From cc6f10664bf555b35a575fec21b3e21bc742af51 Mon Sep 17 00:00:00 2001 From: murderteeth <89237203+murderteeth@users.noreply.github.com> Date: Thu, 14 May 2026 06:22:43 +0000 Subject: [PATCH] Supply-chain hardening sweep MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1 PM config(s); pin 5 deps; pin 7 actions 🛡️ Automated --- .github/workflows/lint.yaml | 10 +++++----- .github/workflows/test.yaml | 4 ++-- .yarnrc.yml | 3 +++ package.json | 15 ++++++++------- yarn.lock | 10 +++++----- 5 files changed, 23 insertions(+), 19 deletions(-) create mode 100644 .yarnrc.yml diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 772b097..901c5d2 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -13,12 +13,12 @@ jobs: steps: - name: Check out github repository - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: fetch-depth: 1 - name: Setup node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1 with: node-version: '16.x' @@ -27,7 +27,7 @@ jobs: run: echo "::set-output name=dir::$(yarn cache dir)" - name: Restore yarn cache - uses: actions/cache@v2 + uses: actions/cache@8492260343ad570701412c2f464a5877dc76bace # v2 id: yarn-cache with: path: | @@ -50,9 +50,9 @@ jobs: steps: - name: Check out github repository - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: fetch-depth: 0 - name: Run commitlint - uses: wagoid/commitlint-github-action@v2 \ No newline at end of file + uses: wagoid/commitlint-github-action@4b1bcb1c72f99fbd6aa6b34cc3fb59200f01f993 # v2 \ No newline at end of file diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 27cd735..db894bc 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -18,12 +18,12 @@ jobs: name: Foundry project runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: submodules: recursive - name: Install Foundry - uses: foundry-rs/foundry-toolchain@v1 + uses: foundry-rs/foundry-toolchain@c7450ba673e133f5ee30098b3b54f444d3a2ca2d # v1 with: version: nightly diff --git a/.yarnrc.yml b/.yarnrc.yml new file mode 100644 index 0000000..dd78e98 --- /dev/null +++ b/.yarnrc.yml @@ -0,0 +1,3 @@ +npmMinimalAgeGate: 10080 +enableScripts: false +defaultSemverRangePrefix: "" diff --git a/package.json b/package.json index 5ed2f4f..d7e5dd9 100644 --- a/package.json +++ b/package.json @@ -1,17 +1,18 @@ { "name": "yearn_base_strategy", "devDependencies": { - "prettier": "^2.5.1", - "prettier-plugin-solidity": "^1.0.0-beta.19", - "pretty-quick": "^3.1.3", + "prettier": "2.8.4", + "prettier-plugin-solidity": "1.1.3", + "pretty-quick": "3.1.3", "solc": "0.8.18", - "solhint": "^3.3.7", - "solhint-plugin-prettier": "^0.0.5" + "solhint": "3.4.0", + "solhint-plugin-prettier": "0.0.5" }, "scripts": { "format": "prettier --write 'src/**/*.(sol|json)' 'script/*.sol'", "format:check": "prettier --check 'src/**/*.*(sol|json)' 'script/*.sol'", "lint": "solhint 'src/**/*.sol' 'script/*.sol'", "lint:fix": "solhint --fix 'src/**/*.sol' 'script/*.sol'" - } - } \ No newline at end of file + }, + "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" +} diff --git a/yarn.lock b/yarn.lock index 79d407d..eb03fdc 100644 --- a/yarn.lock +++ b/yarn.lock @@ -580,7 +580,7 @@ prettier-linter-helpers@^1.0.0: dependencies: fast-diff "^1.1.2" -prettier-plugin-solidity@^1.0.0-beta.19: +prettier-plugin-solidity@1.1.3: version "1.1.3" resolved "https://registry.yarnpkg.com/prettier-plugin-solidity/-/prettier-plugin-solidity-1.1.3.tgz#9a35124f578404caf617634a8cab80862d726cba" integrity sha512-fQ9yucPi2sBbA2U2Xjh6m4isUTJ7S7QLc/XDDsktqqxYfTwdYKJ0EnnywXHwCGAaYbQNK+HIYPL1OemxuMsgeg== @@ -589,12 +589,12 @@ prettier-plugin-solidity@^1.0.0-beta.19: semver "^7.3.8" solidity-comments-extractor "^0.0.7" -prettier@^2.5.1, prettier@^2.8.3: +prettier@2.8.4, prettier@^2.8.3: version "2.8.4" resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.8.4.tgz#34dd2595629bfbb79d344ac4a91ff948694463c3" integrity sha512-vIS4Rlc2FNh0BySk3Wkd6xmwxB0FpOndW5fisM5H8hsZSxU2VWVB5CWIkIjWvrHjIhxk2g3bfMKM87zNTrZddw== -pretty-quick@^3.1.3: +pretty-quick@3.1.3: version "3.1.3" resolved "https://registry.yarnpkg.com/pretty-quick/-/pretty-quick-3.1.3.tgz#15281108c0ddf446675157ca40240099157b638e" integrity sha512-kOCi2FJabvuh1as9enxYmrnBC6tVMoVOenMaBqRfsvBHB0cbpYHjdQEpSglpASDFEXVwplpcGR4CLEaisYAFcA== @@ -685,14 +685,14 @@ solc@0.8.18: semver "^5.5.0" tmp "0.0.33" -solhint-plugin-prettier@^0.0.5: +solhint-plugin-prettier@0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/solhint-plugin-prettier/-/solhint-plugin-prettier-0.0.5.tgz#e3b22800ba435cd640a9eca805a7f8bc3e3e6a6b" integrity sha512-7jmWcnVshIrO2FFinIvDQmhQpfpS2rRRn3RejiYgnjIE68xO2bvrYvjqVNfrio4xH9ghOqn83tKuTzLjEbmGIA== dependencies: prettier-linter-helpers "^1.0.0" -solhint@^3.3.7: +solhint@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/solhint/-/solhint-3.4.0.tgz#a7e4f2d73e679cb197a1ca5279aa7534bd323e4d" integrity sha512-FYEs/LoTxMsWFP/OGsEqR1CBDn3Bn7hrTWsgtjai17MzxITgearIdlo374KKZjjIycu8E2xBcJ+RSWeoBvQmkw==