1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-03 04:48:52 -05:00
Commit graph

58 commits

Author SHA1 Message Date
Divy Srivastava
9b5d2f8c1b
feat(publish): provenance attestation (#22573)
Supply chain security for JSR.

```
$ deno publish --provenance

Successfully published @divy/test_provenance@0.0.3
Provenance transparency log available at https://search.sigstore.dev/?logIndex=73657418
```

0. Package has been published.
1. Fetches the version manifest and verifies it's matching with uploaded
files and exports.
2. Builds the attestation SLSA payload using Github actions env.
3. Creates an ephemeral key pair for signing the github token
(aud=sigstore) and DSSE pre authentication tag.
4. Requests a X.509 signing certificate from Fulcio using the challenge
and ephemeral public key PEM.
5. Prepares a DSSE envelop for Rekor to witness. Posts an intoto entry
to Rekor and gets back the transparency log index.
6. Builds the provenance bundle and posts it to JSR.
2024-02-28 07:58:02 +05:30
Marvin Hagemeister
cddefecfff
feat: infer dependencies from package.json (#22563)
<!--
Before submitting a PR, please read
https://docs.deno.com/runtime/manual/references/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->
This PR enhances the `deno publish` command to infer dependencies from
`package.json` if present.
2024-02-23 15:56:49 +01:00
Matt Mastracci
e8b1925172
chore: Add timeout! macro to test_util (#22539)
Our `itest` macros will occasionally run away and fail ~2 hours later.
This aborts all testcases after 2 minutes.
2024-02-22 14:02:14 -07:00
Bartek Iwańczuk
77b90f408c
Revert "fix(console): support NO_COLOR and colors option in all scena… (#22507)
…rios (#21910)"

This reverts commit bd1358efab.

This change caused https://github.com/denoland/deno/issues/22496 and
https://github.com/denoland/deno/issues/22445
2024-02-21 00:17:50 +00:00
David Sherret
f90889e5ee
perf(jsr): fast check cache and lazy fast check graph (#22485) 2024-02-20 21:29:57 +00:00
David Sherret
dbc4a4d632
chore: fix flaky lsp_vendor_dir (#22483)
I think it was occassionally reading the diagnostics from the previous
cache command rather than the config update.

Closes #22481
2024-02-20 13:39:03 -05:00
Asher Gomez
2b279ad630
chore: move test_util to tests/util/server (#22444)
As discussed with @mmastrac.

---------

Signed-off-by: Asher Gomez <ashersaupingomez@gmail.com>
Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2024-02-19 06:34:24 -07:00
Asher Gomez
6be389ce29
chore: move test_util/std to tests/util/std (#22402)
Note: tests are not the only part of the codebase that uses `std`. Other
parts, like `tools/`, do too. So, it could be argued that this is a
little misleading. Either way, I'm doing this as discussed with
@mmastrac.
2024-02-13 09:22:49 -07:00