diff --git a/.github/workflows/generator-generic-ossf-slsa3-publish.yml b/.github/workflows/generator-generic-ossf-slsa3-publish.yml new file mode 100644 index 000000000..35c829b13 --- /dev/null +++ b/.github/workflows/generator-generic-ossf-slsa3-publish.yml @@ -0,0 +1,66 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# This workflow lets you generate SLSA provenance file for your project. +# The generation satisfies level 3 for the provenance requirements - see https://slsa.dev/spec/v0.1/requirements +# The project is an initiative of the OpenSSF (openssf.org) and is developed at +# https://github.com/slsa-framework/slsa-github-generator. +# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier. +# For more information about SLSA and how it improves the supply-chain, visit slsa.dev. + +name: SLSA generic generator +on: + workflow_dispatch: + release: + types: [created] + +jobs: + build: + runs-on: ubuntu-latest + outputs: + digests: ${{ steps.hash.outputs.digests }} + + steps: + - uses: actions/checkout@v4 + + # ======================================================== + # + # Step 1: Build your artifacts. + # + # ======================================================== + - name: Build artifacts + run: | + # These are some amazing artifacts. + echo "artifact1" > artifact1 + echo "artifact2" > artifact2 + + # ======================================================== + # + # Step 2: Add a step to generate the provenance subjects + # as shown below. Update the sha256 sum arguments + # to include all binaries that you generate + # provenance for. + # + # ======================================================== + - name: Generate subject for provenance + id: hash + run: | + set -euo pipefail + + # List the artifacts the provenance will refer to. + files=$(ls artifact*) + # Generate the subjects (base64 encoded). + echo "hashes=$(sha256sum $files | base64 -w0)" >> "${GITHUB_OUTPUT}" + + provenance: + needs: [build] + permissions: + actions: read # To read the workflow path. + id-token: write # To sign the provenance. + contents: write # To add assets to a release. + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.4.0 + with: + base64-subjects: "${{ needs.build.outputs.digests }}" + upload-assets: true # Optional: Upload to a new release diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml new file mode 100644 index 000000000..9fd45e090 --- /dev/null +++ b/.github/workflows/rust.yml @@ -0,0 +1,22 @@ +name: Rust + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +env: + CARGO_TERM_COLOR: always + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Build + run: cargo build --verbose + - name: Run tests + run: cargo test --verbose diff --git a/azure-pipelines.yml b/azure-pipelines.yml new file mode 100644 index 000000000..77f46eba8 --- /dev/null +++ b/azure-pipelines.yml @@ -0,0 +1,30 @@ +# Universal Windows Platform +# Build a Universal Windows Platform project using Visual Studio. +# Add steps that test and distribute an app, save build artifacts, and more: +# https://aka.ms/yaml + +trigger: +- main + +pool: + vmImage: 'windows-latest' + +variables: + solution: '**/*.sln' + buildPlatform: 'x86|x64|ARM' + buildConfiguration: 'Release' + appxPackageDir: '$(build.artifactStagingDirectory)\AppxPackages\\' + +steps: +- task: NuGetToolInstaller@1 + +- task: NuGetCommand@2 + inputs: + restoreSolution: '$(solution)' + +- task: VSBuild@1 + inputs: + platform: 'x86' + solution: '$(solution)' + configuration: '$(buildConfiguration)' + msbuildArgs: '/p:AppxBundlePlatforms="$(buildPlatform)" /p:AppxPackageDir="$(appxPackageDir)" /p:AppxBundle=Always /p:UapAppxPackageBuildMode=StoreUpload' diff --git a/resources/language-metavariables/tree-sitter-c-sharp/package.json b/resources/language-metavariables/tree-sitter-c-sharp/package.json index c166083c9..c0b068bf8 100644 --- a/resources/language-metavariables/tree-sitter-c-sharp/package.json +++ b/resources/language-metavariables/tree-sitter-c-sharp/package.json @@ -18,7 +18,7 @@ "nan": "^2.14.0" }, "devDependencies": { - "tree-sitter-cli": "^0.20.0" + "tree-sitter-cli": "^0.22.6" }, "scripts": { "test": "tree-sitter test && script/update-file-sizes && script/parse-examples", diff --git a/resources/language-metavariables/tree-sitter-css/package.json b/resources/language-metavariables/tree-sitter-css/package.json index e79cd7dd1..47d97ef12 100644 --- a/resources/language-metavariables/tree-sitter-css/package.json +++ b/resources/language-metavariables/tree-sitter-css/package.json @@ -20,7 +20,7 @@ "devDependencies": { "eslint": ">=5.16.0", "eslint-config-google": "^0.14.0", - "tree-sitter-cli": "^0.20.8" + "tree-sitter-cli": "^0.22.6" }, "scripts": { "build": "tree-sitter generate && node-gyp build", diff --git a/resources/language-metavariables/tree-sitter-hcl/package.json b/resources/language-metavariables/tree-sitter-hcl/package.json index 382dcb0bf..3b42e5a84 100644 --- a/resources/language-metavariables/tree-sitter-hcl/package.json +++ b/resources/language-metavariables/tree-sitter-hcl/package.json @@ -7,7 +7,7 @@ "license": "ISC", "dependencies": { "nan": "^2.14.2", - "tree-sitter-cli": "^0.20.6" + "tree-sitter-cli": "^0.22.6" }, "tree-sitter": [ { diff --git a/resources/language-metavariables/tree-sitter-html/package.json b/resources/language-metavariables/tree-sitter-html/package.json index bbb08e580..ef511fdf9 100644 --- a/resources/language-metavariables/tree-sitter-html/package.json +++ b/resources/language-metavariables/tree-sitter-html/package.json @@ -27,7 +27,7 @@ "devDependencies": { "eslint": "^8.50.0", "eslint-config-google": "^0.14.0", - "tree-sitter-cli": "^0.20.8" + "tree-sitter-cli": "^0.22.6" }, "scripts": { "build": "tree-sitter generate && node-gyp build", diff --git a/resources/language-metavariables/tree-sitter-java/script/run-javaparser/pom.xml b/resources/language-metavariables/tree-sitter-java/script/run-javaparser/pom.xml index 4d909d013..b87476a49 100644 --- a/resources/language-metavariables/tree-sitter-java/script/run-javaparser/pom.xml +++ b/resources/language-metavariables/tree-sitter-java/script/run-javaparser/pom.xml @@ -18,7 +18,7 @@ com.github.javaparser javaparser-core - 3.5.9 + 3.26.0 diff --git a/resources/language-metavariables/tree-sitter-json/package.json b/resources/language-metavariables/tree-sitter-json/package.json index bb3fd4927..6b53d1440 100644 --- a/resources/language-metavariables/tree-sitter-json/package.json +++ b/resources/language-metavariables/tree-sitter-json/package.json @@ -20,7 +20,7 @@ "devDependencies": { "eslint": ">=8.56.0", "eslint-config-google": "^0.14.0", - "tree-sitter-cli": "^0.20.8", + "tree-sitter-cli": "^0.22.6", "node-gyp": "^10.0.1" }, "scripts": { diff --git a/resources/language-metavariables/tree-sitter-markdown/package.json b/resources/language-metavariables/tree-sitter-markdown/package.json index 85d4f664c..1c20cebb5 100644 --- a/resources/language-metavariables/tree-sitter-markdown/package.json +++ b/resources/language-metavariables/tree-sitter-markdown/package.json @@ -15,11 +15,11 @@ "license": "MIT", "dependencies": { "@mapbox/node-pre-gyp": "^1.0.9", - "nan": "^2.17.0", + "nan": "^2.20.0", "node-pre-gyp": "^0.17.0" }, "devDependencies": { - "tree-sitter-cli": "^0.20.8" + "tree-sitter-cli": "^0.22.6" }, "scripts": { "test": "(cd tree-sitter-markdown && tree-sitter test) && (cd tree-sitter-markdown-inline && tree-sitter test)", diff --git a/resources/language-metavariables/tree-sitter-php/package.json b/resources/language-metavariables/tree-sitter-php/package.json index 834e33acc..a5fe24aaa 100644 --- a/resources/language-metavariables/tree-sitter-php/package.json +++ b/resources/language-metavariables/tree-sitter-php/package.json @@ -23,7 +23,7 @@ "eslint-config-google": "^0.14.0", "node-gyp": "^10.0.1", "shelljs": "^0.8.5", - "tree-sitter-cli": "^0.21.0" + "tree-sitter-cli": "^0.22.6" }, "scripts": { "build": "npm run build-php && npm run build-php_only && node-gyp rebuild", diff --git a/resources/language-metavariables/tree-sitter-rust/package.json b/resources/language-metavariables/tree-sitter-rust/package.json index c72a909d8..682885468 100644 --- a/resources/language-metavariables/tree-sitter-rust/package.json +++ b/resources/language-metavariables/tree-sitter-rust/package.json @@ -19,7 +19,7 @@ "devDependencies": { "eslint": "^8.47.0", "eslint-config-google": "^0.14.0", - "tree-sitter-cli": "^0.20.8" + "tree-sitter-cli": "^0.22.6" }, "scripts": { "build": "tree-sitter generate && node-gyp build", diff --git a/resources/language-metavariables/tree-sitter-sql/docs/Gemfile b/resources/language-metavariables/tree-sitter-sql/docs/Gemfile index c7abd8edd..274f5b70d 100644 --- a/resources/language-metavariables/tree-sitter-sql/docs/Gemfile +++ b/resources/language-metavariables/tree-sitter-sql/docs/Gemfile @@ -2,7 +2,7 @@ source "https://rubygems.org" -gem "jekyll", "~> 4.3.2" +gem "jekyll", "~> 4.3.3" group :development do gem 'webrick' diff --git a/resources/language-metavariables/tree-sitter-sql/docs/Gemfile.lock b/resources/language-metavariables/tree-sitter-sql/docs/Gemfile.lock index a9f271b87..5af4347b1 100644 --- a/resources/language-metavariables/tree-sitter-sql/docs/Gemfile.lock +++ b/resources/language-metavariables/tree-sitter-sql/docs/Gemfile.lock @@ -1,24 +1,25 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.8.1) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) byebug (11.1.3) coderay (1.1.3) colorator (1.1.0) - concurrent-ruby (1.2.0) + concurrent-ruby (1.3.3) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) eventmachine (1.2.7) - ffi (1.15.5) + ffi (1.16.3) forwardable-extended (2.6.0) - google-protobuf (3.22.0-arm64-darwin) - google-protobuf (3.22.0-x86_64-linux) + google-protobuf (3.25.3) + google-protobuf (3.25.3-arm64-darwin) + google-protobuf (3.25.3-x86_64-linux) http_parser.rb (0.8.0) - i18n (1.12.0) + i18n (1.14.5) concurrent-ruby (~> 1.0) - jekyll (4.3.2) + jekyll (4.3.3) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) @@ -43,7 +44,7 @@ GEM kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) liquid (4.0.4) - listen (3.8.0) + listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) @@ -56,29 +57,34 @@ GEM pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) - public_suffix (5.0.1) + public_suffix (5.1.1) + rake (13.2.1) rb-fsevent (0.11.2) - rb-inotify (0.10.1) + rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.2.5) - rouge (4.1.0) + rexml (3.3.4) + strscan + rouge (4.3.0) safe_yaml (1.0.5) - sass-embedded (1.58.2-arm64-darwin) - google-protobuf (~> 3.21) - sass-embedded (1.58.2-x86_64-linux-gnu) - google-protobuf (~> 3.21) + sass-embedded (1.54.6) + google-protobuf (~> 3.19) + rake (>= 10.0.0) + sass-embedded (1.54.6-arm64-darwin) + google-protobuf (~> 3.19) + strscan (3.1.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) - unicode-display_width (2.4.2) + unicode-display_width (2.5.0) webrick (1.8.1) PLATFORMS arm64-darwin-21 arm64-darwin-22 + ruby x86_64-linux DEPENDENCIES - jekyll (~> 4.3.2) + jekyll (~> 4.3.3) pry-byebug webrick