@fabasoad/sarif-to-slack 1.3.3 → 1.3.4

package/.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,32 +7,32 @@ assignees: fabasoad
 
 ---
 
-#### Describe the bug
+## Describe the bug
 
 A clear and concise description of what the bug is.
 
-#### Steps to Reproduce
+## Steps to Reproduce
 
 1. Run '...'
 2. See error
 
-#### Expected behavior
+## Expected behavior
 
 A clear and concise description of what you expected to happen.
 
-#### Actual behavior
+## Actual behavior
 
 A clear and concise description of what is happening now.
 
-#### Screenshots
+## Screenshots
 
 If applicable, add screenshots to help explain your problem.
 
-#### Technical information (please complete the following information)
+## Technical information (please complete the following information)
 
 - OS: [e.g. Windows 10 Enterprise v.1909 (OS Build 18363.720)]
 - `sarif-to-slack` version [e.g. 0.1.1]
 
-#### Additional context
+## Additional context
 
 Add any other context about the problem here.

package/.github/ISSUE_TEMPLATE/feature_request.md

@@ -7,20 +7,20 @@ assignees: fabasoad
 
 ---
 
-### Is your feature request related to a problem? Please describe
+## Is your feature request related to a problem? Please describe
 
 A clear and concise description of what the problem is. Ex. I'm always
 frustrated when [...]
 
-### Describe the solution you'd like
+## Describe the solution you'd like
 
 A clear and concise description of what you want to happen.
 
-### Describe alternatives you've considered
+## Describe alternatives you've considered
 
 A clear and concise description of any alternative solutions or features you've
 considered.
 
-### Additional context
+## Additional context
 
 Add any other context or screenshots about the feature request here.

package/.github/workflows/linting.yml

@@ -19,14 +19,18 @@ on: # yamllint disable-line rule:truthy
           - js-lint
           - pre-commit
 
+permissions:
+  contents: read
+
 jobs:
   js-lint:
     name: JS Lint
-    if: ${{ (github.event.inputs.linter || 'all') == 'all' || github.event.inputs.linter == 'js-lint' }}
+    if: contains(fromJSON('["all", "js-lint"]'), github.event.inputs.linter || 'all')
     uses: fabasoad/reusable-workflows/.github/workflows/wf-js-lint.yml@main
+
   pre-commit:
     name: Pre-commit
-    if: ${{ (github.event.inputs.linter || 'all') == 'all' || github.event.inputs.linter == 'pre-commit' }}
+    if: contains(fromJSON('["all", "pre-commit"]'), github.event.inputs.linter || 'all')
     uses: fabasoad/reusable-workflows/.github/workflows/wf-pre-commit.yml@main
     with:
       skip-hooks: "audit, build, lint, test"

package/.github/workflows/release.yml

@@ -22,6 +22,7 @@ jobs:
     permissions:
       contents: write
       packages: write
+      id-token: write
     outputs:
       ref: ${{ steps.metadata.outputs.ref }}
       ref-name: ${{ steps.metadata.outputs.ref-name }}
@@ -34,12 +35,12 @@ jobs:
           private-key: ${{ secrets.GH_APP_CONTENTS_CRUD_PRIVATE_KEY }}
 
       - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           token: "${{ steps.github-app.outputs.token }}"
 
       - name: Setup Node
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version-file: ".tool-versions"
           cache: "npm"
@@ -56,10 +57,10 @@ jobs:
           BUMP_STRATEGY: "${{ github.event.inputs.bump-strategy }}"
           GH_TOKEN: "${{ steps.github-app.outputs.token }}"
         run: |
-          app_slug="${{ steps.github-app.outputs.app-slug }}"
-          user_id="$(gh api "/users/${app_slug}[bot]" --jq .id)"
-          git config user.email "${user_id}+${app_slug}[bot]@users.noreply.github.com"
-          git config user.name "${app_slug}[bot]"
+          user_name="${{ steps.github-app.outputs.app-slug }}[bot]"
+          user_id="$(gh api "/users/${user_name}" --jq .id)"
+          git config user.email "${user_id}+${user_name}@users.noreply.github.com"
+          git config user.name "${user_name}"
           npm run version:${BUMP_STRATEGY}
 
       - name: Get metadata
@@ -73,6 +74,7 @@ jobs:
         uses: JS-DevTools/npm-publish@v4
         with:
           token: "${{ secrets.NPM_TOKEN }}"
+          registry: "https://registry.npmjs.org"
 
       - name: Publish to GitHub Packages
         uses: JS-DevTools/npm-publish@v4
@@ -83,6 +85,8 @@ jobs:
     name: GitHub
     needs: [publish]
     uses: fabasoad/reusable-workflows/.github/workflows/wf-github-release.yml@main
+    permissions:
+      contents: write
     with:
       bump-tags: false
       ref: ${{ needs.publish.outputs.ref }}

package/.github/workflows/security.yml

@@ -18,10 +18,10 @@ on: # yamllint disable-line rule:truthy
 jobs:
   sast:
     name: SAST
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
     permissions:
       contents: read
       security-events: write
-    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
     with:
-      code-scanning: ${{ (inputs.security-type || 'all') == 'all' || inputs.security-type == 'code-scanning' }}
-      sca: ${{ (inputs.security-type || 'all') == 'all' || inputs.security-type == 'sca' }}
+      code-scanning: ${{ contains(fromJSON('["all", "code-scanning"]'), github.event.inputs.security-type || 'all') }}
+      sca: ${{ contains(fromJSON('["all", "sca"]'), github.event.inputs.security-type || 'all') }}

package/.github/workflows/send-sarif-to-slack.yml

@@ -163,7 +163,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Determine SARIF file
         id: sarif-file
         env:
@@ -273,7 +273,7 @@ jobs:
           fi
           echo "value=${value}" >> "$GITHUB_OUTPUT"
       - name: Setup node
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version-file: ".tool-versions"
       - name: Install dependencies

package/.github/workflows/sync-labels.yml

@@ -11,3 +11,7 @@ jobs:
   maintenance:
     name: Maintenance
     uses: fabasoad/reusable-workflows/.github/workflows/wf-sync-labels.yml@main
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write

package/.github/workflows/unit-tests.yml

@@ -20,4 +20,6 @@ jobs:
   jest:
     name: Jest
     uses: fabasoad/reusable-workflows/.github/workflows/wf-js-unit-tests.yml@main
+    permissions:
+      contents: read
     secrets: inherit # pragma: allowlist secret

package/.github/workflows/update-license.yml

@@ -10,3 +10,6 @@ jobs:
   maintenance:
     name: Maintenance
     uses: fabasoad/reusable-workflows/.github/workflows/wf-update-license.yml@main
+    permissions:
+      contents: write
+      pull-requests: write

package/.pre-commit-config.yaml

@@ -2,28 +2,28 @@
 default_install_hook_types: ["pre-commit", "pre-push"]
 default_stages: ["pre-commit", "pre-push"]
 exclude: ^(dist/.*|etc/.*|node_modules/.*|temp/.*|test-data/.*)$
-minimum_pre_commit_version: 4.0.0
+minimum_pre_commit_version: 4.4.0
 repos:
   - repo: local
     hooks:
       - id: build
         name: Build
         entry: make build
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: true
         stages: ["pre-push"]
       - id: lint
         name: Lint
         entry: make lint
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: false
         stages: ["pre-push"]
       - id: test
         name: Unit tests
         entry: make test
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: true
         stages: ["pre-push"]
@@ -31,7 +31,7 @@ repos:
       - id: audit
         name: npm audit
         entry: make audit
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: false
         stages: ["pre-push"]
@@ -40,11 +40,11 @@ repos:
     hooks:
       - id: detect-secrets
   - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.28.0
+    rev: v8.30.0
     hooks:
       - id: gitleaks
   - repo: https://github.com/fabasoad/pre-commit-snyk
-    rev: v1.0.2
+    rev: v1.0.3
     hooks:
       - id: snyk-test
         args:
@@ -52,7 +52,7 @@ repos:
           - --hook-args=--log-level debug
         stages: ["pre-push"]
   - repo: https://github.com/fabasoad/pre-commit-grype
-    rev: v0.6.3
+    rev: v0.6.4
     hooks:
       - id: grype-dir
         args:
@@ -60,7 +60,7 @@ repos:
           - --hook-args=--log-level debug
         stages: ["pre-push"]
   - repo: https://github.com/google/osv-scanner
-    rev: v2.2.3
+    rev: v2.3.3
     hooks:
       - id: osv-scanner
         args:
@@ -69,19 +69,19 @@ repos:
         stages: ["pre-push"]
   # Markdown
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.45.0
+    rev: v0.47.0
     hooks:
       - id: markdownlint-fix
         stages: ["pre-commit"]
   # Yaml
   - repo: https://github.com/adrienverge/yamllint
-    rev: v1.37.1
+    rev: v1.38.0
     hooks:
       - id: yamllint
         stages: ["pre-push"]
   # GitHub Actions
   - repo: https://github.com/rhysd/actionlint
-    rev: v1.7.7
+    rev: v1.7.10
     hooks:
       - id: actionlint
         args: ["-pyflakes=", "-shellcheck="]

package/.tool-versions

@@ -1 +1 @@
-nodejs 24.9.0
+nodejs 25.6.1

package/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2025 Yevhen Fabizhevskyi
+Copyright (c) 2025-2026 Yevhen Fabizhevskyi
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/Makefile

@@ -47,3 +47,7 @@ pre-commit/update:
 
 .PHONY: update
 update: npm/update pre-commit/update
+
+.PHONY: outdated
+outdated:
+	@npm outdated

package/README.md

@@ -37,53 +37,55 @@ import {
   SendIf
 } from '@fabasoad/sarif-to-slack';
 
-const client: SarifToSlackClient = await SarifToSlackClient.create({
-  webhookUrl: 'https://hooks.slack.com/services/your/webhook/url',
-  username: 'SARIF to Slack Bot',
-  iconUrl: 'https://example.com/icon.png',
-  color: {
-    default: new Color('failure'),
-    empty: new Color('success'),
-    bySeverity: {
-      critical: new Color('#ff0000'),
-      high: new Color('#ff4500'),
-      medium: new Color('#ffa500'),
-      low: new Color('#ffff00'),
-      none: new Color('#808080'),
-      unknown: new Color('#800080'),
+const client: SarifToSlackClient = await SarifToSlackClient.create(
+  'https://hooks.slack.com/services/your/webhook/url',
+  {
+    username: 'SARIF to Slack Bot',
+    iconUrl: 'https://example.com/icon.png',
+    color: {
+      default: new Color('failure'),
+      empty: new Color('success'),
+      bySeverity: {
+        critical: new Color('#ff0000'),
+        high: new Color('#ff4500'),
+        medium: new Color('#ffa500'),
+        low: new Color('#ffff00'),
+        none: new Color('#808080'),
+        unknown: new Color('#800080'),
+      },
+      byLevel: {
+        error: new Color('#ff0000'),
+        warning: new Color('#ffa500'),
+        note: new Color('#ffff00'),
+        none: new Color('#808080'),
+        unknown: new Color('#800080'),
+      },
     },
-    byLevel: {
-      error: new Color('#ff0000'),
-      warning: new Color('#ffa500'),
-      note: new Color('#ffff00'),
-      none: new Color('#808080'),
-      unknown: new Color('#800080'),
+    sarif: {
+      path: 'path/to/your/sarif-files',
+      recursive: true,
+      extension: 'sarif',
     },
-  },
-  sarif: {
-    path: 'path/to/your/sarif-files',
-    recursive: true,
-    extension: 'sarif',
-  },
-  header: {
-    include: true,
-    value: 'SARIF Analysis Results'
-  },
-  footer: {
-    include: true,
-    type: FooterType.PLAIN_TEXT,
-    value: 'Generated by @fabasoad/sarif-to-slack'
-  },
-  actor: {
-    include: true,
-    value: 'fabasoad'
-  },
-  run: {
-    include: true
-  },
-  representation: RepresentationType.CompactGroupByToolNamePerSeverity,
-  sendIf: SendIf.MediumOrHigher,
-});
+    header: {
+      include: true,
+      value: 'SARIF Analysis Results'
+    },
+    footer: {
+      include: true,
+      type: FooterType.PLAIN_TEXT,
+      value: 'Generated by @fabasoad/sarif-to-slack'
+    },
+    actor: {
+      include: true,
+      value: 'fabasoad'
+    },
+    run: {
+      include: true
+    },
+    representation: RepresentationType.CompactGroupByToolNamePerSeverity,
+    sendIf: SendIf.MediumOrHigher,
+  }
+);
 await client.send();
 ```
 

package/dist/index.cjs

@@ -175,9 +175,9 @@ var import_zod2 = require("zod");
 var import_zod = require("zod");
 
 // src/metadata.json
-var version = "1.3.3";
-var sha = "f6b4aa737b13486ac47a1582134062221ab15984";
-var buildAt = "2025-10-11T14:41:50Z";
+var version = "1.3.4";
+var sha = "7dcec52f94545c8b5319ca92f2e77130b7bd0f3a";
+var buildAt = "2026-02-13T14:07:20Z";
 
 // src/system.ts
 function logMetadata() {

package/dist/tsdoc-metadata.json

@@ -5,7 +5,7 @@
   "toolPackages": [
     {
       "packageName": "@microsoft/api-extractor",
-      "packageVersion": "7.52.15"
+      "packageVersion": "7.56.3"
     }
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fabasoad/sarif-to-slack",
-  "version": "1.3.3",
+  "version": "1.3.4",
   "description": "TypeScript library to send results of SARIF file to Slack webhook URL.",
   "main": "dist/index.cjs",
   "module": "dist/index.js",
@@ -42,20 +42,20 @@
   },
   "homepage": "https://github.com/fabasoad/sarif-to-slack#readme",
   "dependencies": {
-    "@slack/webhook": "7.0.6",
-    "@types/sarif": "2.1.7",
-    "tslog": "4.10.2",
-    "zod": "4.1.12"
+    "@slack/webhook": "~7.0.7",
+    "@types/sarif": "~2.1.7",
+    "tslog": "~4.10.2",
+    "zod": "~4.3.6"
   },
   "devDependencies": {
-    "@biomejs/biome": "2.2.5",
-    "@microsoft/api-documenter": "7.26.36",
-    "@microsoft/api-extractor": "7.52.15",
-    "@types/jest": "30.0.0",
-    "jest": "30.2.0",
-    "jest-circus": "30.2.0",
-    "ts-jest": "29.4.4",
-    "tsup": "8.5.0",
-    "typescript": "5.9.3"
+    "@biomejs/biome": "~2.3.15",
+    "@microsoft/api-documenter": "~7.28.9",
+    "@microsoft/api-extractor": "~7.56.3",
+    "@types/jest": "~30.0.0",
+    "jest": "~30.2.0",
+    "jest-circus": "~30.2.0",
+    "ts-jest": "~29.4.6",
+    "tsup": "~8.5.1",
+    "typescript": "~5.9.3"
   }
 }

package/.github/dependabot.yml

@@ -1,11 +0,0 @@
----
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "monthly"
-    reviewers:
-      - "fabasoad"
-    labels:
-      - "dependencies"