00:00 2001 From: Gar Date: Wed, 5 Nov 2025 10:59:09 -0800 Subject: [PATCH 4/4] chore: @npmcli/eslint-config@6.0.0 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index d7e1188..aa09f83 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ "validate-npm-package-name": "^7.0.0" }, "devDependencies": { - "@npmcli/eslint-config": "^5.0.0", + "@npmcli/eslint-config": "^6.0.0", "@npmcli/template-oss": "4.28.0", "tap": "^16.0.1" },