vtk 1.2.0 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0585f00ec9fe122942c5a249fd2733e47baa461960cc9d106e2dfb9ac13dc3aa'
-  data.tar.gz: c23b728a27d519e15812f8b95ffcf7e0aac20981e38cab59dca62c4a62582f21
+  metadata.gz: 5cdbc7b68bcc69890c11e5ac9e9db8b14c224616d223fe02309b329c12c52783
+  data.tar.gz: 777d7543e02729b297de739b379e55dcd954e1403f8d81d3f142fa9f33afd9f6
 SHA512:
-  metadata.gz: 0d10b96103db87af8754a1a1a3cb0fc6a268255f9c596baccf730f73c8a8ba03598a84cdcc8de35a53114710fe546e572a8f7ca4706efc8c45e7de3ce28aa115
-  data.tar.gz: 9e78a14e489d84f99a81725f7f93c03c3356d7165d7d79c871ade2cb61f2d462f8dae315f8b1f570ae7db4e84f0e9f0b4d7706f4d06dcc2c4622272025edf18d
+  metadata.gz: 0c99ba6157bf038dbcca4510a7b1443aa1de2896404d066852b18822af9f2ef07778f55efa73f5c0df738dc69f9d6fb38c4cfabef986d66d0a7a99a9d183dd4a
+  data.tar.gz: c8af1ce8914b585ef40002a15576a08011fa49a7d258b65ffe37c565b6a1b9d804d7d1b6c686451e09a3994db1e3aca332609e8b20926cdc37e974129686d4c7

data/CHANGELOG.md

@@ -1,14 +1,23 @@
 # Changelog
 
+## [v1.3.0](https://github.com/department-of-veterans-affairs/vtk/tree/v1.3.0) (2026-04-14)
+
+[Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v1.2.0...v1.3.0)
+
+**Merged pull requests:**
+
+- feat\(scan\): add vtk scan actions for tracing GitHub Actions usage [\#72](https://github.com/department-of-veterans-affairs/vtk/pull/72) ([ericboehs](https://github.com/ericboehs))
+
 ## [v1.2.0](https://github.com/department-of-veterans-affairs/vtk/tree/v1.2.0) (2026-01-09)
 
 [Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v1.1.0...v1.2.0)
 
 **Merged pull requests:**
 
-- feat(scan): add PowerShell scripts for Windows users [\#69](https://github.com/department-of-veterans-affairs/vtk/pull/69) ([ericboehs](https://github.com/ericboehs))
-- feat(scan): add vtk scan credentials for security incident response [\#68](https://github.com/department-of-veterans-affairs/vtk/pull/68) ([ericboehs](https://github.com/ericboehs))
-- feat(scan): add vtk scan repo for compromised package detection [\#65](https://github.com/department-of-veterans-affairs/vtk/pull/65) ([ericboehs](https://github.com/ericboehs))
+- chore: release v1.2.0 [\#70](https://github.com/department-of-veterans-affairs/vtk/pull/70) ([ericboehs](https://github.com/ericboehs))
+- feat\(scan\): add PowerShell scripts for Windows users [\#69](https://github.com/department-of-veterans-affairs/vtk/pull/69) ([ericboehs](https://github.com/ericboehs))
+- feat\(scan\): add vtk scan credentials for security incident response [\#68](https://github.com/department-of-veterans-affairs/vtk/pull/68) ([ericboehs](https://github.com/ericboehs))
+- feat\(scan\): add vtk scan repo for compromised package detection [\#65](https://github.com/department-of-veterans-affairs/vtk/pull/65) ([ericboehs](https://github.com/ericboehs))
 
 ## [v1.1.0](https://github.com/department-of-veterans-affairs/vtk/tree/v1.1.0) (2025-12-15)
 
@@ -16,16 +25,25 @@
 
 **Merged pull requests:**
 
-- feat(scan): add vtk scan machine for Shai-Hulud detection [\#64](https://github.com/department-of-veterans-affairs/vtk/pull/64) ([ericboehs](https://github.com/ericboehs))
+- chore: bump version to 1.1.0 [\#67](https://github.com/department-of-veterans-affairs/vtk/pull/67) ([ericboehs](https://github.com/ericboehs))
 - fix: resolve rubocop offenses in socks/setup.rb [\#66](https://github.com/department-of-veterans-affairs/vtk/pull/66) ([ericboehs](https://github.com/ericboehs))
-- Fix rubocop exceptions and update GH to run on Ubuntu Latest [\#63](https://github.com/department-of-veterans-affairs/vtk/pull/63) ([ericboehs](https://github.com/ericboehs))
+- feat\(scan\): add vtk scan machine for Shai-Hulud detection [\#64](https://github.com/department-of-veterans-affairs/vtk/pull/64) ([ericboehs](https://github.com/ericboehs))
+- Update GH to run on Ubuntu Latest [\#63](https://github.com/department-of-veterans-affairs/vtk/pull/63) ([ericboehs](https://github.com/ericboehs))
 
 ## [v1.0.0](https://github.com/department-of-veterans-affairs/vtk/tree/v1.0.0) (2024-09-18)
 
-🎉
-
 [Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.9.5...v1.0.0)
 
+**Closed issues:**
+
+- Error: GitHub Repository Not Mapped To eMASS System [\#59](https://github.com/department-of-veterans-affairs/vtk/issues/59)
+- Error: GitHub Repository Not Mapped To eMASS System [\#58](https://github.com/department-of-veterans-affairs/vtk/issues/58)
+- Error: GitHub Repository Not Mapped To eMASS System [\#57](https://github.com/department-of-veterans-affairs/vtk/issues/57)
+- Error: GitHub Repository Not Mapped To eMASS System [\#56](https://github.com/department-of-veterans-affairs/vtk/issues/56)
+- Error: GitHub Repository Not Mapped To eMASS System [\#55](https://github.com/department-of-veterans-affairs/vtk/issues/55)
+- Error: GitHub Repository Not Mapped To eMASS System [\#54](https://github.com/department-of-veterans-affairs/vtk/issues/54)
+- Error: GitHub Repository Not Mapped To eMASS System [\#51](https://github.com/department-of-veterans-affairs/vtk/issues/51)
+
 **Merged pull requests:**
 
 - fix: OpenStruct is no longer auto required in Ruby 3.2 [\#62](https://github.com/department-of-veterans-affairs/vtk/pull/62) ([ericboehs](https://github.com/ericboehs))
@@ -35,6 +53,26 @@
 
 [Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.9.4...v0.9.5)
 
+**Closed issues:**
+
+- Error: GitHub Repository Not Mapped To eMASS System [\#50](https://github.com/department-of-veterans-affairs/vtk/issues/50)
+- Error: GitHub Repository Not Mapped To eMASS System [\#49](https://github.com/department-of-veterans-affairs/vtk/issues/49)
+- Error: GitHub Repository Not Mapped To eMASS System [\#48](https://github.com/department-of-veterans-affairs/vtk/issues/48)
+- Error: GitHub Repository Not Mapped To eMASS System [\#47](https://github.com/department-of-veterans-affairs/vtk/issues/47)
+- Error: GitHub Repository Not Mapped To eMASS System [\#46](https://github.com/department-of-veterans-affairs/vtk/issues/46)
+- Error: GitHub Repository Not Mapped To eMASS System [\#45](https://github.com/department-of-veterans-affairs/vtk/issues/45)
+- Error: GitHub Repository Not Mapped To eMASS System [\#44](https://github.com/department-of-veterans-affairs/vtk/issues/44)
+- Error: GitHub Repository Not Mapped To eMASS System [\#43](https://github.com/department-of-veterans-affairs/vtk/issues/43)
+- Error: GitHub Repository Not Mapped To eMASS System [\#42](https://github.com/department-of-veterans-affairs/vtk/issues/42)
+- Error: GitHub Repository Not Mapped To eMASS System [\#41](https://github.com/department-of-veterans-affairs/vtk/issues/41)
+- Error: GitHub Repository Not Mapped To eMASS System [\#40](https://github.com/department-of-veterans-affairs/vtk/issues/40)
+- Error: GitHub Repository Not Mapped To eMASS System [\#39](https://github.com/department-of-veterans-affairs/vtk/issues/39)
+- Error: GitHub Repository Not Mapped To eMASS System [\#38](https://github.com/department-of-veterans-affairs/vtk/issues/38)
+- Error: GitHub Repository Not Mapped To eMASS System [\#37](https://github.com/department-of-veterans-affairs/vtk/issues/37)
+- Error: GitHub Repository Not Mapped To eMASS System [\#36](https://github.com/department-of-veterans-affairs/vtk/issues/36)
+- Error: GitHub Repository Not Mapped To eMASS System [\#35](https://github.com/department-of-veterans-affairs/vtk/issues/35)
+- Notice: Automatic archival of repository due to inactivity [\#34](https://github.com/department-of-veterans-affairs/vtk/issues/34)
+
 **Merged pull requests:**
 
 - Add sudo to proxy setup command for MacOS. [\#52](https://github.com/department-of-veterans-affairs/vtk/pull/52) ([omahane](https://github.com/omahane))

data/lib/vtk/cli.rb

@@ -9,7 +9,7 @@ module Vtk
   # @api public
   class CLI < Thor
     # Error raised by this runner
-    Error = Class.new(StandardError)
+    class Error < StandardError; end
 
     desc 'version', 'vtk version'
     def version

data/lib/vtk/commands/scan/actions.rb

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+require 'English'
+require_relative '../../command'
+
+module Vtk
+  module Commands
+    class Scan
+      # Trace direct and transitive uses of GitHub Actions across an org.
+      # Shells out to gh-action-trace.sh for the actual work.
+      class Actions < Vtk::Command
+        BOOLEAN_FLAGS = {
+          external: '--external',
+          quiet: '--quiet',
+          verbose: '--verbose'
+        }.freeze
+
+        VALUE_FLAGS = {
+          org: '--org',
+          depth: '--depth',
+          format: '--format',
+          output: '--output',
+          check_runs: '--check-runs'
+        }.freeze
+
+        attr_reader :options
+
+        def initialize(options)
+          @options = options
+          super()
+        end
+
+        def execute(output: $stdout)
+          error = validation_error
+          return error_out(output, error) if error
+
+          script_path, gem_root = find_script
+          return script_not_found(output, gem_root) unless script_path
+
+          run_script(script_path)
+        end
+
+        private
+
+        def validation_error
+          return 'ERROR: --org is required' if blank?(options[:org])
+          return 'ERROR: --action is required (at least one)' if blank?(options[:action])
+
+          nil
+        end
+
+        def blank?(value)
+          value.nil? || value.to_s.empty? || (value.respond_to?(:empty?) && value.empty?)
+        end
+
+        def error_out(output, message)
+          output.puts message
+          1
+        end
+
+        def script_not_found(output, gem_root)
+          output.puts 'ERROR: Could not find gh-action-trace.sh script'
+          output.puts "Expected at: #{gem_root}/scripts/gh-action-trace.sh"
+          1
+        end
+
+        def run_script(script_path)
+          cmd = ['bash', script_path] + script_options
+          system(*cmd)
+          $CHILD_STATUS.exitstatus
+        end
+
+        def script_options
+          boolean_script_flags + value_script_flags + action_script_flags
+        end
+
+        def boolean_script_flags
+          BOOLEAN_FLAGS.select { |key, _| options[key] }.values
+        end
+
+        def value_script_flags
+          VALUE_FLAGS.flat_map do |key, flag|
+            value = options[key]
+            blank?(value) ? [] : [flag, value.to_s]
+          end
+        end
+
+        def action_script_flags
+          Array(options[:action]).flat_map { |action| ['--action', action] }
+        end
+
+        def find_script
+          # __dir__ = lib/vtk/commands/scan, so go up 4 levels to the gem root
+          gem_root = File.expand_path('../../../..', __dir__)
+          script_path = File.join(gem_root, 'scripts', 'gh-action-trace.sh')
+          return [script_path, gem_root] if File.exist?(script_path)
+
+          [nil, gem_root]
+        end
+      end
+    end
+  end
+end

data/lib/vtk/commands/scan.rb

@@ -70,6 +70,37 @@ module Vtk
           exit exit_status
         end
       end
+
+      desc 'actions', 'Trace direct and transitive uses of GitHub Actions across an org'
+      method_option :help, aliases: '-h', type: :boolean,
+                           desc: 'Display usage information'
+      method_option :org, type: :string, required: false,
+                          desc: 'GitHub org to search (required)'
+      method_option :action, type: :array, default: [],
+                             desc: 'Action to trace; repeat to trace multiple (required)'
+      method_option :depth, type: :numeric,
+                            desc: 'Max recursion depth for shared workflows (default: 2)'
+      method_option :format, type: :string,
+                             desc: 'Output format: text, json, csv, both (default: both)'
+      method_option :external, type: :boolean,
+                               desc: 'Also search all of GitHub for external shared workflows (slower)'
+      method_option :output, type: :string,
+                             desc: 'Write report output to file (JSON or CSV depending on --format)'
+      method_option :check_runs, type: :string,
+                                 desc: 'Check workflow run history during ISO 8601 window (FROM..TO, TO optional)'
+      method_option :quiet, aliases: '-q', type: :boolean,
+                            desc: 'Suppress progress output'
+      method_option :verbose, aliases: '-v', type: :boolean,
+                              desc: 'Show detailed debug info'
+      def actions
+        if options[:help]
+          invoke :help, ['actions']
+        else
+          require_relative 'scan/actions'
+          exit_status = Vtk::Commands::Scan::Actions.new(options).execute
+          exit exit_status
+        end
+      end
     end
   end
 end

data/lib/vtk/commands/socks/setup.rb

@@ -490,7 +490,7 @@ module Vtk
         end
 
         def wsl?
-          @wsl ||= File.exist?('/proc/version') && File.open('/proc/version').grep(/Microsoft/i).any?
+          @wsl ||= File.exist?('/proc/version') && File.foreach('/proc/version').grep(/Microsoft/i).any?
         end
 
         def ubuntu_like?

data/lib/vtk/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Vtk
-  VERSION = '1.2.0'
+  VERSION = '1.3.0'
 end