From 2915625ef17fd66c5462b4e259b09e324d7cbeeb Mon Sep 17 00:00:00 2001 From: jdalton Date: Mon, 2 Mar 2026 20:36:46 -0500 Subject: [PATCH 1/2] chore(ci): update workflow SHA references to latest --- .github/workflows/ci.yml | 4 ++-- .github/workflows/claude-auto-review.yml | 2 +- .github/workflows/claude.yml | 2 +- .github/workflows/provenance.yml | 2 +- .github/workflows/socket-auto-pr.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 41a7a2f..0553abd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,7 +27,7 @@ permissions: jobs: ci: name: Run CI Pipeline - uses: SocketDev/socket-registry/.github/workflows/ci.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main + uses: SocketDev/socket-registry/.github/workflows/ci.yml@67a3db92603c23c58031586611c7cc852244c87c # main with: test-setup-script: 'pnpm run build' lint-script: 'pnpm run lint --all' @@ -46,7 +46,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: SocketDev/socket-registry/.github/actions/setup-and-install@4709a2443e5a036bb0cd94e5d1559f138f05994c # main + - uses: SocketDev/socket-registry/.github/actions/setup-and-install@67a3db92603c23c58031586611c7cc852244c87c # main with: node-version: '22' diff --git a/.github/workflows/claude-auto-review.yml b/.github/workflows/claude-auto-review.yml index d365476..f9d2f3b 100644 --- a/.github/workflows/claude-auto-review.yml +++ b/.github/workflows/claude-auto-review.yml @@ -15,6 +15,6 @@ permissions: jobs: auto-review: - uses: SocketDev/socket-registry/.github/workflows/claude-auto-review.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main + uses: SocketDev/socket-registry/.github/workflows/claude-auto-review.yml@67a3db92603c23c58031586611c7cc852244c87c # main secrets: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 2f4ccdf..0f09768 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -22,6 +22,6 @@ permissions: jobs: claude: - uses: SocketDev/socket-registry/.github/workflows/claude.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main + uses: SocketDev/socket-registry/.github/workflows/claude.yml@67a3db92603c23c58031586611c7cc852244c87c # main secrets: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} diff --git a/.github/workflows/provenance.yml b/.github/workflows/provenance.yml index 30f1b52..2ca1a11 100644 --- a/.github/workflows/provenance.yml +++ b/.github/workflows/provenance.yml @@ -21,7 +21,7 @@ permissions: jobs: publish: - uses: SocketDev/socket-registry/.github/workflows/provenance.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main + uses: SocketDev/socket-registry/.github/workflows/provenance.yml@67a3db92603c23c58031586611c7cc852244c87c # main with: debug: ${{ inputs.debug }} package-name: '@socketsecurity/lib' diff --git a/.github/workflows/socket-auto-pr.yml b/.github/workflows/socket-auto-pr.yml index 10718c0..837cc65 100644 --- a/.github/workflows/socket-auto-pr.yml +++ b/.github/workflows/socket-auto-pr.yml @@ -24,7 +24,7 @@ permissions: jobs: socket-auto-pr: - uses: SocketDev/socket-registry/.github/workflows/socket-auto-pr.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main + uses: SocketDev/socket-registry/.github/workflows/socket-auto-pr.yml@67a3db92603c23c58031586611c7cc852244c87c # main with: debug: ${{ inputs.debug }} autopilot: true From b5b3742d83e5013be0862c7abfdc4c8821c69771 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 17:24:23 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=A4=96=20Dep=20Updates:=20Bump=20@esl?= =?UTF-8?q?int/compat=20from=201.4.0=20to=202.0.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) from 1.4.0 to 2.0.2. - [Release notes](https://github.com/eslint/rewrite/releases) - [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md) - [Commits](https://github.com/eslint/rewrite/commits/compat-v2.0.2/packages/compat) --- updated-dependencies: - dependency-name: "@eslint/compat" dependency-version: 2.0.2 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- pnpm-lock.yaml | 30 ++++++++++++++++++------------ 2 files changed, 19 insertions(+), 13 deletions(-) diff --git a/package.json b/package.json index 105d3cb..1dfbd50 100644 --- a/package.json +++ b/package.json @@ -716,7 +716,7 @@ "@babel/types": "7.28.4", "@biomejs/biome": "2.2.4", "@dotenvx/dotenvx": "1.49.0", - "@eslint/compat": "1.4.0", + "@eslint/compat": "2.0.2", "@eslint/js": "9.38.0", "@inquirer/checkbox": "4.3.1", "@inquirer/confirm": "5.1.16", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e05c43b..30b9bc6 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -63,8 +63,8 @@ importers: specifier: 1.49.0 version: 1.49.0 '@eslint/compat': - specifier: 1.4.0 - version: 1.4.0(eslint@9.35.0(jiti@2.6.1)(supports-color@10.0.0)) + specifier: 2.0.2 + version: 2.0.2(eslint@9.35.0(jiti@2.6.1)(supports-color@10.0.0)) '@eslint/js': specifier: 9.38.0 version: 9.38.0 @@ -587,11 +587,11 @@ packages: resolution: {integrity: sha512-EriSTlt5OC9/7SXkRSCAhfSxxoSUgBm33OH+IkwbdpgoqsSsUg7y3uh+IICI/Qg4BBWr3U2i39RpmycbxMq4ew==} engines: {node: ^12.0.0 || ^14.0.0 || >=16.0.0} - '@eslint/compat@1.4.0': - resolution: {integrity: sha512-DEzm5dKeDBPm3r08Ixli/0cmxr8LkRdwxMRUIJBlSCpAwSrvFEJpVBzV+66JhDxiaqKxnRzCXhtiMiczF7Hglg==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} + '@eslint/compat@2.0.2': + resolution: {integrity: sha512-pR1DoD0h3HfF675QZx0xsyrsU8q70Z/plx7880NOhS02NuWLgBCOMDL787nUeQ7EWLkxv3bPQJaarjcPQb2Dwg==} + engines: {node: ^20.19.0 || ^22.13.0 || >=24} peerDependencies: - eslint: ^8.40 || 9 + eslint: ^8.40 || 9 || 10 peerDependenciesMeta: eslint: optional: true @@ -608,9 +608,9 @@ packages: resolution: {integrity: sha512-78Md3/Rrxh83gCxoUc0EiciuOHsIITzLy53m3d9UyiW8y9Dj2D29FeETqyKA+BRK76tnTp6RXWb3pCay8Oyomg==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - '@eslint/core@0.16.0': - resolution: {integrity: sha512-nmC8/totwobIiFcGkDza3GIKfAw1+hLiYVrh3I1nIomQ8PEr5cxg34jnkmGawul/ep52wGRAcyeDCNtWKSOj4Q==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} + '@eslint/core@1.1.1': + resolution: {integrity: sha512-QUPblTtE51/7/Zhfv8BDwO0qkkzQL7P/aWWbqcf4xWLEYn1oKjdO0gglQBB4GAsu7u6wjijbCmzsUTy6mnk6oQ==} + engines: {node: ^20.19.0 || ^22.13.0 || >=24} '@eslint/eslintrc@3.3.1': resolution: {integrity: sha512-gtF186CXhIl1p4pJNGZw8Yc6RlshoePRvE0X91oPGb3vZ8pM3qOS9W9NGPat9LziaBV7XrJWGylNQXkGcnM3IQ==} @@ -2018,11 +2018,13 @@ packages: glob@10.4.5: resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} + deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me hasBin: true glob@11.0.3: resolution: {integrity: sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==} engines: {node: 20 || >=22} + deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me hasBin: true globals@14.0.0: @@ -2992,18 +2994,22 @@ packages: tar@6.2.1: resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==} engines: {node: '>=10'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me tar@7.5.1: resolution: {integrity: sha512-nlGpxf+hv0v7GkWBK2V9spgactGOp0qvfWRxUMjqHyzrt3SgwE48DIv/FhqPHJYLHpgW1opq3nERbz5Anq7n1g==} engines: {node: '>=18'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me tar@7.5.2: resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==} engines: {node: '>=18'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me tar@7.5.7: resolution: {integrity: sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==} engines: {node: '>=18'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me taze@19.9.2: resolution: {integrity: sha512-If8bq7lSckIMPfXV+C9jjEfdsQnRryh/foKfpX/ah6zI0TrQfUGWSGCaaD32Bqy5/KGRmLZie3EwMSr3Au21XQ==} @@ -3596,9 +3602,9 @@ snapshots: '@eslint-community/regexpp@4.12.2': {} - '@eslint/compat@1.4.0(eslint@9.35.0(jiti@2.6.1)(supports-color@10.0.0))': + '@eslint/compat@2.0.2(eslint@9.35.0(jiti@2.6.1)(supports-color@10.0.0))': dependencies: - '@eslint/core': 0.16.0 + '@eslint/core': 1.1.1 optionalDependencies: eslint: 9.35.0(jiti@2.6.1)(supports-color@10.0.0) @@ -3616,7 +3622,7 @@ snapshots: dependencies: '@types/json-schema': 7.0.15 - '@eslint/core@0.16.0': + '@eslint/core@1.1.1': dependencies: '@types/json-schema': 7.0.15