chore: max-params warning for src/sdk/sdk.ts #1728

tamirazrab · 2025-01-27T09:33:49Z

Description

Resolve max-params warning for src/sdk/sdk.ts
...

End to End Test:
(See Pepr Excellent Examples)

Related Issue

Relates to #1700

Type of change

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Other (security config, docs update, etc)

Checklist before merging

Unit, Journey, E2E Tests, docs, adr added or updated as needed
Contributor Guide Steps followed

cmwylie19

Code looks good but this is user facing breaking change

https://docs.pepr.dev/main/user-guide/sdk/#writeevent

We would need to deprecate before making this change. We will chat as a team and give you some feedback. Thanks for the PR

resolves defenseunicorns#1700 Signed-off-by: t.azrab <[email protected]>

codecov · 2025-01-31T00:23:06Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.12%. Comparing base (129376b) to head (d77ff1a).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1728   +/-   ##
=======================================
  Coverage   82.11%   82.12%           
=======================================
  Files          52       52           
  Lines        2214     2215    +1     
  Branches      459      469   +10     
=======================================
+ Hits         1818     1819    +1     
- Misses        367      394   +27     
+ Partials       29        2   -27

Files with missing lines	Coverage Δ
src/sdk/sdk.ts	`100.00% <100.00%> (ø)`

... and 7 files with indirect coverage changes

samayer12 · 2025-02-04T15:34:35Z

As an update, we're still thinking about how we want to approach the underlying program structure that caused this warning. In general, we prefer to avoid resolving max-params by creating an object that contains N properties. However, if that's the best solution, we can work with it.

cmwylie19

lgtm, we will leave a message in our release about this change

samayer12

We have a plan to communicate this breaking change to users, good to go!

cmwylie19 · 2025-02-07T19:51:18Z

Looks like some commits are not signed. Can you sign them or open up a new PR with these changes?

## Description We're refocusing on having Dependabot update image digests across the Pepr project so no need for this job anymore. ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [ ] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [ ] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed

…icorns#1682) ## Description Adds a watch failure template with strict criteria for reporting in order to get enough info to debug. This template is referenced in the UDS Core docs for debugging in this PR defenseunicorns/uds-core#1205 ## Related Issue Fixes #  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <[email protected]>

…eunicorns#1690) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.3 to 2.10.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.4</h2> <h2>What's Changed</h2> <p>Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a> from step-security/fix-enobufs</li> <li><a href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a> Update log statement</li> <li><a href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a> Add try catch block</li> <li><a href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a> Fix ENOBUFS issue</li> <li><a href="https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f"><code>18f6947</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a> from AkhigbeEromo/Update-README</li> <li><a href="https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2"><code>81f844e</code></a> Edit docs</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377"><code>4c766de</code></a> Merge branch 'Update-README' of <a href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li> <li><a href="https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef"><code>c9c5f32</code></a> Handle Ashish reviews</li> <li><a href="https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76"><code>2877824</code></a> Merge branch 'main' into Update-README</li> <li><a href="https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0"><code>be87de0</code></a> Clean up</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Description Provide documentation/education on why it is a best practice to always Validate any Mutations. ## Related Issue Fixes defenseunicorns#899  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Barrett <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

## Description Add types to build.ts functions. ## Related Issue Relates to defenseunicorns#1649 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Co-authored-by: Sam Mayer <[email protected]> Co-authored-by: Case Wylie <[email protected]>

## Description Soak interrupts test is not scaling down the Pepr deployment, this fixes that. ## Related Issue Fixes defenseunicorns#1701  Relates to # ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]>

## Description The `soak.ci.yaml` uses pre-built manifests. When this [PR](defenseunicorns#1684) merged we went to a distroless image where `node` is not in the path on the image. We need to update the args on the deployments. [Job Failure](https://github.com/defenseunicorns/pepr/actions/runs/12840693540/job/35809678165) ## Related Issue Fixes #  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]>

@tamirazrab

…nseunicorns#1678) ## Description Controls which build arguments are used together and adds docs Lets hold off on this one to see if we can get the commits signed on PR defenseunicorns#1651 first. CC @tamirazrab ## Related Issue Fixes defenseunicorns#1662  Relates to # ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Barrett <[email protected]>

…ns#1703) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.1 to 3.28.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.2</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.2/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> <li>Update default CodeQL bundle version to 2.20.1. <a href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li> </ul> <h2>3.28.0 - 20 Dec 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li> <li>Don't fail in the unusual case that a file is on the search path. <a href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li> </ul> <h2>3.27.9 - 12 Dec 2024</h2> <p>No user facing changes.</p> <h2>3.27.8 - 12 Dec 2024</h2> <ul> <li>Fixed an issue where streaming the download and extraction of the CodeQL bundle did not respect proxy settings. <a href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li> </ul> <h2>3.27.7 - 10 Dec 2024</h2> <ul> <li>We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. <a href="https://redirect.github.com/github/codeql-action/pull/2631">#2631</a></li> <li>Update default CodeQL bundle version to 2.20.0. <a href="https://redirect.github.com/github/codeql-action/pull/2636">#2636</a></li> </ul> <h2>3.27.6 - 03 Dec 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.19.4. <a href="https://redirect.github.com/github/codeql-action/pull/2626">#2626</a></li> </ul> <h2>3.27.5 - 19 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.4 - 14 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.3 - 12 Nov 2024</h2> <p>No user facing changes.</p>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/d68b2d4edb4189fd2a5366ac14e72027bd4b37dd"><code>d68b2d4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2708">#2708</a> from github/update-v3.28.2-d90e07f32</li> <li><a href="https://github.com/github/codeql-action/commit/ea237964450673c10ad7b678a6aab37176b787a3"><code>ea23796</code></a> Update changelog for v3.28.2</li> <li><a href="https://github.com/github/codeql-action/commit/d90e07f32eb48924444e8069d5f1fbaaad678989"><code>d90e07f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2703">#2703</a> from github/dependabot/npm_and_yarn/npm-cd3f77644b</li> <li><a href="https://github.com/github/codeql-action/commit/7b7562b1766199469ed7f907ce332bdd498e8a28"><code>7b7562b</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/c16863838b8cb3c55d7f56d546070ebaa43615e5"><code>c168638</code></a> build(deps): bump the npm group with 3 updates</li> <li><a href="https://github.com/github/codeql-action/commit/0f1559aeaf806072ddd427d1b11e1c956e4851a0"><code>0f1559a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2699">#2699</a> from github/cklin/diff-informed-file-fallback</li> <li><a href="https://github.com/github/codeql-action/commit/2d608a3097df825010b85ce95b428eacc500fbf0"><code>2d608a3</code></a> Merge branch 'main' into cklin/diff-informed-file-fallback</li> <li><a href="https://github.com/github/codeql-action/commit/94f08f339edaf905c30a3c0cb4d3dc88f8f1028c"><code>94f08f3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2698">#2698</a> from github/cklin/diff-informed-status-report</li> <li><a href="https://github.com/github/codeql-action/commit/071996fbe2aafc9c8cce73ed09679656c8ba6cb7"><code>071996f</code></a> getDiffRanges: better fallback for absent patch</li> <li><a href="https://github.com/github/codeql-action/commit/5889cfd4994efea544ff3bc9f368822ecb589693"><code>5889cfd</code></a> Add analysis_is_diff_informed to status report</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c...d68b2d4edb4189fd2a5366ac14e72027bd4b37dd">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.1&new-version=3.28.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…efenseunicorns#1704) Bumps distroless/nodejs22-debian12 from `06298f8` to `5e248b9`. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=distroless/nodejs22-debian12&package-manager=docker&previous-version=nonroot&new-version=nonroot)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Description In support of defenseunicorns#1661, this PR fixes issues with test setup for integration tests. End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Relates to defenseunicorns#1661 ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Co-authored-by: Barrett <[email protected]>

…s group (defenseunicorns#1710) Bumps the development-dependencies group with 1 update: [undici](https://github.com/nodejs/undici). Updates `undici` from 7.2.3 to 7.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodejs/undici/releases">undici's releases</a>.</em></p> <blockquote> <h2>v7.3.0</h2> <h2>What's Changed</h2> <ul> <li>fix: sqlite null ref by <a href="https://github.com/ronag"><code>@ronag</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/4016">nodejs/undici#4016</a></li> <li>fix: sqlite remove unnecessary parameter by <a href="https://github.com/ronag"><code>@ronag</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/4017">nodejs/undici#4017</a></li> <li>feat: sqlite add set and minor cleanup by <a href="https://github.com/ronag"><code>@ronag</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/4018">nodejs/undici#4018</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v7.2.3...v7.3.0">https://github.com/nodejs/undici/compare/v7.2.3...v7.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodejs/undici/commit/ee02abe641e8aec8f609752dc135feadb2a8bf30"><code>ee02abe</code></a> Bumped v7.3.0 (<a href="https://redirect.github.com/nodejs/undici/issues/4021">#4021</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/fe21269033eec441a46f95d6cd16b4236edb2b4c"><code>fe21269</code></a> feat: sqlite add set and minor cleanup (<a href="https://redirect.github.com/nodejs/undici/issues/4018">#4018</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/a364e7c03849c1dc308e5f031031aa92bfdae324"><code>a364e7c</code></a> fix: sqlite remove unnecessary parameter (<a href="https://redirect.github.com/nodejs/undici/issues/4017">#4017</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/d76f5cf2fba0f7f4160395e5c29eace40a7e5934"><code>d76f5cf</code></a> fix: sqlite null ref (<a href="https://redirect.github.com/nodejs/undici/issues/4016">#4016</a>)</li> <li>See full diff in <a href="https://github.com/nodejs/undici/compare/v7.2.3...v7.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undici&package-manager=npm_and_yarn&previous-version=7.2.3&new-version=7.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Description This PR builds off defenseunicorns#1732 to address defenseunicorns#1713 ## Related Issue Fixes defenseunicorns#1713 ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [ ] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Co-authored-by: Case Wylie <[email protected]>

…icorns#1735) ## Description Resolve max-params warning for src/lib/telemetry/metrics.ts ... End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Fixes defenseunicorns#1699 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Co-authored-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

## Description Added coverage to webhooks to ensure correctness of webhook rules, config and values. ## Related Issue Fixes defenseunicorns#1656  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

## Description Add shellcheck to project, - couldn't make it to fix sh files automatically. ... End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Fixes defenseunicorns#1706  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: t.azrab <[email protected]> Co-authored-by: Sam Mayer <[email protected]> Co-authored-by: Case Wylie <[email protected]>

## Description Citing the `README` in a preso I am giving tomorrow and I noticed some partial issues that may be said in a way that is more clear. ## Related Issue Fixes #  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

…#1747) ## Description Resolve `max-params` warning in `src/lib/controller/index.ts` ... End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Fixes defenseunicorns#1698 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Co-authored-by: Case Wylie <[email protected]>

…seunicorns#1749) ## Description By overriding glob, we were able to remove inflight, both were deprecated. This seems to still work as expected passing all tests. _Before_ ```plaintext [email protected] /Users/cmwylie19/pepr ├─┬ [email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └── [email protected] deduped ├─┬ [email protected] │ └─┬ @jest/[email protected] │ ├─┬ @jest/[email protected] │ │ └── [email protected] │ ├─┬ [email protected] │ │ └── [email protected] deduped │ └─┬ [email protected] │ └── [email protected] deduped ├─┬ [email protected] invalid: "3.3.8" from the root project │ └─┬ @kubernetes/[email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └── [email protected] ├─┬ [email protected] │ └─┬ @sigstore/[email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └── [email protected] └─┬ [email protected] └─┬ @jest/[email protected] └─┬ [email protected] └─┬ [email protected] └── [email protected] deduped ``` After ```plaintext > npm dedup removed 20 packages, changed 4 packages, and audited 810 packages in 5s 113 packages are looking for funding run `npm fund` for details found 0 vulnerabilities ┌─[cmwylie19@C2WY6FCQVX] - [~/not-pepr/pepr] - [2025-01-30 01:52:06] └─[0] <git:(test_glob_override afe2d26) > npm ls glob [email protected] /Users/cmwylie19/not-pepr/pepr ├─┬ [email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └── [email protected] deduped ├─┬ [email protected] │ └─┬ @jest/[email protected] │ ├─┬ @jest/[email protected] │ │ └── [email protected] overridden │ ├─┬ [email protected] │ │ └── [email protected] deduped │ └─┬ [email protected] │ └── [email protected] deduped ├─┬ [email protected] │ └─┬ @kubernetes/[email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └── [email protected] deduped ├─┬ [email protected] │ └─┬ @sigstore/[email protected] │ └─┬ [email protected] │ └─┬ [email protected] │ └── [email protected] deduped └─┬ [email protected] └─┬ @jest/[email protected] └─┬ [email protected] └─┬ [email protected] └── [email protected] deduped > npm ls inflight [email protected] /Users/cmwylie19/not-pepr/pepr └── (empty) ``` ## Related Issue Fixes defenseunicorns#1665 Fixes defenseunicorns#1668  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [ ] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

…unicorns#1751) Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.88.3 to 3.88.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's releases</a>.</em></p> <blockquote> <h2>v3.88.4</h2> <h2>What's Changed</h2> <ul> <li>Update postman metadata by <a href="https://github.com/casey-tran"><code>@casey-tran</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/3852">trufflesecurity/trufflehog#3852</a></li> <li>Support exclude regexes, excludewords, and entropy filters for custom detectors by <a href="https://github.com/zricethezav"><code>@zricethezav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/3860">trufflesecurity/trufflehog#3860</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.88.3...v3.88.4">https://github.com/trufflesecurity/trufflehog/compare/v3.88.3...v3.88.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/853e1e8d249fd1e29d0fcc7280d29b03df3d643d"><code>853e1e8</code></a> Support exclude regexes, excludewords, and entropy filters for custom detecto...</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/9ecaf075c5e7bb593e23634557b869ade366cf08"><code>9ecaf07</code></a> Update postman metadata (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/3852">#3852</a>)</li> <li>See full diff in <a href="https://github.com/trufflesecurity/trufflehog/compare/b6b00bbe5460109a21287b6612bd68a86bf060c2...853e1e8d249fd1e29d0fcc7280d29b03df3d643d">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=trufflesecurity/trufflehog&package-manager=github_actions&previous-version=3.88.3&new-version=3.88.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…eunicorns#1755) Bumps the development-dependencies group with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [shellcheck](https://github.com/gunar/shellcheck). Updates `@types/node` from 22.12.0 to 22.13.0 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> Updates `shellcheck` from 3.0.0 to 3.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gunar/shellcheck/releases">shellcheck's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <ul> <li>no changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/gunar/shellcheck/blob/main/CHANGELOG.md">shellcheck's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/gunar/shellcheck/releases/tag/v3.1.0">v3.1.0</a> - 2025-01-31</h2> <h3>Added</h3> <ul> <li>Configure binary path via environment variable <code>SHELLCHECKJS_BIN</code></li> </ul> <h3>Removed</h3> <ul> <li><code>binDir</code> configuration option. Configuration <code>bin</code> now contains the complete path to the ShellCheck executable binary (including both binary directory and binary name)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gunar/shellcheck/commit/e42457bed525063851c7a7f2f5173c8460e504e3"><code>e42457b</code></a> Merge pull request <a href="https://redirect.github.com/gunar/shellcheck/issues/135">#135</a> from carlocorradini/bin</li> <li><a href="https://github.com/gunar/shellcheck/commit/310be6dc6133a45ada5e383d82f7c2c1383b5038"><code>310be6d</code></a> feat: configure shellcheck binary via env variable</li> <li>See full diff in <a href="https://github.com/gunar/shellcheck/compare/v3.0.0...v3.1.0">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> | Dependency Name | Ignore Conditions | | --- | --- | | @types/node | [>= 20.a, < 21] | </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Description Regularly-scheduled update of dependencies. End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Fixes defenseunicorns#1756 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [ ] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [ ] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed

## Description Update the script that the release workflow uses to update `package.json` version before pushing to NPM ## Related Issue Fixes #  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]>

## Description While working on defenseunicorns#1759 I encountered some issues with journey tests that relied on [pepr-upgrade-test](https://github.com/defenseunicorns/pepr-upgrade-test). This PR dynamically builds & recognizes the relevant test artifacts before running an upgrade test. As a result, pepr-upgrade-test can be archived. End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Hotfix Relates to defenseunicorns#1759 ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Case Wylie <[email protected]>

## Description The assets class does not have unit tests. The purpose of this PR is to add coverage to ensure the class is working as expected. Due to the use of dependency injection we are loosely helper functions with the method and functions on the assets class that rely on members of the assets class. Due to that, the intent of this PR is to ensure those injected functions are being with the correct members of the assets class and to hedge against accidentally change by ensuring certain functions are called a certain number of times. ## Related Issue Fixes defenseunicorns#1655  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

…defenseunicorns#1762) ## Description `build --version` command is not being used, we need to deprecate it before the release so that we can remove it next release. ## Related Issue Fixes defenseunicorns#1724  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

## Description This PR resolves circular dependencies in the project. ## Related Issue Fixes defenseunicorns#1631, defenseunicorns#1630, defenseunicorns#1629, defenseunicorns#1625, defenseunicorns#1624, defenseunicorns#1623.  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed

…pendencies group (defenseunicorns#1769) Bumps the development-dependencies group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `@types/node` from 22.13.0 to 22.13.1 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> | Dependency Name | Ignore Conditions | | --- | --- | | @types/node | [>= 20.a, < 21] | </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/node&package-manager=npm_and_yarn&previous-version=22.13.0&new-version=22.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…icorns#1775) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.8.0 to 3.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.9.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca"><code>f7ce87c</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/404">#404</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/aa1e2a0b496d6cd3474071c7b0ab0eea5948de3a"><code>aa1e2a0</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/673e00877621ac201ca3084ec053b85e9b65063e"><code>673e008</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.53.0 to 0.54.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ba31df4664624f17e1b1ef1c9c85ed1ca9463a6d"><code>ba31df4</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/402">#402</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/5475af18ec6f58d53e9452495e8db373e6dcb469"><code>5475af1</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/acacad903e45f670c1e2d4638f4ee5f24b03e6b6"><code>acacad9</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.48.0 to 0.53.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/6a25f988bdfa969e96a38fc9f843ea31e0b5df27"><code>6a25f98</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/396">#396</a> from crazy-max/bake-v6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ca1af179f5dc207dc723446d832eb3f77d3912dc"><code>ca1af17</code></a> update bake-action to v6</li> <li>See full diff in <a href="https://github.com/docker/setup-buildx-action/compare/6524bf65af31da8d45b59e8c27de4bd072b392f5...f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.8.0&new-version=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Description CVE-2025-0395 flagged in our upstream container images an causes CI to fail. While we wait on a fix, we've opted to ignore this finding so that CI pipelines are unblocked. We'll remove this suppression within 60 days (see defenseunicorns#1778). End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue hotfix ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed

## Description Reduce max-statements in watch-processor around watch. This PR depends on a KFC release ## Related Issue Fixes defenseunicorns#1697  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

… 2 updates (defenseunicorns#1771) Bumps the production-dependencies group with 2 updates in the / directory: [kubernetes-fluent-client](https://github.com/defenseunicorns/kubernetes-fluent-client) and [sigstore](https://github.com/sigstore/sigstore-js). Updates `kubernetes-fluent-client` from 3.3.8 to 3.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/defenseunicorns/kubernetes-fluent-client/releases">kubernetes-fluent-client's releases</a>.</em></p> <blockquote> <h2>v3.4.0</h2> <h1><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/compare/v3.3.8...v3.4.0">3.4.0</a> (2025-02-05)</h1> <h3>Features</h3> <ul> <li>expose watcher class types (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/555">#555</a>) (<a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/90638e28de443422e79ae6ce84d42cdd0bcfcdfb">90638e2</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/90638e28de443422e79ae6ce84d42cdd0bcfcdfb"><code>90638e2</code></a> feat: expose watcher class types (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/555">#555</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/517c3651d813b5b8edd1ec5f6e41048238f9b0d9"><code>517c365</code></a> chore(deps-dev): bump the development-dependencies group with 2 updates (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/554">#554</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/c7b11d0fc62f95dec5d67929e6390617eaa1e2f6"><code>c7b11d0</code></a> chore(deps-dev): bump the development-dependencies group with 2 updates (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/552">#552</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/efd691f52860b2dc304ba3b1a8d1dc77968cd16d"><code>efd691f</code></a> chore(deps): bump github/codeql-action from 3.28.6 to 3.28.8 (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/551">#551</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/3d817ef3495b8c8980a58ff3b4dc56de11a8cab0"><code>3d817ef</code></a> chore: remove nock (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/550">#550</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/d075dbc058e2cd09833a2e2403ea3bee480ba958"><code>d075dbc</code></a> chore(deps-dev): bump the development-dependencies group across 1 directory w...</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/a94d147bfddbe3a0b6e800ccdf0c2b8d9dd70f70"><code>a94d147</code></a> chore(deps): bump github/codeql-action from 3.28.5 to 3.28.6 (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/549">#549</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/a5a908c2a150946d9a928314243b4496ed5cf091"><code>a5a908c</code></a> chore(deps): bump github/codeql-action from 3.28.4 to 3.28.5 (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/546">#546</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/b03aa5b987621e60fd034cd9d137d27eeb827f11"><code>b03aa5b</code></a> chore(deps): bump actions/setup-node from 4.1.0 to 4.2.0 (<a href="https://redirect.github.com/defenseunicorns/kubernetes-fluent-client/issues/547">#547</a>)</li> <li><a href="https://github.com/defenseunicorns/kubernetes-fluent-client/commit/1a81746f30156e793665179c981672cc775a7a84"><code>1a81746</code></a> chore(deps-dev): bump lint-staged from 15.4.1 to 15.4.2 in the development-de...</li> <li>Additional commits viewable in <a href="https://github.com/defenseunicorns/kubernetes-fluent-client/compare/v3.3.8...v3.4.0">compare view</a></li> </ul> </details> <br /> Updates `sigstore` from 3.0.0 to 3.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/sigstore-js/releases">sigstore's releases</a>.</em></p> <blockquote> <h2>[email protected]</h2> <h3>Minor Changes</h3> <ul> <li>74cc6c5: Bump <code>@sigstore/protobuf-specs</code> from 0.3.2 to 0.4.0</li> </ul> <h3>Patch Changes</h3> <ul> <li>Updated dependencies [c9abfaa]</li> <li>Updated dependencies [74cc6c5] <ul> <li><code>@sigstore/tuf</code><a href="https://github.com/3"><code>@3</code></a>.1.0</li> <li><code>@sigstore/bundle</code><a href="https://github.com/3"><code>@3</code></a>.1.0</li> <li><code>@sigstore/verify</code><a href="https://github.com/2"><code>@2</code></a>.1.0</li> <li><code>@sigstore/sign</code><a href="https://github.com/3"><code>@3</code></a>.1.0</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/sigstore-js/commit/06cd267cbdc2eeaa04294995622db9f6ad2fa7cf"><code>06cd267</code></a> Version Packages (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1361">#1361</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/a045bb6ad6675fd65140ab2a18fb2e77466f6792"><code>a045bb6</code></a> bump express from 4.21.1. to 4.21.2 (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1367">#1367</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/74cc6c5df062771ef7f892e2189b1407715647d1"><code>74cc6c5</code></a> Bump <code>@sigstore/protobuf-specs</code> from 0.3.2 to 0.4.0 (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1365">#1365</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/58777aff1040e61abbf6196d3c929647f271a76c"><code>58777af</code></a> Bump the dev-deps group with 3 updates (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1364">#1364</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/1ddcf9b3d5227d1dac2cb6c645058ab12cc27404"><code>1ddcf9b</code></a> Bump github/codeql-action from 3.28.5 to 3.28.8 in the minor-patch group (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1366">#1366</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/c9abfaaa20c4efbca1495bedb66075ee12c41914"><code>c9abfaa</code></a> Update TUF seed files (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1356">#1356</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/26d40e270dfea37ee8f07934fde98a7343c91204"><code>26d40e2</code></a> Bump the dev-deps group with 5 updates (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1359">#1359</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/71d3b4f97714b32955cfde3243504a5fe0a51117"><code>71d3b4f</code></a> Bump the minor-patch group with 3 updates (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1357">#1357</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/c36ace7b8fc706e3349cf838304afc2a65380143"><code>c36ace7</code></a> Bump the dev-deps group with 2 updates (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1354">#1354</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/3d15de370217720b8363469fc65ab66ca7713622"><code>3d15de3</code></a> Bump the dev-deps group across 1 directory with 6 updates (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1352">#1352</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/sigstore-js/compare/[email protected]@3.1.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Case Wylie <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Case Wylie <[email protected]>

## Description Promotes linter rule from a warning to an error. End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Fixes defenseunicorns#1780 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Co-authored-by: Case Wylie <[email protected]>

Signed-off-by: Case Wylie <[email protected]>

…corns#1763) ## Description Resolve max-statements warning in src/lib/processors/watch-processor.test.ts ... End to End Test:  (See [Pepr Excellent Examples](https://github.com/defenseunicorns/pepr-excellent-examples)) ## Related Issue Fixes defenseunicorns#1696 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [ ] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed --------- Co-authored-by: Sam Mayer <[email protected]> Co-authored-by: Case Wylie <[email protected]>

tamirazrab · 2025-02-10T12:47:57Z

I messed up rebase, closing in favour of new PR #1787

## Description There is currently only one maxParams error, should we go ahead and enforce this with an error and then get this #1728 ready to merge with deprecation warnings? ## Related Issue Fixes #  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Unit, [Journey](https://github.com/defenseunicorns/pepr/tree/main/journey), [E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples), [docs](https://github.com/defenseunicorns/pepr/tree/main/docs), [adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request) followed Signed-off-by: Case Wylie <[email protected]> Co-authored-by: Sam Mayer <[email protected]>

tamirazrab requested a review from a team as a code owner January 27, 2025 09:33

tamirazrab changed the title ~~refactor: params to 4 for writeEvent at sdk~~ refactor: Resolve max-params warning for src/sdk/sdk.ts Jan 27, 2025

cmwylie19 requested changes Jan 27, 2025

View reviewed changes

refactor: param name to 4 for writeEvent at sdk

12eab27

resolves defenseunicorns#1700 Signed-off-by: t.azrab <[email protected]>

tamirazrab changed the title ~~refactor: Resolve max-params warning for src/sdk/sdk.ts~~ chore: max-params warning for src/sdk/sdk.ts Jan 31, 2025

samayer12 added the ON HOLD label Feb 6, 2025

cmwylie19 mentioned this pull request Feb 7, 2025

chore: error on max-params #1782

Merged

5 tasks

samayer12 removed the ON HOLD label Feb 7, 2025

cmwylie19 approved these changes Feb 7, 2025

View reviewed changes

samayer12 approved these changes Feb 7, 2025

View reviewed changes

samayer12 enabled auto-merge February 7, 2025 19:38

cmwylie19 disabled auto-merge February 7, 2025 19:49

cmwylie19 enabled auto-merge February 7, 2025 19:49

tamirazrab and others added 14 commits February 10, 2025 17:31

chore: fix formating issue at sdk.ts

6473407

samayer12 and others added 25 commits February 10, 2025 17:31

chore: documentation

ffa31d4

Signed-off-by: Case Wylie <[email protected]>

auto-merge was automatically disabled February 10, 2025 12:33
Head branch was pushed to by a user without write access

tamirazrab force-pushed the 1700-resolve-max-param-sdk branch from d77ff1a to d91797a Compare February 10, 2025 12:33

tamirazrab closed this Feb 10, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: max-params warning for src/sdk/sdk.ts #1728

chore: max-params warning for src/sdk/sdk.ts #1728

tamirazrab commented Jan 27, 2025 •

edited

Loading

cmwylie19 left a comment

codecov bot commented Jan 31, 2025 •

edited

Loading

samayer12 commented Feb 4, 2025

cmwylie19 left a comment

samayer12 left a comment

cmwylie19 commented Feb 7, 2025

tamirazrab commented Feb 10, 2025

chore: max-params warning for src/sdk/sdk.ts #1728

chore: max-params warning for src/sdk/sdk.ts #1728

Conversation

tamirazrab commented Jan 27, 2025 • edited Loading

Description

Related Issue

Type of change

Checklist before merging

cmwylie19 left a comment

Choose a reason for hiding this comment

codecov bot commented Jan 31, 2025 • edited Loading

Codecov Report

samayer12 commented Feb 4, 2025

cmwylie19 left a comment

Choose a reason for hiding this comment

samayer12 left a comment

Choose a reason for hiding this comment

cmwylie19 commented Feb 7, 2025

tamirazrab commented Feb 10, 2025

tamirazrab commented Jan 27, 2025 •

edited

Loading

codecov bot commented Jan 31, 2025 •

edited

Loading