npm - ffc-pay-event-publisher - Versions diffs - 1.2.3 → 1.2.4 - Mend

ffc-pay-event-publisher 1.2.3 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/.github/workflows/secret-scanner.yml +19 -0
package/.gitleaks.toml +18 -0
package/.gitleaksignore +0 -0
package/.husky/pre-commit +30 -0
package/.npmignore +3 -1
package/package-lock.json +25 -2
package/package.json +4 -2

package/.github/workflows/secret-scanner.yml ADDED Viewed

@@ -0,0 +1,19 @@
+name: Secret Scanner
+on:
+  workflow_call:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+    types:
+      - opened        # PR created
+      - synchronize   # new commits pushed to an existing PR
+      - reopened      # PR reopened after being closed
+jobs:
+  secret-scan:
+    uses: DEFRA/ffc-shared-actions/.github/workflows/secret-scanner.yml@main
+    secrets: inherit

package/.gitleaks.toml ADDED Viewed

@@ -0,0 +1,18 @@
+# ffc-pay-event-publisher/.gitleaks.toml
+title = "ffc-pay-event-publisher"
+[extend]
+path = ".gitleaks-shared/.gitleaks.toml"
+# Service-specific additions only below this line, use [[ ]] for multiple allowlist instances
+[allowlist]
+description = "Service-specific exclusions"
+paths = [
+  '''test/mock-objects/.*''',
+  '''test/mock-modules/.*''',
+  '''test/unit/.*'''
+]
+#enter regex here wrapped in triple ''' to exclude specific keys
+#regexes = [
+#]

package/.gitleaksignore ADDED Viewed

File without changes

package/.husky/pre-commit ADDED Viewed

@@ -0,0 +1,30 @@
+#!/bin/sh
+GITLEAKS_VERSION="8.30.0"
+GITLEAKS_BIN="$HOME/.local/bin/gitleaks"
+GITLEAKS_URL="https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_x64.tar.gz"
+# get installed version (if any)
+INSTALLED_VERSION=""
+if [ -x "$GITLEAKS_BIN" ]; then
+  INSTALLED_VERSION=$("$GITLEAKS_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' || true)
+fi
+if [ "$INSTALLED_VERSION" != "$GITLEAKS_VERSION" ]; then
+  echo "⚠️  Installing/updating gitleaks v${GITLEAKS_VERSION} (was: ${INSTALLED_VERSION:-none})..."
+  mkdir -p "$HOME/.local/bin"
+  curl -sSfL "$GITLEAKS_URL" | tar -xz -C "$HOME/.local/bin" gitleaks
+  chmod +x "$GITLEAKS_BIN"
+fi
+# Always fetch latest shared gitleaks config
+echo "Fetching shared gitleaks config..."
+mkdir -p .gitleaks-shared
+if ! curl -sSfL https://raw.githubusercontent.com/DEFRA/ffc-shared-actions/main/.gitleaks.toml \
+  -o .gitleaks-shared/.gitleaks.toml; then
+  echo "❌ Failed to fetch shared gitleaks config from ffc-shared-actions." >&2
+  exit 1
+fi
+echo "🔍 Running gitleaks scan..."
+"$GITLEAKS_BIN" protect --staged --config .gitleaks.toml --verbose --exit-code=2

package/.npmignore CHANGED Viewed

@@ -2,4 +2,6 @@ test-output
 node_modules
 helm/**/*.lock
 *.tgz
-.vscode
+.vscode
+.gitleaks-shared/

package/package-lock.json CHANGED Viewed

@@ -1,12 +1,12 @@
 {
   "name": "ffc-pay-event-publisher",
-  "version": "1.2.3",
+  "version": "1.2.4",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "ffc-pay-event-publisher",
-      "version": "1.2.2",
+      "version": "1.2.4",
       "license": "OGL-UK-3.0",
       "dependencies": {
         "ffc-messaging": "2.10.5",
@@ -15,6 +15,7 @@
       },
       "devDependencies": {
         "eslint": "9.39.1",
+        "husky": "9.1.7",
         "jest": "29.7.0",
         "jest-junit": "14.0.0",
         "neostandard": "0.12.2"
@@ -4688,6 +4689,22 @@
         "node": ">=10.17.0"
       }
     },
+    "node_modules/husky": {
+      "version": "9.1.7",
+      "resolved": "https://registry.npmjs.org/husky/-/husky-9.1.7.tgz",
+      "integrity": "sha512-5gs5ytaNjBrh5Ow3zrvdUUY+0VxIuWVL4i9irt6friV+BqdCfmV11CQTWMiBYWHbXhco+J1kHfTOUkePhCDvMA==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "husky": "bin.js"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/typicode"
+      }
+    },
     "node_modules/ieee754": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz",
@@ -11535,6 +11552,12 @@
       "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==",
       "dev": true
     },
+    "husky": {
+      "version": "9.1.7",
+      "resolved": "https://registry.npmjs.org/husky/-/husky-9.1.7.tgz",
+      "integrity": "sha512-5gs5ytaNjBrh5Ow3zrvdUUY+0VxIuWVL4i9irt6friV+BqdCfmV11CQTWMiBYWHbXhco+J1kHfTOUkePhCDvMA==",
+      "dev": true
+    },
     "ieee754": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ffc-pay-event-publisher",
-  "version": "1.2.3",
+  "version": "1.2.4",
   "description": "Event sending npm module for FFC pay services",
   "main": "index.js",
   "repository": {
@@ -11,7 +11,8 @@
   "scripts": {
     "test": "jest --runInBand --forceExit",
     "test:unit": "PORT=0 node --experimental-vm-modules node_modules/jest/bin/jest.js --testPathPatterns=test/unit",
-    "test:watch": "jest --coverage=false --onlyChanged --watch --runInBand"
+    "test:watch": "jest --coverage=false --onlyChanged --watch --runInBand",
+    "prepare": "node --eval \"const fs=require('fs'),cp=require('child_process');if(fs.existsSync('.git')&&!process.env.CI&&!process.env.TF_BUILD)cp.execSync('husky',{stdio:'inherit'})\""
   },
   "contributors": [
     "Simon Dunn simon.dunn1@rpa.gov.uk",
@@ -32,6 +33,7 @@
   },
   "devDependencies": {
     "eslint": "9.39.1",
+    "husky": "9.1.7",
     "jest": "29.7.0",
     "jest-junit": "14.0.0",
     "neostandard": "0.12.2"