Dependency Updates: 2024/06/04 (#3932)

* esbuild-sass-plugin 3.0.0 -> 3.3.0 * Bump aquasecurity/trivy-action from 0.19.0 to 0.21.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.19.0 to 0.21.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.19.0...0.21.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump eslint-plugin-cypress from 2.15.1 to 3.3.0 in /backend Bumps [eslint-plugin-cypress](https://github.com/cypress-io/eslint-plugin-cypress) from 2.15.1 to 3.3.0. - [Release notes](https://github.com/cypress-io/eslint-plugin-cypress/releases) - [Commits](cypress-io/eslint-plugin-cypress@v2.15.1...v3.3.0) --- updated-dependencies: - dependency-name: eslint-plugin-cypress dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump glob from 10.3.12 to 10.4.1 in /backend Bumps [glob](https://github.com/isaacs/node-glob) from 10.3.12 to 10.4.1. - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.3.12...v10.4.1) --- updated-dependencies: - dependency-name: glob dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump eslint from 8.57.0 to 9.4.0 in /backend Bumps [eslint](https://github.com/eslint/eslint) from 8.57.0 to 9.4.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](eslint/eslint@v8.57.0...v9.4.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump @uswds/uswds from 3.7.0 to 3.8.1 in /backend Bumps [@uswds/uswds](https://github.com/uswds/uswds) from 3.7.0 to 3.8.1. - [Release notes](https://github.com/uswds/uswds/releases) - [Commits](uswds/uswds@v3.7.0...v3.8.1) --- updated-dependencies: - dependency-name: "@uswds/uswds" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Include new checkbox icons from USWDS 3.8.0 * Migrate to eslint >9.0.0 config files --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
GSA-TTS · Jun 5, 2024 · b25ed53 · b25ed53
1 parent 55c90f4
commit b25ed53
Show file tree

Hide file tree

Showing 8 changed files with 266 additions and 146 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -39,7 +39,7 @@ jobs:
         run: docker build -t ${{ env.DOCKER_NAME }}:${{ steps.date.outputs.date }} .
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.19.0
+        uses: aquasecurity/trivy-action@0.21.0
         with:
           image-ref: '${{ env.DOCKER_NAME }}:${{ steps.date.outputs.date }}'
           scan-type: 'image'
@@ -74,7 +74,7 @@ jobs:
         run: docker pull ${{ matrix.image.name }}
 
       - name: Run Trivy vulnerability scanner on Third Party Images
-        uses: aquasecurity/trivy-action@0.19.0
+        uses: aquasecurity/trivy-action@0.21.0
         with:
           image-ref: '${{ matrix.image.name }}'
           scan-type: 'image'

diff --git a/backend/.eslintrc b/backend/.eslintrc
diff --git a/backend/eslint.config.mjs b/backend/eslint.config.mjs
@@ -0,0 +1,25 @@
+import pluginJs from '@eslint/js';
+import pluginCypress from 'eslint-plugin-cypress/flat';
+import eslintConfigPrettier from 'eslint-config-prettier';
+
+// Exported rules included later will override rules included earlier.
+// As in, the Cypress ruleset will override those from Prettier, which overrides those from the eslint recommended.
+export default [
+  pluginJs.configs.recommended,
+  eslintConfigPrettier,
+  pluginCypress.configs.recommended,
+  {
+    rules: {
+      // Cypress plugin rule options defined at https://github.com/cypress-io/eslint-plugin-cypress/tree/master/docs/rules
+      'cypress/unsafe-to-chain-command': 'error',
+    },
+  },
+  {
+    ignores:
+      [
+        "static/compiled/*",
+        "staticfiles/*",
+        "node_modules/*"
+      ]
+  }
+];