diff --git a/.github/workflows/npmAudit.yml b/.github/workflows/npmAudit.yml new file mode 100644 index 0000000..6bf7e8a --- /dev/null +++ b/.github/workflows/npmAudit.yml @@ -0,0 +1,45 @@ +name: NPM Audit + +on: + pull_request: + workflow_dispatch: + push: + branches: + - master + +jobs: + scan: + name: NPM Audit packages + runs-on: ubuntu-latest + permissions: + contents: read + issues: write + pull-requests: write + + steps: + - name: Checkout + uses: actions/checkout@v5 + with: + fetch-depth: 0 + persist-credentials: false + + - name: Setup Node.js + uses: actions/setup-node@v5 + with: + node-version: ${{ vars.NODE_VERSION }} + + - name: Install dependencies + run: npm i + env: + NODE_ENV: production + CI: true + - uses: oke-py/npm-audit-action@3fa1b7654e7ff98cbb75c17f927c076a22991572 # v3.0.0 + with: + audit_level: moderate + create_issues: true + create_pr_comments: true + github_token: ${{ secrets.GITHUB_TOKEN }} + issue_assignees: oke-py + issue_labels: vulnerability,test + dedupe_issues: true + json_flag: true diff --git a/.github/workflows/node.js.yml b/.github/workflows/unitTest.yml similarity index 77% rename from .github/workflows/node.js.yml rename to .github/workflows/unitTest.yml index 81f7b37..2701e6c 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/unitTest.yml @@ -1,7 +1,7 @@ # This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions -name: Node.js CI +name: Unit Test on: push: @@ -19,19 +19,19 @@ jobs: strategy: matrix: os: [windows-latest, ubuntu-latest] - node-version: [14.x, 16.x, 18.x] + node-version: [20.9.x, 21.x, 22.20.0] # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ steps: - name: Install GraphicsMagic and Imagemagick on Ubuntu if: contains(matrix.os, 'ubuntu') - run: sudo apt-get install -y imagemagick graphicsmagick + run: sudo apt-get install -y imagemagick=7.1.1-21 graphicsmagick=1.3.35-Q16 - name: Install GraphicsMagic and Imagemagick on Windows if: contains(matrix.os, 'windows') - run: choco install -y imagemagick graphicsmagick - - uses: actions/checkout@v3 + run: choco install -y imagemagick --version 7.1.1-21-Q16-HDRI-x64-dll.exe graphicsmagick --version 1.3.35-Q16-win64-dll.exe + - uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} - run: npm i diff --git a/package.json b/package.json index 73c866a..1a37fc7 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "gm", "description": "GraphicsMagick and ImageMagick for node.js", - "version": "1.25.0", + "version": "2.0.0", "author": "Aaron Heckmann ", "keywords": [ "graphics", @@ -14,8 +14,9 @@ "identify", "compare" ], + "engineStrict": true, "engines": { - "node": ">=14" + "node": ">=22.20.0" }, "bugs": { "url": "http://github.com/aheckmann/gm/issues" @@ -35,16 +36,16 @@ }, "repository": { "type": "git", - "url": "https://github.com/aheckmann/gm.git" + "url": "git+https://github.com/aheckmann/gm.git" }, "license": "MIT", "devDependencies": { - "async": "~0.9.0" + "async": "~3.2.6" }, "dependencies": { "array-parallel": "~0.1.3", "array-series": "~0.1.5", - "cross-spawn": "^4.0.0", - "debug": "^3.1.0" + "cross-spawn": "^7.0.6", + "debug": "^4.4.3" } }