diff --git a/.circleci/config.yml b/.circleci/config.yml index 69f9a5d..63ec667 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -85,7 +85,7 @@ jobs: SEMGREP_BRANCH: << pipeline.git.branch >> SEMGREP_BASELINE_REF: << parameters.default_branch >> docker: - - image: returntocorp/semgrep + - image: returntocorp/semgrep@sha256:3d1a3467804ae22460f8c3f46d9406a8c541aa1c48aa62808b06de28b4bf27a6 steps: - checkout - run: @@ -101,7 +101,7 @@ jobs: SEMGREP_REPO_URL: << pipeline.project.git_url >> SEMGREP_BRANCH: << pipeline.git.branch >> docker: - - image: returntocorp/semgrep + - image: returntocorp/semgrep@sha256:3d1a3467804ae22460f8c3f46d9406a8c541aa1c48aa62808b06de28b4bf27a6 steps: - checkout - run: diff --git a/.github/workflows/public-sync.yaml b/.github/workflows/public-sync.yaml index 007b8a3..2d010d9 100644 --- a/.github/workflows/public-sync.yaml +++ b/.github/workflows/public-sync.yaml @@ -17,13 +17,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: ref: main fetch-depth: 0 persist-credentials: false # disable default token auth - - uses: actions/create-github-app-token@v2 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2 id: app-token with: app-id: ${{ secrets.VGS_GITHUB_CI_BOT_APP_ID }} diff --git a/.github/workflows/security-scan-sast.yaml b/.github/workflows/security-scan-sast.yaml index a396464..539a9ab 100644 --- a/.github/workflows/security-scan-sast.yaml +++ b/.github/workflows/security-scan-sast.yaml @@ -8,7 +8,7 @@ on: jobs: scan: - uses: verygood-ops/cicd-shared/.github/workflows/security-scan-sast.yaml@security-scan-sast-v2 + uses: verygood-ops/cicd-shared/.github/workflows/security-scan-sast.yaml@fac36d0e11ee6a3ac9ba3278ec862865e9522a2e # security-scan-sast-v2 secrets: SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} SAST_SLACK_WORKFLOW_WEBHOOK: ${{ secrets.SAST_SLACK_WORKFLOW_WEBHOOK }} diff --git a/example/package.json b/example/package.json index 014075d..02efa71 100644 --- a/example/package.json +++ b/example/package.json @@ -20,9 +20,9 @@ "@vgs/collect-react-native": "file:.." }, "devDependencies": { - "@babel/core": "^7.28.4", - "@react-native/assets-registry": "^0.81.1", - "@types/jest": "^30.0.0" + "@babel/core": "7.28.5", + "@react-native/assets-registry": "0.81.5", + "@types/jest": "30.0.0" }, "private": true } diff --git a/package-lock.json b/package-lock.json index 5b6ffa1..76a1339 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,25 +12,25 @@ "example" ], "devDependencies": { - "@commitlint/config-conventional": "^19.8.1", - "@evilmartians/lefthook": "^1.13.0", - "@react-native/eslint-config": "^0.81.1", - "@release-it/conventional-changelog": "^10.0.1", - "@types/jest": "^30.0.0", + "@commitlint/config-conventional": "19.8.1", + "@evilmartians/lefthook": "1.13.6", + "@react-native/eslint-config": "0.81.5", + "@release-it/conventional-changelog": "10.0.1", + "@types/jest": "30.0.0", "@types/react": "^19.1.13", - "commitlint": "^19.8.1", - "del-cli": "^6.0.0", - "eslint": "^9.35.0", - "eslint-config-prettier": "^10.1.8", - "eslint-plugin-prettier": "^5.5.4", - "jest": "^30.1.3", - "prettier": "^3.6.2", + "commitlint": "19.8.1", + "del-cli": "6.0.0", + "eslint": "9.39.1", + "eslint-config-prettier": "10.1.8", + "eslint-plugin-prettier": "5.5.4", + "jest": "30.2.0", + "prettier": "3.6.2", "react": "19.1.0", "react-native": "0.81.4", - "react-native-builder-bob": "^0.40.13", - "release-it": "^19.0.4", - "typedoc": "^0.28.13", - "typescript": "^5.9.2" + "react-native-builder-bob": "0.40.14", + "release-it": "19.0.5", + "typedoc": "0.28.14", + "typescript": "5.9.3" }, "peerDependencies": { "react": "*", @@ -53,9 +53,19 @@ "react-native-safe-area-context": "^5.6.1" }, "devDependencies": { - "@babel/core": "^7.28.4", - "@react-native/assets-registry": "^0.81.1", - "@types/jest": "^30.0.0" + "@babel/core": "7.28.5", + "@react-native/assets-registry": "0.81.5", + "@types/jest": "30.0.0" + } + }, + "example/node_modules/@react-native/assets-registry": { + "version": "0.81.5", + "resolved": "https://registry.npmjs.org/@react-native/assets-registry/-/assets-registry-0.81.5.tgz", + "integrity": "sha512-705B6x/5Kxm1RKRvSv0ADYWm5JOnoiQ1ufW7h8uu2E6G9Of/eE6hP/Ivw3U5jI16ERqZxiKQwk34VJbB0niX9w==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 20.19.4" } }, "node_modules/@0no-co/graphql.web": { diff --git a/package.json b/package.json index a435c0d..ca8a66c 100644 --- a/package.json +++ b/package.json @@ -61,25 +61,25 @@ "registry": "https://registry.npmjs.org/" }, "devDependencies": { - "@commitlint/config-conventional": "^19.8.1", - "@evilmartians/lefthook": "^1.13.0", - "@react-native/eslint-config": "^0.81.1", - "@release-it/conventional-changelog": "^10.0.1", - "@types/jest": "^30.0.0", + "@commitlint/config-conventional": "19.8.1", + "@evilmartians/lefthook": "1.13.6", + "@react-native/eslint-config": "0.81.5", + "@release-it/conventional-changelog": "10.0.1", + "@types/jest": "30.0.0", "@types/react": "^19.1.13", - "commitlint": "^19.8.1", - "del-cli": "^6.0.0", - "eslint": "^9.35.0", - "eslint-config-prettier": "^10.1.8", - "eslint-plugin-prettier": "^5.5.4", - "jest": "^30.1.3", - "prettier": "^3.6.2", + "commitlint": "19.8.1", + "del-cli": "6.0.0", + "eslint": "9.39.1", + "eslint-config-prettier": "10.1.8", + "eslint-plugin-prettier": "5.5.4", + "jest": "30.2.0", + "prettier": "3.6.2", "react": "19.1.0", "react-native": "0.81.4", - "react-native-builder-bob": "^0.40.13", - "release-it": "^19.0.4", - "typedoc": "^0.28.13", - "typescript": "^5.9.2" + "react-native-builder-bob": "0.40.14", + "release-it": "19.0.5", + "typedoc": "0.28.14", + "typescript": "5.9.3" }, "peerDependencies": { "react": "*", diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..7190a60 --- /dev/null +++ b/renovate.json @@ -0,0 +1,3 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json" +}