Security upgrade husky from 4.3.6 to 5.0.6

.github/linters/.markdownlint.yml

@@ -0,0 +1,3 @@
+---
+default: true
+line-length: false

.github/workflows/linter.yml

@@ -0,0 +1,32 @@
+---
+name: Lint
+
+on:
+  push:
+    branches:
+      - main
+      - 'bugfix/**'
+      - 'feature/**'
+  pull_request:
+    branches:
+      - 'bump/patch-**'
+
+jobs:
+  build:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          fetch-depth: 0
+      - name: Run Lint
+        uses: github/[email protected]
+        env:
+          ACTIONS_RUNNER_DEBUG: true
+          VALIDATE_ALL_CODEBASE: true
+          DEFAULT_BRANCH: main
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          JAVASCRIPT_ES_CONFIG_FILE: .eslintrc.json
+          MARKDOWN_CONFIG_FILE: .markdownlint.yml
+          TYPESCRIPT_ES_CONFIG_FILE: .eslintrc.json
+          YAML_CONFIG_FILE: .yamllint.yml

.husky/.gitignore

@@ -0,0 +1 @@
+_

.husky/pre-commit

@@ -0,0 +1,6 @@
+#!/bin/sh
+. "$(dirname $0)/_/husky.sh"
+
+yarn git-branch-is --not main
+yarn run build
+git add dist/index.js

.husky/pre-push

@@ -0,0 +1,5 @@
+#!/bin/sh
+. "$(dirname $0)/_/husky.sh"
+
+yarn run lint
+yarn test

.snyk

@@ -1,46 +1,8 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.14.1
-ignore: {}
-# patches apply the minimum changes required to fix a vulnerability
-patch:
-  SNYK-JS-LODASH-567746:
-    - twilio > lodash:
-        patched: '2020-04-30T14:52:27.955Z'
-    - snyk > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > @snyk/ruby-semver > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > inquirer > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-config > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-mvn-plugin > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-nodejs-lockfile-parser > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-nuget-plugin > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-go-plugin > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-nuget-plugin > dotnet-deps-parser > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/ruby-semver > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-04-30T14:54:48.744Z'
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JS-AXIOS-1038255:
+    - axios:
+        reason: Axios doesn't provide a fix for this yet
+        expires: '2021-01-27T07:09:16.628Z'

.vscode/settings.json

@@ -7,11 +7,13 @@
   },
   "cSpell.words": [
     "Autobuild",
+    "Axios",
     "UNSECURE",
     "codeql",
     "ibiqlik",
     "issuehunt",
     "liberapay",
+    "markdownlint",
     "paambaati",
     "semver",
     "simbo",

README.md

@@ -1,21 +1,25 @@
 # Twilio Fax Action
-![](https://img.shields.io/github/v/release/fabasoad/twilio-fax-action?include_prereleases) ![CI (latest)](https://github.com/fabasoad/twilio-fax-action/workflows/CI%20(latest)/badge.svg) ![CI (main)](https://github.com/fabasoad/twilio-fax-action/workflows/CI%20(main)/badge.svg) ![YAML Lint](https://github.com/fabasoad/twilio-fax-action/workflows/YAML%20Lint/badge.svg) [![Maintainability](https://api.codeclimate.com/v1/badges/92c0b2f32ff15a3522bc/maintainability)](https://codeclimate.com/github/fabasoad/twilio-fax-action/maintainability) [![Test Coverage](https://api.codeclimate.com/v1/badges/92c0b2f32ff15a3522bc/test_coverage)](https://codeclimate.com/github/fabasoad/twilio-fax-action/test_coverage) [![Known Vulnerabilities](https://snyk.io/test/github/fabasoad/twilio-fax-action/badge.svg)](https://snyk.io/test/github/fabasoad/twilio-fax-action)
+
+![Release](https://img.shields.io/github/v/release/fabasoad/twilio-fax-action?include_prereleases) ![CI (latest)](https://github.com/fabasoad/twilio-fax-action/workflows/CI%20(latest)/badge.svg) ![CI (main)](https://github.com/fabasoad/twilio-fax-action/workflows/CI%20(main)/badge.svg) ![Lint](https://github.com/fabasoad/twilio-fax-action/workflows/Lint/badge.svg) ![CodeQL](https://github.com/fabasoad/twilio-fax-action/workflows/CodeQL/badge.svg) [![Total alerts](https://img.shields.io/lgtm/alerts/g/fabasoad/twilio-fax-action.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/fabasoad/twilio-fax-action/alerts/) [![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/fabasoad/twilio-fax-action.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/fabasoad/twilio-fax-action/context:javascript) [![Maintainability](https://api.codeclimate.com/v1/badges/92c0b2f32ff15a3522bc/maintainability)](https://codeclimate.com/github/fabasoad/twilio-fax-action/maintainability) [![Test Coverage](https://api.codeclimate.com/v1/badges/92c0b2f32ff15a3522bc/test_coverage)](https://codeclimate.com/github/fabasoad/twilio-fax-action/test_coverage) [![Known Vulnerabilities](https://snyk.io/test/github/fabasoad/twilio-fax-action/badge.svg)](https://snyk.io/test/github/fabasoad/twilio-fax-action)
 
 This action sends fax using Twilio.
 
 ## Prerequisites
+
 Sign up to [Twilio](https://twilio.com) official web page. Then [register a new number](https://www.twilio.com/console/voice/numbers) to use it as `from` parameter. If you use free trial account you have to [add verified phone number](https://support.twilio.com/hc/en-us/articles/223180048-Adding-a-Verified-Phone-Number-or-Caller-ID-with-Twilio) to use it as `to` parameter. Account SID and Auth token you can find on a [Dashboard page](https://www.twilio.com/console).
 
 ## Inputs
+
 | Name               | Required | Description                              | Type            |
 |--------------------|----------|------------------------------------------|-----------------|
 | twilio_account_sid | Yes      | Twilio account SID                       | <String>  |
 | twilio_auth_token  | Yes      | Twilio auth token                        | <String>  |
 | url                | Yes      | Url to the file that will be send by fax | <String>  |
 | from               | Yes      | Fax sender number (Twilio)               | <String>  |
-| to                 | Yes      | Fax recepient number                     | <String>  |
+| to                 | Yes      | Fax recipient number                     | <String>  |
 
 ## Outputs
+
 | Name | Description                                                                                                            | Type            |
 |------|------------------------------------------------------------------------------------------------------------------------|-----------------|
 | sid  | SID of fax operation. You can use it then by calling [Fax REST API](https://www.twilio.com/docs/fax/api/fax-resource). | <String>  |
@@ -34,7 +38,7 @@ jobs:
     name: Twilio Fax
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@master
+      - uses: actions/checkout@main
       - uses: fabasoad/twilio-fax-action@main
         with:
           url: 'http://africau.edu/images/default/sample.pdf'
@@ -47,39 +51,42 @@ jobs:
 ```
 
 ### Result
+
 Here is the example where the same Twilio account is used for both - recepient and sender. [Random public PDF file](http://africau.edu/images/default/sample.pdf) is used for this demonstration as an example. This is the result of finished job:
 
 ![CI result](https://raw.githubusercontent.com/fabasoad/twilio-fax-action/main/screenshots/screenshot1.png)
 
 Then the result can be checked by calling [REST API endpoint](https://www.twilio.com/docs/fax/api/fax-resource#fetch-a-fax-resource) to get information. Here is the result:
 
-_Calling https://fax.twilio.com/v1/Faxes/FX03d290ea94e78658133d96f7f23bdf1b_
+_Calling <https://fax.twilio.com/v1/Faxes/FX03d290ea94e78658133d96f7f23bdf1b>_
+
 ```json
 {
-	"media_sid": "ME1af5e3921f00ba485bda402b5e869af9",
-	"status": "no-answer",
-	"direction": "outbound",
-	"from": "+11234567890",
-	"date_updated": "2020-05-06T09:05:53Z",
-	"price": null,
-	"account_sid": "XXX",
-	"to": "+11234567890",
-	"date_created": "2020-05-06T09:05:36Z",
-	"url": "https://fax.twilio.com/v1/Faxes/FX03d290ea94e78658133d96f7f23bdf1b",
-	"sid": "FX03d290ea94e78658133d96f7f23bdf1b",
-	"duration": 15,
-	"num_pages": 2,
-	"quality": "fine",
-	"price_unit": null,
-	"api_version": "v1",
-	"media_url": "https://media.twiliocdn.com/fax/ACa412d07259a959d4ffa16cbc495906b2/eaf7542ade2c338d8d2cc76fcbf883e62c31336e60cb236f86ed66c8154ea9fb836fd88367880911529bdafed0e76cd34272123a4d656db61b120b95eaa3e069?X-Amz-Security-Token=IQoJb3JpZ2luX2VjEGkaCXVzLWVhc3QtMSJHMEUCIQCXafBpleoQtRbv%2B9TRo97n1cleLFrTcPycSDj4LxPM7wIgENPtHRBJUArPW5GLKFYyH5e2WWZo%2F0y5C8OVZHHptKUqvQMIov%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgwyMDExNjQ5MjE0MDgiDKIcHVNx4I1skJ%2FReCqRA6H1iWhAp6fPWZHtklDFKAD7ATVyXn6xIdUQVV05i3VNQ3pNnjByL1rfc1Nz8d1u9n%2FMTKHIQSXr4I9tXzHGCgks84CYlAj7xSaTeXPLVe1gl7q9okTnS%2BXWXt7GFmu7fMANuCnwVno%2Bdt1YAlNj6Dtnpf9LanaGS9RjFyJSlnmRiXaSq6vV06mgqa4t3x9lHr%2FLAWq8KvT1DWHBqgGAzL3gnPa6z7P%2BvrjJ8v0eoiPb6%2FRq1Qk1wo34VE91Imog3Rsh15n2lueUaj6AatF3azclJxoFU2RnbC2M3sZrHkCZZ0AwiMZPgCoNbmtmEKgigKJN82%2FjCAvMVm2G%2BazDNn6%2FQ90K9eCvdSiXQdLEe6d9qWR5Ehfx5GGuVMm%2BRq4ZIn1JPj9ttL3J6Qq8klzJwSsGkYv5qZcC4UUx%2B9dQIrddIRzVd6Ql4EqmZqAnb7mPqCR%2FhS%2BhGvbF3b7HY6ggMeAnh6M4FdLA%2BZOqTwKG98%2B%2B8NVqSIqtnKyHFYCAlz2ftoOXTepycbIH1p05mV%2FKXzGDMN%2F5yfUFOusBa9vCnqvhDSX6kzlAf3CvhmfGYwIlA7nhOr9jdpN7zonvX8zkzxnt6xDYXDmEotPem%2F%2B%2BZ1Pq9zAC7ec1ra3USY3iU6Ot5Gz9JLB4Hcw23szF4USUd76c2oPjY1YSNcFiZqJE2RUjavh%2FitN6GL9gMAX7qSWrF7uKKqKOxRR9g96weC1ohMwGX%2BNRSpfjFnPeoRYyTcjyFSm4hIDNnHgDX8ONFP%2BAGPIH0u1Bt8dWGcP1B4Z%2FlYHM2e1asQNwsuSVErmWJdlz9hP8EZmdbMQ2z%2BV53uvDuW2tuV0D97SIUNKlJBYzOKe8P8%2FyVw%3D%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200506T090728Z&X-Amz-SignedHeaders=host&X-Amz-Expires=7200&X-Amz-Credential=ASIAS5VS5DJAEBF4QLQ5%2F20200506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=b37e66d2c53dff87a009080f8ec94b3a852f03b99f01f75a65732dc08bff66de",
-	"links": {
-		"media": "https://fax.twilio.com/v1/Faxes/FX03d290ea94e78658133d96f7f23bdf1b/Media"
-	}
+ "media_sid": "ME1af5e3921f00ba485bda402b5e869af9",
+ "status": "no-answer",
+ "direction": "outbound",
+ "from": "+11234567890",
+ "date_updated": "2020-05-06T09:05:53Z",
+ "price": null,
+ "account_sid": "XXX",
+ "to": "+11234567890",
+ "date_created": "2020-05-06T09:05:36Z",
+ "url": "https://fax.twilio.com/v1/Faxes/FX03d290ea94e78658133d96f7f23bdf1b",
+ "sid": "FX03d290ea94e78658133d96f7f23bdf1b",
+ "duration": 15,
+ "num_pages": 2,
+ "quality": "fine",
+ "price_unit": null,
+ "api_version": "v1",
+ "media_url": "https://media.twiliocdn.com/fax/ACa412d07259a959d4ffa16cbc495906b2/eaf7542ade2c338d8d2cc76fcbf883e62c31336e60cb236f86ed66c8154ea9fb836fd88367880911529bdafed0e76cd34272123a4d656db61b120b95eaa3e069?X-Amz-Security-Token=IQoJb3JpZ2luX2VjEGkaCXVzLWVhc3QtMSJHMEUCIQCXafBpleoQtRbv%2B9TRo97n1cleLFrTcPycSDj4LxPM7wIgENPtHRBJUArPW5GLKFYyH5e2WWZo%2F0y5C8OVZHHptKUqvQMIov%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgwyMDExNjQ5MjE0MDgiDKIcHVNx4I1skJ%2FReCqRA6H1iWhAp6fPWZHtklDFKAD7ATVyXn6xIdUQVV05i3VNQ3pNnjByL1rfc1Nz8d1u9n%2FMTKHIQSXr4I9tXzHGCgks84CYlAj7xSaTeXPLVe1gl7q9okTnS%2BXWXt7GFmu7fMANuCnwVno%2Bdt1YAlNj6Dtnpf9LanaGS9RjFyJSlnmRiXaSq6vV06mgqa4t3x9lHr%2FLAWq8KvT1DWHBqgGAzL3gnPa6z7P%2BvrjJ8v0eoiPb6%2FRq1Qk1wo34VE91Imog3Rsh15n2lueUaj6AatF3azclJxoFU2RnbC2M3sZrHkCZZ0AwiMZPgCoNbmtmEKgigKJN82%2FjCAvMVm2G%2BazDNn6%2FQ90K9eCvdSiXQdLEe6d9qWR5Ehfx5GGuVMm%2BRq4ZIn1JPj9ttL3J6Qq8klzJwSsGkYv5qZcC4UUx%2B9dQIrddIRzVd6Ql4EqmZqAnb7mPqCR%2FhS%2BhGvbF3b7HY6ggMeAnh6M4FdLA%2BZOqTwKG98%2B%2B8NVqSIqtnKyHFYCAlz2ftoOXTepycbIH1p05mV%2FKXzGDMN%2F5yfUFOusBa9vCnqvhDSX6kzlAf3CvhmfGYwIlA7nhOr9jdpN7zonvX8zkzxnt6xDYXDmEotPem%2F%2B%2BZ1Pq9zAC7ec1ra3USY3iU6Ot5Gz9JLB4Hcw23szF4USUd76c2oPjY1YSNcFiZqJE2RUjavh%2FitN6GL9gMAX7qSWrF7uKKqKOxRR9g96weC1ohMwGX%2BNRSpfjFnPeoRYyTcjyFSm4hIDNnHgDX8ONFP%2BAGPIH0u1Bt8dWGcP1B4Z%2FlYHM2e1asQNwsuSVErmWJdlz9hP8EZmdbMQ2z%2BV53uvDuW2tuV0D97SIUNKlJBYzOKe8P8%2FyVw%3D%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200506T090728Z&X-Amz-SignedHeaders=host&X-Amz-Expires=7200&X-Amz-Credential=ASIAS5VS5DJAEBF4QLQ5%2F20200506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=b37e66d2c53dff87a009080f8ec94b3a852f03b99f01f75a65732dc08bff66de",
+ "links": {
+  "media": "https://fax.twilio.com/v1/Faxes/FX03d290ea94e78658133d96f7f23bdf1b/Media"
+ }
 }
 ```
+
 Here is the result of calling `media_url` property:
 
 ![Fax result](https://raw.githubusercontent.com/fabasoad/twilio-fax-action/main/screenshots/screenshot2.png)
 
-As you can see result document is the same as was defined in action argument, means that document has been sent by fax successfully.
+As you can see result document is the same as was defined in action argument, means that document has been sent by fax successfully.

action.yml

@@ -19,7 +19,7 @@ inputs:
     description: 'Fax sender number (Twilio).'
     required: true
   to:
-    description: 'Fax recepient number.'
+    description: 'Fax recipient number.'
     required: true
 outputs:
   sid:

package.json

@@ -1,6 +1,6 @@
 {
   "name": "twilio-fax-action",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "description": "This GitHub action sends fax with the defined text.",
   "main": "dist/index.js",
   "repository": {
@@ -20,7 +20,7 @@
   },
   "scripts": {
     "build": "ncc build -m src/index.ts",
-    "lint": "eslint --ext ts src",
+    "lint": "eslint --config .github/linters/.eslintrc.json --ext ts src",
     "security:auth": "snyk auth",
     "security:test": "snyk test",
     "test": "jest --config=jest.config.json --coverage",
@@ -34,25 +34,19 @@
   },
   "devDependencies": {
     "@types/jest": "26.0.19",
-    "@types/node": "14.14.16",
-    "@typescript-eslint/eslint-plugin": "4.11.0",
-    "@typescript-eslint/parser": "4.11.0",
+    "@types/node": "14.14.17",
+    "@typescript-eslint/eslint-plugin": "4.11.1",
+    "@typescript-eslint/parser": "4.11.1",
     "@vercel/ncc": "0.26.1",
     "eslint": "7.16.0",
     "eslint-config-google": "0.14.0",
     "git-branch-is": "4.0.0",
-    "husky": "4.3.6",
+    "husky": "5.0.6",
     "jest": "26.6.3",
     "jest-circus": "26.6.3",
     "snyk": "1.437.3",
     "ts-jest": "26.4.4",
     "typescript": "4.1.3"
   },
-  "snyk": true,
-  "husky": {
-    "hooks": {
-      "pre-commit": "git-branch-is --not main && yarn run build && git add dist/index.js",
-      "pre-push": "yarn run lint && yarn test"
-    }
-  }
+  "snyk": true
 }