@fabasoad/sarif-to-slack 1.3.3 → 1.3.5

package/.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,32 +7,32 @@ assignees: fabasoad
 
 ---
 
-#### Describe the bug
+## Describe the bug
 
 A clear and concise description of what the bug is.
 
-#### Steps to Reproduce
+## Steps to Reproduce
 
 1. Run '...'
 2. See error
 
-#### Expected behavior
+## Expected behavior
 
 A clear and concise description of what you expected to happen.
 
-#### Actual behavior
+## Actual behavior
 
 A clear and concise description of what is happening now.
 
-#### Screenshots
+## Screenshots
 
 If applicable, add screenshots to help explain your problem.
 
-#### Technical information (please complete the following information)
+## Technical information (please complete the following information)
 
 - OS: [e.g. Windows 10 Enterprise v.1909 (OS Build 18363.720)]
 - `sarif-to-slack` version [e.g. 0.1.1]
 
-#### Additional context
+## Additional context
 
 Add any other context about the problem here.

package/.github/ISSUE_TEMPLATE/feature_request.md

@@ -7,20 +7,20 @@ assignees: fabasoad
 
 ---
 
-### Is your feature request related to a problem? Please describe
+## Is your feature request related to a problem? Please describe
 
 A clear and concise description of what the problem is. Ex. I'm always
 frustrated when [...]
 
-### Describe the solution you'd like
+## Describe the solution you'd like
 
 A clear and concise description of what you want to happen.
 
-### Describe alternatives you've considered
+## Describe alternatives you've considered
 
 A clear and concise description of any alternative solutions or features you've
 considered.
 
-### Additional context
+## Additional context
 
 Add any other context or screenshots about the feature request here.

package/.github/workflows/linting.yml

@@ -19,14 +19,18 @@ on: # yamllint disable-line rule:truthy
           - js-lint
           - pre-commit
 
+permissions:
+  contents: read
+
 jobs:
   js-lint:
     name: JS Lint
-    if: ${{ (github.event.inputs.linter || 'all') == 'all' || github.event.inputs.linter == 'js-lint' }}
+    if: contains(fromJSON('["all", "js-lint"]'), github.event.inputs.linter || 'all')
     uses: fabasoad/reusable-workflows/.github/workflows/wf-js-lint.yml@main
+
   pre-commit:
     name: Pre-commit
-    if: ${{ (github.event.inputs.linter || 'all') == 'all' || github.event.inputs.linter == 'pre-commit' }}
+    if: contains(fromJSON('["all", "pre-commit"]'), github.event.inputs.linter || 'all')
     uses: fabasoad/reusable-workflows/.github/workflows/wf-pre-commit.yml@main
     with:
       skip-hooks: "audit, build, lint, test"

package/.github/workflows/release.yml

@@ -22,24 +22,25 @@ jobs:
     permissions:
       contents: write
       packages: write
+      id-token: write
     outputs:
       ref: ${{ steps.metadata.outputs.ref }}
       ref-name: ${{ steps.metadata.outputs.ref-name }}
     steps:
       - name: Get GitHub token
-        uses: actions/create-github-app-token@v2
+        uses: actions/create-github-app-token@v3
         id: github-app
         with:
           app-id: ${{ vars.GH_APP_CONTENTS_CRUD_APP_ID }}
           private-key: ${{ secrets.GH_APP_CONTENTS_CRUD_PRIVATE_KEY }}
 
       - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           token: "${{ steps.github-app.outputs.token }}"
 
       - name: Setup Node
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version-file: ".tool-versions"
           cache: "npm"
@@ -56,10 +57,10 @@ jobs:
           BUMP_STRATEGY: "${{ github.event.inputs.bump-strategy }}"
           GH_TOKEN: "${{ steps.github-app.outputs.token }}"
         run: |
-          app_slug="${{ steps.github-app.outputs.app-slug }}"
-          user_id="$(gh api "/users/${app_slug}[bot]" --jq .id)"
-          git config user.email "${user_id}+${app_slug}[bot]@users.noreply.github.com"
-          git config user.name "${app_slug}[bot]"
+          user_name="${{ steps.github-app.outputs.app-slug }}[bot]"
+          user_id="$(gh api "/users/${user_name}" --jq .id)"
+          git config user.email "${user_id}+${user_name}@users.noreply.github.com"
+          git config user.name "${user_name}"
           npm run version:${BUMP_STRATEGY}
 
       - name: Get metadata
@@ -73,6 +74,7 @@ jobs:
         uses: JS-DevTools/npm-publish@v4
         with:
           token: "${{ secrets.NPM_TOKEN }}"
+          registry: "https://registry.npmjs.org"
 
       - name: Publish to GitHub Packages
         uses: JS-DevTools/npm-publish@v4
@@ -83,6 +85,8 @@ jobs:
     name: GitHub
     needs: [publish]
     uses: fabasoad/reusable-workflows/.github/workflows/wf-github-release.yml@main
+    permissions:
+      contents: write
     with:
       bump-tags: false
       ref: ${{ needs.publish.outputs.ref }}

package/.github/workflows/security.yml

@@ -18,10 +18,10 @@ on: # yamllint disable-line rule:truthy
 jobs:
   sast:
     name: SAST
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
     permissions:
       contents: read
       security-events: write
-    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
     with:
-      code-scanning: ${{ (inputs.security-type || 'all') == 'all' || inputs.security-type == 'code-scanning' }}
-      sca: ${{ (inputs.security-type || 'all') == 'all' || inputs.security-type == 'sca' }}
+      code-scanning: ${{ contains(fromJSON('["all", "code-scanning"]'), github.event.inputs.security-type || 'all') }}
+      sca: ${{ contains(fromJSON('["all", "sca"]'), github.event.inputs.security-type || 'all') }}

package/.github/workflows/send-sarif-to-slack.yml

@@ -163,7 +163,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Determine SARIF file
         id: sarif-file
         env:
@@ -273,7 +273,7 @@ jobs:
           fi
           echo "value=${value}" >> "$GITHUB_OUTPUT"
       - name: Setup node
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version-file: ".tool-versions"
       - name: Install dependencies

package/.github/workflows/sync-labels.yml

@@ -11,3 +11,7 @@ jobs:
   maintenance:
     name: Maintenance
     uses: fabasoad/reusable-workflows/.github/workflows/wf-sync-labels.yml@main
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write

package/.github/workflows/unit-tests.yml

@@ -20,4 +20,6 @@ jobs:
   jest:
     name: Jest
     uses: fabasoad/reusable-workflows/.github/workflows/wf-js-unit-tests.yml@main
+    permissions:
+      contents: read
     secrets: inherit # pragma: allowlist secret

package/.github/workflows/update-license.yml

@@ -10,3 +10,6 @@ jobs:
   maintenance:
     name: Maintenance
     uses: fabasoad/reusable-workflows/.github/workflows/wf-update-license.yml@main
+    permissions:
+      contents: write
+      pull-requests: write

package/.pre-commit-config.yaml

@@ -2,28 +2,28 @@
 default_install_hook_types: ["pre-commit", "pre-push"]
 default_stages: ["pre-commit", "pre-push"]
 exclude: ^(dist/.*|etc/.*|node_modules/.*|temp/.*|test-data/.*)$
-minimum_pre_commit_version: 4.0.0
+minimum_pre_commit_version: 4.4.0
 repos:
   - repo: local
     hooks:
       - id: build
         name: Build
         entry: make build
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: true
         stages: ["pre-push"]
       - id: lint
         name: Lint
         entry: make lint
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: false
         stages: ["pre-push"]
       - id: test
         name: Unit tests
         entry: make test
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: true
         stages: ["pre-push"]
@@ -31,7 +31,7 @@ repos:
       - id: audit
         name: npm audit
         entry: make audit
-        language: system
+        language: unsupported
         pass_filenames: false
         verbose: false
         stages: ["pre-push"]
@@ -40,11 +40,11 @@ repos:
     hooks:
       - id: detect-secrets
   - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.28.0
+    rev: v8.30.1
     hooks:
       - id: gitleaks
   - repo: https://github.com/fabasoad/pre-commit-snyk
-    rev: v1.0.2
+    rev: v1.0.3
     hooks:
       - id: snyk-test
         args:
@@ -52,7 +52,7 @@ repos:
           - --hook-args=--log-level debug
         stages: ["pre-push"]
   - repo: https://github.com/fabasoad/pre-commit-grype
-    rev: v0.6.3
+    rev: v0.6.4
     hooks:
       - id: grype-dir
         args:
@@ -60,7 +60,7 @@ repos:
           - --hook-args=--log-level debug
         stages: ["pre-push"]
   - repo: https://github.com/google/osv-scanner
-    rev: v2.2.3
+    rev: v2.3.5
     hooks:
       - id: osv-scanner
         args:
@@ -69,19 +69,19 @@ repos:
         stages: ["pre-push"]
   # Markdown
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.45.0
+    rev: v0.48.0
     hooks:
       - id: markdownlint-fix
         stages: ["pre-commit"]
   # Yaml
   - repo: https://github.com/adrienverge/yamllint
-    rev: v1.37.1
+    rev: v1.38.0
     hooks:
       - id: yamllint
         stages: ["pre-push"]
   # GitHub Actions
   - repo: https://github.com/rhysd/actionlint
-    rev: v1.7.7
+    rev: v1.7.12
     hooks:
       - id: actionlint
         args: ["-pyflakes=", "-shellcheck="]

package/.tool-versions

@@ -1 +1 @@
-nodejs 24.9.0
+nodejs 25.9.0

package/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2025 Yevhen Fabizhevskyi
+Copyright (c) 2025-2026 Yevhen Fabizhevskyi
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/Makefile

@@ -43,7 +43,11 @@ npm/update:
 
 .PHONY: pre-commit/update
 pre-commit/update:
-	@pre-commit autoupdate
+	@command -v prek >/dev/null 2>&1 && prek auto-update || pre-commit autoupdate
 
 .PHONY: update
 update: npm/update pre-commit/update
+
+.PHONY: outdated
+outdated:
+	@npm outdated

package/README.md

@@ -37,53 +37,55 @@ import {
   SendIf
 } from '@fabasoad/sarif-to-slack';
 
-const client: SarifToSlackClient = await SarifToSlackClient.create({
-  webhookUrl: 'https://hooks.slack.com/services/your/webhook/url',
-  username: 'SARIF to Slack Bot',
-  iconUrl: 'https://example.com/icon.png',
-  color: {
-    default: new Color('failure'),
-    empty: new Color('success'),
-    bySeverity: {
-      critical: new Color('#ff0000'),
-      high: new Color('#ff4500'),
-      medium: new Color('#ffa500'),
-      low: new Color('#ffff00'),
-      none: new Color('#808080'),
-      unknown: new Color('#800080'),
+const client: SarifToSlackClient = await SarifToSlackClient.create(
+  'https://hooks.slack.com/services/your/webhook/url',
+  {
+    username: 'SARIF to Slack Bot',
+    iconUrl: 'https://example.com/icon.png',
+    color: {
+      default: new Color('failure'),
+      empty: new Color('success'),
+      bySeverity: {
+        critical: new Color('#ff0000'),
+        high: new Color('#ff4500'),
+        medium: new Color('#ffa500'),
+        low: new Color('#ffff00'),
+        none: new Color('#808080'),
+        unknown: new Color('#800080'),
+      },
+      byLevel: {
+        error: new Color('#ff0000'),
+        warning: new Color('#ffa500'),
+        note: new Color('#ffff00'),
+        none: new Color('#808080'),
+        unknown: new Color('#800080'),
+      },
     },
-    byLevel: {
-      error: new Color('#ff0000'),
-      warning: new Color('#ffa500'),
-      note: new Color('#ffff00'),
-      none: new Color('#808080'),
-      unknown: new Color('#800080'),
+    sarif: {
+      path: 'path/to/your/sarif-files',
+      recursive: true,
+      extension: 'sarif',
     },
-  },
-  sarif: {
-    path: 'path/to/your/sarif-files',
-    recursive: true,
-    extension: 'sarif',
-  },
-  header: {
-    include: true,
-    value: 'SARIF Analysis Results'
-  },
-  footer: {
-    include: true,
-    type: FooterType.PLAIN_TEXT,
-    value: 'Generated by @fabasoad/sarif-to-slack'
-  },
-  actor: {
-    include: true,
-    value: 'fabasoad'
-  },
-  run: {
-    include: true
-  },
-  representation: RepresentationType.CompactGroupByToolNamePerSeverity,
-  sendIf: SendIf.MediumOrHigher,
-});
+    header: {
+      include: true,
+      value: 'SARIF Analysis Results'
+    },
+    footer: {
+      include: true,
+      type: FooterType.PLAIN_TEXT,
+      value: 'Generated by @fabasoad/sarif-to-slack'
+    },
+    actor: {
+      include: true,
+      value: 'fabasoad'
+    },
+    run: {
+      include: true
+    },
+    representation: RepresentationType.CompactGroupByToolNamePerSeverity,
+    sendIf: SendIf.MediumOrHigher,
+  }
+);
 await client.send();
 ```
 

package/api-extractor.json

@@ -264,7 +264,7 @@
     /**
      * (REQUIRED) Whether to generate the .d.ts rollup file.
      */
-    "enabled": true
+    "enabled": true,
 
     /**
      * Specifies the output path for a .d.ts rollup file to be generated without any trimming.
@@ -278,7 +278,7 @@
      * SUPPORTED TOKENS: <projectFolder>, <packageName>, <unscopedPackageName>
      * DEFAULT VALUE: "<projectFolder>/dist/<unscopedPackageName>.d.ts"
      */
-    // "untrimmedFilePath": "<projectFolder>/dist/<unscopedPackageName>.d.ts",
+    "untrimmedFilePath": "<projectFolder>/dist/index.d.ts",
 
     /**
      * Specifies the output path for a .d.ts rollup file to be generated with trimming for an "alpha" release.

package/dist/index.cjs

@@ -175,9 +175,9 @@ var import_zod2 = require("zod");
 var import_zod = require("zod");
 
 // src/metadata.json
-var version = "1.3.3";
-var sha = "f6b4aa737b13486ac47a1582134062221ab15984";
-var buildAt = "2025-10-11T14:41:50Z";
+var version = "1.3.5";
+var sha = "4b44572f95bfdaab5159a2bd89a3ed2b193b55aa";
+var buildAt = "2026-04-04T14:25:40Z";
 
 // src/system.ts
 function logMetadata() {
@@ -565,6 +565,7 @@ var Column = class {
     this.header = header;
     this._cells = new Array(cellsCount);
   }
+  header;
   _logger = new Logger("Column");
   _cells;
   get total() {
@@ -596,6 +597,7 @@ var Cell = class {
     this._value = _value;
     this._width = _value.toString().length;
   }
+  _value;
   _width;
   setWidth(width) {
     this._width = width > this._width ? width : this._width;
@@ -621,6 +623,8 @@ var Row = class {
     this._cells = Array.from({ length: cellsCount }, () => new Cell());
     this._totalWidth = 1;
   }
+  _header;
+  headerWidth;
   _logger = new Logger("Row");
   _cells;
   _totalWidth;
@@ -729,6 +733,9 @@ var TableGroupRepresentation = class extends Representation {
     this._keyPer = _keyPer;
     this._values = _values;
   }
+  _keyBy;
+  _keyPer;
+  _values;
   _logger = new Logger("TableGroupRepresentation");
   groupFindingsPer(findings) {
     return findings.reduce(